forked from envoyproxy/gateway
-
Notifications
You must be signed in to change notification settings - Fork 0
185 lines (160 loc) · 5.87 KB
/
build_and_test.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
name: Build and Test
on:
push:
branches:
- "main"
- "release/v*"
paths-ignore:
- "**/*.png"
pull_request:
branches:
- "main"
- "release/v*"
paths-ignore:
- "**/*.png"
permissions:
contents: read
jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- uses: ./tools/github-actions/setup-deps
# Generate the installation manifests first, so it can check
# for errors while running `make -k lint`
- run: IMAGE_PULL_POLICY=Always make generate-manifests
- run: make lint-deps
- run: make -k lint
gen-check:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- uses: ./tools/github-actions/setup-deps
- run: make -k gen-check
license-check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- uses: ./tools/github-actions/setup-deps
- run: make -k licensecheck
coverage-test:
runs-on: ubuntu-latest
permissions:
contents: read # for actions/checkout
id-token: write # for fetching OIDC token
steps:
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- uses: ./tools/github-actions/setup-deps
# test
- name: Run Coverage Tests
run: make go.test.coverage
- name: Upload coverage to Codecov
uses: codecov/codecov-action@6d798873df2b1b8e5846dba6fb86631229fbcb17 # v4.4.0
with:
fail_ci_if_error: true
files: ./coverage.xml
name: codecov-envoy-gateway
verbose: true
# only use oidc for push events or PRs from the same repo, since PRs from forks cannot fetch an OIDC token
# Codecov supports Token-less Uploads for PRs from forks:
# https://docs.codecov.com/docs/codecov-uploader#supporting-token-less-uploads-for-forks-of-open-source-repos-using-codecov
use_oidc: ${{ github.event_name == 'push' }}
build:
runs-on: ubuntu-latest
needs: [lint, gen-check, license-check, coverage-test]
steps:
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- uses: ./tools/github-actions/setup-deps
- name: Build EG Multiarch Binaries
run: make build-multiarch PLATFORMS="linux_amd64 linux_arm64"
- name: Upload EG Binaries
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: envoy-gateway
path: bin/
conformance-test:
runs-on: ubuntu-latest
needs: [build]
strategy:
matrix:
version: [ v1.26.14, v1.27.11, v1.28.7, v1.29.2 ]
steps:
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- uses: ./tools/github-actions/setup-deps
- name: Download EG Binaries
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
with:
name: envoy-gateway
path: bin/
- name: Give Privileges To EG Binaries
run: |
chmod +x bin/linux/amd64/envoy-gateway
chmod +x bin/linux/arm64/envoy-gateway
# conformance
- name: Run Standard Conformance Tests
env:
KIND_NODE_TAG: ${{ matrix.version }}
IMAGE_PULL_POLICY: IfNotPresent
run: make conformance
e2e-test:
runs-on: ubuntu-latest
needs: [build]
strategy:
matrix:
version: [ v1.26.14, v1.27.11, v1.28.7, v1.29.2 ]
steps:
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- uses: ./tools/github-actions/setup-deps
- name: Download EG Binaries
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
with:
name: envoy-gateway
path: bin/
- name: Give Privileges To EG Binaries
run: |
chmod +x bin/linux/amd64/envoy-gateway
chmod +x bin/linux/arm64/envoy-gateway
# E2E
- name: Run E2E Tests
env:
KIND_NODE_TAG: ${{ matrix.version }}
IMAGE_PULL_POLICY: IfNotPresent
run: make e2e
publish:
runs-on: ubuntu-latest
needs: [conformance-test, e2e-test]
steps:
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- uses: ./tools/github-actions/setup-deps
- name: Download EG Binaries
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
with:
name: envoy-gateway
path: bin/
- name: Give Privileges To EG Binaries
run: |
chmod +x bin/linux/amd64/envoy-gateway
chmod +x bin/linux/arm64/envoy-gateway
# build and push image
- name: Login to DockerHub
if: github.event_name == 'push'
uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Setup Multiarch Environment
if: github.event_name == 'push'
run: make image.multiarch.setup
- name: Build and Push EG Commit Image
if: github.event_name == 'push'
# tag is set to the short SHA of the commit
run: make image.push.multiarch PLATFORMS="linux_amd64 linux_arm64" IMAGE=envoyproxy/gateway-dev
- name: Build and Push EG Latest Image
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
# tag is set to `latest` when pushing to main branch
run: make image.push.multiarch TAG=latest PLATFORMS="linux_amd64 linux_arm64" IMAGE=envoyproxy/gateway-dev
- name: Build and Push EG Latest Helm Chart
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
# use `0.0.0` as the default latest version.
# use `Always` image pull policy for latest version.
run: IMAGE_PULL_POLICY=Always OCI_REGISTRY=oci://docker.io/envoyproxy CHART_VERSION=v0.0.0-latest TAG=latest make helm-package helm-push