add empty address for disable acl tc (#646) #498
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Run Integration Tests | |
on: | |
workflow_dispatch: | |
inputs: | |
python-version: | |
description: 'Specify the Python version to use for running tests. Leave empty to use the default Python version configured in the environment' | |
required: false | |
run-eol-python-version: | |
description: 'Indicates whether to run tests using an End-of-Life (EOL) Python version. Defaults to "false". Choose "true" to include tests for deprecated Python versions' | |
required: false | |
default: 'false' | |
type: choice | |
options: | |
- 'true' | |
- 'false' | |
push: | |
branches: | |
- main | |
- dev | |
env: | |
DEFAULT_PYTHON_VERSION: "3.10" | |
EOL_PYTHON_VERSION: "3.9" | |
EXIT_STATUS: 0 | |
jobs: | |
integration-tests: | |
runs-on: ubuntu-latest | |
env: | |
EXIT_STATUS: 0 | |
defaults: | |
run: | |
working-directory: .ansible/collections/ansible_collections/linode/cloud | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
with: | |
path: .ansible/collections/ansible_collections/linode/cloud | |
fetch-depth: 0 | |
submodules: 'recursive' | |
- name: Setup Python 3 | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ inputs.run-eol-python-version == 'true' && env.EOL_PYTHON_VERSION || inputs.python-version || env.DEFAULT_PYTHON_VERSION }} | |
- name: Install dependencies | |
run: make deps | |
- name: Install ansible dependencies | |
run: ansible-galaxy collection install amazon.aws:==9.1.0 | |
- name: Install Collection | |
run: make install | |
- name: Replace Existing Keys | |
run: rm -rf ~/.ansible/test && mkdir -p ~/.ansible/test && ssh-keygen -m PEM -q -t rsa -N '' -f ~/.ansible/test/id_rsa | |
- name: Run Integration Tests | |
run: | | |
make testall | |
env: | |
LINODE_API_TOKEN: ${{ secrets.DX_LINODE_TOKEN }} | |
ANSIBLE_CALLBACKS_ENABLED: "junit" | |
- name: Upload Test Report as Artifact | |
if: always() | |
uses: actions/upload-artifact@v4 | |
with: | |
name: xml-test-reports | |
if-no-files-found: ignore | |
path: '.ansible/collections/ansible_collections/linode/cloud/tests/output/junit' | |
retention-days: 1 | |
process-upload-report: | |
runs-on: ubuntu-latest | |
needs: [integration-tests] | |
if: ${{ (success() || failure()) && github.repository == 'linode/ansible_linode' }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
submodules: 'recursive' | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.x' | |
- name: Install Python dependencies | |
run: pip3 install requests wheel boto3==1.35.99 | |
# Create directory if it doesn't exist | |
- name: Create output directory | |
run: mkdir -p tests/output/junit | |
- name: Download test report | |
uses: actions/download-artifact@v4 | |
with: | |
name: xml-test-reports # Specify the artifact name from the 'run-tests' job | |
path: tests/output/junit | |
continue-on-error: true # Continue even if artifact download fails | |
- name: Merge all test xmls in output directory | |
run: | | |
ls -R tests/output/junit | |
python e2e_scripts/tod_scripts/xml_to_obj_storage/ansible_tests/merge_ansible_results.py | |
- name: Add additional information to XML report | |
run: | | |
filename=$(ls | grep -E '^[0-9]{12}_ansible_merged\.xml$') | |
python e2e_scripts/tod_scripts/xml_to_obj_storage/scripts/add_gha_info_to_xml.py \ | |
--branch_name "${GITHUB_REF#refs/*/}" \ | |
--gha_run_id "$GITHUB_RUN_ID" \ | |
--gha_run_number "$GITHUB_RUN_NUMBER" \ | |
--xmlfile "${filename}" | |
