-
Notifications
You must be signed in to change notification settings - Fork 8
173 lines (159 loc) · 6.87 KB
/
ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
---
name: ci
on:
pull_request:
push:
branches:
- "release/**"
jobs:
yamllint:
uses: networkservicemesh/.github/.github/workflows/yamllint.yaml@main
shellcheck:
uses: networkservicemesh/.github/.github/workflows/shellcheck.yaml@main
golangci-lint:
uses: networkservicemesh/.github/.github/workflows/golangci-lint.yaml@main
exclude-fmt-errorf:
uses: networkservicemesh/.github/.github/workflows/exclude-fmt-errorf.yaml@main
checkgomod:
uses: networkservicemesh/.github/.github/workflows/checkgomod.yaml@main
interdomain:
runs-on: ubuntu-latest
env:
KUBERNETES_VERSION: ${{ secrets.NSM_KUBERNETES_VERSION }}
steps:
- name: Cancel Previous Runs
uses: styfle/cancel-workflow-action@0.12.1
with:
access_token: ${{ github.token }}
- name: Checkout files
uses: actions/checkout@v4
with:
path: ${{ github.repository }}
- name: Install azure-cli
uses: azure/CLI@v1
with:
inlineScript: |
az version
- name: Set up azure permissions
run: |
sudo chmod -R 777 ~/.azure
- uses: 'google-github-actions/auth@v2'
with:
project_id: ${{ secrets.GOOGLE_PROJECT_ID }}
credentials_json: ${{ secrets.GCLOUD_SERVICE_KEY }}
- name: Install gcloud-sdk
uses: google-github-actions/setup-gcloud@v2
- name: Set up /bin permissions
run: |
sudo chmod -R 777 /bin
- uses: actions/setup-go@v5
with:
go-version: 1.20.5
token: ${{ github.token }}
- name: setup env
run: |
echo GOPATH=$GITHUB_WORKSPACE >> $GITHUB_ENV
echo GO111MODULE=on >> $GITHUB_ENV
echo $GITHUB_WORKSPACE/bin >> $GITHUB_PATH
- name: Check out code
uses: actions/checkout@v4
with:
path: ${{ github.workspace }}/src/github.com/${{ github.repository }}
- name: Setup gke
run: |
scripts/gke/gke-start.sh
env:
GCLOUD_SERVICE_KEY: ${{ secrets.GCLOUD_SERVICE_KEY }}
GCLOUD_PROJECT_ID: ${{ secrets.GOOGLE_PROJECT_ID }}
GKE_PROJECT_ID: ${{ secrets.GOOGLE_PROJECT_ID }}
GKE_CLUSTER_NAME: gke-${{ github.run_id }}-${{ github.run_number }}
GKE_CLUSTER_ZONE: us-central1-a
GKE_CLUSTER_TYPE: n1-standard-2
GKE_CLUSTER_NUM_NODES: 1
K8S_VERSION: ${{ vars.NSM_KUBERNETES_VERSION }}
KUBECONFIG: /tmp/config1
USE_GKE_GCLOUD_AUTH_PLUGIN: true
working-directory: ${{ github.workspace }}/src/github.com/${{ github.repository }}
- name: Setup aws
run: |
scripts/aws/aws-start.sh
env:
KUBECONFIG: /tmp/config2
AWS_REGION: us-east-2
AWS_CLUSTER_NAME: aws-${{ github.run_id }}-${{ github.run_number }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
K8S_VERSION: ${{ vars.NSM_KUBERNETES_VERSION }}
working-directory: ${{ github.workspace }}/src/github.com/${{ github.repository }}
- name: Setup aks
run: |
az login --service-principal --username ${AZURE_SERVICE_PRINCIPAL} --password ${AZURE_SERVICE_PRINCIPAL_SECRET} --tenant ${AZURE_TENANT}
