jumpstarter-e2e/action.yml at main · jumpstarter-dev/jumpstarter-e2e · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
name: 'Jumpstarter end-to-end testing'
inputs:
  controller-ref:
    description: 'jumpstarter-dev/jumpstarter-controller git ref'
    required: true
  jumpstarter-ref:
    description: 'jumpstarter-dev/jumpstarter git ref'
    required: true
runs:
  using: "composite"
  steps:
    - name: Install uv
      uses: astral-sh/setup-uv@v2
    - name: Install python
      shell: bash
      run: |
        uv python install 3.12
    - name: Install bats
      shell: bash
      run: |
        sudo apt-get update
        sudo apt-get install -y bats bats-support bats-assert
    - name: Checkout jumpstarter controller
      uses: actions/checkout@v4
      with:
        repository: jumpstarter-dev/jumpstarter-controller
        ref: ${{ inputs.controller-ref }}
        path: controller
    - name: Checkout jumpstarter
      uses: actions/checkout@v4
      with:
        repository: jumpstarter-dev/jumpstarter
        ref: ${{ inputs.jumpstarter-ref }}
        path: jumpstarter
    - name: Deploy dex
      shell: bash
      run: |
        go run github.com/cloudflare/cfssl/cmd/cfssl@latest gencert -initca "$GITHUB_ACTION_PATH"/ca-csr.json | \
          go run github.com/cloudflare/cfssl/cmd/cfssljson@latest -bare ca -
        go run github.com/cloudflare/cfssl/cmd/cfssl@latest gencert -ca=ca.pem -ca-key=ca-key.pem \
          -config="$GITHUB_ACTION_PATH"/ca-config.json -profile=www "$GITHUB_ACTION_PATH"/dex-csr.json | \
          go run github.com/cloudflare/cfssl/cmd/cfssljson@latest -bare server

        cp "$GITHUB_ACTION_PATH"/kind_cluster.yaml ./controller/hack/kind_cluster.yaml
        make -C controller cluster

        kubectl create namespace dex
        kubectl -n dex create secret tls dex-tls \
          --cert=server.pem \
          --key=server-key.pem

        go run github.com/mikefarah/yq/v4@latest -i \
          '.jumpstarter-controller.config.authentication.jwt[0].issuer.certificateAuthority = load_str("ca.pem")' \
          "$GITHUB_ACTION_PATH"/values.kind.yaml

        # important!
        kubectl create clusterrolebinding oidc-reviewer  \
         --clusterrole=system:service-account-issuer-discovery \
         --group=system:unauthenticated

        helm repo add dex https://charts.dexidp.io
        helm install --namespace dex --wait -f "$GITHUB_ACTION_PATH"/dex.values.yaml dex dex/dex

        sudo cp ca.pem /usr/local/share/ca-certificates/dex.crt
        sudo update-ca-certificates

        echo "127.0.0.1 dex.dex.svc.cluster.local" | sudo tee -a /etc/hosts
    - name: Deploy jumpstarter controller
      shell: bash
      run: |
        cp "$GITHUB_ACTION_PATH"/values.kind.yaml ./controller/deploy/helm/jumpstarter/values.kind.yaml
        make -C controller deploy
    - name: Install jumpstarter
      shell: bash
      run: |
        uv venv
        uv pip install \
          ./jumpstarter/packages/jumpstarter-cli \
          ./jumpstarter/packages/jumpstarter-driver-composite \
          ./jumpstarter/packages/jumpstarter-driver-power \
          ./jumpstarter/packages/jumpstarter-driver-opendal
    - name: Run jumpstarter
      shell: bash
      run: |
        export ENDPOINT=$(helm get values jumpstarter --output json | jq -r '."jumpstarter-controller".grpc.endpoint')

        sudo mkdir -p /etc/jumpstarter/exporters
        sudo chown $USER /etc/jumpstarter/exporters

        export JS_NAMESPACE="jumpstarter-lab"

        . .venv/bin/activate

        export JUMPSTARTER_GRPC_INSECURE=1

        kubectl create -n "${JS_NAMESPACE}" sa test-client-sa
        kubectl create -n "${JS_NAMESPACE}" sa test-exporter-sa

        bats --show-output-of-passing-tests --verbose-run "$GITHUB_ACTION_PATH"/tests.bats