Skip to content

docs(MeshTrafficPermission): Add a note to enable mTLS to make mtp works #3337

docs(MeshTrafficPermission): Add a note to enable mTLS to make mtp works

docs(MeshTrafficPermission): Add a note to enable mTLS to make mtp works #3337

Workflow file for this run

name: CI
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
on: pull_request
jobs:
test-plugins:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- working-directory: jekyll-kuma-plugins
run: bundle install
- working-directory: jekyll-kuma-plugins
run: bundle exec rspec
- working-directory: .
run: make test
check-links:
name: Check links
runs-on: ubuntu-latest
env:
URL: https://deploy-preview-${{github.event.number}}--kuma.netlify.app
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
- uses: actions/setup-go@v5
- run: |
go install github.com/raviqqe/muffet/[email protected]
- name: Wait for Pages changed to be neutral
uses: fountainhead/[email protected]
id: waitForCheck
with:
ref: ${{ github.event.pull_request.head.sha || github.sha }}
token: ${{ secrets.GITHUB_TOKEN }}
checkName: "Pages changed - kuma"
timeoutSeconds: 1200
- name: Wait for Netlify site to be ready
if: steps.waitForCheck.outputs.conclusion == 'neutral'
uses: jakepartusch/[email protected]
id: waitForNetlify
with:
site_name: "kuma"
max_timeout: 1200
- name: link checker
run: |
$(go env GOPATH)/bin/muffet \
${URL} \
--buffer-size 8192 \
--exclude 'https://github.com/(/)?kumahq/kuma/pull/.*' \
--exclude 'https://github.com/.*/.*/blob/.*#.*' \
--exclude 'https://github.com/spiffe/spiffe/blob/main/standards/X509-SVID.md.*' \
--exclude 'https://github.com/kumahq/kuma/blob/master/CHANGELOG.md' \
--exclude ${URL}/docs/1. \
--exclude 127.0.0.1 \
--exclude https://cloudsmith.io/~kong/repos \
--exclude https://linux.die.net \
--exclude https://packages.konghq.com \
--exclude https://twitter.com \
--exclude https://coredns.io \
--exclude 'https://argo-cd.readthedocs.io/en/stable/' \
--exclude 'https://docs.cilium.io/en/v1.14/operations/upgrade/' \
--max-connections-per-host=8 \
--max-response-body-size 100000000 \
--rate-limit 50 \
--timeout 60
- name: link checker dev docs
run: |
$(go env GOPATH)/bin/muffet \
${URL}/docs/dev \
--buffer-size 8192 \
--exclude 'https://github.com/(/)?kumahq/kuma/pull/.*' \
--exclude 'https://github.com/.*/.*/blob/.*#.*' \
--exclude 'https://github.com/spiffe/spiffe/blob/main/standards/X509-SVID.md.*' \
--exclude 'https://github.com/kumahq/kuma/blob/master/CHANGELOG.md' \
--exclude 127.0.0.1 \
--exclude https://cloudsmith.io/~kong/repos \
--exclude https://linux.die.net \
--exclude https://packages.konghq.com \
--exclude https://twitter.com \
--exclude https://coredns.io \
--exclude 'https://argo-cd.readthedocs.io/en/stable/' \
--exclude 'https://docs.cilium.io/en/v1.14/operations/upgrade/' \
--max-connections-per-host=8 \
--max-response-body-size 100000000 \
--rate-limit 50 \
--timeout 60
installer-sh:
name: Test installer.sh
runs-on: ubuntu-latest
env:
GH_TOKEN: ${{ github.token }}
strategy:
matrix:
# NOTE: for each new OS, the check must be explicitly set as required in Github
os:
- amazonlinux:2022
- archlinux:latest
- debian:bookworm
- fedora:latest
- redhat/ubi8:8.6
- ubuntu:24.04
container:
image: ${{ matrix.os }}
steps:
- name: Prepare OS
run: |
(apt-get update && apt-get install file curl jq -y) || true
(yum install yum-utils -y && yum-config-manager --add-repo https://cli.github.com/packages/rpm/gh-cli.repo && yum install file tar gzip jq -y) || true
