-
Notifications
You must be signed in to change notification settings - Fork 41
218 lines (196 loc) · 7.54 KB
/
sub_airgap.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
# This workflow is a reusable one called by other workflows
name: (template) Elemental E2E single cluster Airgap tests
on:
workflow_call:
# Variables to set when calling this reusable workflow
inputs:
cert-manager_version:
required: true
type: string
cluster_name:
required: true
type: string
cluster_namespace:
required: true
type: string
k8s_downstream_version:
required: true
type: string
k8s_upstream_version:
required: true
type: string
operator_repo:
required: true
type: string
os_to_test:
required: true
type: string
qase_project_code:
required: true
type: string
qase_run_id:
required: true
type: string
rancher_version:
required: true
type: string
runner_label:
required: true
type: string
snap_type:
required: true
type: string
test_type:
required: true
type: string
# Job outputs to export for caller workflow
outputs:
steps_status:
description: Status of the executed test jobs
value: ${{ jobs.airgap.outputs.steps_status }}
# Variables to set when calling this reusable workflow
secrets:
credentials:
required: true
qase_api_token:
jobs:
airgap:
runs-on: ${{ inputs.runner_label }}
outputs:
# For this to work 'id:' in steps are mandatory!
steps_status: ${{ join(steps.*.conclusion, ' ') }}
env:
CERT_MANAGER_VERSION: ${{ inputs.cert-manager_version }}
CLUSTER_NAME: ${{ inputs.cluster_name }}
CLUSTER_NS: ${{ inputs.cluster_namespace }}
# Distribution to use to host Rancher Manager (K3s)
K8S_UPSTREAM_VERSION: ${{ inputs.k8s_upstream_version }}
# For K8s cluster to provision with Rancher Manager
K8S_DOWNSTREAM_VERSION: ${{ inputs.k8s_downstream_version}}
# QASE variables
QASE_API_TOKEN: ${{ secrets.qase_api_token }}
QASE_PROJECT_CODE: ${{ inputs.qase_project_code }}
QASE_RUN_ID: ${{ inputs.qase_run_id }}
# For Rancher Manager
RANCHER_VERSION: ${{ inputs.rancher_version }}
TEST_TYPE: ${{ inputs.test_type }}
TIMEOUT_SCALE: 3
steps:
- name: Checkout
id: checkout
uses: actions/checkout@v4
- name: Authenticate to GCP
id: authenticate
uses: google-github-actions/auth@v2
with:
credentials_json: ${{ secrets.credentials }}
- name: Setup gcloud
id: setup_gcloud
uses: google-github-actions/setup-gcloud@v2
- name: Download QCOW2 VM image
id: download_qcow2
run: |
QCOW2_FILE="rancher-image.qcow2"
gcloud storage cp gs://elemental-airgap-image/${QCOW2_FILE} ${HOME}/${QCOW2_FILE}
- name: Setup Go
id: setup_go
uses: actions/setup-go@v5
with:
cache-dependency-path: tests/go.sum
go-version-file: tests/go.mod
- name: Define needed system variables
id: define_sys_vars
run: |
# Add missing PATH, removed in recent distributions for security reasons...
echo "/usr/local/bin" >> ${GITHUB_PATH}
- name: Prepare the archive file to send to air-gapped nodes
id: prepare_archive_file
env:
OPERATOR_REPO: ${{ inputs.operator_repo }}
run: cd tests && make e2e-prepare-archive
- name: Deploy airgap infrastructure
id: deploy_airgap_infra
run: cd tests && make e2e-airgap-rancher
- name: Configure Rancher and Libvirt
id: configure_rancher
env:
SNAP_TYPE: ${{ inputs.snap_type }}
run: cd tests && make e2e-configure-rancher
- name: Extract component versions/informations
id: component
run: |
# Extract CertManager version
CERT_MANAGER_VERSION=$(kubectl get pod \
--namespace cert-manager \
-l app=cert-manager \
-o jsonpath={.items[*].status.containerStatuses[*].image} 2> /dev/null || true)
# Extract elemental-operator version
OPERATOR_VERSION=$(kubectl get pod \
--namespace cattle-elemental-system \
-l app=elemental-operator \
-o jsonpath={.items[*].status.containerStatuses[*].image} 2> /dev/null || true)
# Extract Rancher Manager version
RANCHER_VERSION=$(kubectl get pod \
--namespace cattle-system \
-l app=rancher \
-o jsonpath={.items[*].status.containerStatuses[*].image} 2> /dev/null || true)
# Export values
echo "cert_manager_version=${CERT_MANAGER_VERSION}" >> ${GITHUB_OUTPUT}
echo "operator_version=${OPERATOR_VERSION}" >> ${GITHUB_OUTPUT}
echo "rancher_image_version=${RANCHER_VERSION}" >> ${GITHUB_OUTPUT}
- name: Create ISO image for master pool
id: create_iso_master
env:
EMULATE_TPM: true
OS_TO_TEST: ${{ inputs.os_to_test }}
POOL: master
run: cd tests && BOOT_TYPE=iso make e2e-iso-image
- name: Extract ISO version
id: iso_version
if: ${{ always() }}
run: |
# Extract OS version from ISO
ISO=$(file -Ls *.iso 2>/dev/null | awk -F':' '/boot sector/ { print $1 }')
if [[ -n "${ISO}" ]]; then
# NOTE: always keep 'initrd' at the end, as there is always a link with this name
for INITRD_NAME in elemental.initrd* initrd; do
INITRD_FILE=$(isoinfo -i ${ISO} -R -find -type f -name ${INITRD_NAME} -print 2>/dev/null)
if [[ -n "${INITRD_FILE}" ]]; then
isoinfo -i ${ISO} -R -x ${INITRD_FILE} 2>/dev/null \
| xz -dc \
| cpio -i --to-stdout usr/lib/initrd-release > os-release
eval $(grep IMAGE_TAG os-release 2>/dev/null)
# We found an initrd, stop here
break
fi
done
fi
# Export value (even if empty!)
echo "os_version=${IMAGE_TAG}" >> ${GITHUB_OUTPUT}
- name: Bootstrap node 1, 2 and 3 in pool "master" (use Emulated TPM if possible)
id: bootstrap_master_nodes
env:
EMULATE_TPM: true
POOL: master
VM_START: 1
VM_END: 3
run: cd tests && VM_INDEX=${VM_START} VM_NUMBERS=${VM_END} BOOT_TYPE=iso make e2e-bootstrap-node
# This step must be called in each worklow that wants a summary!
- name: Get logs and add summary
id: logs_summary
if: ${{ always() }}
uses: ./.github/actions/logs-and-summary
with:
ca_type: selfsigned
cert_manager_version: ${{ steps.component.outputs.cert_manager_version }}
cluster_type: ${{ inputs.test_type }}
k8s_downstream_version: ${{ inputs.k8s_downstream_version }}
k8s_upstream_version: ${{ inputs.k8s_upstream_version }}
node_number: 3
operator_version: ${{ steps.component.outputs.operator_version }}
os_to_test: ${{ inputs.os_to_test }}
os_version: ${{ steps.iso_version.outputs.os_version }}
rancher_image_version: ${{ steps.component.outputs.rancher_image_version }}
rancher_version: ${{ inputs.rancher_version }}
snap_type: ${{ inputs.snap_type }}
test_type: cli