remove helm hooks (#21) #153
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build, test and publish | |
| on: | |
| push: | |
| branches: [ "**" ] | |
| tags: [ "v*.*.*" ] | |
| workflow_dispatch: | |
| inputs: | |
| go-version: | |
| default: "1.17" | |
| description: 'Go version' | |
| required: true | |
| jobs: | |
| changes: | |
| if: ${{ github.repository == 'danfromtitan/envars-from-node-labels' }} | |
| runs-on: ubuntu-latest | |
| outputs: | |
| build: ${{ steps.filter.outputs.build }} | |
| chart: ${{ steps.filter.outputs.chart }} | |
| test: ${{ steps.filter.outputs.test }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: dorny/paths-filter@v2 | |
| id: filter | |
| with: | |
| base: ${{ github.ref }} | |
| filters: | | |
| build: | |
| - 'cmd/envars-webhook/*' | |
| - 'Dockerfile' | |
| - 'go.mod' | |
| - 'Makefile' | |
| chart: | |
| - 'charts/envars-webhook/**/*' | |
| test: | |
| - '.github/**/*' | |
| - 'test/*' | |
| build: | |
| needs: changes | |
| if: | | |
| (github.repository == 'danfromtitan/envars-from-node-labels') && | |
| (needs.changes.outputs.build == 'true') | |
| runs-on: ubuntu-latest | |
| outputs: | |
| image-tag: ${{ steps.image-output.outputs.image-tag }} | |
| image-name: ${{ steps.image-output.outputs.image-name }} | |
| image-digest: ${{ steps.image-output.outputs.image-digest }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/setup-go@v3 | |
| with: | |
| go-version: ${{ github.event.inputs.go-version }} | |
| - uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/go/pkg/mod | |
| ~/.cache/go-build | |
| key: ${{ runner.os }}-go-${{ github.event.inputs.go-version }}-${{ hashFiles('**/go.sum') }} | |
| restore-keys: ${{ runner.os }}-go-${{ github.event.inputs.go-version }}- | |
| - run: make envars-webhook | |
| - id: docker-tags | |
| uses: docker/metadata-action@v4 | |
| with: | |
| images: | | |
| ghcr.io/danfromtitan/envars-from-node-labels | |
| tags: | | |
| type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'master') }} | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=semver,pattern={{major}} | |
| type=sha,prefix=${{ github.ref_name }}- | |
| - uses: docker/setup-buildx-action@v2 | |
| id: buildx | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - uses: docker/build-push-action@v3 | |
| id: docker-build | |
| with: | |
| context: ./ | |
| platforms: linux/amd64 | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.docker-tags.outputs.tags }} | |
| labels: ${{ steps.docker-tags.outputs.labels }} | |
| - id: image-output | |
| run: | | |
| echo image-tag=$(echo '${{ steps.docker-build.outputs.metadata }}' | jq -r '."image.name" | split(",")[-1] | split(":")[-1]') >>$GITHUB_OUTPUT | |
| echo image-name=$(echo '${{ steps.docker-build.outputs.metadata }}' | jq -r '."image.name"') >>$GITHUB_OUTPUT | |
| echo image-digest=${{ steps.docker-build.outputs.digest }} >>$GITHUB_OUTPUT | |
| chart: | |
| needs: changes | |
| if: | | |
| (github.repository == 'danfromtitan/envars-from-node-labels') && | |
| (needs.changes.outputs.chart == 'true') | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: configure git | |
| run: | | |
| git config --global user.name "$GITHUB_ACTOR" | |
| git config --global user.email "$GITHUB_ACTOR@users.noreply.github.com" | |
| - name: lint helm chart | |
| run: | | |
| helm lint ./charts/envars-webhook | |
| - uses: helm/chart-releaser-action@v1.4.0 | |
| with: | |
| charts_dir: charts | |
| env: | |
| CR_RELEASE_NAME_TEMPLATE: "helm-chart-{{ .Version }}" | |
| CR_SKIP_EXISTING: "true" | |
| CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
| test: | |
| needs: [build, changes, chart] | |
| if: | | |
| always() && | |
| (github.repository == 'danfromtitan/envars-from-node-labels') && | |
