From 8ccdcaf52b7f9e794841a80019ebf178a6068cbc Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Sun, 24 Dec 2023 15:37:05 -0500 Subject: [PATCH 1/5] feat: add flux-image-test workflow Signed-off-by: Devin Buhl --- .github/workflows/flux-image-test.yaml | 128 ++++++++++++++++++ .../network/nginx/external/helmrelease.yaml | 2 +- .../network/nginx/internal/helmrelease.yaml | 2 +- 3 files changed, 130 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/flux-image-test.yaml diff --git a/.github/workflows/flux-image-test.yaml b/.github/workflows/flux-image-test.yaml new file mode 100644 index 0000000000000..23651ce2eace6 --- /dev/null +++ b/.github/workflows/flux-image-test.yaml @@ -0,0 +1,128 @@ +--- + # yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json + name: "Flux Image Test" + + on: + pull_request: + branches: ["main"] + paths: ["kubernetes/**"] + + concurrency: + group: ${{ github.workflow }}-${{ github.event.number || github.ref }} + cancel-in-progress: true + + jobs: + changed-files: + name: Get Changed Files + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.changed-files.outputs.all_changed_and_modified_files }} + steps: + - name: Generate Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: "${{ secrets.BOT_APP_ID }}" + private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" + + - name: Checkout + uses: actions/checkout@v4 + with: + token: "${{ steps.app-token.outputs.token }}" + fetch-depth: 0 + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v41 + with: + files: kubernetes/** + dir_names_max_depth: 2 + dir_names: true + escape_json: false + json: true + quotepath: false + safe_output: false + + - name: List all changed files + run: echo "${{ steps.changed-files.outputs.all_changed_and_modified_files }}" + + flux-image-test: + name: Flux Image Test + runs-on: ubuntu-latest + needs: ["changed-files"] + permissions: + pull-requests: write + strategy: + matrix: + paths: ${{ fromJSON(needs.changed-files.outputs.matrix) }} + max-parallel: 4 + fail-fast: false + steps: + - name: Generate Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: "${{ secrets.BOT_APP_ID }}" + private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" + + - name: Setup System Tools + shell: bash + run: sudo apt-get -qq update && sudo apt-get -qq install --no-install-recommends -y curl git + + - name: Setup Workflow Tools + uses: jdx/rtx-action@v1 + with: + install: true + cache: true + rtx_toml: | + [tools] + flux2 = "latest" + yq = "latest" + + - name: Checkout Live Branch + uses: actions/checkout@v4 + with: + token: "${{ steps.app-token.outputs.token }}" + ref: main + path: default + + - name: Checkout PR branch + uses: actions/checkout@v4 + with: + token: "${{ steps.app-token.outputs.token }}" + path: pull + + - name: Gather images in default branch + uses: docker://ghcr.io/allenporter/flux-local:pr-472 + with: + args: >- + --log-level DEBUG + get cluster + --path /github/workspace/default/${{ matrix.paths }} + --enable-images + --output yaml + --output-file default.yaml + + - name: Filter default branch results + shell: bash + run: yq -r '[.. | .images? | select(. != null)] | flatten | sort | unique | .[]' default.yaml + + - name: Gather images in pull request branch + uses: docker://ghcr.io/allenporter/flux-local:pr-472 + with: + args: >- + --log-level DEBUG + get cluster + --path /github/workspace/pull/${{ matrix.paths }} + --enable-images + --output yaml + --output-file pull.yaml + + - name: Filter default branch results + shell: bash + run: yq -r '[.. | .images? | select(. != null)] | flatten | sort | unique | .[]' pull.yaml + + - name: Diff results + shell: bash + run: | + diff -u default.yaml pull.yaml || true diff --git a/kubernetes/main/apps/network/nginx/external/helmrelease.yaml b/kubernetes/main/apps/network/nginx/external/helmrelease.yaml index 8898dffbb404f..832dbe95b8052 100644 --- a/kubernetes/main/apps/network/nginx/external/helmrelease.yaml +++ b/kubernetes/main/apps/network/nginx/external/helmrelease.