diff --git a/.github/workflows/e2e-matrix.yml b/.github/workflows/e2e-matrix.yml index 5f1b410860..9f4db84aa3 100644 --- a/.github/workflows/e2e-matrix.yml +++ b/.github/workflows/e2e-matrix.yml @@ -18,68 +18,74 @@ jobs: fail-fast: false # Keep running if one leg fails. matrix: k8s-name: - - k8s-oldest - - k8s-plus-one + - k8s-oldest + - k8s-plus-one include: - - k8s-name: k8s-oldest - k8s-version: v1.28.x - - k8s-name: k8s-plus-one - k8s-version: v1.29.x + - k8s-name: k8s-oldest + k8s-version: v1.28.x + - k8s-name: k8s-plus-one + k8s-version: v1.29.x env: KO_DOCKER_REPO: registry.local:5000/tekton CLUSTER_DOMAIN: c${{ github.run_id }}.local ARTIFACTS: ${{ github.workspace }}/artifacts steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 - with: - go-version-file: "go.mod" - - uses: ko-build/setup-ko@d006021bd0c28d1ce33a07e7943d48b079944c8d # v0.9 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 + with: + go-version-file: "go.mod" + - uses: ko-build/setup-ko@d006021bd0c28d1ce33a07e7943d48b079944c8d # v0.9 - - name: Install Dependencies - working-directory: ./ - run: | - echo '::group:: install go-junit-report' - go install github.com/jstemmer/go-junit-report@v0.9.1 - echo '::endgroup::' + - name: Install Dependencies + working-directory: ./ + run: | + echo '::group:: install go-junit-report' + go install github.com/jstemmer/go-junit-report@v0.9.1 + echo '::endgroup::' + echo '::group:: created required folders' + mkdir -p "${ARTIFACTS}" + echo '::endgroup::' + echo "${GOPATH}/bin" >> "$GITHUB_PATH" - echo '::group:: created required folders' - mkdir -p "${ARTIFACTS}" - echo '::endgroup::' + - name: Run tests + run: | + curl -sSfL https://raw.githubusercontent.com/tektoncd/plumbing/main/tekton/images/kind-e2e/setup-kind.sh -o setup-kind.sh + chmod +x setup-kind.sh - echo "${GOPATH}/bin" >> "$GITHUB_PATH" + # Patch outdated MetalLB version (v0.9.3 -> v0.13.10) + # v0.9.3 uses PodSecurityPolicy which was removed in Kubernetes 1.25+ + sed -i.bak 's|kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.9.3/manifests/namespace.yaml|kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.13.10/config/manifests/metallb-native.yaml|g' setup-kind.sh + sed -i.bak '/kubectl apply -f.*metallb\/v0.9.3.*metallb.yaml/d' setup-kind.sh - - name: Run tests - run: | - ./hack/setup-kind.sh \ - --registry-url $(echo ${KO_DOCKER_REPO} | cut -d'/' -f 1) \ - --cluster-suffix c${{ github.run_id }}.local \ - --nodes 3 \ - --k8s-version ${{ matrix.k8s-version }} \ - --e2e-script ./test/e2e-tests.sh \ - --e2e-env ./test/e2e-tests-kind-prow.env + ./setup-kind.sh \ + --registry-url $(echo ${KO_DOCKER_REPO} | cut -d'/' -f 1) \ + --cluster-suffix c${{ github.run_id }}.local \ + --nodes 3 \ + --k8s-version ${{ matrix.k8s-version }} \ + --e2e-script ./test/e2e-tests.sh \ + --e2e-env ./test/e2e-tests-kind-prow.env - - name: Upload test results - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 - with: - name: ${{ matrix.k8s-version }}-${{ matrix.feature-flags }} - path: ${{ env.ARTIFACTS }} + - name: