-
Notifications
You must be signed in to change notification settings - Fork 6
Expand file tree
/
Copy pathaction.yml
More file actions
200 lines (190 loc) · 8.47 KB
/
action.yml
File metadata and controls
200 lines (190 loc) · 8.47 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
name: "Astarte Local Cluster"
description: "Brings up a fully functional local Astarte Cluster and its tooling for CI purposes."
branding:
color: blue
icon: share-2
inputs:
astarte_namespace:
description: "The Kubernetes namespace where Astarte will be installed. Defaults to `astarte`"
required: false
default: "astarte"
cert-manager_version:
description: "The Cert-Manager Helm Chart version to use. Defaults to v1.20.1"
required: false
default: "v1.20.1"
haproxy_version:
description: "The HAProxy Helm Chart version to use. Defaults to 1.49.0"
required: false
default: "1.49.0"
rabbitmq_cluster_operator_version:
description: "The RabbitMQ Cluster Operator version to use. Defaults to v2.20.0"
required: false
default: "v2.20.0"
scylla_operator_version:
description: "The Scylla Operator version to use. Defaults to v1.20.2"
required: false
default: "v1.20.2"
astarte_chart_version:
description: "The Astarte Operator Helm Chart version to use. Defaults to 26.5.0-alpha.0"
required: false
default: "26.5.0-alpha.0"
astartectl_version:
description: "The astartectl CLI version to use. Defaults to 24.5.3"
required: false
default: "24.5.3"
astarte_version:
description: "The Astarte version to install. Defaults to 1.3.0-rc.2"
required: false
default: "1.3.0-rc.2"
astarte_realm:
description: "The Astarte realm to create. Defaults to `test`. If empty, no realm will be created and the realm_key output will be empty."
required: false
default: "test"
kind_version:
description: "KinD version to use. It is advised to leave the default unless you're trying to use a very specific Astarte version"
required: false
default: "v0.31.0"
kind_node_image:
description: "KinD node to use. It is advised to leave the default unless you're trying to use a very specific Astarte version"
required: false
default: "kindest/node:v1.33.7@sha256:d26ef333bdb2cbe9862a0f7c3803ecc7b4303d8cea8e814b481b09949d353040"
outputs:
housekeeping_key:
description: "The Housekeeping private key of the new cluster"
value: ${{ steps.load-housekeeping-key.outputs.housekeeping-key }}
realm_key:
description: "The Realm private key of the newly created Realm."
value: ${{ steps.load-realm-key.outputs.realm-key }}
runs:
using: "composite"
steps:
- name: Setup Helm
uses: azure/setup-helm@v5.0.0
- name: Set nf_conntrack_max value
shell: bash
# This step is required to avoid CrashLoopBackOff for kube-proxy
# see https://github.com/kubernetes-sigs/kind/issues/2240#issuecomment-838510890
run: |
sudo sysctl net/netfilter/nf_conntrack_max=131072
- name: Set fs.inotify.max values
shell: bash
# This step is required to avoid too many open files errors
# see https://kind.sigs.k8s.io/docs/user/known-issues/#pod-errors-due-to-too-many-open-files
run: |
sudo sysctl fs.inotify.max_user_watches=524288
sudo sysctl fs.inotify.max_user_instances=512
- name: Setup custom host for Astarte autotest API
shell: bash
run: echo "127.0.0.1 api.autotest.astarte-platform.org" | sudo tee -a /etc/hosts
- name: Setup custom host for Astarte autotest Broker
shell: bash
run: echo "127.0.0.1 broker.autotest.astarte-platform.org" | sudo tee -a /etc/hosts
- uses: helm/kind-action@v1.14.0
with:
version: ${{ inputs.kind_version }}
node_image: ${{ inputs.kind_node_image }}
config: "${{ github.action_path }}/manifests/kind-config.yml"
- name: Ensure KinD is up
shell: bash
run: |
echo "Waiting for KinD cluster to be ready..."
kubectl wait --namespace kube-system \
--for=condition=ready \
pod --all \
--timeout=90s
echo "KinD cluster is ready!"
