307 lines
10 KiB
YAML
307 lines
10 KiB
YAML
#
|
|
# Licensed to the Apache Software Foundation (ASF) under one
|
|
# or more contributor license agreements. See the NOTICE file
|
|
# distributed with this work for additional information
|
|
# regarding copyright ownership. The ASF licenses this file
|
|
# to you under the Apache License, Version 2.0 (the
|
|
# "License"); you may not use this file except in compliance
|
|
# with the License. You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing,
|
|
# software distributed under the License is distributed on an
|
|
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
# KIND, either express or implied. See the License for the
|
|
# specific language governing permissions and limitations
|
|
# under the License.
|
|
#
|
|
|
|
name: Pulsar Helm Chart CI
|
|
on:
|
|
push:
|
|
branches:
|
|
- master
|
|
pull_request:
|
|
branches:
|
|
- master
|
|
workflow_dispatch:
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
preconditions:
|
|
name: Preconditions
|
|
runs-on: ubuntu-22.04
|
|
if: (github.event_name != 'schedule') || (github.repository == 'apache/pulsar-helm-chart')
|
|
outputs:
|
|
docs_only: ${{ steps.check_changes.outputs.docs_only }}
|
|
|
|
steps:
|
|
- name: checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Detect changed files
|
|
id: changes
|
|
uses: apache/pulsar-test-infra/paths-filter@master
|
|
with:
|
|
filters: .github/changes-filter.yaml
|
|
list-files: csv
|
|
|
|
- name: Check changed files
|
|
id: check_changes
|
|
run: |
|
|
if [[ "${GITHUB_EVENT_NAME}" != "schedule" && "${GITHUB_EVENT_NAME}" != "workflow_dispatch" ]]; then
|
|
echo "docs_only=${{ fromJSON(steps.changes.outputs.all_count) == fromJSON(steps.changes.outputs.docs_count) && fromJSON(steps.changes.outputs.docs_count) > 0 }}" >> $GITHUB_OUTPUT
|
|
else
|
|
echo docs_only=false >> $GITHUB_OUTPUT
|
|
fi
|
|
|
|
license-check:
|
|
needs: preconditions
|
|
name: License Check
|
|
runs-on: ubuntu-22.04
|
|
timeout-minutes: 10
|
|
if: ${{ needs.preconditions.outputs.docs_only != 'true' }}
|
|
steps:
|
|
- name: Set up Go 1.12
|
|
uses: actions/setup-go@v4
|
|
with:
|
|
go-version: 1.12
|
|
id: go
|
|
|
|
- name: Check out code into the Go module directory
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Check license
|
|
run: |
|
|
go test license_test.go
|
|
|
|
# run "ct lint" https://github.com/helm/chart-testing/blob/main/doc/ct_lint.md
|
|
ct-lint:
|
|
needs: ['preconditions', 'license-check']
|
|
name: chart-testing lint
|
|
runs-on: ubuntu-22.04
|
|
timeout-minutes: 45
|
|
if: ${{ needs.preconditions.outputs.docs_only != 'true' }}
|
|
outputs:
|
|
no_chart_changes: ${{ steps.ct-lint.outputs.no_chart_changes }}
|
|
steps:
|
|
- name: checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Tune Runner VM
|
|
uses: ./.github/actions/tune-runner-vm
|
|
|
|
- name: Setup ssh access to build runner VM
|
|
# ssh access is enabled for builds in own forks
|
|
if: ${{ github.repository != 'apache/pulsar-helm-chart' && github.event_name == 'pull_request' }}
|
|
uses: ./.github/actions/ssh-access
|
|
continue-on-error: true
|
|
with:
|
|
limit-access-to-actor: true
|
|
|
|
- name: Set up Helm
|
|
if: ${{ steps.check_changes.outputs.docs_only != 'true' }}
|
|
uses: azure/setup-helm@v3
|
|
with:
|
|
version: v3.12.3
|
|
|
|
- name: Set up Python
|
|
if: ${{ steps.check_changes.outputs.docs_only != 'true' }}
|
|
uses: actions/setup-python@v4
|
|
with:
|
|
python-version: '3.9'
|
|
|
|
- name: Set up chart-testing
|
|
if: ${{ steps.check_changes.outputs.docs_only != 'true' }}
|
|
