Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 0 additions & 14 deletions .github/workflows/basic.yml

This file was deleted.

197 changes: 6 additions & 191 deletions .github/workflows/validate.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,197 +5,12 @@ on:
push:
branches: [HEAD_BRANCH, main]

env:
kubeconform_ver: "0.4.13"
dyff_ver: "1.7.1"
clusterctl_ver: "1.2.0"
apptestctl_ver: "0.18.0"
kind_ver: "0.12.0"
GITOPS_FLUX_APP_VERSION: "1.10.0"
GITOPS_INIT_NAMESPACES: "default,org-org-name"
GITOPS_IGNORED_OBJECTS: "org-org-name/clusters-mapi-out-of-band-no-flux-direct"
permissions:
contents: read
pull-requests: write

jobs:
check-pre-commit:
runs-on: ubuntu-latest
steps:
- run: sudo snap install shfmt
- uses: actions/checkout@v3
- uses: actions/setup-python@v3
- name: cache pre-commit environment
uses: actions/cache@v4
with:
path: ~/.cache/pre-commit
key: ${{ runner.os }}-pre-commit-gitops-validate-${{ hashFiles('.pre-commit-config.yaml') }}
- uses: pre-commit/action@v3.0.1
validate:
needs: check-pre-commit
runs-on: ubuntu-latest
steps:
- run: sudo apt-get install -y yamllint
- run: curl -s https://fluxcd.io/install.sh | sudo bash
- uses: giantswarm/install-binary-action@v1
with:
binary: kubeconform
download_url: "https://github.com/yannh/kubeconform/releases/download/v${version}/kubeconform-linux-amd64.tar.gz"
smoke_test: "${binary} -v"
tarball_binary_path: "${binary}"
version: ${{ env.kubeconform_ver }}
- name: cache validation tools
uses: actions/cache@v4
with:
path: ~/.cache/pre-commit
key: ${{ runner.os }}-pre-commit-gitops-validate-${{ hashFiles('.pre-commit-config.yaml') }}
- uses: actions/checkout@v3
- name: run validation
uses: mathiasvr/command-output@v1
id: validate
with:
run: "./tools/test-all-ff validate"
- name: Find validation comment
uses: peter-evans/find-comment@v2
# We always want to look up the comment for the result of the previous `validation` step result message (whether current validation failed or not)
# See: https://docs.github.com/en/actions/learn-github-actions/expressions#always
if: always() && github.ref_name != 'main'
continue-on-error: true
id: fc
with:
issue-number: ${{ github.event.pull_request.number }}
comment-author: "github-actions[bot]"
body-includes: Validation output log
- name: Delete old comment
uses: winterjung/comment@fda92dbcb5e7e79cccd55ecb107a8a3d7802a469 # v1.1.0
# We always want to delete the comment for the result of the previous `validation` step result message (whether current validation failed or not)
# See: https://docs.github.com/en/actions/learn-github-actions/expressions#always
if: always() && github.ref_name != 'main'
continue-on-error: true
with:
type: delete
comment_id: ${{ steps.fc.outputs.comment-id }}
token: ${{ secrets.GITHUB_TOKEN }}
- name: Create or update validation comment
uses: peter-evans/create-or-update-comment@v2
# We always want to comment back the result of the current `validation` step (whether it failed or not)
# See: https://docs.github.com/en/actions/learn-github-actions/expressions#always
if: always() && github.ref_name != 'main'
with:
issue-number: ${{ github.event.pull_request.number }}
body: |
<details>
<summary> Validation output log </summary>
<!-- mandatory empty line -->

```
${{ steps.validate.outputs.stdout }}
```

