feat: Add Manifest Reconcile Duration Metric #1905
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: TestSuite E2E | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| pull_request: | |
| branches: [ "main" ] | |
| workflow_dispatch: | |
| inputs: | |
| k8s_version: | |
| description: "With Kubernetes version" | |
| required: false | |
| jobs: | |
| wait-for-img: | |
| name: "Wait for Image Build" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: autotelic/action-wait-for-status-check@v1 | |
| id: wait-for-build | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| # Context for which we should look for the matching status | |
| statusName: ${{ (github.event_name == 'pull_request') && 'pull-lifecycle-mgr-build' || 'main-lifecycle-mgr-build' }} | |
| timeoutSeconds: 900 | |
| intervalSeconds: 10 | |
| - name: Exit If Failing Build Requirement | |
| if: steps.wait-for-build.outputs.state != 'success' | |
| run: | | |
| echo "Image build did not succeed, skipping E2E Test!" | |
| exit 1 | |
| e2e-integration: | |
| strategy: | |
| matrix: | |
| e2e-test: [ "watcher-enqueue", | |
| "kyma-deletion-with-foreground-propagation", | |
| "kyma-deletion-with-background-propagation", | |
| "module-status-propagation", | |
| "kyma-metrics", | |
| "module-without-default-cr", | |
| "module-consistency", | |
| "non-blocking-deletion", | |
| "upgrade-under-deletion", | |
| "purge-controller", | |
| "purge-metrics", | |
| "module-upgrade-channel-switch", | |
| "module-upgrade-new-version", | |
| "skip-manifest-reconciliation", | |
| "ca-certificate-rotation", | |
| "self-signed-certificate-rotation", | |
| "mandatory-module", | |
| ] | |
| name: "E2E" | |
| needs: [wait-for-img] | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 20 | |
| env: | |
| K3D_VERSION: v5.4.7 | |
| K8S_VERSION: ${{ github.event.inputs.k8s_version || '1.27.10' }} | |
| ISTIO_VERSION: 1.17.1 | |
| CM_VERSION: v1.13.3 | |
| KLM_VERSION_TAG: latest | |
| KLM_IMAGE_REPO: prod | |
| GOSUMDB: off | |
| steps: | |
| - name: Install prerequisites | |
| run: | | |
| curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.28/deb/Release.key | sudo gpg --batch --yes --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg | |
| echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list | |
| sudo apt update -y | |
| sudo apt install kubectl -y | |
| - name: Checkout lifecycle-manager | |
| uses: actions/checkout@v4 | |
| with: | |
| path: lifecycle-manager | |
| - name: Set up Go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version-file: 'lifecycle-manager/go.mod' | |
| cache-dependency-path: 'lifecycle-manager/go.sum' | |
| - name: Install Istio CLI | |
| run: | | |
| curl -L https://istio.io/downloadIstio | TARGET_ARCH=x86_64 sh - | |
| chmod +x istio-$ISTIO_VERSION/bin/istioctl | |
| mv istio-$ISTIO_VERSION/bin/istioctl /usr/local/bin | |
| - name: Install Kyma CLI | |
| run: | | |
| wget https://storage.googleapis.com/kyma-cli-unstable/kyma-linux | |
| chmod +x kyma-linux && mv kyma-linux /usr/local/bin/kyma-unstable | |
| echo "PATH=/usr/local/bin/kyma-unstable" >> $GITHUB_OUTPUT | |
| - run: ln -s /usr/local/bin/kyma-unstable /usr/local/bin/kyma | |
| - name: Install Cert Manager Command Line Tool | |
| run: | | |
| OS=$(go env GOOS); ARCH=$(go env GOARCH); curl -fsSL -o cmctl.tar.gz https://github.com/cert-manager/cert-manager/releases/latest/download/cmctl-$OS-$ARCH.tar.gz | |
| tar xzf cmctl.tar.gz | |
| sudo mv cmctl /usr/local/bin | |
| - name: Install k3d | |
| run: wget -qO - https://raw.githubusercontent.com/k3d-io/k3d/main/install.sh | TAG=$K3D_VERSION bash | |
| - name: Provision SKR cluster | |
| run: | | |
| k3d cluster create skr \ | |
| -p 10080:80@loadbalancer \ | |
| -p 10443:443@loadbalancer \ | |
| --image rancher/k3s:v$K8S_VERSION-k3s2 \ | |
| --k3s-arg '--disable=traefik@server:0' | |
| - name: Provision KCP cluster | |
| run: | | |
| k3d cluster create kcp \ | |
| -p 9443:443@loadbalancer \ | |
| -p 9080:80@loadbalancer \ | |
| -p 9081:8080@loadbalancer \ | |
| --image rancher/k3s:v$K8S_VERSION-k3s2 \ | |
| --registry-create k3d-kcp-registry:5111 \ | |
| --k3s-arg '--disable=traefik@server:0' | |
| - name: Update Kubeconfigs | |
| run: k3d kubeconfig merge -a -d | |
| - name: Export required Kubeconfig Env vars | |
| run: | | |
