-
Notifications
You must be signed in to change notification settings - Fork 7
190 lines (173 loc) · 6.94 KB
/
ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
---
name: ci
on:
pull_request:
push:
branches:
- 'release/**'
jobs:
yamllint:
uses: networkservicemesh/.github/.github/workflows/yamllint.yaml@main
shellcheck:
uses: networkservicemesh/.github/.github/workflows/shellcheck.yaml@main
golangci-lint:
uses: networkservicemesh/.github/.github/workflows/golangci-lint.yaml@main
exclude-fmt-errorf:
uses: networkservicemesh/.github/.github/workflows/exclude-fmt-errorf.yaml@main
checkgomod:
uses: networkservicemesh/.github/.github/workflows/checkgomod.yaml@main
azure:
environment: AKS
name: Azure Kubernetes Service
runs-on: ubuntu-latest
steps:
- name: Install azure-cli
uses: azure/CLI@v1
with:
inlineScript: |
az version
- name: Set up azure permissions
run: |
sudo chmod -R 777 ~/.azure
- name: Set up /bin permissions
run: |
sudo chmod -R 777 /bin
- name: Set up go
uses: actions/setup-go@v5
with:
go-version: 1.23.1
- name: Checkout files
uses: actions/checkout@v4
with:
path: ${{ github.repository }}
- name: Install kubectl
run: |
curl -LO https://dl.k8s.io/release/${{ vars.NSM_KUBERNETES_VERSION }}/bin/linux/amd64/kubectl
chmod +x ./kubectl
mv ./kubectl /usr/local/bin/kubectl
- name: Setup AKS cluster
working-directory: ${{ github.repository }}
run: |
az login --service-principal --username ${AZURE_SERVICE_PRINCIPAL} --password ${AZURE_SERVICE_PRINCIPAL_SECRET} --tenant ${AZURE_TENANT}
AKS_K8S_VERSION=$(echo ${{ vars.NSM_KUBERNETES_VERSION }} | cut -d '.' -f 1,2 | cut -c 2-)
az aks create \
--resource-group "$AZURE_RESOURCE_GROUP" \
--name "$AZURE_CLUSTER_NAME" \
--node-count 2 \
--node-vm-size Standard_B2ms \
--generate-ssh-keys \
--kubernetes-version $AKS_K8S_VERSION \
--debug
az aks wait \
--name "$AZURE_CLUSTER_NAME" \
--resource-group "$AZURE_RESOURCE_GROUP" \
--created > /dev/null
az aks get-credentials \
--name "$AZURE_CLUSTER_NAME" \
--resource-group "$AZURE_RESOURCE_GROUP" \
--file "/tmp/config" \
--overwrite-existing
env:
AZURE_SERVICE_PRINCIPAL: ${{ secrets.AZURE_SERVICE_PRINCIPAL }}
AZURE_SERVICE_PRINCIPAL_SECRET: ${{ secrets.AZURE_SERVICE_PRINCIPAL_SECRET }}
AZURE_TENANT: ${{ secrets.AZURE_TENANT }}
AZURE_CLUSTER_NAME: aks-${{ github.run_id }}-${{ github.run_number }}
AZURE_RESOURCE_GROUP: nsm-ci
- name: Run tests
working-directory: ${{ github.repository }}
run: |
kubectl version
go test -count 1 -timeout 1h55m -race -v ./... -parallel 4
env:
KUBECONFIG: /tmp/config
- name: Cleanup AKS cluster
if: ${{ always() }}
working-directory: ${{ github.repository }}
run: |
az aks delete \
--name "$AZURE_CLUSTER_NAME" \
--resource-group "$AZURE_RESOURCE_GROUP" \
--yes
env:
AZURE_CLUSTER_NAME: aks-${{ github.run_id }}-${{ github.run_number }}
AZURE_RESOURCE_GROUP: nsm-ci
- name: Upload logs
uses: actions/upload-artifact@v4
if: ${{ always() }}
with:
name: logs-${{ github.run_number }}
