Add node modules and compiled JavaScript from main

* upgrade codeql

* bump codeql init

* name the unit test job

* tats feedback

.github/workflows/codeql.yml

@@ -13,20 +13,15 @@ jobs:
 
       steps:
          - name: Checkout repository
-           uses: actions/checkout@v2
+           uses: actions/checkout@v3
            with:
               # We must fetch at least the immediate parents so that if this is
               # a pull request then we can checkout the head.
               fetch-depth: 2
 
-         # If this run was triggered by a pull request event, then checkout
-         # the head of the pull request instead of the merge commit.
-         - run: git checkout HEAD^2
-           if: ${{ github.event_name == 'pull_request' }}
-
          # Initializes the CodeQL tools for scanning.
          - name: Initialize CodeQL
-           uses: github/codeql-action/init@v1
+           uses: github/codeql-action/init@v2
            # Override language selection by uncommenting this and choosing your languages
            # with:
            #   languages: go, javascript, csharp, python, cpp, java
@@ -34,7 +29,7 @@ jobs:
          # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
          # If this step fails, then you should remove it and run the build manually (see below)
          - name: Autobuild
-           uses: github/codeql-action/autobuild@v1
+           uses: github/codeql-action/autobuild@v2
 
          # ℹ️ Command-line programs to run using the OS shell.
          # 📚 https://git.io/JvXDl
@@ -48,4 +43,4 @@ jobs:
          #   make release
 
          - name: Perform CodeQL Analysis
-           uses: github/codeql-action/analyze@v1
+           uses: github/codeql-action/analyze@v2

.github/workflows/run-integration-tests-basic.yml

@@ -0,0 +1,72 @@
+name: Minikube Integration Tests - basic
+on:
+   pull_request:
+      branches:
+         - main
+         - 'releases/*'
+   push:
+      branches:
+         - main
+         - 'releases/*'
+   workflow_dispatch:
+
+jobs:
+   run-integration-test:
+      name: Run Minikube Integration Tests
+      runs-on: ubuntu-latest
+      env:
+         KUBECONFIG: /home/runner/.kube/config
+         NAMESPACE: test-${{ github.run_id }}
+      steps:
+         - uses: actions/checkout@v3
+
+         - name: Install dependencies
+           run: |
+              rm -rf node_modules/
+              npm install
+         - name: Install ncc
+           run: npm i -g @vercel/ncc
+         - name: Install conntrack
+           run: sudo apt-get install -y conntrack
+         - name: Build
+           run: ncc build src/run.ts -o lib
+
+         - uses: Azure/setup-kubectl@v3
+           name: Install Kubectl
+
+         - id: setup-minikube
+           name: Setup Minikube
+           uses: medyagh/setup-minikube@latest
+           with:
+              minikube-version: 1.24.0
+              kubernetes-version: 1.22.3
+              driver: 'none'
+           timeout-minutes: 3
+
+         - name: Create namespace to run tests
+           run: kubectl create ns ${{ env.NAMESPACE }}
+
+         - uses: actions/setup-python@v2
+           name: Install Python
+           with:
+              python-version: '3.x'
+
+         - name: Cleaning any previously created items
+           run: |
+              python test/integration/k8s-deploy-delete.py 'Service' 'all' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'Deployment' 'all' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'Ingress' 'all' ${{ env.NAMESPACE }}
+
+         - name: Executing deploy action for pod
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/test.yml
+              action: deploy
+
+         - name: Checking if deployments and services were created
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 labels=app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_basic selectorLabels=app:nginx
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_basic selectorLabels=app:nginx

.github/workflows/run-integration-tests-bluegreen-ingress.yml

@@ -0,0 +1,180 @@
+name: Minikube Integration Tests - blue-green ingress
+on:
+   pull_request:
+      branches:
+         - main
+         - 'releases/*'
+   push:
+      branches:
+         - main
+         - 'releases/*'
+   workflow_dispatch:
+
+jobs:
+   run-integration-test:
+      name: Run Minikube Integration Tests
+      runs-on: ubuntu-latest
+      env:
+         KUBECONFIG: /home/runner/.kube/config
+         NAMESPACE: test-${{ github.run_id }}
+      steps:
+         - uses: actions/checkout@v3
+
+         - name: Install dependencies
+           run: |
+              rm -rf node_modules/
+              npm install
+         - name: Install ncc
+           run: npm i -g @vercel/ncc
+         - name: Install conntrack
+           run: sudo apt-get install -y conntrack
+         - name: Build
+           run: ncc build src/run.ts -o lib
+
+         - uses: Azure/setup-kubectl@v3
+           name: Install Kubectl
+
+         - id: setup-minikube
+           name: Setup Minikube
+           uses: medyagh/setup-minikube@latest
+           with:
+              minikube-version: 1.24.0
+              kubernetes-version: 1.22.3
+              driver: 'none'
+           timeout-minutes: 3
+
+         - name: Create namespace to run tests
+           run: kubectl create ns ${{ env.NAMESPACE }}
+
+         - uses: actions/setup-python@v2
+           name: Install Python
+           with:
+              python-version: '3.x'
+
+         - name: Cleaning any previously created items
+           run: |
+              python test/integration/k8s-deploy-delete.py 'Service' 'nginx-service' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'Service' 'nginx-service-green' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'Deployment' 'nginx-deployment-green' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'Deployment' 'nginx-deployment' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'Ingress' 'nginx-ingress' ${{ env.NAMESPACE }}
+
+         - name: Executing deploy action for ingress
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/blue-green/test-ingress.yml
+              strategy: blue-green
+              route-method: ingress
+              action: deploy
+
+         - name: Checking if deployments, services and ingresses were created with green labels and original tag
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-green containerName=nginx:1.14.2 labels=k8s.deploy.color:green,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:green
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-green labels=k8s.deploy.color:green,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:green
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Ingress name=nginx-ingress ingressServices=nginx-service-green,unrouted-service
+
+         - name: Executing promote action for ingress
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/blue-green/test-ingress.yml
+              strategy: blue-green
+              route-method: ingress
+              action: promote
+
+         - name: Checking if deployments, services and ingresses were created with none labels after first promote
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:None
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:None,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:None
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Ingress name=nginx-ingress ingressServices=nginx-service,unrouted-service
+
+         - name: Executing second deploy action for ingress with new tag
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:latest
+              manifests: |
+                 test/integration/manifests/blue-green/test-ingress.yml
+              strategy: blue-green
+              route-method: ingress
+              action: deploy
+
+         - name: Checking if deployments (with new tag), services and ingresses were created with green labels after deploy, and old deployment persists
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-green containerName=nginx:latest labels=k8s.deploy.color:green,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:green
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:None
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-green labels=k8s.deploy.color:green,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:green
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:None,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:None
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Ingress name=nginx-ingress ingressServices=nginx-service-green,unrouted-service
+
+         - name: Executing second promote action for ingress now using new image tag
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:latest
+              manifests: |
+                 test/integration/manifests/blue-green/test-ingress.yml
+              strategy: blue-green
+              route-method: ingress
+              action: promote
+
+         - name: Checking if deployments, services and ingresses were created with none labels after promote for new tag
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:None
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:None,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:None
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Ingress name=nginx-ingress ingressServices=nginx-service,unrouted-service
+
+         - name: Executing deploy action for ingress to be rejected using old tag
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/blue-green/test-ingress.yml
+              strategy: blue-green
+              route-method: ingress
+              action: deploy
+
+         - name: Checking if new deployments (with old tag), services and ingresses were created with green labels after deploy, and old deployment (with latest tag) persists
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-green containerName=nginx:1.14.2 labels=k8s.deploy.color:green,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:green
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:None
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-green labels=k8s.deploy.color:green,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:green
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:None,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:None
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Ingress name=nginx-ingress ingressServices=nginx-service-green,unrouted-service
+
+         - name: Executing reject action for ingress to reject new deployment with 1.14.2 tag
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/blue-green/test-ingress.yml
+              strategy: blue-green
+              route-method: ingress
+              action: reject
+
+         # MAY BE USEFUL TO ADD AN ANTI-CHECK - CHECK TO MAKE SURE CERTAIN OBJECTS DON'T EXIST
+         - name: Checking if deployments, services and ingresses were created with none labels and latest tag after reject
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:None
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:None,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:None
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Ingress name=nginx-ingress ingressServices=nginx-service,unrouted-service
+
+         - name: Cleaning up current set up
+           run: |
+              python test/integration/k8s-deploy-delete.py 'Service' 'nginx-service' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'Deployment' 'nginx-deployment' ${{ env.NAMESPACE }}
+
+         - if: ${{ always() }}
+           name: Delete created namespace
+           run: kubectl delete ns ${{ env.NAMESPACE }}

.github/workflows/run-integration-tests-bluegreen-service.yml

@@ -0,0 +1,167 @@
+name: Minikube Integration Tests - blue-green service
+on:
+   pull_request:
+      branches:
+         - main
+         - 'releases/*'
+   push:
+      branches:
+         - main
+         - 'releases/*'
+   workflow_dispatch:
+
+jobs:
+   run-integration-test:
+      name: Run Minikube Integration Tests
+      runs-on: ubuntu-latest
+      env:
+         KUBECONFIG: /home/runner/.kube/config
+         NAMESPACE: test-${{ github.run_id }}
+      steps:
+         - uses: actions/checkout@v3
+
+         - name: Install dependencies
+           run: |
+              rm -rf node_modules/
+              npm install
+         - name: Install ncc
+           run: npm i -g @vercel/ncc
+         - name: Install conntrack
+           run: sudo apt-get install -y conntrack
+         - name: Build
+           run: ncc build src/run.ts -o lib
+
+         - uses: Azure/setup-kubectl@v3
+           name: Install Kubectl
+
+         - id: setup-minikube
+           name: Setup Minikube
+           uses: medyagh/setup-minikube@latest
+           with:
+              minikube-version: 1.24.0
+              kubernetes-version: 1.22.3
+              driver: 'none'
+           timeout-minutes: 3
+
+         - name: Create namespace to run tests
+           run: kubectl create ns ${{ env.NAMESPACE }}
+
+         - uses: actions/setup-python@v2
+           name: Install Python
+           with:
+              python-version: '3.x'
+
+         - name: Cleaning any previously created items
+           run: |
+              python test/integration/k8s-deploy-delete.py 'Service' 'all' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'Deployment' 'all' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'Ingress' 'all' ${{ env.NAMESPACE }}
+
+         - name: Executing deploy action for service
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/blue-green/test-service.yml
+              strategy: blue-green
+              route-method: service
+              action: deploy
+
+         - name: Checking if deployments and services were created with green labels and original tag
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-green containerName=nginx:1.14.2 labels=k8s.deploy.color:green,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:green
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:green,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:green
+         - name: Executing promote action for service
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/blue-green/test-service.yml
+              strategy: blue-green
+              route-method: service
+              action: promote
+
+         - name: Checking if deployments and services were created with none labels after first promote
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:None
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:None,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:None
+
+         - name: Executing second deploy action for service with new tag
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:latest
+              manifests: |
+                 test/integration/manifests/blue-green/test-service.yml
+              strategy: blue-green
+              route-method: service
+              action: deploy
+
+         - name: Checking if deployments (with new tag) and services were created with green labels after deploy, and old deployment persists
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-green containerName=nginx:latest labels=k8s.deploy.color:green,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:green
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:None
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:green,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:green
+
+         - name: Executing second promote action for service now using new image tag
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:latest
+              manifests: |
+                 test/integration/manifests/blue-green/test-service.yml
+              strategy: blue-green
+              route-method: service
+              action: promote
+
+         - name: Checking if deployments and services were created with none labels after promote for new tag
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:None
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:None,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:None
+
+         - name: Executing deploy action for service to be rejected using old tag
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/blue-green/test-service.yml
+              strategy: blue-green
+              route-method: service
+              action: deploy
+
+         - name: Checking if new deployments (with old tag) and services were created with green labels after deploy, and old deployment (with latest tag) persists
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-green containerName=nginx:1.14.2 labels=k8s.deploy.color:green,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:green
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:None
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:green,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:green
+
+         - name: Executing reject action for service to reject new deployment with 1.14.2 tag
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/blue-green/test-service.yml
+              strategy: blue-green
+              route-method: service
+              action: reject
+
+         # MAY BE USEFUL TO ADD AN ANTI-CHECK - CHECK TO MAKE SURE CERTAIN OBJECTS DON'T EXIST
+         - name: Checking if deployments and services were created with none labels and latest tag after reject
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:None
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:None,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:None
+
+         - name: Cleaning up current set up
+           run: |
+              python test/integration/k8s-deploy-delete.py 'Service' 'nginx-service' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'Deployment' 'nginx-deployment' ${{ env.NAMESPACE }}
+
+         - if: ${{ always() }}
+           name: Delete created namespace
+           run: kubectl delete ns ${{ env.NAMESPACE }}

