Merge pull request #37 from innovatrics/access-controll-spoof-check-d… #302

Workflow file for this run

	name: Test helm chart
	on:
	push:
	branches:
	- '**'
	tags-ignore:
	- 'v*'
	jobs:
	package-lint:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- name: Setup helm CLI
	uses: azure/setup-helm@v3
	with:
	token: ${{ secrets.GITHUB_TOKEN }}
	- name: Install kubectl
	uses: azure/setup-kubectl@v3
	- name: Build helm dependencies
	run: \|
	helm dependency build .
	- name: Lint helm
	run: \|
	helm lint .
	# we package just to validate
	- name: Package helm
	run: \|
	helm package .
	- uses: actions/setup-python@v5
	- uses: gabe565/setup-helm-docs-action@v1
	- uses: pre-commit/[email protected]
	test-cluster:
	runs-on: ubuntu-latest
	strategy:
	matrix:
	variant: [
	'multitenant',
	'edge'
	]
	steps:
	- uses: actions/checkout@v4
	- name: Install yq
	run: \|
	sudo snap install yq
	- name: Setup helm CLI
	uses: azure/setup-helm@v3
	with:
	token: ${{ secrets.GITHUB_TOKEN }}
	- name: Install kubectl
	uses: azure/setup-kubectl@v3
	- name: Build helm dependencies
	run: \|
	helm dependency build .
	- name: Create kind cluster
	uses: helm/[email protected]
	- name: Install chart prerequisites
	env:
	REGISTRY_PASS: ${{ secrets.REGISTRY_PASS }}
	LICENSE_BASE64: ${{ secrets.LICENSE_BASE64 }}
	run: \|
	kubectl create secret docker-registry --dry-run=client sf-gitlab-registry-creds \
	--docker-server=registry.gitlab.com \
	--docker-username=sf-distribution \
	--docker-password=${REGISTRY_PASS} -o yaml > docker-secret.yaml
	echo ${LICENSE_BASE64} \| base64 -d > iengine.lic
	kubectl create secret generic --dry-run=client iface-lic \
	--from-file=iengine.lic -o yaml > lic-secret.yaml
	kubectl apply -f docker-secret.yaml
	kubectl apply -f lic-secret.yaml
	- name: Install helm chart
	env:
	TENANT_1_SECRET: ${{ secrets.TENANT_1_SECRET }}
	TENANT_2_SECRET: ${{ secrets.TENANT_2_SECRET }}
	run: \|
	helm install smartface . -f ci/test-values.yaml --set tests.authentication.tenant1.clientSecret="$TENANT_1_SECRET" --set tests.authentication.tenant2.clientSecret="$TENANT_2_SECRET" -f ci/${{ matrix.variant }}-values.yaml
	kubectl rollout status deployment sf-auth-api --timeout=300s
	- name: Apply tenant manifests
	run: \|
	kubectl apply -f ci/${{ matrix.variant }}-tenants.yaml
	echo "Wait for the operator to create the deployments"
	sleep 5
	- name: Wait for tenant operator edge
	if: ${{ matrix.variant == 'edge' }}
	run: \|
	echo "Wait for the operator to create the job"
	sleep 15
	- name: Wait for tenant operator multitenant
	if: ${{ matrix.variant == 'multitenant' }}
	run: \|
	kubectl rollout status deployment sf-matcher-tenant-1 --timeout=300s
	kubectl rollout status deployment sf-matcher-tenant-2 --timeout=300s
	- name: Test helm chart
	run: \|
	helm test smartface
	- name: Dump cluster info
	if: ${{ always() }}
	run: \|
	kubectl cluster-info dump > cluster-info-${{ matrix.variant }}.txt
	- name: Upload cluster-info
	if: ${{ always() }}
	uses: actions/upload-artifact@v4
	with:
	name: cluster-info-${{ matrix.variant }}
	path: \|
	cluster-info-${{ matrix.variant }}.txt

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #37 from innovatrics/access-controll-spoof-check-d… #302

Workflow file

Merge pull request #37 from innovatrics/access-controll-spoof-check-d… #302

Jobs

Run details

Workflow file for this run