Upload test results + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + with: + name: ${{ matrix.k8s-version }}-${{ matrix.feature-flags }} + path: ${{ env.ARTIFACTS }} - - uses: chainguard-dev/actions/kind-diag@6f4f4de7549514e7b659741b30f6476f245600dd # v1.5.3 - if: ${{ failure() }} - with: - artifact-name: ${{ matrix.k8s-version }}-${{ matrix.feature-flags }}-logs + - uses: chainguard-dev/actions/kind-diag@6f4f4de7549514e7b659741b30f6476f245600dd # v1.5.3 + if: ${{ failure() }} + with: + artifact-name: ${{ matrix.k8s-version }}-${{ matrix.feature-flags }}-logs - - name: Dump Artifacts - if: ${{ failure() }} - run: | - if [[ -d ${{ env.ARTIFACTS }} ]]; then - cd ${{ env.ARTIFACTS }} - for x in $(find . -type f); do - echo "::group:: artifact $x" - cat $x - echo '::endgroup::' - done - fi + - name: Dump Artifacts + if: ${{ failure() }} + run: | + if [[ -d ${{ env.ARTIFACTS }} ]]; then + cd ${{ env.ARTIFACTS }} + for x in $(find . -type f); do + echo "::group:: artifact $x" + cat $x + echo '::endgroup::' + done + fi diff --git a/hack/setup-kind.sh b/hack/setup-kind.sh deleted file mode 100755 index e694814088..0000000000 --- a/hack/setup-kind.sh +++ /dev/null @@ -1,328 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2021 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Attribution: -# Adapted for Tekton from https://github.com/mattmoor/mink/blob/master/hack/setup-kind.sh - -set -o errexit -set -o nounset -set -o pipefail -set -x - -# Print error message and exit 1 -# Parameters: $1..$n - error message to be displayed -function abort() { - echo "error: $*" - exit 1 -} - -# Defaults -K8S_VERSION="v1.28.x" -REGISTRY_NAME="registry.local" -REGISTRY_PORT="5000" -CLUSTER_SUFFIX="cluster.local" -NODE_COUNT="1" -REGISTRY_AUTH="0" -ESTARGZ_SUPPORT="0" -E2E_SCRIPT="test/e2e-tests.sh" -E2E_ENV="" - -while [[ $# -ne 0 ]]; do - parameter="$1" - case "${parameter}" in - --k8s-version) - shift - K8S_VERSION="$1" - ;; - --registry-url) - shift - REGISTRY_NAME="$(echo "$1" | cut -d':' -f 1)" - REGISTRY_PORT="$(echo "$1" | cut -d':' -f 2)" - ;; - --cluster-suffix) - shift - CLUSTER_SUFFIX="$1" - ;; - --nodes) - shift - NODE_COUNT="$1" - ;; - --authenticated-registry) - REGISTRY_AUTH="1" - ;; - --e2e-script) - shift - E2E_SCRIPT="$1" - ;; - --e2e-env) - shift - E2E_ENV="$1" - ;; - *) abort "unknown option ${parameter}" ;; - esac - shift -done - -# If E2E_ENV is set but the file doesn't exist, fall back on the old approach of invoking presubmit-tests.sh directly. -if [[ "${E2E_ENV}" != "" && ! -f "${E2E_ENV}" ]]; then - ./test/presubmit-tests.sh --integration-tests - exit $? -fi - -# The version map correlated with this version of KinD -case ${K8S_VERSION} in - v1.25.x) - K8S_VERSION="1.25.16" - KIND_IMAGE_SHA="sha256:5da57dfc290ac3599e775e63b8b6c49c0c85d3fec771cd7d55b45fae14b38d3b" - KIND_IMAGE="kindest/node:${K8S_VERSION}@${KIND_IMAGE_SHA}" - ;; - v1.26.x) - K8S_VERSION="1.26.15" - KIND_IMAGE_SHA="sha256:84333e26cae1d70361bb7339efb568df1871419f2019c80f9a12b7e2d485fe19" - KIND_IMAGE="kindest/node:${K8S_VERSION}@${KIND_IMAGE_SHA}" - ;; - v1.27.x) - K8S_VERSION="1.27.13" - KIND_IMAGE_SHA="sha256:17439fa5b32290e3ead39ead1250dca1d822d94a10d26f1981756cd51b24b9d8" - KIND_IMAGE="kindest/node:${K8S_VERSION}@${KIND_IMAGE_SHA}" - ;; - v1.28.x) - K8S_VERSION="1.28.9" - KIND_IMAGE_SHA="sha256:dca54bc6a6079dd34699d53d7d4ffa2e853e46a20cd12d619a09207e35300bd0" - KIND_IMAGE="kindest/node:${K8S_VERSION}@${KIND_IMAGE_SHA}" - ;; - v1.29.x) - K8S_VERSION="1.29.4" - KIND_IMAGE_SHA="sha256:3abb816a5b1061fb15c6e9e60856ec40d56b7b52bcea5f5f1350bc6e2320b6f8" - KIND_IMAGE="kindest/node:${K8S_VERSION}@${KIND_IMAGE_SHA}" - ;; - v1.30.x) - K8S_VERSION="1.30.0" - KIND_IMAGE_SHA="sha256:047357ac0cfea04663786a612ba1eaba9702bef25227a794b52890dd8bcd692e" - KIND_IMAGE="kindest/node:${K8S_VERSION}@${KIND_IMAGE_SHA}" - ;; - *) abort "Unsupported version: ${K8S_VERSION}" ;; -esac - -############################################################# -# -# Setup KinD cluster. -# -############################################################# -echo '--- Setup KinD Cluster' - -cat > kind.yaml <> kind.yaml <> kind.yaml < "${AUTH_DIR}/htpasswd" - - # Run a registry protected with htpasswd - EXTRA_ARGS=( - -v "${AUTH_DIR}:/auth" - -e "REGISTRY_AUTH=htpasswd" - -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" - -e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" - ) - -fi - -docker run -d --restart=always \ - "${EXTRA_ARGS[@]}" \ - -p "$REGISTRY_PORT:$REGISTRY_PORT" --name "$REGISTRY_NAME" registry:2 - -# Connect the registry to the KinD network. -docker network connect "kind" "$REGISTRY_NAME" - -# Make the $REGISTRY_NAME -> 127.0.0.1, to tell `ko` to publish to -# local reigstry, even when pushing $REGISTRY_NAME:$REGISTRY_PORT/some/image -echo "127.0.0.1 $REGISTRY_NAME" | sudo tee -a /etc/hosts - -# Create a registry-credentials secret and attach it to the list of service accounts in the namespace. -function sa_ips() { - local ns="${1}" - shift - - # Create a secret resource with the contents of the docker auth configured above. - kubectl -n "${ns}" create secret generic registry-credentials \ - --from-file=.dockerconfigjson=${HOME}/.docker/config.json \ - --type=kubernetes.io/dockerconfigjson - - for sa in "${@}" ; do - # Ensure the service account exists. - kubectl -n "${ns}" create serviceaccount "${sa}" || true - - # Attach the secret resource to the service account in the namespace. - kubectl -n "${ns}" patch serviceaccount "${sa}" -p '{"imagePullSecrets": [{"name": "registry-credentials"}]}' - done -} - -if [[ "${REGISTRY_AUTH}" == "1" ]]; then - - # This will create ~/.docker/config.json - docker login "http://$REGISTRY_NAME:$REGISTRY_PORT/v2/" -u "${USERNAME}" -p "${PASSWORD}" - - sa_ips "default" "default" -fi - -export KO_DOCKER_REPO=kind.local - -echo '--- Debug file system' -pwd -ls -al - - -if [[ "${E2E_SCRIPT}" == "" ]]; then - echo "Nothing else to do" - exit 0 -else - if [[ "${E2E_ENV}" != "" ]]; then - set -o allexport - source "${E2E_ENV}" - set +o allexport - fi - "${E2E_SCRIPT}" -fi