kubectl cluster-info
kubectl get pods -n kube-system
- name: Install prerequisites
shell: bash
run: ${{ github.action_path }}/scripts/install-prerequisites.sh "${{ inputs.cert-manager_version }}" "${{ inputs.haproxy_version }}" "${{ inputs.rabbitmq_cluster_operator_version }}" "${{ inputs.scylla_operator_version }}" "${{ github.action_path }}"
- name: Install Astarte Operator
shell: bash
run: ${{ github.action_path }}/scripts/install-operator.sh "${{ inputs.astarte_chart_version }}"
- name: Setup Astarte Kubernetes namespace
shell: bash
run: kubectl create namespace "${{ inputs.astarte_namespace }}"
- name: Setup SSL Certificates
shell: bash
run: ${{ github.action_path }}/scripts/setup-ssl.sh "${{ github.action_path }}/certs/ca.json" "${{ github.action_path }}/certs/cert.json" "${{ inputs.astarte_namespace }}"
- name: Setup Astarte
shell: bash
run: ${{ github.action_path }}/scripts/setup-astarte.sh "${{ inputs.astarte_version }}" "${{ inputs.astarte_namespace }}" "${{ github.action_path }}/manifests/adi.yml" "${{ github.action_path }}/manifests/broker-service.yml" "${{ github.action_path }}/manifests/astarte.yaml" "${{ inputs.astartectl_version }}"
- name: Create Realm Keys
if: ${{ inputs.astarte_realm != '' }}
shell: bash
run: (cd "${{ github.action_path }}" && astartectl utils gen-keypair "${{ inputs.astarte_realm }}")
- id: load-realm-key
name: load-realm-key
if: ${{ inputs.astarte_realm != '' }}
shell: bash
env:
REALM_KEY: "${{ github.action_path }}/${{ inputs.astarte_realm }}_private.pem"
run: |
cat "$REALM_KEY"
{
echo 'realm-key<<EOF'
cat "$REALM_KEY"
echo 'EOF'
} >> "$GITHUB_OUTPUT"
- name: Get housekeeping key
shell: bash
run: kubectl get secrets -n "${{ inputs.astarte_namespace }}" astarte-housekeeping-private-key -o jsonpath={.data.private-key} | base64 -d > "${{ github.action_path }}"/housekeeping_key.pem
- id: load-housekeeping-key
shell: bash
env:
HOUSEKEEPING_KEY: "${{ github.action_path }}/housekeeping_key.pem"
run: |
{
echo "housekeeping-key<<EOF"
cat "$HOUSEKEEPING_KEY"
echo 'EOF'
} >> "$GITHUB_OUTPUT"
- name: Wait for Astarte API to be ready
shell: bash
run: |
echo "Waiting for Astarte API to be ready..."
for i in {1..6}; do
if [[ -n $(astartectl housekeeping realms list --ignore-ssl-errors -u https://api.autotest.astarte-platform.org -k "${{ github.action_path }}/housekeeping_key.pem") ]]; then
echo "astartectl is able to connect to the Astarte API"
exit 0
else
sleep 5
fi
done
echo "astartectl failed to connect to the Astarte API"
exit 1
- name: Create Astarte Realm
if: ${{ inputs.astarte_realm != '' }}
shell: bash
run: astartectl housekeeping realms create -y "${{ inputs.astarte_realm }}" --ignore-ssl-errors -u https://api.autotest.astarte-platform.org --realm-public-key "${{ github.action_path }}/${{ inputs.astarte_realm }}_public.pem" -k "${{ github.action_path }}/housekeeping_key.pem"
- name: Wait for the realm creation to propagate
if: ${{ inputs.astarte_realm != '' }}
shell: bash
run: |
ASTARTE_REALM="${{ inputs.astarte_realm }}"
for i in {1..6}; do
if [[ -n $(astartectl housekeeping realms show "$ASTARTE_REALM" --ignore-ssl-errors -u https://api.autotest.astarte-platform.org -k "${{ github.action_path }}/housekeeping_key.pem") ]]; then
echo "Astarte Realm created successfully"
exit 0
else
sleep 5
fi
done
echo "Astarte Realm creation timed out"
exit 1
- name: create astartectl cluster and context (if needed)
shell: bash
run: |
export CLUSTER_NAME="$(kubectl config current-context)"
mkdir -p ~/.config/astarte
echo 'context: ""' >> ~/.config/astarte/astartectl.yaml
astartectl config clusters create $CLUSTER_NAME \
--api-url https://api.autotest.astarte-platform.org \
--housekeeping-key ${{ github.action_path }}/housekeeping_key.pem
export CONTEXT_NAME=$CLUSTER_NAME
astartectl config contexts create $CONTEXT_NAME \
--cluster $CLUSTER_NAME \
--realm-name ${{ inputs.astarte_realm }} \
--realm-private-key ${{ github.action_path }}/${{ inputs.astarte_realm }}_private.pem
astartectl config contexts update $CONTEXT_NAME --activate