diff --git a/.github/workflows/qe-crc.yml b/.github/workflows/qe-crc.yml new file mode 100644 index 0000000000..35defe9924 --- /dev/null +++ b/.github/workflows/qe-crc.yml @@ -0,0 +1,274 @@ +# https://developers.redhat.com/content-gateway/rest/mirror/pub/openshift-v4/clients/crc/latest/crc-linux-amd64.tar.xz + +name: CRC Tests + +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + workflow_dispatch: +env: + QE_REPO: redhat-best-practices-for-k8s/certsuite-qe + +jobs: + build-and-store: + # build and store the image + runs-on: ubuntu-22.04 + strategy: + fail-fast: false + steps: + - name: Check out code + uses: actions/checkout@v4 + with: + ref: ${{ github.sha }} + + - name: Setup docker buildx + uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 + + - name: Build temporary image tag for this PR + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0 + with: + context: . + file: ./Dockerfile + tags: quay.io/redhat-best-practices-for-k8s/certsuite:localtest + outputs: type=docker,dest=/tmp/testimage.tar + + - name: Store image as artifact + uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + with: + name: testimage + path: /tmp/testimage.tar + + + smoke-tests: + name: CRC QE Tests + runs-on: ubuntu-22.04 + needs: build-and-store + if: needs.build-and-store.result == 'success' + strategy: + fail-fast: false + matrix: + suite: [accesscontrol] + # suite: [accesscontrol, affiliatedcertification, manageability, networking, lifecycle, performance, platformalteration, observability, operator] + env: + SHELL: /bin/bash + KUBECONFIG: '/home/runner/.crc/machines/crc/kubeconfig' + PFLT_DOCKERCONFIG: '/home/runner/.docker/config' + DOCKER_CONFIG_DIR: '/home/runner/.docker/' + SKIP_PRELOAD_IMAGES: true + TEST_CERTSUITE_IMAGE_NAME: quay.io/redhat-best-practices-for-k8s/certsuite + TEST_CERTSUITE_IMAGE_TAG: localtest + + steps: + - name: Write temporary docker file + run: | + mkdir -p /home/runner/.docker + touch ${PFLT_DOCKERCONFIG} + echo '{ "auths": {} }' >> ${PFLT_DOCKERCONFIG} + if: runner.os == 'Linux' + + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@main + with: + tool-cache: false + large-packages: true + android: true + dotnet: true + haskell: true + docker-images: true + swap-storage: true + continue-on-error: true + + - name: Set up Go 1.23.1 + uses: actions/setup-go@v5 + with: + go-version: 1.23.1 + + - name: Install required packages for Linux + run: | + sudo apt-get update + sudo apt install qemu-kvm libvirt-daemon libvirt-daemon-system network-manager jq + if: runner.os == 'Linux' + + # - name: Set up QEMU + # uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 + + - name: Enable KVM group perms + run: | + echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-kvm4all.rules + sudo udevadm control --reload-rules + sudo udevadm trigger --name-match=kvm + sudo apt-get update + sudo apt-get install -y libvirt-clients libvirt-daemon-system libvirt-daemon virtinst bridge-utils qemu qemu-system-x86 + sudo usermod -a -G kvm,libvirt $USER + sudo adduser `id -un` libvirt + + # Restart docker using /mnt/docker-storage (sdb) instead of /var/lib/docker (sda). + # This step needs to be done right after the partner repo's bootstrap scripts, as they + # overwrite the docker's daemon.json. + - name: Make docker to use /mnt (sdb) for storage + run: | + df -h + lsblk + sudo mkdir /mnt/docker-storage + sudo jq '. +={"data-root" : "/mnt/docker-storage"}' < /etc/docker/daemon.json > /tmp/docker-daemon.json + sudo cp /tmp/docker-daemon.json /etc/docker/daemon.json + cat /etc/docker/daemon.json + sudo systemctl restart docker + sudo ls -la /mnt/docker-storage + + - name: reload the terminal to load the libvirt group + run: | + sudo -E bash -c 'exec su -l '$USER + if: runner.os == 'Linux' + + # - name: Check kvm + # run: | + # sudo apt-get install cpu-checker + # egrep -c '(vmx|svm)' /proc/cpuinfo + # kvm-ok + + - name: Check if user is part of libvirt group + run: | + groups + sudo usermod -a -G libvirt $USER + groups + if: runner.os == 'Linux' + + - name: Disable default go problem matcher + run: echo "::remove-matcher owner=go::" + + - name: Check out code + uses: actions/checkout@v4 + with: + ref: ${{ github.sha }} + + - name: check if CRC_PULL_SECRET exists + env: + super_secret: ${{ secrets.CRC_PULL_SECRET }} + if: ${{ env.super_secret == '' }} + run: 'echo the secret \"CRC_PULL_SECRET\" has not been made; echo please go to \"settings \> secrets \> actions\" to create it' + + - name: Write the pull secret to json file + run: | + echo $CRC_PULL_SECRET > temp-ps.json + cat temp-ps.json + env: + CRC_PULL_SECRET: ${{ secrets.CRC_PULL_SECRET }} + shell: bash + + # Create a OpenShift Local Cluster for testing + - name: Download the CRC binary (Linux) + run: | + wget -O crc-linux-amd64.tar.xz