Cross cloud providers tests #24

Workflow file for this run

.github/workflows/cross-cloud-tests.yaml at d18ae14

	name: Cross-Cloud Chainsaw Tests

	on:
	pull_request:
	branches:
	- main
	schedule:
	- cron: '0 0 * * *' # Nightly run at midnight
	workflow_dispatch: # Manual trigger


	permissions:
	id-token: write
	contents: read

	jobs:
	build-and-push-images:
	permissions:
	id-token: write
	contents: read
	name: Build and Push Docker Images
	runs-on: ubuntu-latest
	steps:
	- name: Checkout Code
	uses: actions/checkout@v3

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v2


	- name: Configure AWS credentials from OIDC
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: arn:aws:iam::061717858829:role/ecr-pull-push-role
	aws-region: us-east-1


	- name: Login to Amazon ECR
	run: \|
	aws ecr-public get-login-password --region us-east-1 \| docker login --username AWS --password-stdin public.ecr.aws


	# - name: Build and Tag Docker Images
	# env:
	# COMMIT_HASH: ${{ github.sha }}
	# run: \|
	# # Build images
	# make build-images TAG=${COMMIT_HASH}
	# # Tag images for public ECR
	# docker tag keyval/odigos-collector:${COMMIT_HASH} public.ecr.aws/y2v0v6s7/keyval/odigos-collector:${COMMIT_HASH}
	# docker tag keyval/odigos-instrumentor:${COMMIT_HASH} public.ecr.aws/y2v0v6s7/keyval/odigos-instrumentor:${COMMIT_HASH}
	# docker tag keyval/odigos-ui:${COMMIT_HASH} public.ecr.aws/y2v0v6s7/keyval/odigos-ui:${COMMIT_HASH}
	# docker tag keyval/odigos-scheduler:${COMMIT_HASH} public.ecr.aws/y2v0v6s7/keyval/odigos-scheduler:${COMMIT_HASH}
	# docker tag keyval/odigos-autoscaler:${COMMIT_HASH} public.ecr.aws/y2v0v6s7/keyval/odigos-autoscaler:${COMMIT_HASH}
	# docker tag keyval/odigos-odiglet:${COMMIT_HASH} public.ecr.aws/y2v0v6s7/keyval/odigos-odiglet:${COMMIT_HASH}

	# docker push public.ecr.aws/y2v0v6s7/keyval/odigos-collector:${COMMIT_HASH}
	# docker push public.ecr.aws/y2v0v6s7/keyval/odigos-instrumentor:${COMMIT_HASH}
	# docker push public.ecr.aws/y2v0v6s7/keyval/odigos-ui:${COMMIT_HASH}
	# docker push public.ecr.aws/y2v0v6s7/keyval/odigos-scheduler:${COMMIT_HASH}
	# docker push public.ecr.aws/y2v0v6s7/keyval/odigos-autoscaler:${COMMIT_HASH}
	# docker push public.ecr.aws/y2v0v6s7/keyval/odigos-odiglet:${COMMIT_HASH}

	test:
	permissions:
	id-token: write
	contents: read
	needs: build-and-push-images
	runs-on: ubuntu-latest
	strategy:
	matrix:
	cloud-provider: [aks] # Add or remove providers as needed [TODO: later add -> eks + gke]
	env:
	TEST_SCENARIO: multi-apps

	steps:

	- name: Configure AWS credentials from OIDC
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: arn:aws:iam::061717858829:role/ecr-pull-push-role
	aws-region: us-east-1

	- name: Login to Amazon ECR
	run: \|
	aws ecr-public get-login-password --region us-east-1 \| docker login --username AWS --password-stdin public.ecr.aws

	- name: Checkout Code
	uses: actions/checkout@v3

	- name: Configure Cloud Provider
	run: \|
	if [ "${{ matrix.cloud-provider }}" = "aks" ]; then
	echo "Configuring for AKS"

	# Set environment variables for Azure provider
	echo "ARM_CLIENT_ID=${{ secrets.AZURE_CLIENT_ID }}" >> $GITHUB_ENV
	echo "ARM_CLIENT_SECRET=${{ secrets.AZURE_CLIENT_SECRET }}" >> $GITHUB_ENV
	echo "ARM_TENANT_ID=${{ secrets.AZURE_TENANT_ID }}" >> $GITHUB_ENV
	echo "ARM_SUBSCRIPTION_ID=${{ secrets.AZURE_SUBSCRIPTION_ID }}" >> $GITHUB_ENV

	az login --service-principal -u ${{ secrets.AZURE_CLIENT_ID }} -p ${{ secrets.AZURE_CLIENT_SECRET }} --tenant ${{ secrets.AZURE_TENANT_ID }}
	az account set --subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }}

	elif [ "${{ matrix.cloud-provider }}" = "eks" ]; then
	echo "Configuring for EKS"
	aws configure set aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws configure set aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws configure set region us-east-1

	elif [ "${{ matrix.cloud-provider }}" = "gke" ]; then
	echo "Configuring for GKE"
	echo "${{ secrets.GCP_SERVICE_ACCOUNT_KEY }}" \| base64 --decode > gcp-key.json
	gcloud auth activate-service-account --key-file=gcp-key.json
	gcloud config set project ${{ secrets.GCP_PROJECT_ID }}

	else
	echo "Unknown cloud provider: ${{ matrix.cloud-provider }}"
	exit 1
	fi

	- uses: opentofu/setup-opentofu@v1

	- name: Set Terraform Directory Based on Cloud Provider
	run: \|
	if [ "${{ matrix.cloud-provider }}" == "aks" ]; then
	echo "TF_DIR=./tests-infrastructure/terraform/aks" >> $GITHUB_ENV
	elif [ "${{ matrix.cloud-provider }}" == "eks" ]; then
	echo "TF_DIR=./tests-infrastructure/terraform/eks" >> $GITHUB_ENV
	elif [ "${{ matrix.cloud-provider }}" == "gke" ]; then
	echo "TF_DIR=./tests-infrastructure/terraform/gke" >> $GITHUB_ENV
	else
	echo "Unknown cloud provider"
	exit 1
	fi

	- name: Initialize OpenTofu
	run: tofu -chdir=$TF_DIR init

	- name: Plan OpenTofu
	run: tofu -chdir=$TF_DIR plan

	- name: Apply OpenTofu Configuration
	run: \|
	tofu -chdir=$TF_DIR apply -auto-approve
	az aks get-credentials --resource-group tests-rg --name tests-aks

	- name: Verify cluster Access
	run: \|
	kubectl get nodes \|\| exit 1

	- name: Install Chainsaw
	uses: kyverno/[email protected]

	- name: Build CLI
	run: \|
	cd cli
	go build -tags=embed_manifests -o odigos
	chmod +x odigos

	- name: Run E2E Tests
	run: \|
	echo "MODE=cross-cloud-tests" >> $GITHUB_ENV
	export MODE=cross-cloud-tests
	chainsaw test tests/e2e/${{ env.TEST_SCENARIO }}

	# - name: Destroy Resources
	# if: always() # Ensures this runs even if earlier steps fail
	# run: tofu -chdir=$TF_DIR destroy -auto-approve

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Cross cloud providers tests #24

Workflow file

Cross cloud providers tests #24

Jobs

Run details

Workflow file for this run