Skip to content
Update KubeOne cluster

Merge pull request #10 from kpython/increase-trivy-scan-timeout #57

Sign in to view logs

Merge pull request #10 from kpython/increase-trivy-scan-timeout

Merge pull request #10 from kpython/increase-trivy-scan-timeout #57

Workflow file for this run

.github/workflows/master.yml at 303dc0c
name: Update KubeOne cluster
on:
push:
branches: [ master ]
workflow_dispatch:
permissions:
contents: read
jobs:
deploy:
name: 'deploy cluster'
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Setup configuration data
if: github.ref == 'refs/heads/master'
env:
TF_OVERRIDE: ${{ secrets.TF_OVERRIDE }}
TF_CREDENTIALS: ${{ secrets.TF_CREDENTIALS }}
CONFIG: ${{ secrets.CONFIG }}
SSHKEY: ${{ secrets.SSHKEY }}
run: |
mkdir -p ~/.terraform.d || true
echo "${TF_CREDENTIALS}" > ~/.terraform.d/credentials.tfrc.json
echo "${TF_OVERRIDE}" > terraform/override.tf
echo "${CONFIG}" > config.yaml
echo "${SSHKEY}" > ssh_key_id_rsa
chmod 600 ssh_key_id_rsa
ssh-keygen -f ssh_key_id_rsa -y > ssh_key_id_rsa.pub
chmod 600 ssh_key_id_rsa.pub
- name: Setup SSH agent
uses: webfactory/[email protected]
if: github.ref == 'refs/heads/master'
with:
ssh-private-key: ${{ secrets.SSHKEY }}
- name: Setup tooling
run: |
make install-tools
sudo mv -f ~/bin/* /usr/local/bin/
- name: Run Config generation
if: github.ref == 'refs/heads/master'
run: make config
- name: Run Terraform
if: github.ref == 'refs/heads/master'
run: make terraform
- name: Install Kubernetes
if: github.ref == 'refs/heads/master'
run: make kubeone
- name: Deploy components
if: github.ref == 'refs/heads/master'
run: make deployments
- name: Cleanup
if: ${{ always() }}
run: |
rm -f config.yaml || true
rm -f kubeone-kubeconfig || true
rm -f credentials.yaml || true
rm -f terraform/terraform.tfvars || true
rm -f ~/.terraform.d/credentials.tfrc.json || true
rm -f ssh_key_id_rsa || true
rm -f ssh_key_id_rsa.pub || true
sonobuoy:
name: 'run sonobuoy testing'
needs: [ deploy ]
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup kubeconfig
if: github.ref == 'refs/heads/master'
env:
KUBECONFIG: ${{ secrets.KUBECONFIG }}
run: echo "${KUBECONFIG}" > kubeone-kubeconfig
- name: Run Sonobuoy
run: |
wget --quiet https://github.com/vmware-tanzu/sonobuoy/releases/download/v0.56.10/sonobuoy_0.56.10_linux_amd64.tar.gz
tar -xvzf sonobuoy_0.56.10_linux_amd64.tar.gz
chmod +x sonobuoy
export KUBECONFIG=kubeone-kubeconfig
./sonobuoy delete --wait || true
./sonobuoy run --mode quick --wait --plugin-env=e2e.E2E_EXTRA_ARGS=--non-blocking-taints=CriticalAddonsOnly,true,NoExecute,NoSchedule,node-role.kubernetes.io/control-plane
./sonobuoy status
results=$(./sonobuoy retrieve)
./sonobuoy results $results
./sonobuoy delete --wait
- name: Cleanup
if: ${{ always() }}
run: |
rm -f kubeone-kubeconfig || true
testsuite:
name: 'run kubernetes testsuite'
needs: [ sonobuoy ]
runs-on: ubuntu-latest
steps:
- name: Checkout kubernetes-testing
uses: actions/checkout@v3
with:
repository: swisscom/kubernetes-testing
ref: master
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: '2.7'
bundler-cache: true
- name: Setup configs
if: github.ref == 'refs/heads/master'
env:
KUBECONFIG: ${{ secrets.KUBECONFIG }}
TESTING_CONFIG: ${{ secrets.TESTING_CONFIG }}
run: |
echo "${KUBECONFIG}" > kubeone-kubeconfig
echo "${TESTING_CONFIG}" > config.yml
- name: Setup Chrome
uses: ./.github/actions/setup-chrome
- name: Run kubernetes-testing specs
run: |
export KUBECONFIG=kubeone-kubeconfig
make test
- name: Cleanup
if: ${{ always() }}
run: |
rm -f kubeone-kubeconfig || true
rm -f config.yml || true
rm -f config.yaml || true