From d64ce44e466fd96d04239730250f32b38ec81404 Mon Sep 17 00:00:00 2001 From: Noel Georgi Date: Thu, 5 Sep 2024 21:55:57 +0530 Subject: [PATCH] chore(ci): e2e gcp Add e2e-gcp. Also drop other CAPI stuff. Fixes: #8842 Signed-off-by: Noel Georgi --- .github/workflows/ci.yaml | 139 +++++++++++++++++- .github/workflows/integration-aws-cron.yaml | 4 +- .../integration-aws-nvidia-nonfree-cron.yaml | 4 +- .../integration-aws-nvidia-oss-cron.yaml | 4 +- .github/workflows/integration-azure-cron.yaml | 4 +- .../integration-cloud-images-cron.yaml | 4 +- .../integration-equinix-metal-cron.yaml | 4 +- .github/workflows/integration-gcp-cron.yaml | 126 ++++++++++++++++ .github/workflows/slack-notify.yaml | 3 +- .kres.yaml | 67 +++++++++ .secrets.yaml | 6 +- Makefile | 12 +- hack/cloud-image-uploader/gcp.go | 4 +- hack/test/capi/cluster-azure.yaml | 137 ----------------- hack/test/capi/secrets.yaml | 24 --- hack/test/clusterctl.yaml | 7 - hack/test/digitalrebar/bootenv.yaml | 52 ------- hack/test/digitalrebar/params.yaml | 16 -- hack/test/digitalrebar/stages.yaml | 23 --- .../talos-controlplane-profile.yaml | 15 -- .../test/digitalrebar/talos-init-profile.yaml | 15 -- .../digitalrebar/talos-worker-profile.yaml | 15 -- hack/test/digitalrebar/workflow.yaml | 15 -- hack/test/e2e-capi.sh | 39 ----- hack/test/e2e-docker.sh | 3 - hack/test/e2e-gcp-prepare.sh | 48 ++++++ hack/test/e2e-gcp.sh | 42 +----- hack/test/e2e.sh | 86 ----------- hack/test/gvisor/manifest.yaml | 15 -- hack/test/libvirt/README.md | 93 ------------ hack/test/libvirt/dnsmasq/talos0.conf | 41 ------ hack/test/libvirt/dnsmasq/tftpboot/.gitkeep | 0 hack/test/libvirt/docker-compose.yaml | 52 ------- hack/test/libvirt/haproxy/haproxy.cfg | 20 --- hack/test/libvirt/libvirt.sh | 87 ----------- hack/test/libvirt/matchbox/assets/.gitkeep | 0 .../matchbox/groups/control-plane-1.json | 8 - .../matchbox/groups/control-plane-2.json | 8 - .../matchbox/groups/control-plane-3.json | 8 - .../test/libvirt/matchbox/groups/default.json | 5 - .../matchbox/profiles/controlplane.json | 22 --- .../libvirt/matchbox/profiles/default.json | 22 --- hack/test/libvirt/matchbox/profiles/init.json | 22 --- hack/test/qemu/qemu.sh | 43 ------ hack/test/tfvars/gcp.jq | 11 ++ 45 files changed, 409 insertions(+), 966 deletions(-) create mode 100644 .github/workflows/integration-gcp-cron.yaml delete mode 100644 hack/test/capi/cluster-azure.yaml delete mode 100644 hack/test/capi/secrets.yaml delete mode 100644 hack/test/clusterctl.yaml delete mode 100644 hack/test/digitalrebar/bootenv.yaml delete mode 100644 hack/test/digitalrebar/params.yaml delete mode 100644 hack/test/digitalrebar/stages.yaml delete mode 100644 hack/test/digitalrebar/talos-controlplane-profile.yaml delete mode 100644 hack/test/digitalrebar/talos-init-profile.yaml delete mode 100644 hack/test/digitalrebar/talos-worker-profile.yaml delete mode 100644 hack/test/digitalrebar/workflow.yaml delete mode 100755 hack/test/e2e-capi.sh create mode 100755 hack/test/e2e-gcp-prepare.sh delete mode 100644 hack/test/gvisor/manifest.yaml delete mode 100644 hack/test/libvirt/README.md delete mode 100644 hack/test/libvirt/dnsmasq/talos0.conf delete mode 100644 hack/test/libvirt/dnsmasq/tftpboot/.gitkeep delete mode 100644 hack/test/libvirt/docker-compose.yaml delete mode 100644 hack/test/libvirt/haproxy/haproxy.cfg delete mode 100755 hack/test/libvirt/libvirt.sh delete mode 100644 hack/test/libvirt/matchbox/assets/.gitkeep delete mode 100644 hack/test/libvirt/matchbox/groups/control-plane-1.json delete mode 100644 hack/test/libvirt/matchbox/groups/control-plane-2.json delete mode 100644 hack/test/libvirt/matchbox/groups/control-plane-3.json delete mode 100644 hack/test/libvirt/matchbox/groups/default.json delete mode 100644 hack/test/libvirt/matchbox/profiles/controlplane.json delete mode 100644 hack/test/libvirt/matchbox/profiles/default.json delete mode 100644 hack/test/libvirt/matchbox/profiles/init.json delete mode 100755 hack/test/qemu/qemu.sh create mode 100644 hack/test/tfvars/gcp.jq diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 813d64550..343a67661 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2024-09-05T10:32:02Z by kres b5ca957. +# Generated on 2024-09-06T05:05:58Z by kres 8be5fa7. name: default concurrency: @@ -410,7 +410,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" @@ -536,7 +536,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" @@ -686,7 +686,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" @@ -836,7 +836,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" @@ -1087,7 +1087,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" @@ -1261,7 +1261,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" @@ -1440,6 +1440,129 @@ jobs: ~/.talos/clusters/**/*.log !~/.talos/clusters/**/swtpm.log retention-days: "5" + integration-gcp: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read + runs-on: + - self-hosted + - generic + if: contains(fromJSON(needs.default.outputs.labels), 'integration/gcp') + needs: + - default + steps: + - name: gather-system-info + id: system-info + uses: kenchan0130/actions-system-info@v1.3.0 + continue-on-error: true + - name: print-system-info + run: | + MEMORY_GB=$((${{ steps.system-info.outputs.totalmem }}/1024/1024/1024)) + + OUTPUTS=( + "CPU Core: ${{ steps.system-info.outputs.cpu-core }}" + "CPU Model: ${{ steps.system-info.outputs.cpu-model }}" + "Hostname: ${{ steps.system-info.outputs.hostname }}" + "NodeName: ${NODE_NAME}" + "Kernel release: ${{ steps.system-info.outputs.kernel-release }}" + "Kernel version: ${{ steps.system-info.outputs.kernel-version }}" + "Name: ${{ steps.system-info.outputs.name }}" + "Platform: ${{ steps.system-info.outputs.platform }}" + "Release: ${{ steps.system-info.outputs.release }}" + "Total memory: ${MEMORY_GB} GB" + ) + + for OUTPUT in "${OUTPUTS[@]}";do + echo "${OUTPUT}" + done + continue-on-error: true + - name: checkout + uses: actions/checkout@v4 + - name: Unshallow + run: | + git fetch --prune --unshallow + - name: Set up Docker Buildx + id: setup-buildx + uses: docker/setup-buildx-action@v3 + with: + driver: remote + endpoint: tcp://buildkit-amd64.ci.svc.cluster.local:1234 + timeout-minutes: 10 + - name: Mask secrets + run: | + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + - name: Set secrets for job + run: | + sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" + - name: Download artifacts + if: github.event_name != 'schedule' + uses: actions/download-artifact@v4 + with: + name: talos-artifacts + path: _out + - name: Fix artifact permissions + if: github.event_name != 'schedule' + run: | + xargs -a _out/executable-artifacts -I {} chmod +x {} + - name: uki-certs + if: github.event_name == 'schedule' + env: + PLATFORM: linux/amd64 + run: | + make uki-certs + - name: build + if: github.event_name == 'schedule' + env: + IMAGE_REGISTRY: registry.dev.siderolabs.io + PLATFORM: linux/amd64 + PUSH: "true" + run: | + make talosctl-linux-amd64 kernel sd-boot sd-stub initramfs installer imager talos _out/integration-test-linux-amd64 + - name: talosctl-cni-bundle + if: github.event_name == 'schedule' + run: | + make talosctl-cni-bundle + - name: images-essential + if: github.event_name == 'schedule' + env: + IMAGE_REGISTRY: registry.dev.siderolabs.io + PLATFORM: linux/amd64 + run: | + make images-essential + - name: e2e-gcp-prepare + run: | + make e2e-gcp-prepare + - name: checkout contrib + uses: actions/checkout@v4 + with: + path: _out/contrib + ref: main + repository: siderolabs/contrib + - name: setup tf + uses: hashicorp/setup-terraform@v3 + with: + terraform_wrapper: "false" + - name: tf apply + env: + TF_E2E_ACTION: apply + TF_E2E_TEST_TYPE: gcp + TF_SCRIPT_DIR: _out/contrib + run: | + make e2e-cloud-tf + - name: e2e-gcp + run: | + make e2e-gcp + - name: