Bump k8s.io/apimachinery from 0.28.4 to 0.29.0 #158
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
merge_group: | |
pull_request: | |
paths-ignore: | |
- 'configsamples/**' | |
- 'design/**' | |
- 'website/**' | |
- 'CODE_OF_CONDUCT.md' | |
- 'CODEOWNERS' | |
- 'CONTRIBUTING.md' | |
- 'DCO' | |
- 'LICENSE' | |
- 'netlify.toml' | |
- 'README.md' | |
branches: | |
- "main" | |
- "v**" | |
workflow_dispatch: | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
static-security-analysis: | |
runs-on: ubuntu-22.04 | |
env: | |
GO111MODULE: on | |
steps: | |
- name: Checkout Source | |
uses: actions/checkout@v4 | |
- name: Run Gosec Security Scanner | |
uses: securego/gosec@master | |
with: | |
args: -exclude-dir e2etest -severity medium ./... | |
- name: Golang Vulncheck | |
uses: Templum/govulncheck-action@v0.10.1 | |
with: | |
skip-upload: true | |
check-changelog: | |
runs-on: ubuntu-22.04 | |
if: github.actor != 'dependabot[bot]' | |
steps: | |
- name: Checkout Source | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Get changed files | |
id: changed-files | |
uses: tj-actions/changed-files@v40 | |
- name: Check if release notes where changed | |
run: | | |
for file in ${{ steps.changed-files.outputs.all_changed_files }}; do | |
if [ "$file" = "website/content/release-notes/_index.md" ]; then | |
exit 0 | |
fi | |
done | |
echo "Release notes must be changed" | |
exit 1 | |
commitlint: | |
runs-on: ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: wagoid/commitlint-github-action@v5 | |
unit-tests: | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- uses: actions/setup-go@v4 | |
with: | |
go-version-file: "go.mod" | |
cache: true | |
- name: Install Dependencies | |
run: | | |
sudo apt-get update | |
sudo apt-get install python3-pip arping ndisc6 | |
sudo pip3 install invoke semver pyyaml | |
- name: Unit Tests | |
run: | | |
inv test | |
- name: Lint | |
run: | | |
inv checkpatch | |
inv lint -e host | |
inv verifylicense | |
inv gomodtidy | |
inv checkchanges --action="run inv gomodtidy" | |
inv generatemanifests | |
inv checkchanges --action="run inv generatemanifests" | |
inv generateapidocs | |
inv checkchanges --action="run inv generateapidocs" | |
build-test-images: | |
runs-on: ubuntu-22.04 | |
strategy: | |
fail-fast: true | |
matrix: | |
image: [speaker, controller, configmaptocrs] | |
steps: | |
- name: Code checkout | |
uses: actions/checkout@v4 | |
- name: Setup docker buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Build and export ${{ matrix.image }} | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
tags: quay.io/metallb/${{ matrix.image }}:dev-amd64 | |
file: ${{matrix.image}}/Dockerfile | |
outputs: type=docker,dest=/tmp/${{ matrix.image }}.tar | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
- name: Upload ${{ matrix.image }} artifact | |
uses: actions/upload-artifact@v3 | |
with: | |
retention-days: 1 | |
name: image-tar-${{ matrix.image }} | |
path: /tmp/${{ matrix.image }}.tar | |
helm: | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
# Required for chart-testing | |
fetch-depth: 0 | |
- name: Set up Helm | |
uses: azure/setup-helm@v3 | |
with: | |
