name: Run the Kata Containers CI on: workflow_call: inputs: commit-hash: required: true type: string pr-number: required: true type: string tag: required: true type: string target-branch: required: false type: string default: "" jobs: build-kata-static-tarball-amd64: uses: ./.github/workflows/build-kata-static-tarball-amd64.yaml with: tarball-suffix: -${{ inputs.tag }} commit-hash: ${{ inputs.commit-hash }} target-branch: ${{ inputs.target-branch }} publish-kata-deploy-payload-amd64: needs: build-kata-static-tarball-amd64 uses: ./.github/workflows/publish-kata-deploy-payload-amd64.yaml with: tarball-suffix: -${{ inputs.tag }} registry: ghcr.io repo: ${{ github.repository_owner }}/kata-deploy-ci tag: ${{ inputs.tag }}-amd64 commit-hash: ${{ inputs.commit-hash }} target-branch: ${{ inputs.target-branch }} secrets: inherit build-kata-static-tarball-s390x: uses: ./.github/workflows/build-kata-static-tarball-s390x.yaml with: tarball-suffix: -${{ inputs.tag }} commit-hash: ${{ inputs.commit-hash }} target-branch: ${{ inputs.target-branch }} publish-kata-deploy-payload-s390x: needs: build-kata-static-tarball-s390x uses: ./.github/workflows/publish-kata-deploy-payload-s390x.yaml with: tarball-suffix: -${{ inputs.tag }} registry: ghcr.io repo: ${{ github.repository_owner }}/kata-deploy-ci tag: ${{ inputs.tag }}-s390x commit-hash: ${{ inputs.commit-hash }} target-branch: ${{ inputs.target-branch }} secrets: inherit build-and-publish-tee-confidential-unencrypted-image: runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 with: ref: ${{ inputs.commit-hash }} fetch-depth: 0 - name: Rebase atop of the latest target branch run: | ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" env: TARGET_BRANCH: ${{ inputs.target-branch }} - name: Set up QEMU uses: docker/setup-qemu-action@v2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Login to Kata Containers ghcr.io uses: docker/login-action@v2 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Docker build and push uses: docker/build-push-action@v4 with: tags: ghcr.io/kata-containers/test-images:unencrypted-${{ inputs.pr-number }} push: true context: tests/integration/kubernetes/runtimeclass_workloads/confidential/unencrypted/ platforms: linux/amd64, linux/s390x file: tests/integration/kubernetes/runtimeclass_workloads/confidential/unencrypted/Dockerfile run-kata-deploy-tests-on-aks: needs: publish-kata-deploy-payload-amd64 uses: ./.github/workflows/run-kata-deploy-tests-on-aks.yaml with: registry: ghcr.io repo: ${{ github.repository_owner }}/kata-deploy-ci tag: ${{ inputs.tag }}-amd64 commit-hash: ${{ inputs.commit-hash }} pr-number: ${{ inputs.pr-number }} target-branch: ${{ inputs.target-branch }} secrets: inherit run-kata-deploy-tests-on-garm: needs: publish-kata-deploy-payload-amd64 uses: ./.github/workflows/run-kata-deploy-tests-on-garm.yaml with: registry: ghcr.io repo: ${{ github.repository_owner }}/kata-deploy-ci tag: ${{ inputs.tag }}-amd64 commit-hash: ${{ inputs.commit-hash }} pr-number: ${{ inputs.pr-number }} target-branch: ${{ inputs.target-branch }} secrets: inherit run-kata-monitor-tests: needs: build-kata-static-tarball-amd64 uses: ./.github/workflows/run-kata-monitor-tests.yaml with: tarball-suffix: -${{ inputs.tag }} commit-hash: ${{ inputs.commit-hash }} target-branch: ${{ inputs.target-branch }} run-k8s-tests-on-aks: needs: publish-kata-deploy-payload-amd64 uses: ./.github/workflows/run-k8s-tests-on-aks.yaml with: registry: ghcr.io repo: ${{ github.repository_owner }}/kata-deploy-ci tag: ${{ inputs.tag }}-amd64 commit-hash: ${{ inputs.commit-hash }} pr-number: ${{ inputs.pr-number }} target-branch: ${{ inputs.target-branch }} secrets: inherit run-k8s-tests-on-garm: needs: publish-kata-deploy-payload-amd64 uses: ./.github/workflows/run-k8s-tests-on-garm.yaml with: registry: ghcr.io repo: ${{ github.repository_owner }}/kata-deploy-ci tag: ${{ inputs.tag }}-amd64 commit-hash: ${{ inputs.commit-hash }} pr-number: ${{ inputs.pr-number }} target-branch: ${{ inputs.target-branch }} secrets: inherit run-k8s-tests-with-crio-on-garm: needs: publish-kata-deploy-payload-amd64 uses: ./.github/workflows/run-k8s-tests-with-crio-on-garm.yaml with: registry: ghcr.io repo: ${{ github.repository_owner }}/kata-deploy-ci tag: ${{ inputs.tag }}-amd64 commit-hash: ${{ inputs.commit-hash }} pr-number: ${{ inputs.pr-number }} target-branch: ${{ inputs.target-branch }} secrets: inherit run-kata-coco-tests: needs: [publish-kata-deploy-payload-amd64, build-and-publish-tee-confidential-unencrypted-image] uses: ./.github/workflows/run-kata-coco-tests.yaml with: registry: ghcr.io repo: ${{ github.repository_owner }}/kata-deploy-ci tag: ${{ inputs.tag }}-amd64 commit-hash: ${{ inputs.commit-hash }} pr-number: ${{ inputs.pr-number }} target-branch: ${{ inputs.target-branch }} run-k8s-tests-on-zvsi: needs: [publish-kata-deploy-payload-s390x, build-and-publish-tee-confidential-unencrypted-image] uses: ./.github/workflows/run-k8s-tests-on-zvsi.yaml with: registry: ghcr.io repo: ${{ github.repository_owner }}/kata-deploy-ci tag: ${{ inputs.tag }}-s390x commit-hash: ${{ inputs.commit-hash }} pr-number: ${{ inputs.pr-number }} target-branch: ${{ inputs.target-branch }} run-metrics-tests: needs: build-kata-static-tarball-amd64 uses: ./.github/workflows/run-metrics.yaml with: tarball-suffix: -${{ inputs.tag }} commit-hash: ${{ inputs.commit-hash }} target-branch: ${{ inputs.target-branch }} run-basic-amd64-tests: needs: build-kata-static-tarball-amd64 uses: ./.github/workflows/basic-ci-amd64.yaml with: tarball-suffix: -${{ inputs.tag }} commit-hash: ${{ inputs.commit-hash }} target-branch: ${{ inputs.target-branch }} run-cri-containerd-tests-s390x: needs: build-kata-static-tarball-s390x uses: ./.github/workflows/run-cri-containerd-tests-s390x.yaml with: tarball-suffix: -${{ inputs.tag }} commit-hash: ${{ inputs.commit-hash }} target-branch: ${{ inputs.target-branch }}