diff --git a/.github/workflows/caname-id-test.yml b/.github/workflows/caname-id-test.yml index b5f760c..86384f5 100644 --- a/.github/workflows/caname-id-test.yml +++ b/.github/workflows/caname-id-test.yml @@ -6,6 +6,10 @@ on: type: string description: "Version of Go used to build ncm-issuer image" required: true + image-artifact-name: + type: string + description: "Name of the ncm-issuer image artifact" + required: true jobs: ca-id-test: @@ -28,11 +32,14 @@ jobs: - name: Set KUBECONFIG for MicroK8s run: echo "KUBECONFIG=/var/snap/microk8s/current/credentials/client.config" >> $GITHUB_ENV - - name: "build ncm-issuer image" - run: | - make docker-build - docker save ncm-issuer > ncm-issuer.tar - sudo microk8s ctr image import ncm-issuer.tar + - name: "Download ncm-issuer image" + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.image-artifact-name }} + path: . + + - name: "Load ncm-issuer image" + run: sudo microk8s ctr image import ${{ inputs.image-artifact-name }}.tar - name: "install cert-manager charts" run: | @@ -98,10 +105,13 @@ jobs: sudo microk8s.kubectl apply -f data/ncm-issuer.yml sudo microk8s.kubectl get issuers.certmanager.ncm.nokia.com -n ncm-issuer - - name: "sleep for 10s" - uses: juliangruber/sleep-action@v1 - with: - time: 10s + - name: "wait for ncm-issuer readiness" + run: | + while [[ $(sudo microk8s.kubectl get issuers.certmanager.ncm.nokia.com -n ncm-issuer -o jsonpath="{.items[0].status.conditions[?(@.type=='Ready')].status}") != "True" ]]; do + echo "Waiting for ncm-issuer to be ready..." + sleep 1 + done + echo "ncm-issuer is ready" - name: "check issuer status" run: | @@ -114,10 +124,13 @@ jobs: run: | sudo microk8s.kubectl apply -f data/cert-resource.yml - - name: "sleep for 10s" - uses: juliangruber/sleep-action@v1 - with: - time: 10s + - name: "wait for certificate readiness" + run: | + while [[ $(sudo microk8s.kubectl get certificate.cert-manager.io/ncm-cert -n ncm-issuer -o jsonpath="{.status.conditions[?(@.type=='Ready')].status}") != "True" ]]; do + echo "Waiting for certificate to be ready..." + sleep 1 + done + echo "Certificate is ready" - name: "check certificate resource" run: | @@ -179,11 +192,14 @@ jobs: - name: Set KUBECONFIG for MicroK8s run: echo "KUBECONFIG=/var/snap/microk8s/current/credentials/client.config" >> $GITHUB_ENV - - name: "build ncm-issuer image" - run: | - make docker-build - docker save ncm-issuer > ncm-issuer.tar - sudo microk8s ctr image import ncm-issuer.tar + - name: "Download ncm-issuer image" + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.image-artifact-name }} + path: . + + - name: "Load ncm-issuer image" + run: sudo microk8s ctr image import ${{ inputs.image-artifact-name }}.tar - name: "install cert-manager charts" run: | @@ -246,10 +262,13 @@ jobs: sudo microk8s.kubectl apply -f data/ncm-issuer.yml sudo microk8s.kubectl get issuers.certmanager.ncm.nokia.com -n ncm-issuer - - name: "sleep for 10s" - uses: juliangruber/sleep-action@v1 - with: - time: 10s + - name: "wait for ncm-issuer readiness" + run: | + while [[ $(sudo microk8s.kubectl get issuers.certmanager.ncm.nokia.com -n ncm-issuer -o jsonpath="{.items[0].status.conditions[?(@.type=='Ready')].status}") != "True" ]]; do + echo "Waiting for ncm-issuer to be ready..." + sleep 1 + done + echo "ncm-issuer is ready" - name: "check issuer status" run: | @@ -262,10 +281,13 @@ jobs: run: | sudo microk8s.kubectl apply -f data/cert-resource.yml - - name: "sleep for 10s" - uses: juliangruber/sleep-action@v1 - with: - time: 10s + - name: "wait for certificate readiness" + run: | + while [[ $(sudo microk8s.kubectl get certificate.cert-manager.io/ncm-cert -n ncm-issuer -o jsonpath="{.status.conditions[?