Skip to content

Commit b867995

Browse files
JancisJancis
committed
drupal chart test build
1 parent b03a4e4 commit b867995

File tree

3 files changed

+304
-0
lines changed

3 files changed

+304
-0
lines changed

.github/workflows/pull-request.yml

Lines changed: 244 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,244 @@
1+
# Create minikube test deployments on different kubernetes versions
2+
name: Silta chart tests
3+
4+
on:
5+
# Run for pull requests, but there's an additional draft filter later on
6+
pull_request:
7+
types: [opened, synchronize, reopened, ready_for_review]
8+
9+
# Allows you to run this workflow manually from the Actions tab
10+
workflow_dispatch:
11+
12+
# schedule:
13+
# # Run compatability tests each Monday at 9
14+
# - cron: '0 9 * * 1'
15+
16+
jobs:
17+
minikube-test:
18+
name: Minikube
19+
runs-on: ubuntu-latest
20+
strategy:
21+
matrix:
22+
# Available minikube kubernetes version list:
23+
# "minikube config defaults kubernetes-version"
24+
# and https://kubernetes.io/releases/patch-releases/
25+
kubernetes-version: ["1.28.3"]
26+
# kubernetes-version: ["v1.22.17", "v1.23.17", "v1.24.17", "v1.25.16", "1.26.11", "1.27.8", "1.28.4", "latest"]
27+
env:
28+
CLUSTER_DOMAIN: minikube.local.wdr.io
29+
K8S_PROJECT_REPO_DIR: k8s-project-repositories
30+
if: github.event.pull_request.draft == false
31+
steps:
32+
- uses: actions/checkout@v4
33+
- name: Silta CLI setup
34+
run: |
35+
mkdir -p ~/.local/bin
36+
37+
# Latest tagged release
38+
latest_release_url=$(curl -s https://api.github.com/repos/wunderio/silta-cli/releases/latest | jq -r '.assets[] | .browser_download_url | select(endswith("linux-amd64.tar.gz"))')
39+
curl -sL $latest_release_url | tar xz -C ~/.local/bin
40+
41+
silta version
42+
- name: Helm and repository setup
43+
run: |
44+
# Install Helm 3
45+
HELM_VERSION=v3.6.3
46+
curl -o /tmp/helm.tar.gz https://get.helm.sh/helm-${HELM_VERSION}-linux-amd64.tar.gz \
47+
&& tar -zxvf /tmp/helm.tar.gz -C /tmp \
48+
&& mv /tmp/linux-amd64/helm ~/.local/bin/helm \
49+
&& helm repo add jetstack https://charts.jetstack.io \
50+
&& helm repo add instana https://agents.instana.io/helm \
51+
&& helm repo add nfs-subdir-external-provisioner https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner \
52+
&& helm repo add twun https://helm.twun.io \
53+
&& helm repo add bitnami https://charts.bitnami.com/bitnami \
54+
&& helm repo add wunderio https://storage.googleapis.com/charts.wdr.io \
55+
&& helm repo add percona https://percona.github.io/percona-helm-charts/ \
56+
&& helm repo add mysql-operator https://mysql.github.io/mysql-operator/ \
57+
&& helm repo add elastic https://helm.elastic.co \
58+
&& helm repo add codecentric https://codecentric.github.io/helm-charts \
59+
&& helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx \
60+
&& helm repo add nginx-stable https://helm.nginx.com/stable \
61+
&& helm plugin install https://github.com/quintush/helm-unittest --version 0.2.4 \
62+
&& helm repo update
63+
64+
- name: Download and start minikube
65+
run: |
66+
CLUSTER_DOCKER_REGISTRY=registry.${CLUSTER_DOMAIN}:80
67+
68+
curl -Lo ~/.local/bin/minikube https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 && chmod +x ~/.local/bin/minikube
69+
minikube version
70+
minikube start \
71+
--kubernetes-version "${{ matrix.kubernetes-version }}" \
72+
--insecure-registry "${CLUSTER_DOCKER_REGISTRY}" \
73+
--cni auto \
74+
--wait all
75+
# Could use "medyagh/setup-minikube" but it does not have a way to pass "--insecure-registry" flag
76+
# https://github.com/medyagh/setup-minikube/pull/33
77+
# - name: Start minikube 1.21.14
78+
# with:
79+
# # "stable" for the latest stable build, or "latest" for the latest development build
80+
# kubernetes-version: v1.21.14
81+
# insecure-registry: "registry.minikube.local.wdr.io:80"
82+
# uses: medyagh/setup-minikube@master
83+
- name: MetalLB setup
84+
run: |
85+
MINIKUBE_IP=$(minikube ip)
86+
87+
##############
88+
# MetalLB setup
89+
# https://github.com/kubernetes/minikube/issues/10307#issuecomment-1024575716
90+
91+
METALLB_IP_START=${MINIKUBE_IP}
92+
METALLB_IP_END=${MINIKUBE_IP}
93+
94+
minikube addons enable metallb
95+
sleep 10
96+
97+
# Patch MetalLB config with updated IP address range
98+
kubectl apply -f - -n metallb-system << EOF
99+
apiVersion: v1
100+
kind: ConfigMap
101+
metadata:
102+
name: config
103+
namespace: metallb-system
104+
data:
105+
config: |
106+
address-pools:
107+
- name: default
108+
protocol: layer2
109+
addresses:
110+
- ${METALLB_IP_START}-${METALLB_IP_END}
111+
EOF
112+
113+
# # Patch MetalLB images to use the correct registry
114+
# # Workaround for https://github.com/metallb/metallb/issues/1862
115+
# # Remove once this is tagged and released (> v1.29.0)
116+
# # https://github.com/kubernetes/minikube/pull/16056
117+
# image="quay.io/metallb/controller:v0.9.6@sha256:6932cf255dd7f06f550c7f106b9a206be95f847ab8cb77aafac7acd27def0b00"
118+
# kubectl scale -n metallb-system deployment/controller --replicas=0
119+
# kubectl patch deployment -n metallb-system controller --type=json -p='[{"op": "replace", "path": "/spec/template/spec/containers/0/image", "value": "'${image}'"}]'
120+
