devops: have generate random minio credentials (#283) #902
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: [ main ] | |
pull_request: | |
branches: [ main ] | |
jobs: | |
test: | |
runs-on: ubuntu-22.04 | |
needs: [build] | |
timeout-minutes: 60 | |
steps: | |
- name: Use Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
- uses: actions/checkout@v4 | |
- name: Free Disk Space | |
uses: jlumbroso/free-disk-space@main | |
- name: Install k3s | |
run: | | |
curl -sfL https://get.k3s.io | K3S_KUBECONFIG_MODE=777 INSTALL_K3S_EXEC="server --docker --disable traefik --kubelet-arg=image-gc-high-threshold=85 --kubelet-arg=image-gc-low-threshold=80" sudo sh - | |
mkdir -p ~/.kube | |
sudo cp /etc/rancher/k3s/k3s.yaml ~/.kube/config | |
sudo chown $USER ~/.kube/config | |
- name: Install dependencies | |
run: npm ci | |
working-directory: e2e | |
# Do it before the browsers and dependencies get installed, because it takes long. | |
- name: Generate K8 files | |
run: | | |
version="$(bash .github/workflows/determine_docker_image_tag.sh)" | |
export MINIO_ROOT_USER="minioadmin" | |
export MINIO_ROOT_PASSWORD=$(openssl rand -base64 32) | |
bash k8/generate.sh $version | |
env: | |
WORKER_COUNT: 1 | |
- run: kubectl apply -f k8/ | |
- name: Install Playwright | |
run: npx playwright install --with-deps | |
working-directory: e2e | |
- name: Run e2e tests | |
working-directory: e2e | |
run: | | |
kubectl wait --timeout 10m --for=condition=ready pods --all | |
FRONTEND_PORT=$(kubectl get svc frontend -o=jsonpath='{.spec.ports[?(@.port==8080)].nodePort}') | |
FRONTEND_URL="http://127.0.0.1:$FRONTEND_PORT" | |
echo "Host: $FRONTEND_URL" | |
npx wait-on "$FRONTEND_URL/service/control/health" | |
kubectl wait --timeout 10m --for=condition=ready pod -l role=worker | |
ROOT_TEST_URL=$FRONTEND_URL npm run test | |
- name: Upload playwright-report | |
if: ${{ !cancelled() }} | |
uses: actions/upload-artifact@v4 | |
with: | |
name: e2e-playwright-report | |
path: e2e/playwright-report/ | |
build: | |
runs-on: ubuntu-22.04 | |
permissions: | |
contents: read | |
packages: write | |
strategy: | |
fail-fast: false | |
matrix: | |
directory: | |
- worker-javascript | |
- worker-java | |
- worker-python | |
- worker-csharp | |
- file-service | |
- frontend | |
- control-service | |
- squid | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Build image | |
run: docker build . --file ${{ matrix.directory }}/Dockerfile --tag local-image | |
- name: Login to GitHub Package Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Push image | |
run: | | |
IMAGE_ID=ghcr.io/${{ github.repository }}/${{ matrix.directory }} | |
DOCKER_IMAGE_TAG="$(bash .github/workflows/determine_docker_image_tag.sh)" | |
DOCKER_IMAGE="$IMAGE_ID:$DOCKER_IMAGE_TAG" | |
echo "Docker image: $DOCKER_IMAGE" | |
docker tag local-image $DOCKER_IMAGE | |
docker push $DOCKER_IMAGE |