Skip to content

feat: Add Manifest Reconcile Duration Metric #1827

feat: Add Manifest Reconcile Duration Metric

feat: Add Manifest Reconcile Duration Metric #1827

Workflow file for this run

name: TestSuite E2E
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
workflow_dispatch:
inputs:
k8s_version:
description: "With Kubernetes version"
required: false
jobs:
wait-for-img:
name: "Wait for Image Build"
runs-on: ubuntu-latest
steps:
- uses: autotelic/action-wait-for-status-check@v1
id: wait-for-build
with:
token: ${{ secrets.GITHUB_TOKEN }}
# Context for which we should look for the matching status
statusName: ${{ (github.event_name == 'pull_request') && 'pull-lifecycle-mgr-build' || 'main-lifecycle-mgr-build' }}
timeoutSeconds: 900
intervalSeconds: 10
- name: Exit If Failing Build Requirement
if: steps.wait-for-build.outputs.state != 'success'
run: |
echo "Image build did not succeed, skipping E2E Test!"
exit 1
e2e-integration:
strategy:
matrix:
e2e-test: [ "watcher-enqueue",
"kyma-deletion-with-foreground-propagation",
"kyma-deletion-with-background-propagation",
"module-status-propagation",
"kyma-metrics",
"module-without-default-cr",
"module-consistency",
"non-blocking-deletion",
"upgrade-under-deletion",
"purge-controller",
"purge-metrics",
"module-upgrade-channel-switch",
"module-upgrade-new-version",
"skip-manifest-reconciliation",
"ca-certificate-rotation",
"self-signed-certificate-rotation",
"mandatory-module",
]
name: "E2E"
needs: [wait-for-img]
runs-on: ubuntu-latest
timeout-minutes: 20
env:
K3D_VERSION: v5.4.7
K8S_VERSION: ${{ github.event.inputs.k8s_version || '1.27.10' }}
ISTIO_VERSION: 1.17.1
CM_VERSION: v1.13.3
KLM_VERSION_TAG: latest
KLM_IMAGE_REPO: prod
GOSUMDB: off
steps:
- name: Install prerequisites
run: |
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.28/deb/Release.key | sudo gpg --batch --yes --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt update -y
sudo apt install kubectl -y
- name: Checkout lifecycle-manager
uses: actions/checkout@v4
with:
path: lifecycle-manager
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version-file: 'lifecycle-manager/go.mod'
cache-dependency-path: 'lifecycle-manager/go.sum'
- name: Install Istio CLI
run: |
curl -L https://istio.io/downloadIstio | TARGET_ARCH=x86_64 sh -
chmod +x istio-$ISTIO_VERSION/bin/istioctl
mv istio-$ISTIO_VERSION/bin/istioctl /usr/local/bin
- name: Install Kyma CLI
run: |
wget https://storage.googleapis.com/kyma-cli-unstable/kyma-linux
chmod +x kyma-linux && mv kyma-linux /usr/local/bin/kyma-unstable
echo "PATH=/usr/local/bin/kyma-unstable" >> $GITHUB_OUTPUT
- run: ln -s /usr/local/bin/kyma-unstable /usr/local/bin/kyma
- name: Install Cert Manager Command Line Tool
run: |
OS=$(go env GOOS); ARCH=$(go env GOARCH); curl -fsSL -o cmctl.tar.gz https://github.com/cert-manager/cert-manager/releases/latest/download/cmctl-$OS-$ARCH.tar.gz
tar xzf cmctl.tar.gz
sudo mv cmctl /usr/local/bin
- name: Install k3d
run: wget -qO - https://raw.githubusercontent.com/k3d-io/k3d/main/install.sh | TAG=$K3D_VERSION bash
- name: Provision SKR cluster
run: |
k3d cluster create skr \
-p 10080:80@loadbalancer \
-p 10443:443@loadbalancer \
--image rancher/k3s:v$K8S_VERSION-k3s2 \
--k3s-arg '--disable=traefik@server:0'
- name: Provision KCP cluster
run: |
k3d cluster create kcp \
-p 9443:443@loadbalancer \
-p 9080:80@loadbalancer \
-p 9081:8080@loadbalancer \
--image rancher/k3s:v$K8S_VERSION-k3s2 \
--registry-create k3d-kcp-registry:5111 \
--k3s-arg '--disable=traefik@server:0'
- name: Update Kubeconfigs
run: k3d kubeconfig merge -a -d
- name: Export required Kubeconfig Env vars
run: |
echo "KCP_KUBECONFIG=$(k3d kubeconfig write kcp)" >> $GITHUB_ENV
