Skip to content

build(deps): bump docker/build-push-action from 4 to 5 #260

build(deps): bump docker/build-push-action from 4 to 5

build(deps): bump docker/build-push-action from 4 to 5 #260

Workflow file for this run

name: "Build and Test"
on:
- pull_request
- workflow_dispatch
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build sidecar
uses: docker/build-push-action@v5
with:
push: false
outputs: type=docker,dest=/tmp/k8s-sidecar.tar
tags: "kiwigrid/k8s-sidecar:testing"
- name: Prepare dummy server static resources
run: |
cp test/kubelogo.png test/server/static/
- name: Build dummy server
uses: docker/build-push-action@v5
with:
context: "test/server"
push: false
outputs: type=docker,dest=/tmp/dummy-server.tar
tags: "dummy-server:1.0.0"
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: images
path: /tmp/*.tar
test:
needs:
- build
strategy:
matrix:
# see https://github.com/kubernetes-sigs/kind/releases for supported k8s versions per kind version
k8s:
- maj_min: v1.21
digest: sha256:220cfafdf6e3915fbce50e13d1655425558cb98872c53f802605aa2fb2d569cf
- maj_min: v1.22
digest: sha256:9af784f45a584f6b28bce2af84c494d947a05bd709151466489008f80a9ce9d5
- maj_min: v1.23
digest: sha256:f77f8cf0b30430ca4128cc7cfafece0c274a118cd0cdb251049664ace0dee4ff
- maj_min: v1.24
digest: sha256:cea86276e698af043af20143f4bf0509e730ec34ed3b7fa790cc0bea091bc5dd
- maj_min: v1.25
digest: sha256:c08d6c52820aa42e533b70bce0c2901183326d86dcdcbedecc9343681db45161
- maj_min: v1.26
digest: sha256:f4c0d87be03d6bea69f5e5dc0adb678bb498a190ee5c38422bf751541cebe92e
- maj_min: v1.27
digest: sha256:b7d12ed662b873bd8510879c1846e87c7e676a79fefc93e17b2a52989d3ff42b
name: "Test on k8s ${{ matrix.k8s.maj_min }}"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Create k8s Kind Cluster
# make sure the k8s versions match the kind version of the action version 🤯
uses: helm/kind-action@v1.7.0
with:
node_image: kindest/node@${{ matrix.k8s.digest }}
config: test/kind-config.yaml
cluster_name: sidecar-testing
wait: 5m
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: images
path: /tmp
- name: Load images into kind cluster
run: |
kind load image-archive /tmp/k8s-sidecar.tar --name sidecar-testing
kind load image-archive /tmp/dummy-server.tar --name sidecar-testing
- name: Install Sidecar and Dummy Server
run: |
wait_for_pod_ready() {
while [[ $(kubectl get pods $1 -o 'jsonpath={..status.conditions[?(@.type=="Ready")].status}') != "True" ]]; do echo "waiting for pod '$1' to become ready..." && sleep 5; done
echo "Pod '$1' ready."
}
echo "Installing sidecar..."
kubectl apply -f "test/resources/sidecar.yaml"
sleep 10
kubectl get pods
wait_for_pod_ready "sidecar"
wait_for_pod_ready "sidecar-5xx"
wait_for_pod_ready "sidecar-pythonscript"
wait_for_pod_ready "sidecar-pythonscript-logfile"
wait_for_pod_ready "sidecar-logtofile-pythonscript"
wait_for_pod_ready "dummy-server-pod"
- name: Install Configmaps and Secrets
run: |
wait_for_pod_log() {
while [[ $(kubectl logs $1 | grep $2) == "" ]]; do echo "waiting 5 more seconds for '$2' to appear in logs of pod '$1'..." && sleep 5; done
echo "Pod '$1' logs contains '$2'"
}
# because the sidecar pods signal ready state before we actually opened up all watching subprocesses, we wait some more time
sleep 20
echo "Installing resources..."
kubectl apply -f "test/resources/resources.yaml"
pods=("sidecar" "sidecar-5xx" "sidecar-pythonscript" "sidecar-pythonscript-logfile")
resources=("sample-configmap" "sample-secret-binary" "absolute-configmap" "relative-configmap" "change-dir-configmap" "similar-configmap-secret" "url-configmap-500" "url-configmap-basic-auth" "sample-configmap")
for p in ${pods[*]}; do
for r in ${resources[*]}; do
wait_for_pod_log $p $r
done
done