version: v3.12.1 | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: '3.10' | |
check-latest: true | |
- name: Set up chart-testing | |
uses: helm/chart-testing-action@v2.6.0 | |
- name: Run chart-testing (list-changed) | |
id: list-changed | |
run: | | |
changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }}) | |
if [[ -n "$changed" ]]; then | |
echo "changed=true" >> "$GITHUB_OUTPUT" | |
fi | |
- name: Run chart-testing (lint) | |
if: steps.list-changed.outputs.changed == 'true' | |
run: | | |
helm repo add frrk8s https://metallb.github.io/frr-k8s | |
ct lint --check-version-increment=false --validate-maintainers=false --target-branch ${{ github.event.repository.default_branch }} | |
- name: Check if deps are updated | |
run: | | |
helm repo add frrk8s https://metallb.github.io/frr-k8s | |
helm dependency update charts/metallb | |
if [[ $(git status --porcelain | wc -l) -gt 0 ]]; then | |
echo "Please update the helm dependencies with: helm dependency update charts/metallb" | |
exit 1 | |
fi | |
- name: Helm doc generate | |
uses: docker://jnorwood/helm-docs:v1.10.0 | |
- name: Check if docs are different | |
run: | | |
if [[ $(git status --porcelain | wc -l) -gt 0 ]]; then | |
echo "Please update the helm docs with the \"helm-docs\" command (https://github.com/norwoodj/helm-docs) or use \"inv helmdocs\"" | |
exit 1 | |
fi | |
## TODO: Can't pass flags to the conftest GHA in order to use --fail-on-warn | |
## Should be fixed when https://github.com/instrumenta/conftest-action/issues/3 | |
## is resolved | |
## | |
# - name: Conftest | |
# uses: instrumenta/conftest-action/helm@master | |
# with: | |
# chart: charts/metallb/ | |
# policy: charts/metallb/policy | |
- name: Conftest | |
run: | | |
helm plugin install --debug https://github.com/instrumenta/helm-conftest | |
helm conftest charts/metallb/ -p charts/metallb/policy/ --fail-on-warn | |
e2e: | |
runs-on: ubuntu-22.04 | |
needs: | |
- unit-tests | |
- build-test-images | |
- helm | |
- commitlint | |
strategy: | |
fail-fast: false | |
matrix: | |
ip-family: [ipv4, ipv6, dual] | |
bgp-type: [native, frr, frr-k8s] | |
deployment: [manifests, helm] | |
prometheus: [disabled, enabled] | |
exclude: | |
- ip-family: ipv6 | |
prometheus: disabled | |
- ip-family: dual | |
prometheus: disabled | |
- bgp-type: frr | |
prometheus: disabled | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install kernel modules | |
run: | | |
sudo apt-get update | |
sudo apt-get install linux-modules-extra-$(uname -r) | |
- name: Setup | |
uses: ./.github/workflows/composite/setup | |
- name: Deploy MetalLB | |
run: | | |
HELM_FLAGS="" | |
PROMETHEUS_FLAGS="" | |
if [ ${{ matrix.deployment }} = "helm" ]; then HELM_FLAGS="--helm-install"; fi | |
if [ ${{ matrix.prometheus }} = "enabled" ]; then PROMETHEUS_FLAGS="--with-prometheus"; fi | |
inv dev-env -i ${{ matrix.ip-family }} -b ${{ matrix.bgp-type }} -l all $HELM_FLAGS --no-build-images $PROMETHEUS_FLAGS | |
- name: E2E | |
run: | | |
HELM_FLAGS="" | |
echo '/etc/frr/core-%e.%p.%h.%t' | sudo tee /proc/sys/kernel/core_pattern | |
if [ ${{ matrix.deployment }} = "helm" ]; then export SPEAKER_SELECTOR="app.kubernetes.io/component=speaker" && export CONTROLLER_SELECTOR="app.kubernetes.io/component=controller"; fi | |
