chore: Generated commit to update templated files since the last template run up to stackabletech/operator-templating@12c9ee0 (#523)

stackable-bot · web-flow · commit 55847556584b · 2024-11-14T10:59:08.000Z
Reference-to: stackabletech/operator-templating@12c9ee0 (fix: include Rust components in operator SBOMs)
diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml
@@ -0,0 +1,114 @@
+---
+name: Integration Test
+run-name: |
+  Integration Test on ${{ inputs.test-platform }}-${{ inputs.test-architecture }} (${{ inputs.test-run == 'all' && 'all' || format('{0}={1}', inputs.test-run, inputs.test-parameter) }})
+
+env:
+  DEFAULT_TEST_PLATFORM: kind-1.31.0
+  DEFAULT_TEST_ARCHITECTURE: amd64
+  DEFAULT_TEST_RUN: all
+  DEFAULT_TEST_PARAMETER: "" # Unused when the test-run is 'all'
+  TEST_PLATFORM: ${{ inputs.test-platform }}
+  TEST_ARCHITECTURE: ${{ inputs.test-architecture }}
+  TEST_RUN: ${{ inputs.test-run }}
+  TEST_PARAMETER: ${{ inputs.test-parameter }}
+
+on:
+  # schedule:
+    # At 00:00 on Sunday. See: https://crontab.guru/#0_0_*_*_0
+    # - cron: "0 0 * * 0"
+  workflow_dispatch:
+    inputs:
+      test-platform:
+        description: |
+          The test platform to run on (kind doesn't support `arm64`)
+        required: true
+        type: choice
+        options:
+          - kind-1.31.0
+          - kind-1.30.3
+          - aks-1.29
+          - aks-1.28
+          - aks-1.27
+          - eks-1.29
+          - eks-1.28
+          - eks-1.27
+          - gke-1.29
+          - gke-1.28
+          - gke-1.27
+          - okd-4.15
+          - okd-4.14
+          - okd-4.13
+      test-architecture:
+        description: |
+          The architecture the tests will run on
+        required: true
+        type: choice
+        options:
+          - amd64
+          - arm64
+      test-run:
+        description: Type of test run
+        required: true
+        type: choice
+        options:
+          - all
+          - test-suite
+          - test
+      test-parameter:
+        description: Parameter to `--test-suite` or `--test` (ignored for `all`)
+        default: smoke
+
+jobs:
+  test:
+    name: Run Integration Test
+    runs-on: ubuntu-latest
+    steps:
+      - name: Override integration test options for scheduled run
+        if: github.event_name == 'schedule'
+        shell: bash
+        run: |
+          set -euo pipefail
+
+          echo "TEST_PLATFORM=$DEFAULT_TEST_PLATFORM" | tee -a "$GITHUB_ENV"
+          echo "TEST_ARCHITECTURE=$DEFAULT_TEST_ARCHITECTURE" | tee -a "$GITHUB_ENV"
+          echo "TEST_RUN=$DEFAULT_TEST_RUN" | tee -a "$GITHUB_ENV"
+          echo "TEST_PARAMETER=$DEFAULT_TEST_PARAMETER" | tee -a "$GITHUB_ENV"
+
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        with:
+          submodules: recursive
+
+      - name: Run Integration Test
+        id: test
+        uses: stackabletech/actions/run-integration-test@5b66858af3597c4ea34f9b33664b8034a1d28427 # v0.3.0
+        with:
+          test-platform: ${{ env.TEST_PLATFORM }}-${{ env.TEST_ARCHITECTURE }}
+          test-run: ${{ env.TEST_RUN }}
+          test-parameter: ${{ env.TEST_PARAMETER }}
+          replicated-api-token: ${{ secrets.REPLICATED_API_TOKEN }}
+
+      - name: Send Notification
+        if: ${{ failure() }}
+        env:
+          SLACK_BOT_TOKEN: ${{ secrets.SLACK_INTEGRATION_TEST_TOKEN }}
+        uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0
+        with:
+          channel-id: "C07UYJYSMSN" # notifications-integration-tests
+          payload: |
+              {
+                "text": "Integration Test *${{ github.repository }}* failed",
+                "attachments": [
+                  {
+                    "pretext": "Started at ${{ steps.test.outputs.start-time }}, failed at ${{ steps.test.outputs.end-time }}",
+                    "color": "#aa0000",
+                    "actions": [
+                      {
+                        "type": "button",
+                        "text": "Go to integration test run",
+                        "url": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
+                      }
+                    ]
+                  }
+                ]
+              }
diff --git a/.github/workflows/pr_pre-commit.yaml b/.github/workflows/pr_pre-commit.yaml
@@ -23,7 +23,7 @@ jobs:
         with:
           fetch-depth: 0
           submodules: recursive
-      - uses: stackabletech/actions/run-pre-commit@e8781161bc1eb037198098334cec6061fe24b6c3 # v0.0.2
+      - uses: stackabletech/actions/run-pre-commit@5b66858af3597c4ea34f9b33664b8034a1d28427 # v0.3.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
           rust: ${{ env.RUST_TOOLCHAIN_VERSION }}
diff --git a/Makefile b/Makefile
@@ -48,7 +48,7 @@ docker-publish:
 	# Uses the keyless signing flow with Github Actions as identity provider\
 	cosign sign -y "${DOCKER_REPO}/${ORGANIZATION}/${OPERATOR_NAME}@$$REPO_DIGEST_OF_IMAGE";\
 	# Generate the SBOM for the operator image, this leverages the already generated SBOM for the operator binary by cargo-cyclonedx\
-	syft scan --output cyclonedx-json=sbom.json --select-catalogers "-cargo-auditable-binary-cataloger" --scope all-layers --source-name "${OPERATOR_NAME}" --source-version "${VERSION}-${ARCH}" "${DOCKER_REPO}/${ORGANIZATION}/${OPERATOR_NAME}@$$REPO_DIGEST_OF_IMAGE";\
+	syft scan --output cyclonedx-json@1.5=sbom.json --select-catalogers "-cargo-auditable-binary-cataloger,+sbom-cataloger" --scope all-layers --source-name "${OPERATOR_NAME}" --source-version "${VERSION}-${ARCH}" "${DOCKER_REPO}/${ORGANIZATION}/${OPERATOR_NAME}@$$REPO_DIGEST_OF_IMAGE";\
 	# Determine the PURL for the container image\
 	URLENCODED_REPO_DIGEST_OF_IMAGE=$$(echo "$$REPO_DIGEST_OF_IMAGE" | sed 's/:/%3A/g');\
 	PURL="pkg:oci/${OPERATOR_NAME}@$$URLENCODED_REPO_DIGEST_OF_IMAGE?arch=${ARCH}&repository_url=${DOCKER_REPO}%2F${ORGANIZATION}%2F${OPERATOR_NAME}";\
@@ -74,7 +74,7 @@ docker-publish:
 	# Uses the keyless signing flow with Github Actions as identity provider\
 	cosign sign -y "${OCI_REGISTRY_HOSTNAME}/${OCI_REGISTRY_PROJECT_IMAGES}/${OPERATOR_NAME}@$$REPO_DIGEST_OF_IMAGE";\
 	# Generate the SBOM for the operator image, this leverages the already generated SBOM for the operator binary by cargo-cyclonedx\
-	syft scan --output cyclonedx-json=sbom.json --select-catalogers "-cargo-auditable-binary-cataloger" --scope all-layers --source-name "${OPERATOR_NAME}" --source-version "${VERSION}-${ARCH}" "${OCI_REGISTRY_HOSTNAME}/${OCI_REGISTRY_PROJECT_IMAGES}/${OPERATOR_NAME}@$$REPO_DIGEST_OF_IMAGE";\
+	syft scan --output cyclonedx-json@1.5=sbom.json --select-catalogers "-cargo-auditable-binary-cataloger,+sbom-cataloger" --scope all-layers --source-name "${OPERATOR_NAME}" --source-version "${VERSION}-${ARCH}" "${OCI_REGISTRY_HOSTNAME}/${OCI_REGISTRY_PROJECT_IMAGES}/${OPERATOR_NAME}@$$REPO_DIGEST_OF_IMAGE";\
 	# Determine the PURL for the container image\
 	URLENCODED_REPO_DIGEST_OF_IMAGE=$$(echo "$$REPO_DIGEST_OF_IMAGE" | sed 's/:/%3A/g');\
 	PURL="pkg:oci/${OPERATOR_NAME}@$$URLENCODED_REPO_DIGEST_OF_IMAGE?arch=${ARCH}&repository_url=${OCI_REGISTRY_HOSTNAME}%2F${OCI_REGISTRY_PROJECT_IMAGES}%2F${OPERATOR_NAME}";\
diff --git a/renovate.json b/renovate.json
@@ -3,5 +3,5 @@
   "extends": [
     "local>stackabletech/.github:renovate-config"
   ],
-  "ignorePaths": [".github/workflows/build.yml", ".github/workflows/general_daily_security.yml", ".github/workflows/pr_pre-commit.yaml"]
+  "ignorePaths": [".github/workflows/build.yml", ".github/workflows/general_daily_security.yml", ".github/workflows/integration-test.yml", ".github/workflows/pr_pre-commit.yaml"]
 }
diff --git a/scripts/run-tests b/scripts/run-tests
@@ -313,7 +313,7 @@ def maybe_install_release(skip_release: bool, release_file: str) -> None:
         raise TestRunnerException()
 