| echo "KCP_KUBECONFIG=$(k3d kubeconfig write kcp)" >> $GITHUB_ENV | |
| echo "SKR_KUBECONFIG=$(k3d kubeconfig write skr)" >> $GITHUB_ENV | |
| - name: Patch /etc/hosts | |
| run: | | |
| FILE=/etc/hosts | |
| if [ -f "$FILE" ]; then | |
| sudo echo "127.0.0.1 k3d-kcp-registry" | sudo tee -a $FILE | |
| else | |
| echo "$FILE does not exist." | |
| exit 1 | |
| fi | |
| echo "/etc/hosts file patched" | |
| - name: Switch kubeconfig context to KCP cluster | |
| run: kubectl config use-context k3d-kcp | |
| - name: Deploy Istio on KCP Cluster | |
| run: | | |
| istioctl install --set profile=demo -y | |
| - name: Deploy Cert Manager on KCP Cluster | |
| run: | | |
| kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/$CM_VERSION/cert-manager.yaml | |
| cmctl check api --wait=2m | |
| - name: Override Kustomize Controller Image TAG and Image repository environment variables in Pull Request to PR Image | |
| if: ${{ github.event_name == 'pull_request' }} | |
| run: | | |
| echo "KLM_VERSION_TAG=PR-${{ github.event.pull_request.number }}" >> $GITHUB_ENV | |
| echo "KLM_IMAGE_REPO=dev" >> $GITHUB_ENV | |
| - name: Patch purge finalizer flags | |
| if: ${{ matrix.e2e-test == 'purge-controller' || matrix.e2e-test == 'purge-metrics'}} | |
| working-directory: lifecycle-manager | |
| run: | | |
| pushd config/watcher_local_test | |
| echo \ | |
| "- op: add | |
| path: /spec/template/spec/containers/0/args/- | |
| value: --enable-purge-finalizer=true | |
| - op: add | |
| path: /spec/template/spec/containers/0/args/- | |
| value: --purge-finalizer-timeout=5s" >> purge_finalizer.yaml | |
| cat purge_finalizer.yaml | |
| kustomize edit add patch --path purge_finalizer.yaml --kind Deployment | |
| popd | |
| - name: Patch metrics cleanup interval | |
| if : ${{ matrix.e2e-test == 'kyma-metrics' }} | |
| working-directory: lifecycle-manager | |
| run: | | |
| pushd config/watcher_local_test | |
| echo \ | |
| "- op: add | |
| path: /spec/template/spec/containers/0/args/- | |
| value: --metrics-cleanup-interval=1" >> metrics_cleanup.yaml | |
| cat metrics_cleanup.yaml | |
| kustomize edit add patch --path metrics_cleanup.yaml --kind Deployment | |
| popd | |
| - name: Patch self signed certificate lifetime | |
| if: ${{matrix.e2e-test == 'self-signed-certificate-rotation'}} | |
| working-directory: lifecycle-manager | |
| run: | | |
| pushd config/watcher_local_test | |
| echo \ | |
| "- op: add | |
| path: /spec/template/spec/containers/0/args/- | |
| value: --self-signed-cert-duration=1h | |
| - op: add | |
| path: /spec/template/spec/containers/0/args/- | |
| value: --self-signed-cert-renew-before=59m | |
| - op: add | |
| path: /spec/template/spec/containers/0/args/- | |
| value: --self-signed-cert-renew-buffer=1m" >> self-signed-cert.yaml | |
| cat self-signed-cert.yaml | |
| kustomize edit add patch --path self-signed-cert.yaml --kind Deployment | |
| popd | |
| - name: Patch CA certificate renewBefore | |
| if: ${{matrix.e2e-test == 'ca-certificate-rotation'}} | |
| working-directory: lifecycle-manager | |
| run: | | |
| pushd config/watcher_local_test | |
| echo \ | |
| "- op: replace | |
| path: /spec/renewBefore | |
| value: 59m | |
| - op: replace | |
| path: /spec/duration | |
| value: 1h">> certificate_renewal.yaml | |
| cat certificate_renewal.yaml | |
| kustomize edit add patch --path certificate_renewal.yaml --kind Certificate --group cert-manager.io --version v1 --name watcher-serving-cert | |
| popd | |
| - name: Deploy LM local testing kustomize | |
| working-directory: lifecycle-manager | |
| run: | | |
| maxRetry=5 | |
| for retry in $(seq 1 $maxRetry) | |
| do | |
| if make local-deploy-with-watcher IMG=europe-docker.pkg.dev/kyma-project/$KLM_IMAGE_REPO/lifecycle-manager:$KLM_VERSION_TAG; then | |
| kubectl wait pods -n kcp-system -l app.kubernetes.io/name=lifecycle-manager --for condition=Ready --timeout=90s | |
| echo "KLM deployed successfully" | |
| exit 0 | |
| elif [[ $retry -lt $maxRetry ]]; then | |
| echo "Deploy encountered some error, will retry after 20 seconds" | |
| sleep 20 | |
| else | |
| echo "KLM deployment failed" | |
| exit 1 | |
| fi | |
| done | |
| - name: Checkout template-operator | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: kyma-project/template-operator | |
| path: template-operator | |
