name: CI on: pull_request: branches: - "*" push: branches: - master jobs: changes: runs-on: ubuntu-latest outputs: go: ${{ steps.filter.outputs.go }} charts: ${{ steps.filter.outputs.charts }} steps: - name: Checkout uses: actions/checkout@v2 - uses: dorny/paths-filter@v2 id: filter with: token: ${{ secrets.GITHUB_TOKEN }} filters: | go: - '**/*.go' - 'go.mod' - 'go.sum' - 'rootfs/**/*' - 'TAG' - 'test/e2e/**/*' charts: - 'charts/ingress-nginx/Chart.yaml' - 'charts/ingress-nginx/**/*' security: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v2 - name: Run Gosec Security Scanner uses: securego/gosec@master with: # G601 for zz_generated.deepcopy.go # G306 TODO: Expect WriteFile permissions to be 0600 or less # G307 TODO: Deferring unsafe method "Close" args: -exclude=G601,G104,G204,G304,G306,G307 -tests=false -exclude-dir=test -exclude-dir=images/ -exclude-dir=docs/ ./... build: name: Build runs-on: ubuntu-latest needs: changes if: | (needs.changes.outputs.go == 'true') steps: - name: Checkout uses: actions/checkout@v2 - name: Set up Go 1.15 id: go uses: actions/setup-go@v2 with: go-version: 1.15 - name: Set up Docker Buildx id: buildx uses: crazy-max/ghaction-docker-buildx@v1 with: buildx-version: latest qemu-version: latest - name: Available platforms run: echo ${{ steps.buildx.outputs.platforms }} - name: Prepare Host run: | sudo apt-get -qq update || true sudo apt-get install -y pigz curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.17.0/bin/linux/amd64/kubectl chmod +x ./kubectl sudo mv ./kubectl /usr/local/bin/kubectl - name: Build images env: TAG: 1.0.0-dev ARCH: amd64 REGISTRY: ingress-controller run: | echo "building images..." make clean-image build image make -C test/e2e-image image echo "creating images cache..." docker save \ nginx-ingress-controller:e2e \ ingress-controller/controller:1.0.0-dev \ | pigz > docker.tar.gz - name: cache uses: actions/upload-artifact@v2 with: name: docker.tar.gz path: docker.tar.gz helm: name: Helm chart runs-on: ubuntu-latest needs: - changes if: | (needs.changes.outputs.charts == 'true') steps: - name: Checkout uses: actions/checkout@v2 - name: Lint run: | ./build/run-in-docker.sh ./hack/verify-chart-lint.sh - name: fix permissions run: | sudo mkdir -p $HOME/.kube sudo chmod -R 777 $HOME/.kube - name: Create Kubernetes cluster id: kind uses: engineerd/setup-kind@v0.5.0 with: version: v0.11.1 image: kindest/node:v1.20.2 - name: Test env: KIND_CLUSTER_NAME: kind SKIP_CLUSTER_CREATION: true run: | kind get kubeconfig > $HOME/.kube/kind-config-kind make kind-e2e-chart-tests kubernetes: name: Kubernetes runs-on: ubuntu-latest needs: - changes - build if: | (needs.changes.outputs.go == 'true') strategy: matrix: k8s: [v1.16.15, v1.17.17, v1.18.19, v1.19.11, v1.20.7] steps: - name: Checkout uses: actions/checkout@v2 - name: cache uses: actions/download-artifact@v2 with: name: docker.tar.gz - name: Create Kubernetes ${{ matrix.k8s }} cluster id: kind uses: engineerd/setup-kind@v0.5.0 with: version: v0.11.1 config: test/e2e/kind.yaml image: kindest/node:${{ matrix.k8s }} - uses: geekyeggo/delete-artifact@v1 with: name: docker.tar.gz failOnError: false - name: Prepare cluster for testing id: local-path run: | kubectl version echo echo "installing helm 3..." curl -sSL https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash - name: Load images from cache run: | echo "loading docker images..." pigz -dc docker.tar.gz | docker load - name: Run e2e tests env: KIND_CLUSTER_NAME: kind SKIP_CLUSTER_CREATION: true SKIP_IMAGE_CREATION: true run: | kind get kubeconfig > $HOME/.kube/kind-config-kind make kind-e2e-test