chore(deps): update all github action dependencies (v1.12) (major) #1265
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Smoke Test with IPv6 | |
| # Any change in triggers needs to be reflected in the concurrency group. | |
| on: | |
| pull_request: {} | |
| push: | |
| branches: | |
| - v1.12 | |
| - ft/v1.12/** | |
| permissions: read-all | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.event.after }} | |
| cancel-in-progress: true | |
| env: | |
| cilium_cli_version: v0.15.19 | |
| KIND_VERSION: v0.17.0 | |
| KIND_CONFIG: .github/kind-config-ipv6.yaml | |
| # Skip external traffic (e.g. 1.1.1.1 and www.google.com) due to no support for IPv6 in github action | |
| CONFORMANCE_TEMPLATE: examples/kubernetes/connectivity-check/connectivity-check-internal.yaml | |
| TIMEOUT: 5m | |
| LOG_TIME: 30m | |
| jobs: | |
| check_changes: | |
| name: Deduce required tests from code changes | |
| runs-on: ubuntu-22.04 | |
| outputs: | |
| tested: ${{ steps.tested-tree.outputs.src }} | |
| steps: | |
| - name: Checkout code | |
| if: ${{ !github.event.pull_request }} | |
| uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| with: | |
| persist-credentials: false | |
| - name: Check code changes | |
| uses: dorny/paths-filter@ebc4d7e9ebcb0b1eb21480bb8f43113e996ac77a # v3.0.1 | |
| id: tested-tree | |
| with: | |
| # For `push` events, compare against the `ref` base branch | |
| # For `pull_request` events, this is ignored and will compare against the pull request base branch | |
| base: ${{ github.ref }} | |
| filters: | | |
| src: | |
| - '!(test|Documentation)/**' | |
| conformance-test-ipv6: | |
| needs: check_changes | |
| if: ${{ needs.check_changes.outputs.tested == 'true' }} | |
| runs-on: ubuntu-22.04 | |
| name: Installation and Conformance Test | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| with: | |
| persist-credentials: false | |
| - name: Set image tag | |
| id: vars | |
| run: | | |
| if [ ${{ github.event.pull_request.head.sha }} != "" ]; then | |
| echo tag=${{ github.event.pull_request.head.sha }} >> $GITHUB_OUTPUT | |
| else | |
| echo tag=${{ github.sha }} >> $GITHUB_OUTPUT | |
| fi | |
| - name: Precheck generated connectivity manifest files | |
| run: | | |
| make -C examples/kubernetes/connectivity-check fmt | |
| make -C examples/kubernetes/connectivity-check all | |
| test -z "$(git status --porcelain)" || (echo "please run 'make -C examples/kubernetes/connectivity-check fmt all' and submit your changes"; exit 1) | |
| - name: Enable IPv6 in docker | |
| run: | | |
| sudo cat /etc/docker/daemon.json || true | |
| # Keep existing config like cgroup-parent in github action | |
| sudo sh -c "echo '{ \"exec-opts\": [\"native.cgroupdriver=cgroupfs\"], \"cgroup-parent\": \"/actions_job\", \"ipv6\": true, \"fixed-cidr-v6\": \"2001:db8:1::/64\" }' > /etc/docker/daemon.json" | |
| sudo cat /etc/docker/daemon.json | |
| sudo ip -6 route add 2001:db8:1::/64 dev docker0 | |
| sudo sysctl net.ipv6.conf.default.forwarding=1 | |
| sudo sysctl net.ipv6.conf.all.forwarding=1 | |
| sudo systemctl restart docker | |
| - name: Create kind cluster | |
| uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0 | |
| with: | |
| version: ${{ env.KIND_VERSION }} | |
| config: ${{ env.KIND_CONFIG }} | |
| - name: Wait for images to be available | |
| timeout-minutes: 30 | |
| shell: bash | |
| run: | | |
| for image in cilium-ci operator-generic-ci hubble-relay-ci ; do | |
| until docker manifest inspect quay.io/${{ github.repository_owner }}/$image:${{ steps.vars.outputs.tag }} &> /dev/null; do sleep 45s; done | |
| done | |
| - name: Install cilium chart | |
| run: | | |
| helm upgrade -i cilium ./install/kubernetes/cilium \ | |
| --namespace kube-system \ | |
| --set nodeinit.enabled=true \ | |
| --set kubeProxyReplacement=strict \ | |
| --set ipam.mode=kubernetes \ | |
| --set image.repository=quay.io/${{ github.repository_owner }}/cilium-ci \ | |
| --set image.tag=${{ steps.vars.outputs.tag }} \ | |
| --set image.pullPolicy=IfNotPresent \ | |
| --set image.useDigest=false \ | |
| --set hubble.relay.enabled=true \ | |
| --set hubble.relay.image.repository=quay.io/${{ github.repository_owner }}/hubble-relay-ci \ | |
| --set hubble.relay.image.tag=${{ steps.vars.outputs.tag }} \ | |
| --set hubble.relay.image.pullPolicy=IfNotPresent \ | |
| --set hubble.relay.image.useDigest=false \ | |
| --set operator.image.repository=quay.io/${{ github.repository_owner }}/operator \ | |
| --set operator.image.suffix=-ci \ | |
| --set operator.image.tag=${{ steps.vars.outputs.tag }} \ | |
| --set operator.image.pullPolicy=IfNotPresent \ | |
| --set operator.image.useDigest=false \ | |
| --set ipv6.enabled=true \ | |
| --set ipv4.enabled=false \ | |
| --set tunnel=disabled \ | |
| --set autoDirectNodeRoutes=true \ | |
| --set ipv6NativeRoutingCIDR=2001:db8:1::/64 \ | |
| --set ingressController.enabled=true | |
| kubectl wait -n kube-system --for=condition=Ready --all pod --timeout=${{ env.TIMEOUT }} | |
| # To make sure that cilium CRD is available (default timeout is 5m) | |
| kubectl wait --for condition=Established crd/ciliumnetworkpolicies.cilium.io --timeout=5m | |
| kubectl port-forward -n kube-system deployment/hubble-relay 4245:4245 & | |
| - name: Run conformance test (e.g. connectivity check without external 1.1.1.1 and www.google.com) | |
| run: | | |
| kubectl apply -f ${{ env.CONFORMANCE_TEMPLATE }} | |
| kubectl wait --for=condition=Available --all deployment --timeout=${{ env.TIMEOUT }} | |
| - name: Capture cilium-sysdump | |
| if: ${{ failure() }} | |
| # The following is needed to prevent hubble from receiving an empty | |
| # file (EOF) on stdin and displaying no flows. | |
| shell: 'script -q -e -c "bash --noprofile --norc -eo pipefail {0}"' | |
| run: | | |
| echo "=== Install Cilium CLI ===" | |
| curl -sSL --remote-name-all https://github.com/cilium/cilium-cli/releases/download/${{ env.cilium_cli_version }}/cilium-linux-amd64.tar.gz{,.sha256sum} | |
| sha256sum --check cilium-linux-amd64.tar.gz.sha256sum | |
| sudo tar xzvfC cilium-linux-amd64.tar.gz /usr/bin | |
| rm cilium-linux-amd64.tar.gz{,.sha256sum} | |
| cilium version | |
| echo "=== Retrieve cluster state ===" | |
| kubectl get pods --all-namespaces -o wide | |
| cilium status | |
| cilium sysdump --output-filename cilium-sysdump-out | |
| - name: Upload cilium-sysdump | |
| uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 | |
| if: ${{ failure() }} | |
| with: | |
| name: cilium-sysdump-out.zip | |
| path: cilium-sysdump-out.zip |