Integration [pull_request_target: b2e4a0cb6c1068bf2bc05514e83f103392fa8475]: #1971
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Tests: Integration" | |
run-name: "Integration [${{ github.event_name }}: ${{ github.event.pull_request.head.sha || github.event.push.after || github.event.workflow_run.head_sha}}]: ${{ github.event.workflow_run.head_commit.message }}" | |
on: | |
workflow_dispatch: | |
inputs: | |
workflow: | |
description: Tests to run | |
required: true | |
type: choice | |
options: | |
- all | |
- run-integration-tests-cf-env | |
- run-integration-tests-cf-env-with-client-creds | |
push: | |
tags: | |
- "v8.*" | |
- "v7.*" | |
pull_request_target: | |
branches: | |
- main | |
- v8 | |
- v7 | |
paths-ignore: | |
- "doc/**" | |
- ".gitpod.yml" | |
- "README.md" | |
jobs: | |
get-sha: | |
runs-on: ubuntu-latest | |
outputs: | |
gitRef: ${{steps.calculate.outputs.ref}} | |
steps: | |
- id: calculate | |
run: | | |
if [[ "${{ github.event_name }}" == "pull_request_target" ]]; then | |
echo "checkout pull request head ${{ github.event.pull_request.head.sha }}" | |
echo "ref=${{ github.event.pull_request.head.sha }}" >> $GITHUB_OUTPUT | |
elif [[ "${{ github.event_name }}" == "push" ]]; then | |
echo "checkout push request ${{github.event.push.after}}" | |
echo "ref=${{github.event.push.after}}" >> $GITHUB_OUTPUT | |
else | |
echo "checkout else ${{ github.event.workflow_run.head_sha }}" | |
echo "ref=${{github.event.workflow_run.head_sha}}" >> $GITHUB_OUTPUT | |
fi | |
units: | |
name: Basic units to gate for integration tests | |
runs-on: ubuntu-latest | |
needs: | |
- get-sha | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{needs.get-sha.outputs.gitRef}} | |
fetch-depth: 0 | |
- name: Set Up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version-file: go.mod | |
check-latest: true | |
- name: Run Units | |
run: make units | |
claim-env: | |
name: Claim and Prep Environment | |
outputs: | |
leaseid: ${{steps.claim.outputs.leaseid}} | |
defaults: | |
run: | |
shell: bash | |
runs-on: ubuntu-latest | |
container: us-west2-docker.pkg.dev/shepherd-268822/shepherd2/concourse-resource:latest | |
needs: | |
- get-sha | |
- units | |
steps: | |
- name: Checkout cli | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{needs.get-sha.outputs.gitRef}} | |
- name: claim | |
id: claim | |
env: | |
account_token: ${{ secrets.SHEPHERD_SERVICE_ACCOUNT_TOKEN }} | |
pool_name: ${{ vars.SHEPHERD_POOL_NAME }} | |
pool_namespace: official | |
run: | | |
shepherd login service-account ${account_token} | |
echo "shepherd create lease --duration 8h --pool ${pool_name} --pool-namespace ${pool_namespace} --namespace tas-devex --description 'CLI GHA'" | |
lease_id=$(shepherd create lease --duration 8h --pool ${pool_name} --pool-namespace ${pool_namespace} --namespace tas-devex --json | jq -r .id) | |
# Give sometime for the lease to complete. Shepherd may take upto an 3 hours to create an env | |
# if the pool is empty. | |
count=0 | |
while [ $count -lt 360 ] ; do | |
sleep 30 | |
status=$(shepherd get lease ${lease_id} --namespace tas-devex --json | jq -r .status) | |
if [ $status == "LEASED" ] ; then | |
shepherd get lease ${lease_id} --namespace tas-devex --json | jq .output > metadata.json | |
break | |
elif [ $status == "FAILED" -o $status == "EXPIRED" ] ; then | |
echo "There was an error obtaining the lease. Lease status is ${status}." | |
exit 1 | |
else | |
echo "Waiting for environment to be ready. Lease status is ${status}." | |
fi | |
count=$(($count+1)) | |
done | |
env_name=$(jq -r .name metadata.json) | |
echo "env name is ${env_name}" | |
echo "leaseid=${lease_id}" >> "${GITHUB_OUTPUT}" | |
cf_deployment_version=$(jq -r '."cf-deployment_version"' metadata.json) | |
echo "cf_deployment_version is ${cf_deployment_version}" | |
echo "cf_deployment_version=${cf_deployment_version}" >> "${GITHUB_OUTPUT}" | |
- name: Set Up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version-file: go.mod | |
check-latest: true | |