tf destroy + if: always() + env: + TF_E2E_ACTION: destroy + TF_E2E_TEST_TYPE: gcp + TF_SCRIPT_DIR: _out/contrib + run: | + make e2e-cloud-tf integration-image-factory: permissions: actions: read @@ -3277,7 +3400,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" diff --git a/.github/workflows/integration-aws-cron.yaml b/.github/workflows/integration-aws-cron.yaml index af7b6968b..aae47332e 100644 --- a/.github/workflows/integration-aws-cron.yaml +++ b/.github/workflows/integration-aws-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2024-05-27T16:20:10Z by kres bcb280a. +# Generated on 2024-09-05T17:53:07Z by kres 8be5fa7. name: integration-aws-cron concurrency: @@ -54,7 +54,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" diff --git a/.github/workflows/integration-aws-nvidia-nonfree-cron.yaml b/.github/workflows/integration-aws-nvidia-nonfree-cron.yaml index 7a2f90245..ba4b91f9b 100644 --- a/.github/workflows/integration-aws-nvidia-nonfree-cron.yaml +++ b/.github/workflows/integration-aws-nvidia-nonfree-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2024-08-09T09:42:44Z by kres dbf015a. +# Generated on 2024-09-05T17:53:07Z by kres 8be5fa7. name: integration-aws-nvidia-nonfree-cron concurrency: @@ -54,7 +54,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" diff --git a/.github/workflows/integration-aws-nvidia-oss-cron.yaml b/.github/workflows/integration-aws-nvidia-oss-cron.yaml index ec9b90e1b..e074e8e23 100644 --- a/.github/workflows/integration-aws-nvidia-oss-cron.yaml +++ b/.github/workflows/integration-aws-nvidia-oss-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2024-08-09T09:42:44Z by kres dbf015a. +# Generated on 2024-09-05T17:53:07Z by kres 8be5fa7. name: integration-aws-nvidia-oss-cron concurrency: @@ -54,7 +54,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" diff --git a/.github/workflows/integration-azure-cron.yaml b/.github/workflows/integration-azure-cron.yaml index 628c0cbfc..b17e5b8f5 100644 --- a/.github/workflows/integration-azure-cron.yaml +++ b/.github/workflows/integration-azure-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2024-05-27T16:20:10Z by kres bcb280a. +# Generated on 2024-09-05T17:53:07Z by kres 8be5fa7. name: integration-azure-cron concurrency: @@ -54,7 +54,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" diff --git a/.github/workflows/integration-cloud-images-cron.yaml b/.github/workflows/integration-cloud-images-cron.yaml index 019406132..1b49a2779 100644 --- a/.github/workflows/integration-cloud-images-cron.yaml +++ b/.github/workflows/integration-cloud-images-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2024-05-27T16:20:10Z by kres bcb280a. +# Generated on 2024-09-05T17:53:07Z by kres 8be5fa7. name: integration-cloud-images-cron concurrency: @@ -54,7 +54,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" diff --git a/.github/workflows/integration-equinix-metal-cron.yaml b/.github/workflows/integration-equinix-metal-cron.yaml index 109ff312e..744497270 100644 --- a/.github/workflows/integration-equinix-metal-cron.yaml +++ b/.github/workflows/integration-equinix-metal-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2024-05-27T16:20:10Z by kres bcb280a. +# Generated on 2024-09-05T17:53:07Z by kres 8be5fa7. name: integration-equinix-metal-cron concurrency: @@ -54,7 +54,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" diff --git a/.github/workflows/integration-gcp-cron.yaml b/.github/workflows/integration-gcp-cron.yaml new file mode 100644 index 000000000..f5cddcf48 --- /dev/null +++ b/.github/workflows/integration-gcp-cron.yaml @@ -0,0 +1,126 @@ +# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. +# +# Generated on 2024-09-06T05:05:58Z by kres 8be5fa7. + +name: integration-gcp-cron +concurrency: + group: ${{ github.head_ref || github.run_id }} + cancel-in-progress: true +"on": + schedule: + - cron: 30 7 * * * +jobs: + default: + runs-on: + - self-hosted + - generic + steps: + - name: gather-system-info + id: system-info + uses: kenchan0130/actions-system-info@v1.3.0 + continue-on-error: true + - name: print-system-info + run: | + MEMORY_GB=$((${{ steps.system-info.outputs.totalmem }}/1024/1024/1024)) + + OUTPUTS=( + "CPU Core: ${{ steps.system-info.outputs.cpu-core }}" + "CPU Model: ${{ steps.system-info.outputs.cpu-model }}" + "Hostname: ${{ steps.system-info.outputs.hostname }}" + "NodeName: ${NODE_NAME}" + "Kernel release: ${{ steps.system-info.outputs.kernel-release }}" + "Kernel version: ${{ steps.system-info.outputs.kernel-version }}" + "Name: ${{ steps.system-info.outputs.name }}" + "Platform: ${{ steps.system-info.outputs.platform }}" + "Release: ${{ steps.system-info.outputs.release }}" + "Total memory: ${MEMORY_GB} GB" + ) + + for OUTPUT in "${OUTPUTS[@]}";do + echo "${OUTPUT}" + done + continue-on-error: true + - name: checkout + uses: actions/checkout@v4 + - name: Unshallow + run: | + git fetch --prune --unshallow + - name: Set up Docker Buildx + id: setup-buildx + uses: docker/setup-buildx-action@v3 + with: + driver: remote + endpoint: tcp://buildkit-amd64.ci.svc.cluster.local:1234 + timeout-minutes: 10 + - name: Mask secrets + run: | + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + - name: Set secrets for job + run: | + sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" + - name: Download artifacts + if: github.event_name != 'schedule' + uses: actions/download-artifact@v4 + with: + name: talos-artifacts + path: _out + - name: Fix artifact permissions + if: github.event_name != 'schedule' + run: | + xargs -a _out/executable-artifacts -I {} chmod +x {} + - name: uki-certs + if: github.event_name == 'schedule' + env: + PLATFORM: linux/amd64 + run: | + make uki-certs + - name: build + if: github.event_name == 'schedule' + env: + IMAGE_REGISTRY: registry.dev.siderolabs.io + PLATFORM: linux/amd64 + PUSH: "true" + run: | + make talosctl-linux-amd64 kernel sd-boot sd-stub initramfs installer imager talos _out/integration-test-linux-amd64 + - name: talosctl-cni-bundle + if: github.event_name == 'schedule' + run: | + make talosctl-cni-bundle + - name: images-essential + if: github.event_name == 'schedule' + env: + IMAGE_REGISTRY: registry.dev.siderolabs.io + PLATFORM: linux/amd64 + run: | + make images-essential + - name: e2e-gcp-prepare + run: | + make e2e-gcp-prepare + - name: checkout contrib + uses: actions/checkout@v4 + with: + path: _out/contrib + ref: main + repository: siderolabs/contrib + - name: setup tf + uses: hashicorp/setup-terraform@v3 + with: + terraform_wrapper: "false" + - name: tf apply + env: + TF_E2E_ACTION: apply + TF_E2E_TEST_TYPE: gcp + TF_SCRIPT_DIR: _out/contrib + run: | + make e2e-cloud-tf + - name: e2e-gcp + run: | + make e2e-gcp + - name: tf destroy + if: always() + env: + TF_E2E_ACTION: destroy + TF_E2E_TEST_TYPE: gcp + TF_SCRIPT_DIR: _out/contrib + run: | + make e2e-cloud-tf diff --git a/.github/workflows/slack-notify.yaml b/.github/workflows/slack-notify.yaml index f403680d9..c04e3b21f 100644 --- a/.github/workflows/slack-notify.yaml +++ b/.github/workflows/slack-notify.