Use uid 65534 and test against K8s 1.27.0 (#560) #464
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
pull_request: | |
branches: | |
- "*" | |
push: | |
branches: | |
- master | |
# Allows you to run this workflow manually from the Actions tab | |
workflow_dispatch: | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.head_ref || github.ref }} | |
cancel-in-progress: true | |
jobs: | |
build: | |
name: Build | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Set up Go 1.20 | |
uses: actions/setup-go@v1 | |
with: | |
go-version: '1.20' | |
id: go | |
- uses: actions/checkout@v1 | |
- name: Set up QEMU | |
id: qemu | |
uses: docker/setup-qemu-action@v1 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v1 | |
- name: Prepare Host | |
run: | | |
sudo apt-get -qq update || true | |
sudo apt-get install -y bzr | |
# install yq | |
curl -fsSL -o yq https://github.com/mikefarah/yq/releases/download/3.3.0/yq_linux_amd64 | |
chmod +x yq | |
sudo mv yq /usr/local/bin/yq | |
# install kubectl | |
curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.17.0/bin/linux/amd64/kubectl | |
chmod +x ./kubectl | |
sudo mv ./kubectl /usr/local/bin/kubectl | |
- name: Run checks | |
run: | | |
make ci | |
- name: Test Vulnerability | |
run: | | |
# https://go.dev/blog/vuln | |
GOBIN=/usr/local/bin go install golang.org/x/vuln/cmd/govulncheck@latest | |
govulncheck ./... | |
- name: Build | |
env: | |
REGISTRY: appscodeci | |
DOCKER_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
USERNAME: 1gtm | |
run: | | |
docker login --username ${USERNAME} --password ${DOCKER_TOKEN} | |
make push | |
- name: Install link checker | |
run: | | |
curl -fsSL -o liche https://github.com/appscodelabs/liche/releases/download/v0.1.0/liche-linux-amd64 | |
chmod +x liche | |
sudo mv liche /usr/local/bin/liche | |
- name: Check links | |
run: | | |
liche -r docs -d $(pwd) -c 10 -p -h -l -x '^(.*github.com.*|.*twitter.com.*)$' | |
kubernetes: | |
name: Kubernetes | |
runs-on: ubuntu-20.04 | |
needs: build | |
strategy: | |
matrix: | |
k8s: [v1.19.16, v1.20.15, v1.21.14, v1.22.17, v1.23.17, v1.24.12, v1.25.8, v1.26.3, v1.27.0] | |
steps: | |
- uses: actions/checkout@v1 | |
- name: Create Kubernetes ${{ matrix.k8s }} cluster | |
id: kind | |
uses: engineerd/setup-kind@v0.5.0 | |
with: | |
version: v0.17.0 | |
config: hack/kubernetes/kind.yaml | |
image: kindest/node:${{ matrix.k8s }} | |
- name: Prepare cluster for testing | |
id: local-path | |
env: | |
DOCKER_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
USERNAME: 1gtm | |
REGISTRY_SECRET: regcred | |
run: | | |
echo "waiting for nodes to be ready ..." | |
kubectl wait --for=condition=Ready nodes --all --timeout=5m | |
kubectl get nodes | |
echo | |
kubectl version | |
echo | |
echo "install helm 3" | |
curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash | |
echo | |
echo "create docker-registry secret" | |
kubectl create ns kubeops | |
kubectl create secret docker-registry ${REGISTRY_SECRET} --namespace=kubeops --docker-server=https://index.docker.io/v1/ --docker-username=${USERNAME} --docker-password=${DOCKER_TOKEN} | |
- name: Test charts | |
run: | | |
export KUBECONFIG="${HOME}/.kube/config" | |
make ct | |
- name: Run e2e tests | |
env: | |
REGISTRY: appscodeci | |
REGISTRY_SECRET: regcred | |
TEST_CREDENTIALS: ${{ secrets.TEST_CREDENTIALS }} | |
GOOGLE_SERVICE_ACCOUNT_JSON_KEY: ${{ secrets.GOOGLE_SERVICE_ACCOUNT_JSON_KEY }} | |
run: | | |
echo "preparing test credentials" | |
mkdir -p hack/config | |
echo -n "$TEST_CREDENTIALS" > hack/config/.env | |
echo >> hack/config/.env | |
echo "GOOGLE_SERVICE_ACCOUNT_JSON_KEY=$(echo $GOOGLE_SERVICE_ACCOUNT_JSON_KEY)" >> hack/config/.env | |
make install || ( kubectl describe deployment -n kubeops config-syncer; kubectl logs -n kubeops deployment/config-syncer; exit 1; ) | |
echo | |
make e2e-tests |