From a6df2f16957f9603ecc93060829ae5b018b07f7d Mon Sep 17 00:00:00 2001 From: Moritz Sanft <58110325+msanft@users.noreply.github.com> Date: Wed, 25 Oct 2023 08:30:39 +0200 Subject: [PATCH] dont use test payload Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> --- .../actions/constellation_create/action.yml | 7 ++++-- .../actions/constellation_destroy/action.yml | 8 +++---- .github/actions/e2e_test/action.yml | 8 +++++-- .github/workflows/e2e-test-daily.yml | 3 ++- .../workflows/e2e-test-manual-internal.yml | 3 ++- .github/workflows/e2e-test-manual.yml | 6 ++--- .github/workflows/e2e-test-release.yml | 23 +++++++++++++++++-- .github/workflows/e2e-test-weekly.yml | 16 +++++++++---- .github/workflows/e2e-upgrade.yml | 3 ++- 9 files changed, 56 insertions(+), 21 deletions(-) diff --git a/.github/actions/constellation_create/action.yml b/.github/actions/constellation_create/action.yml index 3b5afcbe399..bd3c4b9984e 100644 --- a/.github/actions/constellation_create/action.yml +++ b/.github/actions/constellation_create/action.yml @@ -50,6 +50,9 @@ inputs: internalLoadBalancer: description: "Whether to use an internal load balancer for the control plane" required: false + selfManagedInfra: + description: "Use self-managed infrastructure instead of infrastructure created by the Constellation CLI." + required: true outputs: kubeconfig: @@ -132,13 +135,13 @@ runs: sudo sh -c 'echo "127.0.0.1 license.confidential.cloud" >> /etc/hosts' || true - name: Constellation create (CLI) - if : inputs.test != 'self-managed infra' + if : inputs.selfManagedInfra != 'true' shell: bash run: | constellation create -y --debug --tf-log=DEBUG - name: Constellation create (self-managed) - if : inputs.test == 'self-managed infra' + if : inputs.selfManagedInfra == 'true' uses: ./.github/actions/self_managed_create with: cloudProvider: ${{ inputs.cloudProvider }} diff --git a/.github/actions/constellation_destroy/action.yml b/.github/actions/constellation_destroy/action.yml index a98dab0953f..f9ae8c8f8ab 100644 --- a/.github/actions/constellation_destroy/action.yml +++ b/.github/actions/constellation_destroy/action.yml @@ -5,8 +5,8 @@ inputs: kubeconfig: description: "The kubeconfig for the cluster." required: true - test: - description: "The e2e test payload." + selfManagedInfra: + description: "Use self-managed infrastructure instead of infrastructure created by the Constellation CLI." required: true runs: @@ -42,13 +42,13 @@ runs: echo "::endgroup::" - name: Constellation terminate - if: inputs.test != 'self-managed infra' + if: inputs.selfManagedInfra != 'true' shell: bash run: | constellation terminate --yes --tf-log=DEBUG - name: Constellation terminate (self-managed) - if: inputs.test == 'self-managed infra' + if: inputs.selfManagedInfra == 'true' shell: bash working-directory: ${{ github.workspace }}/e2e-infra run: | diff --git a/.github/actions/e2e_test/action.yml b/.github/actions/e2e_test/action.yml index 1dc4398c98d..00de05ab8f3 100644 --- a/.github/actions/e2e_test/action.yml +++ b/.github/actions/e2e_test/action.yml @@ -53,7 +53,7 @@ inputs: description: "Azure credentials authorized to create an IAM configuration." required: true test: - description: "The test to run. Can currently be one of [sonobuoy full, sonobuoy quick, autoscaling, lb, perf-bench, verify, recover, malicious join, self-managed infra, nop, upgrade]." + description: "The test to run. Can currently be one of [sonobuoy full, sonobuoy quick, autoscaling, lb, perf-bench, verify, recover, malicious join, nop, upgrade]." required: true sonobuoyTestSuiteCmd: description: "The sonobuoy test suite