diff --git a/.github/workflows/test-e2e-junk.yaml b/.github/workflows/test-e2e.yaml similarity index 99% rename from .github/workflows/test-e2e-junk.yaml rename to .github/workflows/test-e2e.yaml index 80fbea5283..de07f41656 100644 --- a/.github/workflows/test-e2e-junk.yaml +++ b/.github/workflows/test-e2e.yaml @@ -1,4 +1,4 @@ -name: TestSuite E2E Junk +name: TestSuite E2E on: pull_request: diff --git a/.github/workflows/test-e2e.yml b/.github/workflows/test-e2e.yml deleted file mode 100644 index a8e8b0c10a..0000000000 --- a/.github/workflows/test-e2e.yml +++ /dev/null @@ -1,324 +0,0 @@ -name: TestSuite E2E - -on: - pull_request: - branches: [ "main" ] - workflow_dispatch: - inputs: - k8s_version: - description: "With Kubernetes version" - required: false -jobs: - wait-for-img: - name: "Wait for Image Build" - runs-on: ubuntu-latest - steps: - - uses: autotelic/action-wait-for-status-check@v1 - id: wait-for-build - with: - token: ${{ secrets.GITHUB_TOKEN }} - # Context for which we should look for the matching status - statusName: ${{ (github.event_name == 'pull_request') && 'pull-lifecycle-mgr-build' || 'main-lifecycle-mgr-build' }} - timeoutSeconds: 900 - intervalSeconds: 10 - - name: Exit If Failing Build Requirement - if: steps.wait-for-build.outputs.state != 'success' - run: | - echo "Image build did not succeed, skipping E2E Test!" - exit 1 - - e2e-integration: - strategy: - matrix: - e2e-test: [ "watcher-enqueue", - "kyma-deprovision-with-foreground-propagation", - "kyma-deprovision-with-background-propagation", - "module-status-propagation", - "kyma-metrics", - "module-without-default-cr", - "module-consistency", - "non-blocking-deletion", - "upgrade-under-deletion", - "purge-controller", - "purge-metrics", - "module-upgrade-channel-switch", - "module-upgrade-new-version", - "skip-manifest-reconciliation", - "ca-certificate-rotation", - "self-signed-certificate-rotation", - "mandatory-module", - "mandatory-module-metrics", - "misconfigured-kyma-secret", - "rbac-privileges" - ] - name: "E2E" - needs: [wait-for-img] - runs-on: ubuntu-latest - timeout-minutes: 20 - env: - K3D_VERSION: v5.6.0 - K8S_VERSION: ${{ github.event.inputs.k8s_version || '1.28.7' }} - ISTIO_VERSION: 1.20.3 - CM_VERSION: v1.13.3 - KLM_VERSION_TAG: latest - KLM_IMAGE_REPO: prod - GOSUMDB: off - steps: - - name: Install prerequisites - run: | - curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.28/deb/Release.key | sudo gpg --batch --yes --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg - echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list - sudo apt update -y - sudo apt install kubectl -y - - name: Checkout lifecycle-manager - uses: actions/checkout@v4 - with: - path: lifecycle-manager - - name: Set up Go - uses: actions/setup-go@v4 - with: - go-version-file: 'lifecycle-manager/go.mod' - cache-dependency-path: 'lifecycle-manager/go.sum' - - name: Install Istio CLI - run: | - curl -L https://istio.io/downloadIstio | TARGET_ARCH=x86_64 sh - - chmod +x istio-$ISTIO_VERSION/bin/istioctl - mv istio-$ISTIO_VERSION/bin/istioctl /usr/local/bin - - name: Install Kyma CLI - run: | - wget https://storage.googleapis.com/kyma-cli-unstable/kyma-linux - chmod +x kyma-linux && mv kyma-linux /usr/local/bin/kyma-unstable - echo "PATH=/usr/local/bin/kyma-unstable" >> $GITHUB_OUTPUT - - run: ln -s /usr/local/bin/kyma-unstable /usr/local/bin/kyma - - name: Install Cert Manager Command Line Tool - run: | - OS=$(go env GOOS); ARCH=$(go env GOARCH); curl -fsSL -o cmctl.tar.gz https://github.com/cert-manager/cert-manager/releases/latest/download/cmctl-$OS-$ARCH.tar.gz - tar xzf cmctl.tar.gz - sudo mv cmctl /usr/local/bin - - name: Install k3d - run: wget -qO - https://raw.githubusercontent.com/k3d-io/k3d/main/install.sh | TAG=$K3D_VERSION bash - - name: Provision SKR cluster - run: | - k3d cluster create skr \ - -p 10080:80@loadbalancer \ - -p 10443:443@loadbalancer \ - --image rancher/k3s:v$K8S_VERSION-k3s1 \ - --k3s-arg '--disable=traefik@server:*' \ - --k3s-arg '--tls-san=host.k3d.internal@server:*' - - name: Provision KCP cluster - run: | - k3d cluster create kcp \ - -p 9443:443@loadbalancer \ - -p 9080:80@loadbalancer \ - -p 9081:8080@loadbalancer \ - --image rancher/k3s:v$K8S_VERSION-k3s1 \ - --registry-create k3d-kcp-registry:5111 \ - --k3s-arg '--disable=traefik@server:*' \ - --k3s-arg '--tls-san=host.k3d.internal@server:*' - - name: Update Kubeconfigs - run: k3d kubeconfig merge -a -d - - name: Export required Kubeconfig Env vars - run: | - echo "KCP_KUBECONFIG=$(k3d kubeconfig write kcp)" >> $GITHUB_ENV - echo "SKR_KUBECONFIG=$(k3d kubeconfig write skr)" >> $GITHUB_ENV - - name: Patch /etc/hosts - run: | - FILE=/etc/hosts - if [ -f "$FILE" ]; then - sudo echo "127.0.0.1 k3d-kcp-registry" | sudo tee -a $FILE - else - echo "$FILE does not exist." - exit 1 - fi - echo "/etc/hosts file patched" - - name: Switch kubeconfig context to KCP cluster - run: kubectl config use-context k3d-kcp - - name: Deploy Istio on KCP Cluster - run: | - istioctl install --set profile=demo -y - - name: Deploy Cert Manager on KCP Cluster - run: | - kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/$CM_VERSION/cert-manager.yaml - cmctl check api --wait=2m - - name: Override Kustomize Controller Image TAG and Image repository environment variables in Pull Request to PR Image - if: ${{ github.event_name == 'pull_request' }} - run: | - echo "KLM_VERSION_TAG=PR-${{ github.event.pull_request.number }}" >> $GITHUB_ENV - echo "KLM_IMAGE_REPO=dev" >> $GITHUB_ENV - - name: Patch purge finalizer flags - if: ${{ matrix.e2e-test == 'purge-controller' || matrix.e2e-test == 'purge-metrics'}} - working-directory: lifecycle-manager - run: | - pushd config/watcher_local_test - echo \ - "- op: add - path: /spec/template/spec/containers/0/args/- - value: --enable-purge-finalizer=true - - op: add - path: /spec/template/spec/containers/0/args/- - value: --purge-finalizer-timeout=5s" >> purge_finalizer.yaml - cat purge_finalizer.yaml - kustomize edit add patch --path purge_finalizer.yaml --kind Deployment - popd - - name: Patch metrics cleanup interval - if : ${{ matrix.e2e-test == 'kyma-metrics' }} - working-directory: lifecycle-manager - run: | - pushd config/watcher_local_test - echo \ - "- op: add - path: /spec/template/spec/containers/0/args/- - value: --metrics-cleanup-interval=1" >> metrics_cleanup.yaml - cat metrics_cleanup.yaml - kustomize edit add patch --path metrics_cleanup.yaml --kind Deployment - popd - - name: Patch self signed certificate lifetime - if: ${{matrix.e2e-test == 'self-signed-certificate-rotation'}} - working-directory: lifecycle-manager - run: | - pushd config/watcher_local_test - echo \ - "- op: add - path: /spec/template/spec/containers/0/args/- - value: --self-signed-cert-duration=1h - - op: add - path: /spec/template/spec/containers/0/args/- - value: --self-signed-cert-renew-before=59m - - op: add - path: /spec/template/spec/containers/0/args/- - value: --self-signed-cert-renew-buffer=1m" >> self-signed-cert.yaml - cat self-signed-cert.yaml - kustomize edit add patch --path self-signed-cert.yaml --kind Deployment - popd - - name: Patch CA certificate renewBefore - if: ${{matrix.e2e-test == 'ca-certificate-rotation'}} - working-directory: lifecycle-manager - run: | - pushd config/watcher_local_test - echo \ - "- op: replace - path: /spec/renewBefore - value: 59m - - op: replace - path: /spec/duration - value: 1h">> certificate_renewal.yaml - cat certificate_renewal.yaml - kustomize edit add patch --path certificate_renewal.yaml --kind Certificate --group cert-manager.io --version v1 --name watcher-serving-cert - popd - - name: Deploy LM local testing kustomize - working-directory: lifecycle-manager - run: | - maxRetry=5 - for retry in $(seq 1 $maxRetry) - do - if make local-deploy-with-watcher IMG=europe-docker.pkg.dev/kyma-project/$KLM_IMAGE_REPO/lifecycle-manager:$KLM_VERSION_TAG; then - kubectl wait pods -n kcp-system -l app.kubernetes.io/name=lifecycle-manager --for condition=Ready --timeout=90s - echo "KLM deployed successfully" - exit 0 - elif [[ $retry -lt $maxRetry ]]; then - echo "Deploy encountered some error, will retry after 20 seconds" - sleep 20 - else - echo "KLM deployment failed" - exit 1 - fi - done - - name: Checkout template-operator - uses: actions/checkout@v4 - with: - repository: kyma-project/template-operator - path: template-operator - - name: Create Template Operator Module and apply - working-directory: template-operator - if: ${{ matrix.e2e-test == 'kyma-metrics' || - matrix.e2e-test == 'non-blocking-deletion' || - matrix.e2e-test == 'purge-controller' || - matrix.e2e-test == 'purge-metrics' || - matrix.e2e-test == 'kyma-deprovision-with-foreground-propagation' || - matrix.e2e-test == 'kyma-deprovision-with-background-propagation' || - matrix.e2e-test == 'module-consistency' || - matrix.e2e-test == 'skip-manifest-reconciliation' || - matrix.e2e-test == 'misconfigured-kyma-secret' - }} - run: | - make build-manifests - kyma alpha create module --module-config-file ./module-config.yaml --path . --registry k3d-kcp-registry:5111 --insecure - sed -i 's/k3d-kcp-registry:5111/k3d-kcp-registry:5000/g' ./template.yaml - kubectl config use-context k3d-kcp - kubectl get crds - kubectl apply -f template.yaml - - name: Create Template Operator Module for regular and fast channels - working-directory: lifecycle-manager - if: ${{ matrix.e2e-test == 'module-upgrade-channel-switch' || - matrix.e2e-test == 'module-upgrade-new-version' || - matrix.e2e-test == 'upgrade-under-deletion' - }} - run: | - kubectl apply -f tests/moduletemplates/moduletemplate_template_operator_v2_fast.yaml - kubectl apply -f tests/moduletemplates/moduletemplate_template_operator_v1_regular.yaml - - name: Create Template Operator Module as Mandatory Module - working-directory: lifecycle-manager - if: ${{ matrix.e2e-test == 'mandatory-module' || - matrix.e2e-test == 'mandatory-module-metrics' - }} - run: | - kubectl apply -f tests/moduletemplates/mandatory_moduletemplate_template_operator_v1.yaml - - name: Apply Template Operator Module V2, fast channel - working-directory: ./lifecycle-manager - if: ${{ matrix.e2e-test == 'non-blocking-deletion' }} - run: | - kubectl apply -f tests/moduletemplates/moduletemplate_template_operator_v2_fast.yaml - - name: Create Template Operator Module with final state and final deletion state as `Warning` and apply - working-directory: template-operator - if: ${{ matrix.e2e-test == 'module-status-propagation'}} - run: | - pushd config/default - echo \ - "- op: replace - path: /spec/template/spec/containers/0/args/1 - value: --final-state=Warning - - op: replace - path: /spec/template/spec/containers/0/args/2 - value: --final-deletion-state=Warning" >> warning_patch.yaml - cat warning_patch.yaml - kustomize edit add patch --path warning_patch.yaml --kind Deployment - popd - kyma alpha create module --kubebuilder-project --channel=regular --name kyma.project.io/module/template-operator --version 1.1.1 --path . --registry k3d-kcp-registry:5111 --insecure --module-archive-version-overwrite / - sed -i 's/k3d-kcp-registry:5111/k3d-kcp-registry:5000/g' ./template.yaml - kubectl config use-context k3d-kcp - kubectl get crds - kubectl apply -f template.yaml - - name: Create Template Operator Module without default CR and apply - working-directory: template-operator - if: ${{ matrix.e2e-test == 'module-without-default-cr' }} - run: | - make build-manifests - echo "name: kyma-project.io/module/template-operator - channel: regular - version: v1.0.0 - manifest: template-operator.yaml - security: sec-scanners-config.yaml - annotations: - operator.kyma-project.io/doc-url: https://kyma-project.io" >> module-config-no-cr.yaml - kyma alpha create module \ - --module-config-file ./module-config-no-cr.yaml \ - --path . \ - --registry k3d-kcp-registry:5111 \ - --insecure - sed -i 's/k3d-kcp-registry:5111/k3d-kcp-registry:5000/g' ./template.yaml - kubectl config use-context k3d-kcp - kubectl get crds - kubectl apply -f template.yaml - - name: Expose Metrics Endpoint - working-directory: lifecycle-manager - if: ${{ matrix.e2e-test == 'kyma-metrics' || - matrix.e2e-test == 'purge-metrics' || - matrix.e2e-test == 'self-signed-certificate-rotation' || - matrix.e2e-test == 'mandatory-module-metrics' - }} - run: | - kubectl patch svc klm-metrics-service -p '{"spec": {"type": "LoadBalancer"}}' -n kcp-system - - name: Run ${{ matrix.e2e-test }} - working-directory: lifecycle-manager - run: | - make -C tests/e2e ${{ matrix.e2e-test }}