diff --git a/.github/workflows/_build.yaml b/.github/workflows/_build.yaml new file mode 100644 index 000000000000..7b3d1dfd87d1 --- /dev/null +++ b/.github/workflows/_build.yaml @@ -0,0 +1,92 @@ +on: + workflow_call: + inputs: + FULL_MATRIX: + required: true + type: string + BINARY_ARTIFACT_NAME: + required: true + type: string + IMAGE_ARTIFACT_NAME: + required: true + type: string + outputs: + IMAGE_MANIFESTS: + value: ${{ jobs.build.outputs.IMAGE_MANIFESTS }} +permissions: + contents: read +env: + CI_TOOLS_DIR: "/home/runner/work/kuma/kuma/.ci_tools" + FULL_MATRIX: ${{ inputs.FULL_MATRIX }} +jobs: + build: + runs-on: ubuntu-latest + outputs: + IMAGE_MANIFESTS: ${{ steps.image_manifests.outputs.manifests }} + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + fetch-depth: 0 + + - name: "Add matrix to .build/info to cache" + run: | + make build/info/short > .build-info + - name: Install dependencies for cross builds + run: | + sudo apt-get update; sudo apt-get install -y qemu-user-static binfmt-support + - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 + with: + go-version-file: go.mod + cache-dependency-path: | + .build-info + go.sum + - uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 + with: + path: | + ${{ env.CI_TOOLS_DIR }} + key: ${{ runner.os }}-${{ runner.arch }}-devtools-${{ hashFiles('mk/dependencies/deps.lock') }} + restore-keys: | + ${{ runner.os }}-${{ runner.arch }}-devtools + - name: Free up disk space for the Runner + run: | + echo "Disk usage before cleanup" + sudo df -h + echo "Removing big directories" + sudo rm -rf /usr/share/dotnet /usr/local/lib/android /opt/ghc + echo "Removing images" + docker system prune --all -f + echo "Disk usage after cleanup" + sudo df -h + - run: | + make build + - run: | + make -j build/distributions + - run: | + make -j images + - run: | + make -j docker/save + - name: Run container structure test + if: ${{ !contains(github.event.pull_request.labels.*.name, 'ci/skip-container-structure-test') && !contains(github.event.pull_request.labels.*.name, 'ci/skip-test') }} + run: | + make test/container-structure + - name: Inspect created tars + run: | + for i in build/distributions/out/*.tar.gz; do echo $i; tar -tvf $i; done + - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 + id: binary-artifacts + with: + name: ${{ inputs.BINARY_ARTIFACT_NAME }} + path: | + ./build/distributions/out/*.tar.gz + ./build/distributions/out/artifact_digest_file.text + - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 + id: image-artifacts + with: + name: ${{ inputs.IMAGE_ARTIFACT_NAME }} + path: | + ./build/docker/*.tar + - id: image_manifests + run: | + MANIFESTS=$(make manifests/json/release) + echo "Image manifests: ${MANIFESTS}" + echo "manifests=${MANIFESTS}" >> $GITHUB_OUTPUT diff --git a/.github/workflows/e2e.yaml b/.github/workflows/_e2e.yaml similarity index 97% rename from .github/workflows/e2e.yaml rename to .github/workflows/_e2e.yaml index 117ad5573b0d..b4502c22333e 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/_e2e.yaml @@ -8,19 +8,17 @@ on: type: string required: false default: '{"amd64": "ubuntu-latest", "arm64": "circleci"}' - secrets: - circleCIToken: - required: true permissions: contents: read env: + CI_TOOLS_DIR: "/home/runner/work/kuma/kuma/.ci_tools" E2E_PARAM_K8S_VERSION: ${{ fromJSON(inputs.matrix).k8sVersion }} E2E_PARAM_CNI_NETWORK_PLUGIN: ${{ fromJSON(inputs.matrix).cniNetworkPlugin }} E2E_PARAM_ARCH: ${{ fromJSON(inputs.matrix).arch }} E2E_PARAM_SIDECAR_CONTAINERS: ${{ fromJSON(inputs.matrix).sidecarContainers }} E2E_PARAM_TARGET: ${{ fromJSON(inputs.matrix).target }} E2E_PARAM_PARALLELISM: ${{ fromJSON(inputs.matrix).parallelism }} - CI_TOOLS_DIR: /home/runner/work/kuma/kuma/.ci_tools + E2E_RUN_NAME: ${{ fromJSON(inputs.matrix).target }}_${{ fromJSON(inputs.matrix).k8sVersion }}_${{ fromJSON(inputs.matrix).cniNetworkPlugin }}_${{ fromJSON(inputs.matrix).arch }}_${{ fromJSON(inputs.matrix).parallelism }} jobs: e2e: timeout-minutes: 60 @@ -179,7 +177,7 @@ jobs: URL: $CIRCLE_CI_API_PATH BODY: ${{ steps.circleci-gen-params.outputs.result }}" - if [ "${{ secrets.circleCIToken }}" == "" ]; then + if [ "${{ secrets.CIRCLECI_TOKEN }}" == "" ]; then echo "Skipping request CircleCI because secret 'CIRCLECI_TOKEN' not set." exit 0 fi diff --git a/.github/workflows/_publish.yaml b/.github/workflows/_publish.yaml new file mode 100644 index 000000000000..06b120450bf9 --- /dev/null +++ b/.github/workflows/_publish.yaml @@ -0,0 +1,128 @@ +on: + workflow_call: + inputs: + FULL_MATRIX: + required: true + type: string + ALLOW_PUSH: + required: true + type: string + IMAGE_ARTIFACT_NAME: + required: true + type: string + BINARY_ARTIFACT_NAME: + required: true + type: string +env: + GH_OWNER: ${{ github.repository_owner }} + GH_USER: "github-actions[bot]" + GH_EMAIL: "<41898282+github-actions[bot]@users.noreply.github.com>" + GH_REPO: "charts" +jobs: + publish: + runs-on: ubuntu-latest + timeout-minutes: 40 + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + fetch-depth: 0 + - name: "Add matrix to .build/info to cache" + run: | + make build/info/short > .build-info + - name: Install dependencies for cross builds + run: | + sudo apt-get update; sudo apt-get install -y qemu-user-static binfmt-support + - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 + with: + go-version-file: go.mod + cache-dependency-path: | + .build-info + go.sum + - uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 + with: + path: | + ${{ env.CI_TOOLS_DIR }} + key: ${{ runner.os }}-${{ runner.arch }}-devtools-${{ hashFiles('mk/dependencies/deps.lock') }} + restore-keys: | + ${{ runner.os }}-${{ runner.arch }}-devtools + - run: | + make dev/tools + - name: Free up disk space for the Runner + run: | + echo "Disk usage before cleanup" + sudo df -h + echo "Removing big directories" + sudo rm -rf /usr/share/dotnet /usr/local/lib/android /opt/ghc + echo "Removing images" + docker system prune --all -f + echo "Disk usage after cleanup" + sudo df -h + - run: | + make build + - run: | + make -j build/distributions + - run: | + make -j images + - run: | + make -j docker/save + - name: Publish distributions to Pulp + env: + PULP_USERNAME: ${{ vars.PULP_USERNAME }} + PULP_PASSWORD: ${{ secrets.PULP_PASSWORD }} + CLOUDSMITH_API_KEY: ${{ secrets.CLOUDSMITH_API_KEY }} + run: | + make publish/pulp + - name: Publish images + env: + DOCKER_API_KEY: ${{ secrets.DOCKER_API_KEY }} + DOCKER_USERNAME: ${{ vars.DOCKER_USERNAME }} + run: |- + make docker/login + # ensure we always logout + function on_exit() { + make docker/logout + } + trap on_exit EXIT + make docker/push + make docker/manifest + - name: package-helm-chart + id: package-helm + env: + HELM_DEV: ${{ !startsWith(github.event.ref, 'refs/tags/') }} + run: | + make helm/update-version + + git config user.name "${GH_USER}" + git config user.email "${GH_EMAIL}" + git add -u deployments/charts + # This commit never ends up in the repo + git commit --allow-empty -m "ci(helm): update versions" + # To get an idea of what's in the commit to debug + git