Skip to content

fix: nats-server runs as non-root #79

fix: nats-server runs as non-root

fix: nats-server runs as non-root #79

Workflow file for this run

name: pull-e2e-test
env:
DOCKER_IMAGE: europe-docker.pkg.dev/kyma-project/dev/nats-manager:PR-${{ github.event.number }}
E2E_LOG_LEVEL: debug
KYMA_STABILITY: "unstable"
KYMA: "./hack/kyma"
on:
pull_request:
branches: [ "main" ]
paths-ignore:
- 'docs/**'
- '**.md'
- 'sec-scanners-config.yaml'
jobs:
e2e:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Cache Go dependencies
uses: actions/setup-go@v5
with:
go-version-file: './go.mod'
check-latest: true
cache-dependency-path: './go.sum'
- name: Install k3d tools
run: |
make -C hack/ci/ install-k3d-tools
- name: Install Kyma CLI & setup k3d cluster using kyma CLI
run: |
make kyma
make -C hack/ci/ create-k3d
kubectl version
kubectl cluster-info
- name: Install the NATS CRD on the cluster
run: |
make install IMG=$DOCKER_IMAGE
- name: Wait for the 'pull-nats-manager-build' job to succeed
uses: kyma-project/wait-for-commit-status-action@2b3ffe09af8b6f40e1213d5fb7f91a7bd41ffb20
with:
context: "pull-nats-manager-build"
commit_ref: "${{ github.event.pull_request.head.sha }}" # Note: 'github.event.pull_request.head.sha' is not same as 'github.sha' on pull requests.
timeout: 600000 # 10 minutes in milliseconds
# The check interval is kept long otherwise it will exhaust the GitHub rate limit (More info: https://docs.github.com/en/rest/overview/resources-in-the-rest-api?apiVersion=2022-11-28#rate-limiting)
check_interval: 60000 # 1 minute in milliseconds
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
GITHUB_OWNER: "${{ github.repository_owner }}"
GITHUB_REPO: "nats-manager"
- name: Create kyma-system namespace
run: |
kubectl create namespace kyma-system
- name: Deploy the controller to the cluster
run: |
make deploy IMG=$DOCKER_IMAGE
- name: Setup and test NATS CR
run: |
make e2e-setup
- name: Run NATS bench
run: |
go install github.com/nats-io/natscli/nats@latest
export PATH=$HOME/go/bin:$PATH
make e2e-bench
- name: Test NATS-server
run: |
make e2e-nats-server
- name: Cleanup NATS CR
run: |
make e2e-cleanup
# the following steps only run on failure to help finding the cause of the failure
- name: List CRDs
if: failure()
run: |
kubectl get crd
- name: List Namespaces
if: failure()
run: |
kubectl get namespaces
- name: List StatefulSets
if: failure()
run: |
kubectl get sts --all-namespaces
- name: List Pods
if: failure()
run: |
kubectl get po --all-namespaces
- name: List PVCs
if: failure()
run: |
kubectl get pvc --all-namespaces
- name: List NATS CR
if: failure()
run: |
kubectl get nats --all-namespaces
# references:
# wait for other gh checks to finish: https://github.com/marketplace/actions/wait-for-check