uses: ./.github/actions/chart-testing-action
|
|
|
|
- name: Run chart-testing (lint)
|
|
id: ct-lint
|
|
if: ${{ steps.check_changes.outputs.docs_only != 'true' }}
|
|
run: |
|
|
ct lint --check-version-increment=false \
|
|
--validate-maintainers=false \
|
|
--target-branch ${{ github.event.repository.default_branch }} \
|
|
| tee /tmp/ct-lint.log || {
|
|
if grep -q "No chart changes detected." /tmp/ct-lint.log; then
|
|
echo no_chart_changes=true >> $GITHUB_OUTPUT
|
|
exit 0
|
|
else
|
|
echo no_chart_changes=false >> $GITHUB_OUTPUT
|
|
exit 1
|
|
fi
|
|
}
|
|
|
|
- name: Wait for ssh connection when build fails
|
|
# ssh access is enabled for builds in own forks
|
|
uses: ./.github/actions/ssh-access
|
|
if: ${{ failure() && github.repository != 'apache/pulsar-helm-chart' && github.event_name == 'pull_request' }}
|
|
continue-on-error: true
|
|
with:
|
|
action: wait
|
|
|
|
install-chart-tests:
|
|
name: ${{ matrix.testScenario.name }} - k8s ${{ matrix.k8sVersion.version }} - Install
|
|
runs-on: ubuntu-22.04
|
|
timeout-minutes: ${{ matrix.testScenario.timeout || 45 }}
|
|
needs: ['preconditions', 'ct-lint']
|
|
if: ${{ needs.preconditions.outputs.docs_only != 'true' }}
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
# see https://github.com/kubernetes-sigs/kind/releases/tag/v0.20.0 for the list of supported k8s versions for kind 0.20.0
|
|
k8sVersion:
|
|
- version: "1.21.14"
|
|
kind_image_tag: v1.21.14@sha256:8a4e9bb3f415d2bb81629ce33ef9c76ba514c14d707f9797a01e3216376ba093
|
|
- version: "1.27.3"
|
|
kind_image_tag: v1.27.3@sha256:3966ac761ae0136263ffdb6cfd4db23ef8a83cba8a463690e98317add2c9ba72
|
|
testScenario:
|
|
- name: Basic
|
|
values_file: .ci/clusters/values-basic.yaml
|
|
shortname: basic
|
|
- name: Use Pulsar Image
|
|
values_file: .ci/clusters/values-pulsar-image.yaml
|
|
shortname: pulsar-image
|
|
- name: JWT Asymmetric Keys
|
|
values_file: .ci/clusters/values-jwt-asymmetric.yaml
|
|
shortname: jwt-asymmetric
|
|
- name: JWT Symmetric Key
|
|
values_file: .ci/clusters/values-jwt-symmetric.yaml
|
|
shortname: jwt-symmetric
|
|
- name: TLS
|
|
values_file: .ci/clusters/values-tls.yaml
|
|
shortname: tls
|
|
- name: Broker & Proxy TLS
|
|
values_file: .ci/clusters/values-broker-tls.yaml
|
|
shortname: broker-tls
|
|
- name: BK TLS Only
|
|
values_file: .ci/clusters/values-bk-tls.yaml
|
|
shortname: bk-tls
|
|
- name: ZK TLS Only
|
|
values_file: .ci/clusters/values-zk-tls.yaml
|
|
shortname: zk-tls
|
|
- name: ZK & BK TLS Only
|
|
values_file: .ci/clusters/values-zkbk-tls.yaml
|
|
shortname: zkbk-tls
|
|
- name: PSP
|
|
values_file: .ci/clusters/values-psp.yaml
|
|
shortname: psp
|
|
env:
|
|
k8sVersion: ${{ matrix.k8sVersion.kind_image_tag }}
|
|
KUBECTL_VERSION: ${{ matrix.k8sVersion.version }}
|
|
steps:
|
|
- name: checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Tune Runner VM
|
|
uses: ./.github/actions/tune-runner-vm
|
|
|
|
- name: Setup debugging tools for ssh access
|
|
if: ${{ github.repository != 'apache/pulsar-helm-chart' && github.event_name == 'pull_request' }}
|
|
run: |
|
|
cat >> $HOME/.bashrc <<'EOF'
|
|
function use_kind_kubeconfig() {
|
|
export KUBECONFIG=$(ls $HOME/kind/pulsar-ci-*/kubeconfig.yaml)
|
|
}
|
|
|
|
function kubectl() {
|
|
# use kind environment's kubeconfig
|
|
if [ -z "$KUBECONFIG" ]; then
|
|
use_kind_kubeconfig
|
|
fi
|
|
command kubectl "$@"
|
|
}
|
|
|
|
function k9s() {
|
|
# use kind environment's kubeconfig
|
|
if [ -z "$KUBECONFIG" ]; then
|
|
use_kind_kubeconfig
|
|
fi
|
|
# install k9s on the fly
|
|
if [ ! -x /usr/local/bin/k9s ]; then
|
|
echo "Installing k9s..."