show + + make helm/package + PKG_FILENAME=$(find .cr-release-packages -type f -printf "%f\n") + echo "filename=${PKG_FILENAME}" >> $GITHUB_OUTPUT + - name: Upload packaged chart + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 + with: + name: ${{ steps.package-helm.outputs.filename }} + path: .cr-release-packages/${{ steps.package-helm.outputs.filename }} + retention-days: ${{ github.event_name == 'pull_request' && 1 || 30 }} + # Everything from here is only running on releases. + # Ideally we'd finish the workflow early, but this isn't possible: https://github.com/actions/runner/issues/662 + - name: Generate GitHub app token + id: github-app-token + if: ${{ github.ref_type == 'tag' }} + uses: actions/create-github-app-token@f4c6bf6752984b3a29fcc135a5e70eb792c40c6b # v1.8.0 + with: + app-id: ${{ secrets.APP_ID }} + private-key: ${{ secrets.APP_PRIVATE_KEY }} + owner: ${{ github.repository_owner }} + repositories: ${{ env.GH_REPO }} + - name: Release chart + if: ${{ github.ref_type == 'tag' }} + env: + GITHUB_APP: "true" + GH_TOKEN: ${{ steps.github-app-token.outputs.token }} + run: make helm/release diff --git a/.github/workflows/_test.yaml b/.github/workflows/_test.yaml new file mode 100644 index 000000000000..342d26c4d1fc --- /dev/null +++ b/.github/workflows/_test.yaml @@ -0,0 +1,113 @@ +on: + workflow_call: + inputs: + FULL_MATRIX: + required: true + type: string +permissions: + contents: read +env: + CI_TOOLS_DIR: "/home/runner/work/kuma/kuma/.ci_tools" + # This is automatically managed by CI + K8S_MIN_VERSION: v1.23.17-k3s1 + K8S_MAX_VERSION: v1.29.1-k3s2 +jobs: + test_unit: + timeout-minutes: 20 + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + fetch-depth: 0 + - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 + with: + go-version-file: go.mod + - uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 + with: + path: | + ${{ env.CI_TOOLS_DIR }} + key: ${{ runner.os }}-${{ runner.arch }}-devtools-${{ hashFiles('mk/dependencies/deps.lock') }} + restore-keys: | + ${{ runner.os }}-${{ runner.arch }}-devtools + - run: | + make dev/tools + - run: | + make test + gen_e2e_matrix: + timeout-minutes: 2 + runs-on: ubuntu-latest + if: ${{ !contains(github.event.pull_request.labels.*.name, 'ci/skip-e2e-test') }} + outputs: + matrix: ${{ steps.generate-matrix.outputs.matrix }} + steps: + - id: generate-matrix + name: Generate matrix + env: + BASE_MATRIX: |- + { + "test_e2e": { + "target": [""], + "k8sVersion": ["kindIpv6", "${{ env.K8S_MIN_VERSION }}", "${{ env.K8S_MAX_VERSION }}"], + "arch": ["amd64"], + "parallelism": [4], + "cniNetworkPlugin": ["flannel"], + "sidecarContainers": [""] + }, + "test_e2e_env": { + "target": ["kubernetes", "universal", "multizone"], + "k8sVersion": ["kind", "kindIpv6", "${{ env.K8S_MIN_VERSION }}", "${{ env.K8S_MAX_VERSION }}"], + "arch": ["amd64"], + "parallelism": [1], + "cniNetworkPlugin": ["flannel"], + "sidecarContainers": [""], + "exclude":[ + {"target": "kubernetes", "k8sVersion":"kind"}, + {"target": "multizone", "k8sVersion":"kind"}, + {"target":"universal", "k8sVersion":"${{ env.K8S_MIN_VERSION }}"}, + {"target":"universal", "k8sVersion":"${{ env.K8S_MAX_VERSION }}"} + ], + "include":[ + {"sidecarContainers": "sidecarContainers", "k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "kubernetes", "arch": "amd64"}, + {"k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "multizone", "arch": "arm64"}, + {"k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "kubernetes", "arch": "arm64"}, + {"k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "universal", "arch": "arm64"}, + {"k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "gatewayapi", "arch": "amd64"}, + {"cniNetworkPlugin": "calico", "k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "multizone", "arch": "amd64"} + ] + } + } + # You