</details>
<!-- mandatory empty line -->
get-diff:
runs-on: ubuntu-latest
needs: validate
if: github.event_name == 'pull_request'
steps:
- run: sudo apt-get install -y yamllint
- run: curl -s https://fluxcd.io/install.sh | sudo bash
- name: install dyff
uses: giantswarm/install-binary-action@v1
with:
binary: dyff
download_url: "https://github.com/homeport/dyff/releases/download/v${version}/dyff_${version}_linux_amd64.tar.gz"
smoke_test: "${binary} version"
tarball_binary_path: "${binary}"
version: ${{ env.dyff_ver }}
- run: which dyff
- uses: giantswarm/install-binary-action@v1
with:
binary: kubeconform
download_url: "https://github.com/yannh/kubeconform/releases/download/v${version}/kubeconform-linux-amd64.tar.gz"
smoke_test: "${binary} -v"
tarball_binary_path: "${binary}"
version: ${{ env.kubeconform_ver }}
- run: which kubeconform
- run: ls -la /opt/hostedtoolcache
- uses: actions/checkout@v3
- name: template all for the new branch
run: ./tools/test-all-ff template > /tmp/new.yaml
- uses: actions/checkout@v3
with:
ref: 'main'
path: 'old'
- name: template all for the old branch
run: cd old/ && ../tools/test-all-ff template > /tmp/old.yaml && cd ..
- name: save the diff
uses: mathiasvr/command-output@v1
id: diff
with:
run: 'dyff between -s -i -b -g /tmp/old.yaml /tmp/new.yaml && echo "No diff detected" || if [[ $? -eq 255 ]]; then echo "Diff error"; fi;'
- name: Find diff comment
uses: peter-evans/find-comment@v2
continue-on-error: true
id: fc
with:
issue-number: ${{ github.event.pull_request.number }}
comment-author: 'github-actions[bot]'
body-includes: Rendered manifest diff output log
- name: Delete old comment
uses: winterjung/comment@fda92dbcb5e7e79cccd55ecb107a8a3d7802a469 # v1.1.0
continue-on-error: true
with:
type: delete
comment_id: ${{ steps.fc.outputs.comment-id }}
token: ${{ secrets.GITHUB_TOKEN }}
- name: Create or update validation comment
uses: peter-evans/create-or-update-comment@v2
with:
issue-number: ${{ github.event.pull_request.number }}
body: |
<details>
<summary> Rendered manifest diff output log </summary>
<!-- mandatory empty line -->

```
${{ steps.diff.outputs.stdout }}
```

</details>
<!-- mandatory empty line -->
test_on_kind:
runs-on: ubuntu-latest
needs: validate
steps:
- uses: actions/checkout@v3
- name: install apptestctl
uses: giantswarm/install-binary-action@v1
with:
binary: apptestctl
download_url: "https://github.com/giantswarm/apptestctl/releases/download/v${version}/apptestctl-v${version}-linux-amd64.tar.gz"
smoke_test: "${binary} version"
tarball_binary_path: "apptestctl-v${version}-linux-amd64/${binary}"
version: ${{ env.apptestctl_ver }}
- name: install clusterctl
run: curl -sSL https://github.com/kubernetes-sigs/cluster-api/releases/download/v${{ env.clusterctl_ver }}/clusterctl-linux-amd64 -o /usr/local/bin/clusterctl && chmod +x /usr/local/bin/clusterctl && clusterctl version
- name: Create k8s Kind Cluster
uses: helm/kind-action@v1.3.0
with:
version: "v${{ env.kind_ver }}"
- name: extract kind kube.config
run: kind get kubeconfig --name 'chart-testing' > /tmp/kube.config
- name: Set up Python 3.9
uses: actions/setup-python@v4
with:
python-version: "3.9"
- name: Install pipenv
run: |
python -m pip install --upgrade pipenv
- name: install pipenv environment
run: cd tests/ats && pipenv install --deploy
- name: run tests
run: cd tests/ats && pipenv run pytest .
env:
KUBECONFIG: /tmp/kube.config
GITOPS_FLUX_APP_VERSION: "${{ env.GITOPS_FLUX_APP_VERSION }}"
GITOPS_INIT_NAMESPACES: "${{ env.GITOPS_INIT_NAMESPACES }}"
GITOPS_REPO_BRANCH: "${{ github.head_ref || github.ref_name }}"
GITOPS_REPO_URL: "${{ github.server_url }}/${{ github.repository }}"
GITOPS_MASTER_GPG_KEY: "${{ secrets.GITOPS_MASTER_GPG_KEY }}"
uses: giantswarm/github-workflows/.github/workflows/gitops-validate.yaml@main
secrets:
GITOPS_MASTER_GPG_KEY: ${{ secrets.GITOPS_MASTER_GPG_KEY }}
7 changes: 7 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,13 @@ following [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

### Changed

- CI: replaced the hand-maintained `validate.yaml` and `basic.yml` with a thin
caller to the new reusable
`giantswarm/github-workflows/.github/workflows/gitops-validate.yaml`. Behaviour
is unchanged (pre-commit, `./tools/test-all-ff validate`, rendered-manifest diff,
and the `tests/ats` kind e2e); the GitHub Actions pins are now maintained
centrally and on current releases, clearing the Node 20 / `set-output`
deprecation warnings.
- Bump `dyff_ver` from `1.5.4` to `1.7.1` in the existing rendered-manifest
diff job (`validate.yaml`), to standardize on the version used by the new
`yaml-diff` workflow.
Expand Down
Loading