Skip to content

packages/kata-runtime: add guest hook support to genpolicy #141

packages/kata-runtime: add guest hook support to genpolicy

packages/kata-runtime: add guest hook support to genpolicy #141

Workflow file for this run

name: e2e peer-pods
on:
workflow_dispatch:
inputs:
image-id:
description: "ID of the guest VM image to test (default: build a fresh image)"
required: false
workflow_call:
inputs:
image-id:
description: "ID of the guest VM image to test (default: build a fresh image)"
type: string
required: false
pull_request:
paths:
- .github/workflows/e2e_peerpods.yml
- packages/test-peerpods.sh
- packages/by-name/cloud-api-adaptor/**
- packages/by-name/kata/**
- packages/by-name/image-podvm/**
- packages/nixos/**
jobs:
test:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: ./.github/actions/setup_nix
with:
githubToken: ${{ secrets.GITHUB_TOKEN }}
cachixToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
- name: Login to Azure
uses: azure/login@a65d910e8af852a8061c627c456678983e180302 # v2.2.0
with:
creds: ${{ secrets.CONTRAST_CI_INFRA_AZURE }}
- name: Test peer-pods
env:
azure_subscription_id: ${{ vars.AZURE_SUBSCRIPTION_ID }}
azure_image_id: ${{ inputs.image-id }}
azure_resource_group: contrast-ci
azure_location: germanywestcentral
CONTRAST_CACHE_DIR: "./workspace.cache"
run: |
ssh-keygen -t rsa -f ./infra/azure-peerpods/id_rsa -N ""
cat >infra/azure-peerpods/iam.auto.tfvars <<EOF
tenant_id = "${{ vars.AZURE_TENANT_ID }}"
client_id = "${{ vars.PEER_POD_CLIENT_ID_AZURE }}"
client_secret = "${{ secrets.PEER_POD_CLIENT_SECRET_AZURE }}"
resource_group = "contrast-ci"
EOF
nix run .#scripts.test-peerpods
- name: Terminate cluster
if: always()
run: |
nix run -L .#terraform -- -chdir=infra/azure-peerpods destroy --auto-approve