(@.type=='Ready')].status}") != "True" ]]; do + echo "Waiting for certificate to be ready..." + sleep 1 + done + echo "Certificate is ready" - name: "check certificate resource" run: | diff --git a/.github/workflows/clientauth-test.yml b/.github/workflows/clientauth-test.yml index c007b8e..40a8fce 100644 --- a/.github/workflows/clientauth-test.yml +++ b/.github/workflows/clientauth-test.yml @@ -6,6 +6,10 @@ on: type: string description: "Version of Go used to build ncm-issuer image" required: true + image-artifact-name: + type: string + description: "Name of the ncm-issuer image artifact" + required: true jobs: client-auth-test: @@ -33,11 +37,14 @@ jobs: - name: Set KUBECONFIG for MicroK8s run: echo "KUBECONFIG=/var/snap/microk8s/current/credentials/client.config" >> $GITHUB_ENV - - name: "build ncm-issuer image" - run: | - make docker-build - docker save ncm-issuer > ncm-issuer.tar - sudo microk8s ctr image import ncm-issuer.tar + - name: "Download ncm-issuer image" + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.image-artifact-name }} + path: . + + - name: "Load ncm-issuer image" + run: sudo microk8s ctr image import ${{ inputs.image-artifact-name }}.tar - name: "install cert-manager charts" run: | @@ -113,10 +120,13 @@ jobs: sudo microk8s.kubectl apply -f data/ncm-issuer.yml sudo microk8s.kubectl get issuers.certmanager.ncm.nokia.com -n ncm-issuer - - name: "sleep for 15s" - uses: juliangruber/sleep-action@v1 - with: - time: 15s + - name: "wait for ncm-issuer readiness" + run: | + while [[ $(sudo microk8s.kubectl get issuers.certmanager.ncm.nokia.com -n ncm-issuer -o jsonpath="{.items[0].status.conditions[?(@.type=='Ready')].status}") != "True" ]]; do + echo "Waiting for ncm-issuer to be ready..." + sleep 1 + done + echo "ncm-issuer is ready" - name: "check issuer status" run: | @@ -129,10 +139,13 @@ jobs: run: | sudo microk8s.kubectl apply -f data/cert-resource.yml - - name: "sleep for 10s" - uses: juliangruber/sleep-action@v1 - with: - time: 10s + - name: "wait for certificate readiness" + run: | + while [[ $(sudo microk8s.kubectl get certificate.cert-manager.io/ncm-cert -n ncm-issuer -o jsonpath="{.status.conditions[?(@.type=='Ready')].status}") != "True" ]]; do + echo "Waiting for certificate to be ready..." + sleep 1 + done + echo "Certificate is ready" - name: "check certificate resource" run: | diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index 4147cd6..f07d85d 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -15,43 +15,66 @@ jobs: - uses: actions/checkout@v4 - uses: arnested/go-version-action@v1 id: versions + build-image: + name: "Build ncm-issuer image" + runs-on: ubuntu-latest + needs: go-versions + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + - run: go version + - name: "Build ncm-issuer image" + run: | + make docker-build + docker save ncm-issuer > ncm-issuer-image.tar + echo "ncm-issuer image built and saved to ncm-issuer-image.tar" + - name: "Upload ncm-issuer image" + uses: actions/upload-artifact@v3 + with: + name: ncm-issuer-image + path: ncm-issuer-image.tar clientauth: name: "clientauth test" - needs: go-versions + needs: [go-versions, build-image] uses: ./.github/workflows/clientauth-test.yml secrets: inherit with: go-version: ${{ fromJSON(needs.go-versions.outputs.go-mod-version) }} + image-artifact-name: ncm-issuer-image caname-id: name: "ca name/id tests" - needs: go-versions + needs: [go-versions, build-image] uses: ./.github/workflows/caname-id-test.yml secrets: inherit with: go-version: ${{ fromJSON(needs.go-versions.outputs.go-mod-version) }} + image-artifact-name: ncm-issuer-image signer: name: "signer test" - needs: go-versions + needs: [go-versions, build-image] uses: ./.github/workflows/signer-tests.yml secrets: inherit with: go-version: ${{ fromJSON(needs.go-versions.outputs.go-mod-version) }} + image-artifact-name: ncm-issuer-image pkey: name: "pkey tests" - needs: go-versions + needs: [go-versions, build-image] uses: ./.github/workflows/pkey-tests.yml secrets: inherit with: go-version: ${{ fromJSON(needs.go-versions.outputs.go-mod-version) }} + image-artifact-name: ncm-issuer-image san: name: "san test" - needs: go-versions + needs: [go-versions, build-image] uses: ./.github/workflows/san-test.yml secrets: inherit with: go-version: ${{ fromJSON(needs.go-versions.outputs.go-mod-version) }} + image-artifact-name: ncm-issuer-image diff --git a/.github/workflows/pkey-tests.yml b/.github/workflows/pkey-tests.yml index 3f68697..f23c086 100644 --- a/.github/workflows/pkey-tests.yml +++ b/.github/workflows/pkey-tests.yml @@ -6,6 +6,10 @@ on: type: string description: "Version of Go used to build ncm-issuer image" required: true + image-artifact-name: + type: string + description: "Name of the ncm-issuer image artifact" + required: true jobs: ecdsa-test: @@ -31,11 +35,14 @@ jobs: - name: Set KUBECONFIG for MicroK8s run: echo "KUBECONFIG=/var/snap/microk8s/current/credentials/client.config" >> $GITHUB_ENV - - name: "build ncm-issuer image" - run: | - make docker-build - docker save ncm-issuer > ncm-issuer.tar - sudo microk8s ctr image import ncm-issuer.tar + - name: "Download ncm-issuer image" + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.image-artifact-name }} + path: . + + - name: "Load ncm-issuer image" + run: sudo microk8s ctr image import ${{ inputs.image-artifact-name }}.tar - name: "install cert-manager charts" run: | @@ -107,10 +114,13 @@ jobs: sudo microk8s.kubectl apply -f data/ncm-issuer.yml sudo microk8s.kubectl get issuers.certmanager.ncm.nokia.com -n ncm-issuer - - name: "sleep for 15s" - uses: juliangruber/sleep-action@v1 - with: - time: 15s + - name: "wait for ncm-issuer readiness" + run: | + while [[ $(sudo microk8s.kubectl get issuers.certmanager.ncm.nokia.com -n ncm-issuer -o jsonpath="{.items[0].status.conditions[?(@.type=='Ready')].status}") != "True" ]]; do + echo "Waiting for ncm-issuer to be ready..." + sleep 1 + done + echo "ncm-issuer is ready" - name: "check issuer status" run: | @@ -123,10 +133,13 @@ jobs: run: | sudo microk8s.kubectl apply -f data/cert-resource.yml - - name: "sleep for 15s" - uses: juliangruber/sleep-action@v1 - with: - time: 15s + - name: "wait for certificate readiness" + run: | + while [[ $(sudo microk8s.kubectl get certificate.cert-manager.io/ncm-cert -n ncm-issuer -o jsonpath="{.status.conditions[?(@.type=='Ready')].status}") != "True" ]]; do + echo "Waiting for certificate to be ready..." + sleep 1 + done + echo "Certificate is ready" - name: "check certificate resource" run: | @@ -212,11 +225,14 @@ jobs: - name: Set KUBECONFIG for MicroK8s run: echo "KUBECONFIG=/var/snap/microk8s/current/credentials/client.config" >> $GITHUB_ENV - - name: "build ncm-issuer image" - run: | - make docker-build - docker save ncm-issuer > ncm-issuer.tar - sudo microk8s ctr image import ncm-issuer.tar + - name: "Download ncm-issuer image" + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.image-artifact-name }} + path: . + + - name: "Load ncm-issuer image" + run: sudo microk8s ctr image import ${{ inputs.image-artifact-name }}.tar - name: "install cert-manager charts" run: | @@ -287,10 +303,13 @@ jobs: sudo microk8s.kubectl apply -f data/ncm-issuer.yml sudo microk8s.kubectl get issuers.certmanager.ncm.nokia.com -n ncm-issuer - - name: "sleep for 10s" - uses: juliangruber/sleep-action@v1 - with: - time: 10s + - name: "wait for ncm-issuer readiness" + run: | + while [[ $(sudo microk8s.kubectl get issuers.certmanager.ncm.nokia.com -n ncm-issuer -o jsonpath="{.items[0].status.conditions[?