- name: Upload test results to the bucket | |
run: | | |
filename=$(ls | grep -E '^[0-9]{12}_ansible_merged\.xml$') | |
python3 e2e_scripts/tod_scripts/xml_to_obj_storage/scripts/xml_to_obj.py "${filename}" | |
env: | |
LINODE_CLI_OBJ_ACCESS_KEY: ${{ secrets.LINODE_CLI_OBJ_ACCESS_KEY }} | |
LINODE_CLI_OBJ_SECRET_KEY: ${{ secrets.LINODE_CLI_OBJ_SECRET_KEY }} | |
apply-calico-rules: | |
runs-on: ubuntu-latest | |
needs: [integration-tests] | |
if: ${{ success() || failure() }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
submodules: 'recursive' | |
- name: Download kubectl and calicoctl for LKE clusters | |
run: | | |
curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl" | |
curl -LO "https://github.com/projectcalico/calico/releases/download/v3.25.0/calicoctl-linux-amd64" | |
chmod +x calicoctl-linux-amd64 kubectl | |
mv calicoctl-linux-amd64 /usr/local/bin/calicoctl | |
mv kubectl /usr/local/bin/kubectl | |
- name: Apply Calico Rules to LKE | |
run: | | |
cd e2e_scripts/cloud_security_scripts/lke_calico_rules/ && ./lke_calico_rules_e2e.sh | |
env: | |
LINODE_TOKEN: ${{ secrets.DX_LINODE_TOKEN }} | |
add-fw-to-remaining-instances: | |
runs-on: ubuntu-latest | |
needs: [integration-tests] | |
if: ${{ success() || failure() }} | |
steps: | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.x' | |
- name: Install Linode CLI | |
run: | | |
pip install linode-cli | |
- name: Create Firewall and Attach to Instances | |
run: | | |
FIREWALL_ID=$(linode-cli firewalls create --label "e2e-fw-$(date +%s)" --rules.inbound_policy "DROP" --rules.outbound_policy "ACCEPT" --text --format=id --no-headers) | |
echo "Created Firewall with ID: $FIREWALL_ID" | |
for instance_id in $(linode-cli linodes list --format "id" --text --no-header); do | |
echo "Attaching firewall to instance: $instance_id" | |
if linode-cli firewalls device-create "$FIREWALL_ID" --id "$instance_id" --type linode; then | |
echo "Firewall attached to instance $instance_id successfully." | |
else | |
echo "An error occurred while attaching firewall to instance $instance_id. Skipping..." | |
fi | |
done | |
env: | |
LINODE_CLI_TOKEN: ${{ secrets.DX_LINODE_TOKEN }} | |
notify-slack: | |
runs-on: ubuntu-latest | |
needs: [integration-tests] | |
if: ${{ (success() || failure()) && github.repository == 'linode/ansible_linode' }} # Run even if integration tests fail and only on main repository | |
steps: | |
- name: Notify Slack | |
uses: slackapi/[email protected] | |
with: | |
method: chat.postMessage | |
token: ${{ secrets.SLACK_BOT_TOKEN }} | |
payload: | | |
channel: ${{ secrets.SLACK_CHANNEL_ID }} | |
blocks: | |
- type: section | |
text: | |
type: mrkdwn | |
text: ":rocket: *${{ github.workflow }} Completed in: ${{ github.repository }}* :white_check_mark:" | |
- type: divider | |
- type: section | |
fields: | |
- type: mrkdwn | |
text: "*Build Result:*\n${{ needs.integration-tests.result == 'success' && ':large_green_circle: Build Passed' || ':red_circle: Build Failed' }}" | |
- type: mrkdwn | |
text: "*Branch:*\n`${{ github.ref_name }}`" | |
- type: section | |
fields: | |
- type: mrkdwn | |
text: "*Commit Hash:*\n<${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }}|${{ github.sha }}>" | |
- type: mrkdwn | |
text: "*Run URL:*\n<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|View Run Details>" | |
- type: divider | |
- type: context | |
elements: | |
- type: mrkdwn | |
text: "Triggered by: :bust_in_silhouette: `${{ github.actor }}`" |