-
Notifications
You must be signed in to change notification settings - Fork 10
238 lines (205 loc) · 8.01 KB
/
tests.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
name: tests
concurrency:
# Run only for most recent commit in PRs but for all tags and commits on main
# Ref: https://docs.github.com/en/actions/using-jobs/using-concurrency
group: ${{ github.workflow }}-${{ github.head_ref || github.sha }}
cancel-in-progress: true
on:
pull_request:
branches:
- 'main'
push:
branches:
- 'main'
workflow_dispatch: {}
jobs:
installer-tests:
timeout-minutes: ${{ fromJSON(vars.GHA_DEFAULT_TIMEOUT) }}
runs-on: ubuntu-latest
steps:
- name: checkout repository
uses: actions/checkout@v4
- name: run installer script
env:
GITHUB_TOKEN: ${{ github.token }}
run: ./docs/install.sh
- name: run ktf to verify if it installed properly to a desired location
run: ~/.local/bin/ktf
unit-tests:
timeout-minutes: ${{ fromJSON(vars.GHA_DEFAULT_TIMEOUT) }}
runs-on: ubuntu-latest
steps:
- name: checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: setup golang
uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: run unit tests
run: make test.unit
# We're using a retry mechanism for codecov to ensure we do get the reports
# uploaded. The alternative is to use fail_ci_if_error: false, but that
# somewhat defeats the purpose of uploading those reports. Why bother uploading
# if we don't care if the upload's successful?
- name: Upload coverage to Codecov
if: steps.detect_if_should_run.outputs.result == 'true'
uses: Wandalen/[email protected]
with:
action: codecov/codecov-action@v3
with: |
token: ${{ secrets.CODECOV_TOKEN }}
fail_ci_if_error: true
flags: unit-test
files: unit.coverage.out
verbose: true
attempt_limit: 10
attempt_delay: 30000
setup-integration-tests:
timeout-minutes: ${{ fromJSON(vars.GHA_DEFAULT_TIMEOUT) }}
runs-on: ubuntu-latest
outputs:
test_names: ${{ steps.set_test_names.outputs.test_names }}
steps:
- uses: actions/checkout@v4
- id: set_test_names
name: Set test names
working-directory: test/integration/
# grep magic described in https://unix.stackexchange.com/a/13472
# sed to add the extra $ is because some of our test names overlap. we need it so the -run regex only matches one test
run: |
echo "test_names=$(grep -shoP "(?<=^func )(Test[a-zA-z_0-9]+)(?=\(t \*testing.T\) {)" * | sed -e "s/$/\$/"| jq -R . | jq -cs .)" >> $GITHUB_OUTPUT
- name: Print test names
run: echo "Test names ${{ steps.set_test_names.outputs.test_names }}"
integration-tests:
needs:
- setup-integration-tests
strategy:
fail-fast: false
matrix:
test: ${{ fromJSON(needs.setup-integration-tests.outputs.test_names) }}
runs-on: ubuntu-latest
steps:
# This step is needed to avoid running the integration tests requiring an enterprise license
# if the secrets are not available.
- name: Detect if we should run test cases requring an enterprise license (have required secrets)
id: detect_if_should_run_enterprise
run: echo "result=${{ secrets.PULP_PASSWORD != '' }}" >> $GITHUB_OUTPUT
- name: Set environment variable to enable test cases requiring an enterprise license
if: steps.detect_if_should_run_enterprise.outputs.result == 'true'
id: set_run_enterprise_env
run: echo "KTF_TEST_RUN_ENTERPRISE_CASES=true" >> $GITHUB_ENV
- name: checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: Kong/kong-license@master
if: steps.detect_if_should_run_enterprise.outputs.result == 'true'
id: license
with:
op-token: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
- name: setup golang
uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: run integration test ${{ matrix.test }}