# kubectl scale -n metallb-system deployment/controller --replicas=1
121+
# image="quay.io/metallb/speaker:v0.9.6@sha256:7a400205b4986acd3d2ff32c29929682b8ff8d830837aff74f787c757176fa9f"
122+
# kubectl patch daemonset -n metallb-system speaker --type=json -p='[{"op": "replace", "path": "/spec/template/spec/containers/0/image", "value": "'${image}'"}]'
123+
124+
sleep 5
125+
126+
NAMESPACE=metallb-system
127+
APP=metallb
128+
TIMEOUT=30s
129+
130+
function metallb_logs() {
131+
echo "Timed out waiting for ${COMPONENT} to become ready"
132+
kubectl get events -n ${NAMESPACE}
133+
kubectl logs --sort-by='.metadata.creationTimestamp' -l app=${APP} -l component=${COMPONENT} -n ${NAMESPACE}
134+
exit 1
135+
}
136+
137+
for COMPONENT in controller speaker
138+
do
139+
kubectl wait \
140+
--for condition=ready pod \
141+
-l app=${APP} -l component=${COMPONENT} \
142+
-n ${NAMESPACE} \
143+
--timeout=${TIMEOUT} || metallb_logs
144+
done
145+
146+
- name: silta-cluster chart setup and test
147+
run: |
148+
149+
MINIKUBE_IP=$(minikube ip)
150+
151+
helm upgrade --install \
152+
cert-manager jetstack/cert-manager \
153+
--namespace cert-manager \
154+
--create-namespace \
155+
--version v1.8.0 \
156+
--set installCRDs=true \
157+
--set global.logLevel=1 \
158+
--wait
159+
160+
helm upgrade --install silta-cluster wunderio/silta-cluster \
161+
--create-namespace \
162+
--namespace silta-cluster \
163+
--set clusterDomain=${CLUSTER_DOMAIN} \
164+
--values silta-cluster/minikube.yml \
165+
--wait
166+
167+
# Cluster landing page test
168+
curl --resolve ${CLUSTER_DOMAIN}:443:${MINIKUBE_IP} https://${CLUSTER_DOMAIN} -ILk --fail
169+
curl --resolve ${CLUSTER_DOMAIN}:80:${MINIKUBE_IP} --resolve ${CLUSTER_DOMAIN}:443:${MINIKUBE_IP} http://${CLUSTER_DOMAIN} -IL --fail
170+
171+
- name: Build Drupal chart images, deploy and test
172+
run: |
173+
174+
MINIKUBE_IP=$(minikube ip)
175+
CLUSTER_DOCKER_REGISTRY=registry.${CLUSTER_DOMAIN}:80
176+
177+
# Composer install
178+
# PHP_COMPOSER_VERSION=2.1.12
179+
# php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" && \
180+
# php composer-setup.php --version=${PHP_COMPOSER_VERSION} --install-dir=$HOME/.local/bin --filename=composer && \
181+
# php -r "unlink('composer-setup.php');" && \
182+
# composer --version
183+
184+
composer install -n --prefer-dist --ignore-platform-reqs --optimize-autoloader
185+
186+
# Tunnel to in-cluster docker registry. Required due to docker push inability to use selfsigned/insecure repositories that ain't local
187+
# Find a free port. Credit: stefanobaghino / https://unix.stackexchange.com/posts/423052/revisions
188+
DOCKER_REGISTRY_PORT=$(comm -23 <(seq 5000 6000 | sort) <(ss -Htan | awk '{print $4}' | cut -d':' -f2 | sort -u) | shuf | head -n 1)
189+
BRIDGED_DOCKER_REGISTRY="localhost:${DOCKER_REGISTRY_PORT}"
190+
kubectl -n silta-cluster port-forward service/silta-cluster-docker-registry $DOCKER_REGISTRY_PORT:80 2>&1 >/dev/null &
191+
192+
# Build images
193+
194+
NGINX_IMAGE=/drupal-project-k8s/test-drupal-nginx:latest
195+
PHP_IMAGE=/drupal-project-k8s/test-drupal-php:latest
196+
SHELL_IMAGE=/drupal-project-k8s/test-drupal-shell:latest
197+
198+
docker build --tag ${BRIDGED_DOCKER_REGISTRY}${NGINX_IMAGE} -f "silta/nginx.Dockerfile" ./web
199+
docker image push ${BRIDGED_DOCKER_REGISTRY}${NGINX_IMAGE}
200+
201+
docker build --tag ${BRIDGED_DOCKER_REGISTRY}${PHP_IMAGE} -f "silta/php.Dockerfile" .
202+
docker image push ${BRIDGED_DOCKER_REGISTRY}${PHP_IMAGE}
203+
204+
docker build --tag ${BRIDGED_DOCKER_REGISTRY}${SHELL_IMAGE} -f "silta/shell.Dockerfile" .
205+
docker image push ${BRIDGED_DOCKER_REGISTRY}${SHELL_IMAGE}
206+
207+
# Dependency build for local chart
208+
helm dependency build "./charts/drupal"
209+
210+
# Chart unit tests
211+
helm unittest ./charts/drupal --helm3
212+
213+
# Dry-run drupal chart with test values
214+
helm install --dry-run --generate-name ./charts/drupal --values charts/drupal/test.values.yaml
215+
216+
silta ci release deploy \
217+
--release-name test \
218+
--chart-name ./charts/drupal \
219+
--branchname test \
220+
--silta-environment-name test \
221+
--nginx-image-url ${CLUSTER_DOCKER_REGISTRY}${NGINX_IMAGE} \
222+
--php-image-url ${CLUSTER_DOCKER_REGISTRY}${PHP_IMAGE} \
223+
--shell-image-url ${CLUSTER_DOCKER_REGISTRY}${SHELL_IMAGE} \
224+
--cluster-domain "${CLUSTER_DOMAIN}" \
225+
--cluster-type minikube \
226+
--db-root-pass "rootpw" \
227+
--db-user-pass "dbpw" \
228+
--gitauth-username "test" \
229+
--gitauth-password "test" \
230+
--namespace drupal-project-k8s \
231+
--helm-flags "--set ssl.issuer=selfsigned" \
232+
--silta-config silta/silta.yml,silta/silta.minikube.yml
233+
--deployment-timeout 15m
234+
235+
kubectl exec -it deploy/test-shell -n drupal-project-k8s -- drush si -y
236+
237+
# Web request test
238+
curl http://test.drupal-project-k8s.${CLUSTER_DOMAIN} \
239+
--user silta:demo --location-trusted \
240+
--head --insecure --location \
241+
--resolve test.drupal-project-k8s.${CLUSTER_DOMAIN}:80:${MINIKUBE_IP} \
242+
--resolve test.drupal-project-k8s.${CLUSTER_DOMAIN}:443:${MINIKUBE_IP} \
243+
--retry 5 --retry-delay 5 \
244+
--fail

