-
Notifications
You must be signed in to change notification settings - Fork 82
/
pr.yaml
165 lines (162 loc) · 4.92 KB
/
pr.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
trigger: none
pr:
branches:
include:
- main
- release-*
paths:
exclude:
- docs
- README.md
- .github
- examples/*
include:
- '*'
- examples/msal-go/*
pool: staging-pool-amd64-mariner-2
jobs:
- job: scan_images
timeoutInMinutes: 30
workspace:
clean: all
steps:
- template: templates/scan-images.yaml
- job: lint
timeoutInMinutes: 30
workspace:
clean: all
steps:
- script: make lint
displayName: golangci-lint
- script: make helm-lint
displayName: helm lint
- script: |
go mod tidy
if ! git diff --exit-code go.mod go.sum; then
echo "go.mod/go.sum is not up to date. Please run 'go mod tidy'"
exit 1
fi
displayName: go mod tidy
- script: |
make manifests
if ! git diff --exit-code manifest_staging/; then
echo "manifest_staging/ is not up to date. Please run 'make manifests'"
exit 1
fi
displayName: make manifests
- job: unit_test
timeoutInMinutes: 30
workspace:
clean: all
steps:
- script: make test
displayName: Unit test
- job: shellcheck
timeoutInMinutes: 5
workspace:
clean: all
steps:
- script: make shellcheck
displayName: shellcheck
- job:
timeoutInMinutes: 60
dependsOn:
- lint
- scan_images
- shellcheck
workspace:
clean: all
variables:
# contains the following environment variables:
# - APPLICATION_CLIENT_ID
# - AZURE_TENANT_ID
# - KEYVAULT_URL
# - KEYVAULT_SECRET_NAME
# - SERVICE_ACCOUNT_ISSUER
# - SERVICE_ACCOUNT_KEYVAULT_NAME
- group: e2e-environment-variables
strategy:
matrix:
aks_windows_dockershim:
REGISTRY: upstream.azurecr.io/azure-workload-identity
WINDOWS_CLUSTER: "true"
GINKGO_SKIP: \[AKSSoakOnly\]
aks_windows_containerd:
REGISTRY: upstream.azurecr.io/azure-workload-identity
WINDOWS_CLUSTER: "true"
WINDOWS_CONTAINERD: "true"
GINKGO_SKIP: \[AKSSoakOnly\]
aks_linux:
REGISTRY: upstream.azurecr.io/azure-workload-identity
GINKGO_SKIP: \[AKSSoakOnly\]
steps:
- script: echo "##vso[task.setvariable variable=CLUSTER_NAME]azwi-e2e-$(openssl rand -hex 2)"
displayName: Set CLUSTER_NAME
condition: ne(variables.LOCAL_ONLY, 'true')
- script: make test-e2e
displayName: Webhook E2E test suite
env:
APPLICATION_CLIENT_ID: $(APPLICATION_CLIENT_ID)
AZURE_TENANT_ID: $(AZURE_TENANT_ID)
KEYVAULT_URL: $(KEYVAULT_URL)
KEYVAULT_SECRET_NAME: $(KEYVAULT_SECRET_NAME)
SERVICE_ACCOUNT_ISSUER: $(SERVICE_ACCOUNT_ISSUER)
SERVICE_ACCOUNT_KEYVAULT_NAME: $(SERVICE_ACCOUNT_KEYVAULT_NAME)
- script: az group delete --name "${CLUSTER_NAME}" --yes --no-wait || true
displayName: Cleanup
condition: ne(variables.LOCAL_ONLY, 'true')
- template: templates/publish-logs.yaml
- job:
timeoutInMinutes: 60
# using the tmp pool as a workaround for the kind cluster creation issue.
pool: tmp-staging-pool-amd64-mariner-2
dependsOn:
- lint
- scan_images
- shellcheck
workspace:
clean: all
variables:
# contains the following environment variables:
# - APPLICATION_CLIENT_ID
# - AZURE_TENANT_ID
# - KEYVAULT_URL
# - KEYVAULT_SECRET_NAME
# - SERVICE_ACCOUNT_ISSUER
# - SERVICE_ACCOUNT_KEYVAULT_NAME
- group: e2e-environment-variables
strategy:
matrix:
kind_v1_26_14:
KIND_NODE_VERSION: v1.26.14
LOCAL_ONLY: "true"
TEST_HELM_CHART: "true"
kind_v1_27_11:
KIND_NODE_VERSION: v1.27.11
LOCAL_ONLY: "true"
TEST_HELM_CHART: "true"
kind_v1_28_7:
KIND_NODE_VERSION: v1.28.7
LOCAL_ONLY: "true"
TEST_HELM_CHART: "true"
kind_v1_29_2:
KIND_NODE_VERSION: v1.29.2
LOCAL_ONLY: "true"
TEST_HELM_CHART: "true"
steps:
- script: echo "##vso[task.setvariable variable=CLUSTER_NAME]azwi-e2e-$(openssl rand -hex 2)"
displayName: Set CLUSTER_NAME
condition: ne(variables.LOCAL_ONLY, 'true')
- script: make test-e2e
displayName: Webhook E2E test suite
env:
APPLICATION_CLIENT_ID: $(APPLICATION_CLIENT_ID)
AZURE_TENANT_ID: $(AZURE_TENANT_ID)
KEYVAULT_URL: $(KEYVAULT_URL)
KEYVAULT_SECRET_NAME: $(KEYVAULT_SECRET_NAME)
SERVICE_ACCOUNT_ISSUER: $(SERVICE_ACCOUNT_ISSUER)
SERVICE_ACCOUNT_KEYVAULT_NAME: $(SERVICE_ACCOUNT_KEYVAULT_NAME)
- script: az group delete --name "${CLUSTER_NAME}" --yes --no-wait || true
displayName: Cleanup
condition: ne(variables.LOCAL_ONLY, 'true')
- template: templates/publish-logs.yaml