ci: LocalStack on Kubernetes — k3d cluster + Lambda pod executor test#12
Merged
Conversation
… executor) - Renames ls-k8s/ → ls-on-k8s/ - Adds .github/workflows/test-ls-on-k8s.yml: spins up a k3d cluster, deploys LocalStack via kubectl apply, runs Lambda integration tests, tears the cluster down; reads auth token from K8S_LOCALSTACK_AUTH_TOKEN secret - Adds k8s/localstack.yaml: ServiceAccount, Role, RoleBinding, Deployment, NodePort Service; auth token injected via optional k8s Secret - cluster-up.sh: creates k3d cluster, optional auth secret, kubectl apply, waits for health endpoint - Makefile: kubectl-based deploy-ls target; logs/logs-follow split to avoid CI hang from -f flag Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Init container: drop base64 (busybox compat issue), use certificate-authority file path + embedded token instead of certificate-authority-data - Add 'Debug LocalStack pod k8s setup' CI step that execs into the pod and prints KUBERNETES_*/KUBECONFIG env vars, /kube/config, and SA file listing Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…doesn't return None
…_config works natively)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
ls-k8s/→ls-on-k8s/to match the working-directory nameLOCALSTACK_AUTH_TOKENforwarding incluster-up.shvia Helm--set extraEnvVars(token read from env, no-op when unset).github/workflows/test-ls-on-k8s.ymlthat on every PR/push touchingls-on-k8s/**:ubuntu-latestmake cluster-up— creates a k3d cluster, deploys LocalStack via Helm withlambdaExecutor=kubernetesmake test— creates two Lambda functions and verifies (a) correct payload returned, (b) a new pod appears in the namespace on async invocationmake cluster-downalways runs (cleanup)Setup required
Add secret
LOCALSTACK_AUTH_TOKENin Settings → Secrets and variables → Actions.Test plan
workflow_dispatchafter adding the secret and confirm all steps pass🤖 Generated with Claude Code