Skip to content
Virtual Integration

EIM NB API and CLi decomp #8241

Sign in to view logs

EIM NB API and CLi decomp

EIM NB API and CLi decomp #8241

Workflow file for this run

.github/workflows/virtual-integration.yml at 8d0c0d1
# SPDX-FileCopyrightText: 2025 Intel Corporation
#
# SPDX-License-Identifier: Apache-2.0
name: Virtual Integration
on:
# Allow manually triggering the workflow
workflow_dispatch: {}
# Run on all commits that are pushed to all branches
push:
branches:
- main
- main-pass-validation
# Trigger workflow on PRs to all branches
pull_request:
branches:
- "*"
types:
- opened
- synchronize
- reopened
# Trigger workflow when enqueued to a merge group
merge_group:
# For PRs → use the PR number as the group (forces only 1 run active)
# For branches → use the full ref (unique per branch) so runs don't cancel each other
concurrency:
group: ${{ github.event.pull_request.number || github.ref_name }}
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
permissions:
contents: read
checks: read
jobs:
pre-merge:
if: github.event_name == 'pull_request'
permissions:
contents: read
uses: open-edge-platform/orch-ci/.github/workflows/pre-merge.yml@79c4381f9be567527d8782094317b0282493e45a # 0.1.66
with:
run_version_check: false
run_build: false
run_lint: false
run_test: false
bootstrap_tools: ""
trivy_config_path: trivy.yaml
check-changed-files:
permissions:
contents: read
name: Filter list of changed files
runs-on: ubuntu-latest
outputs:
ci: ${{ contains(steps.check-files.outputs.changed_files, '.github/workflows') || contains(steps.check-files.outputs.changed_files, '.github/actions') }}
go: ${{ contains(steps.check-files.outputs.changed_files, '.go') || contains(steps.check-files.outputs.changed_files, '.mod') || contains(steps.check-files.outputs.changed_files, '.sum') }}
markdown: ${{ contains(steps.check-files.outputs.changed_files, '.md') || contains(steps.check-files.outputs.changed_files, '.markdown') || contains(steps.check-files.outputs.changed_files, '.mdx') }}
orch: ${{ contains(steps.check-files.outputs.changed_files, 'argocd') || contains(steps.check-files.outputs.changed_files, 'bootstrap') || contains(steps.check-files.outputs.changed_files, 'installer') || contains(steps.check-files.outputs.changed_files, 'internal') || contains(steps.check-files.outputs.changed_files, 'mage') || contains(steps.check-files.outputs.changed_files, 'node') || contains(steps.check-files.outputs.changed_files, 'router') || contains(steps.check-files.outputs.changed_files, 'tools') || contains(steps.check-files.outputs.changed_files, 'e2e-tests') || contains(steps.check-files.outputs.changed_files, 'VERSION') || contains(steps.check-files.outputs.changed_files, 'orch-configs') }}
on-prem: ${{ contains(steps.check-files.outputs.changed_files, 'on-prem-installers') || contains(steps.check-files.outputs.changed_files, 'terraform') }}
onboarding: ${{ contains(steps.check-files.outputs.changed_files, 'argocd/applications/templates/infra-') || contains(steps.check-files.outputs.changed_files, 'argocd/applications/values.yaml') }}
shell: ${{ contains(steps.check-files.outputs.changed_files, '.sh') || contains(steps.check-files.outputs.changed_files, '.bash') }}
terraform: ${{ contains(steps.check-files.outputs.changed_files, '.hcl') || contains(steps.check-files.outputs.changed_files, '.tf') || contains(steps.check-files.outputs.changed_files, '.tfvars') }}
yaml: ${{ contains(steps.check-files.outputs.changed_files, '.yaml') || contains(steps.check-files.outputs.changed_files, '.yml') }}
helm: ${{ contains(steps.check-files.outputs.changed_files, 'argocd/') || contains(steps.check-files.outputs.changed_files, 'argocd-internal/') }}
test-automation: ${{ contains(steps.check-files.outputs.changed_files, '.test-dependencies.yaml') }}
only_design_proposals: ${{ steps.only-design-proposals.outputs.only_design_proposals }}
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Discover Changed Files
id: check-files
uses: open-edge-platform/orch-ci/discover-changed-files@main # zizmor: ignore[unpinned-uses]
with:
project_folder: "."
