Skip to content

Service per pod

Service per pod #96

Workflow file for this run

name: Lint & Test Charts
on: pull_request
jobs:
pull_request:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Set up Helm
uses: azure/setup-helm@v4
- uses: actions/setup-python@v5
with:
python-version: 3.13
- name: Set up chart-testing
uses: helm/[email protected]
- name: Create Playground Account for Tests
run: |
playground_account_raw=`curl https://api.prod.us-east-1.warpstream.com/api/v1/signup -X POST -d '{"primary_user_first_name": "chart-ci", "primary_user_last_name": "Account", "tenant_name": "chart-ci-organization-'$(uuidgen)'", "primary_user_email": "chart-ci-email@'$(uuidgen)'", "primary_user_password": "chart-ci-password-'$(uuidgen)'", "is_demo": true}'`
export DefaultVirtualClusterID=`echo ${playground_account_raw} | jq -r .DefaultVirtualClusterID`
export DefaultVirtualClusterAgentKeySecret=`echo ${playground_account_raw} | jq -r .DefaultVirtualClusterAgentKeySecret`
echo "DefaultVirtualClusterID=${DefaultVirtualClusterID}" >> $GITHUB_ENV
echo "DefaultVirtualClusterAgentKeySecret=${DefaultVirtualClusterAgentKeySecret}" >> $GITHUB_ENV
- name: Generate Tests
run: |
./hack/ci/scripts/generate-tests.sh
- name: Run chart-testing (list-changed)
id: list-changed
run: |
changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }})
if [[ -n "$changed" ]]; then
echo "changed=true" >> "$GITHUB_OUTPUT"
fi
- name: Run chart-testing (lint)
if: steps.list-changed.outputs.changed == 'true'
run: ct lint --target-branch ${{ github.event.repository.default_branch }}
- name: Create kind cluster
if: steps.list-changed.outputs.changed == 'true'
uses: helm/kind-action@v1
- name: Create Secret for Tests from Playground Account
run: |
kubectl create secret generic external-secret --from-literal=agentkey=${DefaultVirtualClusterAgentKeySecret}
- name: Generate Certificate for TLS testing
run: |
mkdir /tmp/certificates
cd /tmp/certificates
mkdir -p ca/private
chmod 700 ca/private
# Generate CA
openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout ca/private/ca_key.pem -out ca/ca_cert.pem -subj "/C=US/ST=Acme State/L=Acme City/O=Acme Inc./CN=example.com"
# Create server private key and certificate request
mkdir -p server/private
chmod 700 ca/private
openssl genrsa -out server/private/server_key.pem 4096
openssl req -new -key server/private/server_key.pem -out server/server.csr -subj "/C=US/ST=Acme State/L=Acme City/O=Acme Inc./CN=WarpStream Agent" -addext 'subjectAltName = DNS:playground-sts-cert, DNS:playground-sts-cert-kafka, DNS:playground-sts-cert.default.svc.cluster.local, DNS:*.playground-sts-cert-headless.default.svc.cluster.local'
# Create client private key and certificate request
mkdir -p client/private
chmod 700 client/private
openssl genrsa -out client/private/client_key.pem 4096
openssl req -new -key client/private/client_key.pem -out client/client.csr -subj "/C=US/ST=Acme State/L=Acme City/O=Acme Inc./CN=WarpStream Client"
# Generate certificates
openssl x509 -req -days 1460 -in server/server.csr -CA ca/ca_cert.pem -CAkey ca/private/ca_key.pem -CAcreateserial -out server/server_cert.pem -copy_extensions copyall
openssl x509 -req -days 1460 -in client/client.csr -CA ca/ca_cert.pem -CAkey ca/private/ca_key.pem -CAcreateserial -out client/client_cert.pem -copy_extensions copyall
# Create Kubernetes Secrets
kubectl create secret tls ci-certificate --cert=server/server_cert.pem --key=server/private/server_key.pem
kubectl create secret tls ci-certificate-client --cert=client/client_cert.pem --key=client/private/client_key.pem
kubectl create secret generic ci-certificate-ca --from-file=ca.crt=ca/ca_cert.pem
- name: Run chart-testing (install)
if: steps.list-changed.outputs.changed == 'true'
run: ct install --namespace default --target-branch ${{ github.event.repository.default_branch }} --upgrade --skip-missing-values