can modify the include to run one of test suites on PRs (though you'd need to then remove it) + OVERRIDE_JQ_CMD: |- + .test_e2e = false + | .test_e2e_env.include = [] + | .test_e2e_env.exclude += [{"arch": "arm64"}, {"k8sVersion": "kindIpv6"}, {"k8sVersion": "${{ inputs.K8S_MIN_VERSION}}"}] + run: |- + BASE_MATRIX_ALL='${{ env.BASE_MATRIX }}' + if [[ "${{ inputs.FULL_MATRIX }}" != "true" ]]; then + BASE_MATRIX_ALL=$(echo $BASE_MATRIX_ALL | jq -r '${{ env.OVERRIDE_JQ_CMD }}') + fi + + echo "final matrix: $BASE_MATRIX_ALL" + echo "matrix<> $GITHUB_OUTPUT + echo "$BASE_MATRIX_ALL" >> $GITHUB_OUTPUT + echo "EOF" >> $GITHUB_OUTPUT + test_e2e: + needs: ["gen_e2e_matrix"] + if: fromJSON(needs.gen_e2e_matrix.outputs.matrix).test_e2e + strategy: + matrix: ${{ fromJSON(needs.gen_e2e_matrix.outputs.matrix).test_e2e }} + fail-fast: false + uses: ./.github/workflows/_e2e.yaml + with: + matrix: ${{ toJSON(matrix) }} + secrets: inherit + test_e2e_env: + needs: ["gen_e2e_matrix"] + if: fromJSON(needs.gen_e2e_matrix.outputs.matrix).test_e2e_env + strategy: + matrix: ${{ fromJSON(needs.gen_e2e_matrix.outputs.matrix).test_e2e_env }} + fail-fast: false + uses: ./.github/workflows/_e2e.yaml + with: + matrix: ${{ toJSON(matrix) }} + secrets: inherit diff --git a/.github/workflows/build-test-distribute.yaml b/.github/workflows/build-test-distribute.yaml index 5ffc9d0c4d80..ff07cd711f81 100644 --- a/.github/workflows/build-test-distribute.yaml +++ b/.github/workflows/build-test-distribute.yaml @@ -11,21 +11,15 @@ concurrency: permissions: contents: read env: - # This is automatically managed by CI - K8S_MIN_VERSION: v1.23.17-k3s1 - K8S_MAX_VERSION: v1.29.1-k3s2 - GH_OWNER: ${{ github.repository_owner }} KUMA_DIR: "." - CI_TOOLS_DIR: /home/runner/work/kuma/kuma/.ci_tools - FULL_MATRIX: ${{ github.event_name == 'push' || contains(github.event.pull_request.labels.*.name, 'ci/run-full-matrix') }} - ALLOW_PUSH: ${{ github.event_name == 'push' || contains(github.event.pull_request.labels.*.name, 'ci/force-publish') }} - GH_USER: "github-actions[bot]" - GH_EMAIL: "<41898282+github-actions[bot]@users.noreply.github.com>" - GH_REPO: "charts" + CI_TOOLS_DIR: "/home/runner/work/kuma/kuma/.ci_tools" jobs: check: timeout-minutes: 15 runs-on: ubuntu-latest + outputs: + FULL_MATRIX: ${{ github.event_name == 'push' || contains(github.event.pull_request.labels.*.name, 'ci/run-full-matrix') }} + ALLOW_PUSH: ${{ github.event_name == 'push' || contains(github.event.pull_request.labels.*.name, 'ci/force-publish') }} steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: @@ -53,30 +47,32 @@ jobs: - run: | make check test: - timeout-minutes: 20 - runs-on: ubuntu-latest + needs: ["check"] if: ${{ ! contains(github.event.pull_request.labels.