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: ingress-nginx - version: 4.9.0 + version: 4.8.3 sourceRef: kind: HelmRepository name: ingress-nginx diff --git a/kubernetes/main/apps/network/nginx/internal/helmrelease.yaml b/kubernetes/main/apps/network/nginx/internal/helmrelease.yaml index 919a509ff9522..de9bd4c695048 100644 --- a/kubernetes/main/apps/network/nginx/internal/helmrelease.yaml +++ b/kubernetes/main/apps/network/nginx/internal/helmrelease.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: ingress-nginx - version: 4.9.0 + version: 4.8.3 sourceRef: kind: HelmRepository name: ingress-nginx From e439776c26dd950f3996a68ed4a30f7e594f513a Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Sun, 24 Dec 2023 20:11:50 -0500 Subject: [PATCH 2/5] feat: add flux-image-test workflow Signed-off-by: Devin Buhl --- .github/workflows/flux-image-test.yaml | 54 +++++++++++++++++++++----- 1 file changed, 44 insertions(+), 10 deletions(-) diff --git a/.github/workflows/flux-image-test.yaml b/.github/workflows/flux-image-test.yaml index 23651ce2eace6..ada794640b83e 100644 --- a/.github/workflows/flux-image-test.yaml +++ b/.github/workflows/flux-image-test.yaml @@ -46,7 +46,7 @@ - name: List all changed files run: echo "${{ steps.changed-files.outputs.all_changed_and_modified_files }}" - flux-image-test: + extract-images: name: Flux Image Test runs-on: ubuntu-latest needs: ["changed-files"] @@ -57,6 +57,8 @@ paths: ${{ fromJSON(needs.changed-files.outputs.matrix) }} max-parallel: 4 fail-fast: false + outputs: + matrix: ${{ steps.extract-images.outputs.images }} steps: - name: Generate Token uses: actions/create-github-app-token@v1 @@ -79,20 +81,20 @@ flux2 = "latest" yq = "latest" - - name: Checkout Live Branch + - name: Checkout Default Branch uses: actions/checkout@v4 with: token: "${{ steps.app-token.outputs.token }}" ref: main path: default - - name: Checkout PR branch + - name: Checkout Pull Request Branch uses: actions/checkout@v4 with: token: "${{ steps.app-token.outputs.token }}" path: pull - - name: Gather images in default branch + - name: Gather Images in Default Branch uses: docker://ghcr.io/allenporter/flux-local:pr-472 with: args: >- @@ -103,11 +105,13 @@ --output yaml --output-file default.yaml - - name: Filter default branch results + - name: Filter Default Branch Results shell: bash - run: yq -r '[.. | .images? | select(. != null)] | flatten | sort | unique | .[]' default.yaml + run: | + yq -r '[.. | .images? | select(. != null)] | flatten | sort | unique | .[]' \ + default.yaml > default.txt - - name: Gather images in pull request branch + - name: Gather Images in Pull Request Branch uses: docker://ghcr.io/allenporter/flux-local:pr-472 with: args: >- @@ -118,11 +122,41 @@ --output yaml --output-file pull.yaml - - name: Filter default branch results + - name: Filter Pull Request Branch Results shell: bash - run: yq -r '[.. | .images? | select(. != null)] | flatten | sort | unique | .[]' pull.yaml + run: | + yq -r '[.. | .images? | select(. != null)] | flatten | sort | unique | .[]' \ + pull.yaml > pull.txt - name: Diff results + id: extract-images shell: bash run: | - diff -u default.yaml pull.yaml || true + images=$(jo -a $(grep -vf default.txt pull.txt)) + echo "images=${images}" >> $GITHUB_OUTPUT + echo "${images}" + + test-images: + if: ${{ needs.extract-images.outputs.matrix != '[]' }} + name: Test images from Helm Release + runs-on: ubuntu-latest + needs: ["extract-images"] + strategy: + matrix: + images: ${{ fromJSON(needs.extract-images.outputs.matrix) }} + max-parallel: 4 + fail-fast: false + steps: + - name: Test Images from Helm Release + run: docker pull ${{ matrix.images }} + + # Summarize matrix https://github.community/t/status-check-for-a-matrix-jobs/127354/7 + test-images-success: + if: ${{ always() }} + needs: ["test-images"] + name: Test images from Helm Release successful + runs-on: ubuntu-latest + steps: + - if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }} + name: Check matrix status + run: exit 1 From 18072fa412c5f61d2fcc7b6746918def85190fb8 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Sun, 24 Dec 2023 20:13:46 -0500 Subject: [PATCH 3/5] feat: add flux-image-test workflow Signed-off-by: Devin Buhl --- .github/workflows/flux-image-test.