Skip to content

adding encrypt and cabailities to volume/instance (#611) #57

adding encrypt and cabailities to volume/instance (#611)

adding encrypt and cabailities to volume/instance (#611) #57

name: Run Integration Tests
on:
workflow_dispatch: null
push:
branches:
- main
- dev
jobs:
integration-tests:
runs-on: ubuntu-latest
env:
EXIT_STATUS: 0
defaults:
run:
working-directory: .ansible/collections/ansible_collections/linode/cloud
steps:
- name: Checkout repo
uses: actions/checkout@v4
with:
path: .ansible/collections/ansible_collections/linode/cloud
fetch-depth: 0
submodules: 'recursive'
- name: Update packages
run: sudo apt-get update -y
- name: Setup Python 3
uses: actions/setup-python@v5
with:
python-version: '3.x'
- name: Install dependencies
run: make deps
- name: Install ansible dependencies
run: ansible-galaxy collection install amazon.aws:==6.0.1
- name: Install Collection
run: make install
- name: Replace Existing Keys
run: rm -rf ~/.ansible/test && mkdir -p ~/.ansible/test && ssh-keygen -m PEM -q -t rsa -N '' -f ~/.ansible/test/id_rsa
- name: Run Integration Tests
run: |
make testall
env:
LINODE_API_TOKEN: ${{ secrets.DX_LINODE_TOKEN }}
ANSIBLE_CALLBACKS_ENABLED: "junit"
- name: Upload Test Report as Artifact
if: always()
uses: actions/upload-artifact@v4
with:
name: xml-test-reports
if-no-files-found: ignore
path: '.ansible/collections/ansible_collections/linode/cloud/tests/output/junit'
retention-days: 1
process-upload-report:
runs-on: ubuntu-latest
needs: [integration-tests]
if: ${{ (success() || failure()) && github.repository == 'linode/ansible_linode' }}
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
submodules: 'recursive'
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.x'
- name: Install Python dependencies
run: pip3 install requests wheel boto3
# Create directory if it doesn't exist
- name: Create output directory
run: mkdir -p tests/output/junit
- name: Download test report
uses: actions/download-artifact@v4
with:
name: xml-test-reports # Specify the artifact name from the 'run-tests' job
path: tests/output/junit
continue-on-error: true # Continue even if artifact download fails
- name: Merge all test xmls in output directory
run: |
ls -R tests/output/junit
python e2e_scripts/tod_scripts/xml_to_obj_storage/ansible_tests/merge_ansible_results.py
- name: Add additional information to XML report
run: |
filename=$(ls | grep -E '^[0-9]{12}_ansible_merged\.xml$')
python e2e_scripts/tod_scripts/xml_to_obj_storage/scripts/add_gha_info_to_xml.py \
--branch_name "${GITHUB_REF#refs/*/}" \
--gha_run_id "$GITHUB_RUN_ID" \
--gha_run_number "$GITHUB_RUN_NUMBER" \
--xmlfile "${filename}"
- name: Upload test results to the bucket
run: |
filename=$(ls | grep -E '^[0-9]{12}_ansible_merged\.xml$')
python3 e2e_scripts/tod_scripts/xml_to_obj_storage/scripts/xml_to_obj.py "${filename}"
env:
LINODE_CLI_OBJ_ACCESS_KEY: ${{ secrets.LINODE_CLI_OBJ_ACCESS_KEY }}
LINODE_CLI_OBJ_SECRET_KEY: ${{ secrets.LINODE_CLI_OBJ_SECRET_KEY }}
apply-calico-rules:
runs-on: ubuntu-latest
needs: [integration-tests]
if: ${{ success() || failure() }}
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
submodules: 'recursive'
- name: Download kubectl and calicoctl for LKE clusters
run: |
curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl"
curl -LO "https://github.com/projectcalico/calico/releases/download/v3.25.0/calicoctl-linux-amd64"
chmod +x calicoctl-linux-amd64 kubectl
mv calicoctl-linux-amd64 /usr/local/bin/calicoctl
mv kubectl /usr/local/bin/kubectl
- name: Apply Calico Rules to LKE
run: |
cd e2e_scripts/cloud_security_scripts/lke_calico_rules/ && ./lke_calico_rules_e2e.sh
env:
LINODE_TOKEN: ${{ secrets.DX_LINODE_TOKEN }}
add-fw-to-remaining-instances:
runs-on: ubuntu-latest
needs: [integration-tests]
if: ${{ success() || failure() }}
steps:
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.x'
- name: Install Linode CLI
run: |
pip install linode-cli
- name: Create Firewall and Attach to Instances
run: |
FIREWALL_ID=$(linode-cli firewalls create --label "e2e-fw-$(date +%s)" --rules.inbound_policy "DROP" --rules.outbound_policy "ACCEPT" --text --format=id --no-headers)
echo "Created Firewall with ID: $FIREWALL_ID"
for instance_id in $(linode-cli linodes list --format "id" --text --no-header); do
echo "Attaching firewall to instance: $instance_id"
if linode-cli firewalls device-create "$FIREWALL_ID" --id "$instance_id" --type linode; then
echo "Firewall attached to instance $instance_id successfully."
else
echo "An error occurred while attaching firewall to instance $instance_id. Skipping..."
fi
done
env:
LINODE_CLI_TOKEN: ${{ secrets.DX_LINODE_TOKEN }}
notify-slack:
runs-on: ubuntu-latest
needs: [integration-tests]
if: ${{ (success() || failure()) && github.repository == 'linode/ansible_linode' }} # Run even if integration tests fail and only on main repository
steps:
- name: Notify Slack
uses: slackapi/[email protected]
with:
channel-id: ${{ secrets.SLACK_CHANNEL_ID }}
payload: |
{
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": ":rocket: *${{ github.workflow }} Completed in: ${{ github.repository }}* :white_check_mark:"
}
},
{
"type": "divider"
},
{
"type": "section",
"fields": [
{
"type": "mrkdwn",
"text": "*Build Result:*\n${{ needs.integration-tests.result == 'success' && ':large_green_circle: Build Passed' || ':red_circle: Build Failed' }}"
},
{
"type": "mrkdwn",
"text": "*Branch:*\n`${{ github.ref_name }}`"
}
]
},
{
"type": "section",
"fields": [
{
"type": "mrkdwn",
"text": "*Commit Hash:*\n<${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }}|${{ github.sha }}>"
},
{
"type": "mrkdwn",
"text": "*Run URL:*\n<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|View Run Details>"
}
]
},
{
"type": "divider"
},
{
"type": "context",
"elements": [
{
"type": "mrkdwn",
"text": "Triggered by: :bust_in_silhouette: `${{ github.actor }}`"
}
]
}
]
}
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}