- name: Install Tools | |
run: | | |
go version | |
install_location=/usr/local/bin | |
bbl_artifact=bbl-v8.4.110_linux_x86-64 | |
bosh_cli_artifact=bosh-cli-7.7.2-linux-amd64 | |
curl https://github.com/cloudfoundry/bosh-bootloader/releases/download/v8.4.110/${bbl_artifact} --silent --location --output $install_location/bbl | |
chmod +x $install_location/bbl | |
bbl --version | |
curl https://github.com/cloudfoundry/bosh-cli/releases/download/v7.7.2/$bosh_cli_artifact --silent --output $install_location/bosh --location | |
chmod +x $install_location/bosh | |
bosh --version | |
apt-get update | |
apt-get install -y build-essential unzip | |
- name: Upload latest CAPI release | |
env: | |
capi_release_version: ${{ vars.CAPI_RELEASE_VERSION }} | |
run: | | |
if [ -z "$capi_release_version" ] | |
then | |
capi_release_version=$(curl -s https://api.github.com/repos/cloudfoundry/capi-release/releases/latest | jq -r .tag_name) | |
fi | |
echo "Latest CAPI release is $capi_release_version" | |
eval "$(bbl print-env --metadata-file metadata.json)" | |
env_name=$(jq -r .name metadata.json) | |
jq -r .bosh.jumpbox_private_key metadata.json > /tmp/${env_name}.priv | |
bosh upload-release "https://bosh.io/d/github.com/cloudfoundry/capi-release?v=$capi_release_version" | |
- name: Checkout cf-deployment | |
uses: actions/checkout@v4 | |
with: | |
repository: cloudfoundry/cf-deployment | |
path: cf-deployment | |
ref: ${{steps.claim.outputs.cf_deployment_version}} | |
- name: Deploy Isolation Segment and OIDC Provider | |
run: | | |
env_name=$(jq -r .name metadata.json) | |
jq -r .bosh.jumpbox_private_key metadata.json > /tmp/${env_name}.priv | |
eval "$(bbl print-env --metadata-file metadata.json)" | |
# deploy | |
bosh -d cf manifest > /tmp/manifest.yml | |
bosh interpolate /tmp/manifest.yml \ | |
-o cf-deployment/operations/use-internal-lookup-for-route-services.yml \ | |
-o cf-deployment/operations/add-persistent-isolation-segment-diego-cell.yml \ | |
-o .github/ops-files/use-latest-capi.yml \ | |
-o .github/ops-files/add-oidc-provider.yml \ | |
-o .github/ops-files/add-uaa-client-credentials.yml \ | |
-o .github/ops-files/diego-cell-instances.yml \ | |
-v client-secret="${{ secrets.CLIENT_SECRET }}" \ | |
> ./director.yml | |
bosh -d cf deploy director.yml -n | |
echo "Deployed CAPI version:" | |
bosh -d cf releases | grep capi | |
run-integration-tests-cf-env: | |
name: Integration tests | |
needs: | |
- get-sha | |
- units | |
- claim-env | |
if: ${{ github.event_name != 'workflow_dispatch' || inputs.workflow == 'all' || inputs.workflow == 'run-integration-tests-cf-env' }} | |
uses: ./.github/workflows/tests-integration-reusable.yml | |
with: | |
run-with-client-creds: false | |
os: ubuntu-latest | |
name: Integration | |
gitRef: ${{needs.get-sha.outputs.gitRef}} | |
lease-id: ${{ needs.claim-env.outputs.leaseid }} | |
secrets: inherit | |
run-integration-tests-cf-env-with-client-creds: | |
name: client creds | |
needs: | |
- get-sha | |
- units | |
- claim-env | |
if: ${{ github.event_name != 'workflow_dispatch' || inputs.workflow == 'all' || inputs.workflow == 'run-integration-tests-cf-env-with-client-creds' }} | |
uses: ./.github/workflows/tests-integration-reusable.yml | |
with: | |
run-with-client-creds: true | |
os: ubuntu-latest | |
name: Integration client creds | |
gitRef: ${{needs.get-sha.outputs.gitRef}} | |
lease-id: ${{ needs.claim-env.outputs.leaseid }} | |
secrets: inherit | |
unclaim-env: | |
name: Unclaim environment | |
runs-on: ubuntu-latest | |
container: us-west2-docker.pkg.dev/shepherd-268822/shepherd2/concourse-resource:latest | |
needs: | |
- claim-env | |
- run-integration-tests-cf-env | |
- run-integration-tests-cf-env-with-client-creds | |
if: always() | |
steps: | |
- name: unclaim | |
env: | |
account_token: ${{ secrets.SHEPHERD_SERVICE_ACCOUNT_TOKEN }} | |
run: | | |
shepherd login service-account ${account_token} | |
set -x | |
shepherd delete lease ${{ needs.claim-env.outputs.leaseid }} --namespace tas-devex |