Skip to content

Bump k8s.io/api from 0.28.3 to 0.28.4 #145

Bump k8s.io/api from 0.28.3 to 0.28.4

Bump k8s.io/api from 0.28.3 to 0.28.4 #145

Workflow file for this run

name: CI
on:
merge_group:
pull_request:
paths-ignore:
- 'configsamples/**'
- 'design/**'
- 'website/**'
- 'CODE_OF_CONDUCT.md'
- 'CODEOWNERS'
- 'CONTRIBUTING.md'
- 'DCO'
- 'LICENSE'
- 'netlify.toml'
- 'README.md'
branches:
- "main"
- "v**"
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
static-security-analysis:
runs-on: ubuntu-22.04
env:
GO111MODULE: on
steps:
- name: Checkout Source
uses: actions/checkout@v4
- name: Run Gosec Security Scanner
uses: securego/gosec@master
with:
args: -exclude-dir e2etest -severity medium ./...
- name: Golang Vulncheck
uses: Templum/govulncheck-action@v0.10.1
with:
skip-upload: true
commitlint:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: wagoid/commitlint-github-action@v5
unit-tests:
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version-file: "go.mod"
cache: true
- name: Install Dependencies
run: |
sudo apt-get update
sudo apt-get install python3-pip arping ndisc6
sudo pip3 install invoke semver pyyaml
- name: Unit Tests
run: |
inv test
- name: Lint
run: |
inv checkpatch
inv lint -e host
inv verifylicense
inv gomodtidy
inv checkchanges --action="run inv gomodtidy"
inv generatemanifests
inv checkchanges --action="run inv generatemanifests"
inv generateapidocs
inv checkchanges --action="run inv generateapidocs"
build-test-images:
runs-on: ubuntu-22.04
strategy:
fail-fast: true
matrix:
image: [speaker, controller, configmaptocrs]
steps:
- name: Code checkout
uses: actions/checkout@v4
- name: Setup docker buildx
uses: docker/setup-buildx-action@v3
- name: Build and export ${{ matrix.image }}
uses: docker/build-push-action@v5
with:
context: .
tags: quay.io/metallb/${{ matrix.image }}:dev-amd64
file: ${{matrix.image}}/Dockerfile
outputs: type=docker,dest=/tmp/${{ matrix.image }}.tar
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Upload ${{ matrix.image }} artifact
uses: actions/upload-artifact@v3
with:
retention-days: 1
name: image-tar-${{ matrix.image }}
path: /tmp/${{ matrix.image }}.tar
helm:
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v4
with:
# Required for chart-testing
fetch-depth: 0
- name: Set up Helm
uses: azure/setup-helm@v3
with:
version: v3.7.1
## ct v3.4.0, which in turn uses helm v3.5.4
- name: Lint
uses: docker://quay.io/helmpack/chart-testing:v3.4.0
with:
args: ct lint
- name: Helm doc generate
uses: docker://jnorwood/helm-docs:v1.10.0
- name: Check if docs are different
run: |
if [[ $(git status --porcelain | wc -l) -gt 0 ]]; then
echo "Please update the helm docs with the \"helm-docs\" command (https://github.com/norwoodj/helm-docs) or use \"inv helmdocs\""
exit 1
fi
## TODO: Can't pass flags to the conftest GHA in order to use --fail-on-warn
## Should be fixed when https://github.com/instrumenta/conftest-action/issues/3
## is resolved
##
# - name: Conftest
# uses: instrumenta/conftest-action/helm@master
# with:
# chart: charts/metallb/
# policy: charts/metallb/policy
- name: Conftest
run: |
helm plugin install --debug https://github.com/instrumenta/helm-conftest
helm conftest charts/metallb/ -p charts/metallb/policy/ --fail-on-warn
e2e:
runs-on: ubuntu-22.04
needs:
- unit-tests
- build-test-images
- helm
- commitlint