.github/workflows/run-integration-tests-bluegreen-smi.yml

@@ -0,0 +1,205 @@
+name: Minikube Integration Tests - blue-green SMI
+on:
+   pull_request:
+      branches:
+         - main
+         - 'releases/*'
+   push:
+      branches:
+         - main
+         - 'releases/*'
+   workflow_dispatch:
+
+jobs:
+   run-integration-test:
+      name: Run Minikube Integration Tests
+      runs-on: ubuntu-latest
+      env:
+         KUBECONFIG: /home/runner/.kube/config
+         NAMESPACE: test-${{ github.run_id }}
+      steps:
+         - uses: actions/checkout@v3
+
+         - name: Install dependencies
+           run: |
+              rm -rf node_modules/
+              npm install
+         - name: Install ncc
+           run: npm i -g @vercel/ncc
+         - name: Install conntrack
+           run: sudo apt-get install -y conntrack
+         - name: Build
+           run: ncc build src/run.ts -o lib
+
+         - uses: Azure/setup-kubectl@v3
+           name: Install Kubectl
+
+         - id: setup-minikube
+           name: Setup Minikube
+           uses: medyagh/setup-minikube@latest
+           with:
+              minikube-version: 1.24.0
+              kubernetes-version: 1.22.3
+              driver: 'none'
+           timeout-minutes: 3
+
+         - name: Install linkerd and add controlplane to cluster
+           run: |
+              curl --proto '=https' --tlsv1.2 -sSfL https://run.linkerd.io/install | sh
+              curl -sL https://linkerd.github.io/linkerd-smi/install | sh
+              export PATH=$PATH:/home/runner/.linkerd2/bin
+
+              linkerd install --crds | kubectl apply -f -
+              linkerd install --set proxyInit.runAsRoot=true | kubectl apply -f -
+              linkerd smi install | kubectl apply -f -
+
+         - name: Create namespace to run tests
+           run: kubectl create ns ${{ env.NAMESPACE }}
+
+         - uses: actions/setup-python@v2
+           name: Install Python
+           with:
+              python-version: '3.x'
+
+         - name: Cleaning any previously created items
+           run: |
+              python test/integration/k8s-deploy-delete.py 'Service' 'all' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'Deployment' 'all' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'Ingress' 'all' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'TrafficSplit' 'all' ${{ env.NAMESPACE }}
+
+         - name: Executing deploy action for smi
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/blue-green/test-service.yml
+              strategy: blue-green
+              route-method: smi
+              action: deploy
+
+         - name: Checking if deployments, services, and ts objects were created with green labels and original tag
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-green containerName=nginx:1.14.2 labels=k8s.deploy.color:green,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx,k8s.deploy.color:green
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI,k8s.deploy.color:None selectorLabels=app:nginx,k8s.deploy.color:None
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-green labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI,k8s.deploy.color:green selectorLabels=app:nginx,k8s.deploy.color:green
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-trafficsplit tsServices=nginx-service-stable:0,nginx-service-green:100
+
+         - name: Executing promote action for smi
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/blue-green/test-service.yml
+              strategy: blue-green
+              route-method: smi
+              action: promote
+
+         # another good place for anti-test - ensure old deps are deleted after promote
+         - name: Checking if deployments, services, and ts objects were created with none labels after first promote
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx,k8s.deploy.color:None
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI,k8s.deploy.color:None selectorLabels=app:nginx,k8s.deploy.color:None
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-trafficsplit tsServices=nginx-service-stable:100,nginx-service-green:0
+
+         - name: Executing second deploy action for smi with new tag
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:latest
+              manifests: |
+                 test/integration/manifests/blue-green/test-service.yml
+              strategy: blue-green
+              route-method: smi
+              action: deploy
+
+         - name: Checking if deployments (with new tag) and services were created with green labels after deploy, and old deployment persists
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx,k8s.deploy.color:None
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-green containerName=nginx:latest labels=k8s.deploy.color:green,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx,k8s.deploy.color:green
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI,k8s.deploy.color:None selectorLabels=app:nginx,k8s.deploy.color:None
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-green labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI,k8s.deploy.color:green selectorLabels=app:nginx,k8s.deploy.color:green
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-trafficsplit tsServices=nginx-service-stable:0,nginx-service-green:100
+
+         - name: Executing second promote action for smi now using new image tag
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:latest
+              manifests: |
+                 test/integration/manifests/blue-green/test-service.yml
+              strategy: blue-green
+              route-method: smi
+              action: promote
+
+         - name: Checking if deployments and services were created with none labels after promote for new tag, ts is stable
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx,k8s.deploy.color:None
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI,k8s.deploy.color:None selectorLabels=app:nginx,k8s.deploy.color:None
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-trafficsplit tsServices=nginx-service-stable:100,nginx-service-green:0
+
+         - name: Executing deploy action for smi to be rejected using old tag
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/blue-green/test-service.yml
+              strategy: blue-green
+              route-method: smi
+              action: deploy
+
+         - name: Checking if new deployments (with old tag) and services were created with green labels after deploy, and old deployment (with latest tag) persists
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-green containerName=nginx:1.14.2 labels=k8s.deploy.color:green,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx,k8s.deploy.color:green
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx,k8s.deploy.color:None
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI,k8s.deploy.color:None selectorLabels=app:nginx,k8s.deploy.color:None
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-green labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI,k8s.deploy.color:green selectorLabels=app:nginx,k8s.deploy.color:green
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-trafficsplit tsServices=nginx-service-stable:0,nginx-service-green:100
+
+         - name: Executing reject action for smi to reject new deployment with 1.14.2 tag
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/blue-green/test-service.yml
+              strategy: blue-green
+              route-method: smi
+              action: reject
+
+         # MAY BE USEFUL TO ADD AN ANTI-CHECK - CHECK TO MAKE SURE CERTAIN OBJECTS DON'T EXIST
+         - name: Checking if deployments and services were created with none labels and latest tag after reject
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx,k8s.deploy.color:None
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI,k8s.deploy.color:None selectorLabels=app:nginx,k8s.deploy.color:None
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-trafficsplit tsServices=nginx-service-stable:100,nginx-service-green:0
+
+         - name: Cleaning up current set up
+           run: |
+              python test/integration/k8s-deploy-delete.py 'Service' 'nginx-service' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'Deployment' 'nginx-deployment' ${{ env.NAMESPACE }}
+
+         - if: ${{ always() }}
+           name: Delete created namespace
+           run: kubectl delete ns ${{ env.NAMESPACE }}

.github/workflows/run-integration-tests-canary-pod.yml

@@ -0,0 +1,176 @@
+name: Minikube Integration Tests - canary pod
+on:
+   pull_request:
+      branches:
+         - main
+         - 'releases/*'
+   push:
+      branches:
+         - main
+         - 'releases/*'
+   workflow_dispatch:
+
+jobs:
+   run-integration-test:
+      name: Run Minikube Integration Tests
+      runs-on: ubuntu-latest
+      env:
+         KUBECONFIG: /home/runner/.kube/config
+         NAMESPACE: test-${{ github.run_id }}
+      steps:
+         - uses: actions/checkout@v3
+
+         - name: Install dependencies
+           run: |
+              rm -rf node_modules/
+              npm install
+         - name: Install ncc
+           run: npm i -g @vercel/ncc
+         - name: Install conntrack
+           run: sudo apt-get install -y conntrack
+         - name: Build
+           run: ncc build src/run.ts -o lib
+
+         - uses: Azure/setup-kubectl@v3
+           name: Install Kubectl
+
+         - id: setup-minikube
+           name: Setup Minikube
+           uses: medyagh/setup-minikube@latest
+           with:
+              minikube-version: 1.24.0
+              kubernetes-version: 1.22.3
+              driver: 'none'
+           timeout-minutes: 3
+
+         - name: Create namespace to run tests
+           run: kubectl create ns ${{ env.NAMESPACE }}
+
+         - uses: actions/setup-python@v2
+           name: Install Python
+           with:
+              python-version: '3.x'
+
+         - name: Cleaning any previously created items
+           run: |
+              python test/integration/k8s-deploy-delete.py 'Service' 'all' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'Deployment' 'all' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'Ingress' 'all' ${{ env.NAMESPACE }}
+
+         - name: Executing deploy action for pod
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/test.yml
+              strategy: canary
+              percentage: 50
+              traffic-split-method: pod
+              action: deploy
+
+         - name: Checking if deployments and services were created with canary labels and original tag
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-canary containerName=nginx:1.14.2 labels=workflow/version:canary,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx,workflow/version:canary
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
+
+         - name: Executing promote action for pod
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/test.yml
+              strategy: canary
+              percentage: 50
+              traffic-split-method: pod
+              action: promote
+
+         # another good place for anti-test - ensure old deps are deleted after promote
+         - name: Checking if deployments and services were created with stable labels after first promote
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 labels=app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
+
+         - name: Executing second deploy action for pod with new tag
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:latest
+              manifests: |
+                 test/integration/manifests/test.yml
+              strategy: canary
+              percentage: 50
+              traffic-split-method: pod
+              action: deploy
+
+         - name: Checking if deployments (with new tag) and services were created with canary labels after deploy, and old deployment persists
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 labels=app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-canary containerName=nginx:latest labels=workflow/version:canary,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx,workflow/version:canary
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
+
+         - name: Executing second promote action for pod now using new image tag
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:latest
+              manifests: |
+                 test/integration/manifests/test.yml
+              strategy: canary
+              percentage: 50
+              traffic-split-method: pod
+              action: promote
+
+         - name: Checking if deployments and services were created with stable labels after promote for new tag, ts is stable
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
+
+         - name: Executing deploy action for pod to be rejected using old tag
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/test.yml
+              strategy: canary
+              percentage: 50
+              traffic-split-method: pod
+              action: deploy
+
+         - name: Checking if new deployments (with old tag) and services were created with canary and baseline labels after deploy, and stable deployment (with latest tag) persists
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-canary containerName=nginx:1.14.2 labels=workflow/version:canary,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx,workflow/version:canary
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
+
+         - name: Executing reject action for pod to reject new deployment with 1.14.2 tag
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/test.yml
+              strategy: canary
+              percentage: 50
+              traffic-split-method: pod
+              action: reject
+
+         # MAY BE USEFUL TO ADD AN ANTI-CHECK - CHECK TO MAKE SURE CERTAIN OBJECTS DON'T EXIST
+         - name: Checking if deployments and services were created with stable labels and latest tag after reject
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
+
+         - name: Cleaning up current set up
+           run: |
+              python test/integration/k8s-deploy-delete.py 'Service' 'nginx-service' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'Deployment' 'nginx-deployment' ${{ env.NAMESPACE }}
+
+         - if: ${{ always() }}
+           name: Delete created namespace
+           run: kubectl delete ns ${{ env.NAMESPACE }}

.github/workflows/run-integration-tests-canary-smi.yml

@@ -0,0 +1,217 @@
+name: Minikube Integration Tests - canary SMI
+on:
+   pull_request:
+      branches:
+         - main
+         - 'releases/*'
+   push:
+      branches:
+         - main
+         - 'releases/*'
+   workflow_dispatch:
+
+jobs:
+   run-integration-test:
+      name: Run Minikube Integration Tests
+      runs-on: ubuntu-20.04
+      env:
+         KUBECONFIG: /home/runner/.kube/config
+         NAMESPACE: test-${{ github.run_id }}
+      steps:
+         - uses: actions/checkout@v3
+
+         - name: Install dependencies
+           run: |
+              rm -rf node_modules/
+              npm install
+         - name: Install ncc
+           run: npm i -g @vercel/ncc
+         - name: Install conntrack
+           run: sudo apt-get install -y conntrack
+         - name: Build
+           run: ncc build src/run.ts -o lib
+
+         - uses: Azure/setup-kubectl@v3
+           name: Install Kubectl
+
+         - id: setup-minikube
+           name: Setup Minikube
+           uses: medyagh/setup-minikube@latest
+           with:
+              minikube-version: 1.24.0
+              kubernetes-version: 1.22.3
+              driver: 'none'
+           timeout-minutes: 3
+
+         - name: Install linkerd and add controlplane to cluster
+           run: |
+              curl --proto '=https' --tlsv1.2 -sSfL https://run.linkerd.io/install | sh
+              curl -sL https://linkerd.github.io/linkerd-smi/install | sh
+              export PATH=$PATH:/home/runner/.linkerd2/bin
+
+              linkerd install --crds | kubectl apply -f -
+              linkerd install --set proxyInit.runAsRoot=true | kubectl apply -f -
+              linkerd smi install | kubectl apply -f -
+
+         - name: Create namespace to run tests
+           run: kubectl create ns ${{ env.NAMESPACE }}
+
+         - uses: actions/setup-python@v2
+           name: Install Python
+           with:
+              python-version: '3.x'
+
+         - name: Cleaning any previously created items
+           run: |
+              python test/integration/k8s-deploy-delete.py 'Service' 'all' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'Deployment' 'all' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'Ingress' 'all' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'TrafficSplit' 'all' ${{ env.NAMESPACE }}
+
+         - name: Executing deploy action for smi
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/test.yml
+              strategy: canary
+              percentage: 50
+              traffic-split-method: smi
+              action: deploy
+
+         - name: Checking if deployments, services, and ts objects were created with canary labels and original tag
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-canary containerName=nginx:1.14.2 labels=workflow/version:canary,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx,workflow/version:canary
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-canary labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI,workflow/version:canary selectorLabels=app:nginx,workflow/version:canary
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-workflow-rollout tsServices=nginx-service-stable:0,nginx-service-canary:1000,nginx-service-baseline:0
+
+         - name: Executing promote action for smi
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/test.yml
+              strategy: canary
+              percentage: 50
+              traffic-split-method: smi
+              action: promote
+
+         # another good place for anti-test - ensure old deps are deleted after promote
+         - name: Checking if deployments, services, and ts objects were created with stable labels after first promote
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-stable containerName=nginx:1.14.2 labels=workflow/version:stable,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx,workflow/version:stable
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI,workflow/version:stable selectorLabels=app:nginx,workflow/version:stable
+
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-workflow-rollout tsServices=nginx-service-stable:1000,nginx-service-canary:0,nginx-service-baseline:0
+
+         - name: Executing second deploy action for smi with new tag
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:latest
+              manifests: |
+                 test/integration/manifests/test.yml
+              strategy: canary
+              percentage: 50
+              traffic-split-method: smi
+              action: deploy
+
+         - name: Checking if deployments (with new tag) and services were created with canary labels after deploy, and old deployment persists
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-stable containerName=nginx:1.14.2 labels=workflow/version:stable,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx,workflow/version:stable
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-canary containerName=nginx:latest labels=workflow/version:canary,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx,workflow/version:canary
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-baseline containerName=nginx:1.14.2 labels=workflow/version:baseline,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx,workflow/version:baseline
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI,workflow/version:stable selectorLabels=app:nginx,workflow/version:stable
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-canary labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI,workflow/version:canary selectorLabels=app:nginx,workflow/version:canary
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-baseline labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI,workflow/version:baseline selectorLabels=app:nginx,workflow/version:baseline
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-workflow-rollout tsServices=nginx-service-stable:500,nginx-service-canary:250,nginx-service-baseline:250
+
+         - name: Executing second promote action for smi now using new image tag
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:latest
+              manifests: |
+                 test/integration/manifests/test.yml
+              strategy: canary
+              percentage: 50
+              traffic-split-method: smi
+              action: promote
+
+         - name: Checking if deployments and services were created with stable labels after promote for new tag, ts is stable
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-stable containerName=nginx:latest labels=workflow/version:stable,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx,workflow/version:stable
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI,workflow/version:stable selectorLabels=app:nginx,workflow/version:stable
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-workflow-rollout tsServices=nginx-service-stable:1000,nginx-service-canary:0,nginx-service-baseline:0
+
+         - name: Executing deploy action for smi to be rejected using old tag
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/test.yml
+              strategy: canary
+              percentage: 50
+              traffic-split-method: smi
+              action: deploy
+
+         - name: Checking if new deployments (with old tag) and services were created with canary and baseline labels after deploy, and stable deployment (with latest tag) persists
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-canary containerName=nginx:1.14.2 labels=workflow/version:canary,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx,workflow/version:canary
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-baseline containerName=nginx:latest labels=workflow/version:baseline,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx,workflow/version:baseline
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-stable containerName=nginx:latest labels=workflow/version:stable,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx,workflow/version:stable
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI,workflow/version:stable selectorLabels=app:nginx,workflow/version:stable
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-baseline labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI,workflow/version:baseline selectorLabels=app:nginx,workflow/version:baseline
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-canary labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI,workflow/version:canary selectorLabels=app:nginx,workflow/version:canary
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-workflow-rollout tsServices=nginx-service-stable:500,nginx-service-canary:250,nginx-service-baseline:250
+
+         - name: Executing reject action for smi to reject new deployment with 1.14.2 tag
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/test.yml
+              strategy: canary
+              percentage: 50
+              traffic-split-method: smi
+              action: reject
+
+         # MAY BE USEFUL TO ADD AN ANTI-CHECK - CHECK TO MAKE SURE CERTAIN OBJECTS DON'T EXIST
+         - name: Checking if deployments and services were created with stable labels and latest tag after reject
+           run: |
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-stable containerName=nginx:latest labels=workflow/version:stable,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx,workflow/version:stable
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI,workflow/version:stable selectorLabels=app:nginx,workflow/version:stable
+
+              python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-workflow-rollout tsServices=nginx-service-stable:1000,nginx-service-canary:0,nginx-service-baseline:0
+
+         - name: Cleaning up current set up
+           run: |
+              python test/integration/k8s-deploy-delete.py 'Service' 'all' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'Deployment' 'all' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'Ingress' 'all' ${{ env.NAMESPACE }}
+              python test/integration/k8s-deploy-delete.py 'TrafficSplit' 'all' ${{ env.NAMESPACE }}
+
+         - if: ${{ always() }}
+           name: Delete created namespace
+           run: kubectl delete ns ${{ env.NAMESPACE }}

