Integration [pull_request_target: 2203c4e69ce32e6059a5377ae3d8b6a5d4d7780a]: #1933
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# GitHub repo level Secrets and Variables | |
# secrets.CLIENT_SECRET | |
# secrets.SHEPHERD_SERVICE_ACCOUNT_TOKEN | |
# vars.CAPI_RELEASE_VERSION | |
# vars.SHEPHERD_LEASE_DURATION | |
# vars.SHEPHERD_LEASE_NAMESPACE | |
# vars.SHEPHERD_TEMPLATE_ARGUMENT | |
# vars.SHEPHERD_TEMPLATE_NAME | |
# vars.SHEPHERD_TEMPLATE_NAMESPACE | |
name: "Tests: Integration" | |
run-name: "Integration [${{ github.event_name }}: ${{ github.event.pull_request.head.sha || github.event.push.after || github.event.workflow_run.head_sha}}]: ${{ github.event.workflow_run.head_commit.message }}" | |
on: | |
workflow_dispatch: | |
inputs: | |
workflow: | |
description: Tests to run | |
required: true | |
type: choice | |
options: | |
- all | |
- run-integration-tests-cf-env | |
- run-integration-tests-cf-env-with-client-creds | |
- run-cats-cf-env | |
nodes: | |
description: Number of test nodes | |
required: false | |
type: string | |
default: "12" | |
lease_id: | |
description: Pre-provisioned environment lease-id to use in tests | |
required: false | |
type: string | |
lease_namespace: | |
description: Pre-provisioned environment lease namespace to use in tests | |
required: false | |
type: string | |
cfd_version: | |
description: Use specific version of CFD. Leave empty to use latest. | |
default: "" | |
type: string | |
run_unit_tests: | |
description: Run unit tests | |
required: false | |
type: boolean | |
default: true | |
reinstall_cfd: | |
description: Force re-installation of CFD | |
required: false | |
type: boolean | |
default: true | |
push: | |
tags: | |
- "v8.*" | |
- "v7.*" | |
pull_request_target: | |
branches: | |
- main | |
- v8 | |
- v7 | |
paths-ignore: | |
- "doc/**" | |
- ".gitpod.yml" | |
- "README.md" | |
- ".github/**" | |
- ".grype.yaml" | |
- ".git*" | |
- ".golangci.json" | |
env: | |
SHEPHERD_LEASE_ID: ${{ inputs.lease_id }} | |
jobs: | |
get-sha: | |
runs-on: ubuntu-latest | |
outputs: | |
gitRef: ${{steps.calculate.outputs.ref}} | |
steps: | |
- id: calculate | |
run: | | |
if [[ "${{ github.event_name }}" == "pull_request_target" ]]; then | |
echo "checkout pull request head ${{ github.event.pull_request.head.sha }}" | |
echo "ref=${{ github.event.pull_request.head.sha }}" >> $GITHUB_OUTPUT | |
elif [[ "${{ github.event_name }}" == "push" ]]; then | |
echo "checkout push request ${{github.event.push.after}}" | |
echo "ref=${{github.event.push.after}}" >> $GITHUB_OUTPUT | |
else | |
echo "checkout else ${{ github.event.workflow_run.head_sha }}" | |
echo "ref=${{github.event.workflow_run.head_sha}}" >> $GITHUB_OUTPUT | |
fi | |
units: | |
name: Basic units to gate for integration tests | |
runs-on: ubuntu-latest | |
needs: | |
- get-sha | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
if: ${{ inputs.run_unit_tests || inputs.run_unit_tests == '' }} | |
with: | |
ref: ${{needs.get-sha.outputs.gitRef}} | |
fetch-depth: 0 | |
- name: Set Up Go | |
uses: actions/setup-go@v5 | |
if: ${{ inputs.run_unit_tests || inputs.run_unit_tests == '' }} | |
with: | |
go-version-file: go.mod | |
check-latest: true | |
- name: Run Units | |
if: ${{ inputs.run_unit_tests || inputs.run_unit_tests == '' }} | |
run: make units | |
claim-env: | |
name: Claim and Prep Environment | |
outputs: | |
leaseid: ${{steps.claim.outputs.leaseid}} | |
defaults: | |
run: | |
shell: bash | |
runs-on: ubuntu-latest | |
container: us-west2-docker.pkg.dev/shepherd-268822/shepherd2/concourse-resource:latest | |
needs: | |
- get-sha | |
- units | |
steps: | |
- name: Checkout cli | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{needs.get-sha.outputs.gitRef}} | |
- name: claim | |
id: claim | |
env: | |
account_token: ${{ secrets.SHEPHERD_SERVICE_ACCOUNT_TOKEN }} | |
template_argument: ${{ vars.SHEPHERD_TEMPLATE_ARGUMENT }} | |
