Enable DNSSEC validation #836
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: main | |
on: | |
pull_request: | |
push: | |
branches: | |
- 'main' | |
env: | |
filename: "main.yaml" | |
jobs: | |
build: | |
name: Build CKE | |
runs-on: ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-go@v4 | |
with: | |
go-version-file: go.mod | |
- name: Check auto-generated files | |
run: make check-generate | |
- run: docker run -d --network host gcr.io/etcd-development/etcd:v3.5.9 | |
- run: make test | |
- run: make install GOBIN=$(pwd)/docker | |
- run: docker build -t quay.io/cybozu/cke:latest ./docker | |
mtest: | |
name: Mtest | |
runs-on: ubuntu-22.04 | |
strategy: | |
matrix: | |
suite: [functions, robustness, operators, reboot] | |
env: | |
SUITE: ${{ matrix.suite }} | |
CLUSTER: "cke-cluster.yml" | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-go@v4 | |
with: | |
go-version-file: go.mod | |
- uses: google-github-actions/auth@v1 | |
with: | |
credentials_json: ${{ secrets.NECO_TEST_SERVICE_ACCOUNT }} | |
- uses: google-github-actions/setup-gcloud@v1 | |
- name: Set GCP instance name | |
run: echo "INSTANCE_NAME=cke-${{ matrix.suite }}-${{ github.run_number }}-$(TZ=Asia/Tokyo date +%H%M%S)" >> $GITHUB_ENV | |
- name: Watch cke logs | |
run: ./bin/watch_service cke > cke-service.log & | |
- name: Start mtest | |
run: | | |
if [ ${{ github.event_name }} = "pull_request" ]; then | |
GITHUB_SHA=$(cat ${GITHUB_EVENT_PATH} | jq -r '.pull_request.head.sha') | |
fi | |
./bin/run-mtest.sh ${SUITE} ${CLUSTER} | |
timeout-minutes: 120 | |
- name: Show cke logs | |
if: ${{ always() }} | |
run: cat cke-service.log | |
- name: Set the instance lifetime | |
if: ${{ failure() || cancelled() }} | |
run: | | |
. ./bin/env | |
$GCLOUD compute instances add-metadata ${INSTANCE_NAME} --zone ${ZONE} \ | |
--metadata shutdown-at=$(date -Iseconds -d+30minutes) | |
- name: Notify to Slack | |
if: ${{ failure() || cancelled() }} | |
run: | | |
. ./bin/env | |
if [[ ${{ github.event_name }} == 'pull_request' ]]; then | |
BRANCH_NAME=${GITHUB_HEAD_REF} | |
else | |
BRANCH_NAME=${GITHUB_REF#refs/heads/} | |
fi | |
curl -X POST -H 'Content-type: application/json' --data "{ | |
\"blocks\": [ | |
{ | |
\"type\": \"section\", | |
\"text\": { | |
\"type\": \"mrkdwn\", | |
\"text\": \"Failed: ${{ github.actor }}'s workflow (${{ github.workflow }}) in <https://github.com/${{ github.repository }}/actions/workflows/${{ env.filename }}|${{ github.repository }}> (<https://github.com/${{ github.repository }}/actions/workflows/${{ env.filename }}?query=branch%3A${BRANCH_NAME}|${BRANCH_NAME}>) \n Do you extend the lifetime of ${INSTANCE_NAME}?\" | |
}, | |
\"accessory\": { | |
\"type\": \"button\", | |
\"text\": { | |
\"type\": \"plain_text\", | |
\"text\": \"Extend\", | |
\"emoji\": true | |
}, | |
\"value\": \"${INSTANCE_NAME}\" | |
} | |
} | |
] | |
}" ${{ secrets.SLACK_WEBHOOK_URL }} | |
- name: Delete CI instance | |
if: ${{ success() }} | |
run: | | |
. ./bin/env | |
$GCLOUD compute instances delete ${INSTANCE_NAME} --zone ${ZONE} | |
compose: | |
name: Compose test | |
runs-on: ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-go@v4 | |
with: | |
go-version-file: go.mod | |
- uses: google-github-actions/auth@v1 | |
with: | |
credentials_json: ${{ secrets.NECO_TEST_SERVICE_ACCOUNT }} | |
- uses: google-github-actions/setup-gcloud@v1 | |
- name: Check image consistency | |
run: | | |
REV=$(awk '/const Version/ {print $4}' ../version.go | sed -E 's/^"(1.[[:digit:]]+).*/\1/') | |
COMPOSE_REV=$(sed -nE 's,.*quay.io/cybozu/cke:(.*)$,\1,p' docker-compose.yml) | |
if [ "$REV" != "$COMPOSE_REV" ]; then | |
echo Update CKE branch tag in example/docker-compose.yml | |
fi | |
working-directory: ./example | |
- name: Set up compose test | |
run: | | |
docker-compose build | |
docker-compose up -d | |
./wait-up.sh | |
working-directory: ./example | |
- name: Run compose test | |
run: docker-compose run setup /opt/setup/test.sh | |
working-directory: ./example | |
- name: Clean up | |
run: docker-compose down | |
working-directory: ./example |