- name: Calculate only_design_proposals
id: only-design-proposals
run: |
files="${{ steps.check-files.outputs.changed_files }}"
only_design=true
# Remove brackets and quotes, then split on comma
clean_files=$(echo "$files" | sed 's/\[//;s/\]//;s/"//g')
for file in $(echo "$clean_files" | tr ',' '\n'); do
file=$(echo $file | xargs) # trim whitespace
if [[ $file != design-proposals/* ]]; then
only_design=false
break
fi
done
echo "only_design=$only_design"
echo "only_design_proposals=$only_design" >> $GITHUB_OUTPUT
scan-viruses:
permissions:
contents: read
name: Scan for viruses
runs-on: ubuntu-latest
timeout-minutes: 30
env:
OUTPUT_FILE: antivirus-report.txt
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: ClamAV
run: |
docker run --rm \
--mount type=bind,source=./,target=/scandir \
clamav/clamav:stable \
clamscan --recursive --log=/scandir/${{ env.OUTPUT_FILE }} \
/scandir
if [ $? -ne 0 ]; then
sudo chown $USER:$USER ${{ env.OUTPUT_FILE }}
exit 1
fi
sudo chown $USER:$USER ${{ env.OUTPUT_FILE }}
- name: Upload evidence
if: always()
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: antivirus-report
path: ${{ env.OUTPUT_FILE }}
lint-markdown:
permissions:
contents: read
name: Lint Markdown
needs:
- check-changed-files
if: needs.check-changed-files.outputs.markdown == 'true' || github.ref == 'refs/heads/main' || github.ref == 'refs/heads/main-pass-validation'
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
if: github.event_name != 'merge_group'
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Set up git credentials
shell: bash
run: |
echo "GOPRIVATE=github.com/open-edge-platform" >> $GITHUB_ENV
git config --global url."https://${{ secrets.SYS_ORCH_GITHUB }}:x-oauth-basic@github.com/".insteadOf "https://github.com/"
- name: Setup asdf and install dependencies
uses: open-edge-platform/orch-utils/.github/actions/setup-asdf@main # zizmor: ignore[unpinned-uses]
- name: Run lint
run: mage -v lint:markdown
lint-shell:
permissions:
contents: read
name: Lint shell scripts
needs:
- check-changed-files
if: needs.check-changed-files.outputs.shell == 'true' || github.ref == 'refs/heads/main' || github.ref == 'refs/heads/main-pass-validation'
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Setup asdf and install dependencies
uses: open-edge-platform/orch-utils/.github/actions/setup-asdf@main # zizmor: ignore[unpinned-uses]
- name: Run lint
working-directory: on-prem-installers
run: shellcheck ***/*.sh
lint-terraform:
permissions:
contents: read
name: Lint Terraform
needs:
- check-changed-files
if: needs.check-changed-files.outputs.terraform == 'true' || github.ref == 'refs/heads/main' || github.ref == 'refs/heads/main-pass-validation'
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Setup asdf and install dependencies
uses: open-edge-platform/orch-utils/.github/actions/setup-asdf@main # zizmor: ignore[unpinned-uses]
- name: Run lint
run: mage lint:terraform
lint-yaml:
permissions:
contents: read
name: Lint YAML
needs:
- check-changed-files
if: needs.check-changed-files.outputs.yaml == 'true' || github.ref == 'refs/heads/main' || github.ref == 'refs/heads/main-pass-validation'
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Configure yamllint pip packages
run: echo "ASDF_YAMLLINT_PIP_PACKAGES=pyyaml" >> $GITHUB_ENV
- name: Setup asdf and install dependencies
uses: open-edge-platform/orch-utils/.github/actions/setup-asdf@main # zizmor: ignore[unpinned-uses]
- name: Run lint
run: mage lint:yaml
lint-helm:
permissions:
contents: read
name: Lint Helm