strategy:
fail-fast: false
matrix:
ip-family: [ipv4, ipv6, dual]
bgp-type: [native, frr]
deployment: [manifests, helm]
prometheus: [disabled, enabled]
exclude:
- ip-family: ipv6
prometheus: disabled
- ip-family: dual
prometheus: disabled
- bgp-type: frr
prometheus: disabled
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install kernel modules
run: |
sudo apt-get update
sudo apt-get install linux-modules-extra-$(uname -r)
- name: Setup
uses: ./.github/workflows/composite/setup
- name: Deploy MetalLB
run: |
HELM_FLAGS=""
PROMETHEUS_FLAGS=""
if [ ${{ matrix.deployment }} = "helm" ]; then HELM_FLAGS="--helm-install"; fi
if [ ${{ matrix.prometheus }} = "enabled" ]; then PROMETHEUS_FLAGS="--with-prometheus"; fi
inv dev-env -i ${{ matrix.ip-family }} -b ${{ matrix.bgp-type }} -l all $HELM_FLAGS --no-build-images $PROMETHEUS_FLAGS
- name: E2E
run: |
HELM_FLAGS=""
echo '/etc/frr/core-%e.%p.%h.%t' | sudo tee /proc/sys/kernel/core_pattern
if [ ${{ matrix.deployment }} = "helm" ]; then export SPEAKER_SELECTOR="app.kubernetes.io/component=speaker" && export CONTROLLER_SELECTOR="app.kubernetes.io/component=controller"; fi
SKIP="none"
NATIVE_BGP=""
if [ "${{ matrix.bgp-type }}" == "native" ]; then SKIP="$SKIP|FRR|BFD|VRF|DUALSTACK"; NATIVE_BGP="--native-bgp"; fi
if [ "${{ matrix.ip-family }}" == "ipv4" ]; then SKIP="$SKIP|IPV6|DUALSTACK"; fi
if [ "${{ matrix.ip-family }}" == "dual" ]; then SKIP="$SKIP|IPV6"; fi
if [ "${{ matrix.ip-family }}" == "ipv6" ]; then SKIP="$SKIP|IPV4|DUALSTACK"; fi
if [ "${{ matrix.ip-family }}" == "ipv6" ] && [ ${{ matrix.bgp-type }} == "native" ]; then SKIP="$SKIP|BGP"; fi
if [ "${{ matrix.prometheus }}" == "disabled" ]; then SKIP="$SKIP|metrics"; fi
echo "Skipping $SKIP"
echo "Native bgp mode $NATIVE_BGP"
sudo -E env "PATH=$PATH" inv e2etest --skip $SKIP $NATIVE_BGP -e /tmp/kind_logs
- name: Collect Logs
if: ${{ failure() }}
uses: ./.github/workflows/composite/collectlogs
with:
artifact-name: kind-logs-${{ matrix.ip-family }}-${{ matrix.bgp-type }}-${{ matrix.deployment}}
# This lane checks if conversion webhooks work and if metallb is compatible with the CRDs
# in the operator. We deploy a v4-frr lane, clone the v0.12.1 version of metallb and run CI
# in operator mode. We run few significative tests that cover all the crds.
backward_compatible:
runs-on: ubuntu-22.04
needs:
- unit-tests
- build-test-images
- helm
- commitlint
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup
uses: ./.github/workflows/composite/setup
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: "0"
path: metallb-v0.12.1
ref: v0.12.1
- name: Deploy MetalLB
run: |
inv dev-env -b frr --no-build-images
# Patch the old e2etest to cleanup the resources in the correct order.
- name: Apply patch
run: |
patch metallb-v0.12.1/e2etest/pkg/config/update.go < e2etest/backwardcompatible/patchfile
- name: E2E
run: |
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: ConfigMap
metadata:
namespace: metallb-system
name: config
EOF
rm -rf e2etest # we want to make sure we are not running current e2e by mistake
cd metallb-v0.12.1
sed -i -e 's/quay.io\/frrouting\/frr:stable_7.5/quay.io\/frrouting\/frr:7.5.1/g' e2etest/pkg/frr/container/container.go # replace with frr image from dockerhub since it has official image.
