Skip to content

feat(metrics-operator): introduce insecureSkipTlsVerify parameter for prometheus metrics fetch #18543

feat(metrics-operator): introduce insecureSkipTlsVerify parameter for prometheus metrics fetch

feat(metrics-operator): introduce insecureSkipTlsVerify parameter for prometheus metrics fetch #18543

Workflow file for this run

name: CI
on:
push:
branches:
- 'main'
- '[0-9]+.[1-9][0-9]*.x'
pull_request:
branches:
- 'main'
- '[0-9]+.[1-9][0-9]*.x'
- 'epic/*'
paths-ignore:
- "docs/**"
- "**.md"
- "netlify.toml"
- "mkdocs.yml"
- ".github/actions/spelling/*"
# Declare default permissions as read only.
permissions: read-all
env:
GO_VERSION: "~1.23"
# renovate: datasource=github-releases depName=kubernetes-sigs/controller-tools
CONTROLLER_TOOLS_VERSION: "v0.16.5"
ENVTEST_K8S_VERSION: "1.27.0"
defaults:
run:
shell: bash
jobs:
prepare_ci_run:
name: Prepare CI Run
runs-on: ubuntu-24.04
outputs:
GIT_SHA: ${{ steps.extract_branch.outputs.GIT_SHA }}
BRANCH: ${{ steps.extract_branch.outputs.BRANCH }}
BRANCH_SLUG: ${{ steps.extract_branch.outputs.BRANCH_SLUG }}
DATETIME: ${{ steps.get_datetime.outputs.DATETIME }}
BUILD_TIME: ${{ steps.get_datetime.outputs.BUILD_TIME }}
NON_FORKED_AND_NON_ROBOT_RUN: ${{ steps.get_run_type.outputs.NON_FORKED_AND_NON_ROBOT_RUN }}
steps:
- name: Check out code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Extract branch name
id: extract_branch
uses: keptn/gh-action-extract-branch-name@6ca4fe061da10c66b2d7341fd1fb12962ad911b2
- name: Get current date and time
id: get_datetime
run: |
DATETIME=$(date +'%Y%m%d%H%M')
BUILD_TIME=$(date -u "+%F_%T")
echo "DATETIME=$DATETIME" >> "$GITHUB_OUTPUT"
echo "BUILD_TIME=$BUILD_TIME" >> "$GITHUB_OUTPUT"
- name: Get workflow run type
id: get_run_type
env:
NON_FORKED_AND_NON_ROBOT_RUN: >
${{
( github.actor != 'renovate[bot]' && github.actor != 'dependabot[bot]' ) &&
( github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository )
}}
run: |
echo "github.actor != 'renovate[bot]' = ${{ github.actor != 'renovate[bot]' }}"
echo "github.actor != 'dependabot[bot]' = ${{ github.actor != 'dependabot[bot]' }}"
echo "github.event_name == 'push' = ${{ github.event_name == 'push' }}"
echo "github.event.pull_request.head.repo.full_name == github.repository = \
${{ github.event.pull_request.head.repo.full_name == github.repository }}"
echo "NON_FORKED_AND_NON_ROBOT_RUN = $NON_FORKED_AND_NON_ROBOT_RUN"
echo "NON_FORKED_AND_NON_ROBOT_RUN=$NON_FORKED_AND_NON_ROBOT_RUN" >> "$GITHUB_OUTPUT"
test:
name: Unit Tests
needs: prepare_ci_run
runs-on: ubuntu-24.04
strategy:
matrix:
config:
- name: "lifecycle-operator"
folder: "lifecycle-operator/"
- name: "metrics-operator"
folder: "metrics-operator/"
- name: "certificate-operator"
folder: "keptn-cert-manager/"
steps:
- name: Check out code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Set up Go 1.x
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5
with:
go-version: ${{ env.GO_VERSION }}
cache: true
cache-dependency-path: '${{ matrix.config.folder }}go.sum'
check-latest: true
- name: Unit Test ${{ matrix.config.name }}
working-directory: ./${{ matrix.config.folder }}
run: make unit-test
- name: Report code coverage
uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0
with:
flags: ${{ matrix.config.name }}
token: ${{ secrets.CODECOV_TOKEN }}
build_image:
name: Build Docker Image
needs: prepare_ci_run
runs-on: ubuntu-24.04
env:
BRANCH: ${{ needs.prepare_ci_run.outputs.BRANCH }}
DATETIME: ${{ needs.prepare_ci_run.outputs.DATETIME }}
BUILD_TIME: ${{ needs.prepare_ci_run.outputs.BUILD_TIME }}
GIT_SHA: ${{ needs.prepare_ci_run.outputs.GIT_SHA }}
RELEASE_REGISTRY: "localhost:5000/keptn"
DOCKER_BUILD_SUMMARY: "false"
DOCKER_BUILD_RECORD_UPLOAD: "false"
strategy:
matrix:
config:
- name: "lifecycle-operator"
folder: "lifecycle-operator/"
- name: "metrics-operator"
folder: "metrics-operator/"
- name: "deno-runtime"
folder: "runtimes/deno-runtime/"
- name: "python-runtime"
folder: "runtimes/python-runtime/"
- name: "certificate-operator"
folder: "keptn-cert-manager/"
steps:
- name: Check out code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Cache build tools
id: cache-build-tools
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4
with:
path: ./${{ matrix.config.folder }}bin
key: build-tools-${{ github.ref_name }}
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3
- name: Build Docker Image
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
with:
context: ${{ matrix.config.folder }}
platforms: linux/amd64,linux/arm64
target: production
tags: |
${{ env.RELEASE_REGISTRY }}/${{ matrix.config.name }}:dev-${{ env.DATETIME }}
build-args: |
