From 2687f6e921ec56ae0bb613237eb1bd94d4922b11 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Wei=C3=9Fe?= Date: Mon, 5 Feb 2024 10:03:12 +0100 Subject: [PATCH 1/3] Fail if build parsing errors MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Daniel Weiße --- .github/workflows/e2e-test-provider-example.yml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/e2e-test-provider-example.yml b/.github/workflows/e2e-test-provider-example.yml index 4eb7fd2d66..af7e0c8b81 100644 --- a/.github/workflows/e2e-test-provider-example.yml +++ b/.github/workflows/e2e-test-provider-example.yml @@ -143,8 +143,8 @@ jobs: id: build shell: bash run: | - mkdir build - cd build + mkdir -p ${{ github.workspace }}/build + cd ${{ github.workspace }}/build bazel run //:devbuild --cli_edition=enterprise bazel build //bazel/settings:tag @@ -189,12 +189,15 @@ jobs: - name: Set Kubernetes version id: kubernetes run: | + set -e + # take the middle (2nd) supported Kubernetes version (default) if [[ "${{ inputs.providerVersion }}" != "" ]]; then - echo "VERSION=$(../release/constellation config kubernetes-versions | awk 'NR==3{print $1}')" | tee -a "$GITHUB_OUTPUT" + cli_output=$(${{ github.workspace }}/release/constellation config kubernetes-versions) else - echo "VERSION=$(../build/constellation config kubernetes-versions | awk 'NR==3{print $1}')" | tee -a "$GITHUB_OUTPUT" + cli_output=$(${{ github.workspace }}/build/constellation config kubernetes-versions) fi + echo "version=$(echo "${cli_output}" | awk 'NR==3{print $1}')" | tee -a "${GITHUB_OUTPUT}" - name: Common CSP Terraform overrides working-directory: ${{ github.workspace }} From 2dfb36f0d437a90fec4669dd6e00a503656d9011 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Wei=C3=9Fe?= Date: Mon, 5 Feb 2024 10:32:13 +0100 Subject: [PATCH 2/3] Remove relative paths from workflow MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Daniel Weiße --- .github/workflows/e2e-test-provider-example.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/e2e-test-provider-example.yml b/.github/workflows/e2e-test-provider-example.yml index af7e0c8b81..9cf3c0c292 100644 --- a/.github/workflows/e2e-test-provider-example.yml +++ b/.github/workflows/e2e-test-provider-example.yml @@ -203,8 +203,8 @@ jobs: working-directory: ${{ github.workspace }} shell: bash run: | - mkdir cluster - cd cluster + mkdir -p ${{ github.workspace }}/cluster + cd ${{ github.workspace }}/cluster if [[ "${{ inputs.providerVersion }}" == "" ]]; then prefixed_version=${{ steps.build.outputs.build_version }} else @@ -213,8 +213,8 @@ jobs: version=${prefixed_version#v} # remove v prefix if [[ "${{ inputs.providerVersion }}" == "" ]]; then - iam_src="../terraform-module/iam/${{ steps.determine.outputs.cloudProvider }}" - infra_src="../terraform-module/${{ steps.determine.outputs.cloudProvider }}" + iam_src="${{ github.workspace }}/terraform-module/iam/${{ steps.determine.outputs.cloudProvider }}" + infra_src="${{ github.workspace }}/terraform-module/${{ steps.determine.outputs.cloudProvider }}" else iam_src="https://github.com/edgelesssys/constellation/releases/download/${{ inputs.providerVersion }}/terraform-module.zip//terraform-module/iam/${{ steps.determine.outputs.cloudProvider }}" infra_src="https://github.com/edgelesssys/constellation/releases/download/${{ inputs.providerVersion }}/terraform-module.zip//terraform-module/${{ steps.determine.outputs.cloudProvider }}" @@ -316,7 +316,7 @@ jobs: if [[ "${{ steps.determine.outputs.cloudProvider }}" == "azure" ]]; then terraform apply -target module.azure_iam -auto-approve terraform apply -target module.azure_infrastructure -auto-approve - ../build/constellation maa-patch "$(terraform output -raw maa_url)" + ${{ github.workspace }}/build/constellation maa-patch "$(terraform output -raw maa_url)" terraform apply -target constellation_cluster.azure_example -auto-approve else terraform apply -auto-approve @@ -408,7 +408,7 @@ jobs: fi # cfg must be in same dir as KUBECONFIG - ../build/constellation config generate "${{ steps.determine.outputs.cloudProvider }}" + ${{ github.workspace }}/build/constellation config generate "${{ steps.determine.outputs.cloudProvider }}" # make cfg valid with fake data # IMPORTANT: zone needs to be correct because it is used to resolve the CSP image ref if [[ "${{ steps.determine.outputs.cloudProvider }}" == "azure" ]]; then From dd8a1801a2e522976967877cbcdf2ad956e82994 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Wei=C3=9Fe?= Date: Mon, 5 Feb 2024 11:08:50 +0100 Subject: [PATCH 3/3] Set up MMA only for SEV-SNP MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Daniel Weiße --- .github/workflows/e2e-test-provider-example.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/e2e-test-provider-example.yml b/.github/workflows/e2e-test-provider-example.yml index 9cf3c0c292..89c6a63b32 100644 --- a/.github/workflows/e2e-test-provider-example.yml +++ b/.github/workflows/e2e-test-provider-example.yml @@ -313,7 +313,7 @@ jobs: shell: bash run: | terraform init - if [[ "${{ steps.determine.outputs.cloudProvider }}" == "azure" ]]; then + if [[ "${{ inputs.attestationVariant }}" == "azure-sev-snp" ]]; then terraform apply -target module.azure_iam -auto-approve terraform apply -target module.azure_infrastructure -auto-approve ${{ github.workspace }}/build/constellation maa-patch "$(terraform output -raw maa_url)"