adding encrypt and cabailities to volume/instance (#611) #57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Run Integration Tests | |
on: | |
workflow_dispatch: null | |
push: | |
branches: | |
- main | |
- dev | |
jobs: | |
integration-tests: | |
runs-on: ubuntu-latest | |
env: | |
EXIT_STATUS: 0 | |
defaults: | |
run: | |
working-directory: .ansible/collections/ansible_collections/linode/cloud | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
with: | |
path: .ansible/collections/ansible_collections/linode/cloud | |
fetch-depth: 0 | |
submodules: 'recursive' | |
- name: Update packages | |
run: sudo apt-get update -y | |
- name: Setup Python 3 | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.x' | |
- name: Install dependencies | |
run: make deps | |
- name: Install ansible dependencies | |
run: ansible-galaxy collection install amazon.aws:==6.0.1 | |
- name: Install Collection | |
run: make install | |
- name: Replace Existing Keys | |
run: rm -rf ~/.ansible/test && mkdir -p ~/.ansible/test && ssh-keygen -m PEM -q -t rsa -N '' -f ~/.ansible/test/id_rsa | |
- name: Run Integration Tests | |
run: | | |
make testall | |
env: | |
LINODE_API_TOKEN: ${{ secrets.DX_LINODE_TOKEN }} | |
ANSIBLE_CALLBACKS_ENABLED: "junit" | |
- name: Upload Test Report as Artifact | |
if: always() | |
uses: actions/upload-artifact@v4 | |
with: | |
name: xml-test-reports | |
if-no-files-found: ignore | |
path: '.ansible/collections/ansible_collections/linode/cloud/tests/output/junit' | |
retention-days: 1 | |
process-upload-report: | |
runs-on: ubuntu-latest | |
needs: [integration-tests] | |
if: ${{ (success() || failure()) && github.repository == 'linode/ansible_linode' }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
submodules: 'recursive' | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.x' | |
- name: Install Python dependencies | |
run: pip3 install requests wheel boto3 | |
# Create directory if it doesn't exist | |
- name: Create output directory | |
run: mkdir -p tests/output/junit | |
- name: Download test report | |
uses: actions/download-artifact@v4 | |
with: | |
name: xml-test-reports # Specify the artifact name from the 'run-tests' job | |
path: tests/output/junit | |
continue-on-error: true # Continue even if artifact download fails | |
- name: Merge all test xmls in output directory | |
run: | | |
ls -R tests/output/junit | |
python e2e_scripts/tod_scripts/xml_to_obj_storage/ansible_tests/merge_ansible_results.py | |
- name: Add additional information to XML report | |
run: | | |
filename=$(ls | grep -E '^[0-9]{12}_ansible_merged\.xml$') | |
python e2e_scripts/tod_scripts/xml_to_obj_storage/scripts/add_gha_info_to_xml.py \ | |
--branch_name "${GITHUB_REF#refs/*/}" \ | |
--gha_run_id "$GITHUB_RUN_ID" \ | |
--gha_run_number "$GITHUB_RUN_NUMBER" \ | |
--xmlfile "${filename}" | |
- name: Upload test results to the bucket | |
run: | | |
filename=$(ls | grep -E '^[0-9]{12}_ansible_merged\.xml$') | |
python3 e2e_scripts/tod_scripts/xml_to_obj_storage/scripts/xml_to_obj.py "${filename}" | |
env: | |
LINODE_CLI_OBJ_ACCESS_KEY: ${{ secrets.LINODE_CLI_OBJ_ACCESS_KEY }} | |
LINODE_CLI_OBJ_SECRET_KEY: ${{ secrets.LINODE_CLI_OBJ_SECRET_KEY }} | |
apply-calico-rules: | |
runs-on: ubuntu-latest | |
needs: [integration-tests] | |
if: ${{ success() || failure() }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
submodules: 'recursive' | |
- name: Download kubectl and calicoctl for LKE clusters | |
run: | | |
curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl" | |
curl -LO "https://github.com/projectcalico/calico/releases/download/v3.25.0/calicoctl-linux-amd64" | |
chmod +x calicoctl-linux-amd64 kubectl | |
mv calicoctl-linux-amd64 /usr/local/bin/calicoctl | |
mv kubectl /usr/local/bin/kubectl | |
- name: Apply Calico Rules to LKE | |
run: | | |
cd e2e_scripts/cloud_security_scripts/lke_calico_rules/ && ./lke_calico_rules_e2e.sh | |
env: | |
LINODE_TOKEN: ${{ secrets.DX_LINODE_TOKEN }} | |
add-fw-to-remaining-instances: | |
runs-on: ubuntu-latest | |
needs: [integration-tests] | |
if: ${{ success() || failure() }} | |
steps: | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.x' | |
- name: Install Linode CLI | |
run: | | |
pip install linode-cli | |
- name: Create Firewall and Attach to Instances | |
run: | | |
FIREWALL_ID=$(linode-cli firewalls create --label "e2e-fw-$(date +%s)" --rules.inbound_policy "DROP" --rules.outbound_policy "ACCEPT" --text --format=id --no-headers) | |
echo "Created Firewall with ID: $FIREWALL_ID" | |
for instance_id in $(linode-cli linodes list --format "id" --text --no-header); do | |
echo "Attaching firewall to instance: $instance_id" | |
if linode-cli firewalls device-create "$FIREWALL_ID" --id "$instance_id" --type linode; then | |
echo "Firewall attached to instance $instance_id successfully." | |
else | |
echo "An error occurred while attaching firewall to instance $instance_id. Skipping..." | |
fi | |
done | |
env: | |
LINODE_CLI_TOKEN: ${{ secrets.DX_LINODE_TOKEN }} | |
notify-slack: | |
runs-on: ubuntu-latest | |
needs: [integration-tests] | |
if: ${{ (success() || failure()) && github.repository == 'linode/ansible_linode' }} # Run even if integration tests fail and only on main repository | |
steps: | |
- name: Notify Slack | |
uses: slackapi/[email protected] | |
with: | |
channel-id: ${{ secrets.SLACK_CHANNEL_ID }} | |
payload: | | |
{ | |
"blocks": [ | |
{ | |
"type": "section", | |
"text": { | |
"type": "mrkdwn", | |
"text": ":rocket: *${{ github.workflow }} Completed in: ${{ github.repository }}* :white_check_mark:" | |
} | |
}, | |
{ | |
"type": "divider" | |
}, | |
{ | |
"type": "section", | |
"fields": [ | |
{ | |
"type": "mrkdwn", | |
"text": "*Build Result:*\n${{ needs.integration-tests.result == 'success' && ':large_green_circle: Build Passed' || ':red_circle: Build Failed' }}" | |
}, | |
{ | |
"type": "mrkdwn", | |
"text": "*Branch:*\n`${{ github.ref_name }}`" | |
} | |
] | |
}, | |
{ | |
"type": "section", | |
"fields": [ | |
{ | |
"type": "mrkdwn", | |
"text": "*Commit Hash:*\n<${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }}|${{ github.sha }}>" | |
}, | |
{ | |
"type": "mrkdwn", | |
"text": "*Run URL:*\n<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|View Run Details>" | |
} | |
] | |
}, | |
{ | |
"type": "divider" | |
}, | |
{ | |
"type": "context", | |
"elements": [ | |
{ | |
"type": "mrkdwn", | |
"text": "Triggered by: :bust_in_silhouette: `${{ github.actor }}`" | |
} | |
] | |
} | |
] | |
} | |
env: | |
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} |