needs:
- check-changed-files
if: needs.check-changed-files.outputs.helm == 'true' || github.ref == 'refs/heads/main' || github.ref == 'refs/heads/main-pass-validation'
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Setup asdf and install dependencies
uses: open-edge-platform/orch-utils/.github/actions/setup-asdf@main # zizmor: ignore[unpinned-uses]
- name: Run lint
run: mage lint:helm
lint-go:
permissions:
contents: read
name: Lint Go
needs:
- check-changed-files
if: needs.check-changed-files.outputs.go == 'true' || github.ref == 'refs/heads/main' || github.ref == 'refs/heads/main-pass-validation'
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Set up git credentials
shell: bash
run: |
echo "GOPRIVATE=github.com/open-edge-platform" >> $GITHUB_ENV
git config --global url."https://${{ secrets.SYS_ORCH_GITHUB }}:x-oauth-basic@github.com/".insteadOf "https://github.com/"
- name: Setup asdf and install dependencies
uses: open-edge-platform/orch-utils/.github/actions/setup-asdf@main # zizmor: ignore[unpinned-uses]
- name: Run lint
run: mage lint:golang
lint-version:
permissions:
contents: read
name: Lint version
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
# Fetch all history for all tags and branches
fetch-depth: 0
persist-credentials: false
- name: Prepare ci tools
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: open-edge-platform/orch-ci
path: orch-ci
persist-credentials: false
- name: Set up git credentials
shell: bash
run: |
echo "GOPRIVATE=github.com/open-edge-platform" >> $GITHUB_ENV
git config --global url."https://${{ secrets.SYS_ORCH_GITHUB }}:x-oauth-basic@github.com/".insteadOf "https://github.com/"
- name: Setup asdf and install dependencies
uses: open-edge-platform/orch-utils/.github/actions/setup-asdf@main # zizmor: ignore[unpinned-uses]
- name: Run lint
run: |
orch-ci/scripts/version-check.sh
mage version:checkVersion
build-publish:
permissions:
contents: read
name: Build and publish artifacts
needs:
- lint-go
- lint-markdown
- lint-shell
- lint-terraform
- lint-helm
- lint-yaml
- lint-version
- scan-viruses
- check-changed-files
if: |
always() &&
needs.lint-version.result == 'success' && (
needs.check-changed-files.outputs.orch == 'true' ||
needs.check-changed-files.outputs.on-prem == 'true' ||
needs.check-changed-files.outputs.ci == 'true' ||
needs.check-changed-files.outputs.test-automation == 'true' ||
github.ref == 'refs/heads/main' ||
github.ref == 'refs/heads/main-pass-validation'
)
runs-on: ubuntu-latest
timeout-minutes: 30
outputs:
deb-version: ${{ steps.set-version.outputs.DEB_VERSION }}
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
ref: ${{ github.event.pull_request.head.sha }}
- uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
if: github.event_name != 'merge_group'
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Set up git credentials
shell: bash
run: |
echo "GOPRIVATE=github.com/open-edge-platform" >> $GITHUB_ENV
git config --global url."https://${{ secrets.SYS_ORCH_GITHUB }}:x-oauth-basic@github.com/".insteadOf "https://github.com/"
- name: Setup asdf and install dependencies
uses: open-edge-platform/orch-utils/.github/actions/setup-asdf@main # zizmor: ignore[unpinned-uses]
- name: Get version tag
id: get_version_tag
run: |
output=$(mage version:getVersionTag)
echo "versionTag=$output" >> $GITHUB_ENV
- name: Build DEB packages
working-directory: on-prem-installers
run: mage build:all
- name: Set DEB_VERSION
id: set-version
working-directory: on-prem-installers
run: |
mage build:debVersion