SKIP="none" | |
WITH_VRF="--with-vrf" | |
FOCUS="" | |
if [ "${{ matrix.bgp-type }}" == "native" ]; then SKIP="$SKIP|FRR|FRR-MODE|FRRK8S-MODE|BFD|VRF|DUALSTACK"; WITH_VRF=""; fi | |
if [ "${{ matrix.ip-family }}" == "ipv4" ]; then SKIP="$SKIP|IPV6|DUALSTACK"; fi | |
if [ "${{ matrix.ip-family }}" == "dual" ]; then SKIP="$SKIP|IPV6"; fi | |
if [ "${{ matrix.ip-family }}" == "ipv6" ]; then SKIP="$SKIP|IPV4|DUALSTACK"; fi | |
if [ "${{ matrix.ip-family }}" == "ipv6" ] && [ ${{ matrix.bgp-type }} == "native" ]; then SKIP="$SKIP|BGP"; fi | |
if [ "${{ matrix.prometheus }}" == "disabled" ]; then SKIP="$SKIP|metrics"; fi | |
if [ "${{ matrix.bgp-type }}" == "frr" ]; then SKIP="$SKIP|FRRK8S-MODE"; fi | |
if [ "${{ matrix.bgp-type }}" == "frr-k8s" ]; then SKIP="$SKIP|FRR-MODE"; fi | |
echo "Skipping $SKIP" | |
echo "With VRF $WITH_VRF" | |
sudo -E env "PATH=$PATH" inv e2etest $FOCUS --skip $SKIP --bgp-mode ${{ matrix.bgp-type }} $WITH_VRF -e /tmp/kind_logs | |
- name: Collect Logs | |
if: ${{ failure() }} | |
uses: ./.github/workflows/composite/collectlogs | |
with: | |
artifact-name: kind-logs-${{ matrix.ip-family }}-${{ matrix.bgp-type }}-${{ matrix.deployment}} | |
# This lane checks if conversion webhooks work and if metallb is compatible with the CRDs | |
# in the operator. We deploy a v4-frr lane, clone the v0.12.1 version of metallb and run CI | |
# in operator mode. We run few significative tests that cover all the crds. | |
backward_compatible: | |
runs-on: ubuntu-22.04 | |
needs: | |
- unit-tests | |
- build-test-images | |
- helm | |
- commitlint | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup | |
uses: ./.github/workflows/composite/setup | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: "0" | |
path: metallb-v0.12.1 | |
ref: v0.12.1 | |
- name: Deploy MetalLB | |
run: | | |
inv dev-env -b frr --no-build-images | |
# Patch the old e2etest to cleanup the resources in the correct order. | |
- name: Apply patch | |
run: | | |
patch metallb-v0.12.1/e2etest/pkg/config/update.go < e2etest/backwardcompatible/patchfile | |
- name: E2E | |
run: | | |
cat <<EOF | kubectl apply -f - | |
apiVersion: v1 | |
kind: ConfigMap | |
metadata: | |
namespace: metallb-system | |
name: config | |
EOF | |
rm -rf e2etest # we want to make sure we are not running current e2e by mistake | |
cd metallb-v0.12.1 | |
sed -i -e 's/quay.io\/frrouting\/frr:stable_7.5/quay.io\/frrouting\/frr:7.5.1/g' e2etest/pkg/frr/container/container.go # replace with frr image from dockerhub since it has official image. | |
FOCUS="L2.*should work for ExternalTrafficPolicy=Cluster|BGP.*A service of protocol load balancer should work with.*IPV4 - ExternalTrafficPolicyCluster$|BGP.*should work with the given bfd profile.*IPV4 - default" | |
sudo -E env "PATH=$PATH" inv e2etest --skip-docker --use-operator --focus "$FOCUS" -e /tmp/kind_logs | |
- name: Collect Logs | |
if: ${{ failure() }} | |
uses: ./.github/workflows/composite/collectlogs | |
with: | |
artifact-name: kind-logs-backward-compatible | |
e2e-use-operator: | |
runs-on: ubuntu-22.04 | |
needs: | |
- unit-tests | |
- build-test-images | |
- helm | |
- commitlint | |
defaults: | |
run: | |
shell: bash | |