path: ${{ github.repository }}/logs
azure-tanzu:
needs: azure
environment: Azure Tanzu
name: Azure Tanzu
runs-on: ubuntu-latest
env:
AZURE_CLIENT_ID: ${{ secrets.AZURE_SERVICE_PRINCIPAL }}
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_SERVICE_PRINCIPAL_SECRET }}
AZURE_TENANT: ${{ secrets.AZURE_TENANT }}
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
AZURE_SSH_PUBLIC_KEY_B64: ${{ secrets.AZURE_SSH_PUBLIC_KEY_B64}}
AZURE_RESOURCE_GROUP: nsm-ci
steps:
- name: Checkout files
uses: actions/checkout@v4
- name: Install kind
uses: engineerd/setup-kind@v0.5.0
with:
version: v0.20.0
image: kindest/node:v1.27.0
skipClusterCreation: true
- name: Install Tanzu
run: |
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://packages.vmware.com/tools/keys/VMWARE-PACKAGING-GPG-RSA-KEY.pub | sudo gpg --dearmor -o /etc/apt/keyrings/tanzu-archive-keyring.gpg
echo "deb [signed-by=/etc/apt/keyrings/tanzu-archive-keyring.gpg] https://storage.googleapis.com/tanzu-cli-os-packages/apt tanzu-cli-jessie main" | sudo tee /etc/apt/sources.list.d/tanzu.list
sudo apt update
sudo apt install tanzu-cli=1.1.0
tanzu version
tanzu config eula accept
tanzu ceip-participation set false
tanzu plugin install all --group vmware-tanzucli/essentials:v1.0.0
tanzu plugin install --group vmware-tkg/default:v2.3.0
- name: Setup envs (CI ONLY)
run: |
tanzu config set env.AZURE_TENANT_ID ${AZURE_TENANT}
tanzu config set env.AZURE_CLIENT_ID ${AZURE_CLIENT_ID}
tanzu config set env.AZURE_SUBSCRIPTION_ID ${AZURE_SUBSCRIPTION_ID}
tanzu config set env.AZURE_SSH_PUBLIC_KEY_B64 ${AZURE_SSH_PUBLIC_KEY_B64}
tanzu config set env.AZURE_RESOURCE_GROUP ${AZURE_RESOURCE_GROUP}
tanzu config set env.AZURE_CLIENT_SECRET ${AZURE_CLIENT_SECRET}
- name: Setup AKS management cluster
run: |
tanzu management-cluster create -f management-cluster.yaml --timeout 30m --yes
kubectl config use-context nsm-tanzu-mg-admin@nsm-tanzu-mg
- name: Setup AKS worker cluster
run: |
tanzu cluster create --file worker-cluster.yaml --timeout 30m --yes || true
SKIP_MULTI_AZ_VERIFY=true tanzu cluster create --file $HOME/.config/tanzu/tkg/clusterconfigs/nsm-tanzu-worker.yaml --timeout 30m
tanzu cluster kubeconfig get nsm-tanzu-worker --admin
kubectl config use-context nsm-tanzu-worker-admin@nsm-tanzu-worker
- name: Setup go
uses: actions/setup-go@v5
with:
go-version: 1.23.1
- name: Run integration tests
run: |
go test -run TestRunBasicSuite -count 1 -timeout 30m -race -v -parallel 4
- name: Delete NSM tanzu workload cluster
if: ${{ always() }}
run: |
tanzu cluster delete nsm-tanzu-worker --yes
kubectl config use-context nsm-tanzu-mg-admin@nsm-tanzu-mg
kubectl wait --for=delete clusters/nsm-tanzu-worker --timeout=20m
- name: Delete NSM tanzu management cluster
if: ${{ always() }}
run: |
tanzu management-cluster delete --yes
- name: Upload logs
uses: actions/upload-artifact@v4
if: ${{ always() }}
with:
name: tanzu-logs-${{ github.run_number }}
path: logs