From 1b908d939eb8614a2211aee40ff181719d73267a Mon Sep 17 00:00:00 2001 From: Benjamin Schimke Date: Tue, 4 Jun 2024 08:32:17 +0200 Subject: [PATCH] Add autoupdate/moonray to GitHub workflows --- .github/workflows/go.yaml | 3 +- .github/workflows/integration.yaml | 1 + .github/workflows/moonray.yaml | 33 +++++++++ .github/workflows/python.yaml | 1 + .github/workflows/sbom.yaml | 1 + .../patches/moonray/0001-Moonray.patch | 73 +++++++++++++++++++ build-scripts/patches/moonray/apply | 10 +++ 7 files changed, 121 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/moonray.yaml create mode 100644 build-scripts/patches/moonray/0001-Moonray.patch create mode 100755 build-scripts/patches/moonray/apply diff --git a/.github/workflows/go.yaml b/.github/workflows/go.yaml index 946e566aae..799acad062 100644 --- a/.github/workflows/go.yaml +++ b/.github/workflows/go.yaml @@ -5,13 +5,14 @@ on: branches: - main - autoupdate/strict + - autoupdate/moonray - 'release-[0-9]+.[0-9]+' - 'autoupdate/release-[0-9]+.[0-9]+-strict' - 'autoupdate/sync/**' pull_request: permissions: - contents: read + contents: read jobs: test: diff --git a/.github/workflows/integration.yaml b/.github/workflows/integration.yaml index e309e5e6e7..2ba44214a1 100644 --- a/.github/workflows/integration.yaml +++ b/.github/workflows/integration.yaml @@ -5,6 +5,7 @@ on: branches: - main - autoupdate/strict + - autoupdate/moonray - 'release-[0-9]+.[0-9]+' - 'autoupdate/release-[0-9]+.[0-9]+-strict' - 'autoupdate/sync/**' diff --git a/.github/workflows/moonray.yaml b/.github/workflows/moonray.yaml new file mode 100644 index 0000000000..f8f481f0d6 --- /dev/null +++ b/.github/workflows/moonray.yaml @@ -0,0 +1,33 @@ +name: Auto-update moonray branch + +on: + push: + branches: + - main + # TODO: remove before merge + pull_request: + +permissions: + contents: read + +jobs: + update: + permissions: + contents: write # for Git to git push + runs-on: ubuntu-22.04 + steps: + - name: Harden Runner + uses: step-security/harden-runner@v2 + with: + egress-policy: audit + - name: Sync ${{ github.ref }} to autoupdate/moonray + uses: actions/checkout@v4 + with: + ssh-key: ${{ secrets.DEPLOY_KEY_TO_UPDATE_STRICT_BRANCH }} + - name: Apply moonray patch + run: | + git checkout -b autoupdate/moonray + ./build-scripts/patches/moonray/apply + - name: Push to autoupdate/moonray + run: | + git push origin --force autoupdate/moonray diff --git a/.github/workflows/python.yaml b/.github/workflows/python.yaml index 65028fbbb6..2ccb0979f5 100644 --- a/.github/workflows/python.yaml +++ b/.github/workflows/python.yaml @@ -5,6 +5,7 @@ on: branches: - main - autoupdate/strict + - autoupdate/moonray - 'release-[0-9]+.[0-9]+' - 'autoupdate/release-[0-9]+.[0-9]+-strict' - 'autoupdate/sync/**' diff --git a/.github/workflows/sbom.yaml b/.github/workflows/sbom.yaml index d3f0eab883..846a19e764 100644 --- a/.github/workflows/sbom.yaml +++ b/.github/workflows/sbom.yaml @@ -5,6 +5,7 @@ on: branches: - main - autoupdate/strict + - autoupdate/moonray - 'release-[0-9]+.[0-9]+' - 'autoupdate/release-[0-9]+.