Skip to content
Build, Lint, and Test

test(e2e): update k8s UPGRADE_FROM to 1.33 #3225

Sign in to view logs

test(e2e): update k8s UPGRADE_FROM to 1.33

test(e2e): update k8s UPGRADE_FROM to 1.33 #3225

Workflow file for this run

.github/workflows/build-dev.yaml at 4cb656b
name: Build, Lint, and Test
env:
EXPORT_RESULT: true
on:
push:
branches:
- main
- 'release-*'
pull_request:
types: [opened, synchronize, reopened, labeled]
pull_request_target:
types: [opened, synchronize, reopened, labeled]
branches:
- main
- 'release-*'
jobs:
check_approvals:
runs-on: ubuntu-latest
# Run this job only if the following conditions are met:
# 1. The pull request has the 'integration-test' label.
# 2. The event is either:
# a. A 'pull_request' event where the base and head repositories are the same (internal PR).
# b. A 'pull_request_target' event where the base and head repositories are different (external PR).
if: ${{ contains(github.event.pull_request.labels.*.name, 'integration-test') &&
(( github.event_name == 'pull_request' && github.event.pull_request.base.repo.clone_url == github.event.pull_request.head.repo.clone_url) ||
(github.event_name == 'pull_request_target' && github.event.pull_request.base.repo.clone_url != github.event.pull_request.head.repo.clone_url )) }}
outputs:
# Output the approval status for pull_request_target events, otherwise default to 'true'
check_approvals: ${{ github.event_name == 'pull_request_target' && steps.check_approvals.outputs.check_approvals || 'true' }}
# Output whether the PR is external
external_pr: ${{ github.event.pull_request.base.repo.clone_url != github.event.pull_request.head.repo.clone_url }}
steps:
- name: Check integration test allowance status
# Only run this step for pull_request_target events
if: ${{ github.event_name == 'pull_request_target' }}
id: check_approvals
# Use an external action to check if the PR has the necessary approvals
uses: nutanix-cloud-native/action-check-approvals@v1
build-container:
if: ${{ (github.event_name == 'pull_request' && needs.check_approvals.outputs.external_pr == 'false') || (github.event_name == 'pull_request_target' && needs.check_approvals.outputs.external_pr == 'true' && needs.check_approvals.outputs.check_approvals == 'true') }}
needs: check_approvals
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: "${{ github.event.pull_request.head.sha }}"
- name: Install devbox
uses: jetify-com/[email protected]
with:
enable-cache: "true"
- uses: actions/cache@v4
with:
path: |
~/.cache/golangci-lint
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Verify that generated manifests committed to the repository are up to date
run: devbox run -- make verify-manifests
- name: Build
run: devbox run -- make generate fmt vet build
- name: Run golangci-lint
run: devbox run -- make lint
- name: Lint
run: devbox run -- make lint-yaml
- name: Template Tests
run: devbox run -- make template-test
- name: Run unit tests
run: devbox run -- make unit-test
- name: Run coverage report
run: devbox run -- make coverage
- name: Codecov
uses: codecov/codecov-action@v4
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
with:
file: ./coverage.out # Replace with the path to your coverage report
fail_ci_if_error: true
- name: Run Trivy vulnerability scanner
uses: aquasecurity/[email protected]
with:
scan-type: "fs"
ignore-unfixed: true
format: "table"
exit-code: "1"
vuln-type: "os,library"
severity: "CRITICAL,HIGH"
e2e:
strategy:
matrix:
e2e-labels:
- "clusterctl-upgrade"
- "clusterclass"
- "capx-feature-test"
- "nutanix-feature-test"
- "nutanix-storage-test"
- "scaling"
- "kubernetes-upgrade"
- "gpu"
fail-fast: false
needs: check_approvals
uses: ./.github/workflows/e2e.yaml
with:
e2e-labels: ${{ matrix.e2e-labels }}
make-target: test-e2e-calico
secrets: inherit
permissions:
contents: read
checks: write