Provisioner: Add kbs provisioning steps in CI

Fixes: confidential-containers#1676 Signed-off-by: Kartik Joshi <kartikjoshi@microsoft.com>
kartikjoshi21 · Feb 8, 2024 · dd62057 · dd62057
1 parent 6fec6f8
commit dd62057
Showing 1 changed file with 64 additions and 20 deletions.
diff --git a/.github/workflows/azure-e2e-test.yml b/.github/workflows/azure-e2e-test.yml
@@ -20,6 +20,12 @@ on:
       caa-image:
         type: string
         description: prebuilt caa image
+      kbs-image-id:
+        type: string
+        description: prebuild kbs image
+      kbs-image-tag:
+        type: string
+        description: prebuild kbs image tag
 
 jobs:
   generate-podvm-image-version:
@@ -108,10 +114,18 @@ jobs:
       with:
         go-version: ${{ env.GO_VERSION }}
 
+    - name: Extract provisioner environment
+      run: |
+        echo "KBS_IMAGE=$(yq -e '.image.kbs.registry' versions.yaml)" >> "$GITHUB_ENV"
+        echo "KBS_IMAGE_TAG=$(yq -e '.image.kbs.tag' versions.yaml)" >> "$GITHUB_ENV"
+       
+
     - name: Create provisioner file
       env:
         AZURE_IMAGE_ID: ${{ github.event.inputs.podvm-image-id || format('/CommunityGalleries/{0}/images/{1}/Versions/{2}', vars.AZURE_COMMUNITY_GALLERY_NAME, vars.AZURE_PODVM_IMAGE_DEF_NAME, needs.generate-podvm-image-version.outputs.image-version) }}
         CAA_IMAGE: "${{ github.event.inputs.caa-image || needs.build-caa-container-image.outputs.caa-image }}"
+        KBS_IMAGE: ${{ github.event.inputs.kbs-image-id || env.KBS_IMAGE }}
+        KBS_IMAGE_TAG: ${{  github.event.inputs.kbs-image-tag || env.KBS_IMAGE_TAG}}
       run: |
         cat << EOF > ${{ env.TEST_PROVISION_FILE }}
           AZURE_SUBSCRIPTION_ID="${{ secrets.AZURE_SUBSCRIPTION_ID }}"
@@ -124,6 +138,8 @@ jobs:
           IS_CI_MANAGED_CLUSTER="true"
           MANAGED_IDENTITY_NAME="${{ secrets.AZURE_MANAGED_IDENTITY_NAME}}"
           CAA_IMAGE="${CAA_IMAGE}"
+          KBS_IMAGE="${KBS_IMAGE}"
+          KBS_IMAGE_TAG="${KBS_IMAGE_TAG}"
         EOF
         cat ${{ env.TEST_PROVISION_FILE }}
 
@@ -157,12 +173,12 @@ jobs:
 
   run-e2e-test:
     runs-on: ubuntu-latest
-    needs:
-    - build-podvm-image
-    - build-caa-container-image
-    - install-aks
-    - generate-podvm-image-version
-    if: always() && !cancelled() && needs.build-podvm-image.result != 'failure'
+      #needs:
+      #- build-podvm-image
+      #- build-caa-container-image
+      #- install-aks
+      #- generate-podvm-image-version
+      #if: always() && !cancelled() && needs.build-podvm-image.result != 'failure'
     steps:
     - uses: actions/checkout@v3
 
@@ -174,24 +190,52 @@ jobs:
       with:
         go-version: ${{ env.GO_VERSION }}
 
-    - uses: azure/login@v1
-      name: 'Az CLI login'
+          #- uses: azure/login@v1
+          #name: 'Az CLI login'
+          #with:
+          #client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          #subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          #tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+
+          #- name: Restore the configuration created before
+          #uses: actions/download-artifact@v3
+          #with:
+          #name: e2e-configuration
+
+          #- name: Add AKS Cluster Subnet ID to test provision file
+          #run: |
+          #NODE_RESOURCE_GROUP="$(az aks show -g ${{ secrets.AZURE_RESOURCE_GROUP }} -n "$CLUSTER_NAME" --query nodeResourceGroup -o tsv)"
+          #SUBNET_ID="$(az network vnet list -g "$NODE_RESOURCE_GROUP" --query '[0].subnets[0].id' -o tsv)"
+          #test -n "$SUBNET_ID"
+          #echo "AZURE_SUBNET_ID=\"${SUBNET_ID}\"" >> "$TEST_PROVISION_FILE"
+
+    - name: Checkout kbs Repository
+      uses: actions/checkout@v2
       with:
-        client-id: ${{ secrets.AZURE_CLIENT_ID }}
-        subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-        tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+        repository: confidential-containers/kbs
+        ref: main
+        path: test/e2e/kbs
 
-    - name: Restore the configuration created before
-      uses: actions/download-artifact@v3
-      with:
-        name: e2e-configuration
+    - name: Extract kbs commit id
+      run: echo "KBS_VERSION=$(yq -e '.git.kbs.reference' versions.yaml)" >> "$GITHUB_ENV"
 
-    - name: Add AKS Cluster Subnet ID to test provision file
+    - name: Move to compatible kbs version
+      env:
+        KBS_VERSION: ${{ env.KBS_VERSION }}
       run: |
-        NODE_RESOURCE_GROUP="$(az aks show -g ${{ secrets.AZURE_RESOURCE_GROUP }} -n "$CLUSTER_NAME" --query nodeResourceGroup -o tsv)"
-        SUBNET_ID="$(az network vnet list -g "$NODE_RESOURCE_GROUP" --query '[0].subnets[0].id' -o tsv)"
-        test -n "$SUBNET_ID"
-        echo "AZURE_SUBNET_ID=\"${SUBNET_ID}\"" >> "$TEST_PROVISION_FILE"
+        pwd
+        echo "split"
+        pushd test/e2e/kbs
+        echo "split"
+        pwd
+        echo "split"
+        git log
+        echo "split"
+        git reset --hard "${KBS_VERSION}"
+        echo "split"
+        popd
+        echo "split"
+        pwd
 
     - name: Run e2e test
       env: