Skip to content

ci: Add rolling update kind testing #480

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
fegmorte merged 29 commits into from
Apr 2, 2026
Merged

ci: Add rolling update kind testing #480

Show file tree
Hide file tree
Changes from 6 commits
Commits
Show all changes
29 commits
Select commit Hold shift + click to select a range
168cc3d
ci: Add rolling update kind testing
fegmorte Mar 25, 2026
8efacd2
chore: add pr trigger
fegmorte Mar 26, 2026
f752aa6
chore: fix typo for TLS
fegmorte Mar 26, 2026
27bdc39
fix: Fix docker login
fegmorte Mar 26, 2026
dae6cea
Merge branch 'main' into fred/ci/testing-rolling-update-mix
fegmorte Mar 26, 2026
4e04a17
fix: Fix docker login
fegmorte Mar 26, 2026
09e1a76
fix: Fix chart version for old and new version
fegmorte Mar 26, 2026
fe39b0d
fix: Fix chart version for old and new version
fegmorte Mar 26, 2026
d46fb86
fix: fix ghcr url
fegmorte Mar 26, 2026
6587bfe
fix: fix ghcr url
fegmorte Mar 26, 2026
b76e57b
fix: fix image for upgrade and helm uninstall
fegmorte Mar 26, 2026
2fc9cdf
fix: fix chart version for kms version upgrade
fegmorte Mar 26, 2026
b68afa6
fix: fix core-client command with -a
fegmorte Mar 26, 2026
4c668c4
fix: add new workflow for rolling update
fegmorte Mar 26, 2026
74720f7
fix: update workflow summary
fegmorte Mar 26, 2026
84e236b
fix: update workflow without -a
fegmorte Mar 26, 2026
5ec24d1
Merge branch 'main' into fred/ci/testing-rolling-update-mix
fegmorte Mar 27, 2026
14a7160
fix: try with 4 parties
fegmorte Mar 27, 2026
dc96fa7
Merge branch 'fred/ci/testing-rolling-update-mix' of github.com:zama-…
fegmorte Mar 27, 2026
387d0e0
fix: try with 4 parties
fegmorte Mar 27, 2026
846753a
fix: update core-client v0.13.10-rc.2
fegmorte Mar 27, 2026
f597efe
fix: update core-client v0.13.10-rc.2
fegmorte Mar 27, 2026
86c8172
fix: test with migration fix 26e1273
fegmorte Mar 28, 2026
1a57a54
fix: fix zizmor and remove pr trigger
fegmorte Mar 30, 2026
6cf97fa
Merge branch 'main' into fred/ci/testing-rolling-update-mix
fegmorte Mar 30, 2026
ddaa8d7
fix: upgrade readme and comment
fegmorte Mar 30, 2026
2baa2f7
Merge branch 'main' into fred/ci/testing-rolling-update-mix
fegmorte Mar 30, 2026
0c5c96d
Merge branch 'main' into fred/ci/testing-rolling-update-mix
fegmorte Apr 1, 2026
fda3467
Merge branch 'main' into fred/ci/testing-rolling-update-mix
fegmorte Apr 2, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 6 additions & 4 deletions .github/workflows/build-and-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,8 +92,9 @@ jobs:
AWS_SECRET_KEY_S3_USER: ${{ secrets.AWS_SECRET_KEY_S3_USER }}
CGR_USERNAME: ${{ secrets.CGR_USERNAME }}
CGR_PASSWORD: ${{ secrets.CGR_PASSWORD }}
HUB_ZAMA_ORG_USERNAME: ${{ secrets.HUB_ZAMA_ORG_USERNAME }}
HUB_ZAMA_ORG_SECRET: ${{ secrets.HUB_ZAMA_ORG_SECRET }}
HARBOR_URL: ${{ secrets.HARBOR_URL }}
HARBOR_READ_LOGIN: ${{ secrets.HARBOR_READ_LOGIN }}
HARBOR_READ_TOKEN: ${{ secrets.HARBOR_READ_TOKEN }}
ZWS_BOT_TOKEN: ${{ secrets.ZWS_BOT_TOKEN }}

