bug: add refs fetch in update-sec-scanner.yaml (#1134) #434
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow is responsible for all kinds of integration tests that are run after push to main. | |
# Those tests depend on a container image so in the first job we wait for the image build to succeed. | |
name: main integration tests | |
permissions: | |
id-token: write # This is required for requesting the JWT token | |
contents: read # This is required for actions/checkouts | |
on: | |
push: | |
branches: | |
- main | |
- 'release-**' | |
jobs: | |
filter-changes: | |
outputs: | |
check: ${{ steps.changed-files.outputs.any_modified }} | |
name: List relevant VCS changes | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: tj-actions/changed-files@e9772d140489982e0e3704fea5ee93d536f1e275 | |
id: changed-files | |
with: | |
files_ignore: | | |
docs/** | |
**/*.md | |
tests/performance/** | |
OWNERS | |
CODEOWNERS | |
sec-scanners-config.yaml | |
.github/** | |
.** | |
external-images.yaml | |
- name: List all changed files | |
run: echo '${{ steps.changed-files.outputs.all_changed_files }}' | |
build-image: | |
name: Build manager image | |
needs: [filter-changes] | |
if: ${{ github.event.pull_request.draft == false && needs.filter-changes.outputs.check == 'true' }} | |
uses: kyma-project/test-infra/.github/workflows/image-builder.yml@main # Usage: kyma-project/test-infra/.github/workflows/image-builder.yml@main | |
with: | |
name: istio/main/istio-manager | |
dockerfile: Dockerfile | |
context: . | |
build-args: | | |
VERSION=${{ github.ref_name }} | |
tags: "${{ github.sha }}" | |
build-experimental-image: | |
name: Build manager image - experimental | |
needs: [filter-changes] | |
if: ${{ github.event.pull_request.draft == false && needs.filter-changes.outputs.check == 'true' }} | |
uses: kyma-project/test-infra/.github/workflows/image-builder.yml@main # Usage: kyma-project/test-infra/.github/workflows/image-builder.yml@main | |
with: | |
name: istio/main/istio-manager | |
dockerfile: Dockerfile | |
context: . | |
build-args: | | |
VERSION=${{ github.ref_name }}-experimental | |
GO_BUILD_TAGS=experimental | |
tags: "${{ github.sha }}-experimental" | |
istio-upgrade-integration-test: | |
name: Istio upgrade integration test | |
runs-on: ubuntu-latest | |
needs: [ build-image ] | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- run: ./tests/integration/scripts/gardener-kubeconfig.sh | |
shell: bash | |
env: | |
GARDENER_TOKEN: ${{ secrets.GARDENER_TOKEN }} | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: "go.mod" | |
- run: make IMG="europe-docker.pkg.dev/kyma-project/prod/istio/main/istio-manager:${{github.sha}}" gardener-istio-integration-test | |
shell: bash | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
MAKE_TEST_TARGET: "istio-upgrade-integration-test" | |
TARGET_BRANCH: ${{github.ref_name}} | |
GARDENER_KUBECONFIG: "/home/runner/work/istio/istio/gardener_kubeconfig.yaml" | |
GARDENER_PROJECT_NAME: "goats" | |
GARDENER_PROVIDER_SECRET_NAME: "goat" | |
GARDENER_PROVIDER: "gcp" | |
GARDENER_REGION: "europe-west3" | |
GARDENER_CLUSTER_VERSION: "1.29.7" | |
MACHINE_TYPE: "n2-standard-4" | |
DISK_SIZE: 50 | |
DISK_TYPE: "pd-standard" | |
SCALER_MAX: 20 | |
SCALER_MIN: 3 | |
istio-integration-test: | |
name: Istio integration test | |
runs-on: ubuntu-latest | |
needs: [build-image] | |
strategy: | |
fail-fast: false | |
matrix: | |
test_make_target: [ "configuration-integration-test", "mesh-communication-integration-test", "installation-integration-test", "observability-integration-test" ] | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: ./.github/actions/integration-test | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
test_make_target: ${{ matrix.test_make_target }} | |
operator-image-name: "europe-docker.pkg.dev/kyma-project/prod/istio/main/istio-manager:${{github.sha}}" | |
servers-memory: "16" | |
agents: 2 | |
istio-integration-gcp: | |
name: Istio integration test GCP | |
runs-on: ubuntu-latest | |
needs: [build-image] | |
strategy: | |
fail-fast: false | |
matrix: | |
test_make_target: [ "configuration-integration-test", "mesh-communication-integration-test", "installation-integration-test", "observability-integration-test" ] | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- run: ./tests/integration/scripts/gardener-kubeconfig.sh | |
shell: bash | |
