-
Notifications
You must be signed in to change notification settings - Fork 20
159 lines (140 loc) · 6.37 KB
/
conformance-gke.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
name: ConformanceGKE (ci-gke)
# Any change in triggers needs to be reflected in the concurrency group.
on:
push:
branches:
- master
env:
clusterName: ${{ github.repository_owner }}-${{ github.event.repository.name }}-${{ github.run_id }}
zone: us-west2-a
# https://cloud.google.com/blog/products/containers-kubernetes/kubectl-auth-changes-in-gke
USE_GKE_GCLOUD_AUTH_PLUGIN: True
jobs:
installation-and-connectivity:
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- name: Checkout code
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
with:
fetch-depth: 0
persist-credentials: false
- name: Set up job variables
id: vars
run: |
# Get last commit message
readonly local last_commit_log=$(git log -1 --grep "^Add cilium" --pretty=format:"%s")
echo "last commit log: $last_commit_log"
readonly local chart_version=$(echo "$last_commit_log" | grep -Eo "Add cilium [^@]+" | sed 's/Add\ cilium\ //' )
echo "Helm chart detected version: '${chart_version}'"
if [[ -n "${chart_version}" ]]; then
echo ::set-output name=chartVersion::${chart_version}
fi
echo ::set-output name=owner::${{ github.sha }}
- name: Should it be e2e tested?
run: |
if [[ -z "${{ steps.vars.outputs.chartVersion }}" ]]; then
echo "Not running helm e2e tests since the helm chart version was not detected in commit message"
echo "Expected format: 'Add cilium <chart-version>@<upstream-commit-sha>'"
exit 78
fi
- name: Install Cilium CLI
run: |
curl -LO https://github.com/cilium/cilium-cli/releases/latest/download/cilium-linux-amd64.tar.gz
curl -sSL --remote-name-all https://github.com/cilium/cilium-cli/releases/latest/download/cilium-linux-amd64.tar.gz{,.sha256sum}
sha256sum --check cilium-linux-amd64.tar.gz.sha256sum
sudo tar xzvfC cilium-linux-amd64.tar.gz /usr/local/bin
rm cilium-linux-amd64.tar.gz{,.sha256sum}
- name: Set up gcloud credentials
id: 'auth'
uses: 'google-github-actions/auth@ef5d53e30bbcd8d0836f4288f5e50ff3e086997d'
with:
credentials_json: '${{ secrets.GCP_PR_SA_KEY }}'
- name: Set up gcloud CLI
uses: google-github-actions/setup-gcloud@62d4898025f6041e16b1068643bfc5a696863587
with:
project_id: ${{ secrets.GCP_PROJECT_ID }}
- name: Display gcloud CLI info
run: |
gcloud info
- name: Install gke-gcloud-auth-plugin
run: |
gcloud components install gke-gcloud-auth-plugin
- name: Create GKE cluster
run: |
gcloud container clusters create ${{ env.clusterName }} \
--labels "usage=${{ github.repository_owner }}-${{ github.event.repository.name }},owner=${{ steps.vars.outputs.owner }}" \
--zone ${{ env.zone }} \
--enable-ip-alias \
--create-subnetwork="range=/26" \
--cluster-ipv4-cidr="/21" \
--services-ipv4-cidr="/24" \
--image-type COS_CONTAINERD \
--num-nodes 2 \
--machine-type e2-custom-2-4096 \
--disk-type pd-standard \
--disk-size 20GB \
--node-taints node.cilium.io/agent-not-ready=true:NoSchedule \
- name: Get cluster credentials
run: |
gcloud container clusters get-credentials ${{ env.clusterName }} --zone ${{ env.zone }}
- name: Install Cilium
run: |
NATIVE_CIDR="$(gcloud container clusters describe ${{ env.clusterName }} --zone ${{ env.zone }} --format 'value(clusterIpv4Cidr)')"
echo "NATIVE_CIDR $NATIVE_CIDR"
helm repo add cilium https://helm.cilium.io
helm repo update
if [[ ${{ steps.vars.outputs.chartVersion }} == 1.11.* ]]; then
helm install cilium cilium/cilium --version ${{ steps.vars.outputs.chartVersion }} \
--namespace kube-system \
--set nodeinit.enabled=true \
--set nodeinit.reconfigureKubelet=true \
--set nodeinit.removeCbrBridge=true \
--set cni.binPath=/home/kubernetes/bin \
--set gke.enabled=true \
--set ipam.mode=kubernetes \
--set nativeRoutingCIDR="${NATIVE_CIDR}"
elif [[ ${{ steps.vars.outputs.chartVersion }} == 1.10.* ]]; then
helm install cilium cilium/cilium --version ${{ steps.vars.outputs.chartVersion }} \
--namespace kube-system \
--set nodeinit.enabled=true \
--set nodeinit.reconfigureKubelet=true \
--set nodeinit.removeCbrBridge=true \
--set cni.binPath=/home/kubernetes/bin \
--set gke.enabled=true \
--set ipam.mode=kubernetes \
--set nativeRoutingCIDR="${NATIVE_CIDR}"
else
helm install cilium cilium/cilium --version ${{ steps.vars.outputs.chartVersion }} \
--namespace kube-system \
--set nodeinit.enabled=true \
--set nodeinit.reconfigureKubelet=true \
--set nodeinit.removeCbrBridge=true \
--set cni.binPath=/home/kubernetes/bin \
--set gke.enabled=true \
--set ipam.mode=kubernetes \
--set ipv4NativeRoutingCIDR="${NATIVE_CIDR}"
fi
- name: Run connectivity test
run: |
cilium status --wait
cilium connectivity test
- name: Post-test information gathering
if: ${{ failure() }}
run: |
cilium status
kubectl get pods --all-namespaces -o wide -v=6
cilium sysdump --output-filename cilium-sysdump-out
shell: bash {0} # Disable default fail-fast behaviour so that all commands run independently
- name: Clean up GKE
if: ${{ always() }}
run: |
gcloud container clusters delete ${{ env.clusterName }} --zone ${{ env.zone }} --quiet --async
shell: bash {0} # Disable default fail-fast behaviour so that all commands run independently
- name: Upload artifacts
if: ${{ failure() }}
uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8
with:
name: cilium-sysdump-out.zip
path: cilium-sysdump-out.zip
retention-days: 5