############################################################################
Expand Down Expand Up @@ -152,8 +153,9 @@ jobs:
enclave_pcr1: ${{ needs.docker-build.outputs.enclave_pcr1 }}
enclave_pcr2: ${{ needs.docker-build.outputs.enclave_pcr2 }}
secrets:
HUB_ZAMA_ORG_USERNAME: ${{ secrets.HUB_ZAMA_ORG_USERNAME }}
HUB_ZAMA_ORG_SECRET: ${{ secrets.HUB_ZAMA_ORG_SECRET }}
HARBOR_URL: ${{ secrets.HARBOR_URL }}
HARBOR_READ_LOGIN: ${{ secrets.HARBOR_READ_LOGIN }}
HARBOR_READ_TOKEN: ${{ secrets.HARBOR_READ_TOKEN }}
TS_OAUTH_CLIENT_ID: ${{ secrets.TS_OAUTH_CLIENT_ID }}
TS_OAUTH_SECRET: ${{ secrets.TS_OAUTH_SECRET }}
BLOCKCHAIN_ACTIONS_TOKEN: ${{ secrets.BLOCKCHAIN_ACTIONS_TOKEN }}
16 changes: 9 additions & 7 deletions .github/workflows/kind-testing.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,11 @@
secrets:
ZWS_BOT_TOKEN:
required: true
HUB_ZAMA_ORG_USERNAME:
HARBOR_URL:
required: true
HUB_ZAMA_ORG_SECRET:
HARBOR_READ_LOGIN:
required: true
HARBOR_READ_TOKEN:
required: true
BLOCKCHAIN_ACTIONS_TOKEN:
required: true
Expand Down Expand Up @@ -260,9 +262,9 @@
if: matrix.cargo-check == false
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: hub.zama.org
username: ${{ secrets.HUB_ZAMA_ORG_USERNAME }}
password: ${{ secrets.HUB_ZAMA_ORG_SECRET }}
registry: ${{ secrets.HARBOR_URL }}
username: ${{ secrets.HARBOR_READ_LOGIN }}
password: ${{ secrets.HARBOR_READ_TOKEN }}

# ==========================================================================
# Rust toolchain setup
Expand Down Expand Up @@ -343,8 +345,8 @@
env:
DEPLOYMENT_TYPE: ${{ matrix.deployment-type }} # Deployment type: threshold or centralized
GITHUB_TOKEN: ${{ secrets.ZWS_BOT_TOKEN }}
HUB_ZAMA_ORG_USERNAME: ${{ secrets.HUB_ZAMA_ORG_USERNAME }}
HUB_ZAMA_ORG_SECRET: ${{ secrets.HUB_ZAMA_ORG_SECRET }}
HARBOR_READ_LOGIN: ${{ secrets.HARBOR_READ_LOGIN }}
HARBOR_READ_TOKEN: ${{ secrets.HARBOR_READ_TOKEN }}
KMS_CORE_IMAGE_TAG: ${{ inputs.image_tag || needs.docker-build.outputs.image_tag }}
KMS_CORE_CLIENT_IMAGE_TAG: ${{ inputs.image_tag || needs.docker-build.outputs.image_tag }}
NAMESPACE: kms-test-${{ matrix.deployment-type }}
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/performance-testing.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -206,9 +206,9 @@
- name: Login to zws GitHub Container Registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: hub.zama.org
username: ${{ secrets.HUB_ZAMA_ORG_USERNAME }}
password: ${{ secrets.HUB_ZAMA_ORG_SECRET }}
registry: ${{ secrets.HARBOR_URL }}

Check warning

Code scanning / zizmor

secrets referenced without a dedicated environment Warning

secrets referenced without a dedicated environment
username: ${{ secrets.HARBOR_READ_LOGIN }}
password: ${{ secrets.HARBOR_READ_TOKEN }}

- name: Set up path suffix based on deployment type
run: |
Expand Down
12 changes: 7 additions & 5 deletions .github/workflows/pr-preview-deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,9 +31,11 @@
required: false
type: string
secrets:
HUB_ZAMA_ORG_USERNAME:
HARBOR_URL:
required: true
HUB_ZAMA_ORG_SECRET:
HARBOR_READ_LOGIN:
required: true
HARBOR_READ_TOKEN:
required: true
TS_OAUTH_CLIENT_ID:
required: true
Expand Down Expand Up @@ -98,9 +100,9 @@
- name: Login to zws GitHub Container Registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: hub.zama.org
username: ${{ secrets.HUB_ZAMA_ORG_USERNAME }}
password: ${{ secrets.HUB_ZAMA_ORG_SECRET }}
registry: ${{ secrets.HARBOR_URL }}
username: ${{ secrets.HARBOR_READ_LOGIN }}
password: ${{ secrets.HARBOR_READ_TOKEN }}

- name: Handle pre-built images and PCR values
if: ${{ env.DEPLOYMENT_TYPE == 'thresholdWithEnclave' || env.DEPLOYMENT_TYPE == 'centralizedWithEnclave' }}
Expand Down
Loading
Loading