feature: Add deploy workflow

.github/workflows/benchmark-pipeline.yaml

@@ -0,0 +1,74 @@
+name: benchmark-pipeline
+on:
+  workflow_dispatch:
+    inputs:
+      cncf_project:
+        description: Project to be deployed e.g. falco
+        required: true
+      cncf_project_sub:
+        description: Subcomponent if project has multiple variants they wish to test
+        required: false
+      version:
+        description: Version of project to be tested e.g. 0.37.0
+        required: true
+
+concurrency:
+  group: benchmark
+
+jobs:
+  deploy:
+    runs-on: ubuntu-22.04
+    steps:
+      - uses: actions/checkout@v4
+      - uses: azure/setup-kubectl@v4
+        with:
+          version: v1.30.2
+        id: install
+      - run: mkdir ~/.kube && echo ${{ secrets.KUBECONFIG }} > ~/.kube/config
+      - name: Select the manifest
+        run: |
+          MANIFEST=projects/${{ inputs.cncf_project }}
+          CNCF_PROJECT_SUB=${{ inputs.cncf_project_sub }}
+          if [[ -n $CNCF_PROJECT_SUB ]]; then
+            echo "Sub project provided"
+            MANIFEST=$MANIFEST/$CNCF_PROJECT_SUB.yaml
+          else
+            MANIFEST=$MANIFEST/${{ inputs.cncf_project }}.yaml
+          fi
+
+          if ! test -f "$MANIFEST"; then
+            echo "The provided inputs are invalid."
+            exit 1
+          fi
+
+          export VERSION=${{ inputs.version }}
+          envsubst < $MANIFEST > manifest.yaml
+      - uses: actions/upload-artifact@v4
+        with:
+          name: manifest
+          path: manifest.yaml
+      - name: Apply the manifest
+        run: |
+          kubectl apply -f manifest.yaml
+
+          kubectl wait pod \
+          --all \
+          --for=condition=Ready \
+          --namespace=benchmark
+
+  delete:
+    runs-on: ubuntu-22.04
+    needs: deploy
+    if: ${{ always() }}
+    steps:
+      - uses: actions/checkout@v4
+      - uses: azure/setup-kubectl@v4
+        with:
+          version: v1.30.2
+        id: install
+      - run: mkdir ~/.kube && echo ${{ secrets.KUBECONFIG }} > ~/.kube/config
+
+      - uses: actions/download-artifact@v4
+        with:
+          name: manifest
+      - run: kubectl delete -f manifest.yaml --wait

clusters/base/benchmark-namespace.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: benchmark

projects/falco/ebpf.yaml

@@ -0,0 +1,35 @@
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: GitRepository
+metadata:
+  name: falco-cncf-green-review-testing
+  namespace: benchmark
+spec:
+  interval: 6h
+  ref:
+    branch: main
+  url: https://github.com/falcosecurity/cncf-green-review-testing
+---
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: falco-cncf-green-review-testing
+  namespace: benchmark
+spec:
+  interval: 6h
+  path: ./kustomize
+  prune: true
+  retryInterval: 2m0s
+  sourceRef:
+    kind: GitRepository
+    name: falco-cncf-green-review-testing
+  targetNamespace: benchmark
+  timeout: 3m0s
+  wait: true
+  images:
+    - name: docker.io/falcosecurity/falco-no-driver
+      newTag: $VERSION
+    - name: docker.io/falcosecurity/falco-driver-loader
+      newTag: $VERSION
+  commonMetadata:
+    labels:
+      app.kubernetes.io/version: "$VERSION"

projects/falco/kmod.yaml

@@ -0,0 +1,35 @@
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: GitRepository
+metadata:
+  name: falco-cncf-green-review-testing
+  namespace: benchmark
+spec:
+  interval: 6h
+  ref:
+    branch: main
+  url: https://github.com/falcosecurity/cncf-green-review-testing
+---
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: falco-cncf-green-review-testing
+  namespace: benchmark
+spec:
+  interval: 6h
+  path: ./kustomize
+  prune: true
+  retryInterval: 2m0s
+  sourceRef:
+    kind: GitRepository
+    name: falco-cncf-green-review-testing
+  targetNamespace: benchmark
+  timeout: 3m0s
+  wait: true
+  images:
+    - name: docker.io/falcosecurity/falco-no-driver
+      newTag: $VERSION
+    - name: docker.io/falcosecurity/falco-driver-loader
+      newTag: $VERSION
+  commonMetadata:
+    labels:
+      app.kubernetes.io/version: "$VERSION"

projects/falco/modern-ebpf.yaml

@@ -0,0 +1,35 @@
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: GitRepository
+metadata:
+  name: falco-cncf-green-review-testing
+  namespace: benchmark
+spec:
+  interval: 6h
+  ref:
+    branch: main
+  url: https://github.com/falcosecurity/cncf-green-review-testing
+---
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: falco-cncf-green-review-testing
+  namespace: benchmark
+spec:
+  interval: 6h
+  path: ./kustomize
+  prune: true
+  retryInterval: 2m0s
+  sourceRef:
+    kind: GitRepository
+    name: falco-cncf-green-review-testing
+  targetNamespace: benchmark
+  timeout: 3m0s
+  wait: true
+  images:
+    - name: docker.io/falcosecurity/falco-no-driver
+      newTag: $VERSION
+    - name: docker.io/falcosecurity/falco-driver-loader
+      newTag: $VERSION
+  commonMetadata:
+    labels:
+      app.kubernetes.io/version: "$VERSION"