ci/cd - various fixes for k8s tests
This commit is contained in:
parent
1bb79b155b
commit
e8c6d04aa6
|
@ -88,16 +88,16 @@ jobs:
|
|||
# DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
|
||||
# PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
|
||||
# PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
|
||||
build-rhel:
|
||||
uses: ./.github/workflows/staging-linux-build.yml
|
||||
with:
|
||||
LINUX: rhel
|
||||
PACKAGE: rpm
|
||||
secrets:
|
||||
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
||||
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
|
||||
PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
|
||||
PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
|
||||
# build-rhel:
|
||||
# uses: ./.github/workflows/staging-linux-build.yml
|
||||
# with:
|
||||
# LINUX: rhel
|
||||
# PACKAGE: rpm
|
||||
# secrets:
|
||||
# DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
||||
# DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
|
||||
# PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
|
||||
# PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
|
||||
|
||||
# Code security
|
||||
code-security:
|
||||
|
@ -124,13 +124,13 @@ jobs:
|
|||
category: "/language:${{matrix.language}}"
|
||||
|
||||
# Create infrastructures
|
||||
# create-infra-docker:
|
||||
# needs: [code-security, build-bw, build-scheduler]
|
||||
# uses: ./.github/workflows/staging-create-infra.yml
|
||||
# with:
|
||||
# TYPE: docker
|
||||
# secrets:
|
||||
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
|
||||
create-infra-docker:
|
||||
needs: [code-security, build-bw, build-scheduler]
|
||||
uses: ./.github/workflows/staging-create-infra.yml
|
||||
with:
|
||||
TYPE: docker
|
||||
secrets:
|
||||
CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
|
||||
# create-infra-autoconf:
|
||||
# needs: [code-security, build-bw, build-scheduler, build-autoconf]
|
||||
# uses: ./.github/workflows/staging-create-infra.yml
|
||||
|
@ -152,7 +152,7 @@ jobs:
|
|||
# TYPE: k8s
|
||||
# secrets:
|
||||
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
|
||||
create-infra-linux:
|
||||
# create-infra-linux:
|
||||
# needs:
|
||||
# [
|
||||
# code-security,
|
||||
|
@ -162,21 +162,21 @@ jobs:
|
|||
# build-fedora,
|
||||
# build-rhel,
|
||||
# ]
|
||||
needs: [code-security, build-rhel]
|
||||
uses: ./.github/workflows/staging-create-infra.yml
|
||||
with:
|
||||
TYPE: linux
|
||||
secrets:
|
||||
CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
|
||||
# needs: [code-security, build-rhel]
|
||||
# uses: ./.github/workflows/staging-create-infra.yml
|
||||
# with:
|
||||
# TYPE: linux
|
||||
# secrets:
|
||||
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
|
||||
|
||||
# Perform tests
|
||||
# tests-docker:
|
||||
# needs: [create-infra-docker]
|
||||
# uses: ./.github/workflows/staging-tests.yml
|
||||
# with:
|
||||
# TYPE: docker
|
||||
# RUNS_ON: "['self-hosted', 'bw-docker']"
|
||||
# secrets: inherit
|
||||
tests-docker:
|
||||
needs: [create-infra-docker]
|
||||
uses: ./.github/workflows/staging-tests.yml
|
||||
with:
|
||||
TYPE: docker
|
||||
RUNS_ON: "['self-hosted', 'bw-docker']"
|
||||
secrets: inherit
|
||||
# tests-autoconf:
|
||||
# needs: [create-infra-autoconf]
|
||||
# uses: ./.github/workflows/staging-tests.yml
|
||||
|
@ -191,20 +191,20 @@ jobs:
|
|||
# TYPE: swarm
|
||||
# RUNS_ON: "['self-hosted', 'bw-swarm']"
|