GIT_HASH=${{ env.GIT_SHA }}
RELEASE_VERSION=dev-${{ env.DATETIME }}
BUILD_TIME=${{ env.BUILD_TIME }}
CONTROLLER_TOOLS_VERSION=${{ env.CONTROLLER_TOOLS_VERSION }}
builder: ${{ steps.buildx.outputs.name }}
push: false
cache-from: type=gha,scope=${{ github.ref_name }}-${{ matrix.config.name }}
cache-to: type=gha,scope=${{ github.ref_name }}-${{ matrix.config.name }}
outputs: type=oci,dest=/tmp/${{ matrix.config.name }}-image.tar
- name: Upload image as artifact
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: ${{ matrix.config.name }}-image.tar
path: /tmp/${{ matrix.config.name }}-image.tar
image_tag:
name: Store tag of the built images
needs: prepare_ci_run
runs-on: ubuntu-24.04
env:
DATETIME: ${{ needs.prepare_ci_run.outputs.DATETIME }}
steps:
- name: Create empty file to store image tag
run: echo "" > tag
- name: Upload tag for tests
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: dev-${{ env.DATETIME }}
path: tag
component_tests:
name: Component Tests
needs: prepare_ci_run
uses: ./.github/workflows/component-test.yml
secrets:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
integration_tests:
name: Integration Tests
needs:
- prepare_ci_run
- build_image
strategy:
matrix:
cert-manager-io-enabled: [cert_manager_io_on, cert_manager_io_off]
with:
runtime_tag: dev-${{ needs.prepare_ci_run.outputs.DATETIME }}
cert-manager-io-enabled: ${{ matrix.cert-manager-io-enabled }}
uses: ./.github/workflows/integration-test.yml
integration_tests_allowed_namespaces:
name: Integration Tests Allowed Namespaces
needs:
- prepare_ci_run
- build_image
with:
runtime_tag: dev-${{ needs.prepare_ci_run.outputs.DATETIME }}
type: allowed-namespaces
uses: ./.github/workflows/integration-test-component.yml
integration_tests_lifecycle:
name: Integration Tests Lifecycle
needs:
- prepare_ci_run
- build_image
with:
runtime_tag: dev-${{ needs.prepare_ci_run.outputs.DATETIME }}
type: lifecycle
uses: ./.github/workflows/integration-test-component.yml
integration_tests_metrics:
name: Integration Tests Metrics
needs:
- prepare_ci_run
- build_image
with:
runtime_tag: dev-${{ needs.prepare_ci_run.outputs.DATETIME }}
type: metrics
uses: ./.github/workflows/integration-test-component.yml
integration_tests_cert_manager:
name: Integration Tests Cert Manager
needs:
- prepare_ci_run
- build_image
with:
runtime_tag: dev-${{ needs.prepare_ci_run.outputs.DATETIME }}
type: cert-manager
uses: ./.github/workflows/integration-test-component.yml
load-tests:
name: Load Tests
needs: [prepare_ci_run, build_image]
with:
runtime_tag: dev-${{ needs.prepare_ci_run.outputs.DATETIME }}
uses: ./.github/workflows/load-test.yml
e2e_tests:
name: End to End Tests
needs: [prepare_ci_run, build_image]
with:
runtime_tag: dev-${{ needs.prepare_ci_run.outputs.DATETIME }}
uses: ./.github/workflows/e2e-test.yml
helm_charts_publish:
name: Publish helm chart changes to charts repo
if: github.event_name == 'push' && needs.prepare_ci_run.outputs.NON_FORKED_AND_NON_ROBOT_RUN == 'true'
needs: [prepare_ci_run, build_image]
strategy:
matrix:
config:
- name: keptn
path: chart
- name: keptn-lifecycle-operator
path: lifecycle-operator/chart
- name: keptn-metrics-operator
path: metrics-operator/chart
- name: keptn-cert-manager
path: keptn-cert-manager/chart
runs-on: ubuntu-24.04
steps:
- name: Check out keptn repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Check out helm-charts repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: 'keptn/lifecycle-toolkit-charts'
path: ./helm-charts-repository
token: ${{ secrets.KEPTN_BOT_TOKEN }}
- name: Substitue local paths with official chart URL
if: matrix.config.name == 'keptn'
working-directory: ./${{ matrix.config.path }}
run: |
# substitute local charts path with official ones
yq -i '.dependencies.[].repository = "https://charts.lifecycle.keptn.sh"' ./Chart.yaml
# update Chart.lock files
helm repo add keptn https://charts.lifecycle.keptn.sh
helm repo update
helm dependency update
helm dependency build
- name: Copy chart from keptn to helm repo
run: rsync -av --delete --exclude='charts/*.tgz' ./${{ matrix.config.path }}/ ./helm-charts-repository/charts/${{ matrix.config.name }}/
- name: Create Pull Request
uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
with:
token: ${{ secrets.KEPTN_BOT_TOKEN }}
path: ./helm-charts-repository
commit-message: "feat: update ${{ matrix.config.name }} helm chart"
signoff: true
branch: chart-update-${{ matrix.config.name }}
delete-branch: true
base: main
title: "Update ${{ matrix.config.name }} Helm chart"
body: |
:robot: **This is an automated PR for updating and releasing Helm charts from keptn/lifecycle-toolkit!** :robot: