[DNM] Bump golang.org/x/net from 0.6.0 to 0.17.0 #1444
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Chains kind E2E Tests | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| - release-* | |
| defaults: | |
| run: | |
| shell: bash | |
| working-directory: ./ | |
| jobs: | |
| chains-e2e-tests: | |
| name: e2e tests | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false # Keep running if one leg fails. | |
| matrix: | |
| k8s-version: | |
| - v1.23.x | |
| - v1.24.x | |
| - v1.25.x | |
| env: | |
| GOPATH: ${{ github.workspace }} | |
| GO111MODULE: on | |
| GOFLAGS: -ldflags=-s -ldflags=-w | |
| KO_DOCKER_REPO: registry.local:5000/knative | |
| KOCACHE: ~/ko | |
| SIGSTORE_SCAFFOLDING_RELEASE_VERSION: "v0.4.13" | |
| TEKTON_PIPELINES_RELEASE: "https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.41.0/release.yaml" | |
| # Note that we do not include the v prefix here so we can use it in all | |
| # the places this is used. | |
| TEKTON_CLI_RELEASE: "0.26.1" | |
| steps: | |
| # https://github.com/mvdan/github-actions-golang#how-do-i-set-up-caching-between-builds | |
| - uses: actions/cache@v2 | |
| with: | |
| # In order: | |
| # * Module download cache | |
| # * Build cache (Linux) | |
| path: | | |
| ~/go/pkg/mod | |
| ~/.cache/go-build | |
| ${{ env.KOCACHE }} | |
| key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| ${{ runner.os }}-go- | |
| - name: Set up Go | |
| uses: actions/setup-go@v2 | |
| with: | |
| go-version: 1.18.x | |
| - uses: imjasonh/[email protected] | |
| with: | |
| version: tip | |
| - name: Install tkn cli | |
| run: | | |
| curl -Lo ./tkn_${{ env.TEKTON_CLI_RELEASE }}_Linux_x86_64.tar.gz https://github.com/tektoncd/cli/releases/download/v${{ env.TEKTON_CLI_RELEASE }}/tkn_${{ env.TEKTON_CLI_RELEASE }}_Linux_x86_64.tar.gz | |
| tar xvzf ./tkn_${{ env.TEKTON_CLI_RELEASE }}_Linux_x86_64.tar.gz tkn | |
| chmod u+x ./tkn | |
| - name: Check out our repo | |
| uses: actions/checkout@v2 | |
| with: | |
| path: ./src/github.com/tektoncd/chains | |
| - name: Install mirror, kind, knative + sigstore | |
| uses: sigstore/scaffolding/actions/setup@main | |
| with: | |
| k8s-version: ${{ matrix.k8s-version }} | |
| version: ${{ env.SIGSTORE_SCAFFOLDING_RELEASE_VERSION }} | |
| - name: Install Tekton pipelines | |
| run: | | |
| while ! kubectl apply --filename ${{ env.TEKTON_PIPELINES_RELEASE }} | |
| do | |
| echo "waiting for tekton pipelines to get installed" | |
| sleep 2 | |
| done | |
| # Restart so picks up the changes. | |
| kubectl -n tekton-pipelines delete po -l app=tekton-pipelines-controller | |
| - name: Install all the everythings | |
| working-directory: ./src/github.com/tektoncd/chains | |
| timeout-minutes: 10 | |
| run: | | |
| ko apply -BRf ./config/ | |
| kubectl patch configmap/chains-config \ | |
| --namespace tekton-chains \ | |
| --type merge \ | |
| --patch '{"data":{"artifacts.oci.format": "simplesigning", "artifacts.oci.storage": "oci", "artifacts.taskrun.format": "in-toto", "signers.x509.fulcio.address": "http://fulcio.fulcio-system.svc", "signers.x509.fulcio.enabled": "true", "transparency.enabled": "true", "transparency.url": "http://rekor.rekor-system.svc"}}' | |
| # Restart chains controller so picks up the changes. | |
| kubectl -n tekton-chains delete po -l app=tekton-chains-controller | |
| # TODO(vaikas): Better way to find when the chains has picked up | |
| # the changes | |
| sleep 10 | |
| - name: Run tutorial taskrun | |
| run: | | |
| kubectl create -f https://raw.githubusercontent.com/tektoncd/chains/main/examples/taskruns/task-output-image.yaml | |
| # Sleep so the taskrun shows up. | |
| sleep 2 | |
| echo "Waiting for the taskrun to complete..." | |
| kubectl wait --timeout 3m --for=condition=Succeeded taskruns --all || kubectl get taskruns -o yaml | |
| echo "Waiting for Chains to do it's thing" | |
| for i in {1..10} | |
| do | |
| ./tkn tr describe --last -o jsonpath="{.metadata.annotations.chains\.tekton\.dev/transparency}" > tektonentry | |
| if [ -s ./tektonentry ]; then | |
| if grep --quiet rekor.rekor-system.svc ./tektonentry ; then | |
| echo "Found rekor transparency entry:" | |
| cat ./tektonentry | |
| kubectl get taskruns -oyaml | |
| exit 0 | |
| else | |
| echo "Did not find expected rekor transparency entry" | |
| sleep 2 | |
| fi | |
| else | |
| echo "Did not find rekor transparency entry in the annotations" | |
| sleep 2 | |
| fi | |
| done | |
| # Did not find entry, fail | |
| exit 1 | |
| - name: Collect diagnostics | |
| if: ${{ failure() }} | |
| uses: chainguard-dev/actions/kind-diag@84c993eaf02da1c325854fb272a4df9184bd80fc # main | |
| with: | |
| cluster-resources: nodes | |
| namespace-resources: pods,taskruns,jobs |