-
Notifications
You must be signed in to change notification settings - Fork 66
131 lines (115 loc) · 3.8 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
name: Continuous Integration
on:
workflow_dispatch: null
push:
branches:
- main
pull_request_target: null
permissions:
contents: read
pull-requests: read
actions: read
concurrency:
group: ci-${{ github.event.pull_request.number || github.ref_name }}
cancel-in-progress: true
jobs:
changes:
runs-on: ubuntu-latest
outputs:
paths: ${{ steps.filter.outputs.changes }}
steps:
- uses: actions/[email protected]
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Harden Runner
uses: step-security/harden-runner@v2
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:443
- uses: dorny/paths-filter@v3
id: filter
with:
base: ${{ github.ref }}
filters: .github/filters.yml
codecov:
runs-on: ubuntu-latest
environment: ${{ github.event.pull_request.head.repo.fork == true && 'prod-external' || 'prod' }}
needs: changes
if: ${{ contains(fromJSON(needs.changes.outputs.paths), 'src') }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@v2
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:443
golang.org:443
proxy.golang.org:443
sum.golang.org:443
objects.githubusercontent.com:443
storage.googleapis.com:443
cli.codecov.io:443
api.codecov.io:443
ingest.codecov.io:443
raw.githubusercontent.com:443
- uses: actions/[email protected]
with:
ref: ${{ github.event.pull_request.head.sha }}
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true
- name: Test
run: make test
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@v5
with:
files: ./coverage.out
verbose: true
token: ${{ secrets.CODECOV_TOKEN }}
slug: linode/linode-cloud-controller-manager
e2e-tests:
runs-on: ubuntu-latest
environment: ${{ github.event.pull_request.head.repo.fork == true && 'prod-external' || 'prod' }}
needs: changes
if: ${{ contains(fromJSON(needs.changes.outputs.paths), 'src') }}
env:
GITHUB_TOKEN: ${{ secrets.github_token }}
LINODE_TOKEN: ${{ secrets.LINODE_TOKEN }}
IMG: linode/linode-cloud-controller-manager:${{ github.event_name == 'push' && github.ref == 'refs/heads/main' && 'latest' || format('pr-{0}', github.event.pull_request.number) || github.ref_name }}
LINODE_REGION: us-lax
LINODE_CONTROL_PLANE_MACHINE_TYPE: g6-standard-2
LINODE_MACHINE_TYPE: g6-standard-2
WORKER_NODES: '2'
steps:
- uses: actions/[email protected]
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version-file: 'go.mod'
check-latest: true
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Install devbox
uses: jetify-com/[email protected]
- name: Setup CAPL Management Kind Cluster and CAPL Child Cluster For Testing
run: devbox run mgmt-and-capl-cluster
- name: Run E2E Tests
run: devbox run e2e-test
- name: Run Cilium BGP e2e test
run: devbox run e2e-test-bgp
- name: Run subnet filtering test
run: devbox run e2e-test-subnet
- name: Cleanup Resources
if: always()
run: devbox run cleanup-cluster