echo "SKR_KUBECONFIG=$(k3d kubeconfig write skr)" >> $GITHUB_ENV
- name: Patch /etc/hosts
run: |
FILE=/etc/hosts
if [ -f "$FILE" ]; then
sudo echo "127.0.0.1 k3d-kcp-registry" | sudo tee -a $FILE
else
echo "$FILE does not exist."
exit 1
fi
echo "/etc/hosts file patched"
- name: Switch kubeconfig context to KCP cluster
run: kubectl config use-context k3d-kcp
- name: Deploy Istio on KCP Cluster
run: |
istioctl install --set profile=demo -y
- name: Deploy Cert Manager on KCP Cluster
run: |
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/$CM_VERSION/cert-manager.yaml
cmctl check api --wait=2m
- name: Override Kustomize Controller Image TAG and Image repository environment variables in Pull Request to PR Image
if: ${{ github.event_name == 'pull_request' }}
run: |
echo "KLM_VERSION_TAG=PR-${{ github.event.pull_request.number }}" >> $GITHUB_ENV
echo "KLM_IMAGE_REPO=dev" >> $GITHUB_ENV
- name: Patch purge finalizer flags
if: ${{ matrix.e2e-test == 'purge-controller' || matrix.e2e-test == 'purge-metrics'}}
working-directory: lifecycle-manager
run: |
pushd config/watcher_local_test
echo \
"- op: add
path: /spec/template/spec/containers/0/args/-
value: --enable-purge-finalizer=true
- op: add
path: /spec/template/spec/containers/0/args/-
value: --purge-finalizer-timeout=5s" >> purge_finalizer.yaml
cat purge_finalizer.yaml
kustomize edit add patch --path purge_finalizer.yaml --kind Deployment
popd
- name: Patch metrics cleanup interval
if : ${{ matrix.e2e-test == 'kyma-metrics' }}
working-directory: lifecycle-manager
run: |
pushd config/watcher_local_test
echo \
"- op: add
path: /spec/template/spec/containers/0/args/-
value: --metrics-cleanup-interval=1" >> metrics_cleanup.yaml
cat metrics_cleanup.yaml
kustomize edit add patch --path metrics_cleanup.yaml --kind Deployment
popd
- name: Patch self signed certificate lifetime
if: ${{matrix.e2e-test == 'self-signed-certificate-rotation'}}
working-directory: lifecycle-manager
run: |
pushd config/watcher_local_test
echo \
"- op: add
path: /spec/template/spec/containers/0/args/-
value: --self-signed-cert-duration=1h
- op: add
path: /spec/template/spec/containers/0/args/-
value: --self-signed-cert-renew-before=59m
- op: add
path: /spec/template/spec/containers/0/args/-
value: --self-signed-cert-renew-buffer=1m" >> self-signed-cert.yaml
cat self-signed-cert.yaml
kustomize edit add patch --path self-signed-cert.yaml --kind Deployment
popd
- name: Patch CA certificate renewBefore
if: ${{matrix.e2e-test == 'ca-certificate-rotation'}}
working-directory: lifecycle-manager
run: |
pushd config/watcher_local_test
echo \
"- op: replace
path: /spec/renewBefore
value: 59m
- op: replace
path: /spec/duration
value: 1h">> certificate_renewal.yaml
cat certificate_renewal.yaml
kustomize edit add patch --path certificate_renewal.yaml --kind Certificate --group cert-manager.io --version v1 --name watcher-serving-cert
popd
- name: Deploy LM local testing kustomize
working-directory: lifecycle-manager
run: |
maxRetry=5
for retry in $(seq 1 $maxRetry)
do
if make local-deploy-with-watcher IMG=europe-docker.pkg.dev/kyma-project/$KLM_IMAGE_REPO/lifecycle-manager:$KLM_VERSION_TAG; then
kubectl wait pods -n kcp-system -l app.kubernetes.io/name=lifecycle-manager --for condition=Ready --timeout=90s
echo "KLM deployed successfully"
exit 0
elif [[ $retry -lt $maxRetry ]]; then
echo "Deploy encountered some error, will retry after 20 seconds"
sleep 20
else
echo "KLM deployment failed"
exit 1
fi
done
- name: Checkout template-operator
uses: actions/checkout@v4
with:
repository: kyma-project/template-operator
path: template-operator
- name: Create Template Operator Module and apply
working-directory: template-operator
