feat: support distroless images in version probe #810
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Operator CI | |
| on: | |
| push: | |
| branches: [ main ] | |
| pull_request: | |
| branches: [ main ] | |
| env: | |
| kind-version: 'v0.31.0' | |
| permissions: | |
| contents: read | |
| statuses: write | |
| checks: write | |
| pull-requests: write | |
| jobs: | |
| changes: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| code: ${{ steps.filter.outputs.code }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| - name: Detect non-docs changes | |
| uses: dorny/paths-filter@v3 | |
| id: filter | |
| with: | |
| filters: | | |
| code: | |
| - '**' | |
| - '!**/*.md' | |
| - '!**/*.mdx' | |
| lint: | |
| runs-on: ubuntu-latest | |
| needs: [ changes ] | |
| if: needs.changes.outputs.code == 'true' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Go Tidy | |
| run: go mod tidy && git diff --exit-code | |
| - name: Check controller-gen generated | |
| run: make generate && git diff --exit-code | |
| - name: Check manifests generated | |
| run: make manifests && git diff --exit-code | |
| - name: Lint with golangci-lint | |
| uses: golangci/golangci-lint-action@v9 | |
| with: | |
| version: v2.12.2 | |
| - name: Lint with codespell | |
| uses: codespell-project/actions-codespell@v2.2 | |
| with: | |
| config: ci/.codespellrc | |
| - name: actionlint | |
| uses: raven-actions/actionlint@v2 | |
| with: | |
| flags: '-config-file ci/actionlint.yaml' | |
| check-crd-compat: | |
| # Only run on pull requests, and skip when the PR is explicitly labeled as | |
| # an intentional CRD-breaking change. The job is not part of ci-success-check, | |
| # so a failure here does not block the aggregate gate. | |
| needs: [ changes ] | |
| if: | | |
| needs.changes.outputs.code == 'true' && | |
| github.event_name == 'pull_request' && | |
| !contains(github.event.pull_request.labels.*.name, 'crd-breaking-change') | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Check CRD backward compatibility | |
| run: make check-crd-compat CRD_BASE_REF=${{ github.event.pull_request.base.sha }} | |
| bundle: | |
| runs-on: ubuntu-latest | |
| needs: [ changes ] | |
| if: needs.changes.outputs.code == 'true' | |
| env: | |
| VERSION: 0.0.1 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Generate bundle | |
| run: make bundle | |
| - name: Create k8s Kind Cluster | |
| uses: helm/kind-action@v1 | |
| with: | |
| cluster_name: 'test-bundle' | |
| version: ${{ env.kind-version }} | |
| - name: Export kubeconfig | |
| run: kind export kubeconfig --name test-bundle | |
| - name: Create bundle image | |
| run: make bundle-build | |
| - name: Load image into Kind cluster | |
| run: kind load docker-image ghcr.io/clickhouse/clickhouse-operator-bundle:v0.0.1 --name test-bundle | |
| - name: Run scorecard tests | |
| run: make scorecard | |
| build_and_test: | |
| runs-on: ubuntu-latest | |
| needs: [ changes ] | |
| if: needs.changes.outputs.code == 'true' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Go Mod | |
| run: go mod download | |
| - name: Go Mod Verify | |
| run: go mod verify | |
| - name: Build | |
| run: go build -v cmd/main.go | |
| - name: Run tests | |
| run: | | |
| go list ./... | grep -v /e2e | |
| make test-ci | |
| - name: Test Report | |
| uses: dorny/test-reporter@v3 | |
| if: ${{ !cancelled() }} | |
| with: | |
| name: Unit tests | |
| badge-title: Unit tests | |
| path: "**/report/*.xml" | |
| reporter: java-junit | |
| fuzz_specs: | |
| runs-on: ubuntu-latest | |