https://developers.redhat.com/content-gateway/file/pub/openshift-v4/clients/crc/2.41.0/crc-linux-amd64.tar.xz + tar xvf crc-linux-amd64.tar.xz + sudo mv crc-linux-*/crc /usr/local/bin/ + if: runner.os == 'Linux' + + - name: Set Memory + uses: nick-fields/retry@v3 + with: + timeout_minutes: 5 + max_attempts: 3 + command: crc config set memory 10752 + + - name: Set Telemetry + uses: nick-fields/retry@v3 + with: + timeout_minutes: 5 + max_attempts: 3 + command: crc config set consent-telemetry no + + - name: Set Network-Mode User + uses: nick-fields/retry@v3 + with: + timeout_minutes: 5 + max_attempts: 3 + command: crc config set network-mode user + + - name: Set Disk Size + uses: nick-fields/retry@v3 + with: + timeout_minutes: 5 + max_attempts: 3 + command: crc config set disk-size 60 + + - name: Run CRC Setup + uses: nick-fields/retry@v3 + with: + timeout_minutes: 15 + max_attempts: 3 + command: sudo -su $USER crc setup + + - name: Run CRC Start + uses: nick-fields/retry@v3 + with: + timeout_minutes: 30 + max_attempts: 3 + command: sudo -su $USER crc start --pull-secret-file temp-ps.json --log-level debug + on_retry_command: sudo -su $USER crc delete -f + + - name: Wait until node is Ready state + run: | + while [[ $(oc get nodes --request-timeout='30s' -o json | jq -r '.items[] | select(.metadata.name=="api.crc.testing") | .status.conditions[] | select(.reason=="KubeletReady") | .status') == "False" ]]; do + echo "Waiting for node to be in Ready state" + sleep 5 + done + + - name: Set the adm policy + run: | + oc adm policy add-scc-to-user privileged user + + - name: Run oc version, get nodes and pods + run: | + eval $(crc oc-env) + oc version + oc get nodes + oc get pods -A + + - name: Run some oc commands + run: | + oc get nodes + oc get pods -A + + - name: Clone the QE repository + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + with: + repository: ${{ env.QE_REPO }} + path: certsuite-qe + ref: main + + # - name: Build the binary + # run: make build-certsuite-tool + + # - name: Run the tests + # uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3.0.0 + # with: + # timeout_minutes: 60 + # max_attempts: 3 + # command: cd ${GITHUB_WORKSPACE}/certsuite-qe; FEATURES=${{matrix.suite}} CERTSUITE_REPO_PATH=${GITHUB_WORKSPACE} USE_BINARY=true DISABLE_INTRUSIVE_TESTS=true ENABLE_PARALLEL=true ENABLE_FLAKY_RETRY=true make test-features + + # - name: Build the local image + # run: make build-image-local + + - name: Download image from artifact + uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + with: + name: testimage + path: /tmp + + - name: Load image into docker + run: docker load --input /tmp/testimage.tar + + # - name: Run tmate session + # uses: mxschmitt/action-tmate@v3 + + - name: Run the tests (against image) + uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3.0.0 + with: + timeout_minutes: 60 + max_attempts: 3 + command: cd ${GITHUB_WORKSPACE}/certsuite-qe; FEATURES=${{matrix.suite}} CERTSUITE_REPO_PATH=${GITHUB_WORKSPACE} CERTSUITE_IMAGE=${{env.TEST_CERTSUITE_IMAGE_NAME}} CERTSUITE_IMAGE_TAG=${{env.TEST_CERTSUITE_IMAGE_TAG}} JOB_ID=${{github.run_id}} DISABLE_INTRUSIVE_TESTS=true ENABLE_PARALLEL=false ENABLE_FLAKY_RETRY=true make test-features + +# FEATURES=operator FORCE_DOWNLOAD_UNSTABLE=true DISABLE_INTRUSIVE_TESTS=true CERTSUITE_REPO_PATH=~/certsuite KUBECONFIG=~/.kube/config ENABLE_PARALLEL=true CERTSUITE_IMAGE_TAG=unstable ENABLE_FLAKY_RETRY=true DEBUG_TNF=true CERTSUITE_CONFIG_DIR=/home/labuser2/CERTSUITE_config CERTSUITE_REPORT_DIR=/home/labuser2/CERTSUITE_report make test-features \ No newline at end of file diff --git a/.github/workflows/qe-hosted.yml b/.github/workflows/qe-hosted.yml index df4ca35759..6fff65ee25 100644 --- a/.github/workflows/qe-hosted.yml +++ b/.github/workflows/qe-hosted.yml @@ -1,8 +1,8 @@ name: QE Testing (Ubuntu-hosted) on: - pull_request: - branches: [ main ] + # pull_request: + # branches: [ main ] workflow_dispatch: # Schedule a daily cron at midnight UTC schedule: diff --git a/.github/workflows/qe-ocp-arm-416.yaml b/.github/workflows/qe-ocp-arm-416.yaml index 848f0a09dc..6b39eb0692 100644 --- a/.github/workflows/qe-ocp-arm-416.yaml +++ b/.github/workflows/qe-ocp-arm-416.yaml @@ -1,8 +1,8 @@ name: OCP ARM64 4.16 QE Testing on: - pull_request: - branches: [ main ] + # pull_request: + # branches: [ main ] workflow_dispatch: # Schedule a daily cron at midnight UTC schedule: diff --git a/.github/workflows/qe-ocp-pre-main.yaml b/.github/workflows/qe-ocp-pre-main.yaml index 83757b7121..0262de9e1a 100644 --- a/.github/workflows/qe-ocp-pre-main.yaml +++ b/.github/workflows/qe-ocp-pre-main.yaml @@ -1,8 +1,9 @@ name: OCP Pre-Main Testing on: - pull_request: - branches: [ main ] + # pull_request: + # branches: [ main ] + workflow_dispatch: permissions: contents: read