E2E Testing #594
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: E2E Testing | |
| on: | |
| push: | |
| paths-ignore: | |
| - '**.md' | |
| pull_request: | |
| paths-ignore: | |
| - '**.md' | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| schedule: | |
| - cron: "0 0 * * *" | |
| jobs: | |
| docker-build: | |
| name: Tagged Docker release to Google Artifact Registry | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - id: checkout | |
| name: Checkout | |
| uses: actions/checkout@v4 | |
| - id: commit | |
| uses: prompt/actions-commit-hash@v3 | |
| - id: auth | |
| name: Authenticate with Google Cloud | |
| uses: google-github-actions/auth@v0 | |
| with: | |
| token_format: access_token | |
| workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITY_POOL_PROVIDER_NAME }} | |
| service_account: ${{ secrets.SVC_ACCOUNT_EMAIL }} | |
| access_token_lifetime: 300s | |
| - name: Login to Artifact Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ secrets.GCP_REGION }}-docker.pkg.dev | |
| username: oauth2accesstoken | |
| password: ${{ steps.auth.outputs.access_token }} | |
| - id: docker-push-tagged | |
| name: Tag Docker image and push to Google Artifact Registry | |
| uses: docker/build-push-action@v5 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ secrets.GCP_REGION }}-docker.pkg.dev/${{ secrets.GCP_PROJECT_ID }}/${{ secrets.GCP_GAR_REPO }}/ansible-helm-apigee-hybrid-deployer:${{ steps.commit.outputs.short }} | |
| ${{ secrets.GCP_REGION }}-docker.pkg.dev/${{ secrets.GCP_PROJECT_ID }}/${{ secrets.GCP_GAR_REPO }}/ansible-helm-apigee-hybrid-deployer:latest | |
| deploy-control-plane: | |
| name: Deploy Apigee Hybrid Control Plane | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - id: checkout | |
| name: Checkout | |
| uses: actions/checkout@v4 | |
| - id: auth | |
| name: Authenticate with Google Cloud | |
| uses: google-github-actions/auth@v0 | |
| with: | |
| token_format: access_token | |
| workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITY_POOL_PROVIDER_NAME }} | |
| service_account: ${{ secrets.SVC_ACCOUNT_EMAIL }} | |
| access_token_lifetime: 300s | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v2 | |
| with: | |
| terraform_version: 1.5.2 | |
| terraform_wrapper: false | |
| - name: Run Terraform | |
| id: init | |
| run: | | |
| bash deploy_terraform.sh ${{ github.workspace }}/test/terraform/control-plane | |
| shell: bash | |
| working-directory: ./test/scripts | |
| env: | |
| TF_BACKEND_BUCKET: ${{ secrets.TF_BACKEND_BUCKET }} | |
| GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }} | |
| GCP_REGION: ${{ secrets.GCP_REGION }} | |
| deploy-runtime-plane-gke: | |
| name: Deploy GKE Cluster | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - id: checkout | |
| name: Checkout | |
| uses: actions/checkout@v4 | |
| - id: auth | |
| name: Authenticate with Google Cloud | |
| uses: google-github-actions/auth@v0 | |
| with: | |
| token_format: access_token | |
| workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITY_POOL_PROVIDER_NAME }} | |
| service_account: ${{ secrets.SVC_ACCOUNT_EMAIL }} | |
| access_token_lifetime: 300s | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v2 | |
| with: | |
| terraform_version: 1.5.2 | |
| terraform_wrapper: false | |
| - name: Run Terraform | |
| id: init | |
| run: | | |
| bash deploy_terraform.sh ${{ github.workspace }}/test/terraform/runtime-plane-gke | |
| shell: bash | |
| working-directory: ./test/scripts | |
| env: | |
| TF_BACKEND_BUCKET: ${{ secrets.TF_BACKEND_BUCKET }} | |
| GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }} | |
| GCP_REGION: ${{ secrets.GCP_REGION }} | |
| deploy-runtime-plane: | |
| name: Deploy Apigee Hybrid Single DC | |
| runs-on: self-hosted | |
| if: github.event_name == 'push' | |
| needs: | |
| - docker-build | |
| - deploy-runtime-plane-gke | |
| - deploy-control-plane | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - id: checkout | |
| name: Checkout | |
| uses: actions/checkout@v4 | |
| - id: commit | |
| uses: prompt/actions-commit-hash@v3 | |
| - id: auth | |
| name: Authenticate with Google Cloud | |
| uses: google-github-actions/auth@v0 | |
| with: | |
| token_format: access_token | |
| workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITY_POOL_PROVIDER_NAME }} | |
| service_account: ${{ secrets.SVC_ACCOUNT_EMAIL }} | |
| access_token_lifetime: 300s | |
| create_credentials_file: true | |
| - name: Login to Artifact Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ secrets.GCP_REGION }}-docker.pkg.dev | |
| username: oauth2accesstoken | |
| password: ${{ steps.auth.outputs.access_token }} | |
| - name: Run Ansible Playbook | |
| id: init | |
| run: | | |
| bash run_playbook.sh \ | |
| ${{ github.workspace }} \ | |
| ${{ steps.commit.outputs.short }} | |
| shell: bash | |
| working-directory: ./test/scripts | |
| env: | |
| TF_BACKEND_BUCKET: ${{ secrets.TF_BACKEND_BUCKET }} | |
| GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }} | |
| GCP_REGION: ${{ secrets.GCP_REGION }} | |
| GOOGLE_APPLICATION_CREDENTIALS: ${{ steps.auth.outputs.credentials_file_path }} | |
| GCP_GAR_REPO: ${{ secrets.GCP_GAR_REPO }} | |
| GCP_ACCESS_TOKEN: ${{ steps.auth.outputs.access_token }} |