[0-9]+-strict' - 'autoupdate/sync/**' diff --git a/build-scripts/patches/moonray/0001-Moonray.patch b/build-scripts/patches/moonray/0001-Moonray.patch new file mode 100644 index 0000000000..00091243d4 --- /dev/null +++ b/build-scripts/patches/moonray/0001-Moonray.patch @@ -0,0 +1,73 @@ +From bc1f724eb7219c8b8221663d6398e370c9a15842 Mon Sep 17 00:00:00 2001 +From: Benjamin Schimke +Date: Tue, 4 Jun 2024 15:19:13 +0200 +Subject: [PATCH] Moonray + +--- + tests/integration/tests/test_cilium_e2e.py | 54 ---------------------- + 1 file changed, 54 deletions(-) + delete mode 100644 tests/integration/tests/test_cilium_e2e.py + +diff --git a/tests/integration/tests/test_cilium_e2e.py b/tests/integration/tests/test_cilium_e2e.py +deleted file mode 100644 +index cf2735e..0000000 +--- a/tests/integration/tests/test_cilium_e2e.py ++++ /dev/null +@@ -1,54 +0,0 @@ +-# +-# Copyright 2024 Canonical, Ltd. +-# +-import logging +-import platform +-from typing import List +- +-import pytest +-from test_util import config, harness, util +- +-LOG = logging.getLogger(__name__) +- +-ARCH = platform.machine() +-CILIUM_CLI_ARCH_MAP = {"aarch64": "arm64", "x86_64": "amd64"} +-CILIUM_CLI_VERSION = "v0.16.3" +-CILIUM_CLI_TAR_GZ = f"https://github.com/cilium/cilium-cli/releases/download/{CILIUM_CLI_VERSION}/cilium-linux-{CILIUM_CLI_ARCH_MAP.get(ARCH)}.tar.gz" # noqa +- +- +-@pytest.mark.skipif( +- ARCH not in CILIUM_CLI_ARCH_MAP, reason=f"Platform {ARCH} not supported" +-) +-def test_cilium_e2e(instances: List[harness.Instance]): +- instance = instances[0] +- instance.exec(["bash", "-c", "mkdir -p ~/.kube"]) +- instance.exec(["bash", "-c", "k8s config > ~/.kube/config"]) +- +- # Download cilium-cli +- instance.exec(["curl", "-L", CILIUM_CLI_TAR_GZ, "-o", "cilium.tar.gz"]) +- instance.exec(["tar", "xvzf", "cilium.tar.gz"]) +- instance.exec(["./cilium", "version", "--client"]) +- +- instance.exec(["k8s", "status", "--wait-ready"]) +- +- util.wait_for_dns(instance) +- util.wait_for_network(instance) +- +- # Run cilium e2e tests +- e2e_args = [] +- if config.SUBSTRATE == "lxd": +- # NOTE(neoaggelos): disable "no-unexpected-packet-drops" on LXD as it fails: +- # [=] Test [no-unexpected-packet-drops] [1/61] +- # [-] Scenario [no-unexpected-packet-drops/no-unexpected-packet-drops] +- # Found unexpected packet drops: +- # { +- # "labels": { +- # "direction": "INGRESS", +- # "reason": "VLAN traffic disallowed by VLAN filter" +- # }, +- # "name": "cilium_drop_count_total", +- # "value": 4 +- # } +- e2e_args.extend(["--test", "!no-unexpected-packet-drops"]) +- +- instance.exec(["./cilium", "connectivity", "test", *e2e_args]) +-- +2.34.1 + diff --git a/build-scripts/patches/moonray/apply b/build-scripts/patches/moonray/apply new file mode 100755 index 0000000000..8ad97ea73c --- /dev/null +++ b/build-scripts/patches/moonray/apply @@ -0,0 +1,10 @@ +#!/bin/bash -xe + +DIR="$(realpath "$(dirname "${0}")")" + +# Configure git author +git config user.email k8s-bot@canonical.com +git config user.name k8s-bot + +# Apply strict patch +git am "${DIR}/0001-Moonray.patch"