Skip to content

TLS_PASSTHROUGH document (#650) #23

TLS_PASSTHROUGH document (#650)

TLS_PASSTHROUGH document (#650) #23

Workflow file for this run

name: e2e-test
permissions:
id-token: write
contents: read
on:
# TODO: Find a secure enough way to run e2e tests from PR on-demand.
push:
branches:
- main
workflow_dispatch:
jobs:
e2e-test:
runs-on: ubuntu-latest
# Prevent concurrent execution as we only have one cluster at the moment.
concurrency:
group: e2e-test
cancel-in-progress: false
timeout-minutes: 240
environment: e2e-test
env:
# Image build config
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
ECR_PUBLISH_ROLE_ARN: ${{ secrets.ECR_PUBLISH_IAM_ROLE }}
IMAGE_REPOSITORY: ${{ secrets.PRIVATE_IMAGE_REPOSITORY }}
RELEASE_VERSION: ${{ github.sha }}
# E2E integration test config
REGION: ${{ secrets.AWS_DEFAULT_REGION }}
CLUSTER_NAME: ${{ secrets.CLUSTER_NAME }}
CLUSTER_VPC_ID: ${{ secrets.CLUSTER_VPC_ID }}
SECONDARY_ACCOUNT_TEST_ROLE_ARN: ${{ secrets.SECONDARY_ACCOUNT_IAM_ROLE }}
steps:
- name: Checkout
uses: actions/checkout@v3
- run: sed -En 's/^go[[:space:]]+([[:digit:].]+)$/GO_VERSION=\1/p' go.mod >> $GITHUB_ENV
- name: Setup Go
uses: actions/setup-go@v4
with:
go-version: ${{ env.GO_VERSION }}
check-latest: true
cache-dependency-path: test/go.sum
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Setup AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.INTEGRATION_TEST_IAM_ROLE }}
role-duration-seconds: 14400
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
- name: Setup eksctl
run: |
curl -sL "https://github.com/eksctl-io/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp
sudo mv /tmp/eksctl /usr/local/bin
# Assumes a cluster named CLUSTER_NAME exists.
# TODO: create cluster if it does not exist.
- name: Setup cluster credentials
run: eksctl utils write-kubeconfig --cluster=$CLUSTER_NAME
- name: Enable actions cache
uses: actions/github-script@v6
with:
script: |
core.exportVariable('ACTIONS_CACHE_URL', process.env['ACTIONS_CACHE_URL'])
core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env['ACTIONS_RUNTIME_TOKEN'])
- name: Build and push image
run: |
SKIP_BUILD_CHART=true scripts/release-controller.sh
- name: Install helm chart
run: |
helm install gateway-api-controller ./helm \
--namespace aws-application-networking-system \
--set=serviceAccount.create=false \
--set=image.repository=$IMAGE_REPOSITORY \
--set=image.tag=$RELEASE_VERSION \
--set=log.level=debug
- name: Install Gateway API v1 CRDs
run: |
kubectl apply -f config/crds/bases/k8s-gateway-v1.0.0.yaml
- name: Create Lattice GatewayClass
run: |
kubectl apply -f files/controller-installation/gatewayclass.yaml
- name: Run test
run: |
make e2e-test
make webhook-e2e-test
- name: Cleanup
if: always()
run: |
make e2e-clean
- name: Uninstall helm chart
if: always()
run: |
helm uninstall gateway-api-controller --namespace aws-application-networking-system || true