.github/workflows/run-integration-tests-private.yml

@@ -0,0 +1,81 @@
+name: Cluster Integration Tests - private cluster
+on:
+   pull_request:
+      branches:
+         - 'releases/*'
+   push:
+      branches:
+         - main
+   workflow_dispatch:
+
+jobs:
+   run-integration-test:
+      name: Run Minikube Integration Tests
+      runs-on: ubuntu-latest
+      env:
+         KUBECONFIG: /home/runner/.kube/config
+         NAMESPACE: test-${{ github.run_id }}
+      permissions:
+         contents: read
+         id-token: write
+      steps:
+         - uses: actions/checkout@v3
+
+         - name: Install dependencies
+           run: |
+              rm -rf node_modules/
+              npm install
+         - name: Install ncc
+           run: npm i -g @vercel/ncc
+         - name: Build
+           run: ncc build src/run.ts -o lib
+         - name: Azure login
+           uses: azure/login@v1.4.3
+           with:
+              client-id: ${{ secrets.AZURE_CLIENT_ID }}
+              tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+              subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+
+         - uses: Azure/setup-kubectl@v3
+           name: Install Kubectl
+
+         - name: Create private AKS cluster and set context
+           run: |
+              set +x
+              # create cluster
+              az group create --location eastus --name ${{ env.NAMESPACE }}
+              az aks create --name ${{ env.NAMESPACE }} --resource-group ${{ env.NAMESPACE }} --enable-private-cluster --generate-ssh-keys
+              az aks get-credentials --resource-group ${{ env.NAMESPACE }} --name ${{ env.NAMESPACE }}
+
+         - name: Create namespace to run tests
+           run: |
+              az aks command invoke --resource-group ${{ env.NAMESPACE }} --name ${{ env.NAMESPACE }} --command "kubectl create ns ${{ env.NAMESPACE }}"
+
+         - uses: actions/setup-python@v2
+           name: Install Python
+           with:
+              python-version: '3.x'
+
+         - name: Executing deploy action for pod
+           uses: ./
+           with:
+              namespace: ${{ env.NAMESPACE }}
+              images: nginx:1.14.2
+              manifests: |
+                 test/integration/manifests/test.yml
+              action: deploy
+              private-cluster: true
+              resource-group: ${{ env.NAMESPACE }}
+              name: ${{ env.NAMESPACE }}
+
+         - name: Checking if deployments and services were created
+           run: |
+              python test/integration/k8s-deploy-test.py private=${{ env.NAMESPACE }} namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 labels=app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Cluster_Integration_Tests_-_private_cluster selectorLabels=app:nginx
+              python test/integration/k8s-deploy-test.py private=${{ env.NAMESPACE }} namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Cluster_Integration_Tests_-_private_cluster selectorLabels=app:nginx
+
+         - name: Clean up AKS cluster
+           if: ${{ always() }}
+           run: |
+              echo "deleting AKS cluster and resource group"
+              az aks delete --yes --resource-group ${{ env.NAMESPACE }} --name ${{ env.NAMESPACE }}
+              az group delete --resource-group ${{ env.NAMESPACE }} --yes

.github/workflows/run-integration-tests.yml

@@ -1,215 +0,0 @@
-name: Minikube Integration Tests
-on:
-   pull_request:
-      branches:
-         - master
-         - main
-         - 'releases/*'
-   push:
-      branches:
-         - master
-         - main
-         - 'releases/*'
-   workflow_dispatch:
-
-jobs:
-   run-integration-test:
-      name: Run Minikube Integration Tests
-      runs-on: ubuntu-latest
-      env:
-         KUBECONFIG: /home/runner/.kube/config
-      steps:
-         - uses: actions/checkout@v2
-
-         - name: Install dependencies
-           run: |
-              rm -rf node_modules/
-              npm install
-
-         - name: Install ncc
-           run: npm i -g @vercel/ncc
-         - name: Build
-           run: ncc build src/run.ts -o lib
-
-         - name: Set name of ns
-           run: echo "::set-output name=name::$(echo `date +%Y%m%d%H%M%S`)"
-           shell: bash
-           id: ns
-
-         - uses: Azure/setup-kubectl@v1
-           name: Install Kubectl
-
-         - id: setup-minikube
-           name: Setup Minikube
-           uses: manusa/actions-setup-minikube@v2.4.2
-           with:
-              minikube version: 'v1.24.0'
-              kubernetes version: 'v1.17.8'
-              driver: 'none'
-           timeout-minutes: 3
-
-         - name: Create namespace to run tests
-           run: kubectl create ns test-${{ steps.ns.outputs.name }}
-
-         - uses: actions/setup-python@v2
-           name: Install Python
-           with:
-              python-version: '3.x'
-
-         - name: Cleaning any previously created items
-           run: |
-              python test/integration/k8s-deploy-delete.py 'Service' 'nginx-service' ${{ steps.ns.outputs.name }}
-              python test/integration/k8s-deploy-delete.py 'Service' 'nginx-service-green' ${{ steps.ns.outputs.name }}
-              python test/integration/k8s-deploy-delete.py 'Deployment' 'nginx-deployment-green' ${{ steps.ns.outputs.name }}
-              python test/integration/k8s-deploy-delete.py 'Deployment' 'nginx-deployment' ${{ steps.ns.outputs.name }}
-              python test/integration/k8s-deploy-delete.py 'Ingress' 'nginx-ingress' ${{ steps.ns.outputs.name }}
-
-         - name: Executing deploy action
-           uses: ./
-           with:
-              namespace: test-${{ steps.ns.outputs.name }}
-              images: nginx:1.14.2
-              manifests: |
-                 test/integration/manifests/test-service.yml
-              strategy: blue-green
-              route-method: service
-              action: deploy
-
-         - name: Checking if deploments and services were created with green labels
-           run: |
-              python test/integration/k8s-deploy-test.py 'Deployment' 'nginx-deployment-green' 'green' ${{ steps.ns.outputs.name }}
-              python test/integration/k8s-deploy-test.py 'Service' 'nginx-service' 'green' ${{ steps.ns.outputs.name }}
-
-         - name: Executing promote action
-           uses: ./
-           with:
-              namespace: test-${{ steps.ns.outputs.name }}
-              images: nginx:1.14.2
-              manifests: |
-                 test/integration/manifests/test-service.yml
-              strategy: blue-green
-              route-method: service
-              action: promote
-
-         - name: Checking if deploments and services were created with none labels after promote
-           run: |
-              python test/integration/k8s-deploy-test.py 'Deployment' 'nginx-deployment' 'None' ${{ steps.ns.outputs.name }}
-              python test/integration/k8s-deploy-test.py 'Service' 'nginx-service' 'None' ${{ steps.ns.outputs.name }}
-
-         - name: Executing deploy action on
-           uses: ./
-           with:
-              namespace: test-${{ steps.ns.outputs.name }}
-              images: nginx:1.19.1
-              manifests: |
-                 test/integration/manifests/test-service.yml
-              strategy: blue-green
-              route-method: service
-              action: deploy
-
-         - name: Checking if deploments and services were created with green labels, and old workloads persist on deploy
-           run: |
-              python test/integration/k8s-deploy-test.py 'Deployment' 'nginx-deployment-green' 'green' ${{ steps.ns.outputs.name }}
-              python test/integration/k8s-deploy-test.py 'Service' 'nginx-service' 'green' ${{ steps.ns.outputs.name }}
-              python test/integration/k8s-deploy-test.py 'Deployment' 'nginx-deployment' 'None' ${{ steps.ns.outputs.name }}
-
-         - name: Executing reject action
-           uses: ./
-           with:
-              namespace: test-${{ steps.ns.outputs.name }}
-              images: nginx:1.19.1
-              manifests: |
-                 test/integration/manifests/test-service.yml
-              strategy: blue-green
-              route-method: service
-              action: reject
-
-         - name: Checking if deploments and services were routed back to none labels after reject
-           run: |
-              python test/integration/k8s-deploy-test.py 'Deployment' 'nginx-deployment' 'None' ${{ steps.ns.outputs.name }}
-              python test/integration/k8s-deploy-test.py 'Service' 'nginx-service' 'None' ${{ steps.ns.outputs.name }}
-
-         - name: Cleaning up current set up
-           run: |
-              python test/integration/k8s-deploy-delete.py 'Service' 'nginx-service' ${{ steps.ns.outputs.name }}
-              python test/integration/k8s-deploy-delete.py 'Deployment' 'nginx-deployment' ${{ steps.ns.outputs.name }}
-
-         - name: Executing deploy action for ingress
-           uses: ./
-           with:
-              namespace: test-${{ steps.ns.outputs.name }}
-              images: nginx:1.14.2
-              manifests: |
-                 test/integration/manifests/test-ingress.yml
-              strategy: blue-green
-              route-method: ingress
-              action: deploy
-
-         - name: Checking if deploments, services and ingresses were created with green labels
-           run: |
-              python test/integration/k8s-deploy-test.py 'Deployment' 'nginx-deployment-green' 'green' ${{ steps.ns.outputs.name }}
-              python test/integration/k8s-deploy-test.py 'Service' 'nginx-service-green' 'green' ${{ steps.ns.outputs.name }}
-              python test/integration/k8s-deploy-test.py 'Ingress' 'nginx-ingress' 'green' ${{ steps.ns.outputs.name }}
-
-         - name: Executing promote action for ingress
-           uses: ./
-           with:
-              namespace: test-${{ steps.ns.outputs.name }}
-              images: nginx:1.14.2
-              manifests: |
-                 test/integration/manifests/test-ingress.yml
-              strategy: blue-green
-              route-method: ingress
-              action: promote
-
-         - name: Checking if deploments, services and ingresses were created with none labels after promote
-           run: |
-              python test/integration/k8s-deploy-test.py 'Deployment' 'nginx-deployment' 'None' ${{ steps.ns.outputs.name }}
-              python test/integration/k8s-deploy-test.py 'Service' 'nginx-service' 'None' ${{ steps.ns.outputs.name }}
-              python test/integration/k8s-deploy-test.py 'Ingress' 'nginx-ingress' 'None' ${{ steps.ns.outputs.name }}
-
-         - name: Executing deploy action for ingress
-           uses: ./
-           with:
-              namespace: test-${{ steps.ns.outputs.name }}
-              images: nginx:1.19.1
-              manifests: |
-                 test/integration/manifests/test-ingress.yml
-              strategy: blue-green
-              route-method: ingress
-              action: deploy
-
-         - name: Checking if deploments, services and ingresses were created with green labels after deploy, and old deployment persists
-           run: |
-              python test/integration/k8s-deploy-test.py 'Deployment' 'nginx-deployment-green' 'green' ${{ steps.ns.outputs.name }}
-              python test/integration/k8s-deploy-test.py 'Deployment' 'nginx-deployment' 'None' ${{ steps.ns.outputs.name }}
-              python test/integration/k8s-deploy-test.py 'Service' 'nginx-service' 'None' ${{ steps.ns.outputs.name }}
-              python test/integration/k8s-deploy-test.py 'Service' 'nginx-service-green' 'green' ${{ steps.ns.outputs.name }}
-              python test/integration/k8s-deploy-test.py 'Ingress' 'nginx-ingress' 'green' ${{ steps.ns.outputs.name }}
-
-         - name: Executing reject action for ingress
-           uses: ./
-           with:
-              namespace: test-${{ steps.ns.outputs.name }}
-              images: nginx:1.19.1
-              manifests: |
-                 test/integration/manifests/test-ingress.yml
-              strategy: blue-green
-              route-method: ingress
-              action: reject
-
-         - name: Checking if deploments, services and ingresses were created with none labels after reject
-           run: |
-              python test/integration/k8s-deploy-test.py 'Deployment' 'nginx-deployment' 'None' ${{ steps.ns.outputs.name }}
-              python test/integration/k8s-deploy-test.py 'Service' 'nginx-service' 'None' ${{ steps.ns.outputs.name }}
-              python test/integration/k8s-deploy-test.py 'Ingress' 'nginx-ingress' 'None' ${{ steps.ns.outputs.name }}
-
-         - if: ${{ always() }}
-           name: Delete created namespace
-           run: kubectl delete ns test-${{ steps.ns.outputs.name }}
-
-         - if: ${{ always() }}
-           name: Posting result back to PR
-           run: |
-              if [ '${{ steps.job-type.outputs.type }}' == 'pr' ]; then ruby postStatus.rb ${{github.event.client_payload.repository}} ${{github.event.client_payload.commit}} ${{secrets.L2_REPO_TOKEN}} ${{job.status}} ${{github.run_id}} ${{matrix.os}} false ${{ secrets.L2_REPO_USER }}; fi
-           shell: bash

.github/workflows/unit-tests.yml

@@ -11,9 +11,10 @@ on: # rebuild any PRs and main branch changes
 
 jobs:
    build: # make sure build/ci works properly
+      name: Run Unit Tests
       runs-on: ubuntu-latest
       steps:
-         - uses: actions/checkout@v1
+         - uses: actions/checkout@v3
          - run: |
               npm install
               npm test

