Bump actions/checkout from 4 to 6 (#2490) #259
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Multicluster E2E tests | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - 'fleetshard/pkg/runtime/**' | |
| - 'fleetshard/pkg/reconciler/**' | |
| - '.github/workflows/multicluster-e2e.yaml' | |
| - 'scripts/ci/**' | |
| - 'scripts/lib/**' | |
| - 'internal/central/pkg/handlers/admin_central.go' | |
| - 'internal/central/pkg/services/central.go' | |
| - 'deploy/charts/fleetshard-sync/**' | |
| pull_request: | |
| types: [opened, synchronize, reopened, ready_for_review] | |
| paths: | |
| - 'fleetshard/pkg/runtime/**' | |
| - 'fleetshard/pkg/reconciler/**' | |
| - '.github/workflows/multicluster-e2e.yaml' | |
| - 'scripts/ci/**' | |
| - 'scripts/lib/**' | |
| - 'internal/central/pkg/handlers/admin_central.go' | |
| - 'internal/central/pkg/services/central.go' | |
| - 'deploy/charts/fleetshard-sync/**' | |
| # Cancel previous runs | |
| # see: https://docs.github.com/en/actions/how-tos/write-workflows/choose-when-workflows-run/control-workflow-concurrency | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref || github.run_id }} | |
| cancel-in-progress: true | |
| jobs: | |
| create-cluster: | |
| name: "Create Test Infra Clusters" | |
| runs-on: ubuntu-latest | |
| if: ${{ !github.event.pull_request.head.repo.fork && !github.event.pull_request.draft }} # do not run for PRs from forks and drafts | |
| environment: development | |
| strategy: | |
| matrix: | |
| name: [acscs1, acscs2] | |
| outputs: | |
| cluster_id: ${{ steps.cluster_id.outputs.short_sha }} | |
| steps: | |
| - name: Generate cluster ID | |
| id: cluster_id | |
| run: | | |
| # OSD cluster names are limited to 15 characters. | |
| # Use first 7 chars of commit SHA for traceability and uniqueness. | |
| # Format: <prefix>-<7-char-sha> (e.g., acscs1-a1b2c3d = 14 chars) | |
| SHORT_SHA=$(echo "${{ github.sha }}" | cut -c1-7) | |
| echo "short_sha=$SHORT_SHA" >> "$GITHUB_OUTPUT" | |
| - name: Create cluster | |
| uses: stackrox/actions/infra/create-cluster@v1 | |
| with: | |
| token: ${{ secrets.INFRA_TOKEN }} | |
| flavor: rosahcp | |
| name: ${{ matrix.name }}-${{ steps.cluster_id.outputs.short_sha }} | |
| description: "Used for acs-fleet-manager Multicluster E2E tests. Workflow run: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" | |
| lifespan: 3h | |
| args: nodes=3,machine-type=m5.2xlarge | |
| wait: true | |
| no-slack: true | |
| e2e-test: | |
| name: "Multicluster e2e tests" | |
| runs-on: ubuntu-latest | |
| if: ${{ !github.event.pull_request.head.repo.fork && !github.event.pull_request.draft }} # do not run for PRs from forks and drafts | |
| needs: [create-cluster] | |
| environment: development | |
| env: | |
| INFRA_TOKEN: ${{ secrets.INFRA_TOKEN }} | |
| AWS_AUTH_HELPER: "none" | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: Install infractl | |
| uses: stackrox/actions/infra/install-infractl@v1 | |
| - name: Install oc | |
| uses: redhat-actions/oc-installer@v1 | |
| - name: Check out code | |
| uses: actions/checkout@v6 | |
| - name: Set cluster credentials | |
| run: | | |
| set -eo pipefail | |
| SHORT_SHA=$(echo "${{ github.sha }}" | cut -c1-7) | |
| mkdir kube | |
| cluster1Conf="$(pwd)/kube/cluster1" | |
| url=$(infractl artifacts "acscs1-${SHORT_SHA}" --json | jq '.Artifacts[] | select(.Name=="kubeconfig") | .URL' -r) | |
| wget -O "$cluster1Conf" "$url" | |
| cluster2Conf="$(pwd)/kube/cluster2" | |
| url=$(infractl artifacts "acscs2-${SHORT_SHA}" --json | jq '.Artifacts[] | select(.Name=="kubeconfig") | .URL' -r) | |
| wget -O "$cluster2Conf" "$url" | |
| echo "CLUSTER_1_KUBECONFIG=$cluster1Conf" >> "$GITHUB_ENV" | |
| echo "CLUSTER_2_KUBECONFIG=$cluster2Conf" >> "$GITHUB_ENV" | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v5.1.1 | |
| with: | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/github | |
| - name: Set registry.redhat.io credentials | |
| run: | | |
| set -eo pipefail | |
| KUBECONFIG=$CLUSTER_1_KUBECONFIG oc get secret/pull-secret -n openshift-config --template='{{index .data ".dockerconfigjson" | base64decode}}' > dockercfg | |
| creds=$(jq '.auths."registry.redhat.io".auth' -r < dockercfg | base64 -d) | |
| user=$(echo "$creds" | cut -d':' -f1) | |
| pw=$(echo "$creds" | cut -d':' -f2) | |
| echo "RH_REGISTRY_USER=$user" >> "$GITHUB_ENV" | |
| echo "RH_REGISTRY_PW=$pw" >> "$GITHUB_ENV" | |
| - name: "Run" | |
| env: | |
| RUN_MULTICLUSTER_E2E: "true" | |
| ENABLE_CENTRAL_EXTERNAL_DOMAIN: "true" | |
| run: "scripts/ci/multicluster_tests/entrypoint.sh" | |
| cleanup-clusters: | |
| name: "Cleanup Test Infra Clusters" | |
| runs-on: ubuntu-latest | |
| needs: [create-cluster, e2e-test] | |
| # do not run for PRs from forks | |
| # keep the clusters in case of failure for debugging | |
| if: ${{ !github.event.pull_request.head.repo.fork && !github.event.pull_request.draft && (success() || cancelled()) }} | |
| environment: development | |
| env: | |
| INFRA_TOKEN: ${{ secrets.INFRA_TOKEN }} | |
| steps: | |
| - name: Install infractl | |
| uses: stackrox/actions/infra/install-infractl@v1 | |
| - name: Delete test clusters | |
| run: | | |
| set -o pipefail | |
| SHORT_SHA=$(echo "${{ github.sha }}" | cut -c1-7) | |
| infractl delete "acscs1-${SHORT_SHA}" | |
| infractl delete "acscs2-${SHORT_SHA}" | |
| exit 0 |