chore(deps): update docker.io/library/golang:1.21.11 docker digest to 2eb85b8 (v1.13) #29349
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Conformance Kind | |
# Any change in triggers needs to be reflected in the concurrency group. | |
on: | |
pull_request: | |
paths-ignore: | |
- 'Documentation/**' | |
- 'test/**' | |
push: | |
branches: | |
- v1.13 | |
- ft/v1.13/** | |
paths-ignore: | |
- 'Documentation/**' | |
- 'test/**' | |
permissions: read-all | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.event.after }} | |
cancel-in-progress: true | |
env: | |
kind_config: .github/kind-config.yaml | |
cilium_cli_version: v0.12.12 | |
jobs: | |
installation-and-connectivity: | |
name: Installation and Connectivity Test | |
runs-on: ubuntu-latest | |
timeout-minutes: 45 | |
steps: | |
- name: Checkout target branch to access local actions | |
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 | |
with: | |
ref: ${{ github.base_ref || github.ref }} | |
persist-credentials: false | |
- name: Set Environment Variables | |
uses: ./.github/actions/set-env-variables | |
- name: Set up job variables | |
id: vars | |
run: | | |
if [ ${{ github.event.pull_request }} ]; then | |
SHA=${{ github.event.pull_request.head.sha }} | |
else | |
SHA=${{ github.sha }} | |
fi | |
# Note: On Kind, we install Cilium with HostPort (portmap CNI chaining) enabled, | |
# to ensure coverage of that feature in cilium connectivity test | |
CILIUM_INSTALL_DEFAULTS="--chart-directory=install/kubernetes/cilium \ | |
--helm-set=image.repository=quay.io/${{ env.QUAY_ORGANIZATION_DEV }}/cilium-ci \ | |
--helm-set=image.useDigest=false \ | |
--helm-set=image.tag=${SHA} \ | |
--helm-set=operator.image.repository=quay.io/${{ env.QUAY_ORGANIZATION_DEV }}/operator \ | |
--helm-set=operator.image.suffix=-ci \ | |
--helm-set=operator.image.tag=${SHA} \ | |
--helm-set=operator.image.useDigest=false \ | |
--helm-set=clustermesh.apiserver.image.repository=quay.io/${{ env.QUAY_ORGANIZATION_DEV }}/clustermesh-apiserver-ci \ | |
--helm-set=clustermesh.apiserver.image.tag=${SHA} \ | |
--helm-set=clustermesh.apiserver.image.useDigest=false \ | |
--helm-set=hubble.relay.image.repository=quay.io/${{ env.QUAY_ORGANIZATION_DEV }}/hubble-relay-ci \ | |
--helm-set=hubble.relay.image.tag=${SHA} \ | |
--helm-set cni.chainingMode=portmap \ | |
--wait=false \ | |
--rollback=false \ | |
--config monitor-aggregation=none \ | |
--version=" | |
HUBBLE_ENABLE_DEFAULTS="--chart-directory=install/kubernetes/cilium \ | |
--relay-image=quay.io/${{ env.QUAY_ORGANIZATION_DEV }}/hubble-relay-ci:${SHA} \ | |
--relay-version=${SHA}" | |
CONNECTIVITY_TEST_DEFAULTS="--flow-validation=disabled --hubble=false --collect-sysdump-on-failure \ | |
--test '!/pod-to-world,!/pod-to-cidr'" | |
echo ::set-output name=cilium_install_defaults::${CILIUM_INSTALL_DEFAULTS} | |
echo ::set-output name=hubble_enable_defaults::${HUBBLE_ENABLE_DEFAULTS} | |
echo ::set-output name=connectivity_test_defaults::${CONNECTIVITY_TEST_DEFAULTS} | |
echo ::set-output name=sha::${SHA} | |
- name: Install Cilium CLI | |
run: | | |
curl -sSL --remote-name-all https://github.com/cilium/cilium-cli/releases/download/${{ env.cilium_cli_version }}/cilium-linux-amd64.tar.gz{,.sha256sum} | |
sha256sum --check cilium-linux-amd64.tar.gz.sha256sum | |
sudo tar xzvfC cilium-linux-amd64.tar.gz /usr/local/bin | |
rm cilium-linux-amd64.tar.gz{,.sha256sum} | |
cilium version | |
- name: Checkout code | |
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 | |
with: | |
ref: ${{ steps.vars.outputs.sha }} | |
persist-credentials: false | |
- name: Create kind cluster | |
uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0 | |
with: | |
version: ${{ env.KIND_VERSION }} | |
node_image: ${{ env.KIND_K8S_IMAGE }} | |
kubectl_version: ${{ env.KIND_K8S_VERSION }} | |
config: ${{ env.kind_config }} | |
- name: Wait for images to be available | |
timeout-minutes: 30 | |
shell: bash | |
run: | | |
for image in cilium-ci operator-generic-ci hubble-relay-ci ; do | |
until docker manifest inspect quay.io/${{ env.QUAY_ORGANIZATION_DEV }}/$image:${{ steps.vars.outputs.sha }} &> /dev/null; do sleep 45s; done | |
done | |
- name: Install Cilium | |
run: | | |
cilium install ${{ steps.vars.outputs.cilium_install_defaults }} | |
- name: Enable Relay | |
run: | | |
cilium hubble enable ${{ steps.vars.outputs.hubble_enable_defaults }} | |
- name: Port forward Relay | |
run: | | |
cilium hubble port-forward& | |
sleep 10s | |
[[ $(pgrep -f "cilium.*hubble.*port-forward|kubectl.*port-forward.*hubble-relay" | wc -l) == 2 ]] | |
- name: Run connectivity test | |
run: | | |
cilium connectivity test ${{ steps.vars.outputs.connectivity_test_defaults }} | |
- name: Clean up Cilium | |
run: | | |
pkill -f "cilium.*hubble.*port-forward|kubectl.*port-forward.*hubble-relay" | |
cilium uninstall --chart-directory=install/kubernetes/cilium --wait | |
- name: Install Cilium with encryption | |
run: | | |
cilium install ${{ steps.vars.outputs.cilium_install_defaults }} \ | |
--encryption=ipsec | |
- name: Enable Relay | |
run: | | |
cilium hubble enable ${{ steps.vars.outputs.hubble_enable_defaults }} | |
- name: Port forward Relay | |
run: | | |
cilium hubble port-forward& | |
sleep 10s | |
[[ $(pgrep -f "cilium.*hubble.*port-forward|kubectl.*port-forward.*hubble-relay" | wc -l) == 2 ]] | |
- name: Run connectivity test | |
run: | | |
cilium connectivity test ${{ steps.vars.outputs.connectivity_test_defaults }} --force-deploy | |
- name: Post-test information gathering | |
if: ${{ !success() }} | |
run: | | |
kubectl get pods --all-namespaces -o wide | |
cilium status | |
cilium sysdump --output-filename cilium-sysdump-final | |
shell: bash {0} # Disable default fail-fast behaviour so that all commands run independently | |
- name: Upload artifacts | |
if: ${{ !success() }} | |
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
with: | |
name: cilium-sysdumps | |
path: cilium-sysdump-*.zip | |
retention-days: 5 |