 
-def gen_tests(test_suite: str) -> None:
+def gen_tests(test_suite: str, namespace: str) -> None:
     try:
         beku_cmd = [
             "beku",
@@ -328,6 +328,8 @@ def gen_tests(test_suite: str) -> None:
         ]
         if test_suite:
             beku_cmd.extend(["--suite", test_suite])
+        if namespace:
+            beku_cmd.extend(["--namespace", namespace])
 
         logging.debug(f"Running : {beku_cmd}")
         subprocess.run(
@@ -386,7 +388,7 @@ def main(argv) -> int:
         opts = parse_args(argv[1:])
         logging.basicConfig(encoding="utf-8", level=opts.log_level)
         have_requirements()
-        gen_tests(opts.test_suite)
+        gen_tests(opts.test_suite, opts.namespace)
         with release_file(opts.operator, opts.skip_operator) as f:
             maybe_install_release(opts.skip_release, f)
         if opts.skip_tests:

Original file line number	Diff line number	Diff line change
`@@ -3,5 +3,5 @@`
`3`	`3`	`"extends": [`
`4`	`4`	`"local>stackabletech/.github:renovate-config"`
`5`	`5`	`],`
`6`		`- "ignorePaths": [".github/workflows/build.yml", ".github/workflows/general_daily_security.yml", ".github/workflows/pr_pre-commit.yaml"]`
	`6`	`+ "ignorePaths": [".github/workflows/build.yml", ".github/workflows/general_daily_security.yml", ".github/workflows/integration-test.yml", ".github/workflows/pr_pre-commit.yaml"]`
`7`	`7`	`}`