echo "DEB_VERSION=$(mage build:debVersion)" >> "$GITHUB_OUTPUT"
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # v4.0.1
with:
aws-access-key-id: ${{ secrets.NO_AUTH_ECR_PUSH_USERNAME }}
aws-secret-access-key: ${{ secrets.NO_AUTH_ECR_PUSH_PASSWD }}
aws-region: us-west-2
- name: Login to ECR
run: aws ecr get-login-password --region us-west-2 | oras login -u AWS --password-stdin 080137407410.dkr.ecr.us-west-2.amazonaws.com
- name: Publish on-prem installer artifacts
env:
BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
working-directory: on-prem-installers
run: mage publish:all
- name: Publish Orchestrator source code artifacts
env:
BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
run: mage publish:sourceTarballs
- name: Login to ECR
uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
with:
registry: 080137407410.dkr.ecr.us-west-2.amazonaws.com
- name: Build Cloud Installer and release bundle artifacts
run: |
mage installer:build
mage installer:bundle
- name: Scan Cloud Installer Image
uses: aquasecurity/trivy-action@6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5 # v0.30.0
with:
image-ref: 080137407410.dkr.ecr.us-west-2.amazonaws.com/edge-orch/common/orchestrator-installer-cloudfull:${{ env.versionTag }}
format: table
output: "trivy-orchestrator-installer-cloudfull.txt"
ignore-unfixed: true
- name: Calculate MD5 Checksum
id: checksum
run: |
md5sum_value=$(md5sum "trivy-orchestrator-installer-cloudfull.txt" | cut -d " " -f 1)
echo "md5sum is $md5sum_value"
echo "md5sum_value=$md5sum_value" >> "$GITHUB_ENV"
- name: Upload Trivy Image Scan Report
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: trivy-scan-report-orchestrator-installer-cloudfull-${{ env.md5sum_value }}
path: trivy-orchestrator-installer-cloudfull.txt
- name: Publish Cloud Installer artifact
if: github.event_name == 'push' && ( github.ref == 'refs/heads/main' || github.ref == 'refs/heads/main-pass-validation' )
run: mage publish:cloudInstaller
- name: Build release manifest artifact
if: github.event_name == 'push' && ( github.ref == 'refs/heads/main' || github.ref == 'refs/heads/main-pass-validation' )
run: |
mkdir -p release-manifest
mage -v gen:releaseManifest release-manifest/chart-manifest.yaml
mage -v gen:releaseImageManifest release-manifest/image-manifest.yaml
- name: Publish release manifest artifact
if: github.event_name == 'push' && ( github.ref == 'refs/heads/main' || github.ref == 'refs/heads/main-pass-validation' )
run: |
mage publish:releaseManifest
deploy-kind:
permissions:
contents: read
name: Deploy Kind Orchestrator and run tests
needs:
- lint-go
- lint-markdown
- lint-shell
- lint-terraform
- lint-version
- lint-helm
- lint-yaml
- check-changed-files
if: |
always() &&
needs.lint-version.result == 'success' &&
needs.check-changed-files.outputs.only_design_proposals != 'true' && (
needs.check-changed-files.outputs.orch == 'true' ||
needs.check-changed-files.outputs.ci == 'true' ||
github.ref == 'refs/heads/main' ||
github.ref == 'refs/heads/main-pass-validation'
)
runs-on: ubuntu-24.04-16core-64GB
timeout-minutes: 90
env:
ORCH_DEFAULT_PASSWORD: ${{ secrets.ORCH_DEFAULT_PASSWORD }}
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Deploy Kind Orchestrator
id: deploy-kind-orchestrator
uses: ./.github/actions/deploy_kind
timeout-minutes: 45
with:
orch_version: ${{ github.event.pull_request.head.sha || github.sha }}
orch_password: ${{ secrets.ORCH_DEFAULT_PASSWORD }}
docker_username: ${{ secrets.SYS_DOCKERHUB_USERNAME }}