*.name, 'ci/skip-test') }} - steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - with: - fetch-depth: 0 - - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 - with: - go-version-file: go.mod - - uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 - with: - path: | - ${{ env.CI_TOOLS_DIR }} - key: ${{ runner.os }}-${{ runner.arch }}-devtools-${{ hashFiles('mk/dependencies/deps.lock') }} - restore-keys: | - ${{ runner.os }}-${{ runner.arch }}-devtools - - run: | - make dev/tools - - run: | - make test + uses: ./.github/workflows/_test.yaml + with: + FULL_MATRIX: ${{ needs.check.outputs.FULL_MATRIX }} + secrets: inherit + build: + needs: ["check"] + uses: ./.github/workflows/_build.yaml + with: + FULL_MATRIX: ${{ needs.check.outputs.FULL_MATRIX }} + IMAGE_ARTIFACT_NAME: "image_artifacts" + BINARY_ARTIFACT_NAME: "binary_artifacts" + secrets: inherit + publish: + needs: ["check", "build", "test"] + uses: ./.github/workflows/_publish.yaml + with: + FULL_MATRIX: ${{ needs.check.outputs.FULL_MATRIX }} + ALLOW_PUSH: ${{ needs.check.outputs.ALLOW_PUSH }} + IMAGE_ARTIFACT_NAME: "image_artifacts" + BINARY_ARTIFACT_NAME: "binary_artifacts" + secrets: inherit distributions: - timeout-minutes: 40 - needs: ["check", "test", "test_e2e", "test_e2e_env"] + needs: ["publish"] + timeout-minutes: 10 if: ${{ always() }} runs-on: ubuntu-latest steps: @@ -85,193 +81,4 @@ jobs: run: | exit 1 # for some reason, GH Action will always trigger a downstream job even if there are errors in an dependent job - # so we manually check it here. An example could be found here: https://github.com/kumahq/kuma/actions/runs/7044980149 - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - with: - fetch-depth: 0 - - name: "Add matrix to .build/info to cache" - run: | - make build/info/short > .build-info - - name: Install dependencies for cross builds - run: | - sudo apt-get update; sudo apt-get install -y qemu-user-static binfmt-support - - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 - with: - go-version-file: go.mod - cache-dependency-path: | - .build-info - go.sum - - uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 - with: - path: | - ${{ env.CI_TOOLS_DIR }} - key: ${{ runner.os }}-${{ runner.arch }}-devtools-${{ hashFiles('mk/dependencies/deps.lock') }} - restore-keys: | - ${{ runner.os }}-${{ runner.arch }}-devtools - - name: Free up disk space for the Runner - run: | - echo "Disk usage before cleanup" - sudo df -h - echo "Removing big directories" - sudo rm -rf /usr/share/dotnet /usr/local/lib/android /opt/ghc - echo "Removing images" - docker system prune --all -f - echo "Disk usage after cleanup" - sudo df -h - - run: | - make build - - run: | - make -j build/distributions - - run: | - make -j images - - run: | - make -j docker/save - - name: Run container structure test - if: ${{ !contains(github.event.pull_request.labels.*.name, 'ci/skip-container-structure-test') && !contains(github.event.pull_request.labels.*.name, 'ci/skip-test') }} - run: | - make test/container-structure - - name: Inspect created tars - run: | - for i in build/distributions/out/*.tar.gz; do echo $i; tar -tvf $i; done - - name: Publish distributions to Pulp - env: - PULP_USERNAME: ${{ vars.PULP_USERNAME }} - PULP_PASSWORD: ${{ secrets.PULP_PASSWORD }} - CLOUDSMITH_API_KEY: ${{ secrets.CLOUDSMITH_API_KEY }} - run: | - make publish/pulp - - name: Publish images - env: - DOCKER_API_KEY: ${{ secrets.DOCKER_API_KEY }} - DOCKER_USERNAME: ${{ vars.DOCKER_USERNAME }} - run: |- - make docker/login - # ensure we always logout - function on_exit() { - make docker/logout - } - trap on_exit EXIT - make docker/push - make docker/manifest - - name: package-helm-chart - id: package-helm - env: - HELM_DEV: ${{ !startsWith(github.event.ref, 'refs/tags/') }} - run: | - make helm/update-version - - git config user.name "${GH_USER}" - git config user.email "${GH_EMAIL}" - git add -u deployments/charts - # This commit never ends up in the repo - git commit --allow-empty -m "ci(helm): update versions" - # To