From 81eaa98e17f9d1c56483507cb8823429a8b3e161 Mon Sep 17 00:00:00 2001 From: Case Wylie Date: Thu, 6 Mar 2025 18:00:25 -0500 Subject: [PATCH 1/5] chore: setup action and init Signed-off-by: Case Wylie --- .github/actions/ironbank-setup/action.yaml | 85 ++++++++++++++++++++++ 1 file changed, 85 insertions(+) create mode 100644 .github/actions/ironbank-setup/action.yaml diff --git a/.github/actions/ironbank-setup/action.yaml b/.github/actions/ironbank-setup/action.yaml new file mode 100644 index 00000000..4df5d119 --- /dev/null +++ b/.github/actions/ironbank-setup/action.yaml @@ -0,0 +1,85 @@ +# Copyright 2024 Defense Unicorns +# SPDX-License-Identifier: Apache-2.0 + +name: "Pepr Iron Bank Setup" +description: "Pepr Iron Bank Environment Setup" +inputs: + registry1Username: + description: 'IRON_BANK_ROBOT_USERNAME' + required: true + registry1Password: + description: 'IRON_BANK_ROBOT_PASSWORD' + required: true + +runs: + using: "composite" + steps: + - name: Harden Runner + uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 + with: + egress-policy: audit + + - name: Use Node.js 22 + uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0 + with: + node-version: 22 + + - name: Install k3d + shell: bash + run: curl -s https://raw.githubusercontent.com/k3d-io/k3d/main/install.sh | bash + + - name: Iron Bank Login + if: ${{ inputs.registry1Username != '' }} + env: + REGISTRY_USERNAME: ${{ inputs.registry1Username }} + REGISTRY_PASSWORD: ${{ inputs.registry1Password }} + run: echo "${{ env.REGISTRY_PASSWORD }}" | uds zarf tools registry login -u "${{ env.REGISTRY_USERNAME }}" --password-stdin registry1.dso.mil + shell: bash + + - name: Clone Pepr + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + repository: defenseunicorns/pepr + path: pepr + + - name: Set Pepr Environment Variable + shell: bash + run: echo "PEPR=${GITHUB_WORKSPACE}/pepr" >> "$GITHUB_ENV" + + - name: Clone Iron Bank Repo & Transfer Dockerfiles + shell: bash + run: | + git clone https://repo1.dso.mil/dsop/opensource/defenseunicorns/pepr/controller.git + cd controller + git checkout development + mv Dockerfile $PEPR/Dockefile.ironbank.amd + mv Dockerfile.arm $PEPR/Dockerfile.ironbank.arm + + - name: Install Pepr Dependencies + shell: bash + run: | + cd "$PEPR" + npm ci + + - name: Build Pepr Iron Bank Images + shell: bash + run: | + cd "$PEPR" + docker build -t pepr:amd -f Dockerfile.ironbank.amd . + docker build -t pepr:arm -f Dockerfile.ironbank.arm . + + - name: Import Pepr Iron Bank Images into K3d cluster + shell: bash + run: | + cd "$PEPR" + npm run build + mv pepr-0.0.0-development.tgz ${GITHUB_WORKSPACE}/pepr-0.0.0-development.tgz + docker build -t pepr:amd -f Dockerfile.ironbank.amd . + docker build -t pepr:arm -f Dockerfile.ironbank.arm . + + - name: Create K3d Cluster & Import Pepr Iron Bank Images + shell: bash + run: | + k3d cluster create iron-bank-pepr-e2es + k3d image import pepr:amd pepr:arm -c iron-bank-pepr-e2es + From c113eb748fd92585c4edd35383f1444d8d69486c Mon Sep 17 00:00:00 2001 From: Case Wylie Date: Thu, 6 Mar 2025 18:21:28 -0500 Subject: [PATCH 2/5] chore: test on fork Signed-off-by: Case Wylie --- .github/actions/ironbank-setup/action.yaml | 16 ++++-- .../pepr-excellent-examples-ironbank-amd.yml | 54 +++++++++++++++++++ .../pepr-excellent-examples-ironbank-arm.yml | 54 +++++++++++++++++++ 3 files changed, 121 insertions(+), 3 deletions(-) create mode 100644 .github/workflows/pepr-excellent-examples-ironbank-amd.yml create mode 100644 .github/workflows/pepr-excellent-examples-ironbank-arm.yml diff --git a/.github/actions/ironbank-setup/action.yaml b/.github/actions/ironbank-setup/action.yaml index 4df5d119..100644f1 100644 --- a/.github/actions/ironbank-setup/action.yaml +++ b/.github/actions/ironbank-setup/action.yaml @@ -46,14 +46,24 @@ runs: shell: bash run: echo "PEPR=${GITHUB_WORKSPACE}/pepr" >> "$GITHUB_ENV" + - name: Clone Pepr Excellent Examples + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + repository: defenseunicorns/pepr-excellent-examples + path: pepr-excellent-examples + + - name: "set env: PEPR_EXCELLENT_EXAMPLES_PATH" + shell: bash + run: echo "PEPR_EXCELLENT_EXAMPLES_PATH=${GITHUB_WORKSPACE}/pepr-excellent-examples" >> "$GITHUB_ENV" + - name: Clone Iron Bank Repo & Transfer Dockerfiles shell: bash run: | git clone https://repo1.dso.mil/dsop/opensource/defenseunicorns/pepr/controller.git cd controller - git checkout development mv Dockerfile $PEPR/Dockefile.ironbank.amd mv Dockerfile.arm $PEPR/Dockerfile.ironbank.arm + mv removeScript.js $PEPR/removeScript.js - name: Install Pepr Dependencies shell: bash @@ -65,8 +75,8 @@ runs: shell: bash run: | cd "$PEPR" - docker build -t pepr:amd -f Dockerfile.ironbank.amd . - docker build -t pepr:arm -f Dockerfile.ironbank.arm . + docker build --build-arg PEPR_BUILD_VERSION=dev pepr:amd -f Dockerfile.ironbank.amd . + docker build --build-arg PEPR_BUILD_VERSION=dev -t pepr:arm -f Dockerfile.ironbank.arm . - name: Import Pepr Iron Bank Images into K3d cluster shell: bash diff --git a/.github/workflows/pepr-excellent-examples-ironbank-amd.yml b/.github/workflows/pepr-excellent-examples-ironbank-amd.yml new file mode 100644 index 00000000..81803e35 --- /dev/null +++ b/.github/workflows/pepr-excellent-examples-ironbank-amd.yml @@ -0,0 +1,54 @@ +name: E2E - Pepr Excellent Examples - IronBank AMD Image + +permissions: + contents: read + +on: + workflow_dispatch: + schedule: + - cron: '0 6 * * *' # 2AM EST/11PM PST + +jobs: + setup: + name: controller image + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.create-matrix.outputs.matrix }} + steps: + - name: Environment setup + uses: ./.github/ironbank-actions/setup + with: + registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + + - name: create matrix + run: | + matrix=$( + node "$PEPR/.github/workflows/pepr-excellent-examples-matrix.js" "$PEPR_EXCELLENT_EXAMPLES_PATH" + ) + echo "matrix=${matrix}" >> "$GITHUB_OUTPUT" + id: create-matrix + + - name: run e2e tests + uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2 + with: + max_attempts: 3 + retry_on: error + timeout_minutes: 6 + command: | + cd "$PEPR_EXCELLENT_EXAMPLES_PATH" + npm run --workspace=${{ matrix.name }} test:e2e -- \ + --image pepr:amd \ + --custom-package ../pepr-0.0.0-development.tgz + + - name: upload artifacts (troubleshooting) + uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1 + if: always() + with: + name: "troubleshooting_logs_${{matrix.name}}" + path: | + pepr-excellent-examples/package.json + pepr-excellent-examples/package-lock.json + if-no-files-found: error + retention-days: 1 + diff --git a/.github/workflows/pepr-excellent-examples-ironbank-arm.yml b/.github/workflows/pepr-excellent-examples-ironbank-arm.yml new file mode 100644 index 00000000..4596b801 --- /dev/null +++ b/.github/workflows/pepr-excellent-examples-ironbank-arm.yml @@ -0,0 +1,54 @@ +name: E2E - Pepr Excellent Examples - IronBank ARM Image + +permissions: + contents: read + +on: + workflow_dispatch: + schedule: + - cron: '0 5 * * *' # 1AM EST/10PM PST + +jobs: + setup: + name: controller image + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.create-matrix.outputs.matrix }} + steps: + - name: Environment setup + uses: ./.github/ironbank-actions/setup + with: + registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + + - name: create matrix + run: | + matrix=$( + node "$PEPR/.github/workflows/pepr-excellent-examples-matrix.js" "$PEPR_EXCELLENT_EXAMPLES_PATH" + ) + echo "matrix=${matrix}" >> "$GITHUB_OUTPUT" + id: create-matrix + + - name: run e2e tests + uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2 + with: + max_attempts: 3 + retry_on: error + timeout_minutes: 6 + command: | + cd "$PEPR_EXCELLENT_EXAMPLES_PATH" + npm run --workspace=${{ matrix.name }} test:e2e -- \ + --image pepr:arm \ + --custom-package ../pepr-0.0.0-development.tgz + + - name: upload artifacts (troubleshooting) + uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1 + if: always() + with: + name: "troubleshooting_logs_${{matrix.name}}" + path: | + pepr-excellent-examples/package.json + pepr-excellent-examples/package-lock.json + if-no-files-found: error + retention-days: 1 + From 33ad963a31a0e6c5fd700af00d54acfb03fdcc3d Mon Sep 17 00:00:00 2001 From: Case Wylie Date: Thu, 6 Mar 2025 18:26:09 -0500 Subject: [PATCH 3/5] chore: step titles, needs some SED and GRED for Dockerfiles Signed-off-by: Case Wylie --- .../workflows/pepr-excellent-examples-ironbank-amd.yml | 10 +++++----- .../workflows/pepr-excellent-examples-ironbank-arm.yml | 10 +++++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/pepr-excellent-examples-ironbank-amd.yml b/.github/workflows/pepr-excellent-examples-ironbank-amd.yml index 81803e35..1a816410 100644 --- a/.github/workflows/pepr-excellent-examples-ironbank-amd.yml +++ b/.github/workflows/pepr-excellent-examples-ironbank-amd.yml @@ -9,8 +9,8 @@ on: - cron: '0 6 * * *' # 2AM EST/11PM PST jobs: - setup: - name: controller image + ib-amd-e2e: + name: Iron Bank AMD Image E2E Test runs-on: ubuntu-latest outputs: matrix: ${{ steps.create-matrix.outputs.matrix }} @@ -21,7 +21,7 @@ jobs: registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} - - name: create matrix + - name: Create Matrix run: | matrix=$( node "$PEPR/.github/workflows/pepr-excellent-examples-matrix.js" "$PEPR_EXCELLENT_EXAMPLES_PATH" @@ -29,7 +29,7 @@ jobs: echo "matrix=${matrix}" >> "$GITHUB_OUTPUT" id: create-matrix - - name: run e2e tests + - name: Run e2e tests uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2 with: max_attempts: 3 @@ -41,7 +41,7 @@ jobs: --image pepr:amd \ --custom-package ../pepr-0.0.0-development.tgz - - name: upload artifacts (troubleshooting) + - name: Upload artifacts (troubleshooting) uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1 if: always() with: diff --git a/.github/workflows/pepr-excellent-examples-ironbank-arm.yml b/.github/workflows/pepr-excellent-examples-ironbank-arm.yml index 4596b801..4a0d7d95 100644 --- a/.github/workflows/pepr-excellent-examples-ironbank-arm.yml +++ b/.github/workflows/pepr-excellent-examples-ironbank-arm.yml @@ -9,8 +9,8 @@ on: - cron: '0 5 * * *' # 1AM EST/10PM PST jobs: - setup: - name: controller image + ib-arm-e2e: + name: Iron Bank ARM Image E2E Test runs-on: ubuntu-latest outputs: matrix: ${{ steps.create-matrix.outputs.matrix }} @@ -21,7 +21,7 @@ jobs: registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} - - name: create matrix + - name: Create Matrix run: | matrix=$( node "$PEPR/.github/workflows/pepr-excellent-examples-matrix.js" "$PEPR_EXCELLENT_EXAMPLES_PATH" @@ -29,7 +29,7 @@ jobs: echo "matrix=${matrix}" >> "$GITHUB_OUTPUT" id: create-matrix - - name: run e2e tests + - name: Run e2e tests uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2 with: max_attempts: 3 @@ -41,7 +41,7 @@ jobs: --image pepr:arm \ --custom-package ../pepr-0.0.0-development.tgz - - name: upload artifacts (troubleshooting) + - name: Upload artifacts (troubleshooting) uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1 if: always() with: From 24a02eb65d030dd06b006376e6bca1978433bcd1 Mon Sep 17 00:00:00 2001 From: Case Wylie Date: Thu, 6 Mar 2025 18:28:26 -0500 Subject: [PATCH 4/5] chore: uses incorrect path Signed-off-by: Case Wylie --- .github/workflows/pepr-excellent-examples-ironbank-amd.yml | 2 +- .github/workflows/pepr-excellent-examples-ironbank-arm.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pepr-excellent-examples-ironbank-amd.yml b/.github/workflows/pepr-excellent-examples-ironbank-amd.yml index 1a816410..6b47c355 100644 --- a/.github/workflows/pepr-excellent-examples-ironbank-amd.yml +++ b/.github/workflows/pepr-excellent-examples-ironbank-amd.yml @@ -16,7 +16,7 @@ jobs: matrix: ${{ steps.create-matrix.outputs.matrix }} steps: - name: Environment setup - uses: ./.github/ironbank-actions/setup + uses: ./.github/actions/ironbank-setup with: registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} diff --git a/.github/workflows/pepr-excellent-examples-ironbank-arm.yml b/.github/workflows/pepr-excellent-examples-ironbank-arm.yml index 4a0d7d95..82074496 100644 --- a/.github/workflows/pepr-excellent-examples-ironbank-arm.yml +++ b/.github/workflows/pepr-excellent-examples-ironbank-arm.yml @@ -16,7 +16,7 @@ jobs: matrix: ${{ steps.create-matrix.outputs.matrix }} steps: - name: Environment setup - uses: ./.github/ironbank-actions/setup + uses: ./.github/actions/ironbank-setup with: registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} From 7bb15945e316117e4c422cdfccc42d1e243b979c Mon Sep 17 00:00:00 2001 From: Case Wylie Date: Thu, 6 Mar 2025 18:34:56 -0500 Subject: [PATCH 5/5] chore: account for untar in IB Dockerfiles Signed-off-by: Case Wylie --- .github/actions/ironbank-setup/action.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/actions/ironbank-setup/action.yaml b/.github/actions/ironbank-setup/action.yaml index 100644f1..99f3814c 100644 --- a/.github/actions/ironbank-setup/action.yaml +++ b/.github/actions/ironbank-setup/action.yaml @@ -83,6 +83,7 @@ runs: run: | cd "$PEPR" npm run build + mv pepr-0.0.0-development.tgz pepr-0.0.0-development.tar.gz mv pepr-0.0.0-development.tgz ${GITHUB_WORKSPACE}/pepr-0.0.0-development.tgz docker build -t pepr:amd -f Dockerfile.ironbank.amd . docker build -t pepr:arm -f Dockerfile.ironbank.arm .