Pre-create kots password secret #2202
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Pull request | |
| on: | |
| - pull_request | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
| cancel-in-progress: true | |
| jobs: | |
| sanitize: | |
| name: Sanitize | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: "1.21.0" | |
| - name: Go vet | |
| run: | | |
| make vet | |
| - name: Lint | |
| uses: golangci/golangci-lint-action@v6 | |
| with: | |
| version: v1.54 | |
| tests: | |
| name: Unit tests | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: "1.21.0" | |
| - name: Go vet | |
| run: | | |
| make vet | |
| - name: Unit tests | |
| run: | | |
| make unit-tests | |
| build: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: "1.21.0" | |
| - name: Build Linux AMD64 and Output Metadata | |
| run: | | |
| export SHORT_SHA=dev-$(git rev-parse --short=7 HEAD) | |
| make -B embedded-cluster-linux-amd64 K0S_VERSION=$(make print-PREVIOUS_K0S_VERSION) VERSION="${SHORT_SHA}-previous-k0s" | |
| tar -C output/bin -czvf embedded-cluster-linux-amd64-previous-k0s.tgz embedded-cluster | |
| ./output/bin/embedded-cluster version metadata > metadata-previous-k0s.json | |
| make -B embedded-cluster-linux-amd64 VERSION="${SHORT_SHA}" | |
| tar -C output/bin -czvf embedded-cluster-linux-amd64.tgz embedded-cluster | |
| ./output/bin/embedded-cluster version metadata > metadata.json | |
| - name: Install Replicated CLI | |
| run: | | |
| curl -s https://api.github.com/repos/replicatedhq/replicated/releases/latest \ | |
| | grep "browser_download_url.*linux_amd64.tar.gz" \ | |
| | cut -d : -f 2,3 \ | |
| | tr -d \" \ | |
| | wget -O replicated.tar.gz -qi - | |
| tar xf replicated.tar.gz replicated && rm replicated.tar.gz | |
| mv replicated /usr/local/bin/replicated | |
| - name: Create CI Releases | |
| env: | |
| REPLICATED_APP: "embedded-cluster-smoke-test-staging-app" | |
| REPLICATED_API_TOKEN: ${{ secrets.STAGING_REPLICATED_API_TOKEN }} | |
| REPLICATED_API_ORIGIN: "https://api.staging.replicated.com/vendor" | |
| run: | | |
| export SHORT_SHA=dev-$(git rev-parse --short=7 HEAD) | |
| echo "${SHORT_SHA}" | |
| sed -i "s/__version_string__/${SHORT_SHA}/g" e2e/kots-release-install/cluster-config.yaml | |
| sed -i "s/__version_string__/${SHORT_SHA}-upgrade/g" e2e/kots-release-upgrade/cluster-config.yaml | |
| # re-promote a release containing an old version of embedded-cluster to test upgrades | |
| replicated release promote 807 2cHXb1RCttzpR0xvnNWyaZCgDBP --version "appver-${SHORT_SHA}-pre-minio-removal" | |
| replicated release create --yaml-dir e2e/kots-release-install --promote CI --version "appver-${SHORT_SHA}" | |
| replicated release create --yaml-dir e2e/kots-release-upgrade --promote CI --version "appver-${SHORT_SHA}-upgrade" | |
| - name: Build CI binary | |
| run: | | |
| export SHORT_SHA=dev-$(git rev-parse --short=7 HEAD) | |
| echo "# channel release object" > e2e/kots-release-install/release.yaml | |
| echo 'channelID: "2cHXb1RCttzpR0xvnNWyaZCgDBP"' >> e2e/kots-release-install/release.yaml | |
| echo 'channelSlug: "ci"' >> e2e/kots-release-install/release.yaml | |
| echo 'appSlug: "embedded-cluster-smoke-test-staging-app"' >> e2e/kots-release-install/release.yaml | |
| echo "versionLabel: \"appver-${SHORT_SHA}\"" >> e2e/kots-release-install/release.yaml | |
| cat e2e/kots-release-install/release.yaml | |
| cp output/bin/embedded-cluster output/bin/embedded-cluster-original | |
| make -B embedded-release K0S_VERSION=$(make print-PREVIOUS_K0S_VERSION) VERSION="${SHORT_SHA}-previous-k0s" | |
| mv output/bin/embedded-cluster output/bin/embedded-cluster-previous-k0s | |
| make -B embedded-release VERSION="${SHORT_SHA}" # this is done after the metadata.json is generated so as to not include additional charts | |
| - name: Cache files for integration test | |
| env: | |
| S3_BUCKET: "tf-staging-embedded-cluster-bin" | |
| AWS_ACCESS_KEY_ID: ${{ secrets.STAGING_EMBEDDED_CLUSTER_UPLOAD_IAM_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.STAGING_EMBEDDED_CLUSTER_UPLOAD_IAM_SECRET }} | |
| AWS_REGION: "us-east-1" | |
| run: | | |
| export SHORT_SHA=dev-$(git rev-parse --short=7 HEAD) | |
| export EC_VERSION="v${SHORT_SHA}" | |
| ./scripts/cache-files.sh | |
| ./scripts/create-upgrade-release.sh | |
| ./scripts/create-previous-k0s-release.sh | |
| - name: Create Airgap Release | |
| env: | |
| REPLICATED_APP: "embedded-cluster-smoke-test-staging-app" | |
| REPLICATED_API_TOKEN: ${{ secrets.STAGING_REPLICATED_API_TOKEN }} | |
| REPLICATED_API_ORIGIN: "https://api.staging.replicated.com/vendor" | |
| run: | | |
| export SHORT_SHA=dev-$(git rev-parse --short=7 HEAD) | |
| echo "${SHORT_SHA}" | |
