feat: add hostNetwork support #1360
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: End-to-end tests | |
| run-name: ${{ github.event_name == 'workflow_run' && github.event.workflow_run.display_title || '' }} | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| version: | |
| description: Kubewarden [local|next|prev|v1.17.0] | |
| required: true | |
| default: local | |
| K3S_VERSION: | |
| description: Kubernetes version | |
| type: choice | |
| options: | |
| [ | |
| "k3d", | |
| "1.27", | |
| "1.28", | |
| "1.29", | |
| "1.30", | |
| "1.31", | |
| "1.32", | |
| "1.33", | |
| "1.34", | |
| "1.35", | |
| ] | |
| default: "k3d" | |
| ARCH: | |
| description: Runner architecture | |
| type: choice | |
| options: [x86, arm64] | |
| default: x86 | |
| UPGRADE: | |
| description: Enable upgrade test | |
| type: boolean | |
| default: false | |
| MTLS: | |
| description: Enable mutual TLS | |
| type: boolean | |
| default: false | |
| LATEST: | |
| description: Use latest images | |
| type: boolean | |
| default: false | |
| CONTROLLER_ARGS: | |
| description: Helm flags for controller | |
| DEFAULTS_ARGS: | |
| description: Helm flags for defaults | |
| # PR: install + tests from PR | |
| pull_request: | |
| branches: | |
| - "main" | |
| paths: | |
| - "charts/kubewarden-*/**" | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| defaults: | |
| run: | |
| shell: bash | |
| env: | |
| K3D_VERSION: v5.8.3 | |
| K3D_CHECKSUM_AMD64: dbaa79a76ace7f4ca230a1ff41dc7d8a5036a8ad0309e9c54f9bf3836dbe853e | |
| K3D_CHECKSUM_ARM64: 0b8110f2229631af7402fb828259330985918b08fefd38b7f1b788a1c8687216 | |
| K3D_CLUSTER_NAME: ${{ github.repository_owner }}-${{ github.run_id }} | |
| MTLS: ${{ github.event_name == 'pull_request' && 'true' || inputs.MTLS }} | |
| jobs: | |
| e2e: | |
| # x86: ubuntu-latest, arm64: ubuntu-24.04-arm | |
| runs-on: ${{ matrix.arch == 'arm64' && 'ubuntu-24.04-arm' || 'ubuntu-latest' }} | |
| permissions: | |
| contents: read | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| mode: ${{ | |
| (github.event_name == 'pull_request') && fromJSON('["install"]') || | |
| fromJSON(format('["{0}"]', inputs.UPGRADE && 'upgrade' || 'install')) }} | |
| version: ${{ | |
| (github.event_name == 'pull_request') && fromJSON('["local"]') || | |
| fromJSON(format('["{0}"]', inputs.version || 'local')) }} | |
| k3s: ${{ (github.event_name == 'workflow_run') && fromJSON('["k3d", "1.27"]') || fromJSON(format('["{0}"]', inputs.K3S_VERSION || 'k3d' )) }} | |
| arch: ${{ (github.event_name == 'workflow_run') && fromJSON('["x86", "arm64"]') || fromJSON(format('["{0}"]', inputs.ARCH || 'x86')) }} | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| if: ${{ matrix.version == 'local' }} | |
| with: | |
| persist-credentials: false | |
| - run: helm repo add kubewarden https://charts.kubewarden.io | |
| if: ${{ matrix.version != 'local' || matrix.mode == 'upgrade' }} | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| repository: ${{ github.repository_owner }}/kubewarden-end-to-end-tests | |
| path: e2e-tests | |
| submodules: "true" | |
| persist-credentials: false | |
| - name: "Install kwctl" | |
| uses: kubewarden/github-actions/kwctl-installer@e57db07ca384bf09ec40c4c49ff25d600c0d23d9 # v5.1.1 | |
| with: | |
| kwctl-version: latest | |
| - run: sudo npm install -g bats | |
| - name: "Create k3d cluster" | |
| env: | |
| CLUSTER_NAME: ${{ env.K3D_CLUSTER_NAME }} | |
| K3S_MATRIX: ${{ matrix.k3s }} | |
| MATRIX_ARCH: ${{ matrix.arch }} | |
| DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} # zizmor: ignore[secrets-outside-env] | |
| DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }} # zizmor: ignore[secrets-outside-env] | |
| run: | | |
| if [[ "$MATRIX_ARCH" == "arm64" ]]; then | |
| K3D_BINARY="k3d-linux-arm64" | |
| K3D_CHECKSUM="${K3D_CHECKSUM_ARM64}" | |
| else | |
| K3D_BINARY="k3d-linux-amd64" | |
| K3D_CHECKSUM="${K3D_CHECKSUM_AMD64}" | |
| fi | |
| curl -sSfL -o /tmp/k3d "https://github.com/k3d-io/k3d/releases/download/${K3D_VERSION}/${K3D_BINARY}" | |
| echo "${K3D_CHECKSUM} /tmp/k3d" | sha256sum -c - || exit 1 | |
| mkdir -p "$HOME/.local/bin" | |
| install /tmp/k3d "$HOME/.local/bin/k3d" | |
| rm /tmp/k3d | |
| # Use k3d as placeholder for default (empty) k3s version | |
| [[ "$K3S_MATRIX" != "k3d" ]] && export K3S="$K3S_MATRIX" | |
| make --directory e2e-tests cluster DOCKERHUB_USERNAME="$DOCKERHUB_USERNAME" DOCKERHUB_PASSWORD="$DOCKERHUB_PASSWORD" | |
| - name: Install previous kubewarden | |
| if: ${{ matrix.mode == 'upgrade' }} | |
| working-directory: ./e2e-tests | |
| run: VERSION=prev REPO_NAME=kubewarden CHARTS_LOCATION=kubewarden make install | |
| env: | |
| MTLS: false # TODO: Remove after prev supports mTLS (kw >= 1.24-alpha) | |
| CLUSTER_NAME: ${{ env.K3D_CLUSTER_NAME }} | |
| - name: Install kubewarden and run tests | |
| working-directory: ./e2e-tests | |
| env: | |
| CLUSTER_NAME: ${{ env.K3D_CLUSTER_NAME }} | |
| VERSION: ${{ matrix.version }} | |
| MATRIX_MODE: ${{ matrix.mode }} | |
| EVENT_NAME: ${{ github.event_name }} | |
| LATEST: ${{ inputs.LATEST }} | |
| DEFAULTS_ARGS: ${{ inputs.DEFAULTS_ARGS }} | |
| CONTROLLER_ARGS: ${{ inputs.CONTROLLER_ARGS }} | |
| # Override OTEL operator version by github variable | |
| OTEL_OPERATOR: ${{ vars.OTEL_OPERATOR }} | |
| run: | | |
| if [[ "$VERSION" == 'local' ]]; then | |
| export CHARTS_LOCATION=../charts | |
| # Chart images are updated during release, use latest for nightly jobs | |
| [[ "$EVENT_NAME" == 'pull_request' ]] && export LATEST=true | |
| fi | |
| # mTLS should have been enabled during installation | |
| make $MATRIX_MODE # MTLS="{{ matrix.mode == 'upgrade' && false || env.MTLS }}" # TODO: Uncomment after prev supports mTLS (kw >= 1.24-alpha) | |
| ./scripts/helmer.sh debug | |
| # Run tests | |
| make tests audit-scanner-installation.bats | |
| make uninstall | |
| - name: Clean Up | |
| if: always() | |
| run: make --directory e2e-tests clean | |
| env: | |
| CLUSTER_NAME: ${{ env.K3D_CLUSTER_NAME }} |