Create a default security context for Coherence Pods #1405
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright 2020, 2024, Oracle Corporation and/or its affiliates. All rights reserved. | |
| # Licensed under the Universal Permissive License v 1.0 as shown at | |
| # http://oss.oracle.com/licenses/upl. | |
| # --------------------------------------------------------------------------- | |
| # Coherence Operator GitHub Actions K8s Certification build. | |
| # --------------------------------------------------------------------------- | |
| name: K8s Certification | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches-ignore: | |
| - gh-pages | |
| - 1.0.0 | |
| - 2.x | |
| - 3.x | |
| pull_request: | |
| types: | |
| - opened | |
| - synchronize | |
| - committed | |
| branches-ignore: | |
| - gh-pages | |
| - 1.0.0 | |
| - 2.x | |
| - 3.x | |
| env: | |
| MAVEN_USER: ${{ secrets.MAVEN_USER }} | |
| MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} | |
| LOAD_KIND: true | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| matrixName: | |
| - v1.33 | |
| - v1.32 | |
| - v1.31 | |
| - v1.30 | |
| - v1.29 | |
| - v1.28 | |
| - v1.27 | |
| include: | |
| - matrixName: v1.33 | |
| k8s: kindest/node:v1.33.1@sha256:050072256b9a903bd914c0b2866828150cb229cea0efe5892e2b644d5dd3b34f | |
| kindCommand: kind-calico | |
| runNetTests: true | |
| - matrixName: v1.32 | |
| k8s: kindest/node:v1.32.5@sha256:e3b2327e3a5ab8c76f5ece68936e4cafaa82edf58486b769727ab0b3b97a5b0d | |
| kindCommand: kind-calico | |
| runNetTests: true | |
| - matrixName: v1.31 | |
| k8s: kindest/node:v1.31.9@sha256:b94a3a6c06198d17f59cca8c6f486236fa05e2fb359cbd75dabbfc348a10b211 | |
| kindCommand: kind-calico | |
| runNetTests: true | |
| - matrixName: v1.30 | |
| k8s: kindest/node:v1.30.13@sha256:397209b3d947d154f6641f2d0ce8d473732bd91c87d9575ade99049aa33cd648 | |
| kindCommand: kind-calico | |
| runNetTests: true | |
| - matrixName: v1.29 | |
| k8s: kindest/node:v1.29.12@sha256:62c0672ba99a4afd7396512848d6fc382906b8f33349ae68fb1dbfe549f70dec | |
| kindCommand: kind-calico | |
| runNetTests: true | |
| - matrixName: v1.28 | |
| k8s: kindest/node:v1.28.13@sha256:45d319897776e11167e4698f6b14938eb4d52eb381d9e3d7a9086c16c69a8110 | |
| kindCommand: kind-calico | |
| runNetTests: true | |
| - matrixName: v1.27 | |
| k8s: kindest/node:v1.27.17@sha256:3fd82731af34efe19cd54ea5c25e882985bafa2c9baefe14f8deab1737d9fabe | |
| kindCommand: kind-calico | |
| runNetTests: true | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| # This step will free up disc space on the runner by removing | |
| # lots of things that we do not need. | |
| - name: disc | |
| shell: bash | |
| run: | | |
| echo "Listing 100 largest packages" | |
| dpkg-query -Wf '${Installed-Size}\t${Package}\n' | sort -n | tail -n 100 | |
| df -h | |
| echo "Removing large packages" | |
| sudo apt-get remove -y '^dotnet-.*' || true | |
| sudo apt-get remove -y '^llvm-.*' || true | |
| sudo apt-get remove -y 'monodoc-http' || true | |
| sudo apt-get remove -y 'php.*' || true | |
| sudo apt-get remove -y azure-cli google-cloud-sdk hhvm google-chrome-stable firefox powershell mono-devel || true | |
| sudo apt-get autoremove -y || true | |
| sudo apt-get clean | |
| df -h | |
| echo "Removing large directories" | |
| rm -rf /usr/share/dotnet/ | |
| sudo rm -rf /usr/local/lib/android | |
| df -h | |
| - name: Set up JDK | |
| uses: oracle-actions/setup-java@v1 | |
| with: | |
| website: oracle.com | |
| release: 21 | |
| - name: Cache Go Modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/go/pkg/mod | |
| key: ${{ runner.os }}-go-mods-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| ${{ runner.os }}-go-mods- | |
| - name: Cache Maven packages | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.m2 | |
| key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: ${{ runner.os }}-m2 | |
| - name: Edit DNS Resolve | |
| shell: bash | |
| run: | | |
| sudo chown -R runner:runner /run/systemd/resolve/stub-resolv.conf | |
| sudo echo nameserver 8.8.8.8 > /run/systemd/resolve/stub-resolv.conf | |
| - name: Start KinD Cluster | |
| shell: bash | |
| run: | | |
| echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u $ --password-stdin | |
| make ${{ matrix.kindCommand }} KIND_IMAGE=${{ matrix.k8s }} CALICO_TIMEOUT=600s | |
| kubectl version | |
| kubectl get nodes | |
| docker pull gcr.io/distroless/java | |
| docker pull gcr.io/distroless/java11-debian11 | |
| docker pull gcr.io/distroless/java17-debian11 | |
| docker pull gcr.io/distroless/java17-debian12 | |
| docker pull gcr.io/distroless/java21-debian12 | |
| - name: Certification Tests | |
| shell: bash | |
| run: | | |
| export RUN_NET_TEST=${{ matrix.runNetTests }} | |
| ./hack/k8s-certification.sh | |
| - uses: actions/upload-artifact@v4 | |
| if: ${{ failure() || cancelled() }} | |
| with: | |
| name: test-output-${{ matrix.matrixName }} | |
| path: build/_output/test-logs | |
| if-no-files-found: ignore |