template_name: ${{ vars.SHEPHERD_TEMPLATE_NAME || '[email protected]' }} | |
template_namespace: ${{ vars.SHEPHERD_TEMPLATE_NAMESPACE || 'official' }} | |
lease_duration: ${{ vars.SHEPHERD_LEASE_DURATION || '8h' }} | |
lease_namespace: ${{ inputs.lease_namespace || vars.SHEPHERD_LEASE_NAMESPACE || 'tas-devex' }} | |
cfd_version: ${{ inputs.cfd_version || vars.CFD_VERSION || '' }} | |
run: | | |
shepherd login service-account ${account_token} | |
if [[ -z $SHEPHERD_LEASE_ID ]]; then | |
if [ -z "$template_argument" ]; then | |
export template_argument=$(cat <<EOF | |
{ | |
"gcp_region": "us-west2", | |
"vm_type": "n1-standard-8", | |
"root_disk_gb": 32, | |
"disk_pool_gb": 150, | |
"cfd_version": "${cfd_version}", | |
"additional_opsfiles_b64": "" | |
} | |
EOF | |
) | |
fi | |
lease_id=$( shepherd create lease \ | |
--template-argument "$template_argument" \ | |
--template-namespace "${template_namespace}" \ | |
--template "${template_name}" \ | |
--namespace "${lease_namespace}" \ | |
--duration "${lease_duration}" \ | |
--description "Claimed by CF CLI workflow ${{ github.workflow_run.url }}" \ | |
--json \ | |
| jq -r .id | |
) | |
else | |
lease_id=$SHEPHERD_LEASE_ID | |
fi | |
echo "Shepherd lease ID: ${lease_id}" | |
# Give sometime for the lease to complete. Shepherd may take upto an 3 hours to create an env | |
# if the pool is empty. | |
count=0 | |
while [ $count -lt 360 ] ; do | |
sleep 30 | |
status=$( shepherd get lease ${lease_id} \ | |
--namespace ${lease_namespace} \ | |
--json \ | |
| jq -r .status | |
) | |
if [ $status == "LEASED" ] ; then | |
shepherd get lease ${lease_id} \ | |
--namespace ${lease_namespace} \ | |
--json \ | |
| jq .output > metadata.json | |
break | |
elif [ $status == "FAILED" -o $status == "EXPIRED" ] ; then | |
echo "There was an error obtaining the lease. Lease status is ${status}." | |
exit 1 | |
else | |
echo "Waiting for environment to be ready. Lease status is ${status}." | |
fi | |
count=$(($count+1)) | |
done | |
env_name=$(jq -r .name metadata.json) | |
echo "env name is ${env_name}" | |
echo "leaseid=${lease_id}" >> "${GITHUB_OUTPUT}" | |
cf_deployment_version=$(jq -r '."cf_deployment_version"' metadata.json) | |
echo "cf_deployment_version is ${cf_deployment_version}" | |
echo "cf_deployment_version=${cf_deployment_version}" >> "${GITHUB_OUTPUT}" | |
- name: Set Up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version-file: go.mod | |
check-latest: true | |
- name: Install Tools | |
if: ${{ (inputs.lease_id == '') || (inputs.reinstall_cfd == true) }} | |
run: | | |
go version | |
install_location=/usr/local/bin | |
bbl_artifact=bbl-v8.4.110_linux_x86-64 | |
bosh_cli_artifact=bosh-cli-7.7.2-linux-amd64 | |
curl https://github.com/cloudfoundry/bosh-bootloader/releases/download/v8.4.110/${bbl_artifact} --silent --location --output $install_location/bbl | |
chmod +x $install_location/bbl | |
bbl --version | |
curl https://github.com/cloudfoundry/bosh-cli/releases/download/v7.7.2/$bosh_cli_artifact --silent --output $install_location/bosh --location | |
chmod +x $install_location/bosh | |
bosh --version | |
apt-get update | |
apt-get install -y build-essential unzip | |
- name: Upload latest CAPI release | |
if: ${{ (inputs.lease_id == '') || (inputs.reinstall_cfd == true) }} | |
env: | |
capi_release_version: ${{ vars.CAPI_RELEASE_VERSION }} | |
run: | | |
if [ -z "$capi_release_version" ]; then | |
capi_release_version=$(curl -s https://api.github.com/repos/cloudfoundry/capi-release/releases/latest | jq -r .tag_name) | |
fi | |
echo "Latest CAPI release is $capi_release_version" | |
eval "$(bbl print-env --metadata-file metadata.json)" | |
env_name=$(jq -r .name metadata.json) | |
jq -r .bosh.jumpbox_private_key metadata.json > /tmp/${env_name}.priv | |
bosh upload-release "https://bosh.io/d/github.com/cloudfoundry/capi-release?v=$capi_release_version" | |