| needs: [ changes ] | |
| if: needs.changes.outputs.code == 'true' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Go Mod | |
| run: go mod download | |
| - name: Run fuzz tests | |
| run: make fuzz | |
| helm-test: | |
| runs-on: ubuntu-latest | |
| needs: [ changes ] | |
| if: needs.changes.outputs.code == 'true' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Install Helm | |
| run: curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash | |
| - name: Verify Helm installation | |
| run: helm version | |
| - name: Check helmchart generated | |
| run: make generate-helmchart-ci && git diff --exit-code dist/chart/ dist/chart-cluster/ | |
| - name: Build Helm Chart Dependencies | |
| run: make build-helmchart-dependencies | |
| - name: Lint Helm Chart | |
| run: helm lint ./dist/chart | |
| - name: Lint Cluster Helm Chart | |
| run: make lint-cluster-chart | |
| compat-e2e-test: | |
| runs-on: [ubuntu-latest] | |
| needs: [ changes ] | |
| if: needs.changes.outputs.code == 'true' | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - name: minimal-k8s-all-deploy-methods | |
| k8s_image: v1.28.15 | |
| clickhouse_version: "26.5" | |
| deploy_target: test-compat-e2e | |
| - name: maximal-k8s-all-deploy-methods | |
| k8s_image: v1.35.1 | |
| clickhouse_version: "26.5" | |
| deploy_target: test-compat-e2e | |
| - name: olm-deploy-method | |
| k8s_image: v1.28.15 | |
| clickhouse_version: "26.5" | |
| deploy_target: test-compat-e2e-olm | |
| - name: supported-clickhouse-compatibility | |
| k8s_image: v1.30.13 | |
| clickhouse_version: "26.5,26.5-distroless,26.4,26.3,25.8" | |
| deploy_target: test-compat-e2e-manifest | |
| - name: operator-upgrade | |
| k8s_image: v1.30.13 | |
| clickhouse_version: "26.5" | |
| deploy_target: test-compat-e2e-upgrade | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-tags: 'true' | |
| - name: Free disk space | |
| uses: jlumbroso/free-disk-space@v1.3.0 | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Create k8s Kind Cluster | |
| uses: helm/kind-action@v1 | |
| with: | |
| cluster_name: kind | |
| version: ${{ env.kind-version }} | |
| config: ci/kind-cluster.config | |
| node_image: "kindest/node:${{ matrix.k8s_image }}" | |
| - name: Go Mod | |
| run: go mod download | |
| - name: Install tools | |
| run: make operator-sdk opm | |
| - name: Pre-pull ClickHouse images into Kind | |
| run: | | |
| for version in $(echo "${{ matrix.clickhouse_version }}" | tr ',' ' '); do | |
| for image in clickhouse/clickhouse-keeper clickhouse/clickhouse-server; do | |
| docker pull "docker.io/${image}:${version}" | |
| kind load docker-image "docker.io/${image}:${version}" | |
| done | |
| done | |
| - name: Run compatibility e2e tests | |
| run: make ${{ matrix.deploy_target }} | |
| env: | |
| CLICKHOUSE_VERSION: ${{ matrix.clickhouse_version }} | |
| - name: Upload test report | |
| uses: actions/upload-artifact@v6 | |
| if: ${{ !cancelled() }} | |
| with: | |
| name: e2e-report-${{ matrix.name }} | |
| path: "**/report/*" | |
| if-no-files-found: error | |
| overwrite: true | |
| e2e-test: | |
| needs: [ lint, changes ] | |
| if: needs.changes.outputs.code == 'true' | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| shard: [ 1, 2, 3, 4 ] | |
| runs-on: [self-hosted, amd-medium] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Go Mod | |
| run: go mod download | |
| - name: Create k8s Kind Cluster | |
| uses: helm/kind-action@v1 | |
| with: | |
| cluster_name: kind | |
| version: ${{ env.kind-version }} | |
| config: ci/kind-cluster.config | |