.gitignore

@@ -2,6 +2,5 @@ node_modules
 
 .DS_Store
 .idea
-lib/
 
 coverage/

README.md

@@ -51,7 +51,7 @@ Following are the key capabilities of this action:
   </tr>
   <tr>
     <td>manifests </br></br>(Required)</td>
-    <td>Path to the manifest files to be used for deployment. These can also be directories containing manifest files, in which case, all manifest files in the referenced directory at every depth will be deployed. Files not ending in .yml or .yaml will be ignored.</td>
+    <td>Path to the manifest files to be used for deployment. These can also be directories containing manifest files, in which case, all manifest files in the referenced directory at every depth will be deployed, or URLs to manifest files (like https://raw.githubusercontent.com/kubernetes/website/main/content/en/examples/controllers/nginx-deployment.yaml). Files and URLs not ending in .yml or .yaml will be ignored.</td>
   </tr>
     <tr>
     <td>strategy </br></br>(Required)</td>
@@ -117,6 +117,10 @@ Following are the key capabilities of this action:
     <td>annotate-namespace</br></br>(Optional)</td>
     <td>Acceptable values: true/false</br>Default value: true</br>Switch whether to annotate the namespace resources object or not</td>
   </tr>
+  <tr>
+    <td>skip-tls-verify</br></br>(Optional)</td>
+    <td>Acceptable values: true/false</br>Default value: false</br>True if the insecure-skip-tls-verify option should be used</td>
+  </tr>
 </table>
 
 ## Usage Examples
@@ -124,7 +128,7 @@ Following are the key capabilities of this action:
 ### Basic deployment (without any deployment strategy)
 
 ```yaml
-- uses: Azure/k8s-deploy@v3.1
+- uses: Azure/k8s-deploy@v4
   with:
      namespace: 'myapp'
      manifests: |
@@ -158,7 +162,7 @@ Following are the key capabilities of this action:
 ### Canary deployment without service mesh
 
 ```yaml
-- uses: Azure/k8s-deploy@v3.1
+- uses: Azure/k8s-deploy@v4
   with:
      namespace: 'myapp'
      images: 'contoso.azurecr.io/myapp:${{ event.run_id }}'
@@ -177,7 +181,7 @@ Following are the key capabilities of this action:
 To promote/reject the canary created by the above snippet, the following YAML snippet could be used:
 
 ```yaml
-- uses: Azure/k8s-deploy@v3.1
+- uses: Azure/k8s-deploy@v4
   with:
      namespace: 'myapp'
      images: 'contoso.azurecr.io/myapp:${{ event.run_id }}'
@@ -195,7 +199,7 @@ To promote/reject the canary created by the above snippet, the following YAML sn
 ### Canary deployment based on Service Mesh Interface
 
 ```yaml
-- uses: Azure/k8s-deploy@v3.1
+- uses: Azure/k8s-deploy@v4
   with:
      namespace: 'myapp'
      images: 'contoso.azurecr.io/myapp:${{ event.run_id }}'
@@ -216,7 +220,7 @@ To promote/reject the canary created by the above snippet, the following YAML sn
 To promote/reject the canary created by the above snippet, the following YAML snippet could be used:
 
 ```yaml
-- uses: Azure/k8s-deploy@v3.1
+- uses: Azure/k8s-deploy@v4
   with:
      namespace: 'myapp'
      images: 'contoso.azurecr.io/myapp:${{ event.run_id }} '
@@ -235,7 +239,7 @@ To promote/reject the canary created by the above snippet, the following YAML sn
 ### Blue-Green deployment with different route methods
 