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2024-08-24T17:38:15Z by kres 8e4bbb4. +# Generated on 2024-09-05T16:23:55Z by kres b5ca957. name: slack-notify "on": @@ -32,6 +32,7 @@ name: slack-notify - integration-aws-nvidia-oss-cron - integration-aws-nvidia-nonfree-cron - integration-azure-cron + - integration-gcp-cron - integration-equinix-metal-cron types: - completed diff --git a/.kres.yaml b/.kres.yaml index 8645b2d9a..247d51591 100644 --- a/.kres.yaml +++ b/.kres.yaml @@ -77,6 +77,7 @@ spec: - integration-aws-nvidia-oss - integration-aws-nvidia-nonfree - integration-azure + - integration-gcp - integration-equinix-metal --- kind: common.GHWorkflow @@ -1861,6 +1862,72 @@ spec: ARM_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} ARM_CLIENT_SECRET: ${{ env.AZURE_CLIENT_SECRET }} ARM_TENANT_ID: ${{ env.AZURE_TENANT_ID }} + - name: integration-gcp + buildxOptions: + enabled: true + sops: true + depends: + - default + runners: + - self-hosted + - generic # we can use generic here since the tests run against a remote talos cluster + crons: + - '30 7 * * *' + triggerLabels: + - integration/gcp + steps: + - name: download-artifacts + conditions: + - not-on-schedule + artifactStep: + type: download + artifactName: talos-artifacts + artifactPath: _out + - name: uki-certs + conditions: + - only-on-schedule + environment: + PLATFORM: linux/amd64 + - name: build + conditions: + - only-on-schedule + command: talosctl-linux-amd64 kernel sd-boot sd-stub initramfs installer imager talos _out/integration-test-linux-amd64 + environment: + PLATFORM: linux/amd64 + IMAGE_REGISTRY: registry.dev.siderolabs.io + PUSH: true + - name: talosctl-cni-bundle + conditions: + - only-on-schedule + - name: images-essential + conditions: + - only-on-schedule + environment: + PLATFORM: linux/amd64 + IMAGE_REGISTRY: registry.dev.siderolabs.io + - name: e2e-gcp-prepare + - name: checkout contrib + checkoutStep: + repository: siderolabs/contrib + ref: main + path: _out/contrib + - name: setup tf + terraformStep: true + - name: tf apply + command: e2e-cloud-tf + environment: + TF_SCRIPT_DIR: _out/contrib + TF_E2E_TEST_TYPE: gcp + TF_E2E_ACTION: apply + - name: e2e-gcp + - name: tf destroy + command: e2e-cloud-tf + conditions: + - always + environment: + TF_SCRIPT_DIR: _out/contrib + TF_E2E_TEST_TYPE: gcp + TF_E2E_ACTION: destroy - name: integration-equinix-metal buildxOptions: enabled: true diff --git a/.secrets.yaml b/.secrets.yaml index e2472ea7f..fd1ff277e 100644 --- a/.secrets.yaml +++ b/.secrets.yaml @@ -9,7 +9,7 @@ secrets: EM_PROJECT_ID: ENC[AES256_GCM,data:nPVZ+Uoul/W7UpxIoeMP1n3YhuEjq3fNKD+zoso4FBP2Obd0,iv:SSF8KZBczWvCJjZpvDo60mnoM21CrzdmmKs2reLi8w0=,tag:VKjsQSHqiQY+IzkIXO70MA==,type:str] EM_API_TOKEN: ENC[AES256_GCM,data:PnNDZTRDTubebmtAuH1sAuEp5ZwzVie5WA0AhCUk26M=,iv:5MdcOwY+QrIdkFgCXcs2rBGCXQBnhi/EDxTPWr/vCMs=,tag:mcQ9qrWPYMaPalzr/GV7pQ==,type:str] GOOGLE_PROJECT_ID: ENC[AES256_GCM,data:egcG5hIa5aq6tSRjhA==,iv:g/6pkcSJIQNNgoon6X+6DH2JaQgLKfTDpPUNFjlJ6Xg=,tag:ygF0I8bLRRbj2RdogQqxmw==,type:str] - GOOGLE_CREDENTIALS_JSON: ENC[AES256_GCM,data:o1ZMFswuXh1q4LalVO1etrrOGShA/Uv9uUPox9X6uCvBS8kmx+3ZHKKJET7nklzJ/vMse0KHYTvHblnv8IZ5KJ+7z/XhYaHMbk1WSfn5/QYmg607yvyHqtwkeas/dZGJqE8yDJMT5JQdwLD6xvIicny2dI+WWOnJnOxFwEtwlaz3FUBndzPFaFZu3guXU3dFehe1hwipRuxPyWWYPKnuWXmN+yIVDFeiQedGGGLfuIFaG35xC0s+1ixDsow52vWAu9uU6Y9C7GuWPlC5u/xKTXTF1NR7Ji33ULQTaAZPC9NKpQ+dKsasK2wHlQYQGDMGVd+aEJnZl/7lMgp0EzygFTBne1TDg3S12N75c7E7CC89viLzYDp4DYPJ9jZz4+VZbPTdKRaVh+RYTOefKLXAjvj1N+3klDV5u9rGf/hsWtG4PkfjOCeuIZMZ1lfb1OxS2AtbRB+JgIgGImv/CSq5FnRQii5KVs1/FLl/peg69chKRLNLjJekB1CUQoZhzH9/D/upF3MYAQbvuiA/YsAWCxv6nK8bYaZtHpmTX/EpCjqpZ0d3BwMiJ7jx1aiLpqqMQzm+42x3T9OhvrA8PyZKHy7BOyTgWBREpQqUzHNJ/8Y3UYcQsjUkKCUFmJsnjvs4sdSaepbTuQRqq6WdkXeDZiwiHA+sT+BqG+pUWHqtHWtt8mxGFMlJeWnjo0hKil2Lrv9sfjN+Pemo8+SJ11dqUkcweIophQIlPsWr1rfCnNOwiUdOXuUEtKTJddQWYY/t9wDjwwVKs5hHNTcSs4AfstsOfRxDNeCMKqYOzbcryjI1rhXOULSYLtP+jI0Kh0GarcudejpqlJBje566NrqDHi7F1ZfwM6jj8NuPTUt75JxgTO33sd9PtMv9u5HtS/JPyXistdLe6ul1zWfVgUYEB1G9/QexLI//PRh/6AdCwJXCCf59/TTtCq49B4PRtn8TFRnTJT8kMFCqQiPjJaqM8zBTzVR7Iq51+wKNGMsbAmK8uiQtP8EMso5K+mXQ1aHXouzM/ZXAiahI0ee1C92uGEDsJmkVHmefzuBtpKL1y7EFBfeO2jg/FyWlLOji/kjZTMlyz3pSYfZqjddhkW6MSEVeh0p1Y8v1FK5dBRS/IJo7SWg5NCkCKmAZjePJVbOfjuVyawXRyH/x5i1f7qgGkBZIRi6ddbIdZ+zivCEb7ehXkdPL/whFLtpQPSwHzpE8mxNNcs29niq3Dx3pSIz2ZsNWhr0J3bjP319o44fJaG2QgI2BJ2zeQV1LSiLL6peQ0e2Ay8bAotn/Xd+ncqKn6DbkUjiFTz2O/ZK71xHx9WNoVEisQWvYTNR4y5IL1Z8reYfAVzrxgacqhcgJJU9dTDMYVm/I3gcUbdTca3mkr0tDxtpy3ZKNZLoU/6Le/QoeJwqlbm0sz4ryobz5EetlQyQFZ0r78mYk7fZ9ROS3vI3HKC1c07bSP6vrtTuaxUymxv3zJcflztAN+32MGe+lylNMebSe8Q6sOeAQA+Zu1udoXkOA7kxP51ZpTmHyNxEKe+7NUQ7FF5Uv4s7PkivONxZdbFuh3EM5luukxF+oV4OJX51qwQvFzQzEQnawO8KD0zrOLHRRC/dwgQYCiZhdLfwBxkvpGPjZ+MF3DF3ACRKgi7KZETACMD/hyaOeIkAe11MjBHAZ9C8RBMVhzOkHORrFz6tyfDuDK5ylXa/LktKSJHv8zsfVoK1Cz6hp+RZl7gmT7L7MWv1zr5EwI2CHb5lqk8eRTAe9kVS04TIHz0q8ziw7b9qiNvclPRsJtWtZt3H+B8Nu1sYI20lq0iBdOAtGMHlgz65EVMF3X0Cs4669+fddkNmdv/Ad2nkuK2H3LVKTGI0o0hR5t/TrPNmuQqBuwx7HiBgtavReg5iHlL00YPwE8jTM7az3s5uiSndtw3YDgMxhB2S65orUeIGuEcwOoXnPV3+Xexqo3zRnIt6ryIWXKY3muINmhFtvZkVTp7KzuWt2Anbi9F2xhVn2n0GN6ODPQXEI8nwLxMh3ngmRaRD9EcX5+E2qfCouzfm/4eWKCjw/GggTP8NUjbIYPzFnfy2IIn677/kQDHUYwokItPWjiz811FMm/B6UAaKBDRME2HiVPSYJH10LvduVspaLXBx94Yr8e9inTSHSDM/8GnkdYtyNOfwn/ArwvwyrOXA3JkORIq2aNskGVWYQ5yRvbuK8CRpfo/WAZ52IaB4EmBy0R6YJrPBqlNoW0zw1wSijQZm1ZwtbxAvqY7K6sK85B9mgIVZa9EixyB9V6eU4Voe06opdSL8RE12D1sIiO0+NnDJl3BgFj0mg0Wxs8eiBVa2GnSi/+SNqpo0U15ExteW6wXq2rS7Rl/1LFdbaCDUKWn7joTIErgszrbL6G1KE92Nb07bj83R3Q2c+gvBDxWE80yPaJTLD5Xa9PC19WrgqKM5FGF9kxJ8q//NJ4MVDgA+qbdh4zB12zNBTK03/Q31d2DsNNngQGv+Lyv7Jx2nSQZLRw1gmOUq9ZEICm3LovBsXS4NDUKz4as0b0Mpp0iK6rdISkAXM0c2OJTPqwYhbFqFOf+PwxUv+YWeidgozq1qB9Dfc82OOfdZIbwKPBVJcEy+UGjg38KPq/GXLFy5FyeMepmzl+Wf+UxnWzqbM03n2qG9pb6Ur8wOtEN0NCvZ5znk3nAI5UC56VKw6edQ/M3B0GIfztcJ/agZTjgBgbovqcnNl7iv9lFGn9YVRocm/MiWHe590JaJdSySOxVIojSRJ9fSQvCAU/uHGSR5OvtY3WwVw8qjh06lnhpBWcKjwFA34wh5VLqkH6b8qke6yE3YD4/JhZWMriYsjXRPm4WUj3MrruwbSsh3EH0af9WV345WI5f29CeYkMwKdYk2ErZdQd5McOx4E1fznh2INfyiMjaQ8o1dxlvSZdx6/KC4O5F8r+UrJV7Gbr0m7ryeJK3NfSMPjMLwVCsPdCdtDTDnVbr/yLhfYQ/idlrLSBrolcrt9imEy+1axQzlR0LKZ6+EyZhkKKH45l0yU7U0R++j9/XkZWcbf+zmgYLqOe+tF3FgVSWsAE27Kw0h4dFjVeeqpdcg=,iv:R8UR53WDK3kFRbLwOvWXt0UhaaPgxBLkiSJaPSRvTVA=,tag:RdUgGICSm8P2Dh0tzSbFvw==,type:str] + GOOGLE_CREDENTIALS: ENC[AES256_GCM,data:ucHNQ0fygvZnOfa5k3J1zO99122malyCB1aDDwTSOuQZsUHrnCg5FYsxJ5RgTl5mbpityJjKQtHLcMetRVLQ/S2/aPjhbx+OgYLmlFMnJR/NmqEQzuwe8YsPSjOg9NCqucE7BBfbKItQ/PD0+x6LRKxeMO/gr6BXTkL4dwPinCV9IgVZU2CEAdbvcGvxBGKWZ0mHEIvdznN3dK2OL27K+Q+VXZDhzUPfhR5V7u5WUu+PG0QsSby/lZNYdAHpxfkS0YjfTCpukCB0Zvix6cUaorA+BHNYA1qV3nzHDuHHdR6byoGYXMWU209RVG2HKiNAQRlmTsbjr641OWHustGo+Ann9Rv2pZ7r6Q08p0M8cvn5o42TB5H3lv72Iiiru2aV9ZQHpzy1PG4PH9vfebowO2VbZ/wKpRWvc6cpPrAQfoXZCLlaiLoJ1KaVZb9Br8vjlGCHCFzytb61R8BT36M687fRerwVQSu6F5cRzfW6W3Jh5Ufo31wYqdEe2XdN0f/jDG1w0rF2xX4oScgXI/uaVrJ3zCYlVkdbnQjSmu059SmRRkfYJqri+hyDilWKKDPK3+qmBbyeJ+lxcNNugksRMfq5ms5HV70JoUCbiEQF5KzsTCw9s7O4xFYjP5ELXgwHqQbXeOxMS4+GAaN9k+p4owLkVRkO3PkWHBvs+aqCBQvsdZW8XjikNeHWHTZLq4DpOuBrtpvwID5bEPqN70ah1hU9gc9oXC4ArUU5QlqGxNkzdea/cymO7W+0JeRKKRW4G984b1xbLjjjL0Zx8VCDDDx7BTd+DrBsJUZ2CO+u2XIZX6+LNqPt9n/DQUARv13KM4hUmugjhZxx0f0mro1bXMfEfbs8micuk7qDQtKVkRApUlCEb+kEVDXMQUeetLQfUhU7c23QA8tMBHz2IoEmY5yf6CI5PfcUSI9Oldez4+JlCFPf3a2UyVR0+4VITYdBFW0dKLhjR/eYNOh3kEYERksALRYoS2XtLLquHSxRgAPki62RQOrZclfdi1+IGT17l+PyoSKOusIUkHd/y0jUHBSIBjYAZrqZ2WolYpwTMzE3hz3lMys9RbrJV653QgLCndWDXD7k+imXsyyYy1me/JHssYu6ZZ7EsPTGNezdG1/9j7X1VHYKw0DMsYXwIVEI+7/flwHExVTT10+gO+WIVnf7QdUpvsqJNsniCS82Rq9tRhIwLIiePOdV1azMBVqbI8LUBm/E9iFW+iYEuezLL5YsQFvItrNuH5wwhdFNiWrdBWz7klxb0R61/EBPPr6UvVf5d5WyCYonn9UUmUfQrzhgplfr3Qk8a5IAoaT1SW+iS1e15O8PsARGKy/AcX+mTf2v1qgiPnk5IucsZGlH9dwl2gIBbJ8d8SZPl4mGjW9UMesyZxoBTyY1OOYZ3NQSCZnvEggiI+BpIt35nwMLf71LZrXJOY/Q/s2eQBih4FsNb32wlEFcfpxrvT42deh1fatDTZP9NLldbyXWJkyxdAiziUiFtTM3rBly6mNG5hBsbKQpjzN94Tb/9oMD9RbCBcyj1e96DAsRNamqkPlRecZtdh9OuAuq2EjfsEFE9sodtbdxHwDdnR40SElw4jrJ0Ga0QNq04FmXMP86dz/h+MRUO3ldDvax/kjAjR5MRJZXr117sW6fuls268Qo14zdL/nbd9jYdHn9hheCAdM0FvohuCXSWgvoVcpKKCD8kKvgIaXvaFxxAKqWisrxTbtSFoflYzMjaP7L3lY5LlcadTSb+KJl5RVY3ERuUnirMrxVKYRZFsug+Smr5hlcbup/wEESv2aFp3JkEqQxfGxD+g3tHwW9U3KvJ7iv/GQFsikZ2UfLJ0EVAuiVu4Dv25CcxlWx/NGJ3e/FC9nWLgpwnzezsuithZZXci2bH4NvnDxA669Jq3LjwTcKMguEbWOuDBDlO9JcvZsa+0vlQKzZmrzirwLIi8hXQyTeKaHk1ahcblbaZGYoI3E13u7DiGvaQ/+4Y65UFtGusR/NmXG1B4NrGb/EG3mc60JFfIi6CBhtugwEdGYGDkymgHiIM/fb6b8UHXV/kcfnTsGweH2Lc7sR5eMP5a8D7O2P4uvwp3r2NRLwrrGunOARpo835Kx/ZCheS5XCDuiy+LEaTHjDD5cDl2RlgheMjVAcXF/pc3+Q+JBccKdw1D/aN8tYTsPiJiCW6bAOVLwOm1vaa9ecQiNxnx8gym4bYERrx+hlDExS/I+xtmmdJe/s5EqGrVImZjXSkb3LON+ktATByoQVpNjsBpVfnyR7rFcz/UdLDIX3l9IS1cZhIBtkqGSylbOXMUEhhq70qcHpuNTpGxGP30K1c5A63BQB0hpM/wyV629WHUYD1SM48niVT36wVxj356secwI6JVA3hlZp5t7F/KcIuAG1WVy/GUf+cKBWNSnniRLUJdBXSXNamG5o+CN0AXvDNyP9I/xQsrbWzPC5eBNqRL0MEJsfZlWFR6fyI+5UyLlfIh0rwYTz7BK9l1wq1TRV7YqiFpALObtGVxclfKxdFymWwEfjUCwVqw8RAETGqOwfVLvvDlZp/RGup8M2ghsql1Uu/BlrCAoaiJbF8eeuIwNx6K/sq5P8RIFXRZBmWMqewg93Ea/hUIAhubz4fZtHvlh1mbOPWUkzlPCyBPd3uM93mw6wCp6xQM3DbZfQRnKD8HPr6+CFPIn1YGZ1oftBM9mEpH7PtpwJWwDA+Wdl1VbBjUjFG4XVdWxsqbS0W7pePEW1rnqv/bGuPHctEUAXN9IGKSW953T4ChFgYXGcNEURtkknE7bMlQSDZvLS/vtn89aaaL8gnfBF8NvFkB8uQSkQfn/CvQ00GdlhI1l0CyV0+xMrerUw+20nlhC7C7aNKsyx7S8HatUIEkvD6/XPRNoGa9M6w+81JYWbbDF6DFljiiNKtWmv5BkVhWFTwimEOmqKQc6DmXbvtGqH7Pts7PXS/5k83D8eV4kPHuiKNwdU0wsdo+PGSLP+OMWF3Ygbb71Bqq6dwnfciXQi/6yCUv3WdQf2MbMzyqEy9ugXeWI4uvbh+/u5HHzhwMTzhZVoGgwXuyX+nCFPCsqdzqzn8s+TSoU=,iv:nLXpwEqTJaQnZlE0CiQl+hWlBIJGSa8tEUebXpkMWec=,tag:MZ/FJeksYkqCsLaELJDq0A==,type:str] sops: kms: [] gcp_kms: [] @@ -25,8 +25,8 @@ sops: ZE0zRWwxVzBLL3Q1WW1FNmVvc0txZm8K+GkjAq/WSduuDrsbeyqVi29Pj2IL25mA a11K/HVqTCU834uHQXjpN3keJS23v5BJGZCpOwVXyZX8f1yAm/ZQAA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-09-04T04:28:03Z" - mac: ENC[AES256_GCM,data:PHRJmUueHiv84Pt8fHAze4LWl0RiuNuKozWC/G1ixhqL055Zfe3X5Iv//0qFXDMWBy9b09IiXbd4WwsexaoLhgRE1ZBul1AObK8gsbBHf1DyjxgCek/AJNlIS3WY6NPZ9L5lwxuD0BhqbgzGw6It3rcIyx0q++Zo2UoDQyMciWA=,iv:0R2VsKSFfIzapJsqQELM7LMXvEhDmDWr1f9Amg5i4hs=,tag:ig8uLTnupsmPlgV8GEZTgA==,type:str] + lastmodified: "2024-09-05T16:58:15Z" + mac: ENC[AES256_GCM,data:/7bib7AGGFlP2l93l0Ht6r4Guxaq0sVtsDEbmyEYHYZh1NKwIy/RO0W3SwGXcQPNI9vgPjdP3lsXsUiJ0B0ADxsjWrTjZOkIHxhsBr6Yr59uTGiGOMFEYKPSK5+5ZG9dR4yu0CHyZlxHq+P1L/grsmb0ucazfWguM9y58hqpG24=,iv:ZgWz2o47PgN+3uXDzTID/IgSe/Y5fd+Ubz7MlHKgmRg=,tag:CUbJx/WHlSr5/Jpyf7ODcg==,type:str] pgp: - created_at: "2024-04-29T17:03:17Z" enc: |- diff --git a/Makefile b/Makefile index 9bf5c2c1e..53548a537 100644 --- a/Makefile +++ b/Makefile @@ -102,8 +102,6 @@ KUBECTL_VERSION ?= v1.31.0 KUBESTR_VERSION ?= v0.4.46 # renovate: datasource=github-releases depName=helm/helm HELM_VERSION ?= v3.15.4 -# renovate: datasource=github-releases depName=kubernetes-sigs/cluster-api -CLUSTERCTL_VERSION ?= 1.8.1 # renovate: datasource=github-releases depName=cilium/cilium-cli CILIUM_CLI_VERSION ?= v0.16.16 # renovate: datasource=github-releases depName=microsoft/secureboot_objects @@ -112,7 +110,6 @@ MICROSOFT_SECUREBOOT_RELEASE ?= v1.1.3 KUBECTL_URL ?= https://dl.k8s.io/release/$(KUBECTL_VERSION)/bin/$(OPERATING_SYSTEM)/amd64/kubectl KUBESTR_URL ?= https://github.com/kastenhq/kubestr/releases/download/$(KUBESTR_VERSION)/kubestr_$(subst v,,$(KUBESTR_VERSION))_Linux_amd64.tar.gz HELM_URL ?= https://get.helm.sh/helm-$(HELM_VERSION)-linux-amd64.tar.gz -CLUSTERCTL_URL ?= https://github.com/kubernetes-sigs/cluster-api/releases/download/v$(CLUSTERCTL_VERSION)/clusterctl-$(OPERATING_SYSTEM)-amd64 CILIUM_CLI_URL ?= https://github.com/cilium/cilium-cli/releases/download/$(CILIUM_CLI_VERSION)/cilium-$(OPERATING_SYSTEM)-amd64.tar.gz TESTPKGS ?= github.com/siderolabs/talos/... RELEASES ?= v1.6.7 v1.7.0 @@ -426,6 +423,7 @@ cloud-images: ## Uploads cloud images (AMIs, etc.) to the cloud registry. -e TAG=$(TAG) -e ARTIFACTS=$(ARTIFACTS) -e ABBREV_TAG=$(ABBREV_TAG) \ -e AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY \ -e AZURE_SUBSCRIPTION_ID -e AZURE_CLIENT_ID -e AZURE_CLIENT_SECRET -e AZURE_TENANT_ID \ + -e GOOGLE_PROJECT_ID -e GOOGLE_CREDENTIALS \ golang:$(GO_VERSION) \ ./hack/cloud-image-uploader.sh $(CLOUD_IMAGES_EXTRA_ARGS) @@ -492,17 +490,12 @@ $(ARTIFACTS)/helm: @curl -L "$(HELM_URL)" | tar xzf - -C $(ARTIFACTS) --strip-components=1 linux-amd64/helm @chmod +x $(ARTIFACTS)/helm -$(ARTIFACTS)/clusterctl: - @mkdir -p $(ARTIFACTS) - @curl -L -o $(ARTIFACTS)/clusterctl "$(CLUSTERCTL_URL)" - @chmod +x $(ARTIFACTS)/clusterctl - $(ARTIFACTS)/cilium: @mkdir -p $(ARTIFACTS) @curl -L "$(CILIUM_CLI_URL)" | tar xzf - -C $(ARTIFACTS) cilium @chmod +x $(ARTIFACTS)/cilium -external-artifacts: $(ARTIFACTS)/kubectl $(ARTIFACTS)/clusterctl $(ARTIFACTS)/kubestr $(ARTIFACTS)/helm $(ARTIFACTS)/cilium +external-artifacts: $(ARTIFACTS)/kubectl $(ARTIFACTS)/kubestr $(ARTIFACTS)/helm $(ARTIFACTS)/cilium e2e-%: $(ARTIFACTS)/$(INTEGRATION_TEST_DEFAULT_TARGET)-amd64 external-artifacts ## Runs the E2E test for the specified platform (e.g. e2e-docker). @$(MAKE) hack-test-$@ \ @@ -520,7 +513,6 @@ e2e-%: $(ARTIFACTS)/$(INTEGRATION_TEST_DEFAULT_TARGET)-amd64 external-artifacts KUBECTL=$(PWD)/$(ARTIFACTS)/kubectl \ KUBESTR=$(PWD)/$(ARTIFACTS)/kubestr \ HELM=$(PWD)/$(ARTIFACTS)/helm \ - CLUSTERCTL=$(PWD)/$(ARTIFACTS)/clusterctl \ CILIUM_CLI=$(PWD)/$(ARTIFACTS)/cilium provision-tests-prepare: release-artifacts $(ARTIFACTS)/$(INTEGRATION_TEST_PROVISION_DEFAULT_TARGET)-amd64 diff --git a/hack/cloud-image-uploader/gcp.go b/hack/cloud-image-uploader/gcp.go index a08aef11a..794b1af11 100644 --- a/hack/cloud-image-uploader/gcp.go +++ b/hack/cloud-image-uploader/gcp.go @@ -40,14 +40,14 @@ type GCPUploder struct { // NewGCPUploder creates a new GCPUploder. func NewGCPUploder(options Options) (*GCPUploder, error) { projectID := os.Getenv("GOOGLE_PROJECT_ID") - credentials := os.Getenv("GOOGLE_CREDENTIALS_JSON") + credentials := os.Getenv("GOOGLE_CREDENTIALS") if projectID == "" { return nil, fmt.Errorf("gcp: GOOGLE_PROJECT_ID is not set") } if credentials == "" { - return nil, fmt.Errorf("gcp: GOOGLE_CREDENTIALS_JSON is not set") + return nil, fmt.Errorf("gcp: GOOGLE_CREDENTIALS is not set") } gcpUploader := &GCPUploder{ diff --git a/hack/test/capi/cluster-azure.yaml b/hack/test/capi/cluster-azure.yaml deleted file mode 100644 index 67bc789d2..000000000 --- a/hack/test/capi/cluster-azure.yaml +++ /dev/null @@ -1,137 +0,0 @@ -apiVersion: cluster.k8s.io/v1alpha1 -kind: Cluster -metadata: - annotations: null - name: talos-e2e-{{TAG}}-azure -spec: - clusterNetwork: - pods: - cidrBlocks: - - 192.168.0.0/16 - serviceDomain: cluster.local - services: - cidrBlocks: - - 10.96.0.0/12 - providerSpec: - value: - apiVersion: talosproviderconfig/v1alpha1 - kind: TalosClusterProviderSpec - platform: - config: |- - resourcegroup: "talos" - location: "centralus" - type: azure - controlplane: - count: 3 - k8sversion: '1.16.2' ---- -apiVersion: cluster.k8s.io/v1alpha1 -kind: Machine -metadata: - labels: - cluster.k8s.io/cluster-name: talos-e2e-{{TAG}}-azure - set: master - name: talos-e2e-{{TAG}}-azure-master-0 -spec: - providerSpec: - value: - apiVersion: talosproviderconfig/v1alpha1 - kind: TalosMachineProviderSpec - platform: - config: |- - location: "centralus" - resourcegroup: "talos" - instances: - type: "Standard_A2_v2" - image: "/subscriptions/64739c64-c063-4c9d-bf2c-d1191ed8befa/resourceGroups/talos/providers/Microsoft.Compute/images/talos-e2e-{{TAG}}" - network: "talos-vnet" - subnet: "default" - disks: - size: 10 - type: azure ---- -apiVersion: cluster.k8s.io/v1alpha1 -kind: Machine -metadata: - labels: - cluster.k8s.io/cluster-name: talos-e2e-{{TAG}}-azure - set: master - name: talos-e2e-{{TAG}}-azure-master-1 -spec: - providerSpec: - value: - apiVersion: talosproviderconfig/v1alpha1 - kind: TalosMachineProviderSpec - platform: - config: |- - location: "centralus" - resourcegroup: "talos" - instances: - type: "Standard_A2_v2" - image: "/subscriptions/64739c64-c063-4c9d-bf2c-d1191ed8befa/resourceGroups/talos/providers/Microsoft.Compute/images/talos-e2e-{{TAG}}" - network: "talos-vnet" - subnet: "default" - disks: - size: 10 - type: azure ---- -apiVersion: cluster.k8s.io/v1alpha1 -kind: Machine -metadata: - labels: - cluster.k8s.io/cluster-name: talos-e2e-{{TAG}}-azure - set: master - name: talos-e2e-{{TAG}}-azure-master-2 -spec: - providerSpec: - value: - apiVersion: talosproviderconfig/v1alpha1 - kind: TalosMachineProviderSpec - platform: - config: |- - location: "centralus" - resourcegroup: "talos" - instances: - type: "Standard_A2_v2" - image: "/subscriptions/64739c64-c063-4c9d-bf2c-d1191ed8befa/resourceGroups/talos/providers/Microsoft.Compute/images/talos-e2e-{{TAG}}" - network: "talos-vnet" - subnet: "default" - disks: - size: 10 - type: azure ---- -apiVersion: cluster.k8s.io/v1alpha1 -kind: MachineDeployment -metadata: - labels: - cluster.k8s.io/cluster-name: talos-e2e-{{TAG}}-azure - set: worker - name: talos-e2e-{{TAG}}-azure-workers -spec: - replicas: 3 - selector: - matchLabels: - cluster.k8s.io/cluster-name: talos-e2e-{{TAG}}-azure - set: worker - template: - metadata: - labels: - cluster.k8s.io/cluster-name: talos-e2e-{{TAG}}-azure - set: worker - spec: - providerSpec: - value: - apiVersion: talosproviderconfig/v1alpha1 - kind: TalosMachineProviderSpec - platform: - config: |- - location: "centralus" - resourcegroup: "talos" - instances: - type: "Standard_A2_v2" - image: "/subscriptions/64739c64-c063-4c9d-bf2c-d1191ed8befa/resourceGroups/talos/providers/Microsoft.Compute/images/talos-e2e-{{TAG}}" - network: "talos-vnet" - subnet: "default" - disks: - size: 10 - type: azure diff --git a/hack/test/capi/secrets.yaml b/hack/test/capi/secrets.yaml deleted file mode 100644 index 21abcb25d..000000000 --- a/hack/test/capi/secrets.yaml +++ /dev/null @@ -1,24 +0,0 @@ -## These are just dumb, empty secrets to meet the requirements of our cluster-api provider -apiVersion: v1 -kind: Secret -metadata: - name: aws-credentials - namespace: cluster-api-provider-talos-system -data: - credentials: "{{AWS_SVC_ACCT}}" ---- -apiVersion: v1 -kind: Secret -metadata: - name: gce-credentials - namespace: cluster-api-provider-talos-system -data: - service-account.json: "{{GCE_SVC_ACCT}}" ---- -apiVersion: v1 -kind: Secret -metadata: - name: azure-credentials - namespace: cluster-api-provider-talos-system -data: - service-account.json: "{{AZURE_SVC_ACCT}}" diff --git a/hack/test/clusterctl.yaml b/hack/test/clusterctl.yaml deleted file mode 100644 index 727c38db5..000000000 --- a/hack/test/clusterctl.yaml +++ /dev/null @@ -1,7 +0,0 @@ -providers: - - name: "talos" - url: "https://github.com/siderolabs/cluster-api-bootstrap-provider-talos/releases/latest/bootstrap-components.yaml" - type: "BootstrapProvider" - - name: "talos" - url: "https://github.com/siderolabs/cluster-api-control-plane-provider-talos/releases/latest/control-plane-components.yaml" - type: "ControlPlaneProvider" diff --git a/hack/test/digitalrebar/bootenv.yaml b/hack/test/digitalrebar/bootenv.yaml deleted file mode 100644 index 5079b9760..000000000 --- a/hack/test/digitalrebar/bootenv.yaml +++ /dev/null @@ -1,52 +0,0 @@ -Validated: true -Available: true -Errors: [] -ReadOnly: false -Meta: - color: 'yellow' - feature-flags: 'change-stage-v2' - icon: 'linux' - title: 'Talos' -Endpoint: '' -Bundle: '' -Name: 'talos' -Description: 'talos' -Documentation: '' -OS: - Name: 'talos' - Family: 'talos' - Codename: '' - Version: '0.6' - IsoFile: 'talos.tar.gz' - IsoSha256: '401ec26cef179e0a66d44f020dad47f7322f4cfc84826242e9c83d6cce4f2547' - IsoUrl: 'https://github.com/siderolabs/talos/releases/download/v0.6.0/boot.tar.gz' - SupportedArchitectures: {} -Templates: - - Name: 'pxelinux' - Path: 'pxelinux.cfg/{{.Machine.HexAddress}}' - ID: 'default-pxelinux.tmpl' - Contents: '' - Meta: {} - - Name: 'ipxe' - Path: '{{.Machine.Address}}.ipxe' - ID: 'default-ipxe.tmpl' - Contents: '' - Meta: {} - - Name: 'pxelinux-mac' - Path: 'pxelinux.cfg/{{.Machine.MacAddr "pxelinux"}}' - ID: 'default-pxelinux.tmpl' - Contents: '' - Meta: {} - - Name: 'ipxe-mac' - Path: '{{.Machine.MacAddr "ipxe"}}.ipxe' - ID: 'default-ipxe.tmpl' - Contents: '' - Meta: {} -Kernel: 'vmlinuz' -Initrds: - - 'initramfs.xz' -BootParams: 'console=tty0 ip=dhcp modules=loop,squashfs nomodeset init_on_alloc=1 slab_nomerge pti=on ima_template=ima-ng ima_appraise=fix ima_hash=sha512 talos.platform=metal talos.config={{ .ProvisionerURL }}/files/{{.Param "talos/role"}}.yaml' -RequiredParams: [] -OptionalParams: - - 'talos/role' -OnlyUnknown: false diff --git a/hack/test/digitalrebar/params.yaml b/hack/test/digitalrebar/params.yaml deleted file mode 100644 index da7736831..000000000 --- a/hack/test/digitalrebar/params.yaml +++ /dev/null @@ -1,16 +0,0 @@ -Validated: true -Available: true -Errors: [] -ReadOnly: false -Meta: - color: "black" - icon: "tags" - title: "Talos role" -Endpoint: "" -Bundle: "" -Name: "talos/role" -Description: "Role of node" -Documentation: "" -Secure: false -Schema: - type: "string" \ No newline at end of file diff --git a/hack/test/digitalrebar/stages.yaml b/hack/test/digitalrebar/stages.yaml deleted file mode 100644 index 65af5562c..000000000 --- a/hack/test/digitalrebar/stages.yaml +++ /dev/null @@ -1,23 +0,0 @@ -Validated: true -Available: true -Errors: [] -ReadOnly: false -Meta: - color: 'yellow' - icon: 'spinner' - title: 'talos' -Endpoint: '' -Bundle: '' -Name: 'Talos' -Description: 'Talos' -Documentation: '' -Templates: [] -RequiredParams: - - 'talos/role' -OptionalParams: [] -Params: {} -BootEnv: 'talos' -Tasks: [] -Profiles: [] -Reboot: false -RunnerWait: true diff --git a/hack/test/digitalrebar/talos-controlplane-profile.yaml b/hack/test/digitalrebar/talos-controlplane-profile.yaml deleted file mode 100644 index 61edfe694..000000000 --- a/hack/test/digitalrebar/talos-controlplane-profile.yaml +++ /dev/null @@ -1,15 +0,0 @@ -Validated: true -Available: true -Errors: [] -ReadOnly: false -Meta: - color: "black" - icon: "tags" - title: "Talos-controlplane" -Endpoint: "" -Bundle: "" -Name: "talos-controlplane" -Description: "Talos controlplane" -Documentation: "" -Params: - talos/role: "controlplane" \ No newline at end of file diff --git a/hack/test/digitalrebar/talos-init-profile.yaml b/hack/test/digitalrebar/talos-init-profile.yaml deleted file mode 100644 index e66ec084a..000000000 --- a/hack/test/digitalrebar/talos-init-profile.yaml +++ /dev/null @@ -1,15 +0,0 @@ -Validated: true -Available: true -Errors: [] -ReadOnly: false -Meta: - color: "black" - icon: "tags" - title: "Talos-init" -Endpoint: "" -Bundle: "" -Name: "talos-init" -Description: "Talos init" -Documentation: "" -Params: - talos/role: "init" \ No newline at end of file diff --git a/hack/test/digitalrebar/talos-worker-profile.yaml b/hack/test/digitalrebar/talos-worker-profile.yaml deleted file mode 100644 index e6e57fb4c..000000000 --- a/hack/test/digitalrebar/talos-worker-profile.yaml +++ /dev/null @@ -1,15 +0,0 @@ -Validated: true -Available: true -Errors: [] -ReadOnly: false -Meta: - color: "black" - icon: "tags" - title: "Talos-worker" -Endpoint: "" -Bundle: "" -Name: "talos-worker" -Description: "Talos worker" -Documentation: "" -Params: - talos/role: "worker" \ No newline at end of file diff --git a/hack/test/digitalrebar/workflow.yaml b/hack/test/digitalrebar/workflow.yaml deleted file mode 100644 index efd5f2735..000000000 --- a/hack/test/digitalrebar/workflow.yaml +++ /dev/null @@ -1,15 +0,0 @@ -Validated: true -Available: true -Errors: [] -ReadOnly: false -Meta: - color: "Yellow" - icon: "linux" - title: "Talos" -Endpoint: "" -Bundle: "" -Name: "Talos" -Description: "Talos" -Documentation: "" -Stages: - - "Talos" \ No newline at end of file diff --git a/hack/test/e2e-capi.sh b/hack/test/e2e-capi.sh deleted file mode 100755 index 8f93d94d6..000000000 --- a/hack/test/e2e-capi.