fix: nats-server runs as non-root #52
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: pull-e2e-upgrade-test | |
env: | |
DOCKER_IMAGE: europe-docker.pkg.dev/kyma-project/dev/nats-manager:PR-${{ github.event.number }} | |
E2E_LOG_LEVEL: debug | |
KYMA_STABILITY: "unstable" | |
KYMA: "./hack/kyma" | |
on: | |
pull_request: | |
branches: ["main"] | |
paths-ignore: | |
- "docs/**" | |
- "**.md" | |
- "sec-scanners-config.yaml" | |
jobs: | |
e2e-upgrade: # This job tests the upgrade of NATS module from latest image of the main branch to the current commit. | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install k3d tools | |
run: | | |
make -C hack/ci/ install-k3d-tools | |
- name: Install Kyma CLI & setup k3d cluster using kyma CLI | |
run: | | |
make kyma | |
make -C hack/ci/ create-k3d | |
kubectl version | |
kubectl cluster-info | |
- name: Install latest NATS manager from main branch | |
run: | | |
make -C hack/ci/ create-kyma-system-ns | |
make deploy IMG=europe-docker.pkg.dev/kyma-project/prod/nats-manager:main | |
- name: Setup & test NATS CR | |
run: | | |
make e2e-setup | |
- name: Wait for the 'pull-nats-manager-build' job to succeed | |
uses: kyma-project/wait-for-commit-status-action@2b3ffe09af8b6f40e1213d5fb7f91a7bd41ffb20 | |
with: | |
context: "pull-nats-manager-build" | |
commit_ref: "${{ github.event.pull_request.head.sha }}" # Note: 'github.event.pull_request.head.sha' is not same as 'github.sha' on pull requests. | |
timeout: 600000 # 10 minutes in milliseconds | |
# The check interval is kept long otherwise it will exhaust the GitHub rate limit (More info: https://docs.github.com/en/rest/overview/resources-in-the-rest-api?apiVersion=2022-11-28#rate-limiting) | |
check_interval: 60000 # 1 minute in milliseconds | |
env: | |
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
GITHUB_OWNER: "${{ github.repository_owner }}" | |
GITHUB_REPO: "nats-manager" | |
- name: Install the new NATS manager from current commit | |
run: | | |
make deploy IMG=${DOCKER_IMAGE} | |
- name: Wait for new changes to be reflected | |
# Waits for NATS-manager image to be updated and NATS CR readiness. | |
run: | | |
export MANAGER_IMAGE=${DOCKER_IMAGE} | |
make e2e-setup | |
- name: Run NATS bench | |
run: | | |
go install github.com/nats-io/natscli/nats@latest | |
export PATH=$HOME/go/bin:$PATH | |
make e2e-bench | |
- name: Test NATS-server | |
run: | | |
make e2e-nats-server | |
- name: Show all StatefulSets in Namespace kyma-system | |
if: ${{ always() }} | |
run: | | |
kubectl get sts -n kyma-system -o yaml | |
- name: Show all Deployments in Namespace kyma-system | |
if: ${{ always() }} | |
run: | | |
kubectl get deploy -n kyma-system -o yaml | |
- name: Show all Pods in Namespace kyma-system | |
if: ${{ always() }} | |
run: | | |
kubectl get po -n kyma-system -o yaml | |
- name: Show all ConfigMaps in Namespace kyma-system | |
if: ${{ always() }} | |
run: | | |
kubectl get cm -n kyma-system -o yaml | |
- name: Cleanup NATS CR | |
run: | | |
make e2e-cleanup |