| (needs.changes.outputs.build == 'true' || needs.changes.outputs.chart == 'true' || needs.changes.outputs.test == 'true') | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: medyagh/setup-minikube@master | |
| id: minikube | |
| with: | |
| minikube-version: 1.23.2 | |
| driver: docker | |
| container-runtime: containerd | |
| kubernetes-version: v1.22.10 | |
| - uses: actions/checkout@v3 | |
| - name: setup helm | |
| run: | | |
| curl -s https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash | |
| helm repo add envars-webhook https://danfromtitan.github.io/envars-from-node-labels/ | |
| helm repo update | |
| helm search repo envars-webhook -l | |
| - name: deploy webhook | |
| timeout-minutes: 2 | |
| env: | |
| NAMESPACE: webtest | |
| run: | | |
| IMAGE_TAG=latest | |
| [[ "${{contains(needs.build.result, 'success') }}" == "true" ]] && IMAGE_TAG=${{ needs.build.outputs.image-tag }} | |
| helm install -n $NAMESPACE --create-namespace envars-webhook envars-webhook/envars-webhook --set image.tag="$IMAGE_TAG" \ | |
| --set webhook.containersAllowed.ingester=true,webhook.containersAllowed.prober=true,webhook.containersAllowed.store-gateway=true | |
| until kubectl get pods -n $NAMESPACE | grep "Running" > /dev/null; do | |
| kubectl get pods -n $NAMESPACE | tail -n +2 | |
| sleep 1 | |
| done | |
| - name: stage samples | |
| run: | | |
| make sample | |
| - name: verify pod-allowed | |
| timeout-minutes: 2 | |
| env: | |
| NAMESPACE: samples | |
| run: | | |
| kubectl apply -f test/pod-allowed.yaml | |
| until kubectl get pods -n $NAMESPACE | grep "pod-allowed" | grep "Completed" > /dev/null; do sleep 1; done | |
| kubectl logs -n $NAMESPACE pod-allowed | grep "NODE_MINIKUBE_K8S_IO_NAME" > /dev/null | |
| - name: verify pod-excluded | |
| timeout-minutes: 2 | |
| env: | |
| NAMESPACE: samples | |
| run: | | |
| kubectl apply -f test/pod-excluded.yaml | |
| until kubectl get pods -n $NAMESPACE | grep "pod-excluded" | grep "Completed" > /dev/null; do sleep 1; done | |
| kubectl logs -n $NAMESPACE pod-excluded | grep -v "NODE_MINIKUBE_K8S_IO_NAME" > /dev/null | |
| - name: verify pod-mixed | |
| timeout-minutes: 2 | |
| env: | |
| NAMESPACE: samples | |
| run: | | |
| kubectl apply -f test/pod-mixed.yaml | |
| until kubectl get pods -n $NAMESPACE | grep "pod-mixed" | grep "Completed" > /dev/null; do sleep 1; done | |
| kubectl logs -n $NAMESPACE pod-mixed ingester | grep "NODE_MINIKUBE_K8S_IO_NAME" > /dev/null | |
| kubectl logs -n $NAMESPACE pod-mixed store-gateway | grep "NODE_MINIKUBE_K8S_IO_NAME" > /dev/null | |
| kubectl logs -n $NAMESPACE pod-mixed compactor | grep -v "NODE_MINIKUBE_K8S_IO_NAME" > /dev/null | |
| - name: verify deployment | |
| timeout-minutes: 2 | |
| env: | |
| NAMESPACE: samples | |
| run: | | |
| kubectl apply -f test/deployment.yaml | |
| until [[ $(kubectl get pods -n $NAMESPACE | grep "deployment" | grep "Running" | wc -l) == "2" ]]; do sleep 1; done | |
| for POD in $(kubectl get pods -n $NAMESPACE | grep "deployment" | awk '{print $1}'); do | |
| kubectl logs -n $NAMESPACE $POD prober | grep "NODE_MINIKUBE_K8S_IO_NAME" | |
| kubectl exec -n $NAMESPACE $POD -c ingester -- env | grep "NODE_MINIKUBE_K8S_IO_NAME" | |
| done | |
| - name: verify statefulset | |
| timeout-minutes: 2 | |
| env: | |
| NAMESPACE: samples | |
| run: | | |
| kubectl apply -f test/statefulset.yaml | |
| until [[ $(kubectl get pods -n $NAMESPACE | grep "statefulset" | grep "Running" | wc -l) == "2" ]]; do sleep 1; done | |
| for POD in $(kubectl get pods -n $NAMESPACE | grep "statefulset" | awk '{print $1}'); do | |
| kubectl logs -n $NAMESPACE $POD prober | grep "NODE_MINIKUBE_K8S_IO_NAME" | |
| kubectl exec -n $NAMESPACE $POD -c store-gateway -- env | grep "NODE_MINIKUBE_K8S_IO_NAME" | |
| done |