pacman --noconfirm -Syu jq file curl || true
- uses: actions/checkout@v4
- name: Run installer.sh
env:
VERBOSE: ${{ runner.debug }}
run: |
sh app/installer.sh
file ./kuma-*/bin/kumactl | grep x86-64 &> /dev/null
rm -rf ./kuma-*/
PRINT_VERSION=$(sh app/installer.sh --print-version 2> /dev/null)
echo ${PRINT_VERSION} | grep '^[[:digit:]]\.[[:digit:]]\.[[:digit:]]$' || echo "Unexpected version ${PRINT_VERSION}"
- name: Run installer.sh with VERSION=preview
env:
VERBOSE: ${{ runner.debug }}
VERSION: preview
run: |
sh app/installer.sh
file ./kuma-0.0.0-preview.v*/bin/kumactl | grep x86-64 &> /dev/null
rm -rf ./kuma-*/
PRINT_VERSION=$(sh app/installer.sh --print-version 2> /dev/null)
echo ${PRINT_VERSION} | grep '0\.0\.0-preview\.v[[:xdigit:]]\{9\}' || echo "Unexpected version ${PRINT_VERSION}"
- name: Run installer.sh with legacy version
env:
VERBOSE: ${{ runner.debug }}
VERSION: 2.2.0
run: |
sh app/installer.sh
file ./kuma-2.2.0/bin/kumactl | grep x86-64 &> /dev/null
rm -rf ./kuma-*/
PRINT_VERSION=$(sh app/installer.sh --print-version 2> /dev/null)
echo ${PRINT_VERSION} | grep "${VERSION}" || echo "Unexpected version ${PRINT_VERSION}"
- name: Run installer.sh with preview version
env:
VERBOSE: ${{ runner.debug }}
VERSION: preview
run: |
VERSION=$(sh app/installer.sh --print-version 2> /dev/null)
sh app/installer.sh
file ./kuma-*/bin/kumactl | grep x86-64 &> /dev/null
rm -rf ./kuma-*/
echo ${VERSION}
installer-sh-arm64:
runs-on: ubuntu-latest
name: Test installer.sh on arm64
steps:
- uses: actions/checkout@v4
- uses: uraimo/run-on-arch-action@v2
name: Run commands
id: runcmd
with:
arch: aarch64
distro: ubuntu22.04
env: |
VERBOSE: '${{ runner.debug }}'
# Not required, but speeds up builds by storing container images in
# a GitHub package registry.
githubToken: ${{ github.token }}
# Set an output parameter `uname` for use in subsequent steps
run: |
apt-get update && apt-get install -y file curl tar gzip
sh app/installer.sh
file ./kuma-*/bin/kumactl | grep aarch64 &> /dev/null
installer-sh-mesh:
name: Test installer.sh for Kong Mesh
runs-on: ubuntu-latest
steps:
- name: Prepare OS
run: |
(apt-get update && apt-get install curl -y) || true
- uses: actions/checkout@v4
- name: Run installer.sh
env:
VERBOSE: ${{ runner.debug }}
PRODUCT_NAME: Kong Mesh
REPO: kong/kong-mesh
LATEST_VERSION: https://docs.konghq.com/mesh/latest_version
run: sh app/installer.sh
vale:
name: Lint docs
runs-on: ubuntu-latest
steps:
- name: Get changed files
id: changed-files
uses: actions/github-script@v7
with:
script: |
// Note that we filter here first because otherwise vale is run on all files
// before the output is filtered to changed files, which takes a long time.
const files = await github.paginate(
github.rest.pulls.listFiles, {
...context.repo,
pull_number: ${{ github.event.number }},
},
);
return files
.filter(d => d.status != "removed")
.filter(d => !d.filename.includes("/generated/"))
.filter(d => !d.filename.includes("/raw/"))
.map(d => d.filename);
- uses: actions/checkout@v4
- uses: errata-ai/[email protected]
if: join(fromJSON(steps.changed-files.outputs.result)) != ''
name: Run Vale
with:
files: "${{ steps.changed-files.outputs.result }}"
reporter: github-pr-check
reviewdog_url: https://github.com/reviewdog/reviewdog/releases/download/v0.18.1/reviewdog_0.18.1_Linux_x86_64.tar.gz
fail_on_error: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}