E2E Nightly Fleet #147
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Nightly workflow tests more k8s versions than the e2e-ci workflow for PR does | |
name: E2E Nightly Fleet | |
on: | |
schedule: | |
# Run everyday day at 7:00 AM | |
- cron: '0 7 * * *' | |
env: | |
GOARCH: amd64 | |
CGO_ENABLED: 0 | |
SETUP_K3D_VERSION: 'v5.7.4' | |
jobs: | |
e2e-fleet-nightly-test: | |
runs-on: runs-on,runner=8cpu-linux-x64,mem=16,run-id=${{ github.run_id }} | |
strategy: | |
matrix: | |
k3s_version: | |
# k3d version list k3s | sed 's/+/-/' | sort -h | |
# https://hub.docker.com/r/rancher/k3s/tags | |
- v1.31.1-k3s1 | |
- v1.27.5-k3s1 | |
- v1.27.16-k3s1 | |
test_type: | |
- acceptance | |
- e2e-secrets | |
- e2e-nosecrets | |
steps: | |
- | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- | |
uses: actions/setup-go@v5 | |
with: | |
go-version-file: 'go.mod' | |
check-latest: true | |
- | |
name: Install Ginkgo CLI | |
run: go install github.com/onsi/ginkgo/v2/ginkgo | |
- | |
name: Install crust-gather CLI | |
run: curl -sSfL https://github.com/crust-gather/crust-gather/raw/main/install.sh | sh -s -- --yes | |
- | |
name: Build Fleet Binaries | |
run: | | |
./.github/scripts/build-fleet-binaries.sh | |
cd e2e/testenv/infra | |
go build | |
- | |
name: Build Docker Images | |
run: | | |
./.github/scripts/build-fleet-images.sh | |
DOCKER_BUILDKIT=1 docker build -f e2e/assets/gitrepo/Dockerfile.gitserver -t nginx-git:test --build-arg="passwd=$(openssl passwd foo)" e2e/assets/gitrepo | |
- | |
name: Install k3d | |
run: curl --silent --fail https://raw.githubusercontent.com/k3d-io/k3d/main/install.sh | TAG=${{ env.SETUP_K3D_VERSION }} bash | |
- | |
name: Provision k3d Cluster | |
run: | | |
k3d cluster create upstream --wait \ | |
--agents 1 \ | |
--network "nw01" \ | |
--image docker.io/rancher/k3s:${{matrix.k3s_version}} | |
- | |
name: Import Images Into k3d | |
run: | | |
./.github/scripts/k3d-import-retry.sh rancher/fleet:dev rancher/fleet-agent:dev nginx-git:test -c upstream | |
- | |
name: Deploy Fleet | |
run: | | |
SHARDS='[{"id":"shard0"},{"id":"shard1"},{"id":"shard2"}]' ./.github/scripts/deploy-fleet.sh | |
- | |
name: Create Zot certificates for OCI tests | |
if: ${{ matrix.test_type == 'e2e-nosecrets' }} | |
env: | |
FLEET_E2E_NS: fleet-local | |
run: | | |
# Generate cert and key for TLS | |
./.github/scripts/create-zot-certs.sh "FleetCI-RootCA" | |
- | |
name: E2E Tests | |
if: ${{ matrix.test_type == 'e2e-nosecrets' }} | |
env: | |
FLEET_E2E_NS: fleet-local | |
# Git and OCI credentials are here used in a local, ephemeral environment. Leaks would be harmless. | |
GIT_HTTP_USER: "fleet-ci" | |
GIT_HTTP_PASSWORD: "foo" | |
CI_OCI_USERNAME: "fleet-ci" | |
CI_OCI_PASSWORD: "foo" | |
HELM_PATH: /usr/local/bin/helm | |
run: | | |
export CI_OCI_CERTS_DIR="$(git rev-parse --show-toplevel)/FleetCI-RootCA" | |
# 1. Run test cases not needing infra | |
ginkgo --github-output --label-filter='!infra-setup' e2e/single-cluster e2e/keep-resources | |
# 2. Run tests for metrics | |
ginkgo --github-output e2e/metrics | |
SHARD=shard1 ginkgo --github-output e2e/metrics | |
# 3. Run tests requiring only the git server | |
e2e/testenv/infra/infra setup --git-server=true | |
ginkgo --github-output --label-filter='infra-setup && !helm-registry && !oci-registry' e2e/single-cluster/ | |
# 4. Run tests requiring a Helm registry | |
e2e/testenv/infra/infra setup --helm-registry=true | |
ginkgo --github-output --label-filter='helm-registry' e2e/single-cluster | |
e2e/testenv/infra/infra teardown --helm-registry=true | |
# 5. Run tests requiring an OCI registry | |
e2e/testenv/infra/infra setup --oci-registry=true | |
ginkgo --github-output --label-filter='oci-registry' e2e/single-cluster | |
# 6. Tear down all infra | |
e2e/testenv/infra/infra teardown | |
- | |
name: Acceptance Tests for Examples | |
if: ${{ matrix.test_type == 'acceptance' }} | |
env: | |
FLEET_E2E_NS: fleet-local | |
run: | | |
ginkgo --github-output e2e/acceptance/single-cluster-examples | |
- | |
name: Fleet Tests Requiring Github Secrets | |
if: ${{ matrix.test_type == 'e2e-secrets' }} | |
env: | |
FLEET_E2E_NS: fleet-local | |
GIT_REPO_URL: "[email protected]:fleetrepoci/test.git" | |
GIT_REPO_HOST: "github.com" | |
GIT_REPO_USER: "git" | |
GIT_REPO_BRANCH: ${{ matrix.k3s_version }} | |
CI_OCI_USERNAME: ${{ secrets.CI_OCI_USERNAME }} | |
CI_OCI_PASSWORD: ${{ secrets.CI_OCI_PASSWORD }} | |
run: | | |
export GIT_SSH_KEY="$GITHUB_WORKSPACE/id_ecdsa" | |
export GIT_SSH_PUBKEY="$GITHUB_WORKSPACE/id_ecdsa.pub" | |
echo "${{ secrets.CI_SSH_KEY }}" > "$GIT_SSH_KEY" | |
echo "${{ secrets.CI_SSH_PUBKEY }}" > "$GIT_SSH_PUBKEY" | |
ginkgo --github-output e2e/require-secrets | |
- | |
name: Upload Logs | |
uses: actions/upload-artifact@v4 | |
if: failure() | |
with: | |
name: gha-nightly-e2e-logs-${{ github.sha }}-${{ matrix.k3s_version }}-${{ matrix.test_type }}-${{ github.run_id }} | |
path: | | |
tmp/upstream | |
retention-days: 2 |