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/usr/bin/env bash - -set -eou pipefail - -source ./hack/test/e2e.sh - -export CAPI_VERSION="${CAPI_VERSION:-1.4.0}" -export CAPA_VERSION="${CAPA_VERSION:-1.5.2}" -export CAPG_VERSION="${CAPG_VERSION:-1.3.0}" - -# We need to override this here since e2e.sh will set it to ${TMP}/capi/kubeconfig. -export KUBECONFIG="/tmp/e2e/docker/kubeconfig" - -# CABPT -export CABPT_NS="cabpt-system" - -# Install envsubst -apk add --no-cache gettext - -# Env vars for cloud accounts -set +x -export GCP_B64ENCODED_CREDENTIALS=${GCE_SVC_ACCT} -export AWS_B64ENCODED_CREDENTIALS=${AWS_SVC_ACCT} -set -x - -${CLUSTERCTL} init \ - --config hack/test/clusterctl.yaml \ - --core "cluster-api:v${CAPI_VERSION}" \ - --control-plane "talos" \ - --infrastructure "aws:v${CAPA_VERSION},gcp:v${CAPG_VERSION}" \ - --bootstrap "talos" - -# Wait for the talosconfig -timeout=$(($(date +%s) + ${TIMEOUT})) -until ${KUBECTL} wait --timeout=1s --for=condition=Ready -n ${CABPT_NS} pods --all; do - [[ $(date +%s) -gt $timeout ]] && exit 1 - echo 'Waiting to CABPT pod to be available...' - sleep 5 -done diff --git a/hack/test/e2e-docker.sh b/hack/test/e2e-docker.sh index 2faa0207d..9d8e499eb 100755 --- a/hack/test/e2e-docker.sh +++ b/hack/test/e2e-docker.sh @@ -35,6 +35,3 @@ get_kubeconfig ${KUBECTL} config set-cluster e2e-docker --server https://10.5.0.2:6443 run_talos_integration_test_docker run_kubernetes_integration_test - -# Unlike other local e2e tests, we don't destroy the cluster there as it is used by CAPI and AWS/GCP e2e tests later. -# destroy_cluster diff --git a/hack/test/e2e-gcp-prepare.sh b/hack/test/e2e-gcp-prepare.sh new file mode 100755 index 000000000..cbada7477 --- /dev/null +++ b/hack/test/e2e-gcp-prepare.sh @@ -0,0 +1,48 @@ +#!/usr/bin/env bash + +set -eou pipefail + +source ./hack/test/e2e.sh + +REGION="us-central1" +ZONE="us-central1-a" +PROJECT_ID="${GOOGLE_PROJECT_ID}" + +function cloud_image_upload() { + CLOUD_IMAGES_EXTRA_ARGS=("--target-clouds=gcp" "--architectures=amd64") + + make cloud-images CLOUD_IMAGES_EXTRA_ARGS="${CLOUD_IMAGES_EXTRA_ARGS[*]}" +} + +function get_image() { + jq -r ".[] | select(.cloud == \"gcp\") | select (.arch == \"amd64\") | .id" "${ARTIFACTS}/cloud-images.json" +} + +cloud_image_upload + +GCP_IMAGE=$(get_image) + +mkdir -p "${ARTIFACTS}/e2e-gcp-generated" + +NAME_PREFIX="talos-e2e-${SHA}-gcp" + +jq --null-input \ + --arg REGION "${REGION}" \ + --arg ZONE "${ZONE}" \ + --arg PROJECT_ID "${PROJECT_ID}" \ + --arg GCP_IMAGE "${GCP_IMAGE}" \ + --arg CLUSTER_NAME "${NAME_PREFIX}" \ + --arg TALOS_VERSION_CONTRACT "${TALOS_VERSION}" \ + --arg KUBERNETES_VERSION "${KUBERNETES_VERSION}" \ + '{ + region: $REGION, + zone: $ZONE, + project_id: $PROJECT_ID, + gcp_image: $GCP_IMAGE, + cluster_name: $CLUSTER_NAME, + talos_version_contract: $TALOS_VERSION_CONTRACT, + kubernetes_version: $KUBERNETES_VERSION + }' \ + | jq -f hack/test/tfvars/gcp.jq > "${ARTIFACTS}/e2e-gcp-generated/vars.json" + +cp hack/test/tfvars/*.yaml "${ARTIFACTS}/e2e-gcp-generated" diff --git a/hack/test/e2e-gcp.sh b/hack/test/e2e-gcp.sh index 6a6bdfd53..b339bb14f 100755 --- a/hack/test/e2e-gcp.sh +++ b/hack/test/e2e-gcp.sh @@ -4,44 +4,12 @@ set -eou pipefail source ./hack/test/e2e.sh -function setup { - set +x - echo ${GCE_SVC_ACCT} | base64 -d > ${TMP}/svc-acct.json - gcloud auth activate-service-account --key-file ${TMP}/svc-acct.json - set -x +cp "${ARTIFACTS}/e2e-gcp-talosconfig" "${TALOSCONFIG}" +cp "${ARTIFACTS}/e2e-gcp-kubeconfig" "${KUBECONFIG}" - ## Cluster-wide vars - export CLUSTER_NAME=${NAME_PREFIX} - export GCP_PROJECT=siderolabs-dev - export GCP_REGION=us-central1 - export GCP_NETWORK=default - export GCP_VM_SVC_ACCOUNT=e2e-tester@${GCP_PROJECT}.iam.gserviceaccount.com +# set the talosconfig to use the first controlplane ip +CONTROLPLANE0_NODE=$(${TALOSCTL} config info -o json | jq -r '.endpoints[0]') +${TALOSCTL} config node "${CONTROLPLANE0_NODE}" - ## Control plane vars - export CONTROL_PLANE_MACHINE_COUNT=3 - export GCP_CONTROL_PLANE_MACHINE_TYPE=n1-standard-4 - export GCP_CONTROL_PLANE_VOL_SIZE=50 - export GCP_CONTROL_PLANE_IMAGE_ID=projects/${GCP_PROJECT}/global/images/talos-e2e-${SHA} - - ## Worker vars - export WORKER_MACHINE_COUNT=3 - export GCP_NODE_MACHINE_TYPE=n1-standard-4 - export GCP_NODE_VOL_SIZE=50 - export GCP_NODE_IMAGE_ID=projects/${GCP_PROJECT}/global/images/talos-e2e-${SHA} - - ## Create GCP Image - gsutil cp ${ARTIFACTS}/gcp-amd64.raw.tar.gz gs://siderolabs-e2e/gcp-${SHA}.tar.gz - gcloud --quiet --project ${GCP_PROJECT} compute images delete talos-e2e-${SHA} || true - gcloud --quiet --project ${GCP_PROJECT} compute images create talos-e2e-${SHA} --source-uri gs://siderolabs-e2e/gcp-${SHA}.tar.gz - - - ${CLUSTERCTL} generate cluster ${NAME_PREFIX} \ - --kubeconfig /tmp/e2e/docker/kubeconfig \ - --from https://github.com/siderolabs/cluster-api-templates/blob/v1beta1/gcp/standard/standard.yaml > ${TMP}/cluster.yaml - -} - -setup -create_cluster_capi gcp run_talos_integration_test run_kubernetes_integration_test diff --git a/hack/test/e2e.sh b/hack/test/e2e.sh index f213e5744..5044f0eb4 100755 --- a/hack/test/e2e.sh +++ b/hack/test/e2e.sh @@ -17,14 +17,8 @@ # - KUBECTL # - KUBESTR # - HELM -# - CLUSTERCTL # - CILIUM_CLI -# -# Some environment variables set in this file (e. g. TALOS_VERSION and KUBERNETES_VERSION) -# are referenced by https://github.com/siderolabs/cluster-api-templates. -# See other e2e-*.sh scripts. - set -eoux pipefail TMP="/tmp/e2e/${PLATFORM}" @@ -49,86 +43,6 @@ export NUM_NODES=${TEST_NUM_NODES:-6} PROVISIONER= CLUSTER_NAME= -cleanup_capi() { - ${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig delete cluster "${NAME_PREFIX}" -} - -# Create a cluster via CAPI. -function create_cluster_capi { - trap cleanup_capi EXIT - - ${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig apply -f "${TMP}/cluster.yaml" - - # Wait for first controlplane machine to have a name - timeout=$(($(date +%s) + TIMEOUT)) - until [ -n "$(${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig get machine -l cluster.x-k8s.io/control-plane,cluster.x-k8s.io/cluster-name="${NAME_PREFIX}" --all-namespaces -o json | jq -re '.items[0].metadata.name | select (.!=null)')" ]; do - [[ $(date +%s) -gt $timeout ]] && exit 1 - sleep 10 - ${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig get machine -l cluster.x-k8s.io/control-plane,cluster.x-k8s.io/cluster-name="${NAME_PREFIX}" --all-namespaces - done - - FIRST_CP_NODE=$(${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig get machine -l cluster.x-k8s.io/control-plane,cluster.x-k8s.io/cluster-name="${NAME_PREFIX}" --all-namespaces -o json | jq -r '.items[0].metadata.name') - - # Wait for first controlplane machine to have a talosconfig ref - timeout=$(($(date +%s) + TIMEOUT)) - until [ -n "$(${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig get machine "${FIRST_CP_NODE}" -o json | jq -re '.spec.bootstrap.configRef.name | select (.!=null)')" ]; do - [[ $(date +%s) -gt $timeout ]] && exit 1 - sleep 10 - done - - FIRST_CP_TALOSCONFIG=$(${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig get machine "${FIRST_CP_NODE}" -o json | jq -re '.spec.bootstrap.configRef.name') - - # Wait for talosconfig in cm then dump it out - timeout=$(($(date +%s) + TIMEOUT)) - until [ -n "$(${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig get talosconfig "${FIRST_CP_TALOSCONFIG}" -o jsonpath='{.status.talosConfig}')" ]; do - [[ $(date +%s) -gt $timeout ]] && exit 1 - sleep 10 - done - ${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig get talosconfig "${FIRST_CP_TALOSCONFIG}" -o jsonpath='{.status.talosConfig}' > "${TALOSCONFIG}" - - # Wait until we have an IP for first controlplane node - timeout=$(($(date +%s) + TIMEOUT)) - until [ -n "$(${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig get machine -o go-template --template='{{range .status.addresses}}{{if eq .type "ExternalIP"}}{{.address}}{{end}}{{end}}' "${FIRST_CP_NODE}")" ]; do - [[ $(date +%s) -gt $timeout ]] && exit 1 - sleep 10 - done - - MASTER_IP=$(${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig get machine -o go-template --template='{{range .status.addresses}}{{if