docker_password: ${{ secrets.SYS_DOCKERHUB_RO }}
token: ${{ secrets.SYS_ORCH_GITHUB }}
deployment_type: all
- name: Collect diagnostics
if: always()
uses: ./.github/actions/collect_diagnostics
timeout-minutes: 15
- name: Run policy compliance tests
run: mage test:policyCompliance
- name: Run image pull policy compliance tests
run: mage test:imagePullPolicyCompliance
- name: Setup Sample Org and Project with default users
id: default-mt-setup
run: mage tenantUtils:createDefaultMtSetup
- name: Deploy Victoria Metrics instance
env:
ORCH_DEFAULT_PASSWORD: ${{ secrets.ORCH_DEFAULT_PASSWORD }}
run: mage deploy:victoriaMetrics apply
- name: Run e2e tenancy tests
run: mage test:e2etenancy
- name: Run e2e tenancy API gateway tests
run: mage test:e2etenancyapigw
- name: Create default user and run e2e tests
run: mage devUtils:createDefaultUser test:e2e
- name: "Test Observability SRE Exporter w/o ENiC"
env:
ORCH_DEFAULT_PASSWORD: ${{ secrets.ORCH_DEFAULT_PASSWORD }}
run: |
mage test:e2eSreObservabilityNoEnic
- name: Deploy ENiC
if: ${{ always() && steps.deploy-kind-orchestrator.conclusion == 'success' && steps.default-mt-setup.conclusion == 'success' }}
shell: bash
timeout-minutes: 5
env:
ORCH_ORG: sample-org
ORCH_PROJECT: sample-project
ORCH_USER: sample-project-onboarding-user
ORCH_USER_API: sample-project-api-user
EDGE_MANAGEABILITY_FRAMEWORK_REV: ${{ env.GIT_HASH }}
run: |
mage devUtils:deployEnic 1 dev
# wait until SN and UUID are available
mage devUtils:getEnicSerialNumber
mage devUtils:getEnicUUID
# then get then and store them in the env
UUID=$(kubectl exec -it -n enic enic-0 -c edge-node -- bash -c "dmidecode -s system-uuid")
SN=$(kubectl exec -it -n enic enic-0 -c edge-node -- bash -c "dmidecode -s system-serial-number")
echo "EN_UUID=$UUID" >> "$GITHUB_ENV"
echo "EN_SN=$SN" >> "$GITHUB_ENV"
- name: Print current EN UUID and SN
if: ${{ always() && steps.deploy-kind-orchestrator.conclusion == 'success' && steps.default-mt-setup.conclusion == 'success' }}
run: echo "Current ENiC has UUID ${{ env.EN_UUID }} and SN ${{ env.EN_SN }}"
- name: UI E2E Tests
if: ${{ always() && steps.deploy-kind-orchestrator.conclusion == 'success' && steps.default-mt-setup.conclusion == 'success' }}
uses: ./.github/actions/cypress
with:
token: ${{ secrets.SYS_ORCH_GITHUB }}
en_serial_number: ${{ env.EN_SN }}
en_uuid: ${{ env.EN_UUID }}
infra: "cypress/e2e/infra/locations.cy.ts,cypress/e2e/infra/new-host-provision.cy.ts,cypress/e2e/infra/verify-host.cy.ts"
- name: "Test Observability Public Endpoints"
env:
ORCH_DEFAULT_PASSWORD: ${{ secrets.ORCH_DEFAULT_PASSWORD }}
run: |
mage test:e2eObservability
- name: "Test Observability Orchestrator Stack"
env:
ORCH_DEFAULT_PASSWORD: ${{ secrets.ORCH_DEFAULT_PASSWORD }}
run: |
mage test:e2eOrchObservability
# TODO - The base extension deployment including observability stack has been removed. Need to revist this test stack later and see how to proceed further.
# - name: "Test Observability EdgeNode Stack"
# env:
# ORCH_DEFAULT_PASSWORD: ${{ secrets.ORCH_DEFAULT_PASSWORD }}
# run: |
# mage test:e2eENObservability
# TODO - The base extension deployment including observability stack has been removed. Need to revist this test stack later and see how to proceed further.
# - name: "Test Observability Alerts"
# env:
# ORCH_DEFAULT_PASSWORD: ${{ secrets.ORCH_DEFAULT_PASSWORD }}
# run: |
# mage test:e2eAlertsObservability
# TODO - The base extension deployment including observability stack has been removed. Need to revist this test stack later and see how to proceed further.
