ci: skeleton #4
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: OpenShift Operator certification pipeline | |
| on: | |
| push: | |
| workflow_dispatch: | |
| inputs: | |
| aws_region: | |
| description: 'AWS region' | |
| default: 'us-east-1' | |
| type: choice | |
| options: | |
| - 'us-east-1' | |
| - 'us-east-2' | |
| - 'us-west-2' | |
| - 'us-west-1' | |
| - 'eu-west-1' | |
| - 'eu-central-1' | |
| - 'sa-east-1' | |
| - 'ap-northeast-1' | |
| - 'ap-southeast-1' | |
| - 'ap-southeast-2' | |
| - 'ap-northeast-2' | |
| ocp_version: | |
| description: 'Openshift version' | |
| default: 'ocp-4-17' | |
| type: choice | |
| options: | |
| - 'ocp-4-14' | |
| - 'ocp-4-15' | |
| - 'ocp-4-16' | |
| - 'ocp-4-17' | |
| cilium_version: | |
| description: 'Cilium Version to use (ex: 1.16.4)' | |
| default: "1.16.4" | |
| required: true | |
| is_released: | |
| description: 'Is this version released ? No: `-ci` will be added to cilium_version' | |
| required: false | |
| type: boolean | |
| default: false | |
| run_tests: | |
| description: 'Run tests on the deployed cluster' | |
| required: false | |
| type: boolean | |
| default: false | |
| do_not_destroy: | |
| description: 'Do not destroy the cluster' | |
| required: false | |
| type: boolean | |
| default: false | |
| permissions: | |
| contents: read | |
| id-token: write | |
| pull-requests: read | |
| statuses: write | |
| env: | |
| TERRAFORM_VERSION: 1.10.3 | |
| TEKTON_VERSION: 0.39.0 | |
| OC_VERSION: 4.17.0 | |
| PULL_SECRET_FILE: pull_secret.json | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 120 | |
| steps: | |
| - name: Checkout workflow context branch | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| persist-credentials: false | |
| - name: Install Terraform | |
| uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # 3.1.2 | |
| with: | |
| terraform_version: "${{ env.TERRAFORM_VERSION }}" | |
| terraform_wrapper: false | |
| - name: Install Tekton CLI | |
| run: | | |
| curl -LO https://github.com/tektoncd/cli/releases/download/v${{ env.TEKTON_VERSION }}/tkn_${{ env.TEKTON_VERSION }}_Linux_x86_64.tar.gz | |
| sudo tar xvzf tkn_${{ env.TEKTON_VERSION }}_Linux_x86_64.tar.gz -C /usr/local/bin/ tkn | |
| - name: Checkout OpenShift CuTE repository | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| repository: isovalent/cute-openshift-aws | |
| token: ${{ secrets.READ_PRIVATE_REPOSITORIES }} # TODO: replace with ISOVALENT_BOT_READ_PRIVATE_REPOSITORIES | |
| path: ocp | |
| - name: Install CLI tools from OpenShift Mirror | |
| uses: redhat-actions/openshift-tools-installer@v1 | |
| with: | |
| source: "mirror" | |
| oc: "${{ env.OC_VERSION }}" | |
| - name: Install OC CLI | |
| uses: redhat-actions/oc-installer@35b60c3f9757ae4301521556e1b75ff6f59f8d7c # v1.2 | |
| with: | |
| oc_version: '${{ env.OC_VERSION }}' | |
| - name: Configure terraform variables | |
| working-directory: ./ocp/${{ inputs.ocp_version }} | |
| run: | | |
| # TODO: replace RH_PULL_SECRET secret | |
| echo '${{ secrets.RH_PULL_SECRET }}' | python -m json.tool > ${{ env.PULL_SECRET_FILE }} | |
| cat > terraform.tfvars<<EOF | |
| cluster_name = "ocp-cert" | |
| owner = "ci" | |
| pull_secret_path = "${{ env.PULL_SECRET_FILE }}" | |
| base_domain = "ci.covalent.lol" | |
| worker_instance_type = "m5.xlarge" | |
| create_subscription = false | |
| install_tetragon = false | |
| EOF | |
| cat terraform.tfvars | |
| - name: Test | |
| working-directory: ./ocp/${{ inputs.ocp_version }} | |
| run: | | |
| echo "testing..." | |
| pwd | |
| ls -lah | |
| ls -lah .. | |
| oc version | |
| terraform version | |
| tkn version | |
| - name: Clean | |
| if: always() | |
| timeout-minutes: 60 | |
| working-directory: ./ocp/${{ inputs.ocp_version }} | |
| run: | | |
| rm ${{ env.PULL_SECRET_FILE }} |