diff --git a/.github/actions/login_azure/action.yml b/.github/actions/login_azure/action.yml new file mode 100644 index 0000000..c7934d1 --- /dev/null +++ b/.github/actions/login_azure/action.yml @@ -0,0 +1,15 @@ +name: Azure login +description: "Login to Azure & configure az CLI." +inputs: + azure_credentials: + description: "Credentials authorized to create Constellation on Azure." + required: true +runs: + using: "composite" + steps: + # As described at: + # https://github.com/Azure/login#configure-deployment-credentials + - name: Login to Azure + uses: azure/login@a65d910e8af852a8061c627c456678983e180302 # v2.2.0 + with: + creds: ${{ inputs.azure_credentials }} diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml new file mode 100644 index 0000000..0fee6f5 --- /dev/null +++ b/.github/workflows/e2e.yml @@ -0,0 +1,88 @@ +name: e2e tests azure + +on: + workflow_dispatch: + pull_request: + + +jobs: + build: + name: build binary + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: cachix/install-nix-action@08dcb3a5e62fa31e2da3d490afc4176ef55ecd72 # v30 + with: + github_access_token: ${{ secrets.GITHUB_TOKEN }} + - uses: cachix/cachix-action@ad2ddac53f961de1989924296a1f236fcfbaa4fc # v15 + with: + name: edgelesssys + authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} + - name: Build + run: nix build . + + test: + name: azure + needs: + - build + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + variant: + - azure_private + - azure_shared + steps: + - name: Checkout + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: cachix/install-nix-action@08dcb3a5e62fa31e2da3d490afc4176ef55ecd72 # v30 + with: + github_access_token: ${{ secrets.GITHUB_TOKEN }} + - uses: cachix/cachix-action@ad2ddac53f961de1989924296a1f236fcfbaa4fc # v15 + with: + name: edgelesssys + - name: Login to Azure + uses: ./.github/actions/login_azure + with: + azure_credentials: ${{ secrets.UPLOSI_AZURE_E2E_CREDENTIALS }} + - name: Create base name override + id: name + env: + variant: ${{ matrix.variant }} + run: | + uuid=$(cat /proc/sys/kernel/random/uuid) + uuid=${uuid:0:8} + + base_name="uplosi_e2e_${variant}_${uuid}" + echo "base_name=${base_name}" | tee -a "$GITHUB_OUTPUT" + + mkdir -p ./testdata/uplosi.conf.d + cat < ./testdata/uplosi.conf.d/0100-azure.conf + [base] + name = "${base_name}" + EOF + cat ./testdata/uplosi.conf.d/0100-azure.conf + - name: Build minimal image + id: build + run: | + echo "img=$(./hack/build_image.sh)" | tee -a "$GITHUB_OUTPUT" + - name: Run e2e tests + working-directory: ./testdata + env: + variant: ${{ matrix.variant }} + img: ${{ steps.build.outputs.img }} + run: | + nix shell .# --command uplosi upload --enable-variant-glob "${variant}" "${img}" + - name: Delete resource group + if: always() + env: + rg: ${{ steps.name.outputs.base_name }} + variant: ${{ matrix.variant }} + run: | + if grep -q "shared" <<< "${variant}"; then + echo "Resetting gallery sharing status of gallery ${rg}" + az sig share reset --resource-group "${rg}" --gallery-name "${rg}" + fi + echo "Deleting resource group ${rg}" + az group delete --name "${rg}" --yes diff --git a/hack/build_image.sh b/hack/build_image.sh new file mode 100755 index 0000000..c6b82d3 --- /dev/null +++ b/hack/build_image.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash + +set -euo pipefail + +target=$(mktemp) +truncate -s 21MiB "${target}" +parted -s -a optimal "${target}" -- \ + mklabel msdos mkpart primary ext4 1MiB 100% +echo "${target}" diff --git a/testdata/uplosi.conf b/testdata/uplosi.conf new file mode 100644 index 0000000..b41fa9c --- /dev/null +++ b/testdata/uplosi.conf @@ -0,0 +1,22 @@ +[base] +imageVersion = "1.2.3" +name = "uplosi_test" + +[base.azure] +subscriptionID = "0d202bbb-4fa7-4af8-8125-58c269a05435" +location = "GermanyWestCentral" + +[variant.azure_private] +provider = "azure" +[variant.azure_private.azure] +resourceGroup = "{{.Name}}" +sharedImageGallery = "{{.Name}}" +sharingProfile = "private" + +[variant.azure_shared] +provider = "azure" +[variant.azure_shared.azure] +resourceGroup = "{{.Name}}" +sharedImageGallery = "{{.Name}}" +sharingProfile = "community" +sharingNamePrefix = "uplositest"