||||
# secrets: inherit
|
||||
# tests-k8s:
|
||||
# needs: [create-infra-k8s]
|
||||
# uses: ./.github/workflows/staging-tests.yml
|
||||
# with:
|
||||
# TYPE: k8s
|
||||
# RUNS_ON: "['ubuntu-latest']"
|
||||
# secrets: inherit
|
||||
tests-linux:
|
||||
needs: [create-infra-linux]
|
||||
tests-k8s:
|
||||
needs: [create-infra-k8s]
|
||||
uses: ./.github/workflows/staging-tests.yml
|
||||
with:
|
||||
TYPE: linux
|
||||
RUNS_ON: "['self-hosted', 'bw-linux']"
|
||||
TYPE: k8s
|
||||
RUNS_ON: "['ubuntu-latest']"
|
||||
secrets: inherit
|
||||
# tests-linux:
|
||||
# needs: [create-infra-linux]
|
||||
# uses: ./.github/workflows/staging-tests.yml
|
||||
# with:
|
||||
# TYPE: linux
|
||||
# RUNS_ON: "['self-hosted', 'bw-linux']"
|
||||
# secrets: inherit
|
||||
tests-ui:
|
||||
needs: [code-security, build-ui]
|
||||
uses: ./.github/workflows/staging-tests-ui.yml
|
||||
|
@ -215,14 +215,14 @@ jobs:
|
|||
PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
|
||||
|
||||
# Delete infrastructures
|
||||
# delete-infra-docker:
|
||||
# if: ${{ always() }}
|
||||
# needs: [tests-docker]
|
||||
# uses: ./.github/workflows/staging-delete-infra.yml
|
||||
# with:
|
||||
# TYPE: docker
|
||||
# secrets:
|
||||
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
|
||||
delete-infra-docker:
|
||||
if: ${{ always() }}
|
||||
needs: [tests-docker]
|
||||
uses: ./.github/workflows/staging-delete-infra.yml
|
||||
with:
|
||||
TYPE: docker
|
||||
secrets:
|
||||
CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
|
||||
# delete-infra-autoconf:
|
||||
# if: ${{ always() }}
|
||||
# needs: [tests-autoconf]
|
||||
|
@ -239,22 +239,22 @@ jobs:
|
|||
# TYPE: swarm
|
||||
# secrets:
|
||||
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
|
||||
# delete-infra-k8s:
|
||||
# if: ${{ always() }}
|
||||
# needs: [tests-k8s]
|
||||
# uses: ./.github/workflows/staging-delete-infra.yml
|
||||
# with:
|
||||
# TYPE: k8s
|
||||
# secrets:
|
||||
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
|
||||
delete-infra-linux:
|
||||
delete-infra-k8s:
|
||||
if: ${{ always() }}
|
||||
needs: [tests-linux]
|
||||
needs: [tests-k8s]
|
||||
uses: ./.github/workflows/staging-delete-infra.yml
|
||||
with:
|
||||
TYPE: linux
|
||||
TYPE: k8s
|
||||
secrets:
|
||||
CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
|
||||
# delete-infra-linux:
|
||||
# if: ${{ always() }}
|
||||
# needs: [tests-linux]
|
||||
# uses: ./.github/workflows/staging-delete-infra.yml
|
||||
# with:
|
||||
# TYPE: linux
|
||||
# secrets:
|
||||
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
|
||||
|
||||
# # Push containers
|
||||
# push-bunkerweb:
|
||||
|
|
|
@ -43,7 +43,7 @@ spec:
|
|||
app: bunkerweb
|
||||
# mandatory annotation
|
||||
annotations:
|
||||
bunkerweb.io/AUTOCONF: "yes"
|
||||
bunkerweb.io/INSTANCE: "yes"
|
||||
spec:
|
||||
containers:
|
||||
- name: bunkerweb
|
||||
|
|
|
@ -43,7 +43,7 @@ spec:
|
|||
app: bunkerweb
|
||||
# mandatory annotation
|
||||
annotations:
|
||||
bunkerweb.io/AUTOCONF: "yes"
|
||||
bunkerweb.io/INSTANCE: "yes"
|
||||
spec:
|
||||
containers:
|
||||
- name: bunkerweb
|
||||
|
@ -97,8 +97,6 @@ spec:
|
|||
periodSeconds: 1
|
||||
timeoutSeconds: 1
|
||||
failureThreshold: 3
|
||||
#imagePullSecrets:
|
||||
#- name: secret-registry
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
|
@ -126,8 +124,6 @@ spec:
|
|||
value: "yes"
|
||||
