Skip to content

Add support for a custom service account for hub templates #1057

Add support for a custom service account for hub templates

Add support for a custom service account for hub templates #1057

Workflow file for this run

name: KinD tests
on:
push:
branches:
- main
- release-[0-9]+.[0-9]+
pull_request:
branches:
- main
- release-[0-9]+.[0-9]+
defaults:
run:
shell: bash
jobs:
unit-tests:
runs-on: ubuntu-latest
name: Unit Tests
steps:
- name: Checkout Governance Policy Propagator
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: Verify modules
run: |
go mod verify
- name: Verify format
run: |
make fmt
git diff --exit-code
make lint
- name: Verify deploy/operator.yaml
run: |
make generate
make generate-operator-yaml
git diff --exit-code
- name: Unit and Integration Tests
run: |
make test
- name: Unit Test Coverage
if: ${{ github.event_name == 'pull_request' }}
run: |
make test-coverage
- name: Upload Unit Test Coverage
if: ${{ github.event_name == 'pull_request' }}
uses: actions/upload-artifact@v4
with:
name: coverage_unit
path: coverage_unit.out
kind-tests:
runs-on: ubuntu-latest
env:
REGISTRY: localhost:5000
strategy:
fail-fast: false
matrix:
# Run tests on minimum and newest supported OCP Kubernetes
# The "minimum" tag is set in the Makefile
# KinD tags: https://hub.docker.com/r/kindest/node/tags
kind:
- 'minimum'
- 'latest'
name: KinD tests
steps:
- name: Checkout Governance Policy Propagator
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: Create K8s KinD Cluster - ${{ matrix.kind }}
env:
KIND_VERSION: ${{ matrix.kind }}
run: |
make kind-bootstrap-cluster-dev
- name: Ensure Service Account kubeconfig
run: |
KUBECONFIG=${PWD}/kubeconfig_hub make kind-ensure-sa
- name: E2E Tests
run: |
export GOPATH=$(go env GOPATH)
KUBECONFIG=${PWD}/kubeconfig_hub make e2e-test-coverage
- name: Upload E2E Test Coverage
if: ${{ github.event_name == 'pull_request' && matrix.kind == 'latest'}}
uses: actions/upload-artifact@v4
with:
name: coverage_e2e
path: coverage_e2e.out
- name: E2E Tests for Compliance Events API
run: |
KUBECONFIG=${PWD}/kubeconfig_hub make e2e-test-coverage-compliance-events-api
- name: Upload Compliance Events API Test Coverage
if: ${{ github.event_name == 'pull_request' && matrix.kind == 'latest'}}
uses: actions/upload-artifact@v4
with:
name: coverage_e2e_compliance_events_api
path: coverage_e2e_compliance_events_api.out
- name: Verify Deployment Configuration
run: |
make webhook
make build-images
KUBECONFIG=${PWD}/kubeconfig_hub_e2e make kind-deploy-controller-dev
- name: E2E Tests for Webhook
run: |
KUBECONFIG=${PWD}/kubeconfig_hub make e2e-test-webhook
- name: Tests without PlacementRule
run: |
KUBECONFIG=${PWD}/kubeconfig_hub_e2e kubectl delete crd placementrules.apps.open-cluster-management.io
KUBECONFIG=${PWD}/kubeconfig_hub make e2e-test-non-placement-rule
- name: Debug
if: ${{ failure() }}
run: |
make e2e-debug
- name: Clean up cluster
if: ${{ always() }}
run: |
make kind-delete-cluster
policyautomation-tests:
runs-on: ubuntu-latest
env:
REGISTRY: localhost:5000
strategy:
fail-fast: false
matrix:
# Run tests on minimum and newest supported OCP Kubernetes
# The "minimum" tag is set in the Makefile
# KinD tags: https://hub.docker.com/r/kindest/node/tags
kind:
- 'minimum'
- 'latest'
name: PolicyAutomation tests
steps:
- name: Checkout Governance Policy Propagator
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
id: go
with:
go-version-file: go.mod
- name: Create K8s KinD Cluster - ${{ matrix.kind }}
env:
KIND_VERSION: ${{ matrix.kind }}
run: |
make kind-bootstrap-cluster-dev
- name: PolicyAutomation E2E Tests
run: |
export GOPATH=$(go env GOPATH)
KUBECONFIG=${PWD}/kubeconfig_hub make e2e-test-coverage-policyautomation
- name: Upload PolicyAutomation Test Coverage
if: ${{ github.event_name == 'pull_request' && matrix.kind == 'latest'}}
uses: actions/upload-artifact@v4
with:
name: coverage_e2e_policyautomation
path: coverage_e2e_policyautomation.out
- name: Debug
if: ${{ failure() }}
run: |
make e2e-debug
- name: Clean up cluster
if: ${{ always() }}
run: |
make kind-delete-cluster
coverage-verification:
defaults:
run:
working-directory: '.'
runs-on: ubuntu-latest
name: Test Coverage Verification
if: ${{ github.event_name == 'pull_request' }}
needs: [unit-tests, kind-tests, policyautomation-tests]
steps:
- name: Checkout Governance Policy Propagator
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: Download Unit Coverage Result
uses: actions/download-artifact@v4
with:
name: coverage_unit
- name: Download E2E Coverage Result
uses: actions/download-artifact@v4
with:
name: coverage_e2e
- name: Download Compliance Events Coverage Result
uses: actions/download-artifact@v4
with:
name: coverage_e2e_compliance_events_api
- name: Download PolicyAutomation Coverage Result
uses: actions/download-artifact@v4
with:
name: coverage_e2e_policyautomation
- name: Test Coverage Verification
run: |
make coverage-verify
make gosec-scan