| # airgap tests install the previous k0s version to ensure an upgrade occurs | |
| sed -i "s/${SHORT_SHA}/${SHORT_SHA}-previous-k0s/g" e2e/kots-release-install/cluster-config.yaml | |
| rm e2e/kots-release-install/release.yaml | |
| replicated release create --yaml-dir e2e/kots-release-install --promote CI-airgap --version "appver-${SHORT_SHA}" | |
| replicated release create --yaml-dir e2e/kots-release-upgrade --promote CI-airgap --version "appver-${SHORT_SHA}-upgrade" | |
| - name: Create download link message text | |
| run: | | |
| export SHORT_SHA=dev-$(git rev-parse --short=7 HEAD) | |
| echo "This PR has been released (on staging) and is available for download with a embedded-cluster-smoke-test-staging-app [license ID](https://vendor.staging.replicated.com/apps/embedded-cluster-smoke-test-staging-app/customers?sort=name-asc)." > download-link.txt | |
| echo "" >> download-link.txt | |
| echo "Online Installer:" >> download-link.txt | |
| echo "\`\`\`" >> download-link.txt | |
| echo "curl \"https://staging.replicated.app/embedded/embedded-cluster-smoke-test-staging-app/ci/appver-${SHORT_SHA}\" -H \"Authorization: \$EC_SMOKE_TEST_LICENSE_ID\" -o embedded-cluster-smoke-test-staging-app-ci.tgz" >> download-link.txt | |
| echo "\`\`\`" >> download-link.txt | |
| echo "Airgap Installer (may take a few minutes before the airgap bundle is built):" >> download-link.txt | |
| echo "\`\`\`" >> download-link.txt | |
| echo "curl \"https://staging.replicated.app/embedded/embedded-cluster-smoke-test-staging-app/ci-airgap/appver-${SHORT_SHA}?airgap=true\" -H \"Authorization: \$EC_SMOKE_TEST_LICENSE_ID\" -o embedded-cluster-smoke-test-staging-app-ci.tgz" >> download-link.txt | |
| echo "\`\`\`" >> download-link.txt | |
| echo "Happy debugging!" >> download-link.txt | |
| cat download-link.txt | |
| - name: comment download link | |
| uses: mshick/add-pr-comment@v2 | |
| with: | |
| message-path: download-link.txt | |
| - name: upload binary | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: embedded-release | |
| path: | | |
| output/bin/embedded-cluster | |
| output/bin/embedded-cluster-original | |
| output/bin/embedded-cluster-previous-k0s | |
| output/bin/embedded-cluster-release-builder | |
| e2e: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| tests: | |
| - TestSingleNodeInstallation | |
| - TestSingleNodeInstallationAlmaLinux8 | |
| - TestSingleNodeInstallationDebian12 | |
| - TestSingleNodeInstallationCentos8Stream | |
| - TestVersion | |
| - TestHostPreflight | |
| - TestUnsupportedOverrides | |
| - TestMultiNodeInstallation | |
| - TestMultiNodeReset | |
| - TestCommandsRequireSudo | |
| - TestInstallWithoutEmbed | |
| - TestInstallFromReplicatedApp | |
| - TestResetAndReinstall | |
| - TestResetAndReinstallAirgap | |
| - TestCollectSupportBundle | |
| - TestOldVersionUpgrade | |
| - TestMaterialize | |
| - TestLocalArtifactMirror | |
| - TestSingleNodeAirgapUpgradeUbuntuJammy | |
| - TestInstallSnapshotFromReplicatedApp | |
| - TestMultiNodeAirgapUpgradeUbuntuJammy | |
| - TestSingleNodeDisasterRecovery | |
| - TestSingleNodeResumeDisasterRecovery | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: download binary | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: embedded-release | |
| path: output/bin | |
| - uses: ./.github/actions/e2e | |
| with: | |
| test-name: '${{ matrix.tests }}' | |
| airgap-license-id: ${{ secrets.STAGING_EMBEDDED_CLUSTER_AIRGAP_LICENSE_ID }} | |
| snapshot-license-id: ${{ secrets.STAGING_EMBEDDED_CLUSTER_SNAPSHOT_LICENSE_ID }} | |
| snapshot-license: ${{ secrets.STAGING_EMBEDDED_CLUSTER_SNAPSHOT_LICENSE }} | |
| license-id: ${{ secrets.STAGING_EMBEDDED_CLUSTER_LICENSE_ID }} | |
| license: ${{ secrets.STAGING_EMBEDDED_CLUSTER_LICENSE }} | |
| dr-aws-access-key-id: ${{ secrets.TESTIM_AWS_ACCESS_KEY_ID }} | |
| dr-aws-secret-access-key: ${{ secrets.TESTIM_AWS_SECRET_ACCESS_KEY }} | |
| # this job will validate that all the tests passed | |
| # it is used for the github branch protection rule | |
| validate-success: | |
| runs-on: ubuntu-20.04 | |
| needs: | |
| - e2e | |
| - sanitize | |
| - tests | |
| if: always() | |
| steps: | |
| # https://docs.github.com/en/actions/learn-github-actions/contexts#needs-context | |
| - name: fail if e2e job was not successful | |
| if: needs.e2e.result != 'success' | |
| run: exit 1 | |
| - name: fail if sanitize job was not successful | |
| if: needs.sanitize.result != 'success' | |
| run: exit 1 | |
| - name: fail if tests job was not successful | |
| if: needs.tests.result != 'success' | |
| run: exit 1 | |
| - name: succeed if everything else passed | |
| run: echo "Validation succeeded" |