name: e2e on: push: branches: - 'main' - 'release*' paths-ignore: - 'README.md' - 'docs/**' - '.github/config.yml' pull_request: branches: - 'main' - 'release*' paths-ignore: - 'README.md' - 'docs/**' - '.github/config.yml' jobs: e2e-test: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v2 - name: Unshallow run: git fetch --prune --unshallow - name: Set up Go uses: actions/setup-go@v2 with: go-version: 1.16 - name: Set up Helm uses: azure/setup-helm@v1 with: version: v3.5.0 - name: Set up chart-testing uses: helm/chart-testing-action@v2.0.1 - name: Cache Go modules uses: actions/cache@v1 with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ runner.os }}-go- - name: Test Policy run: | if [[ ${{ github.event_name }} == "push" ]] then GIT_BRANCH=${GITHUB_REF##*/} elif [[ ${{ github.event_name }} == "pull_request" ]] then GIT_BRANCH=${{ github.event.pull_request.base.ref }} fi CLI_PATH=cmd/cli/kubectl-kyverno go run $PWD/$CLI_PATH/main.go test https://github.com/kyverno/policies/$GIT_BRANCH go run $PWD/$CLI_PATH/main.go test https://github.com/kyverno/policies --git-branch $GIT_BRANCH go run $PWD/$CLI_PATH/main.go test https://github.com/kyverno/policies/pod-security/restricted -b $GIT_BRANCH go run $PWD/$CLI_PATH/main.go test ./test/cli/test-mutate go run $PWD/$CLI_PATH/main.go test ./test/cli/test go run $PWD/$CLI_PATH/main.go test ./test/cli/test-fail/missing-policy && exit 1 || exit 0 go run $PWD/$CLI_PATH/main.go test ./test/cli/test-fail/missing-rule && exit 1 || exit 0 go run $PWD/$CLI_PATH/main.go test ./test/cli/test-fail/missing-resource && exit 1 || exit 0 - name: gofmt check run: | if [ "$(gofmt -s -l . | wc -l)" -ne 0 ] then echo "The following files were found to be not go formatted:" gofmt -s -l . echo "Please run 'make fmt' to go format the above files." exit 1 fi - name: golangci-lint uses: reviewdog/action-golangci-lint@v1 - name: docker images build (AMD64) run: | make docker-build-all-amd64 - name : Create Kind Cluster and setup kustomize run: | make create-e2e-infrastruture - name: e2e testing run: | echo ">>> Install Kyverno" sed 's/imagePullPolicy:.*$/imagePullPolicy: IfNotPresent/g' ${GITHUB_WORKSPACE}/config/install.yaml | kubectl apply -f - kubectl apply -f ${GITHUB_WORKSPACE}/config/github/rbac.yaml chmod a+x ${GITHUB_WORKSPACE}/scripts/verify-deployment.sh sleep 50 echo ">>> Check kyverno" kubectl get pods -n kyverno ${GITHUB_WORKSPACE}/scripts/verify-deployment.sh -n kyverno kyverno sleep 20 echo ">>> Expose the Kyverno's service's metric server to the host" kubectl port-forward svc/kyverno-svc-metrics -n kyverno 8000:8000 & echo ">>> Run Kyverno e2e test" make test-e2e kubectl delete -f ${GITHUB_WORKSPACE}/config/install.yaml - name: Update chart values run: | sed -i -e "s|nameOverride:.*|nameOverride: kyverno|g" charts/kyverno/values.yaml sed -i -e "s|fullnameOverride:.*|fullnameOverride: kyverno|g" charts/kyverno/values.yaml sed -i -e "s|namespace:.*|namespace: kyverno|g" charts/kyverno/values.yaml sed -i -e "s|tag: # replaced in e2e tests|tag: $(git describe --match "v[0-9]*")|" charts/kyverno/values.yaml - name: Run chart-testing (install) run: | kubectl create namespace kyverno ct install --target-branch=main --namespace=kyverno --charts charts/kyverno - name: Run chart-testing (policies) run: | helm install kyverno charts/kyverno -n kyverno helm install kyverno-policies charts/kyverno-policies -n kyverno - name: Debug failure if: failure() run: | kubectl get mutatingwebhookconfigurations,validatingwebhookconfigurations kubectl -n kyverno get pod kubectl -n kyverno describe pod | grep -i events -A10 kubectl -n kyverno logs deploy/kyverno