eq .type "ExternalIP"}}{{.address}}{{end}}{{end}}' "${FIRST_CP_NODE}") - "${TALOSCTL}" config endpoint "${MASTER_IP}" - "${TALOSCTL}" config node "${MASTER_IP}" - - # Wait for the kubeconfig from first cp node - timeout=$(($(date +%s) + TIMEOUT)) - until get_kubeconfig; do - [[ $(date +%s) -gt $timeout ]] && exit 1 - sleep 10 - done - - # Wait for nodes to check in - timeout=$(($(date +%s) + TIMEOUT)) - until ${KUBECTL} get nodes -o go-template='{{ len .items }}' | grep "${NUM_NODES}" >/dev/null; do - [[ $(date +%s) -gt $timeout ]] && exit 1 - ${KUBECTL} get nodes -o wide && : - sleep 10 - done - - # Wait for nodes to be ready - timeout=$(($(date +%s) + TIMEOUT)) - until ${KUBECTL} wait --timeout=1s --for=condition=ready=true --all nodes > /dev/null; do - [[ $(date +%s) -gt $timeout ]] && exit 1 - ${KUBECTL} get nodes -o wide && : - sleep 10 - done - - # Verify that we have an HA controlplane - timeout=$(($(date +%s) + TIMEOUT)) - until ${KUBECTL} get nodes -l node-role.kubernetes.io/control-plane='' -o go-template='{{ len .items }}' | grep 3 > /dev/null; do - [[ $(date +%s) -gt $timeout ]] && exit 1 - ${KUBECTL} get nodes -l node-role.kubernetes.io/control-plane='' && : - sleep 10 - done -} - TEST_SHORT=() TEST_RUN=("-test.run" ".") diff --git a/hack/test/gvisor/manifest.yaml b/hack/test/gvisor/manifest.yaml deleted file mode 100644 index 17e776abc..000000000 --- a/hack/test/gvisor/manifest.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: node.k8s.io/v1 -kind: RuntimeClass -metadata: - name: gvisor -handler: runsc ---- -apiVersion: v1 -kind: Pod -metadata: - name: nginx-gvisor -spec: - runtimeClassName: gvisor - containers: - - name: nginx - image: nginx diff --git a/hack/test/libvirt/README.md b/hack/test/libvirt/README.md deleted file mode 100644 index 5b651baa0..000000000 --- a/hack/test/libvirt/README.md +++ /dev/null @@ -1,93 +0,0 @@ -# Integration Testing - -## Setup - -### Prerequisites - -- A linux machine with KVM enabled -- `docker` -- `docker-compose` -- `virt-install` -- `qemu-kvm` -- `yq` - -```bash -apt install -y virtinst qemu-kvm -curl -L https://github.com/mikefarah/yq/releases/download/2.4.1/yq_linux_amd64 -o /usr/local/bin/yq -chmod +x /usr/local/bin/yq -``` - -### Start Matchbox, Dnsmasq, and HAproxy - -```bash -docker-compose up -``` - -> Note: This will run all services in the foreground. - -### Create the VMs - -```bash -./libvirt.sh up -``` - -### Getting the Console Logs - -```bash -virsh console -``` - -### Connecting to the Nodes - -#### From the Host - -##### Setup DNS - -Append the following to `/etc/hosts`: - -```text -172.28.1.3 kubernetes.talos.dev -172.28.1.10 control-plane-1.talos.dev -172.28.1.11 control-plane-2.talos.dev -172.28.1.12 control-plane-3.talos.dev -172.28.1.13 worker-1.talos.dev -``` - -##### Setup `talosctl` and `kubectl` - -```bash -export TALOSCONFIG=$PWD/matchbox/assets/talosconfig -export KUBECONFIG=$PWD/matchbox/assets/kubeconfig -``` - -```bash -talosctl config endpoint 172.28.1.10 -talosctl kubeconfig ./matchbox/assets/kubeconfig -``` - -#### From a Container - -```bash -./libvirt.sh workspace -``` - -```bash -talosctl config endpoint 172.28.1.10 -talosctl kubeconfig . -``` - -#### Verify Connectivity - -```bash -talosctl services -kubectl get nodes -``` - -## Teardown - -To teardown the test: - -```bash -docker-compose down -./libvirt.sh down -``` diff --git a/hack/test/libvirt/dnsmasq/talos0.conf b/hack/test/libvirt/dnsmasq/talos0.conf deleted file mode 100644 index 5a862c560..000000000 --- a/hack/test/libvirt/dnsmasq/talos0.conf +++ /dev/null @@ -1,41 +0,0 @@ -# dnsmasq.conf - -no-daemon -domain=talos.dev -dhcp-range=172.28.1.50,172.28.1.99 -dhcp-option=3,172.28.0.1 -dhcp-host=52:54:00:a1:9c:ae,172.28.1.10,control-plane-1,1h -dhcp-host=52:54:00:b2:2f:86,172.28.1.11,control-plane-2,1h -dhcp-host=52:54:00:c3:61:77,172.28.1.12,control-plane-3,1h -dhcp-host=52:54:00:d7:99:c7,172.28.1.13,worker-1,1h - -enable-tftp -tftp-root=/var/lib/tftpboot - -# Legacy PXE -dhcp-match=set:bios,option:client-arch,0 -dhcp-boot=tag:bios,undionly.kpxe - -# UEFI -dhcp-match=set:efi32,option:client-arch,6 -dhcp-boot=tag:efi32,ipxe.efi - -dhcp-match=set:efibc,option:client-arch,7 -dhcp-boot=tag:efibc,ipxe.efi - -dhcp-match=set:efi64,option:client-arch,9 -dhcp-boot=tag:efi64,ipxe.efi - -# iPXE -dhcp-userclass=set:ipxe,iPXE -dhcp-boot=tag:ipxe,http://matchbox.talos.dev:8080/boot.ipxe - -log-queries -log-dhcp - -address=/matchbox.talos.dev/172.28.1.2 -address=/kubernetes.talos.dev/172.28.1.3 -address=/control-plane-1.talos.dev/172.28.1.10 -address=/control-plane-2.talos.dev/172.28.1.11 -address=/control-plane-3.talos.dev/172.28.1.12 -address=/worker-1.talos.dev/172.28.1.13 diff --git a/hack/test/libvirt/dnsmasq/tftpboot/.gitkeep b/hack/test/libvirt/dnsmasq/tftpboot/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/hack/test/libvirt/docker-compose.yaml b/hack/test/libvirt/docker-compose.yaml deleted file mode 100644 index 17a6b4e5e..000000000 --- a/hack/test/libvirt/docker-compose.yaml +++ /dev/null @@ -1,52 +0,0 @@ -version: '3.7' - -services: - dnsmasq: - container_name: dnsmasq - image: quay.io/poseidon/dnsmasq:latest - command: ['-d'] - networks: - talos: - ipv4_address: 172.28.1.1 - volumes: - - ./dnsmasq/talos0.conf:/etc/dnsmasq.conf:Z - - ./dnsmasq/tftpboot:/var/lib/tftpboot - cap_add: - - NET_ADMIN - restart: always - - matchbox: - container_name: matchbox - image: quay.io/poseidon/matchbox:latest - command: ['-address=0.0.0.0:8080', '-log-level=debug'] - networks: - talos: - ipv4_address: 172.28.1.2 - ports: - - '8080:8080' - volumes: - - ./matchbox:/var/lib/matchbox:Z - restart: always - - haproxy: - container_name: haproxy - image: haproxy:1.9.12-alpine - networks: - talos: - ipv4_address: 172.28.1.3 - ports: - - '6443:6443' - volumes: - - ./haproxy:/usr/local/etc/haproxy:ro - restart: always - -networks: - talos: - name: talos - driver: bridge - driver_opts: - com.docker.network.bridge.name: talos0 - ipam: - driver: default - config: - - subnet: 172.28.0.0/16 diff --git a/hack/test/libvirt/haproxy/haproxy.cfg b/hack/test/libvirt/haproxy/haproxy.cfg deleted file mode 100644 index 7190ec7c9..000000000 --- a/hack/test/libvirt/haproxy/haproxy.cfg +++ /dev/null @@ -1,20 +0,0 @@ -frontend k8s-api - bind 0.0.0.0:6443 - bind 127.0.0.1:6443 - mode tcp - option tcplog - timeout client 300000 - default_backend k8s-api - -backend k8s-api - mode tcp - option tcplog - option tcp-check - timeout connect 300000 - timeout server 300000 - balance roundrobin - default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100 - - server apiserver1 172.28.1.10:6443 check - server apiserver2 172.28.1.11:6443 check - server apiserver3 172.28.1.12:6443 check diff --git a/hack/test/libvirt/libvirt.sh b/hack/test/libvirt/libvirt.sh deleted file mode 100755 index 616c4e2b7..000000000 --- a/hack/test/libvirt/libvirt.sh +++ /dev/null @@ -1,87 +0,0 @@ -#!