 ```yaml
-- uses: Azure/k8s-deploy@v3.1
+- uses: Azure/k8s-deploy@v4
   with:
      namespace: 'myapp'
      images: 'contoso.azurecr.io/myapp:${{ event.run_id }}'
@@ -255,7 +259,7 @@ To promote/reject the canary created by the above snippet, the following YAML sn
 To promote/reject the green workload created by the above snippet, the following YAML snippet could be used:
 
 ```yaml
-- uses: Azure/k8s-deploy@v3.1
+- uses: Azure/k8s-deploy@v4
   with:
      namespace: 'myapp'
      images: 'contoso.azurecr.io/myapp:${{ event.run_id }}'
@@ -312,7 +316,7 @@ jobs:
               container-registry-password: ${{ secrets.REGISTRY_PASSWORD }}
               secret-name: demo-k8s-secret
 
-         - uses: Azure/k8s-deploy@v3.1
+         - uses: Azure/k8s-deploy@v4
            with:
               action: deploy
               manifests: |
@@ -358,7 +362,7 @@ jobs:
               container-registry-password: ${{ secrets.REGISTRY_PASSWORD }}
               secret-name: demo-k8s-secret
 
-         - uses: Azure/k8s-deploy@v3.1
+         - uses: Azure/k8s-deploy@v4
            with:
               action: deploy
               manifests: |
@@ -471,3 +475,7 @@ provided by the bot. You will only need to do this once across all repos using o
 This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
 For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or
 contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
+
+## Support
+
+k8s-deploy is an open source project that is [**not** covered by the Microsoft Azure support policy](https://support.microsoft.com/en-us/help/2941892/support-for-linux-and-open-source-technology-in-azure). [Please search open issues here](https://github.com/Azure/k8s-deploy/issues), and if your issue isn't already represented please [open a new one](https://github.com/Azure/k8s-deploy/issues/new/choose). The project maintainers will respond to the best of their abilities.

action.yml

@@ -6,6 +6,7 @@ inputs:
    namespace:
       description: 'Choose the target Kubernetes namespace. If the namespace is not provided, the commands will run in the default namespace.'
       required: false
+      default: default
    manifests:
       description: 'Path to the manifest files which will be used for deployment.'
       required: true
@@ -72,6 +73,9 @@ inputs:
    name:
       description: 'Resource group name - Only required if using private cluster'
       required: false
+   skip-tls-verify:
+      description: True if the insecure-skip-tls-verify option should be used. Input should be 'true' or 'false'.
+      default: false
 
 branding:
    color: 'green'

jest.config.js

@@ -6,5 +6,6 @@ module.exports = {
    transform: {
       '^.+\\.ts$': 'ts-jest'
    },
-   verbose: true
+   verbose: true,
+   testTimeout: 9000
 }

package-lock.json

@@ -9,7 +9,7 @@
          "version": "0.0.0",
          "license": "MIT",
          "dependencies": {
-            "@actions/core": "^1.9.1",
+            "@actions/core": "^1.10.0",
             "@actions/exec": "^1.0.0",
             "@actions/io": "^1.0.0",
             "@actions/tool-cache": "1.1.2",
@@ -22,6 +22,7 @@
             "@types/jest": "^26.0.0",
             "@types/js-yaml": "^3.12.7",
             "@types/node": "^12.20.41",
+            "@vercel/ncc": "^0.36.1",
             "jest": "^26.0.0",
             "prettier": "^2.7.1",
             "ts-jest": "^26.0.0",
@@ -29,9 +30,9 @@
          }
       },
       "node_modules/@actions/core": {
-         "version": "1.9.1",
+         "version": "1.10.0",
-         "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.9.1.tgz",
+         "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.10.0.tgz",
-         "integrity": "sha512-5ad+U2YGrmmiw6du20AQW5XuWo7UKN2052FjSV7MX+Wfjf8sCqcsZe62NfgHys4QI4/Y+vQvLKYL8jWtA1ZBTA==",
+         "integrity": "sha512-2aZDDa3zrrZbP5ZYg159sNoLRb61nQ7awl5pSvIq5Qpj81vwDzdMRKzkWJGJuwVvWpvZKx7vspJALyvaaIQyug==",
          "dependencies": {
             "@actions/http-client": "^2.0.1",
             "uuid": "^8.3.2"
@@ -1182,6 +1183,15 @@
          "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==",
          "dev": true
       },
+      "node_modules/@vercel/ncc": {
+         "version": "0.36.1",
+         "resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.36.1.tgz",
+         "integrity": "sha512-S4cL7Taa9yb5qbv+6wLgiKVZ03Qfkc4jGRuiUQMQ8HGBD5pcNRnHeYM33zBvJE4/zJGjJJ8GScB+WmTsn9mORw==",
+         "dev": true,
+         "bin": {
+            "ncc": "dist/ncc/cli.js"
+         }
+      },
       "node_modules/abab": {
          "version": "2.0.6",
          "resolved": "https://registry.npmjs.org/abab/-/abab-2.0.6.tgz",
@@ -6416,9 +6426,9 @@
    },
    "dependencies": {
       "@actions/core": {
-         "version": "1.9.1",
+         "version": "1.10.0",
-         "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.9.1.tgz",
+         "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.10.0.tgz",
-         "integrity": "sha512-5ad+U2YGrmmiw6du20AQW5XuWo7UKN2052FjSV7MX+Wfjf8sCqcsZe62NfgHys4QI4/Y+vQvLKYL8jWtA1ZBTA==",
+         "integrity": "sha512-2aZDDa3zrrZbP5ZYg159sNoLRb61nQ7awl5pSvIq5Qpj81vwDzdMRKzkWJGJuwVvWpvZKx7vspJALyvaaIQyug==",
          "requires": {
             "@actions/http-client": "^2.0.1",
             "uuid": "^8.3.2"
@@ -7380,6 +7390,12 @@
          "integrity": "sha512-iO9ZQHkZxHn4mSakYV0vFHAVDyEOIJQrV2uZ06HxEPcx+mt8swXoZHIbaaJ2crJYFfErySgktuTZ3BeLz+XmFA==",
          "dev": true
       },
+      "@vercel/ncc": {
+         "version": "0.36.1",
+         "resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.36.1.tgz",
+         "integrity": "sha512-S4cL7Taa9yb5qbv+6wLgiKVZ03Qfkc4jGRuiUQMQ8HGBD5pcNRnHeYM33zBvJE4/zJGjJJ8GScB+WmTsn9mORw==",
+         "dev": true
+      },
       "abab": {
          "version": "2.0.6",
          "resolved": "https://registry.npmjs.org/abab/-/abab-2.0.6.tgz",

package.json

@@ -4,14 +4,14 @@
    "author": "Deepak Sattiraju",
    "license": "MIT",
    "scripts": {
-      "build": "ncc build src/run.ts -o lib",
+      "build": "npx ncc build src/run.ts -o lib",
       "test": "jest",
       "coverage": "jest --coverage=true",
       "format": "prettier --write .",
       "format-check": "prettier --check ."
    },
    "dependencies": {
-      "@actions/core": "^1.9.1",
+      "@actions/core": "^1.10.0",
       "@actions/exec": "^1.0.0",
       "@actions/io": "^1.0.0",
       "@actions/tool-cache": "1.1.2",
@@ -24,6 +24,7 @@
       "@types/jest": "^26.0.0",
       "@types/js-yaml": "^3.12.7",
       "@types/node": "^12.20.41",
+      "@vercel/ncc": "^0.36.1",
       "jest": "^26.0.0",
       "prettier": "^2.7.1",
       "ts-jest": "^26.0.0",

src/actions/deploy.ts

@@ -56,7 +56,9 @@ export async function deploy(
    for (const ingressResource of ingressResources) {
       await kubectl.getResource(
          KubernetesConstants.DiscoveryAndLoadBalancerResource.INGRESS,
-         ingressResource.name
+         ingressResource.name,
+         false,
+         ingressResource.namespace
       )
    }
    core.endGroup()

src/actions/promote.ts

@@ -6,6 +6,7 @@ import {
    getResources,
    updateManifestFiles
 } from '../utilities/manifestUpdateUtils'
+import {annotateAndLabelResources} from '../strategyHelpers/deploymentHelper'
 import * as models from '../types/kubernetesTypes'
 import * as KubernetesManifestUtility from '../utilities/manifestStabilityUtils'
 import {
@@ -15,6 +16,7 @@ import {
 } from '../strategyHelpers/blueGreen/blueGreenHelper'
 
 import {BlueGreenManifests} from '../types/blueGreenTypes'
+import {DeployResult} from '../types/deployResult'
 
 import {
    promoteBlueGreenIngress,
@@ -62,6 +64,8 @@ async function promoteCanary(kubectl: Kubectl, manifests: string[]) {
    const trafficSplitMethod = parseTrafficSplitMethod(
       core.getInput('traffic-split-method', {required: true})
    )
+   let promoteResult: DeployResult
+   let filesToAnnotate: string[]
    if (trafficSplitMethod == TrafficSplitMethod.SMI) {
       includeServices = true
 
@@ -77,26 +81,35 @@ async function promoteCanary(kubectl: Kubectl, manifests: string[]) {
       core.startGroup(
          'Deploying input manifests with SMI canary strategy from promote'
       )
-      await SMICanaryDeploymentHelper.deploySMICanary(
+
+      promoteResult = await SMICanaryDeploymentHelper.deploySMICanary(
          manifestFilesForDeployment,
          kubectl,
          true
       )
+
       core.endGroup()
 
       core.startGroup('Redirecting traffic to stable deployment')
+      const stableRedirectManifests =
          await SMICanaryDeploymentHelper.redirectTrafficToStableDeployment(
             kubectl,
             manifests
          )
+
+      filesToAnnotate = promoteResult.manifestFiles.concat(
+         stableRedirectManifests
+      )
+
       core.endGroup()
    } else {
       core.startGroup('Deploying input manifests from promote')
-      await PodCanaryHelper.deployPodCanary(
+      promoteResult = await PodCanaryHelper.deployPodCanary(
          manifestFilesForDeployment,
          kubectl,
          true
       )
+      filesToAnnotate = promoteResult.manifestFiles
       core.endGroup()
    }
 
@@ -113,6 +126,23 @@ async function promoteCanary(kubectl: Kubectl, manifests: string[]) {
       )
    }
    core.endGroup()
+
+   // annotate resources
+   core.startGroup('Annotating resources')
+   let allPods
+   try {
+      allPods = JSON.parse((await kubectl.getAllPods()).stdout)
+   } catch (e) {
+      core.debug(`Unable to parse pods: ${e}`)
+   }
+   const resources: Resource[] = getResources(
+      filesToAnnotate,
+      models.DEPLOYMENT_TYPES.concat([
+         models.DiscoveryAndLoadBalancerResource.SERVICE
+      ])
+   )
+   await annotateAndLabelResources(filesToAnnotate, kubectl, resources, allPods)
+   core.endGroup()
 }
 
 async function promoteBlueGreen(kubectl: Kubectl, manifests: string[]) {
@@ -186,4 +216,20 @@ async function promoteBlueGreen(kubectl: Kubectl, manifests: string[]) {
       await deleteGreenObjects(kubectl, manifestObjects.deploymentEntityList)
    }
    core.endGroup()
+
+   // annotate resources
+   core.startGroup('Annotating resources')
+   let allPods
+   try {
+      allPods = JSON.parse((await kubectl.getAllPods()).stdout)
+   } catch (e) {
+      core.debug(`Unable to parse pods: ${e}`)
+   }
+   await annotateAndLabelResources(
+      deployedManifestFiles,
+      kubectl,
+      resources,
+      allPods
+   )
+   core.endGroup()
 }

src/run.ts

@@ -5,7 +5,7 @@ import {promote} from './actions/promote'
 import {reject} from './actions/reject'
 import {Action, parseAction} from './types/action'
 import {parseDeploymentStrategy} from './types/deploymentStrategy'
-import {getFilesFromDirectories} from './utilities/fileUtils'
+import {getFilesFromDirectoriesAndURLs} from './utilities/fileUtils'
 import {PrivateKubectl} from './types/privatekubectl'
 
 export async function run() {
@@ -26,23 +26,26 @@ export async function run() {
       .map((manifest) => manifest.trim()) // remove surrounding whitespace
       .filter((manifest) => manifest.length > 0) // remove any blanks
 
-   const fullManifestFilePaths = getFilesFromDirectories(manifestFilePaths)
+   const fullManifestFilePaths = await getFilesFromDirectoriesAndURLs(
+      manifestFilePaths
+   )
    const kubectlPath = await getKubectlPath()
    const namespace = core.getInput('namespace') || 'default'
    const isPrivateCluster =
       core.getInput('private-cluster').toLowerCase() === 'true'
    const resourceGroup = core.getInput('resource-group') || ''
    const resourceName = core.getInput('name') || ''
+   const skipTlsVerify = core.getBooleanInput('skip-tls-verify')
 
    const kubectl = isPrivateCluster
       ? new PrivateKubectl(
            kubectlPath,
            namespace,
-           true,
+           skipTlsVerify,
            resourceGroup,
            resourceName
         )
-      : new Kubectl(kubectlPath, namespace, true)
+      : new Kubectl(kubectlPath, namespace, skipTlsVerify)
 
    // run action
    switch (action) {

src/strategyHelpers/blueGreen/blueGreenHelper.ts

@@ -38,7 +38,8 @@ export async function deleteGreenObjects(
    const resourcesToDelete: K8sDeleteObject[] = toDelete.map((obj) => {
       return {
          name: getBlueGreenResourceName(obj.metadata.name, GREEN_SUFFIX),
-         kind: obj.kind
+         kind: obj.kind,
+         namespace: obj.metadata.namespace
       }
    })
 
@@ -66,31 +67,25 @@ export async function deleteObjects(
 // other common functions
 export function getManifestObjects(filePaths: string[]): BlueGreenManifests {
    const deploymentEntityList: K8sObject[] = []
+   const serviceEntityList: K8sObject[] = []
    const routedServiceEntityList: K8sObject[] = []
    const unroutedServiceEntityList: K8sObject[] = []
    const ingressEntityList: K8sObject[] = []
    const otherEntitiesList: K8sObject[] = []
    const serviceNameMap = new Map<string, string>()
 
+   // Manifest objects per type. All resources should be parsed and
+   // organized before we can check if services are “routed” or not.
    filePaths.forEach((filePath: string) => {
       const fileContents = fs.readFileSync(filePath).toString()
       yaml.safeLoadAll(fileContents, (inputObject) => {
          if (!!inputObject) {
             const kind = inputObject.kind
-            const name = inputObject.metadata.name
 
             if (isDeploymentEntity(kind)) {
                deploymentEntityList.push(inputObject)
             } else if (isServiceEntity(kind)) {
-               if (isServiceRouted(inputObject, deploymentEntityList)) {
+               serviceEntityList.push(inputObject)
-                  routedServiceEntityList.push(inputObject)
-                  serviceNameMap.set(
-                     name,
-                     getBlueGreenResourceName(name, GREEN_SUFFIX)
-                  )
-               } else {
-                  unroutedServiceEntityList.push(inputObject)
-               }
             } else if (isIngressEntity(kind)) {
                ingressEntityList.push(inputObject)
             } else {
@@ -100,6 +95,16 @@ export function getManifestObjects(filePaths: string[]): BlueGreenManifests {
       })
    })
 
+   serviceEntityList.forEach((inputObject: any) => {
+      if (isServiceRouted(inputObject, deploymentEntityList)) {
+         const name = inputObject.metadata.name
+         routedServiceEntityList.push(inputObject)
+         serviceNameMap.set(name, getBlueGreenResourceName(name, GREEN_SUFFIX))
+      } else {
+         unroutedServiceEntityList.push(inputObject)
+      }
+   })
+
    return {
       serviceEntityList: routedServiceEntityList,
       serviceNameMap: serviceNameMap,
@@ -234,9 +239,10 @@ export function isServiceSelectorSubsetOfMatchLabel(
 export async function fetchResource(
    kubectl: Kubectl,
    kind: string,
-   name: string
+   name: string,
+   namespace?: string
 ): Promise<K8sObject> {
-   const result = await kubectl.getResource(kind, name)
+   const result = await kubectl.getResource(kind, name, false, namespace)
    if (result == null || !!result.stderr) {
       return null
    }

src/strategyHelpers/blueGreen/deploy.test.ts

@@ -57,7 +57,7 @@ describe('deploy tests', () => {
          RouteStrategy.SMI
       )
 
-      expect(smiResult.objects.length).toBe(3)
+      expect(smiResult.objects.length).toBe(6)
    })
 
    test('correctly deploys blue/green ingress', async () => {

src/strategyHelpers/blueGreen/deploy.ts

@@ -17,6 +17,7 @@ import {
 import {setupSMI} from './smiBlueGreenHelper'
 
 import {routeBlueGreenForDeploy} from './route'
+import {DeployResult} from '../../types/deployResult'
 
 export async function deployBlueGreen(
    kubectl: Kubectl,
@@ -35,9 +36,17 @@ export async function deployBlueGreen(
    })()
 
    core.startGroup('Routing blue green')
-   await routeBlueGreenForDeploy(kubectl, files, routeStrategy)
+   const routeDeployment = await routeBlueGreenForDeploy(
+      kubectl,
+      files,
+      routeStrategy
+   )
    core.endGroup()
 
+   blueGreenDeployment.objects.push(...routeDeployment.objects)
+   blueGreenDeployment.deployResult.manifestFiles.push(
+      ...routeDeployment.deployResult.manifestFiles
+   )
    return blueGreenDeployment
 }
 
@@ -56,10 +65,16 @@ export async function deployBlueGreenSMI(
       manifestObjects.unroutedServiceEntityList
    )
 
-   await deployObjects(kubectl, newObjectsList)
+   const otherObjDeployment: DeployResult = await deployObjects(
+      kubectl,
+      newObjectsList
+   )
 
    // make extraservices and trafficsplit
-   await setupSMI(kubectl, manifestObjects.serviceEntityList)
+   const smiAndSvcDeployment = await setupSMI(
+      kubectl,
+      manifestObjects.serviceEntityList
+   )
 
    // create new deloyments
    const blueGreenDeployment: BlueGreenDeployment = await deployWithLabel(
@@ -67,10 +82,18 @@ export async function deployBlueGreenSMI(
       manifestObjects.deploymentEntityList,
       GREEN_LABEL_VALUE
    )
-   return {
+
