chore: Refactor Postgres TLS certificate file handling #470
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
pull_request: | |
jobs: | |
helm: | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Helm Check | |
uses: igabaydulin/[email protected] | |
env: | |
CHART_LOCATION: ./charts/bindplane | |
CHART_VALUES: ./charts/bindplane/values.yaml | |
- name: Helm Docs | |
uses: losisin/helm-docs-github-action@v1 | |
- name: Helm Docs Check | |
run: .github/workflows/scripts/check-helm-docs.sh | |
integration: | |
runs-on: ubuntu-20.04 | |
strategy: | |
fail-fast: false | |
max-parallel: 5 | |
matrix: | |
case: | |
- "default" | |
- "ldap" | |
- "ingress" | |
- "volume" | |
- "pubsub" | |
- "nats" | |
- "oidc" | |
- "postgres" | |
- "postgres-tls-manual" | |
k8s_version: | |
- v1.25.0 | |
- v1.29.0 | |
- v1.31.0 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Generate OIDC Test Config | |
if: matrix.case == 'oidc' | |
run: .github/workflows/scripts/generate-oidc-test-config.sh "$BINDPLANE_OIDC_OAUTH2_CLIENT_ID" "$BINDPLANE_OIDC_OAUTH2_CLIENT_SECRET" | |
env: | |
BINDPLANE_OIDC_OAUTH2_CLIENT_ID: ${{ secrets.BINDPLANE_OIDC_OAUTH2_CLIENT_ID }} | |
BINDPLANE_OIDC_OAUTH2_CLIENT_SECRET: ${{ secrets.BINDPLANE_OIDC_OAUTH2_CLIENT_SECRET }} | |
- name: Start Minikube | |
uses: medyagh/setup-minikube@master | |
with: | |
cache: true | |
kubernetes-version: ${{ matrix.k8s_version }} | |
addons: default-storageclass,storage-provisioner,ingress | |
- name: Deploy Postgres | |
run: kubectl apply -f test/helper/postgres/postgres.tls.yaml | |
- name: Deploy PubSub Emulator | |
run: kubectl apply -f test/helper/pubsub/pubsub.yaml | |
- name: Deploy Certificate | |
run: .github/scripts/tls.sh | |
- name: Wait For Ingress Pods | |
run: | | |
sleep 5 | |
kubectl -n ingress-nginx wait deployment ingress-nginx-controller --timeout=120s --for condition=Available=True | |
sleep 30 | |
kubectl -n ingress-nginx get all | |
- name: Create secret | |
run: | | |
kubectl -n default create secret generic bindplane \ | |
--from-literal=license=${{ secrets.BINDPLANE_LICENSE }} | |
- name: Deploy | |
run: | | |
helm template \ | |
--values test/cases/${{ matrix.case }}/values.yaml \ | |
charts/bindplane | \ | |
kubectl apply -f - | |
- name: Wait For Pods | |
run: kubectl -n default wait --for=condition=ready pods --all --timeout=180s | |
- name: "Debug: Get status and logs" | |
if: always() | |
run: | | |
kubectl -n default get all | |
kubectl -n default logs sts/release-name-bindplane || kubectl -n default logs deploy/release-name-bindplane | |
- name: "Debug: Get postgres status and logs" | |
if: always() | |
run: | | |
kubectl -n postgres get all | |
kubectl -n postgres logs pod/postgres-0 | |
- name: "Debug: Get pubsub status and logs" | |
if: always() | |
run: | | |
kubectl -n pubsub get all | |
kubectl -n pubsub logs pod/pubsub-emulator-0 |