|
|
curl -L -s https://github.com/derailed/k9s/releases/download/v0.29.1/k9s_Linux_amd64.tar.gz | sudo tar xz -C /usr/local/bin k9s
|
|
fi
|
|
command k9s "$@"
|
|
}
|
|
EOF
|
|
cat >> $HOME/.bash_profile <<'EOF'
|
|
if [ -f ~/.bashrc ]; then
|
|
source ~/.bashrc
|
|
fi
|
|
EOF
|
|
|
|
- name: Setup ssh access to build runner VM
|
|
# ssh access is enabled for builds in own forks
|
|
if: ${{ github.repository != 'apache/pulsar-helm-chart' && github.event_name == 'pull_request' }}
|
|
uses: ./.github/actions/ssh-access
|
|
continue-on-error: true
|
|
with:
|
|
limit-access-to-actor: true
|
|
|
|
- name: Run chart-testing (install)
|
|
run: |
|
|
case "${{ matrix.testScenario.shortname }}" in
|
|
"jwt-symmetric")
|
|
export SYMMETRIC=true
|
|
;;
|
|
esac
|
|
.ci/chart_test.sh ${{ matrix.testScenario.values_file }}
|
|
|
|
- name: Collect k8s logs on failure
|
|
if: ${{ cancelled() || failure() }}
|
|
continue-on-error: true
|
|
shell: bash
|
|
run: |
|
|
source .ci/helm.sh
|
|
set +e
|
|
ci::collect_k8s_logs
|
|
|
|
- name: Upload k8s logs on failure
|
|
uses: actions/upload-artifact@v2
|
|
if: ${{ cancelled() || failure() }}
|
|
continue-on-error: true
|
|
with:
|
|
name: k8s-logs-${{ matrix.testScenario.shortname }}
|
|
path: /tmp/k8s-logs
|
|
retention-days: 7
|
|
if-no-files-found: ignore
|
|
|
|
- name: Wait for ssh connection when build fails
|
|
# ssh access is enabled for builds in own forks
|
|
uses: ./.github/actions/ssh-access
|
|
if: ${{ failure() && github.repository != 'apache/pulsar-helm-chart' && github.event_name == 'pull_request' }}
|
|
continue-on-error: true
|
|
with:
|
|
action: wait
|
|
|
|
# This job is required for pulls to be merged.
|
|
# It depends on all other jobs in this workflow.
|
|
pulsar-helm-chart-ci-checks-completed:
|
|
name: "CI checks completed"
|
|
if: ${{ always() && ((github.event_name != 'schedule') || (github.repository == 'apache/pulsar-helm-chart')) }}
|
|
runs-on: ubuntu-22.04
|
|
timeout-minutes: 10
|
|
needs: [
|
|
'preconditions',
|
|
'license-check',
|
|
'install-chart-tests'
|
|
]
|
|
steps:
|
|
- name: Check that all required jobs were completed successfully
|
|
if: ${{ needs.preconditions.outputs.docs_only != 'true' }}
|
|
run: |
|
|
if [[ ! ( \
|
|
"${{ needs.license-check.result }}" == "success" \
|
|
&& "${{ needs.install-chart-tests.result }}" == "success" \
|
|
) ]]; then
|
|
echo "Required jobs haven't been completed successfully."
|
|
exit 1
|
|
fi
|