# - name: "Test Observability SRE Exporter"
# env:
# ORCH_DEFAULT_PASSWORD: ${{ secrets.ORCH_DEFAULT_PASSWORD }}
# run: |
# mage test:e2eSreObservability
- name: deploy, register & provision new ENiC instance # previous instance was deatuhorized by the cluster delete in UI tests
if: ${{ always() && steps.deploy-kind-orchestrator.conclusion == 'success' && steps.default-mt-setup.conclusion == 'success' }}
shell: bash
timeout-minutes: 5
env:
ORCH_ORG: sample-org
ORCH_PROJECT: sample-project
ORCH_USER: sample-project-onboarding-user
ORCH_USER_API: sample-project-api-user
EDGE_MANAGEABILITY_FRAMEWORK_REV: ${{ env.GIT_HASH }}
run: |
# delete the previous ENiC instance
kubectl delete ns enic
# deploy a new ENiC instance
mage devUtils:deployEnic 1 dev
# wait until SN and UUID are available
mage devUtils:getEnicSerialNumber
mage devUtils:getEnicUUID
# then get then and store them in the env
UUID=$(kubectl exec -it -n enic enic-0 -c edge-node -- bash -c "dmidecode -s system-uuid")
SN=$(kubectl exec -it -n enic enic-0 -c edge-node -- bash -c "dmidecode -s system-serial-number")
echo "EN_UUID=$UUID" >> "$GITHUB_ENV"
echo "EN_SN=$SN" >> "$GITHUB_ENV"
# register the ENiC in the orchestrator
ORCH_USER=${ORCH_USER_API} mage devUtils:registerEnic enic-0
# provision the ENiC
ORCH_USER=${ORCH_USER_API} mage devUtils:provisionEnic enic-0
sleep 5
mage devUtils:WaitForEnic
- name: Wait for cluster agent to be ready
if: ${{ always() && steps.deploy-kind-orchestrator.conclusion == 'success' }}
run: |
mkdir -p smoke-test/logs
kubectl exec -n enic enic-0 -c edge-node -- bash -c "journalctl -x" > smoke-test/logs/enic-journalctl-pre.log
kubectl exec -n enic enic-0 -c edge-node -- bash -c "journalctl -xeu cluster-agent" > smoke-test/logs/enic-cluster-agent-pre.log
timeout 5m kubectl exec -n enic enic-0 -c edge-node -- bash -c "journalctl -f" | grep -m 1 "Cluster Agent state update"
- name: Run AO / CO smoke test
if: ${{ always() && steps.deploy-kind-orchestrator.conclusion == 'success' && steps.default-mt-setup.conclusion == 'success' }}
env:
PROJECT: sample-project
NODE_UUID: ${{ env.EN_UUID }}
EDGE_MGR_USER: sample-project-edge-mgr
EDGE_INFRA_USER: sample-project-api-user
run: |
echo "Running AO / CO smoke test..."
mage test:clusterOrchSmokeTest
- name: Collect smoke test logs
if: always()
run: |
mkdir -p smoke-test/logs
kubectl logs -n orch-app -l app=app-deployment-api -c app-deployment-api --tail=-1 > smoke-test/logs/app-deployment-api.log
kubectl logs -n orch-app -l app=app-deployment-manager --tail=-1 > smoke-test/logs/app-deployment-manager.log
kubectl logs -n orch-app -l app=app-resource-manager -c app-resource-manager --tail=-1 > smoke-test/logs/app-resource-manager.log
kubectl logs -n orch-app -l app.kubernetes.io/name=app-orch-catalog --tail=-1 > smoke-test/logs/application-catalog.log
kubectl exec -n enic enic-0 -c edge-node -- bash -c "journalctl -xeu cluster-agent" > smoke-test/logs/enic-cluster-agent-post.log
- name: Upload smoke test logs
if: always()
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: smoke-test
path: |
smoke-test/logs/*
deploy-on-prem:
permissions:
contents: read
name: Deploy On-Prem Orchestrator and Run Golden Suite Core Foundation Tests
needs:
- lint-go
- lint-markdown
- lint-shell
- lint-terraform
- lint-version
- lint-helm
- lint-yaml