to run." @@ -76,6 +76,9 @@ inputs: description: "Enable security policy for the cluster." internalLoadBalancer: description: "Enable internal load balancer for the cluster." + selfManagedInfra: + description: "Use self-managed infrastructure instead of infrastructure created by the Constellation CLI." + default: "false" outputs: kubeconfig: @@ -89,7 +92,7 @@ runs: using: "composite" steps: - name: Check input - if: (!contains(fromJson('["sonobuoy full", "sonobuoy quick", "autoscaling", "perf-bench", "verify", "lb", "recover", "malicious join", "self-managed infra", "nop", "upgrade"]'), inputs.test)) + if: (!contains(fromJson('["sonobuoy full", "sonobuoy quick", "autoscaling", "perf-bench", "verify", "lb", "recover", "malicious join", "nop", "upgrade"]'), inputs.test)) shell: bash run: | echo "::error::Invalid input for test field: ${{ inputs.test }}" @@ -261,6 +264,7 @@ runs: refStream: ${{ inputs.refStream }} internalLoadBalancer: ${{ inputs.internalLoadBalancer }} test: ${{ inputs.test }} + selfManagedInfra: ${{ inputs.selfManagedInfra }} - name: Deploy log- and metrics-collection (Kubernetes) id: deploy-logcollection diff --git a/.github/workflows/e2e-test-daily.yml b/.github/workflows/e2e-test-daily.yml index 6bd3da2319b..803ddd43533 100644 --- a/.github/workflows/e2e-test-daily.yml +++ b/.github/workflows/e2e-test-daily.yml @@ -91,13 +91,14 @@ jobs: awsOpenSearchDomain: ${{ secrets.AWS_OPENSEARCH_DOMAIN }} awsOpenSearchUsers: ${{ secrets.AWS_OPENSEARCH_USER }} awsOpenSearchPwd: ${{ secrets.AWS_OPENSEARCH_PWD }} + selfManagedInfra: "false" - name: Always terminate cluster if: always() uses: ./.github/actions/constellation_destroy with: kubeconfig: ${{ steps.e2e_test.outputs.kubeconfig }} - test: ${{ matrix.test }} + selfManagedInfra: "false" - name: Always delete IAM configuration if: always() diff --git a/.github/workflows/e2e-test-manual-internal.yml b/.github/workflows/e2e-test-manual-internal.yml index 6f13618d1fc..d9297f22e84 100644 --- a/.github/workflows/e2e-test-manual-internal.yml +++ b/.github/workflows/e2e-test-manual-internal.yml @@ -205,13 +205,14 @@ jobs: cosignPrivateKey: ${{ secrets.COSIGN_PRIVATE_KEY }} fetchMeasurements: ${{ contains(needs.find-latest-image.outputs.image, '/stream/stable/') }} internalLoadBalancer: true + selfManagedInfra: "false" - name: Always terminate cluster if: always() uses: ./.github/actions/constellation_destroy with: kubeconfig: ${{ steps.e2e_test.outputs.kubeconfig }} - test: ${{ inputs.test }} + selfManagedInfra: "false" - name: Always delete IAM configuration if: always() diff --git a/.github/workflows/e2e-test-manual.yml b/.github/workflows/e2e-test-manual.yml index 9b0dc9732c8..a32f5147a56 100644 --- a/.github/workflows/e2e-test-manual.yml +++ b/.github/workflows/e2e-test-manual.yml @@ -35,7 +35,6 @@ on: - "verify" - "recover" - "malicious join" - - "self-managed infra" - "nop" required: true kubernetesVersion: @@ -261,14 +260,15 @@ jobs: cosignPassword: ${{ secrets.COSIGN_PASSWORD }} cosignPrivateKey: ${{ secrets.COSIGN_PRIVATE_KEY }} fetchMeasurements: ${{ contains(needs.find-latest-image.outputs.image, '/stream/stable/') }} + selfManagedInfra: "false" - name: Always terminate cluster if: always() uses: ./.github/actions/constellation_destroy with: kubeconfig: ${{ steps.e2e_test.outputs.kubeconfig }} - test: ${{ inputs.test }} - + selfManagedInfra: "false" + - name: Always delete IAM configuration if: always() uses: ./.github/actions/constellation_iam_destroy diff --git a/.github/workflows/e2e-test-release.yml b/.github/workflows/e2e-test-release.yml index 96b4e0387f9..3f2589c9cac 100644 --- a/.github/workflows/e2e-test-release.yml +++ b/.github/workflows/e2e-test-release.yml @@ -151,6 +151,24 @@ jobs: kubernetes-version: "v1.28" runner: "ubuntu-22.04" + # self-managed infra test on latest k8s version + # runs Sonobuoy full test + - test: "sonobuoy full" + provider: "gcp" + kubernetes-version: "v1.28" + runner: "ubuntu-22.04" + selfManagedInfra: "true" + - test: "sonobuoy full" + provider: "azure" + kubernetes-version: "v1.28" + runner: "ubuntu-22.04" + selfManagedInfra: "true" + - test: "sonobuoy full" + provider: "aws" + kubernetes-version: "v1.28" + runner: "ubuntu-22.04" + selfManagedInfra: "true" + # # Tests on macOS runner # @@ -213,14 +231,15 @@ jobs: cosignPassword: ${{ secrets.COSIGN_PASSWORD }} cosignPrivateKey: ${{ secrets.COSIGN_PRIVATE_KEY }} githubToken: ${{ secrets.GITHUB_TOKEN }} + selfManagedInfra: ${{ matrix.selfManagedInfra == 'true' }} - name: Always terminate cluster if: always() uses: ./.github/actions/constellation_destroy with: kubeconfig: ${{ steps.e2e_test.outputs.kubeconfig }} - test: ${{ matrix.test }} - + selfManagedInfra: ${{ matrix.selfManagedInfra == 'true' }} + - name: Always delete IAM configuration if: always() uses: ./.github/actions/constellation_iam_destroy diff --git a/.github/workflows/e2e-test-weekly.yml b/.github/workflows/e2e-test-weekly.yml index 8dca6b9fe1a..27d104207b4 100644 --- a/.github/workflows/e2e-test-weekly.yml +++ b/.github/workflows/e2e-test-weekly.yml @@ -172,18 +172,22 @@ jobs: kubernetes-version: "v1.28" # self-managed infra test on latest k8s version - - test: "self-managed infra" + # with Sonobuoy full + - test: "sonobuoy full" refStream: "ref/main/stream/debug/?" provider: "gcp" kubernetes-version: "v1.28" - - test: "self-managed infra" + selfManagedInfra: "true" + - test: "sonobuoy full" refStream: "ref/main/stream/debug/?" provider: "azure" kubernetes-version: "v1.28" - - test: "self-managed infra" + selfManagedInfra: "true" + - test: "sonobuoy full" provider: "aws" refStream: "ref/main/stream/debug/?" kubernetes-version: "v1.28" + selfManagedInfra: "true" # # Tests on release-stable refStream @@ -202,6 +206,7 @@ jobs: refStream: "ref/release/stream/stable/?" provider: "aws" kubernetes-version: "v1.27" + runs-on: ubuntu-22.04 permissions: id-token: write @@ -245,14 +250,15 @@ jobs: cosignPrivateKey: ${{ secrets.COSIGN_PRIVATE_KEY }} fetchMeasurements: ${{ matrix.refStream != 'ref/release/stream/stable/?' }} azureSNPEnforcementPolicy: ${{ matrix.azureSNPEnforcementPolicy }} + selfManagedInfra: ${{ matrix.selfManagedInfra == 'true' }} - name: Always terminate cluster if: always() uses: ./.github/actions/constellation_destroy with: kubeconfig: ${{ steps.e2e_test.outputs.kubeconfig }} - test: ${{ matrix.test }} - + selfManagedInfra: ${{ matrix.selfManagedInfra == 'true' }} + - name: Always delete IAM configuration if: always() uses: ./.github/actions/constellation_iam_destroy diff --git a/.github/workflows/e2e-upgrade.yml b/.github/workflows/e2e-upgrade.yml index bdd917a0515..bd1e5fc1552 100644 --- a/.github/workflows/e2e-upgrade.yml +++ b/.github/workflows/e2e-upgrade.yml @@ -182,6 +182,7 @@ jobs: awsOpenSearchDomain: ${{ secrets.AWS_OPENSEARCH_DOMAIN }} awsOpenSearchUsers: ${{ secrets.AWS_OPENSEARCH_USER }} awsOpenSearchPwd: ${{ secrets.AWS_OPENSEARCH_PWD }} + selfManagedInfra: "false" - name: Build CLI uses: ./.github/actions/build_cli @@ -287,7 +288,7 @@ jobs: uses: ./.github/actions/constellation_destroy with: kubeconfig: ${{ steps.e2e_test.outputs.kubeconfig }} - test: "upgrade" + selfManagedInfra: "false" - name: Always delete IAM configuration if: always()