| node_image: "kindest/node:v1.34.3" # Can't use newer node image as self-hosted runners use cgroups v1 | |
| - name: Run e2e tests | |
| env: | |
| E2E_SHARD_INDEX: ${{ matrix.shard }} | |
| E2E_SHARD_TOTAL: "4" | |
| run: make test-e2e | |
| - name: Upload test report | |
| uses: actions/upload-artifact@v6 | |
| if: ${{ !cancelled() }} | |
| with: | |
| name: e2e-report-shard-${{ matrix.shard }} | |
| path: "**/report/*" | |
| if-no-files-found: error | |
| overwrite: true | |
| e2e-report: | |
| needs: [ changes, compat-e2e-test, e2e-test ] | |
| runs-on: ubuntu-latest | |
| if: ${{ !cancelled() && needs.changes.outputs.code == 'true' }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| - name: Download all e2e test reports | |
| uses: actions/download-artifact@v8 | |
| with: | |
| pattern: e2e-report-* | |
| - name: Merge sharded e2e reports | |
| run: python3 ci/merge-junit-reports.py | |
| - name: Test Report | |
| uses: dorny/test-reporter@v3 | |
| with: | |
| name: E2E tests | |
| badge-title: E2E tests | |
| reporter: java-junit | |
| path: "**/*-report.xml" | |
| openshift-compat: | |
| needs: [ changes, compat-e2e-test, e2e-test ] | |
| if: | | |
| needs.changes.outputs.code == 'true' && | |
| ( github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository ) | |
| runs-on: [self-hosted, openshift, operator] | |
| continue-on-error: true | |
| timeout-minutes: 60 | |
| concurrency: | |
| group: openshift-compatibility | |
| cancel-in-progress: false | |
| permissions: | |
| contents: read | |
| packages: write | |
| env: | |
| KUBECONFIG: /home/runner/okd-install/auth/kubeconfig | |
| VERSION: 0.0.99-test | |
| IMG: ghcr.io/clickhouse/clickhouse-operator:test | |
| BUNDLE_IMG: ghcr.io/clickhouse/clickhouse-operator-bundle:test | |
| CATALOG_IMG: ghcr.io/clickhouse/clickhouse-operator-catalog:test | |
| SINGLE_BUNDLE_IMAGE: ghcr.io/clickhouse/clickhouse-operator-bundle:test | |
| OPENSHIFT_CATALOG_IMAGE: ghcr.io/clickhouse/clickhouse-operator-catalog:test | |
| OPENSHIFT_CHANNEL: stable-v0 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| with: | |
| persist-credentials: false | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Log in to ghcr.io | |
| uses: docker/login-action@v4 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and push test operator + bundle + catalog | |
| run: make docker-buildx bundle bundle-buildx catalog-buildx | |
| - name: Clean up cluster state from previous runs | |
| run: sudo /usr/local/bin/okd-cleanup.sh | |
| - name: Install OLM tooling | |
| run: make operator-sdk opm | |
| - name: Run OLM compatibility e2e | |
| run: make test-compat-e2e-olm-openshift | |
| - name: Test Report | |
| uses: dorny/test-reporter@v3 | |
| with: | |
| name: E2E tests | |
| badge-title: E2E tests | |
| reporter: java-junit | |
| path: "**/report/*" | |
| - name: Wipe workspace | |
| if: always() | |
| run: rm -rf "$GITHUB_WORKSPACE/.git" "$GITHUB_WORKSPACE/_work" || true | |
| ci-success-check: | |
| name: All CI checks passed | |
| runs-on: ubuntu-latest | |
| needs: [ changes, lint, bundle, build_and_test, fuzz_specs, helm-test, compat-e2e-test, e2e-test, check-crd-compat ] | |
| if: always() | |
| steps: | |
| - name: Determine CI status | |
| id: status | |
| run: | | |
| if [[ "${{ contains(needs.*.result, 'failure') }}" == "true" || "${{ contains(needs.*.result, 'cancelled') }}" == "true" ]]; then | |
| echo "One or more CI jobs failed or were cancelled" | |
| exit 1 | |
| else | |
| echo "All required jobs passed successfully" | |
| fi |