/usr/bin/env bash - -set -e - -if [ "$EUID" -ne 0 ] - then echo "Please run as root" - exit -fi - -function main { - case "$1" in - "up") up;; - "down") down;; - "workspace") workspace;; - *) - usage - exit 2 - ;; - esac -} - -function usage { - echo "USAGE: ${0##*/} " - echo "Commands:" - echo -e "\up\t\spin up QEMU/KVM nodes on the talos0 bridge" - echo -e "\down\t\tear down the QEMU/KVM nodes" - echo -e "\workspace\t\run and enter a docker container ready for talosctl and kubectl use" -} - -NODES=(control-plane-1 control-plane-2 control-plane-3 worker-1) - -INSTALLER=${INSTALLER:-ghcr.io/siderolabs/installer:latest} - -VM_MEMORY=${VM_MEMORY:-2048} -VM_DISK=${VM_DISK:-10} -CNI_URL=${CNI_URL:-https://raw.githubusercontent.com/cilium/cilium/1.6.4/install/kubernetes/quick-install.yaml} - -COMMON_VIRT_OPTS="--memory=${VM_MEMORY} --cpu=host --vcpus=1 --disk pool=default,size=${VM_DISK} --os-type=linux --os-variant=generic --noautoconsole --graphics none --events on_poweroff=preserve --rng /dev/urandom" - -CONTROL_PLANE_1_NAME=control-plane-1 -CONTROL_PLANE_1_MAC=52:54:00:a1:9c:ae - -CONTROL_PLANE_2_NAME=control-plane-2 -CONTROL_PLANE_2_MAC=52:54:00:b2:2f:86 - -CONTROL_PLANE_3_NAME=control-plane-3 -CONTROL_PLANE_3_MAC=52:54:00:c3:61:77 - -WORKER_1_NAME=worker-1 -WORKER_1_MAC=52:54:00:d7:99:c7 - -function up { - echo ${INSTALLER} - cp $PWD/../../../${ARTIFACTS}/initramfs.xz ./matchbox/assets/ - cp $PWD/../../../${ARTIFACTS}/vmlinuz ./matchbox/assets/ - cd ./matchbox/assets - $PWD/../../../../../${ARTIFACTS}/talosctl-linux-amd64 config generate --install-image ${INSTALLER} integration-test https://kubernetes.talos.dev:6443 - yq w -i init.yaml machine.install.extraKernelArgs[+] 'console=ttyS0' - yq w -i init.yaml cluster.network.cni.name 'custom' - yq w -i init.yaml cluster.network.cni.urls[+] "${CNI_URL}" - yq w -i controlplane.yaml machine.install.extraKernelArgs[+] 'console=ttyS0' - yq w -i worker.yaml machine.install.extraKernelArgs[+] 'console=ttyS0' - cd - - virt-install --name $CONTROL_PLANE_1_NAME --network=bridge:talos0,model=e1000,mac=$CONTROL_PLANE_1_MAC $COMMON_VIRT_OPTS --boot=hd,network - virt-install --name $CONTROL_PLANE_2_NAME --network=bridge:talos0,model=e1000,mac=$CONTROL_PLANE_2_MAC $COMMON_VIRT_OPTS --boot=hd,network - virt-install --name $CONTROL_PLANE_3_NAME --network=bridge:talos0,model=e1000,mac=$CONTROL_PLANE_3_MAC $COMMON_VIRT_OPTS --boot=hd,network - virt-install --name $WORKER_1_NAME --network=bridge:talos0,model=e1000,mac=$WORKER_1_MAC $COMMON_VIRT_OPTS --boot=hd,network -} - -function down { - for node in ${NODES[@]}; do - virsh destroy $node - done - for node in ${NODES[@]}; do - virsh undefine $node - done - virsh pool-refresh default - for node in ${NODES[@]}; do - virsh vol-delete --pool default $node.qcow2 - done -} - -function workspace { - docker run --rm -it -v $PWD:/workspace -v $PWD/../../../${ARTIFACTS}/talosctl-linux-amd64:/bin/talosctl:ro --network talos --dns 172.28.1.1 -w /workspace/matchbox/assets -e TALOSCONFIG='/workspace/matchbox/assets/talosconfig' -e KUBECONFIG='/workspace/matchbox/assets/kubeconfig' --entrypoint /bin/bash k8s.gcr.io/hyperkube:v1.18.3 -} - -main $@ diff --git a/hack/test/libvirt/matchbox/assets/.gitkeep b/hack/test/libvirt/matchbox/assets/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/hack/test/libvirt/matchbox/groups/control-plane-1.json b/hack/test/libvirt/matchbox/groups/control-plane-1.json deleted file mode 100644 index b2f1397d5..000000000 --- a/hack/test/libvirt/matchbox/groups/control-plane-1.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "id": "control-plane-1", - "name": "control-plane-1", - "profile": "init", - "selector": { - "mac": "52:54:00:a1:9c:ae" - } -} diff --git a/hack/test/libvirt/matchbox/groups/control-plane-2.json b/hack/test/libvirt/matchbox/groups/control-plane-2.json deleted file mode 100644 index 4186313db..000000000 --- a/hack/test/libvirt/matchbox/groups/control-plane-2.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "id": "control-plane-2", - "name": "control-plane-2", - "profile": "controlplane", - "selector": { - "mac": "52:54:00:b2:2f:86" - } -} diff --git a/hack/test/libvirt/matchbox/groups/control-plane-3.json b/hack/test/libvirt/matchbox/groups/control-plane-3.json deleted file mode 100644 index 54973b514..000000000 --- a/hack/test/libvirt/matchbox/groups/control-plane-3.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "id": "control-plane-3", - "name": "control-plane-3", - "profile": "controlplane", - "selector": { - "mac": "52:54:00:c3:61:77" - } -} diff --git a/hack/test/libvirt/matchbox/groups/default.json b/hack/test/libvirt/matchbox/groups/default.json deleted file mode 100644 index a28968761..000000000 --- a/hack/test/libvirt/matchbox/groups/default.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "id": "default", - "name": "default", - "profile": "default" -} diff --git a/hack/test/libvirt/matchbox/profiles/controlplane.json b/hack/test/libvirt/matchbox/profiles/controlplane.json deleted file mode 100644 index 1f9c3ce5f..000000000 --- a/hack/test/libvirt/matchbox/profiles/controlplane.json +++ /dev/null @@ -1,22 +0,0 @@ -{ - "id": "default", - "name": "default", - "boot": { - "kernel": "/assets/vmlinuz", - "initrd": ["/assets/initramfs.xz"], - "args": [ - "initrd=initramfs.xz", - "init_on_alloc=1", - "slab_nomerge", - "pti=on", - "ima_template=ima-ng", - "ima_appraise=fix", - "ima_hash=sha512", - "console=tty0", - "console=ttyS0", - "printk.devkmsg=on", - "talos.platform=metal", - "talos.config=http://matchbox.talos.dev:8080/assets/controlplane.yaml" - ] - } -} diff --git a/hack/test/libvirt/matchbox/profiles/default.json b/hack/test/libvirt/matchbox/profiles/default.json deleted file mode 100644 index d2273b10d..000000000 --- a/hack/test/libvirt/matchbox/profiles/default.json +++ /dev/null @@ -1,22 +0,0 @@ -{ - "id": "default", - "name": "default", - "boot": { - "kernel": "/assets/vmlinuz", - "initrd": ["/assets/initramfs.xz"], - "args": [ - "initrd=initramfs.xz", - "init_on_alloc=1", - "slab_nomerge", - "pti=on", - "ima_template=ima-ng", - "ima_appraise=fix", - "ima_hash=sha512", - "console=tty0", - "console=ttyS0", - "printk.devkmsg=on", - "talos.platform=metal", - "talos.config=http://matchbox.talos.dev:8080/assets/worker.yaml" - ] - } -} diff --git a/hack/test/libvirt/matchbox/profiles/init.json b/hack/test/libvirt/matchbox/profiles/init.json deleted file mode 100644 index 4618be32f..000000000 --- a/hack/test/libvirt/matchbox/profiles/init.json +++ /dev/null @@ -1,22 +0,0 @@ -{ - "id": "default", - "name": "default", - "boot": { - "kernel": "/assets/vmlinuz", - "initrd": ["/assets/initramfs.xz"], - "args": [ - "initrd=initramfs.xz", - "init_on_alloc=1", - "slab_nomerge", - "pti=on", - "ima_template=ima-ng", - "ima_appraise=fix", - "ima_hash=sha512", - "console=tty0", - "console=ttyS0", - "printk.devkmsg=on", - "talos.platform=metal", - "talos.config=http://matchbox.talos.dev:8080/assets/init.yaml" - ] - } -} diff --git a/hack/test/qemu/qemu.sh b/hack/test/qemu/qemu.sh deleted file mode 100755 index e45f38d13..000000000 --- a/hack/test/qemu/qemu.sh +++ /dev/null @@ -1,43 +0,0 @@ -#!/usr/bin/env bash - -set -e - -: ${TALOS_QEMU_ROOT:="/tmp"} - -case $(uname -s) in - Linux*) - ACCEL=kvm - ;; - - Darwin*) - ACCEL=hvf - ;; - *) - exit 1 - ;; -esac - -KERNEL="_out/vmlinuz-amd64" -INITRD="_out/initramfs-amd64.xz" -IMAGE="$TALOS_QEMU_ROOT/rootfs.qcow2" -ISO="$TALOS_QEMU_ROOT/iso/config.iso" - -talosctl gen config -o ${TALOS_QEMU_ROOT}/iso qemu https://10.254.0.10 -cp ${TALOS_QEMU_ROOT}/iso/init.yaml ${TALOS_QEMU_ROOT}/iso/config.yaml -mkisofs -joliet -rock -volid 'metal-iso' -output ${ISO} ${TALOS_QEMU_ROOT}/iso -qemu-img create -f qcow2 ${IMAGE} 8G - -qemu-system-x86_64 \ - -m 2048 \ - -accel ${ACCEL} \ - -cpu max \ - -smp 2 \ - -hda ${IMAGE} \ - -netdev user,id=talos,ipv4=on,net=10.254.0.0/24,dhcpstart=10.254.0.10,hostfwd=tcp::50000-:50000,hostfwd=tcp::6443-:6443,hostname=master-1 \ - -device virtio-net,netdev=talos \ - -nographic \ - -serial mon:stdio \ - -cdrom ${ISO} \ - -append "talos.platform=metal init_on_alloc=1 slab_nomerge pti=on printk.devkmsg=on earlyprintk=serial,tty0,keep console=tty0 talos.config=metal-iso" \ - -kernel ${KERNEL} \ - -initrd ${INITRD} diff --git a/hack/test/tfvars/gcp.jq b/hack/test/tfvars/gcp.jq new file mode 100644 index 000000000..aee923e94 --- /dev/null +++ b/hack/test/tfvars/gcp.jq @@ -0,0 +1,11 @@ +{ + "project": .project_id, + "region": .region, + "zone": .zone, + "cluster_name": .cluster_name, + "talos_version_contract": .talos_version_contract, + "kubernetes_version": .kubernetes_version, + "control_plane": { + "image": .gcp_image, + } +}