- name: "DATABASE_URI"
|
||||
value: "mariadb+pymysql://bunkerweb:changeme@svc-bunkerweb-db:3306/db"
|
||||
#imagePullSecrets:
|
||||
#- name: secret-registry
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
|
@ -145,6 +141,7 @@ spec:
|
|||
labels:
|
||||
app: bunkerweb-scheduler
|
||||
spec:
|
||||
serviceAccountName: sa-bunkerweb
|
||||
containers:
|
||||
- name: bunkerweb-scheduler
|
||||
image: bunkerity/bunkerweb-scheduler:1.4.6
|
||||
|
@ -154,8 +151,6 @@ spec:
|
|||
value: "yes"
|
||||
- name: "DATABASE_URI"
|
||||
value: "mariadb+pymysql://bunkerweb:changeme@svc-bunkerweb-db:3306/db"
|
||||
#imagePullSecrets:
|
||||
#- name: secret-registry
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
|
|
|
@ -43,7 +43,7 @@ spec:
|
|||
app: bunkerweb
|
||||
# mandatory annotation
|
||||
annotations:
|
||||
bunkerweb.io/AUTOCONF: "yes"
|
||||
bunkerweb.io/INSTANCE: "yes"
|
||||
spec:
|
||||
containers:
|
||||
- name: bunkerweb
|
||||
|
|
|
@ -43,7 +43,7 @@ spec:
|
|||
app: bunkerweb
|
||||
# mandatory annotation
|
||||
annotations:
|
||||
bunkerweb.io/AUTOCONF: "yes"
|
||||
bunkerweb.io/INSTANCE: "yes"
|
||||
spec:
|
||||
containers:
|
||||
- name: bunkerweb
|
||||
|
|
|
@ -43,7 +43,7 @@ spec:
|
|||
app: bunkerweb
|
||||
# mandatory annotation
|
||||
annotations:
|
||||
bunkerweb.io/AUTOCONF: "yes"
|
||||
bunkerweb.io/INSTANCE: "yes"
|
||||
spec:
|
||||
containers:
|
||||
- name: bunkerweb
|
||||
|
|
|
@ -43,7 +43,7 @@ spec:
|
|||
app: bunkerweb
|
||||
# mandatory annotation
|
||||
annotations:
|
||||
bunkerweb.io/AUTOCONF: "yes"
|
||||
bunkerweb.io/INSTANCE: "yes"
|
||||
spec:
|
||||
containers:
|
||||
- name: bunkerweb
|
||||
|
|
|
@ -48,10 +48,26 @@ class KubernetesTest(Test):
|
|||
yamls = []
|
||||
with open(deploy, "r") as f :
|
||||
data = safe_load_all(f.read())
|
||||
append_env = {
|
||||
"AUTO_LETS_ENCRYPT": "yes",
|
||||
"USE_LETS_ENCRYPT_STAGING": "yes",
|
||||
"USE_REAL_IP": "yes",
|
||||
"USE_PROXY_PROTOCOL": "yes",
|
||||
"REAL_IP_FROM": "100.64.0.0/16"
|
||||
"REAL_IP_HEADER": "proxy_protocol"
|
||||
}
|
||||
replace_env = {
|
||||
"API_WHITELIST_IP": "127.0.0.1/8 100.64.0.0/10"
|
||||
}
|
||||
for yaml in data :
|
||||
if yaml["metadata"]["name"] == "bunkerweb" :
|
||||
yaml["spec"]["template"]["spec"]["containers"][0]["env"].append({"name": "AUTO_LETS_ENCRYPT", "value": "yes"})
|
||||
yaml["spec"]["template"]["spec"]["containers"][0]["env"].append({"name": "USE_LETS_ENCRYPT_STAGING", "value": "yes"})
|
||||
for k, v in append_env.items() :
|
||||
yaml["spec"]["template"]["spec"]["containers"][0]["env"].append({"name": k, "value": v})
|
||||
for ele in yaml["spec"]["template"]["spec"]["containers"][0]["env"] :
|
||||
if ele["name"] in replace_env :
|
||||
ele["value"] = replace_env[ele["name"]]
|
||||
if yaml["metadata"]["name"] in ["bunkerweb", "bunkerweb-controller", "bunkerweb-scheduler"] :
|
||||
yaml["spec"]["template"]["spec"]["imagePullSecrets"] = [{"name": "secret-registry"}]
|
||||
yamls.append(yaml)
|
||||
with open(deploy, "w") as f :
|
||||
f.write(dump_all(yamls))
|
||||
|
@ -76,8 +92,6 @@ class KubernetesTest(Test):
|
|||
+ "/infra/scheduler-tests:"
|
||||
+ getenv("IMAGE_TAG"),
|
||||
)
|
||||
Test.replace_in_file(deploy, r"#i", "i")
|
||||
Test.replace_in_file(deploy, r"#-", "-")
|
||||
proc = run(
|
||||
"kubectl apply -f bunkerweb.yml", cwd="/tmp/kubernetes", shell=True
|
||||
)
|
||||
|
|
Loading…
Reference in New Issue