Skip to content

Integration [pull_request_target: 216311e57c26e864213e6e6eebe32d290a5f32a7]: #1927

Integration [pull_request_target: 216311e57c26e864213e6e6eebe32d290a5f32a7]:

Integration [pull_request_target: 216311e57c26e864213e6e6eebe32d290a5f32a7]: #1927

# GitHub repo level Secrets and Variables
# secrets.CLIENT_SECRET
# secrets.SHEPHERD_SERVICE_ACCOUNT_TOKEN
# vars.CAPI_RELEASE_VERSION
# vars.SHEPHERD_LEASE_DURATION
# vars.SHEPHERD_LEASE_NAMESPACE
# vars.SHEPHERD_TEMPLATE_ARGUMENT
# vars.SHEPHERD_TEMPLATE_NAME
# vars.SHEPHERD_TEMPLATE_NAMESPACE
name: "Tests: Integration"
run-name: "Integration [${{ github.event_name }}: ${{ github.event.pull_request.head.sha || github.event.push.after || github.event.workflow_run.head_sha}}]: ${{ github.event.workflow_run.head_commit.message }}"
on:
workflow_dispatch:
inputs:
workflow:
description: Tests to run
required: true
type: choice
options:
- all
- run-integration-tests-cf-env
- run-integration-tests-cf-env-with-client-creds
- run-cats-cf-env
nodes:
description: Number of test nodes
required: false
type: string
default: "12"
lease_id:
description: Pre-provisioned environment lease-id to use in tests
required: false
type: string
lease_namespace:
description: Pre-provisioned environment lease namespace to use in tests
required: false
type: string
cfd_version:
description: Use specific version of CFD. Leave empty to use latest.
default: ""
type: string
run_unit_tests:
description: Run unit tests
required: false
type: boolean
default: true
reinstall_cfd:
description: Force re-installation of CFD
required: false
type: boolean
default: true
push:
tags:
- "v8.*"
- "v7.*"
pull_request_target:
branches:
- main
- v8
- v7
paths-ignore:
- "doc/**"
- ".gitpod.yml"
- "README.md"
- ".github/**"
- ".grype.yaml"
- ".git*"
- ".golangci.json"
env:
SHEPHERD_LEASE_ID: ${{ inputs.lease_id }}
jobs:
get-sha:
runs-on: ubuntu-latest
outputs:
gitRef: ${{steps.calculate.outputs.ref}}
steps:
- id: calculate
run: |
if [[ "${{ github.event_name }}" == "pull_request_target" ]]; then
echo "checkout pull request head ${{ github.event.pull_request.head.sha }}"
echo "ref=${{ github.event.pull_request.head.sha }}" >> $GITHUB_OUTPUT
elif [[ "${{ github.event_name }}" == "push" ]]; then
echo "checkout push request ${{github.event.push.after}}"
echo "ref=${{github.event.push.after}}" >> $GITHUB_OUTPUT
else
echo "checkout else ${{ github.event.workflow_run.head_sha }}"
echo "ref=${{github.event.workflow_run.head_sha}}" >> $GITHUB_OUTPUT
fi
units:
name: Basic units to gate for integration tests
runs-on: ubuntu-latest
needs:
- get-sha
steps:
- name: Checkout
uses: actions/checkout@v4
if: ${{ inputs.run_unit_tests || inputs.run_unit_tests == '' }}
with:
ref: ${{needs.get-sha.outputs.gitRef}}
fetch-depth: 0
- name: Set Up Go
uses: actions/setup-go@v5
if: ${{ inputs.run_unit_tests || inputs.run_unit_tests == '' }}
with:
go-version-file: go.mod
check-latest: true
- name: Run Units
if: ${{ inputs.run_unit_tests || inputs.run_unit_tests == '' }}
run: make units
claim-env:
name: Claim and Prep Environment
outputs:
leaseid: ${{steps.claim.outputs.leaseid}}
defaults:
run:
shell: bash
runs-on: ubuntu-latest
container: us-west2-docker.pkg.dev/shepherd-268822/shepherd2/concourse-resource:latest
needs:
- get-sha
- units
steps:
- name: Checkout cli
uses: actions/checkout@v4
with:
ref: ${{needs.get-sha.outputs.gitRef}}
- name: claim
id: claim
env:
account_token: ${{ secrets.SHEPHERD_SERVICE_ACCOUNT_TOKEN }}
template_argument: ${{ vars.SHEPHERD_TEMPLATE_ARGUMENT }}
template_name: ${{ vars.SHEPHERD_TEMPLATE_NAME || '[email protected]' }}
template_namespace: ${{ vars.SHEPHERD_TEMPLATE_NAMESPACE || 'official' }}
lease_duration: ${{ vars.SHEPHERD_LEASE_DURATION || '8h' }}
lease_namespace: ${{ inputs.lease_namespace || vars.SHEPHERD_LEASE_NAMESPACE || 'tas-devex' }}
cfd_version: ${{ inputs.cfd_version || vars.CFD_VERSION || '' }}
run: |
shepherd login service-account ${account_token}
if [[ -z $SHEPHERD_LEASE_ID ]]; then
if [ -z "$template_argument" ]; then
export template_argument=$(cat <<EOF
{
"gcp_region": "us-west2",
"vm_type": "n1-standard-8",
"root_disk_gb": 32,
"disk_pool_gb": 150,
"cfd_version": "${cfd_version}",
"additional_opsfiles_b64": ""
}
EOF
)
fi
lease_id=$( shepherd create lease \
--template-argument "$template_argument" \
--template-namespace "${template_namespace}" \
--template "${template_name}" \
--namespace "${lease_namespace}" \
--duration "${lease_duration}" \
--description "Claimed by CF CLI workflow ${{ github.workflow_run.url }}" \
--json \
| jq -r .id
)
else
lease_id=$SHEPHERD_LEASE_ID
fi
echo "Shepherd lease ID: ${lease_id}"
# Give sometime for the lease to complete. Shepherd may take upto an 3 hours to create an env
# if the pool is empty.
count=0
while [ $count -lt 360 ] ; do
sleep 30
status=$( shepherd get lease ${lease_id} \
--namespace ${lease_namespace} \
--json \
| jq -r .status
)
if [ $status == "LEASED" ] ; then
shepherd get lease ${lease_id} \
--namespace ${lease_namespace} \
--json \
| jq .output > metadata.json
break
elif [ $status == "FAILED" -o $status == "EXPIRED" ] ; then
echo "There was an error obtaining the lease. Lease status is ${status}."
exit 1
else
echo "Waiting for environment to be ready. Lease status is ${status}."
fi
count=$(($count+1))
done
env_name=$(jq -r .name metadata.json)
echo "env name is ${env_name}"
echo "leaseid=${lease_id}" >> "${GITHUB_OUTPUT}"
cf_deployment_version=$(jq -r '."cf_deployment_version"' metadata.json)
echo "cf_deployment_version is ${cf_deployment_version}"
echo "cf_deployment_version=${cf_deployment_version}" >> "${GITHUB_OUTPUT}"
- name: Set Up Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true
- name: Install Tools
if: ${{ (inputs.lease_id == '') || (inputs.reinstall_cfd == true) }}
run: |
go version
install_location=/usr/local/bin
bbl_artifact=bbl-v8.4.110_linux_x86-64
bosh_cli_artifact=bosh-cli-7.7.2-linux-amd64
curl https://github.com/cloudfoundry/bosh-bootloader/releases/download/v8.4.110/${bbl_artifact} --silent --location --output $install_location/bbl
chmod +x $install_location/bbl
bbl --version
curl https://github.com/cloudfoundry/bosh-cli/releases/download/v7.7.2/$bosh_cli_artifact --silent --output $install_location/bosh --location
chmod +x $install_location/bosh
bosh --version
apt-get update
apt-get install -y build-essential unzip
- name: Upload latest CAPI release
if: ${{ (inputs.lease_id == '') || (inputs.reinstall_cfd == true) }}
env:
capi_release_version: ${{ vars.CAPI_RELEASE_VERSION }}
run: |
if [ -z "$capi_release_version" ]; then
capi_release_version=$(curl -s https://api.github.com/repos/cloudfoundry/capi-release/releases/latest | jq -r .tag_name)
fi
echo "Latest CAPI release is $capi_release_version"
eval "$(bbl print-env --metadata-file metadata.json)"
env_name=$(jq -r .name metadata.json)
jq -r .bosh.jumpbox_private_key metadata.json > /tmp/${env_name}.priv
bosh upload-release "https://bosh.io/d/github.com/cloudfoundry/capi-release?v=$capi_release_version"