FOCUS="L2.*should work for ExternalTrafficPolicy=Cluster|BGP.*A service of protocol load balancer should work with.*IPV4 - ExternalTrafficPolicyCluster$|BGP.*should work with the given bfd profile.*IPV4 - default"
sudo -E env "PATH=$PATH" inv e2etest --skip-docker --use-operator --focus "$FOCUS" -e /tmp/kind_logs
- name: Collect Logs
if: ${{ failure() }}
uses: ./.github/workflows/composite/collectlogs
with:
artifact-name: kind-logs-backward-compatible
e2e-use-operator:
runs-on: ubuntu-22.04
needs:
- unit-tests
- build-test-images
- helm
- commitlint
defaults:
run:
shell: bash
steps:
- name: Install kernel modules
run: |
sudo apt-get update
sudo apt-get install linux-modules-extra-$(uname -r)
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup
uses: ./.github/workflows/composite/setup
- name: Checkout Metal LB Operator
uses: actions/checkout@v4
with:
repository: metallb/metallb-operator
path: metallboperator
ref: main
- name: Checkout MetalLB
uses: actions/checkout@v4
with:
path: metallb
fetch-depth: 0
- name: Create multi-node K8s Kind Cluster
run: |
cd ${GITHUB_WORKSPACE}/metallboperator
./hack/kind-multi-node-cluster-without-registry.sh
kind load docker-image quay.io/metallb/speaker:dev-amd64
kind load docker-image quay.io/metallb/controller:dev-amd64
export KUBECONFIG=${HOME}/.kube/config
- name: Deploy Metal LB Operator
run: |
cd ${GITHUB_WORKSPACE}/metallboperator
sed -i 's/quay.io\/metallb\/speaker:main/quay.io\/metallb\/speaker:dev-amd64/g' bin/metallb-operator.yaml
sed -i 's/quay.io\/metallb\/controller:main/quay.io\/metallb\/controller:dev-amd64/g' bin/metallb-operator.yaml
sed -i 's/native/frr/g' bin/metallb-operator.yaml
kubectl apply -f bin/metallb-operator.yaml
- name: Ensure MetalLB operator is ready
run: |
COUNT=0
while [ "$(kubectl get pods -n metallb-system -l control-plane='controller-manager' -o jsonpath='{.items[*].status.containerStatuses[0].ready}')" != "true" ]; do
sleep 5
COUNT=$((COUNT+1))
if [[ $COUNT -gt 15 ]] ; then
exit 1;
fi
echo "Waiting for operator pod to be ready."
done
- name: MetalLB E2E Tests with Operator Deployment
run: |
cat <<EOF | kubectl apply -f -
apiVersion: metallb.io/v1beta1
kind: MetalLB
metadata:
name: metallb
namespace: metallb-system
spec:
logLevel: debug
EOF
sudo -E env "PATH=$PATH" inv e2etest --skip "IPV6|DUALSTACK|metrics|L2-interface selector" -e /tmp/kind_logs
- name: Collect Logs
if: ${{ failure() }}
uses: ./.github/workflows/composite/collectlogs
with:
artifact-name: kind_logs_use_operator
oldest_k8s:
runs-on: ubuntu-22.04
needs:
- unit-tests
- build-test-images
- helm
- commitlint
steps:
- name: Install kernel modules
run: |
sudo apt-get update
sudo apt-get install linux-modules-extra-$(uname -r)
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup
uses: ./.github/workflows/composite/setup
- name: Deploy MetalLB
run: |
inv dev-env -b frr --with-prometheus --no-build-images --node-img kindest/node:v1.27.1@sha256:b7d12ed662b873bd8510879c1846e87c7e676a79fefc93e17b2a52989d3ff42b
- name: E2E
run: |
FOCUS="L2.*should work for ExternalTrafficPolicy=Cluster|BGP.*A service of protocol load balancer should work with.*IPV4 - ExternalTrafficPolicyCluster$|validate FRR running configuration"
sudo -E env "PATH=$PATH" inv e2etest --focus "$FOCUS" -e /tmp/kind_logs
- name: Collect Logs
if: ${{ failure() }}
uses: ./.github/workflows/composite/collectlogs
with:
artifact-name: kind-logs-oldest-k8s