-      deployResult: blueGreenDeployment.deployResult,
+   blueGreenDeployment.objects.push(...newObjectsList)
-      objects: [].concat(blueGreenDeployment.objects, newObjectsList)
+   blueGreenDeployment.objects.push(...smiAndSvcDeployment.objects)
-   }
+
+   blueGreenDeployment.deployResult.manifestFiles.push(
+      ...otherObjDeployment.manifestFiles
+   )
+   blueGreenDeployment.deployResult.manifestFiles.push(
+      ...smiAndSvcDeployment.deployResult.manifestFiles
+   )
+
+   return blueGreenDeployment
 }
 
 export async function deployBlueGreenIngress(

src/strategyHelpers/blueGreen/ingressBlueGreenHelper.ts

@@ -97,7 +97,8 @@ export async function validateIngresses(
          const existingIngress = await fetchResource(
             kubectl,
             inputObject.kind,
-            inputObject.metadata.name
+            inputObject.metadata.name,
+            inputObject?.metadata?.namespace
          )
 
          const isValid =

src/strategyHelpers/blueGreen/reject.test.ts

@@ -61,6 +61,6 @@ describe('reject tests', () => {
          .spyOn(TSutils, 'getTrafficSplitAPIVersion')
          .mockImplementation(() => Promise.resolve('v1alpha3'))
       const rejectResult = await rejectBlueGreenSMI(kubectl, testObjects)
-      expect(rejectResult.deleteResult).toHaveLength(4)
+      expect(rejectResult.deleteResult).toHaveLength(2)
    })
 })

src/strategyHelpers/blueGreen/serviceBlueGreenHelper.ts

@@ -31,7 +31,8 @@ export async function validateServicesState(
       const existingService = await fetchResource(
          kubectl,
          serviceObject.kind,
-         serviceObject.metadata.name
+         serviceObject.metadata.name,
+         serviceObject?.metadata?.namespace
       )
 
       let isServiceGreen =

src/strategyHelpers/blueGreen/smiBlueGreenHelper.test.ts

@@ -193,11 +193,8 @@ describe('SMI Helper tests', () => {
 
    test('cleanupSMI test', async () => {
       const deleteObjects = await cleanupSMI(kc, testObjects.serviceEntityList)
-      expect(deleteObjects).toHaveLength(3)
+      expect(deleteObjects).toHaveLength(1)
-      expect(deleteObjects[0].name).toBe('nginx-service-trafficsplit')
+      expect(deleteObjects[0].name).toBe('nginx-service-green')
-      expect(deleteObjects[1].name).toBe('nginx-service-green')
+      expect(deleteObjects[0].kind).toBe('Service')
-      expect(deleteObjects[1].kind).toBe('Service')
-      expect(deleteObjects[2].name).toBe('nginx-service-stable')
-      expect(deleteObjects[2].kind).toBe('Service')
    })
 })

src/strategyHelpers/blueGreen/smiBlueGreenHelper.ts

@@ -142,7 +142,8 @@ export async function validateTrafficSplitsState(
       let trafficSplitObject = await fetchResource(
          kubectl,
          TRAFFIC_SPLIT_OBJECT,
-         getBlueGreenResourceName(name, TRAFFIC_SPLIT_OBJECT_NAME_SUFFIX)
+         getBlueGreenResourceName(name, TRAFFIC_SPLIT_OBJECT_NAME_SUFFIX),
+         serviceObject?.metadata?.namespace
       )
       core.debug(
          `ts object extracted was ${JSON.stringify(trafficSplitObject)}`
@@ -178,28 +179,13 @@ export async function cleanupSMI(
    const deleteList: K8sDeleteObject[] = []
 
    serviceEntityList.forEach((serviceObject) => {
-      deleteList.push({
-         name: getBlueGreenResourceName(
-            serviceObject.metadata.name,
-            TRAFFIC_SPLIT_OBJECT_NAME_SUFFIX
-         ),
-         kind: TRAFFIC_SPLIT_OBJECT
-      })
-
       deleteList.push({
          name: getBlueGreenResourceName(
             serviceObject.metadata.name,
             GREEN_SUFFIX
          ),
-         kind: serviceObject.kind
+         kind: serviceObject.kind,
-      })
+         namespace: serviceObject?.metadata?.namespace
-
-      deleteList.push({
-         name: getBlueGreenResourceName(
-            serviceObject.metadata.name,
-            STABLE_SUFFIX
-         ),
-         kind: serviceObject.kind
       })
    })
 

src/strategyHelpers/canary/canaryHelper.ts

@@ -29,12 +29,17 @@ export async function deleteCanaryDeployment(
    kubectl: Kubectl,
    manifestFilePaths: string[],
    includeServices: boolean
-) {
+): Promise<string[]> {
    if (manifestFilePaths == null || manifestFilePaths.length == 0) {
       throw new Error('Manifest files for deleting canary deployment not found')
    }
 
-   await cleanUpCanary(kubectl, manifestFilePaths, includeServices)
+   const deletedFiles = await cleanUpCanary(
+      kubectl,
+      manifestFilePaths,
+      includeServices
+   )
+   return deletedFiles
 }
 
 export function markResourceAsStable(inputObject: any): object {
@@ -189,16 +194,22 @@ async function cleanUpCanary(
    kubectl: Kubectl,
    files: string[],
    includeServices: boolean
-) {
+): Promise<string[]> {
-   const deleteObject = async function (kind, name) {
+   const deleteObject = async function (
+      kind: string,
+      name: string,
+      namespace: string | undefined
+   ) {
       try {
-         const result = await kubectl.delete([kind, name])
+         const result = await kubectl.delete([kind, name], namespace)
          checkForErrors([result])
       } catch (ex) {
          // Ignore failures of delete if it doesn't exist
       }
    }
 
+   const deletedFiles: string[] = []
+
    for (const filePath of files) {
       const fileContents = fs.readFileSync(filePath).toString()
 
@@ -206,17 +217,21 @@ async function cleanUpCanary(
       for (const inputObject of parsedYaml) {
          const name = inputObject.metadata.name
          const kind = inputObject.kind
+         const namespace: string | undefined = inputObject?.metadata?.namespace
 
          if (
             isDeploymentEntity(kind) ||
             (includeServices && isServiceEntity(kind))
          ) {
+            deletedFiles.push(filePath)
             const canaryObjectName = getCanaryResourceName(name)
             const baselineObjectName = getBaselineResourceName(name)
 
-            await deleteObject(kind, canaryObjectName)
+            await deleteObject(kind, canaryObjectName, namespace)
-            await deleteObject(kind, baselineObjectName)
+            await deleteObject(kind, baselineObjectName, namespace)
          }
       }
    }
+
+   return deletedFiles
 }

src/strategyHelpers/canary/podCanaryHelper.ts

@@ -7,12 +7,13 @@ import * as fileHelper from '../../utilities/fileUtils'
 import * as canaryDeploymentHelper from './canaryHelper'
 import {isDeploymentEntity} from '../../types/kubernetesTypes'
 import {getReplicaCount} from '../../utilities/manifestUpdateUtils'
+import {DeployResult} from '../../types/deployResult'
 
 export async function deployPodCanary(
    filePaths: string[],
    kubectl: Kubectl,
    onlyDeployStable: boolean = false
-) {
+): Promise<DeployResult> {
    const newObjectsList = []
    const percentage = parseInt(core.getInput('percentage', {required: true}))
 
@@ -71,8 +72,8 @@ export async function deployPodCanary(
    const manifestFiles = fileHelper.writeObjectsToFile(newObjectsList)
    const forceDeployment = core.getInput('force').toLowerCase() === 'true'
 
-   const result = await kubectl.apply(manifestFiles, forceDeployment)
+   const execResult = await kubectl.apply(manifestFiles, forceDeployment)
-   return {result, newFilePaths: manifestFiles}
+   return {execResult, manifestFiles}
 }
 
 export function calculateReplicaCountForCanary(

src/strategyHelpers/canary/smiCanaryHelper.ts

@@ -10,6 +10,7 @@ import * as podCanaryHelper from './podCanaryHelper'
 import {isDeploymentEntity, isServiceEntity} from '../../types/kubernetesTypes'
 import {checkForErrors} from '../../utilities/kubectlUtils'
 import {inputAnnotations} from '../../inputUtils'
+import {DeployResult} from '../../types/deployResult'
 
 const TRAFFIC_SPLIT_OBJECT_NAME_SUFFIX = '-workflow-rollout'
 const TRAFFIC_SPLIT_OBJECT = 'TrafficSplit'
@@ -18,7 +19,7 @@ export async function deploySMICanary(
    filePaths: string[],
    kubectl: Kubectl,
    onlyDeployStable: boolean = false
-) {
+): Promise<DeployResult> {
    const canaryReplicasInput = core.getInput('baseline-and-canary-replicas')
    let canaryReplicaCount
    let calculateReplicas = true
@@ -97,11 +98,15 @@ export async function deploySMICanary(
    const newFilePaths = fileHelper.writeObjectsToFile(newObjectsList)
    const forceDeployment = core.getInput('force').toLowerCase() === 'true'
    const result = await kubectl.apply(newFilePaths, forceDeployment)
-   await createCanaryService(kubectl, filePaths)
+   const svcDeploymentFiles = await createCanaryService(kubectl, filePaths)
-   return {result, newFilePaths}
+   newFilePaths.push(...svcDeploymentFiles)
+   return {execResult: result, manifestFiles: newFilePaths}
 }
 
-async function createCanaryService(kubectl: Kubectl, filePaths: string[]) {
+async function createCanaryService(
+   kubectl: Kubectl,
+   filePaths: string[]
+): Promise<string[]> {
    const newObjectsList = []
    const trafficObjectsList: string[] = []
 
@@ -190,6 +195,7 @@ async function createCanaryService(kubectl: Kubectl, filePaths: string[]) {
 
    const result = await kubectl.apply(manifestFiles, forceDeployment)
    checkForErrors([result])
+   return manifestFiles
 }
 
 export async function redirectTrafficToCanaryDeployment(
@@ -202,8 +208,8 @@ export async function redirectTrafficToCanaryDeployment(
 export async function redirectTrafficToStableDeployment(
    kubectl: Kubectl,
    manifestFilePaths: string[]
-) {
+): Promise<string[]> {
-   await adjustTraffic(kubectl, manifestFilePaths, 1000, 0)
+   return await adjustTraffic(kubectl, manifestFilePaths, 1000, 0)
 }
 
 async function adjustTraffic(
@@ -245,6 +251,7 @@ async function adjustTraffic(
    const forceDeployment = core.getInput('force').toLowerCase() === 'true'
    const result = await kubectl.apply(trafficSplitManifests, forceDeployment)
    checkForErrors([result])
+   return trafficSplitManifests
 }
 
 async function updateTrafficSplitObject(

src/strategyHelpers/deploymentHelper.ts

@@ -39,6 +39,8 @@ import {
    normalizeWorkflowStrLabel
 } from '../utilities/githubUtils'
 import {getDeploymentConfig} from '../utilities/dockerUtils'
+import {deploy} from '../actions/deploy'
+import {DeployResult} from '../types/deployResult'
 
 export async function deployManifests(
    files: string[],
@@ -48,13 +50,13 @@ export async function deployManifests(
 ): Promise<string[]> {
    switch (deploymentStrategy) {
       case DeploymentStrategy.CANARY: {
-         const {result, newFilePaths} =
+         const canaryDeployResult: DeployResult =
             trafficSplitMethod == TrafficSplitMethod.SMI
                ? await deploySMICanary(files, kubectl)
                : await deployPodCanary(files, kubectl)
 
-         checkForErrors([result])
+         checkForErrors([canaryDeployResult.execResult])
-         return newFilePaths
+         return canaryDeployResult.manifestFiles
       }
 
       case DeploymentStrategy.BLUE_GREEN: {
@@ -73,7 +75,12 @@ export async function deployManifests(
          )
 
          checkForErrors([blueGreenDeployment.deployResult.execResult])
-         return blueGreenDeployment.deployResult.manifestFiles
+         const deployedManifestFiles =
+            blueGreenDeployment.deployResult.manifestFiles
+         core.debug(
+            `from blue-green service, deployed manifest files are ${deployedManifestFiles}`
+         )
+         return deployedManifestFiles
       }
 
       case DeploymentStrategy.BASIC: {
@@ -143,8 +150,15 @@ export async function annotateAndLabelResources(
    resourceTypes: Resource[],
    allPods: any
 ) {
+   const defaultWorkflowFileName = 'k8s-deploy-failed-workflow-annotation'
    const githubToken = core.getInput('token')
-   const workflowFilePath = await getWorkflowFilePath(githubToken)
+   let workflowFilePath
+   try {
+      workflowFilePath = await getWorkflowFilePath(githubToken)
+   } catch (ex) {
+      core.warning(`Failed to extract workflow file name: ${ex}`)
+      workflowFilePath = defaultWorkflowFileName
+   }
 
    const deploymentConfig = await getDeploymentConfig()
    const annotationKeyLabel = getWorkflowAnnotationKeyLabel()
@@ -157,8 +171,11 @@ export async function annotateAndLabelResources(
       annotationKeyLabel,
       workflowFilePath,
       deploymentConfig
+   ).catch((err) => core.warning(`Failed to annotate resources: ${err} `))
+
+   await labelResources(files, kubectl, annotationKeyLabel).catch((err) =>
+      core.warning(`Failed to label resources: ${err}`)
    )
-   await labelResources(files, kubectl, annotationKeyLabel)
 }
 
 async function annotateResources(
@@ -178,6 +195,18 @@ async function annotateResources(
       annotationKey
    )
 
+   if (core.isDebug()) {
+      core.debug(`files getting annotated are ${JSON.stringify(files)}`)
+      for (const filePath of files) {
+         core.debug('printing objects getting annotated...')
+         const fileContents = fs.readFileSync(filePath).toString()
+         const inputObjects = yaml.safeLoadAll(fileContents)
+         for (const inputObject of inputObjects) {
+            core.debug(`object: ${JSON.stringify(inputObject)}`)
+         }
+      }
+   }
+
    const annotationKeyValStr = `${annotationKey}=${getWorkflowAnnotations(
       lastSuccessSha,
       workflowFilePath,
@@ -189,10 +218,25 @@ async function annotateResources(
    )
    if (annotateNamespace) {
       annotateResults.push(
-         await kubectl.annotate('namespace', namespace, annotationKeyValStr)
+         await kubectl.annotate(
+            'namespace',
+            namespace,
+            annotationKeyValStr,
+            namespace
+         )
       )
    }
-   annotateResults.push(await kubectl.annotateFiles(files, annotationKeyValStr))
+   for (const file of files) {
+      try {
+         const annotateResult = await kubectl.annotateFiles(
+            file,
+            annotationKeyValStr
+         )
+         annotateResults.push(annotateResult)
+      } catch (e) {
+         core.warning(`failed to annotate resource: ${e}`)
+      }
+   }
 
    for (const resource of resourceTypes) {
       if (
@@ -204,6 +248,7 @@ async function annotateResources(
                kubectl,
                resource.type,
                resource.name,
+               resource.namespace,
                annotationKeyValStr,
                allPods
             )
@@ -226,5 +271,14 @@ async function labelResources(
       `workflow=${cleanLabel(label)}`
    ]
 
-   checkForErrors([await kubectl.labelFiles(files, labels)], true)
+   const labelResults = []
+   for (const file of files) {
+      try {
+         const labelResult = await kubectl.labelFiles(file, labels)
+         labelResults.push(labelResult)
+      } catch (e) {
+         core.warning(`failed to annotate resource: ${e}`)
+      }
+   }
+   checkForErrors(labelResults, true)
 }

src/types/errorable.ts

@@ -0,0 +1,48 @@
+export interface Succeeded<T> {
+   readonly succeeded: true
+   readonly result: T
+}
+
+export interface Failed {
+   readonly succeeded: false
+   readonly error: string
+}
+
+export type Errorable<T> = Succeeded<T> | Failed
+
+export function succeeded<T>(e: Errorable<T>): e is Succeeded<T> {
+   return e.succeeded
+}
+
+export function failed<T>(e: Errorable<T>): e is Failed {
+   return !e.succeeded
+}
+
+export function map<T, U>(e: Errorable<T>, fn: (t: T) => U): Errorable<U> {
+   if (failed(e)) {
+      return {succeeded: false, error: e.error}
+   }
+   return {succeeded: true, result: fn(e.result)}
+}
+
+export function combine<T>(es: Errorable<T>[]): Errorable<T[]> {
+   const failures = es.filter(failed)
+   if (failures.length > 0) {
+      return {
+         succeeded: false,
+         error: failures.map((f) => f.error).join('\n')
+      }
+   }
+
+   return {
+      succeeded: true,
+      result: es.map((e) => (e as Succeeded<T>).result)
+   }
+}
+
+export function getErrorMessage(error: unknown) {
+   if (error instanceof Error) {
+      return error.message
+   }
+   return String(error)
+}

src/types/k8sObject.ts

@@ -2,6 +2,7 @@ export interface K8sObject {
    metadata: {
       name: string
       labels: Map<string, string>
+      namespace?: string
    }
    kind: string
    spec: any
@@ -16,6 +17,7 @@ export interface K8sServiceObject extends K8sObject {
 export interface K8sDeleteObject {
    name: string
    kind: string
+   namespace?: string
 }
 
 export interface K8sIngress extends K8sObject {

src/types/kubectl.test.ts

@@ -3,7 +3,6 @@ import * as exec from '@actions/exec'
 import * as io from '@actions/io'
 import * as core from '@actions/core'
 import * as toolCache from '@actions/tool-cache'
-import {config} from 'process'
 
 describe('Kubectl path', () => {
    const version = '1.1'
@@ -38,6 +37,7 @@ describe('Kubectl path', () => {
 const kubectlPath = 'kubectlPath'
 const testNamespace = 'testNamespace'
 const defaultNamespace = 'default'
+const otherNamespace = 'otherns'
 describe('Kubectl class', () => {
    describe('default namespace behavior', () => {
       const kubectl = new Kubectl(kubectlPath, defaultNamespace)
