Skip to content

Document linux_capabilities in builds section #1872

Document linux_capabilities in builds section

Document linux_capabilities in builds section #1872

Workflow file for this run

name: KinD e2e tests
on:
workflow_dispatch: # Allow manual runs.
pull_request:
branches:
- 'main'
jobs:
e2e-tests:
name: e2e tests
runs-on: ubuntu-latest
env:
# https://github.com/google/go-containerregistry/pull/125 allows insecure registry for
# '*.local' hostnames. This works both for `ko` and our own tag-to-digest resolution logic,
# thus allowing us to test without bypassing tag-to-digest resolution.
REGISTRY_NAME: registry.local
REGISTRY_PORT: 5000
KO_DOCKER_REPO: registry.local:5000/ko
steps:
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: 'go.mod'
check-latest: true
- name: Install ko
run: go install ./
- name: Setup Cluster
uses: chainguard-dev/actions/setup-kind@29fb6e979a0b3efc79748a17e8cec08d0594cbfd # main
with:
k8s-version: v1.28.x
registry-authority: ${{ env.REGISTRY_NAME }}:${{ env.REGISTRY_PORT }}
- name: Install Cosign
uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0
- name: Run Smoke Test
run: |
# Test with kind load
KO_DOCKER_REPO=kind.local ko apply --platform=all -f ./test
kubectl wait --timeout=10s --for=condition=Ready pod/kodata
kubectl delete pod kodata
# Test with registry
ko apply --platform=all -f ./test
kubectl wait --timeout=60s --for=condition=Ready pod/kodata
kubectl delete pod kodata
# Test ko run with kind load
# This tests that --labels are passed to kubectl, and -wait is passed to the test binary.
KO_DOCKER_REPO=kind.local ko run ./test -- --labels=foo=bar -- -wait=false
- name: Check SBOM
run: |
set -o pipefail
echo '::group:: SBOM'
cosign download sbom $(ko build ./test)
echo "${SBOM}"
echo '::endgroup::'
- name: Collect diagnostics and upload
if: ${{ failure() }}
uses: chainguard-dev/actions/kind-diag@29fb6e979a0b3efc79748a17e8cec08d0594cbfd # main