-
Notifications
You must be signed in to change notification settings - Fork 363
239 lines (210 loc) · 7.49 KB
/
build_and_test.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
name: Build and Test
on:
push:
branches:
- "main"
- "release/v*"
paths-ignore:
- "**/*.png"
pull_request:
branches:
- "main"
- "release/v*"
paths-ignore:
- "**/*.png"
permissions:
contents: read
jobs:
lint:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: ./tools/github-actions/setup-deps
# Generate the installation manifests first, so it can check
# for errors while running `make -k lint`
- run: IMAGE_PULL_POLICY=Always make generate-manifests
- run: make lint-deps
- run: make -k lint
gen-check:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: ./tools/github-actions/setup-deps
- run: make -k gen-check
license-check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: ./tools/github-actions/setup-deps
- run: make -k licensecheck
coverage-test:
runs-on: ubuntu-latest
permissions:
contents: read # for actions/checkout
id-token: write # for fetching OIDC token
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: ./tools/github-actions/setup-deps
# test
- name: Run Coverage Tests
run: make go.test.coverage
- name: Upload coverage to Codecov
uses: codecov/codecov-action@7f8b4b4bde536c465e797be725718b88c5d95e0e # v5.1.1
with:
fail_ci_if_error: true
files: ./coverage.xml
name: codecov-envoy-gateway
verbose: true
use_oidc: ${{ !(github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork) }}
build:
runs-on: ubuntu-latest
needs: [lint, gen-check, license-check, coverage-test]
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: ./tools/github-actions/setup-deps
- name: Build EG Multiarch Binaries
run: make build-multiarch PLATFORMS="linux_amd64 linux_arm64"
- name: Upload EG Binaries
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: envoy-gateway
path: bin/
conformance-test:
runs-on: ubuntu-latest
needs: [build]
strategy:
fail-fast: false
matrix:
version: [ v1.29.10, v1.30.6, v1.31.4, v1.32.0 ]
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: ./tools/github-actions/setup-deps
- name: Download EG Binaries
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: envoy-gateway
path: bin/
- name: Give Privileges To EG Binaries
run: |
chmod +x bin/linux/amd64/envoy-gateway
chmod +x bin/linux/arm64/envoy-gateway
# conformance
- name: Run Standard Conformance Tests
env:
KIND_NODE_TAG: ${{ matrix.version }}
IMAGE_PULL_POLICY: IfNotPresent
run: make conformance
e2e-test:
runs-on: ubuntu-latest
needs: [build]
strategy:
fail-fast: false
matrix:
target:
- version: v1.29.10
ipFamily: ipv4
- version: v1.30.6
ipFamily: ipv4
- version: v1.31.4
ipFamily: ipv6 # only run ipv6 test on this version to save time
# TODO: this's IPv4 first, need a way to test IPv6 first.
- version: v1.32.0
ipFamily: dual # only run dual test on latest version to save time
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: ./tools/github-actions/setup-deps
- name: Download EG Binaries
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: envoy-gateway
path: bin/
- name: Give Privileges To EG Binaries
run: |
chmod +x bin/linux/amd64/envoy-gateway
chmod +x bin/linux/arm64/envoy-gateway
# E2E
- name: Run E2E Tests
env:
KIND_NODE_TAG: ${{ matrix.target.version }}
IMAGE_PULL_POLICY: IfNotPresent
IP_FAMILY: ${{ matrix.target.ipFamily }}
E2E_TIMEOUT: 1h
run: make e2e
benchmark-test:
runs-on: ubuntu-latest
# There's a different workflow for benchmark-test on push.
if: ${{ ! startsWith(github.event_name, 'push') }}
needs: [build]
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: ./tools/github-actions/setup-deps
- name: Setup Graphviz
uses: ts-graphviz/setup-graphviz@b1de5da23ed0a6d14e0aeee8ed52fdd87af2363c # v2.0.2
# Benchmark
- name: Run Benchmark tests
env:
KIND_NODE_TAG: v1.29.10
IMAGE_PULL_POLICY: IfNotPresent
# Args for benchmark test
BENCHMARK_RPS: 10000
BENCHMARK_CONNECTIONS: 100
BENCHMARK_DURATION: 30
BENCHMARK_CPU_LIMITS: 1000m
BENCHMARK_MEMORY_LIMITS: 2000Mi
BENCHMARK_REPORT_DIR: benchmark_report
run: make benchmark
- name: Read Benchmark report
run: cat test/benchmark/benchmark_report/benchmark_report.md
resilience-test:
runs-on: ubuntu-latest
if: ${{ ! startsWith(github.event_name, 'push') }}
needs: [build]
steps:
- uses: actions/[email protected]
- uses: ./tools/github-actions/setup-deps
- name: Resilience Test
env:
KIND_NODE_TAG: v1.28.13
IMAGE_PULL_POLICY: IfNotPresent
CUSTOM_CNI: "true"
run: make resilience
publish:
runs-on: ubuntu-latest
needs: [conformance-test, e2e-test]
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: ./tools/github-actions/setup-deps
- name: Download EG Binaries
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: envoy-gateway
path: bin/
- name: Give Privileges To EG Binaries
run: |
chmod +x bin/linux/amd64/envoy-gateway
chmod +x bin/linux/arm64/envoy-gateway
# build and push image
- name: Login to DockerHub
if: github.event_name == 'push'
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Setup Multiarch Environment
if: github.event_name == 'push'
run: make image.multiarch.setup
- name: Build and Push EG Commit Image
if: github.event_name == 'push'
# tag is set to the short SHA of the commit
run: make image.push.multiarch PLATFORMS="linux_amd64 linux_arm64" IMAGE=envoyproxy/gateway-dev
- name: Build and Push EG Latest Image
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
# tag is set to `latest` when pushing to main branch
run: make image.push.multiarch TAG=latest PLATFORMS="linux_amd64 linux_arm64" IMAGE=envoyproxy/gateway-dev
- name: Build and Push EG Latest Helm Chart
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
# use `0.0.0` as the default latest version.
# use `Always` image pull policy for latest version.
run: |
IMAGE_PULL_POLICY=Always OCI_REGISTRY=oci://docker.io/envoyproxy CHART_VERSION=v0.0.0-latest TAG=latest make helm-push
IMAGE_PULL_POLICY=Always OCI_REGISTRY=oci://docker.io/envoyproxy CHART_VERSION=0.0.0-latest TAG=latest make helm-push