@@ -48,17 +48,6 @@ describe('Kubectl class', () => {
             return execReturn
          })
       })
-
-      describe('omits default namespace from commands', () => {
-         it('executes a command without appending --namespace arg', async () => {
-            // no args
-            const command = 'command'
-            expect(await kubectl.executeCommand(command)).toBe(execReturn)
-            expect(exec.getExecOutput).toBeCalledWith(kubectlPath, [command], {
-               silent: false
-            })
-         })
-      })
    })
 
    describe('with a success exec return in testNamespace', () => {
@@ -133,6 +122,26 @@ describe('Kubectl class', () => {
             ],
             {silent: false}
          )
+
+         // overrided ns
+         const silent = false
+         await kubectl.describe(
+            resourceType,
+            resourceName,
+            silent,
+            otherNamespace
+         )
+         expect(exec.getExecOutput).toBeCalledWith(
+            kubectlPath,
+            [
+               'describe',
+               resourceType,
+               resourceName,
+               '--namespace',
+               otherNamespace
+            ],
+            {silent}
+         )
       })
 
       it('describes a resource silently', async () => {
@@ -151,6 +160,26 @@ describe('Kubectl class', () => {
             ],
             {silent: true}
          )
+
+         // overrided ns
+         const silent = false
+         await kubectl.describe(
+            resourceType,
+            resourceName,
+            silent,
+            otherNamespace
+         )
+         expect(exec.getExecOutput).toBeCalledWith(
+            kubectlPath,
+            [
+               'describe',
+               resourceType,
+               resourceName,
+               '--namespace',
+               otherNamespace
+            ],
+            {silent}
+         )
       })
 
       it('annotates resource', async () => {
@@ -176,6 +205,27 @@ describe('Kubectl class', () => {
             ],
             {silent: false}
          )
+
+         // override ns
+         await kubectl.annotate(
+            resourceType,
+            resourceName,
+            annotation,
+            otherNamespace
+         )
+         expect(exec.getExecOutput).toBeCalledWith(
+            kubectlPath,
+            [
+               'annotate',
+               resourceType,
+               resourceName,
+               annotation,
+               '--overwrite',
+               '--namespace',
+               otherNamespace
+            ],
+            {silent: false}
+         )
       })
 
       it('annotates files with single file', async () => {
@@ -196,6 +246,22 @@ describe('Kubectl class', () => {
             ],
             {silent: false}
          )
+
+         // override ns
+         await kubectl.annotateFiles(file, annotation, otherNamespace)
+         expect(exec.getExecOutput).toBeCalledWith(
+            kubectlPath,
+            [
+               'annotate',
+               '-f',
+               file,
+               annotation,
+               '--overwrite',
+               '--namespace',
+               otherNamespace
+            ],
+            {silent: false}
+         )
       })
 
       it('annotates files with mulitple files', async () => {
@@ -216,6 +282,22 @@ describe('Kubectl class', () => {
             ],
             {silent: false}
          )
+
+         // override ns
+         await kubectl.annotateFiles(files, annotation, otherNamespace)
+         expect(exec.getExecOutput).toBeCalledWith(
+            kubectlPath,
+            [
+               'annotate',
+               '-f',
+               files.join(','),
+               annotation,
+               '--overwrite',
+               '--namespace',
+               otherNamespace
+            ],
+            {silent: false}
+         )
       })
 
       it('labels files with single file', async () => {
@@ -236,6 +318,21 @@ describe('Kubectl class', () => {
             ],
             {silent: false}
          )
+
+         await kubectl.labelFiles(file, labels, otherNamespace)
+         expect(exec.getExecOutput).toBeCalledWith(
+            kubectlPath,
+            [
+               'label',
+               '-f',
+               file,
+               ...labels,
+               '--overwrite',
+               '--namespace',
+               otherNamespace
+            ],
+            {silent: false}
+         )
       })
 
       it('labels files with multiple files', async () => {
@@ -256,6 +353,21 @@ describe('Kubectl class', () => {
             ],
             {silent: false}
          )
+
+         await kubectl.labelFiles(files, labels, otherNamespace)
+         expect(exec.getExecOutput).toBeCalledWith(
+            kubectlPath,
+            [
+               'label',
+               '-f',
+               files.join(','),
+               ...labels,
+               '--overwrite',
+               '--namespace',
+               otherNamespace
+            ],
+            {silent: false}
+         )
       })
 
       it('gets all pods', async () => {
@@ -284,6 +396,20 @@ describe('Kubectl class', () => {
             ],
             {silent: false}
          )
+
+         // override ns
+         await kubectl.checkRolloutStatus(resourceType, name, otherNamespace)
+         expect(exec.getExecOutput).toBeCalledWith(
+            kubectlPath,
+            [
+               'rollout',
+               'status',
+               `${resourceType}/${name}`,
+               '--namespace',
+               otherNamespace
+            ],
+            {silent: false}
+         )
       })
 
       it('gets resource', async () => {
@@ -302,6 +428,22 @@ describe('Kubectl class', () => {
             ],
             {silent: false}
          )
+
+         // override ns
+         const silent = true
+         await kubectl.getResource(resourceType, name, silent, otherNamespace)
+         expect(exec.getExecOutput).toBeCalledWith(
+            kubectlPath,
+            [
+               'get',
+               `${resourceType}/${name}`,
+               '-o',
+               'json',
+               '--namespace',
+               otherNamespace
+            ],
+            {silent}
+         )
       })
 
       it('executes a command', async () => {
@@ -332,6 +474,14 @@ describe('Kubectl class', () => {
             ['delete', arg, '--namespace', testNamespace],
             {silent: false}
          )
+
+         // override ns
+         await kubectl.delete(arg, otherNamespace)
+         expect(exec.getExecOutput).toBeCalledWith(
+            kubectlPath,
+            ['delete', arg, '--namespace', otherNamespace],
+            {silent: false}
+         )
       })
 
       it('deletes with multiple arguments', async () => {
@@ -342,6 +492,14 @@ describe('Kubectl class', () => {
             ['delete', ...args, '--namespace', testNamespace],
             {silent: false}
          )
+
+         // override ns
+         await kubectl.delete(args, otherNamespace)
+         expect(exec.getExecOutput).toBeCalledWith(
+            kubectlPath,
+            ['delete', ...args, '--namespace', otherNamespace],
+            {silent: false}
+         )
       })
    })
 
@@ -364,4 +522,27 @@ describe('Kubectl class', () => {
       const result = await kubectl.getNewReplicaSet(deployment)
       expect(result).toBe(name)
    })
+
+   it('executes with constructor flags', async () => {
+      const skipTls = true
+      const kubectl = new Kubectl(kubectlPath, testNamespace, skipTls)
+
+      jest.spyOn(exec, 'getExecOutput').mockImplementation(async () => {
+         return {exitCode: 0, stderr: '', stdout: ''}
+      })
+
+      const command = 'command'
+      kubectl.executeCommand(command)
+      expect(exec.getExecOutput).toBeCalledWith(
+         kubectlPath,
+         [command, '--insecure-skip-tls-verify', '--namespace', testNamespace],
+         {silent: false}
+      )
+
+      const kubectlNoFlags = new Kubectl(kubectlPath)
+      kubectlNoFlags.executeCommand(command)
+      expect(exec.getExecOutput).toBeCalledWith(kubectlPath, [command], {
+         silent: false
+      })
+   })
 })

src/types/kubectl.ts

@@ -3,11 +3,11 @@ import {createInlineArray} from '../utilities/arrayUtils'
 import * as core from '@actions/core'
 import * as toolCache from '@actions/tool-cache'
 import * as io from '@actions/io'
-import {exec} from 'child_process'
 
 export interface Resource {
    name: string
    type: string
+   namespace?: string
 }
 
 export class Kubectl {
@@ -20,7 +20,7 @@ export class Kubectl {
 
    constructor(
       kubectlPath: string,
-      namespace: string = 'default',
+      namespace: string = '',
       ignoreSSLErrors: boolean = false,
       resourceGroup: string = '',
       name: string = ''
@@ -47,7 +47,7 @@ export class Kubectl {
          ]
          if (force) applyArgs.push('--force')
 
-         return await this.execute(applyArgs)
+         return await this.execute(applyArgs.concat(this.getFlags()))
       } catch (err) {
          core.debug('Kubectl apply failed:' + err)
       }
@@ -56,27 +56,43 @@ export class Kubectl {
    public async describe(
       resourceType: string,
       resourceName: string,
-      silent: boolean = false
+      silent: boolean = false,
+      namespace?: string
    ): Promise<ExecOutput> {
       return await this.execute(
-         ['describe', resourceType, resourceName],
+         ['describe', resourceType, resourceName].concat(
+            this.getFlags(namespace)
+         ),
          silent
       )
    }
 
-   public async getNewReplicaSet(deployment: string) {
+   public async getNewReplicaSet(deployment: string, namespace?: string) {
-      const result = await this.describe('deployment', deployment, true)
+      const result = await this.describe(
+         'deployment',
+         deployment,
+         true,
+         namespace
+      )
 
       let newReplicaSet = ''
       if (result?.stdout) {
          const stdout = result.stdout.split('\n')
+         core.debug('stdout from getNewReplicaSet is ' + JSON.stringify(stdout))
          stdout.forEach((line: string) => {
             const newreplicaset = 'newreplicaset'
-            if (line && line.toLowerCase().indexOf(newreplicaset) > -1)
+            if (line && line.toLowerCase().indexOf(newreplicaset) > -1) {
+               core.debug(
+                  `found string of interest for replicaset, line is ${line}`
+               )
+               core.debug(
+                  `substring is ${line.substring(newreplicaset.length).trim()}`
+               )
                newReplicaSet = line
                   .substring(newreplicaset.length)
                   .trim()
                   .split(' ')[0]
+            }
          })
       }
 
@@ -86,7 +102,8 @@ export class Kubectl {
    public async annotate(
       resourceType: string,
       resourceName: string,
-      annotation: string
+      annotation: string,
+      namespace?: string
    ): Promise<ExecOutput> {
       const args = [
          'annotate',
@@ -94,27 +111,31 @@ export class Kubectl {
          resourceName,
          annotation,
          '--overwrite'
-      ]
+      ].concat(this.getFlags(namespace))
       return await this.execute(args)
    }
 
    public async annotateFiles(
       files: string | string[],
-      annotation: string
+      annotation: string,
+      namespace?: string
    ): Promise<ExecOutput> {
+      const filesToAnnotate = createInlineArray(files)
+      core.debug(`annotating ${filesToAnnotate} with annotation ${annotation}`)
       const args = [
          'annotate',
          '-f',
-         createInlineArray(files),
+         filesToAnnotate,
          annotation,
          '--overwrite'
-      ]
+      ].concat(this.getFlags(namespace))
       return await this.execute(args)
    }
 
    public async labelFiles(
       files: string | string[],
-      labels: string[]
+      labels: string[],
+      namespace?: string
    ): Promise<ExecOutput> {
       const args = [
          'label',
@@ -122,62 +143,79 @@ export class Kubectl {
          createInlineArray(files),
          ...labels,
          '--overwrite'
-      ]
+      ].concat(this.getFlags(namespace))
       return await this.execute(args)
    }
 
    public async getAllPods(): Promise<ExecOutput> {
-      return await this.execute(['get', 'pods', '-o', 'json'], true)
+      return await this.execute(
+         ['get', 'pods', '-o', 'json'].concat(this.getFlags()),
+         true
+      )
    }
 
    public async checkRolloutStatus(
       resourceType: string,
-      name: string
+      name: string,
+      namespace?: string
    ): Promise<ExecOutput> {
-      return await this.execute([
+      return await this.execute(
-         'rollout',
+         ['rollout', 'status', `${resourceType}/${name}`].concat(
-         'status',
+            this.getFlags(namespace)
-         `${resourceType}/${name}`
+         )
-      ])
+      )
    }
 
    public async getResource(
       resourceType: string,
       name: string,
-      silentFailure: boolean = false
+      silentFailure: boolean = false,
+      namespace?: string
    ): Promise<ExecOutput> {
       core.debug(
          'fetching resource of type ' + resourceType + ' and name ' + name
       )
       return await this.execute(
-         ['get', `${resourceType}/${name}`, '-o', 'json'],
+         ['get', `${resourceType}/${name}`, '-o', 'json'].concat(
+            this.getFlags(namespace)
+         ),
          silentFailure
       )
    }
 
    public executeCommand(command: string, args?: string) {
       if (!command) throw new Error('Command must be defined')
-      return args ? this.execute([command, args]) : this.execute([command])
+      const a = args ? [args] : []
+      return this.execute([command, ...a.concat(this.getFlags())])
    }
 
-   public delete(args: string | string[]) {
+   public delete(args: string | string[], namespace?: string) {
-      if (typeof args === 'string') return this.execute(['delete', args])
+      if (typeof args === 'string')
-      return this.execute(['delete', ...args])
+         return this.execute(['delete', args].concat(this.getFlags(namespace)))
+      return this.execute(['delete', ...args.concat(this.getFlags(namespace))])
    }
 
    protected async execute(args: string[], silent: boolean = false) {
-      if (this.ignoreSSLErrors) {
-         args.push('--insecure-skip-tls-verify')
-      }
-      if (this.namespace && this.namespace != 'default') {
-         args = args.concat(['--namespace', this.namespace])
-      }
       core.debug(`Kubectl run with command: ${this.kubectlPath} ${args}`)
 
       return await getExecOutput(this.kubectlPath, args, {
          silent
       })
    }
+
+   protected getFlags(namespaceOverride?: string): string[] {
+      const flags = []
+      if (this.ignoreSSLErrors) {
+         flags.push('--insecure-skip-tls-verify')
+      }
+
+      const ns = namespaceOverride || this.namespace
+      if (ns) {
+         flags.push('--namespace', ns)
+      }
+
+      return flags
+   }
 }
 
 export async function getKubectlPath() {

src/types/privatekubectl.test.ts

@@ -0,0 +1,32 @@
+import {PrivateKubectl} from './privatekubectl'
+import * as exec from '@actions/exec'
+
+describe('Private kubectl', () => {
+   const testString = `kubectl annotate -f test.yml,test2.yml,test3.yml -f test4.yml --filename test5.yml actions.github.com/k8s-deploy={"run":"3498366832","repository":"jaiveerk/k8s-deploy","workflow":"Minikube Integration Tests - private cluster","workflowFileName":"run-integration-tests-private.yml","jobName":"run-integration-test","createdBy":"jaiveerk","runUri":"https://github.com/jaiveerk/k8s-deploy/actions/runs/3498366832","commit":"c63b323186ea1320a31290de6dcc094c06385e75","lastSuccessRunCommit":"NA","branch":"refs/heads/main","deployTimestamp":1668787848577,"dockerfilePaths":{"nginx:1.14.2":""},"manifestsPaths":["https://github.com/jaiveerk/k8s-deploy/blob/c63b323186ea1320a31290de6dcc094c06385e75/test/integration/manifests/test.yml"],"helmChartPaths":[],"provider":"GitHub"} --overwrite --namespace test-3498366832`
+   const mockKube = new PrivateKubectl(
+      'kubectlPath',
+      'namespace',
+      true,
+      'resourceGroup',
+      'resourceName'
+   )
+
+   it('should extract filenames correctly', () => {
+      expect(mockKube.extractFilesnames(testString)).toEqual(
+         'test.yml test2.yml test3.yml test4.yml test5.yml'
+      )
+   })
+
+   test('Should throw well defined Error on error from Azure', async () => {
+      const errorMsg = 'An error message'
+      jest.spyOn(exec, 'getExecOutput').mockImplementation(async () => {
+         return {exitCode: 1, stdout: '', stderr: errorMsg}
+      })
+
+      await expect(mockKube.executeCommand('az', 'test')).rejects.toThrow(
+         Error(
+            `Call to private cluster failed. Command: 'kubectl az test --insecure-skip-tls-verify --namespace namespace', errormessage: ${errorMsg}`
+         )
