Deprecate cloud-bench #594
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI - Integration Tests | |
on: | |
workflow_dispatch: | |
pull_request: | |
paths: | |
- '**.tf' | |
- '.github/workflows/**' | |
push: | |
branches: | |
- master | |
paths: | |
- '**.tf' | |
- '.github/workflows/**' | |
concurrency: terraform | |
jobs: | |
integration_test_eks: | |
concurrency: terraform-account | |
continue-on-error: true | |
name: Test-Kitchen-EKS | |
runs-on: ubuntu-latest | |
env: | |
TF_VAR_sysdig_secure_url: https://secure.sysdig.com | |
TF_VAR_sysdig_secure_api_token: ${{secrets.KUBELAB_SECURE_API_TOKEN}} | |
steps: | |
# remove this tf setup with 1.3.1 is released for github runner (it fixes an impacting bug) | |
# https://github.com/actions/runner-images/pull/6346 | |
# hashicorp/setup-terraform@v2 requires wrapper set to false | |
# https://github.com/newcontext-oss/kitchen-terraform/issues/411#issuecomment-953920206 | |
- uses: hashicorp/setup-terraform@v2 | |
with: | |
terraform_wrapper: false | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: 2.7 | |
bundler-cache: true | |
- name: Create kind cluster | |
uses: helm/[email protected] | |
# with: | |
# wait: 120s | |
- name: Run single-account-k8s test | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_QA_CLOUDNATIVE_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_QA_CLOUDNATIVE_SECRET_ACCESS_KEY }} | |
AWS_REGION: ${{ secrets.AWS_REGION }} | |
run: bundle exec kitchen test "single-account-k8s-aws" | |
- name: Inspect k8s failures | |
if: ${{ failure() }} | |
run: | | |
kubectl get namespaces | |
kubectl get deployments -n sfc-tests-kitchen-singlek8s | |
kubectl describe deployment cloud-connector -n sfc-tests-kitchen-singlek8s | |
kubectl logs deployment.apps/cloud-connector -n sfc-tests-kitchen-singlek8s | |
- name: Destroy single-account-k8s resources | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_QA_CLOUDNATIVE_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_QA_CLOUDNATIVE_SECRET_ACCESS_KEY }} | |
AWS_REGION: ${{ secrets.AWS_REGION }} | |
if: ${{ failure() }} | |
run: bundle exec kitchen destroy "single-account-k8s-aws" | |
- name: Run org-k8s test | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_QA_MANAGED_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_QA_MANAGED_SECRET_ACCESS_KEY }} | |
AWS_REGION: ${{ secrets.AWS_REGION }} | |
TF_VAR_org_accessKeyId: ${{ secrets.AWS_QA_MANAGED_ACCESS_KEY_ID }} | |
TF_VAR_org_secretAccessKey: ${{ secrets.AWS_QA_MANAGED_SECRET_ACCESS_KEY }} | |
TF_VAR_cloudnative_accessKeyId: ${{ secrets.AWS_QA_CLOUDNATIVE_ACCESS_KEY_ID }} | |
TF_VAR_cloudnative_secretAccessKey: ${{ secrets.AWS_QA_CLOUDNATIVE_SECRET_ACCESS_KEY }} | |
TF_VAR_region: ${{secrets.AWS_QA_MANAGED_RESOURCES_REGION }} | |
TF_VAR_cloudtrail_s3_name: ${{ secrets.AWS_QA_MANAGED_CLOUDTRAIL_NAME }} | |
run: bundle exec kitchen test "organizational-k8s-aws" | |
- name: Inspect k8s failures | |
if: ${{ failure() }} | |
run: | | |
kubectl get namespaces | |
kubectl get deployments -n sfc-tests-kitchen-singlek8s | |
kubectl describe deployment cloud-connector -n sfc-tests-kitchen-orgk8s | |
kubectl logs deployment.apps/cloud-connector -n sfc-tests-kitchen-orgk8s | |
- name: Destroy org-k8s test | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_QA_MANAGED_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_QA_MANAGED_SECRET_ACCESS_KEY }} | |
TF_VAR_org_accessKeyId: ${{ secrets.AWS_QA_MANAGED_ACCESS_KEY_ID }} | |
TF_VAR_org_secretAccessKey: ${{ secrets.AWS_QA_MANAGED_SECRET_ACCESS_KEY }} | |
TF_VAR_cloudnative_accessKeyId: ${{ secrets.AWS_QA_CLOUDNATIVE_ACCESS_KEY_ID }} | |