run: make test.integration
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
KTF_TEST_KONG_PULL_USERNAME: ${{ secrets.GHA_DOCKERHUB_PULL_USER }}
KTF_TEST_KONG_PULL_PASSWORD: ${{ secrets.GHA_KONG_ORG_DOCKERHUB_PUBLIC_TOKEN }}
KONG_LICENSE_DATA: ${{ steps.license.outputs.license }}
TEST_RUN: ${{ matrix.test }}
NCPU: 1
# We're using a retry mechanism for codecov to ensure we do get the reports
# uploaded. The alternative is to use fail_ci_if_error: false, but that
# somewhat defeats the purpose of uploading those reports. Why bother uploading
# if we don't care if the upload's successful?
- name: Upload coverage to Codecov
uses: Wandalen/[email protected]
with:
action: codecov/codecov-action@v3
with: |
token: ${{ secrets.CODECOV_TOKEN }}
fail_ci_if_error: true
flags: integration-test
files: integration.coverage.out
verbose: true
attempt_limit: 10
attempt_delay: 30000
integration-tests-passed:
timeout-minutes: ${{ fromJSON(vars.GHA_DEFAULT_TIMEOUT) }}
needs: integration-tests
if: always()
runs-on: ubuntu-latest
steps:
- if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled')
run: |
echo "Some jobs failed or were cancelled."
exit 1
setup-e2e-tests:
timeout-minutes: ${{ fromJSON(vars.GHA_DEFAULT_TIMEOUT) }}
runs-on: ubuntu-latest
outputs:
test_names: ${{ steps.set_test_names.outputs.test_names }}
steps:
- uses: actions/checkout@v4
- id: set_test_names
name: Set test names
working-directory: test/e2e/
# grep magic described in https://unix.stackexchange.com/a/13472
# sed to add the extra $ is because some of our test names overlap. we need it so the -run regex only matches one test
run: |
echo "test_names=$(grep -shoP "(?<=^func )(Test[a-zA-z_0-9]+)(?=\(t \*testing.T\) {)" * | sed -e "s/$/\$/"| jq -R . | jq -cs .)" >> $GITHUB_OUTPUT
- name: Print test names
run: echo "Test names ${{ steps.set_test_names.outputs.test_names }}"
e2e-tests:
needs:
- setup-e2e-tests
strategy:
fail-fast: false
matrix:
test: ${{ fromJSON(needs.setup-e2e-tests.outputs.test_names) }}
environment: gcloud
runs-on: ubuntu-latest
steps:
# This step is needed to avoid running the e2e tests if the secrets are not available.
# TODO: remove this step once we have a way to run integration tests on forks.
# https://github.com/Kong/kubernetes-testing-framework/issues/596
- name: Detect if we should run (have required secrets)
id: detect_if_should_run
run: echo "result=${{ secrets.PULP_PASSWORD != '' && secrets.GOOGLE_APPLICATION_CREDENTIALS != '' }}" >> $GITHUB_OUTPUT
- uses: Kong/kong-license@master
if: steps.detect_if_should_run.outputs.result == 'true'
id: license
with:
op-token: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
- name: checkout repository
if: steps.detect_if_should_run.outputs.result == 'true'
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: setup golang
if: steps.detect_if_should_run.outputs.result == 'true'
uses: actions/setup-go@v5
with:
go-version: '^1.19'
- name: run e2e tests
if: steps.detect_if_should_run.outputs.result == 'true'
run: make test.e2e
env:
TEST_RUN: ${{ matrix.test }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GOOGLE_APPLICATION_CREDENTIALS: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }}
GOOGLE_PROJECT: ${{ secrets.GOOGLE_PROJECT }}
GOOGLE_LOCATION: ${{ secrets.GOOGLE_LOCATION }}
KONG_LICENSE_DATA: ${{ steps.license.outputs.license }}
e2e-tests-passed:
timeout-minutes: ${{ fromJSON(vars.GHA_DEFAULT_TIMEOUT) }}
needs: e2e-tests
if: always() && !contains(needs.*.result, 'failure')
runs-on: ubuntu-latest
steps:
- name: e2e tests pased
run: echo all e2e tests passed