Support setting a custom CA certificate for S3 object storage #1605
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "End-to-end tests" | |
on: | |
push: | |
branches: [ main ] | |
pull_request: | |
branches: [ main ] | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
cancel-in-progress: true | |
jobs: | |
e2e-tests: | |
name: End-to-end tests | |
runs-on: ubuntu-22.04 | |
strategy: | |
matrix: | |
# The e2e tests are run on the lowest and highest supported k8s version. | |
# All Kubernetes version in between expose the same APIs, hence the operator | |
# should be compatible with them. | |
kube-version: | |
- "1.21" | |
- "1.27" | |
steps: | |
- name: Set up Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: "1.20" | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v3 | |
- name: "install kuttl" | |
run: ./hack/install/install-kuttl.sh | |
- name: "run tests" | |
env: | |
KUBE_VERSION: ${{ matrix.kube-version }} | |
run: make prepare-e2e e2e KUBE_VERSION=$KUBE_VERSION | |
upgrade-tests: | |
name: Upgrade tests | |
runs-on: ubuntu-22.04 | |
strategy: | |
matrix: | |
kube-version: | |
- "1.27" | |
steps: | |
- name: Set up Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: "1.20" | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Start kind | |
run: kind create cluster --config kind-${{ matrix.kube-version }}.yaml --wait 5m | |
- name: Start a local container registry with TLS | |
run: | | |
# install mkcert | |
curl -JLO "https://dl.filippo.io/mkcert/latest?for=linux/amd64" | |
chmod +x mkcert-v*-linux-amd64 | |
sudo cp mkcert-v*-linux-amd64 /usr/local/bin/mkcert | |
# create and install root CA in system store | |
sudo mkcert -install | |
sudo systemctl restart docker | |
# copy root CA in kind's system store | |
sudo docker cp $(sudo mkcert -CAROOT)/rootCA.pem kind-control-plane:/usr/local/share/ca-certificates/mkcert.crt | |
docker exec kind-control-plane update-ca-certificates | |
docker exec kind-control-plane systemctl restart containerd | |
# generate cert for registry | |
mkdir -p /tmp/localregistry/certs | |
sudo mkcert -cert-file /tmp/localregistry/certs/tls.crt -key-file /tmp/localregistry/certs/tls.key localregistry | |
# make registry reachable | |
echo $(dig +short $(hostname) | head -n1) localregistry | sudo tee -a /etc/hosts | |
# start registry | |
docker run -d \ | |
--restart=always \ | |
--name registry \ | |
-v /tmp/localregistry/certs:/certs \ | |
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/tls.crt \ | |
-e REGISTRY_HTTP_TLS_KEY=/certs/tls.key \ | |
-p 5000:5000 \ | |
registry:2 | |
- name: Install kuttl, OLM and minio | |
run: | | |
./hack/install/install-kuttl.sh | |
make olm-install deploy-minio | |
- name: Build and push operator and bundle image to local container registry | |
run: | | |
export LATEST_TAG=$(git describe --tags --abbrev=0) | |
export BUNDLE_IMGS=ghcr.io/grafana/tempo-operator/tempo-operator-bundle:${LATEST_TAG},localregistry:5000/tempo-operator-bundle:v100.0.0 | |
make bundle docker-build docker-push bundle-build bundle-push catalog-build catalog-push | |
env: | |
IMG_PREFIX: localregistry:5000 | |
OPERATOR_VERSION: 100.0.0 | |
- name: Run tests | |
run: make e2e-upgrade | |
env: | |
UPGRADE_FROM_CATALOG: quay.io/operatorhubio/catalog:latest | |
UPGRADE_TO_CATALOG: localregistry:5000/tempo-operator-catalog:v100.0.0 | |
UPGRADE_TO_VERSION: 100.0.0 |