(@.type=='Ready')].status}") != "True" ]]; do + echo "Waiting for ncm-issuer to be ready..." + sleep 1 + done + echo "ncm-issuer is ready" - name: "check issuer status" run: | @@ -303,10 +322,13 @@ jobs: run: | sudo microk8s.kubectl apply -f data/cert-resource.yml - - name: "sleep for 15s" - uses: juliangruber/sleep-action@v1 - with: - time: 15s + - name: "wait for certificate readiness" + run: | + while [[ $(sudo microk8s.kubectl get certificate.cert-manager.io/ncm-cert -n ncm-issuer -o jsonpath="{.status.conditions[?(@.type=='Ready')].status}") != "True" ]]; do + echo "Waiting for certificate to be ready..." + sleep 1 + done + echo "Certificate is ready" - name: "check certificate resource" run: | diff --git a/.github/workflows/san-test.yml b/.github/workflows/san-test.yml index 5274a32..288389e 100644 --- a/.github/workflows/san-test.yml +++ b/.github/workflows/san-test.yml @@ -6,6 +6,10 @@ on: type: string description: "Version of Go used to build ncm-issuer image" required: true + image-artifact-name: + type: string + description: "Name of the ncm-issuer image artifact" + required: true jobs: san-test: @@ -44,11 +48,14 @@ jobs: - name: Set KUBECONFIG for MicroK8s run: echo "KUBECONFIG=/var/snap/microk8s/current/credentials/client.config" >> $GITHUB_ENV - - name: "build ncm-issuer image" - run: | - make docker-build - docker save ncm-issuer > ncm-issuer.tar - sudo microk8s ctr image import ncm-issuer.tar + - name: "Download ncm-issuer image" + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.image-artifact-name }} + path: . + + - name: "Load ncm-issuer image" + run: sudo microk8s ctr image import ${{ inputs.image-artifact-name }}.tar - name: "install cert-manager charts" run: | @@ -115,10 +122,13 @@ jobs: sudo microk8s.kubectl apply -f data/ncm-issuer.yml sudo microk8s.kubectl get issuers.certmanager.ncm.nokia.com -n ncm-issuer - - name: "sleep for 10s" - uses: juliangruber/sleep-action@v1 - with: - time: 10s + - name: "wait for ncm-issuer readiness" + run: | + while [[ $(sudo microk8s.kubectl get issuers.certmanager.ncm.nokia.com -n ncm-issuer -o jsonpath="{.items[0].status.conditions[?(@.type=='Ready')].status}") != "True" ]]; do + echo "Waiting for ncm-issuer to be ready..." + sleep 1 + done + echo "ncm-issuer is ready" - name: "check issuer status" run: | @@ -131,10 +141,13 @@ jobs: run: | sudo microk8s.kubectl apply -f data/cert-resource.yml - - name: "sleep for 10s" - uses: juliangruber/sleep-action@v1 - with: - time: 10s + - name: "wait for certificate readiness" + run: | + while [[ $(sudo microk8s.kubectl get certificate.cert-manager.io/ncm-cert -n ncm-issuer -o jsonpath="{.status.conditions[?(@.type=='Ready')].status}") != "True" ]]; do + echo "Waiting for certificate to be ready..." + sleep 1 + done + echo "Certificate is ready" - name: "check certificate resource" run: | diff --git a/.github/workflows/signer-tests.yml b/.github/workflows/signer-tests.yml index f8eb2d0..5c7a5b8 100644 --- a/.github/workflows/signer-tests.yml +++ b/.github/workflows/signer-tests.yml @@ -6,6 +6,10 @@ on: type: string description: "Version of Go used to build ncm-issuer image" required: true + image-artifact-name: + type: string + description: "Name of the ncm-issuer image artifact" + required: true jobs: issuer-test: @@ -42,16 +46,14 @@ jobs: echo CERTMGR_VERSION=$(sudo microk8s.helm3 list -n cert-manager -o yaml|grep -Po 'cert-manager-\K.