TF_VAR_cloudnative_secretAccessKey: ${{ secrets.AWS_QA_CLOUDNATIVE_SECRET_ACCESS_KEY }} | |
TF_VAR_region: ${{secrets.AWS_QA_MANAGED_RESOURCES_REGION }} | |
TF_VAR_cloudtrail_s3_name: ${{ secrets.AWS_QA_MANAGED_CLOUDTRAIL_NAME }} | |
AWS_REGION: ${{ secrets.AWS_REGION }} | |
if: ${{ failure() }} | |
run: bundle exec kitchen destroy "organizational-k8s-aws" | |
integration_test_ecs: | |
needs: integration_test_eks | |
concurrency: terraform-account | |
continue-on-error: true | |
name: Test-Kitchen-ECS | |
runs-on: ubuntu-latest | |
env: | |
TF_VAR_sysdig_secure_url: https://secure.sysdig.com | |
TF_VAR_sysdig_secure_api_token: ${{secrets.KUBELAB_SECURE_API_TOKEN}} | |
steps: | |
- uses: hashicorp/setup-terraform@v2 | |
with: | |
terraform_wrapper: false | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: 2.7 | |
bundler-cache: true | |
- name: Run single-account-ecs test | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_QA_CLOUDNATIVE_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_QA_CLOUDNATIVE_SECRET_ACCESS_KEY }} | |
AWS_REGION: ${{ secrets.AWS_REGION }} | |
run: bundle exec kitchen test "single-account-ecs-aws" | |
- name: Destroy single-account-ecs resources | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_QA_CLOUDNATIVE_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_QA_CLOUDNATIVE_SECRET_ACCESS_KEY }} | |
AWS_REGION: ${{ secrets.AWS_REGION }} | |
if: ${{ failure() }} | |
run: bundle exec kitchen destroy "single-account-ecs-aws" | |
- name: Run organizational test | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_QA_MANAGED_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_QA_MANAGED_SECRET_ACCESS_KEY }} | |
AWS_REGION: ${{ secrets.AWS_REGION }} | |
TF_VAR_sysdig_secure_for_cloud_member_account_id: ${{ secrets.AWS_QA_CLOUDNATIVE_ACCOUNT_ID }} | |
run: bundle exec kitchen test "organizational-aws" | |
- name: Destroy organizational resources | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_QA_MANAGED_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_QA_MANAGED_SECRET_ACCESS_KEY }} | |
AWS_REGION: ${{ secrets.AWS_REGION }} | |
TF_VAR_sysdig_secure_for_cloud_member_account_id: ${{ secrets.AWS_QA_CLOUDNATIVE_ACCOUNT_ID }} | |
if: ${{ failure() }} | |
run: bundle exec kitchen destroy "organizational-aws" | |
integration_test_app_runner: | |
needs: integration_test_ecs | |
concurrency: terraform-account | |
continue-on-error: true | |
name: Test-Kitchen-AppRunner | |
runs-on: ubuntu-latest | |
env: | |
TF_VAR_sysdig_secure_url: https://secure.sysdig.com | |
TF_VAR_sysdig_secure_api_token: ${{secrets.KUBELAB_SECURE_API_TOKEN}} | |
steps: | |
- uses: hashicorp/setup-terraform@v2 | |
with: | |
terraform_wrapper: false | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: 2.7 | |
bundler-cache: true | |
- name: Run single-account-apprunner test | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_QA_CLOUDNATIVE_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_QA_CLOUDNATIVE_SECRET_ACCESS_KEY }} | |
AWS_REGION: "eu-west-1" #APPRUNNER ONLY RUNS ON SOME REGIONS https://docs.aws.amazon.com/general/latest/gr/apprunner.html | |
run: bundle exec kitchen test "single-account-apprunner-aws" | |
- name: Destroy single-account-apprunner resources | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_QA_CLOUDNATIVE_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_QA_CLOUDNATIVE_SECRET_ACCESS_KEY }} | |
AWS_REGION: "eu-west-1" #APPRUNNER ONLY RUNS ON SOME REGIONS https://docs.aws.amazon.com/general/latest/gr/apprunner.html | |
if: ${{ failure() }} | |
run: bundle exec kitchen destroy "single-account-apprunner-aws" |