if: ${{ matrix.e2e-test == 'kyma-metrics' ||
matrix.e2e-test == 'non-blocking-deletion' ||
matrix.e2e-test == 'purge-controller' ||
matrix.e2e-test == 'purge-metrics' ||
matrix.e2e-test == 'kyma-deletion-with-foreground-propagation' ||
matrix.e2e-test == 'kyma-deletion-with-background-propagation' ||
matrix.e2e-test == 'module-consistency' ||
matrix.e2e-test == 'skip-manifest-reconciliation'
}}
run: |
make build-manifests
kyma alpha create module --module-config-file ./module-config.yaml --path . --registry k3d-kcp-registry:5111 --insecure
sed -i 's/k3d-kcp-registry:5111/k3d-kcp-registry:5000/g' ./template.yaml
kubectl config use-context k3d-kcp
kubectl get crds
kubectl apply -f template.yaml
- name: Create Template Operator Module for regular and fast channels
working-directory: lifecycle-manager
if: ${{ matrix.e2e-test == 'module-upgrade-channel-switch' ||
matrix.e2e-test == 'module-upgrade-new-version' ||
matrix.e2e-test == 'upgrade-under-deletion'
}}
run: |
kubectl apply -f tests/moduletemplates/moduletemplate_template_operator_v2_fast.yaml
kubectl apply -f tests/moduletemplates/moduletemplate_template_operator_v1_regular.yaml
- name: Create Template Operator Module as Mandatory Module
working-directory: lifecycle-manager
if: ${{ matrix.e2e-test == 'mandatory-module' }}
run: |
kubectl apply -f tests/moduletemplates/mandatory_moduletemplate_template_operator_v1.yaml
- name: Apply Template Operator Module V2, fast channel
working-directory: ./lifecycle-manager
if: ${{ matrix.e2e-test == 'non-blocking-deletion' }}
run: |
kubectl apply -f tests/moduletemplates/moduletemplate_template_operator_v2_fast.yaml
- name: Create Template Operator Module with final state and final deletion state as `Warning` and apply
working-directory: template-operator
if: ${{ matrix.e2e-test == 'module-status-propagation'}}
run: |
pushd config/default
echo \
"- op: replace
path: /spec/template/spec/containers/0/args/1
value: --final-state=Warning
- op: replace
path: /spec/template/spec/containers/0/args/2
value: --final-deletion-state=Warning" >> warning_patch.yaml
cat warning_patch.yaml
kustomize edit add patch --path warning_patch.yaml --kind Deployment
popd
kyma alpha create module --kubebuilder-project --channel=regular --name kyma.project.io/module/template-operator --version 1.1.1 --path . --registry k3d-kcp-registry:5111 --insecure --module-archive-version-overwrite /
sed -i 's/k3d-kcp-registry:5111/k3d-kcp-registry:5000/g' ./template.yaml
kubectl config use-context k3d-kcp
kubectl get crds
kubectl apply -f template.yaml
- name: Create Template Operator Module without default CR and apply
working-directory: template-operator
if: ${{ matrix.e2e-test == 'module-without-default-cr' }}
run: |
make build-manifests
echo "name: kyma-project.io/module/template-operator
channel: regular
version: v1.0.0
manifest: template-operator.yaml
security: sec-scanners-config.yaml
annotations:
operator.kyma-project.io/doc-url: https://kyma-project.io" >> module-config-no-cr.yaml
kyma alpha create module \
--module-config-file ./module-config-no-cr.yaml \
--path . \
--registry k3d-kcp-registry:5111 \
--insecure
sed -i 's/k3d-kcp-registry:5111/k3d-kcp-registry:5000/g' ./template.yaml
kubectl config use-context k3d-kcp
kubectl get crds
kubectl apply -f template.yaml
- name: Expose Metrics Endpoint
working-directory: lifecycle-manager
if: ${{ matrix.e2e-test == 'kyma-metrics' ||
matrix.e2e-test == 'purge-metrics' ||
matrix.e2e-test == 'self-signed-certificate-rotation'
}}
run: |
kubectl patch svc klm-metrics-service -p '{"spec": {"type": "LoadBalancer"}}' -n kcp-system
- name: Run ${{ matrix.e2e-test }}
working-directory: lifecycle-manager
run: |
make -C tests/e2e ${{ matrix.e2e-test }}