alihan/odo
1
0
Fork 0
mirror of https://github.com/redhat-developer/odo.git synced 2025-10-19 03:06:19 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
edfbf8b9d37978efd1ac73102f9de663f01cfbb3
odo/.github/workflows/ci-remote-clusters.yaml
dependabot[bot] 7c006dd7b5 GitHub Actions: Bump actions/setup-go from 4 to 5 (#7168) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-20 21:38:15 +00:00

111 lines
4.2 KiB
YAML
Raw Blame History

name: CI (Remote Clusters)
on:
# /!\ Warning: using the pull_request_target event to be able to read secrets. But using this event without the cautionary measures described below
# may allow unauthorized GitHub users to open a “pwn request” and exfiltrate secrets.
# As recommended in https://iterative.ai/blog/testing-external-contributions-using-github-actions-secrets,
# we are adding an 'authorize' job that checks if the workflow was triggered from a fork PR. In that case, the "external" environment
# will prevent the job from running until it's approved manually by human intervention.
pull_request_target:
branches: [ main ]
concurrency:
group: ${{ github.workflow }}-${{ github.event.number }}
cancel-in-progress: true
env:
IBM_CLOUD_API_KEY: ${{ secrets.IBM_CLOUD_API_KEY }}
IBM_CLOUD_REGION: 'eu-de'
CLUSTER_NAME: "odo-tests-openshift-cluster-tmp-pr-${{ github.event.number }}"
PR_HEAD_SHA: ${{ github.event.pull_request.head.sha }}
PR_NUMBER: ${{ github.event.number }}
jobs:
authorize:
# The 'external' environment is configured with the odo-maintainers team as required reviewers.
# All the subsequent jobs in this workflow 'need' this job, which will require manual approval for PRs coming from external forks.
# TODO(rm3l): list of authorized users that do not require manual review comes from the maintainers team and various robot accounts that handle automation in the repo => find a better way not to hardcode this list!
environment:
${{ (github.event.pull_request.head.repo.full_name == github.repository ||
contains(fromJSON('["odo-robot[bot]", "openshift-ci[bot]", "openshift-merge-robot", "openshift-ci-robot", "kadel", "rm3l"]'), github.actor)) &&
'internal' || 'external' }}
runs-on: ubuntu-latest
steps:
- run: echo ✓
build_odo:
runs-on: ubuntu-latest
needs: authorize
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha || github.ref }}
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: 'go.mod'
- name: Build odo
run: make bin
- run: |
chmod +x ./odo
./odo version
- name: 'Upload odo'
uses: actions/upload-artifact@v4
with:
name: odo_bin
path: odo
retention-days: 1
if-no-files-found: error
openshift_tests:
# TODO(rm3l): Test on Windows and test unauth as well?
runs-on: ubuntu-latest
needs: [authorize, build_odo]
env:
KUBERNETES: "false"
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha || github.ref }}
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: 'go.mod'
- name: Install IBM Cloud CLI
run: |
curl -fsSL https://clis.cloud.ibm.com/install/linux | sh
ibmcloud --version
ibmcloud config --check-version=false
ibmcloud plugin install -f kubernetes-service
- name: Authenticate with IBM Cloud CLI
run: ibmcloud login --apikey "${IBM_CLOUD_API_KEY}" --no-region --quiet
- name: Download odo from previous job
uses: actions/download-artifact@v4
with:
name: odo_bin
- name: Set odo in system path
run: |
chmod a+x ./odo
sudo mv ./odo /usr/local/bin/odo
- run: ibmcloud ks infra-permissions get --region "$IBM_CLOUD_REGION"
- name: Create OpenShift Cluster
run: |
ibmcloud oc cluster create classic --name "${CLUSTER_NAME}" \
--location wdc04 \
--version "4.13_openshift" \
--flavor b3c.4x16 \
--workers 1 \
--public-service-endpoint
- name: Generate Kubeconfig
run: |
ibmcloud ks cluster config --cluster "${CLUSTER_NAME}"
kubectl config current-context
- name: Cluster Integration Tests
run: make test-integration-cluster
- name: End-to-end Tests
run: test-e2e
- name: Teardown cluster
if: ${{ always() }}
run: |
ibmcloud oc cluster rm --cluster "${CLUSTER_NAME}" -f --force-delete-storage
Reference in New Issue View Git Blame Copy Permalink