get an idea of what's in the commit to debug - git show - - make helm/package - PKG_FILENAME=$(find .cr-release-packages -type f -printf "%f\n") - echo "filename=${PKG_FILENAME}" >> $GITHUB_OUTPUT - - name: Upload packaged chart - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: ${{ steps.package-helm.outputs.filename }} - path: .cr-release-packages/${{ steps.package-helm.outputs.filename }} - retention-days: ${{ github.event_name == 'pull_request' && 1 || 30 }} - # Everything from here is only running on releases. - # Ideally we'd finish the workflow early, but this isn't possible: https://github.com/actions/runner/issues/662 - - name: Generate GitHub app token - id: github-app-token - if: ${{ startsWith(github.event.ref, 'refs/tags/') }} - uses: actions/create-github-app-token@e8e39f73bb84fdf315a015fa3104f314c0a258b4 # v1.8.1 - with: - app-id: ${{ secrets.APP_ID }} - private-key: ${{ secrets.APP_PRIVATE_KEY }} - owner: ${{ github.repository_owner }} - repositories: ${{ env.GH_REPO }} - - name: Release chart - if: ${{ startsWith(github.event.ref, 'refs/tags/') }} - env: - GITHUB_APP: "true" - GH_TOKEN: ${{ steps.github-app-token.outputs.token }} - run: make helm/release - gen_e2e_matrix: - timeout-minutes: 2 - runs-on: ubuntu-latest - if: ${{ !contains(github.event.pull_request.labels.*.name, 'ci/skip-test') && !contains(github.event.pull_request.labels.*.name, 'ci/skip-e2e-test') }} - outputs: - matrix: ${{ steps.generate-matrix.outputs.matrix }} - steps: - - id: generate-matrix - name: Generate matrix - env: - RUN_FULL_MATRIX: ${{ github.event_name == 'push' || contains(github.event.pull_request.labels.*.name, 'ci/run-full-matrix') }} - BASE_MATRIX: |- - { - "test_e2e": { - "target": [""], - "k8sVersion": ["kindIpv6", "${{ env.K8S_MIN_VERSION }}", "${{ env.K8S_MAX_VERSION }}"], - "arch": ["amd64"], - "parallelism": [4], - "cniNetworkPlugin": ["flannel"], - "sidecarContainers": [""] - }, - "test_e2e_env": { - "target": ["kubernetes", "universal", "multizone"], - "k8sVersion": ["kind", "kindIpv6", "${{ env.K8S_MIN_VERSION }}", "${{ env.K8S_MAX_VERSION }}"], - "arch": ["amd64"], - "parallelism": [1], - "cniNetworkPlugin": ["flannel"], - "sidecarContainers": [""], - "exclude":[ - {"target": "kubernetes", "k8sVersion":"kind"}, - {"target": "multizone", "k8sVersion":"kind"}, - {"target":"universal", "k8sVersion":"${{ env.K8S_MIN_VERSION }}"}, - {"target":"universal", "k8sVersion":"${{ env.K8S_MAX_VERSION }}"} - ], - "include":[ - {"sidecarContainers": "sidecarContainers", "k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "kubernetes", "arch": "amd64"}, - {"k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "multizone", "arch": "arm64"}, - {"k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "kubernetes", "arch": "arm64"}, - {"k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "universal", "arch": "arm64"}, - {"k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "gatewayapi", "arch": "amd64"}, - {"cniNetworkPlugin": "calico", "k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "multizone", "arch": "amd64"} - ] - } - } - # You can modify the include to run one of test suites on PRs (though you'd need to then remove it) - OVERRIDE_JQ_CMD: |- - .test_e2e = false - | .test_e2e_env.include = [] - | .test_e2e_env.exclude += [{"arch": "arm64"}, {"k8sVersion": "kindIpv6"}, {"k8sVersion": "${{ env.K8S_MIN_VERSION}}"}] - run: |- - BASE_MATRIX_ALL='${{ env.BASE_MATRIX }}' - if [[ "${{ env.RUN_FULL_MATRIX }}" != "true" ]]; then - BASE_MATRIX_ALL=$(echo $BASE_MATRIX_ALL | jq -r '${{ env.OVERRIDE_JQ_CMD }}') - fi - - echo "final matrix: $BASE_MATRIX_ALL" - echo "matrix<> $GITHUB_OUTPUT - echo "$BASE_MATRIX_ALL" >> $GITHUB_OUTPUT - echo "EOF" >> $GITHUB_OUTPUT - test_e2e: - needs: ["gen_e2e_matrix"] - if: fromJSON(needs.gen_e2e_matrix.outputs.matrix).test_e2e - strategy: - matrix: ${{ fromJSON(needs.gen_e2e_matrix.outputs.matrix).test_e2e }} - fail-fast: false - uses: ./.github/workflows/e2e.yaml - with: - matrix: ${{ toJSON(matrix) }} - secrets: - circleCIToken: ${{ secrets.CIRCLECI_TOKEN }} - test_e2e_env: - needs: ["gen_e2e_matrix"] - if: fromJSON(needs.gen_e2e_matrix.outputs.matrix).test_e2e_env - strategy: - matrix: ${{ fromJSON(needs.gen_e2e_matrix.outputs.matrix).test_e2e_env }} - fail-fast: false - uses: ./.github/workflows/e2e.yaml - with: - matrix: ${{ toJSON(matrix) }} - secrets: - circleCIToken: ${{ secrets.CIRCLECI_TOKEN }} + # so we manually check it here. An example could be found here: https://github.com/kumahq/kuma/actions/runs/7044980149 \ No newline at end of file diff --git a/mk/check.mk b/mk/check.mk index 67276e3a9cea..74f7cea5e2ae 100644 --- a/mk/check.mk +++ b/mk/check.mk @@ -33,7 +33,7 @@ golangci-lint-fmt: .PHONY: fmt/ci fmt/ci: $(CI_TOOLS_BIN_DIR)/yq -i '.parameters.go_version.default = "$(GO_VERSION)" | .parameters.first_k8s_version.default = "$(K8S_MIN_VERSION)" | .parameters.last_k8s_version.default = "$(K8S_MAX_VERSION)"' .circleci/config.yml - $(CI_TOOLS_BIN_DIR)/yq -i '.env.K8S_MIN_VERSION = "$(K8S_MIN_VERSION)" | .env.K8S_MAX_VERSION = "$(K8S_MAX_VERSION)"' .github/workflows/"$(ACTION_PREFIX)"build-test-distribute.yaml + $(CI_TOOLS_BIN_DIR)/yq -i '.env.K8S_MIN_VERSION = "$(K8S_MIN_VERSION)" | .env.K8S_MAX_VERSION = "$(K8S_MAX_VERSION)"' .github/workflows/"$(ACTION_PREFIX)"_test.yaml grep -r "golangci/golangci-lint-action" .github/workflows --include \*ml | cut -d ':' -f 1 | xargs -n 1 $(CI_TOOLS_BIN_DIR)/yq -i '(.jobs.* | select(. | has("steps")) | .steps[] | select(.uses == "golangci/golangci-lint-action*") | .with.version) |= "$(GOLANGCI_LINT_VERSION)"' .PHONY: helm-lint diff --git a/mk/docker.mk b/mk/docker.mk index cd43cd5cb300..61c89d14aaa7 100644 --- a/mk/docker.mk +++ b/mk/docker.mk @@ -117,10 +117,10 @@ images/release: $(addprefix image/,$(ALL_RELEASE_WITH_ARCH)) ## Dev: Rebuild rel .PHONY: images/test images/test: $(addprefix image/,$(ALL_TEST_WITH_ARCH)) ## Dev: Rebuild test Docker images +# The awk command is ok because we're passing a list of container image names which won't contain ' ' or '"' +# This outputs something like: ["docker.io/kumahq/kuma-cp:0.0.0-preview.vlocal-build","docker.io/kumahq/kuma-dp:0.0.0-preview.vlocal-build","docker.io/kumahq/kumactl:0.0.0-preview.vlocal-build","docker.io/kumahq/kuma-init:0.0.0-preview.vlocal-build","docker.io/kumahq/kuma-cni:0.0.0-preview.vlocal-build"] .PHONY: manifests/json/release manifests/json/release: ## output all release manifests in a json array - # The awk command is ok because we're passing a list of container image names which won't contain ' ' or '"' - # This outputs something like: ["docker.io/kumahq/kuma-cp:0.0.0-preview.vlocal-build","docker.io/kumahq/kuma-dp:0.0.0-preview.vlocal-build","docker.io/kumahq/kumactl:0.0.0-preview.vlocal-build","docker.io/kumahq/kuma-init:0.0.0-preview.vlocal-build","docker.io/kumahq/kuma-cni:0.0.0-preview.vlocal-build"] @echo $(call build_image,$(IMAGES_RELEASE)) | awk 'BEGIN{FS=" "; printf("[")}{for(i=1;i<=NF;i++) printf("\"%s\"%s", $$i, i!=NF ? "," : "")} END{printf("]")}' .PHONY: docker/purge