Skip to content

Merge runAsUser and runAsNonRoot checks in a single testcase/check. #865

Merge runAsUser and runAsNonRoot checks in a single testcase/check.

Merge runAsUser and runAsNonRoot checks in a single testcase/check. #865

name: OCP Pre-Main Testing
on:
pull_request:
branches: [ main ]
label:
types: [deleted]
permissions:
contents: read
env:
QE_REPO: redhat-best-practices-for-k8s/certsuite-qe
KUBECONFIG: /home/labuser3/.kube/config
PFLT_DOCKERCONFIG: '/home/labuser3/.docker/config'
CERTSUITE_IMAGE_NAME: quay.io/redhat-best-practices-for-k8s/certsuite
TEST_CERTSUITE_IMAGE_TAG: localtest
DOCKER_CONFIG_DIR: '/home/labuser3/.docker'
CERTSUITE_CONFIG_DIR: '/home/labuser3/certsuite_config'
CERTSUITE_REPORT_DIR: '/home/labuser3/tnf_report'
jobs:
# Build the image used for testing first, then pass the reference to the QE tests.
# This saves time and resources by not building the image in each QE suite.
build-image-for-qe:
if: github.event.pull_request.user.login!='dependabot[bot]' && !contains(github.event.pull_request.labels.*.name, 'self-hosted-disable')
runs-on: ubuntu-22.04
steps:
- name: Check out code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: ${{ github.sha }}
- name: Setup docker buildx
uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
- name: Build temporary image tag for this PR
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
with:
context: .
file: ./Dockerfile
tags: |
${{ env.CERTSUITE_IMAGE_NAME }}:${{ env.TEST_CERTSUITE_IMAGE_TAG }}
outputs: type=docker,dest=/tmp/testimage.tar
- name: Store image as artifact
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
with:
name: testimage
path: /tmp/testimage.tar
qe-ocp-testing:
runs-on: qe-ocp-416
needs: build-image-for-qe
if: needs.build-image-for-qe.result == 'success' && github.event.pull_request.user.login!='dependabot[bot]' && !contains(github.event.pull_request.labels.*.name, 'self-hosted-disable')
strategy:
fail-fast: false
matrix:
suite: [affiliatedcertification, operator, observability]
env:
SHELL: /bin/bash
steps:
- name: Check out code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: ${{ github.sha }}
- name: Run initial setup
uses: ./.github/actions/setup
# Download the image from the artifact and load it into the docker daemon.
- name: Setup docker buildx
uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
- name: Download image from artifact
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: testimage
path: /tmp
- name: Load image into docker
run: docker load --input /tmp/testimage.tar
- name: Show pods
run: oc get pods -A
- name: Clone the QE repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: ${{ env.QE_REPO }}
path: certsuite-qe
ref: main
- name: Preemptively potential QE namespaces
run: ./scripts/delete-namespaces.sh
working-directory: certsuite-qe
- name: Preemptively delete contents of openshift-marketplace namespace
run: ./scripts/clean-marketplace.sh
working-directory: certsuite-qe
- name: Preemptively delete report and config folders
shell: bash
run: |
sudo rm -rf ${{env.CERTSUITE_CONFIG_DIR}}
sudo rm -rf ${{env.CERTSUITE_REPORT_DIR}}
- name: Run the tests (against image)
uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3.0.0
with:
timeout_minutes: 60
max_attempts: 3
command: cd ${GITHUB_WORKSPACE}/certsuite-qe; FEATURES=${{matrix.suite}} CERTSUITE_REPO_PATH=${GITHUB_WORKSPACE} CERTSUITE_IMAGE=${{env.CERTSUITE_IMAGE_NAME}} CERTSUITE_IMAGE_TAG=${{env.TEST_CERTSUITE_IMAGE_TAG}} JOB_ID=${{github.run_id}} DISABLE_INTRUSIVE_TESTS=true ENABLE_PARALLEL=true ENABLE_FLAKY_RETRY=true make test-features
- name: Cleanup self-hosted runner images
run: docker image prune -f