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/flux-image-test.yaml b/.github/workflows/flux-image-test.yaml index ada794640b83e..3928d717d8c7b 100644 --- a/.github/workflows/flux-image-test.yaml +++ b/.github/workflows/flux-image-test.yaml @@ -69,7 +69,7 @@ - name: Setup System Tools shell: bash - run: sudo apt-get -qq update && sudo apt-get -qq install --no-install-recommends -y curl git + run: sudo apt-get -qq update && sudo apt-get -qq install --no-install-recommends -y curl git jo - name: Setup Workflow Tools uses: jdx/rtx-action@v1 @@ -98,7 +98,6 @@ uses: docker://ghcr.io/allenporter/flux-local:pr-472 with: args: >- - --log-level DEBUG get cluster --path /github/workspace/default/${{ matrix.paths }} --enable-images @@ -115,7 +114,6 @@ uses: docker://ghcr.io/allenporter/flux-local:pr-472 with: args: >- - --log-level DEBUG get cluster --path /github/workspace/pull/${{ matrix.paths }} --enable-images From 2bf4df13e36c8f51d2c748643aafcf0dbcf89b37 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Sun, 24 Dec 2023 20:18:40 -0500 Subject: [PATCH 4/5] feat: add flux-image-test workflow Signed-off-by: Devin Buhl --- kubernetes/main/apps/rook-ceph/rook-ceph/app/helmrelease.yaml | 2 +- .../main/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/kubernetes/main/apps/rook-ceph/rook-ceph/app/helmrelease.yaml b/kubernetes/main/apps/rook-ceph/rook-ceph/app/helmrelease.yaml index fb2e475522ade..4024129e35cb5 100644 --- a/kubernetes/main/apps/rook-ceph/rook-ceph/app/helmrelease.yaml +++ b/kubernetes/main/apps/rook-ceph/rook-ceph/app/helmrelease.yaml @@ -10,7 +10,7 @@ spec: chart: spec: chart: rook-ceph - version: v1.13.1 + version: v1.12.10 sourceRef: kind: HelmRepository name: rook-ceph diff --git a/kubernetes/main/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml b/kubernetes/main/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml index 30a8b4a2846d7..410591d19383b 100644 --- a/kubernetes/main/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml +++ b/kubernetes/main/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml @@ -10,7 +10,7 @@ spec: chart: spec: chart: rook-ceph-cluster - version: v1.13.1 + version: v1.12.10 sourceRef: kind: HelmRepository name: rook-ceph From 27bae5e92422b47651833ff56528c77dd3da2bb7 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Sun, 24 Dec 2023 20:23:35 -0500 Subject: [PATCH 5/5] feat: add flux-image-test workflow Signed-off-by: Devin Buhl --- .github/workflows/flux-image-test.yaml | 4 +--- .../main/apps/cert-manager/cert-manager/app/helmrelease.yaml | 2 +- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/flux-image-test.yaml b/.github/workflows/flux-image-test.yaml index 3928d717d8c7b..37b8c0169e110 100644 --- a/.github/workflows/flux-image-test.yaml +++ b/.github/workflows/flux-image-test.yaml @@ -38,10 +38,8 @@ files: kubernetes/** dir_names_max_depth: 2 dir_names: true - escape_json: false json: true - quotepath: false - safe_output: false + escape_json: false - name: List all changed files run: echo "${{ steps.changed-files.outputs.all_changed_and_modified_files }}" diff --git a/kubernetes/main/apps/cert-manager/cert-manager/app/helmrelease.yaml b/kubernetes/main/apps/cert-manager/cert-manager/app/helmrelease.yaml index 28f2af4caf91c..36285ac67b136 100644 --- a/kubernetes/main/apps/cert-manager/cert-manager/app/helmrelease.yaml +++ b/kubernetes/main/apps/cert-manager/cert-manager/app/helmrelease.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: cert-manager - version: v1.13.3 + version: v1.13.2 sourceRef: kind: HelmRepository name: jetstack