Skip to content

Fixing konflux violations #651

Fixing konflux violations

Fixing konflux violations #651

name: Move2kube Workflow end to end tests
on:
workflow_dispatch:
pull_request:
branches:
- main
paths:
- 'move2kube/**'
- 'pipeline/**'
- .github/workflows/move2kube-e2e.yaml
- .github/workflows/m2k-func.yaml
- .github/workflows/main.yml
- e2e/move2kube.sh
jobs:
build:
uses: ./.github/workflows/main.yml
secrets: inherit
with:
workflow_id: move2kube
it_mode: true
build-m2k-kfunc:
uses: ./.github/workflows/m2k-func.yaml
secrets: inherit
with:
it_mode: true
run-m2k-e2e:
runs-on: ubuntu-24.04
needs: build
steps:
- uses: actions/checkout@v4
- name: Create k8s Kind Cluster
uses: helm/[email protected]
with:
cluster_name: kind
- name: Create sonataflow-infra namespace
run: |
# Needs to knative events resources in this namespace as the broker url is hard coded at the moment
kubectl create ns sonataflow-infra
- name: Create sshkeys secret
env:
SSH_PUB_KEY: ${{secrets.SSH_PUB_KEY}}
SSH_PRIV_KEY: ${{secrets.SSH_PRIV_KEY}}
run: |
echo "${SSH_PUB_KEY}" >> id_rsa.pub
echo "${SSH_PRIV_KEY}" >> id_rsa
kubectl create secret generic sshkeys --from-file=id_rsa=id_rsa --from-file=id_rsa.pub=id_rsa.pub
- name: Install move2kube instance
run: |
kubectl apply -f e2e/resources/move2kube-instance.yaml
kubectl get pods
kubectl wait --for=condition=Ready=true --timeout=2m pod -l app=move2kube-instance
- name: Download sonataflow artifacts generated manifests
uses: actions/download-artifact@v4
with:
name: serverless-workflow-move2kube-manifests
path: manifests
- name: Download serverless workflows move2kube image
uses: actions/download-artifact@v4
with:
name: serverless-workflow-move2kube-${{ github.sha }}.tar
- name: Download m2k-kfunc image
uses: actions/download-artifact@v4
with:
name: serverless-workflow-m2k-kfunc-${{ github.sha }}.tar
- name: Load move2kube workflow images to Kind
run: |
kind load image-archive serverless-workflow-move2kube-${{ github.sha }}.tar
kind load image-archive serverless-workflow-m2k-kfunc-${{ github.sha }}.tar
docker exec $(kind get clusters | head -1)-control-plane crictl images
- name: Deploy sonataflow-operator
run: |
helm repo add orchestrator https://parodos-dev.github.io/orchestrator-helm-chart
helm install orchestrator orchestrator/orchestrator-k8s
kubectl get sfp -A
kubectl wait --for=condition=Ready=true pods -l "app.kubernetes.io/name=backstage" --timeout=10m
kubectl get pods -o wide
kubectl wait --for=condition=Ready=true pods -l "app=sonataflow-platform" --timeout=180s
kubectl set env deployment/orchestrator-backstage LOG_LEVEL=DEBUG
- name: Deploy Move2kube serverless workflow
run: |
kubectl patch configmap/config-features \
-n knative-serving \
--type merge \
-p '{"data":{"kubernetes.podspec-init-containers": "enabled", "kubernetes.podspec-securitycontext": "enabled"}}'
yq --inplace '.spec.podTemplate.container |= ( . + {"env": [{"name": "K_SINK", "value": "http://broker-ingress.knative-eventing.svc.cluster.local/sonataflow-infra/default"}]} )' manifests/0?-sonataflow_m2k.yaml
# reuse orchestrator psql persistence for e2e tests
kubectl patch secret orchestrator-postgresql --patch='{"stringData": { "postgres-username": "postgres" }}'
yq --inplace ".spec.persistence = (
{
\"postgresql\": {
\"secretRef\": {
\"name\": \"orchestrator-postgresql\",
\"userKey\": \"postgres-username\",
\"passwordKey\": \"postgres-password\"
},
\"serviceRef\": {
\"name\": \"orchestrator-postgresql\",
\"port\": 5432,
\"databaseName\": \"postgres\",
\"databaseSchema\": \"m2k\"
}
}
}
)" manifests/0?-sonataflow_m2k.yaml
# Set notification external access token
echo " Set notification external access token"
BACKEND_SECRET=$(kubectl get secret orchestrator-auth -o jsonpath={.data.backend-secret})
yq --inplace ".data.NOTIFICATIONS_BEARER_TOKEN=\"$BACKEND_SECRET\"" manifests/0?-secret_m2k.yaml # notsecret
cat manifests/0?-secret_m2k.yaml
# deploy the manifests created by the ${{ steps.build-image.outputs.image }}"
kubectl apply -f manifests
sleep 5
kubectl get deployment m2k -o yaml
kubectl get deployment m2k -o jsonpath={.spec.template.spec.containers[]}
# give the pod time to start
sleep 15
kubectl get pods -o wide
kubectl wait --for=condition=Ready=true pods -l "app=m2k" --timeout=1m
kubectl patch configmap/m2k-props \
--type merge \
-p '{"data": {"application.properties" :"move2kube_url=http://move2kube-instance-svc.default.svc.cluster.local:8080\nquarkus.rest-client.move2kube_yaml.url=http://move2kube-instance-svc.default.svc.cluster.local:8080\nquarkus.rest-client.notifications.url=http://orchestrator-backstage.default.svc.cluster.local:7007/"}}'
kubectl delete pod -l "app=m2k"
kubectl get pods -o wide
kubectl wait --for=condition=Ready=true pods -l "app=m2k" --timeout=1m
- name: Deploy Knative function
run: |
kubectl apply -f e2e/resources/move2kube-configmaps.yaml
yq --inplace '.spec.template.spec.containers[0] |= ( . + {"image": "kind.local/orchestrator/serverless-workflow-m2k-kfunc:${{ github.sha }}"} )' e2e/resources/knative-service.yaml
kubectl apply -f e2e/resources/knative-service.yaml
kubectl apply -f e2e/resources/knative-resources.yaml
kubectl wait ksvc m2k-save-transformation-func --for=condition=Ready=true --timeout=5m
- name: Run e2e script
run: |
export BACKEND_SECRET=$(kubectl get secret orchestrator-auth -o jsonpath={.data.backend-secret} | base64 -d)
e2e/move2kube.sh
- name: Export kind Logs
if: always()
run: |
kubectl get pods
kind export logs ./kind_logs
- name: Upload Kind Logs
uses: actions/upload-artifact@v4
# Always run this, even if one of th previous steps failed.
if: always()
with:
name: kind-logs
path: ./kind_logs/