fix: nats-server runs as non-root #79
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: pull-e2e-test | |
env: | |
DOCKER_IMAGE: europe-docker.pkg.dev/kyma-project/dev/nats-manager:PR-${{ github.event.number }} | |
E2E_LOG_LEVEL: debug | |
KYMA_STABILITY: "unstable" | |
KYMA: "./hack/kyma" | |
on: | |
pull_request: | |
branches: [ "main" ] | |
paths-ignore: | |
- 'docs/**' | |
- '**.md' | |
- 'sec-scanners-config.yaml' | |
jobs: | |
e2e: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Cache Go dependencies | |
uses: actions/setup-go@v5 | |
with: | |
go-version-file: './go.mod' | |
check-latest: true | |
cache-dependency-path: './go.sum' | |
- name: Install k3d tools | |
run: | | |
make -C hack/ci/ install-k3d-tools | |
- name: Install Kyma CLI & setup k3d cluster using kyma CLI | |
run: | | |
make kyma | |
make -C hack/ci/ create-k3d | |
kubectl version | |
kubectl cluster-info | |
- name: Install the NATS CRD on the cluster | |
run: | | |
make install IMG=$DOCKER_IMAGE | |
- name: Wait for the 'pull-nats-manager-build' job to succeed | |
uses: kyma-project/wait-for-commit-status-action@2b3ffe09af8b6f40e1213d5fb7f91a7bd41ffb20 | |
with: | |
context: "pull-nats-manager-build" | |
commit_ref: "${{ github.event.pull_request.head.sha }}" # Note: 'github.event.pull_request.head.sha' is not same as 'github.sha' on pull requests. | |
timeout: 600000 # 10 minutes in milliseconds | |
# The check interval is kept long otherwise it will exhaust the GitHub rate limit (More info: https://docs.github.com/en/rest/overview/resources-in-the-rest-api?apiVersion=2022-11-28#rate-limiting) | |
check_interval: 60000 # 1 minute in milliseconds | |
env: | |
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
GITHUB_OWNER: "${{ github.repository_owner }}" | |
GITHUB_REPO: "nats-manager" | |
- name: Create kyma-system namespace | |
run: | | |
kubectl create namespace kyma-system | |
- name: Deploy the controller to the cluster | |
run: | | |
make deploy IMG=$DOCKER_IMAGE | |
- name: Setup and test NATS CR | |
run: | | |
make e2e-setup | |
- name: Run NATS bench | |
run: | | |
go install github.com/nats-io/natscli/nats@latest | |
export PATH=$HOME/go/bin:$PATH | |
make e2e-bench | |
- name: Test NATS-server | |
run: | | |
make e2e-nats-server | |
- name: Cleanup NATS CR | |
run: | | |
make e2e-cleanup | |
# the following steps only run on failure to help finding the cause of the failure | |
- name: List CRDs | |
if: failure() | |
run: | | |
kubectl get crd | |
- name: List Namespaces | |
if: failure() | |
run: | | |
kubectl get namespaces | |
- name: List StatefulSets | |
if: failure() | |
run: | | |
kubectl get sts --all-namespaces | |
- name: List Pods | |
if: failure() | |
run: | | |
kubectl get po --all-namespaces | |
- name: List PVCs | |
if: failure() | |
run: | | |
kubectl get pvc --all-namespaces | |
- name: List NATS CR | |
if: failure() | |
run: | | |
kubectl get nats --all-namespaces | |
# references: | |
# wait for other gh checks to finish: https://github.com/marketplace/actions/wait-for-check |