-
Notifications
You must be signed in to change notification settings - Fork 98
166 lines (161 loc) · 6.41 KB
/
nightly.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
---
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This is to test only the Redpanda Chart Nightly
name: Nightly - Lint/Test Redpanda-Chart
defaults:
run:
shell: nix develop --impure --command bash {0}
on:
schedule:
- cron: '0 1 * * 1-5' # 01:00 AM UTC Monday - Friday
workflow_dispatch: {}
jobs:
lint:
runs-on: ubuntu-22.04
steps:
- uses: cachix/install-nix-action@v30
with:
github_access_token: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/checkout@v4
with:
fetch-depth: 0
- run: |
git checkout main
git checkout -
- name: Run chart-testing (lint)
run: ct lint --config .github/ct-redpanda.yaml
test:
name: Run ct tests for ci values matching ${{ matrix.testvaluespattern }} for Redpanda version ${{ matrix.version }}
strategy:
matrix:
version:
- "" # Test the default / Most recent version of Redpanda.
- v24.1.16
- v23.3.20
testvaluespattern:
- '0[1-3]*'
- '0[4-6]*'
- '0[7-9]*'
- '1[0-1]*'
- '12*'
- '13*'
- '14*'
- '15*'
- '1[6-7]*'
- '18*'
- '9[7-9]*' # some tests depend on a github secret that isn't available for fork PRs. Only run these tests in branch PRs.
fail-fast: false
runs-on: ubuntu-22.04
permissions:
contents: read
id-token: write
steps:
- uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ vars.RP_AWS_CRED_REGION }}
role-to-assume: arn:aws:iam::${{ secrets.RP_AWS_CRED_ACCOUNT_ID }}:role/${{ vars.RP_AWS_CRED_BASE_ROLE_NAME }}${{ github.event.repository.name }}
- uses: aws-actions/aws-secretsmanager-get-secrets@v2
with:
secret-ids: |
,sdlc/prod/github/redpanda_sample_license
parse-json-secrets: true
- uses: cachix/install-nix-action@v30
with:
github_access_token: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/checkout@v4
with:
fetch-depth: 0
- run: |
git checkout main
git checkout -
- name: Set up for matrix
run: |
echo bash -O extglob -c "rm -v charts/redpanda/ci/!(${{ matrix.testvaluespattern }})"
bash -O extglob -c "rm -v charts/redpanda/ci/!(${{ matrix.testvaluespattern }})"
- name: Create kind cluster
uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0
with:
config: .github/kind.yaml
- name: Check kind config worked
run: kubectl get nodes
- name: Annotate nodes for rack awareness
run: .github/annotate_kind_nodes.sh chart-testing
# ===== Required Test Files === start
- name: Create tls helm templates
run: .github/create_tls.sh "random-domain"
- name: Create sasl secret templates
run: .github/create-sasl-secret.sh "some-users"
- name: Move files to redpanda template dir
run: |
mv external-tls-secret.yaml charts/redpanda/templates/
cp .github/external-service.yaml charts/redpanda/templates/
mv some-users-updated.yaml charts/redpanda/templates
- name: Create redpanda license secret
env:
REDPANDA_LICENSE: ${{ env.REDPANDA_SAMPLE_LICENSE }}
run: |
if [ -z "$REDPANDA_LICENSE" ]; then echo "License is empty" ; exit 1; fi
kubectl create secret generic redpanda-license \
--from-literal=license-key="$REDPANDA_LICENSE" \
--dry-run=client \
-o yaml \
> redpanda-license.yaml.tmp
kubectl annotate -f redpanda-license.yaml.tmp \
helm.sh/hook-delete-policy="before-hook-creation" \
helm.sh/hook="pre-install" \
helm.sh/hook-weight="-100" \
--local \
--dry-run=none \
-o yaml \
> redpanda-license.yaml
rm redpanda-license.yaml.tmp
mv redpanda-license.yaml ./charts/redpanda/templates/
# ===== Required Test Files === end
- name: Install cert-manager
run: |
helm repo add jetstack https://charts.jetstack.io &&
helm install cert-manager --namespace cert-manager \
--create-namespace --version v1.11.0 jetstack/cert-manager \
--set installCRDs=true --wait --wait-for-jobs
- name: Install prometheus-operator
run: |
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts &&
helm install prometheus prometheus-community/kube-prometheus-stack \
--namespace prometheus \
--create-namespace \
--set prometheus.prometheusSpec.serviceMonitorSelectorNilUsesHelmValues=false \
--set nodeExporter.enabled=false \
--set grafana.enabled=false \
--set kubeStateMetrics.enabled=false \
--set alertmanager.enabled=false \
--wait \
--wait-for-jobs
- name: Install metallb
run: |
helm repo add metallb https://metallb.github.io/metallb &&
helm install metallb metallb/metallb -n metallb-system \
--create-namespace --version 0.13.10 --wait --wait-for-jobs
- name: Apply metallb resources
run: kubectl -n metallb-system apply -f .github/metallb-config.yaml
# we're testing console in the Redpanda chart
- name: Run chart-testing (install and upgrade)
run: |
ct install \
--github-groups \
--upgrade \
--config .github/ct-redpanda.yaml \
--helm-extra-set-args="--set=image.tag=${{ matrix.version }}" \
--skip-missing-values