- name: Checkout cf-deployment | |
if: ${{ (inputs.lease_id == '') || (inputs.reinstall_cfd == true) }} | |
uses: actions/checkout@v4 | |
with: | |
repository: cloudfoundry/cf-deployment | |
path: cf-deployment | |
ref: ${{steps.claim.outputs.cf_deployment_version}} | |
- name: Deploy Isolation Segment and OIDC Provider | |
if: ${{ (inputs.lease_id == '') || (inputs.reinstall_cfd == true) }} | |
run: | | |
env_name=$(jq -r .name metadata.json) | |
jq -r .bosh.jumpbox_private_key metadata.json > /tmp/${env_name}.priv | |
eval "$(bbl print-env --metadata-file metadata.json)" | |
bosh -d cf manifest > /tmp/manifest.yml | |
bosh interpolate /tmp/manifest.yml \ | |
-o cf-deployment/operations/use-internal-lookup-for-route-services.yml \ | |
-o cf-deployment/operations/add-persistent-isolation-segment-diego-cell.yml \ | |
-o .github/ops-files/use-latest-capi.yml \ | |
-o .github/ops-files/add-oidc-provider.yml \ | |
-o .github/ops-files/add-uaa-client-credentials.yml \ | |
-o .github/ops-files/diego-cell-instances.yml \ | |
-v client-secret="${{ secrets.CLIENT_SECRET }}" \ | |
> ./director.yml | |
bosh -d cf deploy director.yml -n | |
echo "Deployed CAPI version:" | |
bosh -d cf releases | grep capi | |
run-integration-tests-cf-env: | |
name: Integration tests | |
needs: | |
- get-sha | |
- units | |
- claim-env | |
if: ${{ github.event_name != 'workflow_dispatch' || inputs.workflow == 'all' || inputs.workflow == 'run-integration-tests-cf-env' }} | |
uses: ./.github/workflows/tests-integration-reusable.yml | |
with: | |
run-with-client-creds: false | |
os: ubuntu-latest | |
name: Integration | |
gitRef: ${{needs.get-sha.outputs.gitRef}} | |
lease-id: ${{ needs.claim-env.outputs.leaseid }} | |
lease-namespace: ${{ inputs.lease_namespace || vars.SHEPHERD_LEASE_NAMESPACE || 'tas-devex' }} | |
nodes: ${{ inputs.nodes || '16'}} | |
secrets: inherit | |
run-integration-tests-cf-env-with-client-creds: | |
name: client creds | |
needs: | |
- get-sha | |
- units | |
- claim-env | |
if: ${{ github.event_name != 'workflow_dispatch' || inputs.workflow == 'all' || inputs.workflow == 'run-integration-tests-cf-env-with-client-creds' }} | |
uses: ./.github/workflows/tests-integration-reusable.yml | |
with: | |
run-with-client-creds: true | |
os: ubuntu-latest | |
name: Integration client creds | |
gitRef: ${{needs.get-sha.outputs.gitRef}} | |
lease-id: ${{ needs.claim-env.outputs.leaseid }} | |
lease-namespace: ${{ inputs.lease_namespace || vars.SHEPHERD_LEASE_NAMESPACE || 'tas-devex' }} | |
nodes: ${{ inputs.nodes || '16'}} | |
secrets: inherit | |
run-cats-cf-env: | |
name: CATS | |
needs: | |
- get-sha | |
- claim-env | |
- run-integration-tests-cf-env | |
- run-integration-tests-cf-env-with-client-creds | |
if: ${{ github.event_name != 'workflow_dispatch' || inputs.workflow == 'all' || inputs.workflow == 'run-cats-cf-env' }} | |
uses: ./.github/workflows/tests-integration-reusable.yml | |
with: | |
run-with-client-creds: false | |
os: ubuntu-latest | |
name: cats | |
gitRef: ${{needs.get-sha.outputs.gitRef}} | |
lease-id: ${{ needs.claim-env.outputs.leaseid }} | |
lease-namespace: ${{ inputs.lease_namespace || vars.SHEPHERD_LEASE_NAMESPACE || 'tas-devex' }} | |
secrets: inherit | |
unclaim-env: | |
name: Unclaim environment | |
if: ${{ inputs.lease_id == '' }} | |
runs-on: ubuntu-latest | |
container: us-west2-docker.pkg.dev/shepherd-268822/shepherd2/concourse-resource:latest | |
needs: | |
- claim-env | |
- run-cats-cf-env | |
steps: | |
- name: unclaim | |
env: | |
account_token: ${{ secrets.SHEPHERD_SERVICE_ACCOUNT_TOKEN }} | |
lease_namespace: ${{ inputs.lease_namespace || vars.SHEPHERD_LEASE_NAMESPACE || 'tas-devex' }} | |
run: | | |
shepherd login service-account ${account_token} | |
set -x | |
shepherd delete lease ${{ needs.claim-env.outputs.leaseid }} \ | |
--namespace ${lease_namespace} |