# 10 more seconds after the last thing appeared in the logs.
sleep 10
- name: Retrieve pod logs
run: |
mkdir /tmp/logs
kubectl logs sidecar > /tmp/logs/sidecar.log
kubectl logs sidecar-5xx > /tmp/logs/sidecar-5xx.log
kubectl logs sidecar-pythonscript > /tmp/logs/sidecar-pythonscript.log
kubectl logs sidecar-pythonscript-logfile > /tmp/logs/sidecar-pythonscript-logfile.log
kubectl logs dummy-server-pod > /tmp/logs/dummy-server.log
- name: Upload artifacts (pod logs)
uses: actions/upload-artifact@v3
with:
name: pod-logs_${{ matrix.k8s.maj_min }}
path: /tmp/logs/*
- name: Download expected files from cluster
run: |
mkdir /tmp/sidecar
mkdir /tmp/sidecar-5xx
echo "Downloading resource files from sidecar..."
kubectl cp sidecar:/tmp/hello.world /tmp/sidecar/hello.world
kubectl cp sidecar:/tmp/cm-kubelogo.png /tmp/sidecar/cm-kubelogo.png
kubectl cp sidecar:/tmp/secret-kubelogo.png /tmp/sidecar/secret-kubelogo.png
kubectl cp sidecar:/tmp/url-downloaded-kubelogo.png /tmp/sidecar/url-downloaded-kubelogo.png
# script also generates into '/tmp'
kubectl cp sidecar:/tmp/script_result /tmp/sidecar/script_result
# absolute path in configmap points to /tmp in 'absolute-configmap'
kubectl cp sidecar:/tmp/absolute/absolute.txt /tmp/sidecar/absolute.txt
kubectl cp sidecar:/tmp/relative/relative.txt /tmp/sidecar/relative.txt
kubectl cp sidecar:/tmp/orig-dir/change-dir.txt /tmp/sidecar/change-dir.txt
kubectl cp sidecar:/tmp/500.txt /tmp/sidecar/500.txt || true
kubectl cp sidecar:/tmp/secured.txt /tmp/sidecar/secured.txt
kubectl cp sidecar:/tmp/similar-configmap.txt /tmp/sidecar/similar-configmap.txt
kubectl cp sidecar:/tmp/similar-secret.txt /tmp/sidecar/similar-secret.txt
echo "Downloading resource files from sidecar-5xx..."
kubectl cp sidecar-5xx:/tmp-5xx/hello.world /tmp/sidecar-5xx/hello.world
kubectl cp sidecar-5xx:/tmp-5xx/cm-kubelogo.png /tmp/sidecar-5xx/cm-kubelogo.png
kubectl cp sidecar-5xx:/tmp-5xx/secret-kubelogo.png /tmp/sidecar-5xx/secret-kubelogo.png
kubectl cp sidecar-5xx:/tmp-5xx/url-downloaded-kubelogo.png /tmp/sidecar-5xx/url-downloaded-kubelogo.png
# script also generates into '/tmp'
kubectl cp sidecar-5xx:/tmp/script_result /tmp/sidecar-5xx/script_result
# absolute path in configmap points to /tmp in 'absolute-configmap'
kubectl cp sidecar-5xx:/tmp/absolute/absolute.txt /tmp/sidecar-5xx/absolute.txt
kubectl cp sidecar-5xx:/tmp-5xx/relative/relative.txt /tmp/sidecar-5xx/relative.txt
kubectl cp sidecar-5xx:/tmp-5xx/orig-dir/change-dir.txt /tmp/sidecar-5xx/change-dir.txt
kubectl cp sidecar-5xx:/tmp-5xx/500.txt /tmp/sidecar-5xx/500.txt
kubectl cp sidecar-5xx:/tmp-5xx/secured.txt /tmp/sidecar-5xx/secured.txt
kubectl cp sidecar-5xx:/tmp-5xx/similar-configmap.txt /tmp/sidecar-5xx/similar-configmap.txt
kubectl cp sidecar-5xx:/tmp-5xx/similar-secret.txt /tmp/sidecar-5xx/similar-secret.txt
- name: Upload artifacts (expected files from cluster)
uses: actions/upload-artifact@v3
with:
name: expected-files_${{ matrix.k8s.maj_min }}
path: |
/tmp/sidecar/**
/tmp/sidecar-5xx/**
- name: Update Configmaps and Secrets
run: |
sleep 5
current_time=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
wait_for_pod_log() {
while [[ $(kubectl logs $1 --since-time ${current_time} | grep $2) == "" ]]; do echo "waiting 5 more seconds for '$2' to appear in logs of pod '$1'..." && sleep 5; done
echo "Pod '$1' logs contains '$2'"
}
echo "Updating resources..."
kubectl apply -f "test/resources/change_resources.yaml"
pods=("sidecar" "sidecar-5xx")
resources=("sample-configmap" "sample-secret-binary" "absolute-configmap" "relative-configmap" "change-dir-configmap" "similar-configmap-secret" "url-configmap-500" "url-configmap-basic-auth" "sample-configmap")
for p in ${pods[*]}; do
for r in ${resources[*]}; do