env: | |
GARDENER_TOKEN: ${{ secrets.GARDENER_TOKEN }} | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: "go.mod" | |
- run: make IMG="europe-docker.pkg.dev/kyma-project/prod/istio/main/istio-manager:${{github.sha}}" gardener-istio-integration-test | |
shell: bash | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GARDENER_KUBECONFIG: "/home/runner/work/istio/istio/gardener_kubeconfig.yaml" | |
GARDENER_PROJECT_NAME: "goats" | |
GARDENER_PROVIDER_SECRET_NAME: "goat" | |
GARDENER_PROVIDER: "gcp" | |
GARDENER_REGION: "europe-west3" | |
GARDENER_CLUSTER_VERSION: "1.29.7" | |
MACHINE_TYPE: "n2-standard-4" | |
DISK_SIZE: 50 | |
DISK_TYPE: "pd-standard" | |
SCALER_MAX: 20 | |
SCALER_MIN: 3 | |
MAKE_TEST_TARGET: ${{ matrix.test_make_target }} | |
istio-integration-aws-specific: | |
name: Istio integration test AWS specific | |
runs-on: ubuntu-latest | |
needs: [build-image] | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- run: ./tests/integration/scripts/gardener-kubeconfig.sh | |
shell: bash | |
env: | |
GARDENER_TOKEN: ${{ secrets.GARDENER_TOKEN }} | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: "go.mod" | |
- run: make IMG="europe-docker.pkg.dev/kyma-project/prod/istio/main/istio-manager:${{github.sha}}" gardener-aws-integration-test | |
shell: bash | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GARDENER_KUBECONFIG: "/home/runner/work/istio/istio/gardener_kubeconfig.yaml" | |
GARDENER_PROJECT_NAME: "goats" | |
GARDENER_PROVIDER_SECRET_NAME: "aws-gardener-access" | |
GARDENER_PROVIDER: "aws" | |
GARDENER_CLUSTER_VERSION: "1.29.7" | |
GARDENER_REGION: "eu-west-1" | |
MACHINE_TYPE: "m5.xlarge" | |
DISK_SIZE: 50 | |
DISK_TYPE: "gp2" | |
SCALER_MAX: 3 | |
SCALER_MIN: 1 | |
istio-integration-gcp-specific: | |
name: Istio integration test GCP specific | |
runs-on: ubuntu-latest | |
needs: [build-image] | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- run: ./tests/integration/scripts/gardener-kubeconfig.sh | |
shell: bash | |
env: | |
GARDENER_TOKEN: ${{ secrets.GARDENER_TOKEN }} | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: "go.mod" | |
- run: make IMG="europe-docker.pkg.dev/kyma-project/prod/istio/main/istio-manager:${{github.sha}}" gardener-gcp-integration-test | |
shell: bash | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GARDENER_KUBECONFIG: "/home/runner/work/istio/istio/gardener_kubeconfig.yaml" | |
GARDENER_PROJECT_NAME: "goats" | |
GARDENER_PROVIDER_SECRET_NAME: "goat" | |
GARDENER_PROVIDER: "gcp" | |
GARDENER_REGION: "europe-west3" | |
GARDENER_CLUSTER_VERSION: "1.29.7" | |
MACHINE_TYPE: "n2-standard-4" | |
DISK_SIZE: 50 | |
DISK_TYPE: "pd-standard" | |
SCALER_MAX: 20 | |
SCALER_MIN: 3 | |
istio-integration-aws: | |
name: Istio integration test AWS | |
runs-on: ubuntu-latest | |
needs: [build-image] | |
strategy: | |
fail-fast: false | |
matrix: | |
test_make_target: [ "configuration-integration-test", "mesh-communication-integration-test", "installation-integration-test", "observability-integration-test" ] | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- run: ./tests/integration/scripts/gardener-kubeconfig.sh | |
shell: bash | |
env: | |
GARDENER_TOKEN: ${{ secrets.GARDENER_TOKEN }} | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: "go.mod" | |
- run: make IMG="europe-docker.pkg.dev/kyma-project/prod/istio/main/istio-manager:${{github.sha}}" gardener-istio-integration-test | |
shell: bash | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GARDENER_KUBECONFIG: "/home/runner/work/istio/istio/gardener_kubeconfig.yaml" | |
GARDENER_PROJECT_NAME: "goats" | |
GARDENER_PROVIDER_SECRET_NAME: "aws-gardener-access" | |
GARDENER_PROVIDER: "aws" | |
GARDENER_CLUSTER_VERSION: "1.29.7" | |
GARDENER_REGION: "eu-west-1" | |
MACHINE_TYPE: "m5.xlarge" | |
DISK_SIZE: 50 | |
DISK_TYPE: "gp2" | |
SCALER_MAX: 3 | |
SCALER_MIN: 1 | |
MAKE_TEST_TARGET: ${{ matrix.test_make_target }} | |
slack_failed_notification: | |
name: Slack Notification | |
runs-on: ubuntu-latest | |
if: ${{ failure() }} | |
needs: [istio-upgrade-integration-test, istio-integration-test, istio-integration-gcp, istio-integration-aws, istio-integration-aws-specific, istio-integration-gcp-specific] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Notify | |
uses: ./.github/actions/slack-notification-failed-workflow | |
with: | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} |