| - name: Create Template Operator Module and apply | |
| working-directory: template-operator | |
| if: ${{ matrix.e2e-test == 'kyma-metrics' || | |
| matrix.e2e-test == 'non-blocking-deletion' || | |
| matrix.e2e-test == 'purge-controller' || | |
| matrix.e2e-test == 'purge-metrics' || | |
| matrix.e2e-test == 'kyma-deletion-with-foreground-propagation' || | |
| matrix.e2e-test == 'kyma-deletion-with-background-propagation' || | |
| matrix.e2e-test == 'module-consistency' || | |
| matrix.e2e-test == 'skip-manifest-reconciliation' | |
| }} | |
| run: | | |
| make build-manifests | |
| kyma alpha create module --module-config-file ./module-config.yaml --path . --registry k3d-kcp-registry:5111 --insecure | |
| sed -i 's/k3d-kcp-registry:5111/k3d-kcp-registry:5000/g' ./template.yaml | |
| kubectl config use-context k3d-kcp | |
| kubectl get crds | |
| kubectl apply -f template.yaml | |
| - name: Create Template Operator Module for regular and fast channels | |
| working-directory: lifecycle-manager | |
| if: ${{ matrix.e2e-test == 'module-upgrade-channel-switch' || | |
| matrix.e2e-test == 'module-upgrade-new-version' || | |
| matrix.e2e-test == 'upgrade-under-deletion' | |
| }} | |
| run: | | |
| kubectl apply -f tests/moduletemplates/moduletemplate_template_operator_v2_fast.yaml | |
| kubectl apply -f tests/moduletemplates/moduletemplate_template_operator_v1_regular.yaml | |
| - name: Create Template Operator Module as Mandatory Module | |
| working-directory: lifecycle-manager | |
| if: ${{ matrix.e2e-test == 'mandatory-module' }} | |
| run: | | |
| kubectl apply -f tests/moduletemplates/mandatory_moduletemplate_template_operator_v1.yaml | |
| - name: Apply Template Operator Module V2, fast channel | |
| working-directory: ./lifecycle-manager | |
| if: ${{ matrix.e2e-test == 'non-blocking-deletion' }} | |
| run: | | |
| kubectl apply -f tests/moduletemplates/moduletemplate_template_operator_v2_fast.yaml | |
| - name: Create Template Operator Module with final state and final deletion state as `Warning` and apply | |
| working-directory: template-operator | |
| if: ${{ matrix.e2e-test == 'module-status-propagation'}} | |
| run: | | |
| pushd config/default | |
| echo \ | |
| "- op: replace | |
| path: /spec/template/spec/containers/0/args/1 | |
| value: --final-state=Warning | |
| - op: replace | |
| path: /spec/template/spec/containers/0/args/2 | |
| value: --final-deletion-state=Warning" >> warning_patch.yaml | |
| cat warning_patch.yaml | |
| kustomize edit add patch --path warning_patch.yaml --kind Deployment | |
| popd | |
| kyma alpha create module --kubebuilder-project --channel=regular --name kyma.project.io/module/template-operator --version 1.1.1 --path . --registry k3d-kcp-registry:5111 --insecure --module-archive-version-overwrite / | |
| sed -i 's/k3d-kcp-registry:5111/k3d-kcp-registry:5000/g' ./template.yaml | |
| kubectl config use-context k3d-kcp | |
| kubectl get crds | |
| kubectl apply -f template.yaml | |
| - name: Create Template Operator Module without default CR and apply | |
| working-directory: template-operator | |
| if: ${{ matrix.e2e-test == 'module-without-default-cr' }} | |
| run: | | |
| make build-manifests | |
| echo "name: kyma-project.io/module/template-operator | |
| channel: regular | |
| version: v1.0.0 | |
| manifest: template-operator.yaml | |
| security: sec-scanners-config.yaml | |
| annotations: | |
| operator.kyma-project.io/doc-url: https://kyma-project.io" >> module-config-no-cr.yaml | |
| kyma alpha create module \ | |
| --module-config-file ./module-config-no-cr.yaml \ | |
| --path . \ | |
| --registry k3d-kcp-registry:5111 \ | |
| --insecure | |
| sed -i 's/k3d-kcp-registry:5111/k3d-kcp-registry:5000/g' ./template.yaml | |
| kubectl config use-context k3d-kcp | |
| kubectl get crds | |
| kubectl apply -f template.yaml | |
| - name: Expose Metrics Endpoint | |
| working-directory: lifecycle-manager | |
| if: ${{ matrix.e2e-test == 'kyma-metrics' || | |
| matrix.e2e-test == 'purge-metrics' || | |
| matrix.e2e-test == 'self-signed-certificate-rotation' | |
| }} | |
| run: | | |
| kubectl patch svc klm-metrics-service -p '{"spec": {"type": "LoadBalancer"}}' -n kcp-system | |
| - name: Run ${{ matrix.e2e-test }} | |
| working-directory: lifecycle-manager | |
| run: | | |
| make -C tests/e2e ${{ matrix.e2e-test }} |