wait_for_pod_log $p $r
done
done
# 20 more seconds after the last thing appeared in the logs.
sleep 20
- name: Verify sidecar files after initial sync
run: |
echo -n "Hello World!" | diff - /tmp/sidecar/hello.world &&
diff test/kubelogo.png /tmp/sidecar/cm-kubelogo.png &&
diff test/kubelogo.png /tmp/sidecar/secret-kubelogo.png &&
diff test/kubelogo.png /tmp/sidecar/url-downloaded-kubelogo.png &&
echo -n "This absolutely exists" | diff - /tmp/sidecar/absolute.txt &&
echo -n "This relatively exists" | diff - /tmp/sidecar/relative.txt &&
echo -n "This change-dir exists" | diff - /tmp/sidecar/change-dir.txt &&
echo -n "I'm very similar" | diff - /tmp/sidecar/similar-configmap.txt &&
echo -n "I'm very similar" | diff - /tmp/sidecar/similar-secret.txt &&
echo -n "allowed" | diff - /tmp/sidecar/secured.txt &&
[ ! -f /tmp/sidecar/500.txt ] && echo "No 5xx file created" &&
ls /tmp/sidecar/script_result
- name: Verify sidecar-5xx files after initial sync
run: |
echo -n '{"detail":"Not authenticated"}' | diff - /tmp/sidecar-5xx/secured.txt &&
echo -n "Hello World!" | diff - /tmp/sidecar-5xx/hello.world &&
diff test/kubelogo.png /tmp/sidecar-5xx/cm-kubelogo.png &&
diff test/kubelogo.png /tmp/sidecar-5xx/secret-kubelogo.png &&
diff test/kubelogo.png /tmp/sidecar-5xx/url-downloaded-kubelogo.png &&
echo -n "This absolutely exists" | diff - /tmp/sidecar-5xx/absolute.txt &&
echo -n "This relatively exists" | diff - /tmp/sidecar-5xx/relative.txt &&
echo -n "This change-dir exists" | diff - /tmp/sidecar-5xx/change-dir.txt &&
echo -n "I'm very similar" | diff - /tmp/sidecar-5xx/similar-configmap.txt &&
echo -n "I'm very similar" | diff - /tmp/sidecar-5xx/similar-secret.txt &&
echo -n "500" | diff - /tmp/sidecar-5xx/500.txt &&
ls /tmp/sidecar-5xx/script_result
- name: Verify sidecar-python logs after initial sync
run: |
# Make sure to update this number this when adding or removing configmap or secrets
# For log to a file, Need to consider Jobs "Install Configmaps and Secrets" and "Update Configmaps and Secrets"
# Total is (9 + 7)
test $(cat /tmp/logs/sidecar-pythonscript.log | grep "Hello from python script!" | wc -l) = "9" &&
test $(cat /tmp/logs/sidecar-pythonscript-logfile.log | grep "Hello from python script!" | wc -l) = "9" &&
kubectl exec sidecar-logtofile-pythonscript -- sh -c "test -e /opt/logs/sidecar.log" &&
test $(kubectl exec sidecar-logtofile-pythonscript -- sh -c 'cat /opt/logs/sidecar.log | grep "Hello from python script!" | wc -l') = "16"
- name: Verify sidecar files after update
run: |
kubectl exec sidecar -- sh -c "ls /tmp/" &&
kubectl exec sidecar -- sh -c "! test -e /tmp/hello.world" && kubectl exec sidecar -- sh -c "test -e /tmp/change-hello.world" &&
kubectl exec sidecar -- sh -c "! test -e /tmp/cm-kubelogo.png" && kubectl exec sidecar -- sh -c "test -e /tmp/change-cm-kubelogo.png" &&
kubectl exec sidecar -- sh -c "! test -e /tmp/secret-kubelogo.png" && kubectl exec sidecar -- sh -c "test -e /tmp/change-secret-kubelogo.png" &&
kubectl exec sidecar -- sh -c "! test -e /tmp/absolute/absolute.txt" && kubectl exec sidecar -- sh -c "test -e /tmp/absolute/change-absolute.txt" &&
kubectl exec sidecar -- sh -c "! test -e /tmp/relative/relative.txt" && kubectl exec sidecar -- sh -c "test -e /tmp/relative/change-relative.txt" &&
kubectl exec sidecar -- sh -c "! test -e /tmp/orig-dir/change-dir.txt" && kubectl exec sidecar -- sh -c "test -e /tmp/new-dir/change-dir.txt" &&
kubectl exec sidecar -- sh -c "! test -e /tmp/similar-configmap.txt" && kubectl exec sidecar -- sh -c "test -e /tmp/change-similar-configmap.txt" &&
kubectl exec sidecar -- sh -c "! test -e /tmp/similar-secret.txt" && kubectl exec sidecar -- sh -c "test -e /tmp/change-similar-secret.txt"