.github/workflows/check-network.yaml

name: k0s Check Network
on:
  workflow_dispatch:
    inputs:
      prNumber:
        description: PR against which to this workflow
        required: false
  schedule:
    - cron: "0 23 * * *"

env:
  MAKEFLAGS: -j

jobs:
  check-network:
    env:
      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_TERRAFORM_ID }}
      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_TERRAFORM_KEY }}
      AWS_DEFAULT_REGION: eu-west-1
      TF_VERSION: 1.2.2
      KUBECONFIG: ${{ github.workspace }}/kubeconfig

    name: "K8s Network Conformance Testing"
    if: github.repository == 'k0sproject/k0s'
    runs-on: ubuntu-latest
    outputs:
      k0s_version: ${{ steps.bin_info.outputs.K0S_VERSION }}
      kubernetes_version: ${{ steps.k0s_build.outputs.KUBERNETES_VERSION }}

    defaults:
      run:
        working-directory: ./inttest/sonobuoy/terraform
    steps:
      - name: Get PR Reference
        env:
          INPUT_PRNUMBER: ${{ github.event.inputs.prNumber }}
        run: |
          # check if a an input to override the reference is set
          if [[ ${INPUT_PRNUMBER} != "" ]]; then
            GIT_REF="refs/pull/${INPUT_PRNUMBER}/merge"
            echo "github_ref=$GIT_REF" >> $GITHUB_ENV
            exit 0
          else
            # PR number was not set manually
            echo "no manual override: leaving GitHub reference unchanged."
            echo "github_ref=$GITHUB_REF" >> $GITHUB_ENV
          fi
        working-directory: ./
      - name: Run git checkout
        uses: actions/checkout@v4
        with:
          ref: ${{ env.github_ref }}
          # Dev builds rely on "git describe --tags" to set the binary version
          fetch-depth: 0

      - name: Prepare build environment
        working-directory: ./
        run: .github/workflows/prepare-build-env.sh

      - name: Set up Go
        uses: actions/setup-go@v3
        with:
          go-version: ${{ env.GO_VERSION }}

      - name: Setup Terraform
        uses: hashicorp/setup-terraform@v3
        with:
          terraform_version: ${{ env.TF_VERSION }}

      - name: Terraform Init
        run: terraform init

      - name: Cache embedded binaries
        uses: actions/cache@v4
        with:
          key: ${{ runner.os }}-embedded-bins-linux-${{ hashFiles('embedded-bins/**/*') }}
          path: |
            .bins.linux.stamp
            bindata_linux
            embedded-bins/staging/linux/bin/
            embedded-bins/Makefile.variables
            pkg/assets/zz_generated_offsets_linux.go
      - name: Cache GOCACHE
        uses: actions/cache@v4
        with:
          key: ${{ runner.os }}-build-gocache-linux-${{ github.ref_name }}-${{ github.sha }}
          restore-keys: |
            ${{ runner.os }}-build-gocache-linux-${{ github.ref_name }}-
          path: |
            build/cache/go/build
      - name: Cache GOMODCACHE
        uses: actions/cache@v4
        with:
          key: ${{ runner.os }}-build-gomodcache-linux-${{ hashFiles('go.sum') }}
          path: |
            build/cache/go/mod

      - name: Build k0s Binary
        id: k0s_build
        run: |
          make build
          KUBERNETES_VERSION="$(./vars.sh kubernetes_version)"
          echo KUBERNETES_VERSION="$KUBERNETES_VERSION" >> $GITHUB_OUTPUT
        working-directory: ./

      - name: Set k0s' Version
        id: bin_info
        run: |
          # run k0s version
          K0S_VER=$("$GITHUB_WORKSPACE/k0s" version)

          if [ -z "$K0S_VER" ]; then
            echo "empty k0s version. failing..."
            exit 1
          fi

          echo K0S_VERSION="$K0S_VER" >> $GITHUB_OUTPUT

      - name: Terraform Apply
        env:
          TF_VAR_k0s_version: ${{ steps.bin_info.outputs.K0S_VERSION }}
          TF_VAR_k0s_binary_path: ${{ github.workspace }}/k0s

        run: |
          PR_NUMBER=$(echo ${GITHUB_REF} | cut -d / -f 3 )
          export TF_VAR_cluster_name="k0s_pr_${PR_NUMBER}"

          # debug
          echo "k0s_version = ${TF_VAR_k0s_version}"

          # Start SSH Agent
          eval `ssh-agent -s`

          terraform apply -auto-approve

      - name: Create k0s Cluster using k0sctl
        id: k0sctl
        run: |
          # download k0sctl
          curl --silent -L "https://github.com/k0sproject/k0sctl/releases/download/${K0SCTL_VERSION}/k0sctl-linux-x64" -o k0sctl
          chmod +x ./k0sctl
          ./k0sctl apply -c k0sctl.yaml

          # save kubeconfig file
          ./k0sctl kubeconfig > $KUBECONFIG

      - name: Run Sonobuoy
        run: make check-network
        working-directory: ./inttest

      - name: Terraform Destroy
        env:
          TF_VAR_k0s_version: ${{ steps.bin_info.outputs.K0S_VERSION }}
        run: |
          PR_NUMBER=$(echo ${GITHUB_REF} | cut -d / -f 3 )
          export TF_VAR_cluster_name="k0s_pr_${PR_NUMBER}"

          terraform destroy -auto-approve
        if: ${{ always() }}

      - name: slack notify
        env:
          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
        uses: 8398a7/action-slack@v3
        with:
          job_name: "K8s Network Conformance Testing"
          status: ${{ job.status }}
          fields: workflow,ref,commit,author,job,took # selectable (default: repo,message)
        if: ${{ always() }} # Pick up events even if the job fails or is canceled.