- build-publish
- check-changed-files
if: |
always() &&
needs.build-publish.result == 'success' &&
needs.check-changed-files.outputs.only_design_proposals != 'true' && (
needs.check-changed-files.outputs.orch == 'true' ||
needs.check-changed-files.outputs.on-prem == 'true' ||
needs.check-changed-files.outputs.ci == 'true' ||
needs.check-changed-files.outputs.test-automation == 'true' ||
github.ref == 'refs/heads/main' ||
github.ref == 'refs/heads/main-pass-validation'
)
runs-on: ubuntu-24.04-16core-64GB
timeout-minutes: 90
env:
KUBECONFIG: ${{ github.workspace }}/terraform/orchestrator/files/kubeconfig
steps:
- name: Checkout Orchestrator repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Read test-automation dependency Version
id: read-test-automation-version
shell: bash
run: |
cat /proc/cpuinfo
version=$(yq '.test-automation.version' ${{ github.workspace }}/.test-dependencies.yaml | tr -d '\n' | xargs)
echo $version
echo "version=$version" >> $GITHUB_OUTPUT
- name: Deploy On-Prem Orchestrator
id: deploy-on-prem
uses: ./.github/actions/deploy_on_prem
with:
orch_version: ${{ github.event.pull_request.head.sha }}
docker_username: ${{ secrets.SYS_DOCKERHUB_USERNAME }}
docker_password: ${{ secrets.SYS_DOCKERHUB_RO }}
- name: Run E2E tests
env:
E2E_SVC_DOMAIN: cluster.onprem
EDGE_CLUSTER_NAME: test-cluster
run: mage -v test:e2eOnPrem
- name: Checkout edge-manage-test-automation repository with submodules
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: open-edge-platform/edge-manage-test-automation
path: edge-manage-test-automation
ref: ${{ steps.read-test-automation-version.outputs.version }}
submodules: 'recursive'
token: ${{ secrets.SYS_ORCH_GITHUB }}
persist-credentials: false
- name: Install vEN Deps
working-directory: edge-manage-test-automation
run: |
git submodule update --init --recursive
- name: Setup virtual environment
working-directory: edge-manage-test-automation
run: |
make asdf-install
make venv_edge-manage-test-automation
# install required versions for Pico
pushd repos/ven/pico
asdf install
popd
- name: Run Golden Suite Robot Framework Tests
id: robot-tests
timeout-minutes: 45
working-directory: edge-manage-test-automation
env:
KUBECONFIG: ${{ github.workspace }}/terraform/orchestrator/files/kubeconfig
REQUESTS_CA_BUNDLE: /usr/local/share/ca-certificates/orch-ca.crt
LIBVIRT_DEFAULT_URI: 'qemu:///system'
run: |
KC_ADMIN_PWD=$(kubectl -n orch-platform get secrets platform-keycloak -o jsonpath='{.data.admin-password}' | base64 -d)
# Add the password to the orchestrator config
yq eval ".orchestrator.admin_password = \"${KC_ADMIN_PWD}\"" -i orchestrator-configs/on-prem.yaml
source venv_edge-manage-test-automation/bin/activate
robot -L DEBUG --pythonpath . \
--name "Golden Suite: Core Foundation" \
-d robot_output/core_foundation \
-V orchestrator-configs/on-prem.yaml \
--exitonfailure \
tests/core_foundation/core_foundation.robot
- name: Upload test artifacts
if: always()
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: on-prem-${{ github.event_name }}-${{ github.event.number }}-robot-report
path: |
edge-manage-test-automation/robot_output/**/*
deploy-oxm-profile:
permissions:
contents: read
name: Deploy OXM Orchestrator Profile
needs:
- lint-go
- lint-markdown
- lint-shell
- lint-terraform
- lint-version
- lint-helm
- lint-yaml