silta-cluster/minikube.yml

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
traefik:
2+
replicas: 1
3+
ssl:
4+
enabled: true
5+
service:
6+
annotations:
7+
metallb.universe.tf/allow-shared-ip: "shared"
8+
# metallb shared ip works only with "Cluster" TP
9+
externalTrafficPolicy: Cluster
10+
11+
ssl:
12+
enabled: true
13+
email: [email protected]
14+
issuer: selfsigned
15+
16+
csi-rclone:
17+
enabled: true
18+
params:
19+
remote: "s3"
20+
remotePath: "projectname"
21+
22+
# Minio as S3 provider
23+
s3-provider: "Minio"
24+
s3-endpoint: "http://silta-cluster-minio:9000"
25+
# Default credentials of minio chart https://github.com/minio/charts/blob/master/minio/values.yaml
26+
s3-access-key-id: "YOURACCESSKEY"
27+
s3-secret-access-key: "YOURSECRETKEY"
28+
# nodePlugin:
29+
# kubeletBasePath: "/var/snap/microk8s/common/var/lib/kubelet"
30+
31+
minio:
32+
enabled: true
33+
resources:
34+
requests:
35+
memory: 512M
36+
persistence:
37+
size: 5Gi
38+
39+
gitAuth:
40+
enabled: true
41+
port: 2222
42+
keyserver:
43+
enabled: false
44+
authorizedKeys: []
45+
annotations:
46+
metallb.universe.tf/allow-shared-ip: "shared"
47+
# metallb shared ip works only with "Cluster" TP
48+
externalTrafficPolicy: Cluster
49+
50+
sshKeyServer:
51+
enabled: false
52+
53+
# Deployment remover
54+
deploymentRemover:
55+
enabled: false
56+
57+
docker-registry:
58+
enabled: true
59+
secrets:
60+
htpasswd: false

silta/silta.minikube.yml

Whitespace-only changes.

0 commit comments

Comments
 (0)