Teach CI how to install Helm charts into a GKE cluster #8
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: PR tests | |
| concurrency: | |
| # Run only for most recent commit in PRs but for all tags and commits on main | |
| # Ref: https://docs.github.com/en/actions/using-jobs/using-concurrency | |
| group: ${{ github.workflow }}-${{ github.head_ref || github.sha }} | |
| cancel-in-progress: true | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| paths: | |
| - lbnl/helm/** | |
| workflow_dispatch: {} | |
| env: | |
| KIND_VERSION: v0.25.0 | |
| jobs: | |
| lint-test: | |
| timeout-minutes: 30 | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| chart-name: | |
| - lbnl/helm | |
| kubernetes-version: | |
| - "1.30.6" | |
| - "1.31.2" | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| - name: Set up Helm | |
| uses: azure/[email protected] | |
| - name: Add Helm repos | |
| run: | | |
| helm repo add bitnami https://charts.bitnami.com/bitnami | |
| - name: Set up chart-testing | |
| uses: helm/[email protected] | |
| - name: Run chart-testing (lint) | |
| run: ct lint --target-branch main --check-version-increment=false --chart-dirs lbnl --validate-maintainers=false | |
| - name: Create test cluster | |
| env: | |
| KUBERNETES_VERSION: ${{ matrix.kubernetes-version }} | |
| CHART_NAME: ${{ matrix.chart-name }} | |
| run: ./.ci/test-env.sh | |
| - name: Run ct install | |
| run: ct install --target-branch main --charts ${{ matrix.chart-name}} | |
| - name: Clean up test cluster | |
| run: ./.ci/test-env.sh cleanup | |
| if: always() | |
| # Workaround to allow checking the matrix tests as required tests without adding the individual cases | |
| # Ref: https://github.com/orgs/community/discussions/26822#discussioncomment-3305794 | |
| passed: | |
| timeout-minutes: 30 | |
| runs-on: ubuntu-latest | |
| needs: | |
| - lint-test | |
| if: always() | |
| steps: | |
| - if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }} | |
| run: | | |
| echo "Some jobs failed or were cancelled." | |
| exit 1 | |
| deploy-to-gke: | |
| runs-on: ubuntu-latest | |
| env: | |
| NAMESPACE: ochami-ci | |
| GC_REGISTRY: ${{ secrets.GC_PROJECT_REGION }}-docker.pkg.dev/${{ secrets.GC_PROJECT_ID }}/ochami | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Configure GKE credentials | |
| uses: google-github-actions/[email protected] | |
| with: | |
| credentials_json: ${{ secrets.GKE_SERVICE_ACCOUNT_KEY }} | |
| - name: Set up Cloud SDK | |
| uses: google-github-actions/setup-gcloud@v2 | |
| - name: Install `kubectl` plugin for gcloud CLI | |
| run: gcloud --quiet components install gke-gcloud-auth-plugin kubectl | |
| - name: Configure `kubectl` to talk to OpenCHAMI cluster in GKE | |
| run: gcloud container clusters get-credentials ${{ secrets.GKE_CLUSTER_NAME }} --location ${{ secrets.GC_PROJECT_REGION }} | |
| - name: Set up Helm | |
| uses: azure/[email protected] | |
| - name: mask Google Cloud project details | |
| run: echo "::add-mask::${{ secrets.GC_PROJECT_ID }}" | |
| # I can't figure out how to embed shell commands in the `env` section of | |
| # a GitHub Action, so we export it by hand here instead. | |
| - name: set name of Helm installation | |
| run: | | |
| export HELM_INSTALL_NAME="ochami-services-$(git rev-parse --short HEAD)" | |
| echo "HELM_INSTALL_NAME=${HELM_INSTALL_NAME}" >> ${GITHUB_ENV} | |
| - name: install Helm chart | |
| run: | | |
| cd ./lbnl/helm; | |
| helm dependency build; | |
| bash ./scripts/install.sh ${HELM_INSTALL_NAME} ${NAMESPACE} ${GC_REGISTRY} | |
| - name: show installed Helm charts | |
| run: helm ls -n ${NAMESPACE} | |
| - name: show running pods | |
| run: kubectl get pods -n ${NAMESPACE} -o wide | |
| - name: show running services | |
| run: kubectl get svc -n ${NAMESPACE} -o wide | |
| - name: run a simple test | |
| run: | | |
| SMD_PORT=$(kubectl get svc/smd -n ${NAMESPACE} -o json|jq -r '.spec.ports[].targetPort') | |
| kubectl exec deploy/swiss-army-knife -n ${NAMESPACE} -c swiss-army-knife -- curl -s smd.${NAMESPACE}.svc.cluster.local:${SMD_PORT}/hsm/v2/service/ready|jq | |
| - name: uninstall Helm chart | |
| run: helm uninstall ${HELM_INSTALL_NAME} -n ${NAMESPACE} | |
| if: always() | |
| - name: delete PostgreSQL PVC because `helm uninstall` won't do that for us | |
| run: kubectl delete pvc/data-${HELM_INSTALL_NAME}-postgresql-0 -n ${NAMESPACE} | |
| if: always() |