scripts/aks/aks-start.sh ${AZURE_RESOURCE_GROUP} ${AZURE_CLUSTER_NAME} ${AZURE_CREDENTIALS_PATH} ${KUBECONFIG} ${AKS_K8S_VERSION}
env:
KUBECONFIG: /tmp/config3
AZURE_RESOURCE_GROUP: nsm-ci
AZURE_CLUSTER_NAME: aks-${{ github.run_id }}-${{ github.run_number }}
AZURE_SERVICE_PRINCIPAL: ${{ secrets.AZURE_SERVICE_PRINCIPAL }}
AZURE_SERVICE_PRINCIPAL_SECRET: ${{ secrets.AZURE_SERVICE_PRINCIPAL_SECRET }}
AZURE_TENANT: ${{ secrets.AZURE_TENANT }}
K8S_VERSION: ${{ vars.NSM_KUBERNETES_VERSION }}
working-directory: ${{ github.workspace }}/src/github.com/${{ github.repository }}
- name: Run interdomain testing
run: |
kubectl version --kubeconfig=$KUBECONFIG1
kubectl version --kubeconfig=$KUBECONFIG2
kubectl version --kubeconfig=$KUBECONFIG3
go test -count 1 -timeout 2h -race -v ./... -parallel 4
env:
KUBECONFIG1: /tmp/config1
KUBECONFIG2: /tmp/config2
KUBECONFIG3: /tmp/config3
AZURE_SERVICE_PRINCIPAL: ${{ secrets.AZURE_SERVICE_PRINCIPAL }}
AZURE_SERVICE_PRINCIPAL_SECRET: ${{ secrets.AZURE_SERVICE_PRINCIPAL_SECRET }}
AZURE_TENANT: ${{ secrets.AZURE_TENANT }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_REGION: "us-west-2"
USE_GKE_GCLOUD_AUTH_PLUGIN: true
PACKET_AUTH_TOKEN: ${{ secrets.PACKET_AUTH_TOKEN }}
PACKET_PROJECT_ID: ${{ secrets.PACKET_PROJECT_ID }}
KUBERNETES_VERSION: ${{ secrets.NSM_KUBERNETES_VERSION }}
GCLOUD_SERVICE_KEY: ${{ secrets.GCLOUD_SERVICE_KEY }}
GCLOUD_PROJECT_ID: ${{ secrets.GOOGLE_PROJECT_ID }}
working-directory: ${{ github.workspace }}/src/github.com/${{ github.repository }}
- name: Cleanup GKE
if: ${{ always() }}
working-directory: ${{ github.workspace }}/src/github.com/${{ github.repository }}
run: |
gcloud container clusters delete "${GKE_CLUSTER_NAME}" --project="${GKE_PROJECT_ID}" --zone="${GKE_CLUSTER_ZONE}" -q
env:
GKE_PROJECT_ID: ${{ secrets.GOOGLE_PROJECT_ID }}
GKE_CLUSTER_NAME: gke-${{ github.run_id }}-${{ github.run_number }}
GKE_CLUSTER_ZONE: us-central1-a
- name: Cleanup AWS
if: ${{ always() }}
working-directory: ${{ github.workspace }}/src/github.com/${{ github.repository }}
run: |
scripts/aws/aws-destroy.sh
env:
AWS_REGION: us-east-2
AWS_CLUSTER_NAME: aws-${{ github.run_id }}-${{ github.run_number }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
- name: Cleanup AKS
if: ${{ always() }}
working-directory: ${{ github.workspace }}/src/github.com/${{ github.repository }}
run: |
scripts/aks/aks-destroy.sh ${AZURE_RESOURCE_GROUP} ${AZURE_CLUSTER_NAME}
env:
AZURE_CLUSTER_NAME: aks-${{ github.run_id }}-${{ github.run_number }}
AZURE_SERVICE_PRINCIPAL: ${{ secrets.AZURE_SERVICE_PRINCIPAL }}
AZURE_SERVICE_PRINCIPAL_SECRET: ${{ secrets.AZURE_SERVICE_PRINCIPAL_SECRET }}
AZURE_TENANT: ${{ secrets.AZURE_TENANT }}
AZURE_RESOURCE_GROUP: nsm-ci
- name: Upload logs
uses: actions/upload-artifact@v4
if: ${{ always() }}
with:
name: logs-${{ github.run_number }}
path: ${{ github.workspace }}/src/github.com/${{ github.repository }}/logs