- name: Checkout cf-deployment
if: ${{ (inputs.lease_id == '') || (inputs.reinstall_cfd == true) }}
uses: actions/checkout@v4
with:
repository: cloudfoundry/cf-deployment
path: cf-deployment
ref: ${{steps.claim.outputs.cf_deployment_version}}
- name: Deploy Isolation Segment and OIDC Provider
if: ${{ (inputs.lease_id == '') || (inputs.reinstall_cfd == true) }}
run: |
env_name=$(jq -r .name metadata.json)
jq -r .bosh.jumpbox_private_key metadata.json > /tmp/${env_name}.priv
eval "$(bbl print-env --metadata-file metadata.json)"
bosh -d cf manifest > /tmp/manifest.yml
bosh interpolate /tmp/manifest.yml \
-o cf-deployment/operations/use-internal-lookup-for-route-services.yml \
-o cf-deployment/operations/add-persistent-isolation-segment-diego-cell.yml \
-o .github/ops-files/use-latest-capi.yml \
-o .github/ops-files/add-oidc-provider.yml \
-o .github/ops-files/add-uaa-client-credentials.yml \
-o .github/ops-files/diego-cell-instances.yml \
-v client-secret="${{ secrets.CLIENT_SECRET }}" \
> ./director.yml
bosh -d cf deploy director.yml -n
echo "Deployed CAPI version:"
bosh -d cf releases | grep capi
run-integration-tests-cf-env:
name: Integration tests
needs:
- get-sha
- units
- claim-env
if: ${{ github.event_name != 'workflow_dispatch' || inputs.workflow == 'all' || inputs.workflow == 'run-integration-tests-cf-env' }}
uses: ./.github/workflows/tests-integration-reusable.yml
with:
run-with-client-creds: false
os: ubuntu-latest
name: Integration
gitRef: ${{needs.get-sha.outputs.gitRef}}
lease-id: ${{ needs.claim-env.outputs.leaseid }}
lease-namespace: ${{ inputs.lease_namespace || vars.SHEPHERD_LEASE_NAMESPACE || 'tas-devex' }}
nodes: ${{ inputs.nodes || '16'}}
secrets: inherit
run-integration-tests-cf-env-with-client-creds:
name: client creds
needs:
- get-sha
- units
- claim-env
if: ${{ github.event_name != 'workflow_dispatch' || inputs.workflow == 'all' || inputs.workflow == 'run-integration-tests-cf-env-with-client-creds' }}
uses: ./.github/workflows/tests-integration-reusable.yml
with:
run-with-client-creds: true
os: ubuntu-latest
name: Integration client creds
gitRef: ${{needs.get-sha.outputs.gitRef}}
lease-id: ${{ needs.claim-env.outputs.leaseid }}
lease-namespace: ${{ inputs.lease_namespace || vars.SHEPHERD_LEASE_NAMESPACE || 'tas-devex' }}
nodes: ${{ inputs.nodes || '16'}}
secrets: inherit
run-cats-cf-env:
name: CATS
needs:
- get-sha
- claim-env
- run-integration-tests-cf-env
- run-integration-tests-cf-env-with-client-creds
if: ${{ github.event_name != 'workflow_dispatch' || inputs.workflow == 'all' || inputs.workflow == 'run-cats-cf-env' }}
uses: ./.github/workflows/tests-integration-reusable.yml
with:
run-with-client-creds: false
os: ubuntu-latest
name: cats
gitRef: ${{needs.get-sha.outputs.gitRef}}
lease-id: ${{ needs.claim-env.outputs.leaseid }}
lease-namespace: ${{ inputs.lease_namespace || vars.SHEPHERD_LEASE_NAMESPACE || 'tas-devex' }}
secrets: inherit
unclaim-env:
name: Unclaim environment
if: ${{ inputs.lease_id == '' }}
runs-on: ubuntu-latest
container: us-west2-docker.pkg.dev/shepherd-268822/shepherd2/concourse-resource:latest
needs:
- claim-env
- run-cats-cf-env
steps:
- name: unclaim
env:
account_token: ${{ secrets.SHEPHERD_SERVICE_ACCOUNT_TOKEN }}
lease_namespace: ${{ inputs.lease_namespace || vars.SHEPHERD_LEASE_NAMESPACE || 'tas-devex' }}
run: |
shepherd login service-account ${account_token}
set -x
shepherd delete lease ${{ needs.claim-env.outputs.leaseid }} \
--namespace ${lease_namespace}