*' -m 1) >> $GITHUB_ENV - run: echo "cert-manager ${{ env.CERTMGR_VERSION }}" - - name: "build ncm-issuer image" - run: | - make docker-build - docker save ncm-issuer > ncm-issuer.tar - sudo microk8s ctr image import ncm-issuer.tar - - - name: "sleep for 10s" - uses: juliangruber/sleep-action@v1 + - name: "Download ncm-issuer image" + uses: actions/download-artifact@v3 with: - time: 10s + name: ${{ inputs.image-artifact-name }} + path: . + + - name: "Load ncm-issuer image" + run: sudo microk8s ctr image import ${{ inputs.image-artifact-name }}.tar - name: "cert-manager status" run: | @@ -105,10 +107,14 @@ jobs: run: | sudo microk8s.kubectl apply -f data/ncm-issuer.yml sudo microk8s.kubectl get issuers.certmanager.ncm.nokia.com -n ncm-issuer - - name: "sleep for 15s" - uses: juliangruber/sleep-action@v1 - with: - time: 15s + + - name: "wait for ncm-issuer readiness" + run: | + while [[ $(sudo microk8s.kubectl get issuers.certmanager.ncm.nokia.com -n ncm-issuer -o jsonpath="{.items[0].status.conditions[?(@.type=='Ready')].status}") != "True" ]]; do + echo "Waiting for ncm-issuer to be ready..." + sleep 1 + done + echo "ncm-issuer is ready" - name: "check issuer status" run: | @@ -120,10 +126,13 @@ jobs: run: | sudo microk8s.kubectl apply -f data/cert-resource.yml - - name: "sleep for 15s" - uses: juliangruber/sleep-action@v1 - with: - time: 15s + - name: "wait for certificate readiness" + run: | + while [[ $(sudo microk8s.kubectl get certificate.cert-manager.io/ncm-cert -n ncm-issuer -o jsonpath="{.status.conditions[?(@.type=='Ready')].status}") != "True" ]]; do + echo "Waiting for certificate to be ready..." + sleep 1 + done + echo "Certificate is ready" - name: "check certificate resource" run: | @@ -209,11 +218,14 @@ jobs: - name: Set KUBECONFIG for MicroK8s run: echo "KUBECONFIG=/var/snap/microk8s/current/credentials/client.config" >> $GITHUB_ENV - - name: "build ncm-issuer image" - run: | - make docker-build - docker save ncm-issuer > ncm-issuer.tar - sudo microk8s ctr image import ncm-issuer.tar + - name: "Download ncm-issuer image" + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.image-artifact-name }} + path: . + + - name: "Load ncm-issuer image" + run: sudo microk8s ctr image import ${{ inputs.image-artifact-name }}.tar - name: "install cert-manager charts" run: | @@ -290,10 +302,13 @@ jobs: sudo microk8s.kubectl apply -f data/ncm-issuer.yml sudo microk8s.kubectl get clusterissuers.certmanager.ncm.nokia.com -n ncm-issuer - - name: "sleep for 15s" - uses: juliangruber/sleep-action@v1 - with: - time: 15s + - name: "wait for ncm-issuer readiness" + run: | + while [[ $(sudo microk8s.kubectl get clusterissuers.certmanager.ncm.nokia.com -n ncm-issuer -o jsonpath="{.items[0].status.conditions[?(@.type=='Ready')].status}") != "True" ]]; do + echo "Waiting for ncm-issuer to be ready..." + sleep 1 + done + echo "ncm-issuer is ready" - name: "check issuer status" run: | @@ -307,10 +322,13 @@ jobs: cat data/cert-resource.yml sudo microk8s.kubectl apply -f data/cert-resource.yml - - name: "sleep for 15s" - uses: juliangruber/sleep-action@v1 - with: - time: 15s + - name: "wait for certificate readiness" + run: | + while [[ $(sudo microk8s.kubectl get certificate.cert-manager.io/ncm-cert -n ncm-cert -o jsonpath="{.status.conditions[?(@.type=='Ready')].status}") != "True" ]]; do + echo "Waiting for certificate to be ready..." + sleep 1 + done + echo "Certificate is ready" - name: "check certificate resource" run: |