chore(deps): bump @tootallnate/once from 2.0.0 to 2.0.1 in /ui/apps/platform #4417
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: e2e-db-backup-restore-test | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - master | |
| pull_request: | |
| types: | |
| - opened | |
| - reopened | |
| - labeled | |
| - synchronize | |
| defaults: | |
| run: | |
| shell: bash | |
| jobs: | |
| wait-for-images: | |
| if: >- | |
| !github.event.pull_request.head.repo.fork && ( | |
| github.event_name != 'pull_request' || | |
| contains(github.event.pull_request.labels.*.name, 'e2e-db-backup-restore-test') | |
| ) | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # ratchet:actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{ github.event.pull_request.head.sha || github.sha }} | |
| - uses: ./.github/actions/handle-tagged-build | |
| - name: Compute build tag | |
| id: build-tag | |
| run: echo "tag=${MAIN_IMAGE_TAG:-"$(make --quiet --no-print-directory tag)"}" | tee -a "$GITHUB_ENV" | |
| - name: Wait for images | |
| uses: stackrox/actions/release/wait-for-image@9238e423c3ae1ac4eb0f254cbb98da9daae24d86 # ratchet:stackrox/actions/release/wait-for-image@v1 | |
| with: | |
| token: ${{ secrets.QUAY_RHACS_ENG_BEARER_TOKEN }} | |
| image: | | |
| rhacs-eng/main:${{ env.tag }} | |
| rhacs-eng/central-db:${{ env.tag }} | |
| rhacs-eng/scanner-v4:${{ env.tag }} | |
| rhacs-eng/scanner-v4-db:${{ env.tag }} | |
| rhacs-eng/collector:${{ env.tag }} | |
| gke-db-backup-restore-test: | |
| needs: [ wait-for-images ] | |
| if: >- | |
| !github.event.pull_request.head.repo.fork && ( | |
| github.event_name != 'pull_request' || | |
| contains(github.event.pull_request.labels.*.name, 'e2e-db-backup-restore-test') | |
| ) | |
| runs-on: ubuntu-latest | |
| env: | |
| USE_GKE_GCLOUD_AUTH_PLUGIN: "True" | |
| INFRA_TOKEN: ${{ secrets.INFRA_TOKEN }} | |
| CLUSTER_NAME: e2e-dbbr-${{ github.run_id }}-${{ github.run_attempt }} | |
| CI_JOB_NAME: gke-db-backup-restore-test | |
| ARTIFACT_DIR: ./junit-reports/ | |
| LOAD_BALANCER: lb | |
| timeout-minutes: 60 | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # ratchet:actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{ github.event.pull_request.head.sha || github.sha }} | |
| - uses: ./.github/actions/job-preamble | |
| with: | |
| gcp-account: ${{ secrets.GCP_SERVICE_ACCOUNT_STACKROX_CI }} | |
| - name: Trigger test cluster creation | |
| uses: stackrox/actions/infra/create-cluster@9238e423c3ae1ac4eb0f254cbb98da9daae24d86 # ratchet:stackrox/actions/infra/create-cluster@v1 | |
| with: | |
| token: ${{ secrets.INFRA_TOKEN }} | |
| flavor: gke-default | |
| name: ${{ env.CLUSTER_NAME }} | |
| lifespan: 1h | |
| args: nodes=3,machine-type=e2-standard-8 | |
| wait: false | |
| - name: Docker login to Quay.io | |
| env: | |
| REGISTRY_USERNAME: ${{ secrets.QUAY_RHACS_ENG_RO_USERNAME }} | |
| REGISTRY_PASSWORD: ${{ secrets.QUAY_RHACS_ENG_RO_PASSWORD }} | |
| run: docker login -u "${REGISTRY_USERNAME}" --password-stdin quay.io <<<"${REGISTRY_PASSWORD}" | |
| - name: Set up Cloud SDK | |
| uses: google-github-actions/setup-gcloud@aa5489c8933f4cc7a4f7d45035b3b1440c9c10db # ratchet:google-github-actions/setup-gcloud@v3 | |
| with: | |
| install_components: "gke-gcloud-auth-plugin" | |
| - uses: stackrox/actions/infra/install-infractl@9238e423c3ae1ac4eb0f254cbb98da9daae24d86 # ratchet:stackrox/actions/infra/install-infractl@v1 | |
| - name: Build roxctl | |
| # The test uses roxctl for central backup/restore operations | |
| run: | | |
| make roxctl_linux-amd64 | |
| echo "$(pwd)/bin/linux_amd64" >> "$GITHUB_PATH" | |
| - name: Wait for the cluster and grab artifacts | |
| timeout-minutes: 25 | |
| run: | | |
| infractl wait "${CLUSTER_NAME}" | |
| infractl artifacts "${CLUSTER_NAME}" --download-dir artifacts > /dev/null | |
| echo "KUBECONFIG=$(pwd)/artifacts/kubeconfig" >> "$GITHUB_ENV" | |
| - name: Verify kubectl access | |
| run: | | |
| kubectl cluster-info | |
| kubectl get nodes | |
| - name: Run pre-test | |
| shell: python | |
| env: | |
| QUAY_RHACS_ENG_BEARER_TOKEN: ${{ secrets.QUAY_RHACS_ENG_BEARER_TOKEN }} | |
| PYTHONUNBUFFERED: "1" | |
| run: | | |
| import sys | |
| sys.path.append('.openshift-ci') | |
| from pre_tests import PreSystemTests | |
| PreSystemTests().run() | |
| - name: Deploy StackRox and run DB backup/restore test | |
| env: | |
| QUAY_RHACS_ENG_RO_USERNAME: ${{ secrets.QUAY_RHACS_ENG_RO_USERNAME }} | |
| QUAY_RHACS_ENG_RO_PASSWORD: ${{ secrets.QUAY_RHACS_ENG_RO_PASSWORD }} | |
| REGISTRY_USERNAME: ${{ secrets.QUAY_RHACS_ENG_RO_USERNAME }} | |
| REGISTRY_PASSWORD: ${{ secrets.QUAY_RHACS_ENG_RO_PASSWORD }} | |
| ORCHESTRATOR_FLAVOR: k8s | |
| run: | | |
| source tests/e2e/lib.sh | |
| source tests/scripts/setup-certs.sh | |
| source scripts/ci/sensor-wait.sh | |
| export_test_environment | |
| setup_deployment_env false false | |
| deploy_stackrox | |
| # Persist API_ENDPOINT for post-test steps (ci_export only sets it in this shell) | |
| echo "API_ENDPOINT=${API_ENDPOINT}" >> "$GITHUB_ENV" | |
| db_backup_and_restore_test /tmp/db-backup-restore-test | |
| - name: Run post-test | |
| if: failure() || github.event_name == 'push' | |
| shell: python | |
| env: | |
| PYTHONUNBUFFERED: "1" | |
| run: | | |
| import sys | |
| sys.path.append('.openshift-ci') | |
| from post_tests import CheckStackroxLogs | |
| CheckStackroxLogs( | |
| check_for_errors_in_stackrox_logs=True, | |
| artifact_destination_prefix="db-test", | |
| ).run(['/tmp/db-backup-restore-test', '${{ env.ARTIFACT_DIR }}']) | |
| - name: Run final-post | |
| if: always() | |
| shell: python | |
| env: | |
| PYTHONUNBUFFERED: "1" | |
| run: | | |
| import sys | |
| sys.path.append('.openshift-ci') | |
| from post_tests import FinalPost | |
| FinalPost(store_qa_tests_data=False).run() | |
| - name: Delete cluster | |
| if: always() | |
| run: infractl delete "${CLUSTER_NAME}" || echo "infractl delete failed or cluster not found; relying on lifespan expiry" | |
| - name: Publish test summary | |
| uses: test-summary/action@31493c76ec9e7aa675f1585d3ed6f1da69269a86 # ratchet:test-summary/action@v2 | |
| if: always() | |
| with: | |
| paths: ${{ env.ARTIFACT_DIR }}/**/*.xml | |
| show: all | |
| - name: Report junit failures in jira | |
| if: (!cancelled()) | |
| id: junit2jira | |
| uses: ./.github/actions/junit2jira | |
| with: | |
| create-jiras: ${{ github.event_name == 'push' }} | |
| jira-user: ${{ secrets.JIRA_USER }} | |
| jira-token: ${{ secrets.JIRA_TOKEN }} | |
| gcp-account: ${{ secrets.GCP_SERVICE_ACCOUNT_STACKROX_CI }} | |
| directory: ${{ env.ARTIFACT_DIR }} |