steps: | |
- name: Install kernel modules | |
run: | | |
sudo apt-get update | |
sudo apt-get install linux-modules-extra-$(uname -r) | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup | |
uses: ./.github/workflows/composite/setup | |
- name: Checkout Metal LB Operator | |
uses: actions/checkout@v4 | |
with: | |
repository: metallb/metallb-operator | |
path: metallboperator | |
ref: main | |
- name: Checkout MetalLB | |
uses: actions/checkout@v4 | |
with: | |
path: metallb | |
fetch-depth: 0 | |
- name: Create multi-node K8s Kind Cluster | |
run: | | |
cd ${GITHUB_WORKSPACE}/metallboperator | |
./hack/kind-multi-node-cluster-without-registry.sh | |
kind load docker-image quay.io/metallb/speaker:dev-amd64 | |
kind load docker-image quay.io/metallb/controller:dev-amd64 | |
export KUBECONFIG=${HOME}/.kube/config | |
- name: Deploy Metal LB Operator | |
run: | | |
cd ${GITHUB_WORKSPACE}/metallboperator | |
sed -i 's/quay.io\/metallb\/speaker:main/quay.io\/metallb\/speaker:dev-amd64/g' bin/metallb-operator.yaml | |
sed -i 's/quay.io\/metallb\/controller:main/quay.io\/metallb\/controller:dev-amd64/g' bin/metallb-operator.yaml | |
sed -i 's/native/frr/g' bin/metallb-operator.yaml | |
kubectl apply -f bin/metallb-operator.yaml | |
- name: Ensure MetalLB operator is ready | |
run: | | |
COUNT=0 | |
while [ "$(kubectl get pods -n metallb-system -l control-plane='controller-manager' -o jsonpath='{.items[*].status.containerStatuses[0].ready}')" != "true" ]; do | |
sleep 5 | |
COUNT=$((COUNT+1)) | |
if [[ $COUNT -gt 15 ]] ; then | |
exit 1; | |
fi | |
echo "Waiting for operator pod to be ready." | |
done | |
- name: MetalLB E2E Tests with Operator Deployment | |
run: | | |
cat <<EOF | kubectl apply -f - | |
apiVersion: metallb.io/v1beta1 | |
kind: MetalLB | |
metadata: | |
name: metallb | |
namespace: metallb-system | |
spec: | |
logLevel: debug | |
EOF | |
sudo -E env "PATH=$PATH" inv e2etest --bgp-mode frr --skip "IPV6|DUALSTACK|metrics|L2-interface selector|FRRK8S-MODE" -e /tmp/kind_logs | |
- name: Collect Logs | |
if: ${{ failure() }} | |
uses: ./.github/workflows/composite/collectlogs | |
with: | |
artifact-name: kind_logs_use_operator | |
oldest_k8s: | |
runs-on: ubuntu-22.04 | |
needs: | |
- unit-tests | |
- build-test-images | |
- helm | |
- commitlint | |
steps: | |
- name: Install kernel modules | |
run: | | |
sudo apt-get update | |
sudo apt-get install linux-modules-extra-$(uname -r) | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup | |
uses: ./.github/workflows/composite/setup | |
- name: Deploy MetalLB | |
run: | | |
inv dev-env -b frr --with-prometheus --no-build-images --node-img kindest/node:v1.27.1@sha256:b7d12ed662b873bd8510879c1846e87c7e676a79fefc93e17b2a52989d3ff42b | |
- name: E2E | |
run: | | |
FOCUS="L2.*should work for ExternalTrafficPolicy=Cluster|BGP.*A service of protocol load balancer should work with.*IPV4 - ExternalTrafficPolicyCluster$|validate FRR running configuration" | |
sudo -E env "PATH=$PATH" inv e2etest --bgp-mode frr --focus "$FOCUS" -e /tmp/kind_logs | |
- name: Collect Logs | |
if: ${{ failure() }} | |
uses: ./.github/workflows/composite/collectlogs | |
with: | |
artifact-name: kind-logs-oldest-k8s |