- build-publish
- check-changed-files
if: |
always() &&
needs.build-publish.result == 'success' &&
needs.check-changed-files.outputs.only_design_proposals != 'true' && (
needs.check-changed-files.outputs.orch == 'true' ||
needs.check-changed-files.outputs.on-prem == 'true' ||
needs.check-changed-files.outputs.ci == 'true' ||
github.ref == 'refs/heads/main' ||
github.ref == 'refs/heads/main-pass-validation'
)
runs-on: ubuntu-22.04-16core-64GB
timeout-minutes: 90
env:
KUBECONFIG: ${{ github.workspace }}/terraform/orchestrator/files/kubeconfig
steps:
- name: Checkout Orchestrator repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Deploy OXM Orchestrator Profile
id: deploy-oxm-profile
uses: ./.github/actions/deploy_on_prem
env:
TF_VAR_no_proxy: "localhost,127.0.0.0/8,10.0.0.0/8,192.168.0.0/16,.svc,.cluster.local,.default,.internal,.orch-platform,.orch-app,.orch-cluster,.orch-infra,.orch-database,.cattle-system,.orch-secret,.onprem"
TF_VAR_en_http_proxy: "http://192.168.99.30:8080"
TF_VAR_en_https_proxy: "http://192.168.99.30:8080"
TF_VAR_oxm_pxe_server_int: "orchnet"
TF_VAR_oxm_pxe_server_ip: "192.168.99.20"
TF_VAR_oxm_pxe_server_subnet: "192.168.99.0"
TF_VAR_enable_explicit_proxy: "true"
with:
orch_version: ${{ github.event.pull_request.head.sha }}
orch_profile: onprem-oxm
docker_username: ${{ secrets.SYS_DOCKERHUB_USERNAME }}
docker_password: ${{ secrets.SYS_DOCKERHUB_RO }}
- name: Create MT Sample Org and Project with default users
run: mage tenantUtils:createDefaultMtSetup
- name: Test Edge Node onboarding
env:
E2E_SVC_DOMAIN: cluster.onprem
EDGE_CLUSTER_NAME: test-cluster
EN_PROFILE: "microvisor-standalone"
timeout-minutes: 20
if: |
needs.check-changed-files.outputs.onboarding == 'true' ||
needs.check-changed-files.outputs.on-prem == 'true' ||
needs.check-changed-files.outputs.orch == 'true' ||
needs.check-changed-files.outputs.ci == 'true'
run: |
set +e
mage test:onboarding
TEST_EXIT_CODE=$?
sudo cat /var/log/libvirt/qemu/edge-node-EN123456789-console.log || true
exit $TEST_EXIT_CODE
tag-repo:
permissions:
contents: read
name: Tag repo
needs:
- lint-version
- build-publish
- deploy-kind
- deploy-on-prem
- deploy-oxm-profile
if: github.event_name == 'push' && ( github.ref == 'refs/heads/main' || github.ref == 'refs/heads/main-pass-validation' )
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
# Fetch all history for all tags and branches
fetch-depth: 0
persist-credentials: false
- name: Prepare ci tools
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: open-edge-platform/orch-ci
token: ${{ secrets.SYS_ORCH_GITHUB }}
path: orch-ci
persist-credentials: false
- name: Tag repo
env:
GITHUB_TOKEN: ${{ secrets.SYS_ORCH_GITHUB }}
run: orch-ci/scripts/version-tag.sh
post-merge:
permissions:
contents: read
security-events: write
id-token: write
if: github.event_name == 'push' && ( github.ref == 'refs/heads/main' || github.ref == 'refs/heads/main-pass-validation' )
uses: open-edge-platform/orch-ci/.github/workflows/post-merge.yml@592eafb7c84669729eb1adc610515bad61c3550b # 0.1.67
with:
run_build: false
run_version_tag: false
secrets:
SYS_ORCH_GITHUB: ${{ secrets.SYS_ORCH_GITHUB }}
NO_AUTH_ECR_PUSH_USERNAME: ${{ secrets.NO_AUTH_ECR_PUSH_USERNAME }}
NO_AUTH_ECR_PUSH_PASSWD: ${{ secrets.NO_AUTH_ECR_PUSH_PASSWD }}
MSTEAMS_WEBHOOK: ${{ secrets.TEAMS_WEBHOOK }}