announce community instances in cert subjects #488
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Test charts in minikube | |
| on: | |
| workflow_dispatch: | |
| pull_request: | |
| paths: | |
| - .github/workflows/miniziti.yml | |
| - run-miniziti.bash | |
| - charts/ziti-controller/** | |
| - charts/ziti-router/** | |
| - charts/httpbin/** | |
| - charts/zrok/** | |
| # cancel older, redundant runs of same workflow on same branch | |
| concurrency: | |
| group: ${{ github.workflow }}-${{github.event_name}}-${{ github.head_ref || github.ref_name }} | |
| cancel-in-progress: true | |
| jobs: | |
| compute-k8s-matrix: | |
| name: compute Kubernetes version matrix | |
| runs-on: ubuntu-24.04 | |
| outputs: | |
| matrix: ${{ steps.compute.outputs.matrix }} | |
| steps: | |
| - name: Compute top 3 Kubernetes minors from current stable | |
| id: compute | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| stable="$(curl -fsSL https://dl.k8s.io/release/stable.txt)" | |
| stable="${stable#v}" | |
| major="${stable%%.*}" | |
| rest="${stable#*.}" | |
| minor="${rest%%.*}" | |
| m0="${major}.$((minor))" | |
| m1="${major}.$((minor - 1))" | |
| m2="${major}.$((minor - 2))" | |
| matrix_json=$(jq -cn --arg m0 "$m0" --arg m1 "$m1" --arg m2 "$m2" '{"kubernetes_minor": [$m0, $m1, $m2]}') | |
| echo "matrix=${matrix_json}" >> "$GITHUB_OUTPUT" | |
| miniziti: | |
| needs: compute-k8s-matrix | |
| name: deploy to minikube ${{ matrix.kubernetes_minor }} | |
| runs-on: ubuntu-24.04 | |
| strategy: | |
| fail-fast: true | |
| matrix: ${{ fromJson(needs.compute-k8s-matrix.outputs.matrix) }} | |
| env: | |
| ZITI_NAMESPACE: miniziti | |
| steps: | |
| - name: Checkout workspace | |
| uses: actions/checkout@v4 | |
| - name: Resolve latest Ziti CLI version | |
| shell: bash | |
| run: | | |
| ZITI_CLI_TAG="$(curl -sSf https://api.github.com/repos/openziti/ziti/releases/latest | jq -r '.tag_name')" | |
| echo "ZITI_CLI_TAG=${ZITI_CLI_TAG}" >> "$GITHUB_ENV" | |
| echo "ZITI_CLI_VERSION=${ZITI_CLI_TAG#v}" >> "$GITHUB_ENV" | |
| - name: Resolve latest patch for Kubernetes minor | |
| id: resolve_k8s | |
| shell: bash | |
| run: | | |
| echo "kubernetes_version=$(curl -fsSL https://dl.k8s.io/release/stable-${{ matrix.kubernetes_minor }}.txt)" >> "$GITHUB_OUTPUT" | |
| - name: Start minikube | |
| uses: medyagh/setup-minikube@v0.0.20 | |
| with: | |
| start-args: --profile ${{ env.ZITI_NAMESPACE }} --kubernetes-version=${{ steps.resolve_k8s.outputs.kubernetes_version }} | |
| - name: Install ziti CLI | |
| uses: supplypike/setup-bin@v5 | |
| with: | |
| uri: https://github.com/openziti/ziti/releases/download/${{ env.ZITI_CLI_TAG }}/ziti-linux-amd64-${{ env.ZITI_CLI_VERSION }}.tar.gz | |
| name: ziti | |
| version: ${{ env.ZITI_CLI_VERSION }} | |
| - name: Install miniziti | |
| uses: supplypike/setup-bin@v5 | |
| with: | |
| # uri: https://get.openziti.io/miniziti.bash | |
| # uri: https://raw.githubusercontent.com/openziti/ziti/main/quickstart/kubernetes/miniziti.bash | |
| uri: https://raw.githubusercontent.com/openziti/ziti/codify-jwks-orchestration/quickstart/kubernetes/miniziti.bash | |
| name: miniziti | |
| version: codify-jwks-orchestration | |
| - name: Select test mode | |
| id: mode | |
| shell: bash | |
| run: | | |
| if [[ "${{ vars.SKIP_MINIZITI_BASELINE }}" == "true" ]]; then | |
| echo "run_baseline=false" >> "$GITHUB_OUTPUT" | |
| echo "Running upgrade-only path" | |
| else | |
| echo "run_baseline=true" >> "$GITHUB_OUTPUT" | |
| echo "Running baseline+upgrade path" | |
| fi | |
| - name: Run baseline + upgrade pipeline | |
| if: steps.mode.outputs.run_baseline == 'true' | |
| env: | |
| MINIZITI_TIMEOUT_SECS: 300 | |
| MINIZITI_VERSION: ${{ vars.MINIZITI_VERSION }} | |
| run: > | |
| bash run-miniziti.bash | |
| testvalues baseline proxy-test zrok upgrade verify proxy-test zrok-test | |
| - name: Run upgrade-only pipeline | |
| if: steps.mode.outputs.run_baseline != 'true' | |
| env: | |
| MINIZITI_TIMEOUT_SECS: 300 | |
| MINIZITI_VERSION: ${{ vars.MINIZITI_VERSION }} | |
| run: > | |
| bash run-miniziti.bash | |
| testvalues upgrade verify proxy-test zrok-test | |
| - name: Debug | |
| if: always() | |
| run: bash run-miniziti.bash debug |