77 description : ' Use minimal test account'
88 required : false
99 default : ' false'
10- test_path :
11- description : " The path from 'test/integration' to the target to be tested, e.g. 'cli'"
10+ module :
11+ description : " The module from 'test/integration' to the target to be tested, e.g. 'cli, domains, events, etc '"
1212 required : false
1313 sha :
1414 description : ' The hash value of the commit.'
15- required : false
15+ required : true
1616 default : ' '
1717 pull_request_number :
1818 description : ' The number of the PR. Ensure sha value is provided'
2828 runs-on : ubuntu-latest
2929 if : github.event_name == 'workflow_dispatch' && inputs.sha != '' || github.event_name == 'push' || github.event_name == 'pull_request'
3030 steps :
31- - name : Validate Test Path
32- uses : actions-ecosystem/action-regex-match@v2
33- id : validate-tests
34- if : ${{ inputs.test_path != '' }}
35- with :
36- text : ${{ inputs.test_path }}
37- regex : ' [^a-z0-9-:.\/_]' # Tests validation
38- flags : gi
39-
4031 - name : Checkout Repository with SHA
4132 if : ${{ inputs.sha != '' }}
4233 uses : actions/checkout@v4
9182 pip install certifi -U && \
9283 pip install .[obj,dev]
9384
94- name : Download kubectl and calicoctl for LKE clusters
95- run : |
96- curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl"
97- curl -LO "https://github.com/projectcalico/calico/releases/download/v3.25.0/calicoctl-linux-amd64"
98- chmod +x calicoctl-linux-amd64 kubectl
99- mv calicoctl-linux-amd64 /usr/local/bin/calicoctl
100- mv kubectl /usr/local/bin/kubectl
101-
10285name : Install Package
10386 run : make install
10487 env :
@@ -112,18 +95,10 @@ jobs:
11295 run : |
11396 timestamp=$(date +'%Y%m%d%H%M')
11497 report_filename="${timestamp}_cli_test_report.xml"
115- make testint TEST_ARGS="--junitxml=${report_filename}"
116- if : ${{ steps.validate-tests.outputs.match == '' || inputs.test_path == '' }}
98+ make testint TEST_ARGS="--junitxml=${report_filename}" MODULE="${{ inputs.module }}"
11799env :
118100 LINODE_CLI_TOKEN : ${{ env.LINODE_CLI_TOKEN }}
119101
120- - name : Apply Calico Rules to LKE
121- if : always()
122- run : |
123- cd scripts && ./lke_calico_rules_e2e.sh
124- env :
125- LINODE_TOKEN : ${{ env.LINODE_CLI_TOKEN }}
126-
127102 - name : Upload test results
128103 if : always()
129104 run : |
@@ -168,10 +143,75 @@ jobs:
168143 });
169144 return result;
170145
146+ apply-calico-rules :
147+ runs-on : ubuntu-latest
148+ needs : [integration_tests]
149+ if : ${{ success() || failure() }}
150+
151+ steps :
152+ - name : Checkout code
153+ uses : actions/checkout@v4
154+ with :
155+ fetch-depth : 0
156+ submodules : ' recursive'
157+
158+ - name : Set LINODE_CLI_TOKEN
159+ run : |
160+ echo "LINODE_CLI_TOKEN=${{ secrets[inputs.use_minimal_test_account == 'true' && 'MINIMAL_LINODE_TOKEN' || 'LINODE_TOKEN'] }}" >> $GITHUB_ENV
161+
162+ name : Download kubectl and calicoctl for LKE clusters
163+ run : |
164+ curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl"
165+ curl -LO "https://github.com/projectcalico/calico/releases/download/v3.25.0/calicoctl-linux-amd64"
166+ chmod +x calicoctl-linux-amd64 kubectl
167+ mv calicoctl-linux-amd64 /usr/local/bin/calicoctl
168+ mv kubectl /usr/local/bin/kubectl
169+
170+ name : Apply Calico Rules to LKE
171+ run : |
172+ cd e2e_scripts/cloud_security_scripts/lke_calico_rules/ && ./lke_calico_rules_e2e.sh
173+ env :
174+ LINODE_TOKEN : ${{ env.LINODE_CLI_TOKEN }}
175+
176+ add-fw-to-remaining-instances :
177+ runs-on : ubuntu-latest
178+ needs : [integration_tests]
179+ if : ${{ success() || failure() }}
180+
181+ steps :
182+ - name : Set up Python
183+ uses : actions/setup-python@v5
184+ with :
185+ python-version : ' 3.x'
186+
187+ - name : Install Linode CLI
188+ run : |
189+ pip install linode-cli
190+
191+ name : Set LINODE_CLI_TOKEN
192+ run : |
193+ echo "LINODE_CLI_TOKEN=${{ secrets[inputs.use_minimal_test_account == 'true' && 'MINIMAL_LINODE_TOKEN' || 'LINODE_TOKEN'] }}" >> $GITHUB_ENV
194+
195+ name : Create Firewall and Attach to Instances
196+ run : |
197+ FIREWALL_ID=$(linode-cli firewalls create --label "e2e-fw-$(date +%s)" --rules.inbound_policy "DROP" --rules.outbound_policy "ACCEPT" --text --format=id --no-headers)
198+ echo "Created Firewall with ID: $FIREWALL_ID"
199+
200+ for instance_id in $(linode-cli linodes list --format "id" --text --no-header); do
201+ echo "Attaching firewall to instance: $instance_id"
202+ if linode-cli firewalls device-create "$FIREWALL_ID" --id "$instance_id" --type linode; then
203+ echo "Firewall attached to instance $instance_id successfully."
204+ else
205+ echo "An error occurred while attaching firewall to instance $instance_id. Skipping..."
206+ fi
207+ done
208+ env :
209+ LINODE_CLI_TOKEN : ${{ env.LINODE_CLI_TOKEN }}
210+
171211 notify-slack :
172212 runs-on : ubuntu-latest
173213 needs : [integration_tests]
174- if : always() && github.repository == 'linode/linode-cli' # Run even if integration tests fail and only on main repository
214+ if : ${{ (success() || failure()) && github.repository == 'linode/linode-cli' }} # Run even if integration tests fail and only on main repository
175215
176216 steps :
177217 - name : Notify Slack
0 commit comments