webhook tls certs: option to create via certmanager or existingSecretRef #65
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Tests | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| jobs: | |
| tests: | |
| runs-on: ubuntu-latest | |
| env: | |
| SCCACHE_GHA_ENABLED: "true" | |
| RUSTC_WRAPPER: "sccache" | |
| timeout-minutes: 20 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: rui314/setup-mold@v1 | |
| - uses: dtolnay/rust-toolchain@stable | |
| - name: Install Protoc | |
| uses: arduino/setup-protoc@v2 | |
| - name: Cache compilation artefacts | |
| uses: mozilla-actions/[email protected] | |
| - name: Cargo fmt | |
| run: cargo fmt --all -- --check | |
| - name: Run Trow test suite | |
| run: RUST_LOG=info cargo test | |
| - name: Smoke test | |
| run: RUST_LOG=info cargo test -- --ignored | |
| build: | |
| runs-on: ubuntu-latest | |
| env: | |
| SCCACHE_GHA_ENABLED: "true" | |
| RUSTC_WRAPPER: "sccache" | |
| outputs: | |
| container-image: ${{ steps.meta.outputs.tags }} | |
| timeout-minutes: 20 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: rui314/setup-mold@v1 | |
| - uses: dtolnay/rust-toolchain@stable | |
| - name: Install Protoc | |
| uses: arduino/setup-protoc@v2 | |
| - name: Cache compilation artefacts | |
| uses: mozilla-actions/[email protected] | |
| - name: Build | |
| run: | | |
| cargo build | |
| mv target/debug/trow trow | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build and export container image | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: . | |
| file: ./docker/Dockerfile.debug | |
| tags: trow:onpr | |
| outputs: type=docker,dest=/tmp/trow_image.tar.zst | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| retention-days: 1 | |
| name: "trow-image-${{ github.event.pull_request.number }}" | |
| path: /tmp/trow_image.tar.zst | |
| oci-conformance: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| timeout-minutes: 10 | |
| steps: | |
| - name: Download container image artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: "trow-image-${{ github.event.pull_request.number }}" | |
| path: /tmp | |
| - name: Load and run image | |
| id: start-container-image | |
| run: | | |
| docker load --input /tmp/trow_image.tar.zst | |
| ID=$(docker run -d -e RUST_LOG=debug --name trow -p 8000:8000 trow:onpr) | |
| IP=$(docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' $ID) | |
| echo "container-ip=$IP" >> $GITHUB_OUTPUT | |
| - name: Test connectivity | |
| run: curl "http://${{ steps.start-container-image.outputs.container-ip }}:8000" | |
| - name: Run OCI Distribution Spec conformance tests | |
| uses: opencontainers/[email protected] | |
| env: | |
| OCI_ROOT_URL: "http://${{ steps.start-container-image.outputs.container-ip }}:8000" | |
| OCI_NAMESPACE: oci-conformance/distribution-test | |
| OCI_TEST_PULL: 1 | |
| OCI_TEST_PUSH: 1 | |
| OCI_TEST_CONTENT_DISCOVERY: 1 | |
| OCI_TEST_CONTENT_MANAGEMENT: 1 | |
| OCI_HIDE_SKIPPED_WORKFLOWS: 0 | |
| OCI_DEBUG: 0 | |
| - name: Print trow logs | |
| if: always() | |
| run: docker logs trow | |
| helm-chart-validation: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| env: | |
| IMAGE: ${{ needs.build.outputs.container-image }} | |
| timeout-minutes: 10 | |
| steps: | |
| - name: Download container image artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: "trow-image-${{ github.event.pull_request.number }}" | |
| path: /tmp | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Helm | |
| uses: azure/setup-helm@v3 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Create kind cluster | |
| uses: helm/[email protected] | |
| with: | |
| config: .github/workflows/config/kind.yaml | |
| cluster_name: kind | |
| - name: Install Ingress | |
| run: | | |
| .github/workflows/config/install-kind-ingress.sh | |
| kubectl delete -A ValidatingWebhookConfiguration ingress-nginx-admission | |
| - name: Sideload Trow image | |
| run: | | |
| kind load image-archive /tmp/trow_image.tar.zst | |
| - name: Helm Install Trow | |
| run: | | |
| helm install trow-test -f .github/workflows/config/values.yaml charts/trow/ | |
| - name: Pull and Tag Docker Image | |
| run: | | |
| docker pull nginx:alpine | |
| docker tag nginx:alpine 127.0.0.1/test/nginx:alpine | |
| - name: Push to Trow | |
| run: | | |
| kubectl wait pod/trow-test-0 --for condition=ready --timeout=300s | |
| docker push 127.0.0.1/test/nginx:alpine | |
| typos: | |
| name: Typos | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Check spelling | |
| uses: crate-ci/[email protected] |