mirror of
https://github.com/aljazceru/kata-containers.git
synced 2026-01-01 13:34:20 +01:00
24796d2f25
Since we are already checking that only an admin is triggering the job, let's go ahead and make sure we are testing against the PR itself. This will ensure that we are exercising changes to kata-deploy tooling, which is important for this test. While at it, cleanup and simplify some of the tarball creation. Fixes: #3586 Signed-off-by: Eric Ernst <eric_ernst@apple.com>
148 lines
5.3 KiB
YAML
148 lines
5.3 KiB
YAML
on:
|
|
issue_comment:
|
|
types: [created, edited]
|
|
|
|
name: test-kata-deploy
|
|
|
|
jobs:
|
|
check-comment-and-membership:
|
|
runs-on: ubuntu-latest
|
|
if: |
|
|
github.event.issue.pull_request
|
|
&& github.event_name == 'issue_comment'
|
|
&& github.event.action == 'created'
|
|
&& startsWith(github.event.comment.body, '/test_kata_deploy')
|
|
steps:
|
|
- name: Check membership
|
|
uses: kata-containers/is-organization-member@1.0.1
|
|
id: is_organization_member
|
|
with:
|
|
organization: kata-containers
|
|
username: ${{ github.event.comment.user.login }}
|
|
token: ${{ secrets.GITHUB_TOKEN }}
|
|
- name: Fail if not member
|
|
run: |
|
|
result=${{ steps.is_organization_member.outputs.result }}
|
|
if [ $result == false ]; then
|
|
user=${{ github.event.comment.user.login }}
|
|
echo Either ${user} is not part of the kata-containers organization
|
|
echo or ${user} has its Organization Visibility set to Private at
|
|
echo https://github.com/orgs/kata-containers/people?query=${user}
|
|
echo
|
|
echo Ensure you change your Organization Visibility to Public and
|
|
echo trigger the test again.
|
|
exit 1
|
|
fi
|
|
|
|
build-asset:
|
|
runs-on: ubuntu-latest
|
|
needs: check-comment-and-membership
|
|
strategy:
|
|
matrix:
|
|
asset:
|
|
- cloud-hypervisor
|
|
- firecracker
|
|
- kernel
|
|
- qemu
|
|
- rootfs-image
|
|
- rootfs-initrd
|
|
- shim-v2
|
|
steps:
|
|
- name: get-PR-ref
|
|
id: get-PR-ref
|
|
run: |
|
|
ref=$(cat $GITHUB_EVENT_PATH | jq -r '.issue.pull_request.url' | sed 's#^.*\/pulls#refs\/pull#' | sed 's#$#\/merge#')
|
|
echo "reference for PR: " ${ref}
|
|
echo "##[set-output name=pr-ref;]${ref}"
|
|
- uses: actions/checkout@v2
|
|
with:
|
|
ref: ${{ steps.get-PR-ref.outputs.pr-ref }}
|
|
|
|
- name: Install docker
|
|
run: |
|
|
curl -fsSL https://test.docker.com -o test-docker.sh
|
|
sh test-docker.sh
|
|
|
|
- name: Build ${{ matrix.asset }}
|
|
run: |
|
|
make "${KATA_ASSET}-tarball"
|
|
build_dir=$(readlink -f build)
|
|
# store-artifact does not work with symlink
|
|
sudo cp -r "${build_dir}" "kata-build"
|
|
env:
|
|
KATA_ASSET: ${{ matrix.asset }}
|
|
TAR_OUTPUT: ${{ matrix.asset }}.tar.gz
|
|
|
|
- name: store-artifact ${{ matrix.asset }}
|
|
uses: actions/upload-artifact@v2
|
|
with:
|
|
name: kata-artifacts
|
|
path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
|
|
if-no-files-found: error
|
|
|
|
create-kata-tarball:
|
|
runs-on: ubuntu-latest
|
|
needs: build-asset
|
|
steps:
|
|
- name: get-PR-ref
|
|
id: get-PR-ref
|
|
run: |
|
|
ref=$(cat $GITHUB_EVENT_PATH | jq -r '.issue.pull_request.url' | sed 's#^.*\/pulls#refs\/pull#' | sed 's#$#\/merge#')
|
|
echo "reference for PR: " ${ref}
|
|
echo "##[set-output name=pr-ref;]${ref}"
|
|
- uses: actions/checkout@v2
|
|
with:
|
|
ref: ${{ steps.get-PR-ref.outputs.pr-ref }}
|
|
- name: get-artifacts
|
|
uses: actions/download-artifact@v2
|
|
with:
|
|
name: kata-artifacts
|
|
path: kata-artifacts
|
|
- name: merge-artifacts
|
|
run: |
|
|
./tools/packaging/kata-deploy/local-build/kata-deploy-merge-builds.sh kata-artifacts
|
|
- name: store-artifacts
|
|
uses: actions/upload-artifact@v2
|
|
with:
|
|
name: kata-static-tarball
|
|
path: kata-static.tar.xz
|
|
|
|
kata-deploy:
|
|
needs: create-kata-tarball
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: get-PR-ref
|
|
id: get-PR-ref
|
|
run: |
|
|
ref=$(cat $GITHUB_EVENT_PATH | jq -r '.issue.pull_request.url' | sed 's#^.*\/pulls#refs\/pull#' | sed 's#$#\/merge#')
|
|
echo "reference for PR: " ${ref}
|
|
echo "##[set-output name=pr-ref;]${ref}"
|
|
- uses: actions/checkout@v2
|
|
with:
|
|
ref: ${{ steps.get-PR-ref.outputs.pr-ref }}
|
|
- name: get-kata-tarball
|
|
uses: actions/download-artifact@v2
|
|
with:
|
|
name: kata-static-tarball
|
|
- name: build-and-push-kata-deploy-ci
|
|
id: build-and-push-kata-deploy-ci
|
|
run: |
|
|
PR_SHA=$(git log --format=format:%H -n1)
|
|
mv kata-static.tar.xz $GITHUB_WORKSPACE/tools/packaging/kata-deploy/kata-static.tar.xz
|
|
docker build --build-arg KATA_ARTIFACTS=kata-static.tar.xz -t quay.io/kata-containers/kata-deploy-ci:$PR_SHA $GITHUB_WORKSPACE/tools/packaging/kata-deploy
|
|
docker login -u ${{ secrets.QUAY_DEPLOYER_USERNAME }} -p ${{ secrets.QUAY_DEPLOYER_PASSWORD }} quay.io
|
|
docker push quay.io/kata-containers/kata-deploy-ci:$PR_SHA
|
|
mkdir -p packaging/kata-deploy
|
|
ln -s $GITHUB_WORKSPACE/tools/packaging/kata-deploy/action packaging/kata-deploy/action
|
|
echo "::set-output name=PKG_SHA::${PR_SHA}"
|
|
- name: test-kata-deploy-ci-in-aks
|
|
uses: ./packaging/kata-deploy/action
|
|
with:
|
|
packaging-sha: ${{steps.build-and-push-kata-deploy-ci.outputs.PKG_SHA}}
|
|
env:
|
|
PKG_SHA: ${{steps.build-and-push-kata-deploy-ci.outputs.PKG_SHA}}
|
|
AZ_APPID: ${{ secrets.AZ_APPID }}
|
|
AZ_PASSWORD: ${{ secrets.AZ_PASSWORD }}
|
|
AZ_SUBSCRIPTION_ID: ${{ secrets.AZ_SUBSCRIPTION_ID }}
|
|
AZ_TENANT_ID: ${{ secrets.AZ_TENANT_ID }}
|