+      )
+   })
+})

src/types/privatekubectl.ts

@@ -1,4 +1,5 @@
 import {Kubectl} from './kubectl'
+import * as minimist from 'minimist'
 import {ExecOptions, ExecOutput, getExecOutput} from '@actions/exec'
 import * as core from '@actions/core'
 import * as os from 'os'
@@ -10,7 +11,11 @@ export class PrivateKubectl extends Kubectl {
       args.unshift('kubectl')
       let kubectlCmd = args.join(' ')
       let addFileFlag = false
-      let eo = <ExecOptions>{silent}
+      let eo = <ExecOptions>{
+         silent: true,
+         failOnStdErr: false,
+         ignoreReturnCode: true
+      }
 
       if (this.containsFilenames(kubectlCmd)) {
          // For private clusters, files will referenced solely by their basename
@@ -18,6 +23,13 @@ export class PrivateKubectl extends Kubectl {
          addFileFlag = true
       }
 
+      if (this.resourceGroup === '') {
+         throw Error('Resource group must be specified for private cluster')
+      }
+      if (this.name === '') {
+         throw Error('Cluster name must be specified for private cluster')
+      }
+
       const privateClusterArgs = [
          'aks',
          'command',
@@ -27,7 +39,7 @@ export class PrivateKubectl extends Kubectl {
          '--name',
          this.name,
          '--command',
-         kubectlCmd
+         `${kubectlCmd}`
       ]
 
       if (addFileFlag) {
@@ -52,7 +64,35 @@ export class PrivateKubectl extends Kubectl {
       core.debug(
          `private cluster Kubectl run with invoke command: ${kubectlCmd}`
       )
-      return await getExecOutput('az', privateClusterArgs, eo)
+
+      const allArgs = [...privateClusterArgs, '-o', 'json']
+      core.debug(`full form of az command: az ${allArgs.join(' ')}`)
+      const runOutput = await getExecOutput('az', allArgs, eo)
+      core.debug(
+         `from kubectl private cluster command got run output ${JSON.stringify(
+            runOutput
+         )}`
+      )
+
+      if (runOutput.exitCode !== 0) {
+         throw Error(
+            `Call to private cluster failed. Command: '${kubectlCmd}', errormessage: ${runOutput.stderr}`
+         )
+      }
+
+      const runObj: {logs: string; exitCode: number} = JSON.parse(
+         runOutput.stdout
+      )
+      if (!silent) core.info(runObj.logs)
+      if (runObj.exitCode !== 0) {
+         throw Error(`failed private cluster Kubectl command: ${kubectlCmd}`)
+      }
+
+      return {
+         exitCode: runObj.exitCode,
+         stdout: runObj.logs,
+         stderr: ''
+      } as ExecOutput
    }
 
    private replaceFilnamesWithBasenames(kubectlCmd: string) {
@@ -71,23 +111,31 @@ export class PrivateKubectl extends Kubectl {
    }
 
    public extractFilesnames(strToParse: string) {
-      let start = strToParse.indexOf('-filename')
+      const fileNames: string[] = []
-      let offset = 7
+      const argv = minimist(strToParse.split(' '))
+      const fArg = 'f'
+      const filenameArg = 'filename'
 
-      if (start == -1) {
+      fileNames.push(...this.extractFilesFromMinimist(argv, fArg))
-         start = strToParse.indexOf('-f')
+      fileNames.push(...this.extractFilesFromMinimist(argv, filenameArg))
 
-         if (start == -1) {
+      return fileNames.join(' ')
-            return ''
-         }
-         offset = 0
    }
 
-      let temp = strToParse.substring(start + offset)
+   private extractFilesFromMinimist(argv, arg: string): string[] {
-      let end = temp.indexOf(' -')
+      if (!argv[arg]) {
+         return []
+      }
+      const toReturn: string[] = []
+      if (typeof argv[arg] === 'string') {
+         toReturn.push(...argv[arg].split(','))
+      } else {
+         for (const value of argv[arg] as string[]) {
+            toReturn.push(...value.split(','))
+         }
+      }
 
-      //End could be case where the -f flag was last, or -f is followed by some additonal flag and it's arguments
+      return toReturn
-      return temp.substring(3, end == -1 ? temp.length : end).trim()
    }
 
    private containsFilenames(str: string) {

src/utilities/fileUtils.test.ts

@@ -1,11 +1,45 @@
-import {getFilesFromDirectories} from './fileUtils'
+import {
+   getFilesFromDirectoriesAndURLs,
+   getTempDirectory,
+   urlFileKind,
+   writeYamlFromURLToFile
+} from './fileUtils'
 
+import * as yaml from 'js-yaml'
+import * as fs from 'fs'
 import * as path from 'path'
+import {succeeded} from '../types/errorable'
 
+const sampleYamlUrl =
+   'https://raw.githubusercontent.com/kubernetes/website/main/content/en/examples/controllers/nginx-deployment.yaml'
 describe('File utils', () => {
-   it('detects files in nested directories and ignores non-manifest files and empty dirs', () => {
+   test('correctly parses a yaml file from a URL', async () => {
+      const tempFile = await writeYamlFromURLToFile(sampleYamlUrl, 0)
+      const fileContents = fs.readFileSync(tempFile).toString()
+      const inputObjects = yaml.safeLoadAll(fileContents)
+      expect(inputObjects).toHaveLength(1)
+
+      for (const obj of inputObjects) {
+         expect(obj.metadata.name).toBe('nginx-deployment')
+         expect(obj.kind).toBe('Deployment')
+      }
+   })
+
+   it('fails when a bad URL is given among other files', async () => {
+      const badUrl = 'https://www.github.com'
+
       const testPath = path.join('test', 'unit', 'manifests')
-      const testSearch: string[] = getFilesFromDirectories([testPath])
+      await expect(
+         getFilesFromDirectoriesAndURLs([testPath, badUrl])
+      ).rejects.toThrow()
+   })
+
+   it('detects files in nested directories and ignores non-manifest files and empty dirs', async () => {
+      const testPath = path.join('test', 'unit', 'manifests')
+      const testSearch: string[] = await getFilesFromDirectoriesAndURLs([
+         testPath,
+         sampleYamlUrl
+      ])
 
       const expectedManifests = [
          'test/unit/manifests/manifest_test_dir/another_layer/deep-ingress.yaml',
@@ -17,13 +51,18 @@ describe('File utils', () => {
       ]
 
       // is there a more efficient way to test equality w random order?
-      expect(testSearch).toHaveLength(7)
+      expect(testSearch).toHaveLength(8)
       expectedManifests.forEach((fileName) => {
+         if (fileName.startsWith('test/unit')) {
             expect(testSearch).toContain(fileName)
+         } else {
+            expect(fileName.includes(urlFileKind)).toBe(true)
+            expect(fileName.startsWith(getTempDirectory()))
+         }
       })
    })
 
-   it('crashes when an invalid file is provided', () => {
+   it('crashes when an invalid file is provided', async () => {
       const badPath = path.join('test', 'unit', 'manifests', 'nonexistent.yaml')
       const goodPath = path.join(
          'test',
@@ -32,12 +71,12 @@ describe('File utils', () => {
          'manifest_test_dir'
       )
 
-      expect(() => {
+      expect(
-         getFilesFromDirectories([badPath, goodPath])
+         getFilesFromDirectoriesAndURLs([badPath, goodPath])
-      }).toThrowError()
+      ).rejects.toThrowError()
    })
 
-   it("doesn't duplicate files when nested dir included", () => {
+   it("doesn't duplicate files when nested dir included", async () => {
       const outerPath = path.join('test', 'unit', 'manifests')
       const fileAtOuter = path.join(
          'test',
@@ -53,11 +92,16 @@ describe('File utils', () => {
       )
 
       expect(
-         getFilesFromDirectories([outerPath, fileAtOuter, innerPath])
+         await getFilesFromDirectoriesAndURLs([
+            outerPath,
+            fileAtOuter,
+            innerPath
+         ])
       ).toHaveLength(7)
    })
-})
 
-// files that don't exist / nested files that don't exist / something else with non-manifest
+   it('throws an error for an invalid URL', async () => {
-// lots of combinations of pointing to a directory and non yaml/yaml file
+      const badUrl = 'https://www.github.com'
-// similarly named files in different folders
+      await expect(writeYamlFromURLToFile(badUrl, 0)).rejects.toBeTruthy()
+   })
+})

src/utilities/fileUtils.ts

@@ -1,8 +1,15 @@
 import * as fs from 'fs'
+import * as https from 'https'
 import * as path from 'path'
 import * as core from '@actions/core'
 import * as os from 'os'
+import * as yaml from 'js-yaml'
+import {Errorable, succeeded, failed, Failed} from '../types/errorable'
 import {getCurrentTime} from './timeUtils'
+import {isHttpUrl} from './githubUtils'
+import {K8sObject} from '../types/k8sObject'
+
+export const urlFileKind = 'urlfile'
 
 export function getTempDirectory(): string {
    return process.env['runner.tempDirectory'] || os.tmpdir()
@@ -62,12 +69,27 @@ function getManifestFileName(kind: string, name: string) {
    return path.join(tempDirectory, path.basename(filePath))
 }
 
-export function getFilesFromDirectories(filePaths: string[]): string[] {
+export async function getFilesFromDirectoriesAndURLs(
+   filePaths: string[]
+): Promise<string[]> {
    const fullPathSet: Set<string> = new Set<string>()
 
-   filePaths.forEach((fileName) => {
+   let fileCounter = 0
+   for (const fileName of filePaths) {
       try {
-         if (fs.lstatSync(fileName).isDirectory()) {
+         if (isHttpUrl(fileName)) {
+            try {
+               const tempFilePath: string = await writeYamlFromURLToFile(
+                  fileName,
+                  fileCounter++
+               )
+               fullPathSet.add(tempFilePath)
+            } catch (e) {
+               throw Error(
+                  `encountered error trying to pull YAML from URL ${fileName}: ${e}`
+               )
+            }
+         } else if (fs.lstatSync(fileName).isDirectory()) {
             recurisveManifestGetter(fileName).forEach((file) => {
                fullPathSet.add(file)
             })
@@ -86,9 +108,86 @@ export function getFilesFromDirectories(filePaths: string[]): string[] {
             `Exception occurred while reading the file ${fileName}: ${ex}`
          )
       }
+   }
+
+   const arr = Array.from(fullPathSet)
+   return arr
+}
+
+export async function writeYamlFromURLToFile(
+   url: string,
+   fileNumber: number
+): Promise<string> {
+   return new Promise((resolve, reject) => {
+      https
+         .get(url, async (response) => {
+            const code = response.statusCode ?? 0
+            if (code >= 400) {
+               reject(
+                  Error(
+                     `received response status ${response.statusMessage} from url ${url}`
+                  )
+               )
+            }
+
+            const targetPath = getManifestFileName(
+               urlFileKind,
+               fileNumber.toString()
+            )
+            // save the file to disk
+            const fileWriter = fs
+               .createWriteStream(targetPath)
+               .on('finish', () => {
+                  const verification = verifyYaml(targetPath, url)
+                  if (succeeded(verification)) {
+                     core.debug(
+                        `outputting YAML contents from ${url} to ${targetPath}: ${JSON.stringify(
+                           verification.result
+                        )}`
+                     )
+                     resolve(targetPath)
+                  } else {
+                     reject(verification.error)
+                  }
                })
 
-   return Array.from(fullPathSet)
+            response.pipe(fileWriter)
+         })
+         .on('error', (error) => {
+            reject(error)
+         })
+   })
+}
+
+function verifyYaml(filepath: string, url: string): Errorable<K8sObject[]> {
+   const fileContents = fs.readFileSync(filepath).toString()
+   let inputObjects
+   try {
+      inputObjects = yaml.safeLoadAll(fileContents)
+   } catch (e) {
+      return {
+         succeeded: false,
+         error: `failed to parse manifest from url ${url}: ${e}`
+      }
+   }
+
+   if (!inputObjects || inputObjects.length == 0) {
+      return {
+         succeeded: false,
+         error: `failed to parse manifest from url ${url}: no objects detected in manifest`
+      }
+   }
+
+   for (const obj of inputObjects) {
+      if (!obj.kind || !obj.apiVersion || !obj.metadata) {
+         return {
+            succeeded: false,
+            error: `failed to parse manifest from ${url}: missing fields`
+         }
+      }
+   }
+
+   return {succeeded: true, result: inputObjects}
 }
 
 function recurisveManifestGetter(dirName: string): string[] {

src/utilities/kubectlUtils.ts

@@ -2,6 +2,8 @@ import * as core from '@actions/core'
 import {ExecOutput} from '@actions/exec'
 import {Kubectl} from '../types/kubectl'
 
+const NAMESPACE = 'namespace'
+
 export function checkForErrors(
    execResults: ExecOutput[],
    warnIfError?: boolean
@@ -30,7 +32,12 @@ export async function getLastSuccessfulRunSha(
    annotationKey: string
 ): Promise<string> {
    try {
-      const result = await kubectl.getResource('namespace', namespaceName)
+      const result = await kubectl.getResource(
+         NAMESPACE,
+         namespaceName,
+         false,
+         namespaceName
+      )
       if (result?.stderr) {
          core.warning(result.stderr)
          return process.env.GITHUB_SHA
@@ -53,12 +60,13 @@ export async function annotateChildPods(
    kubectl: Kubectl,
    resourceType: string,
    resourceName: string,
+   namespace: string | undefined,
    annotationKeyValStr: string,
    allPods
 ): Promise<ExecOutput[]> {
    let owner = resourceName
    if (resourceType.toLowerCase().indexOf('deployment') > -1) {
-      owner = await kubectl.getNewReplicaSet(resourceName)
+      owner = await kubectl.getNewReplicaSet(resourceName, namespace)
    }
 
    const commandExecutionResults = []
@@ -72,7 +80,8 @@ export async function annotateChildPods(
                      kubectl.annotate(
                         'pod',
                         pod.metadata.name,
-                        annotationKeyValStr
+                        annotationKeyValStr,
+                        namespace
                      )
                   )
                   break

src/utilities/manifestStabilityUtils.ts

@@ -4,6 +4,9 @@ import {Kubectl, Resource} from '../types/kubectl'
 import {checkForErrors} from './kubectlUtils'
 import {sleep} from './timeUtils'
 
+const IS_SILENT = false
+const POD = 'pod'
+
 export async function checkManifestStability(
    kubectl: Kubectl,
    resources: Resource[]
@@ -20,24 +23,35 @@ export async function checkManifestStability(
          try {
             const result = await kubectl.checkRolloutStatus(
                resource.type,
-               resource.name
+               resource.name,
+               resource.namespace
             )
             checkForErrors([result])
          } catch (ex) {
             core.error(ex)
-            await kubectl.describe(resource.type, resource.name)
+            await kubectl.describe(
+               resource.type,
+               resource.name,
+               IS_SILENT,
+               resource.namespace
+            )
             rolloutStatusHasErrors = true
          }
       }
 
       if (resource.type == KubernetesConstants.KubernetesWorkload.POD) {
          try {
-            await checkPodStatus(kubectl, resource.name)
+            await checkPodStatus(kubectl, resource)
          } catch (ex) {
             core.warning(
                `Could not determine pod status: ${JSON.stringify(ex)}`
             )
-            await kubectl.describe(resource.type, resource.name)
+            await kubectl.describe(
+               resource.type,
+               resource.name,
+               IS_SILENT,
+               resource.namespace
+            )
          }
       }
       if (
@@ -45,14 +59,11 @@ export async function checkManifestStability(
          KubernetesConstants.DiscoveryAndLoadBalancerResource.SERVICE
       ) {
          try {
-            const service = await getService(kubectl, resource.name)
+            const service = await getService(kubectl, resource)
             const {spec, status} = service
             if (spec.type === KubernetesConstants.ServiceTypes.LOAD_BALANCER) {
                if (!isLoadBalancerIPAssigned(status)) {
-                  await waitForServiceExternalIPAssignment(
+                  await waitForServiceExternalIPAssignment(kubectl, resource)
-                     kubectl,
-                     resource.name
-                  )
                } else {
                   core.info(
                      `ServiceExternalIP ${resource.name} ${status.loadBalancer.ingress[0].ip}`
@@ -63,7 +74,12 @@ export async function checkManifestStability(
             core.warning(
                `Could not determine service status of: ${resource.name} Error: ${ex}`
             )
-            await kubectl.describe(resource.type, resource.name)
+            await kubectl.describe(
+               resource.type,
+               resource.name,
+               IS_SILENT,
+               resource.namespace
+            )
          }
       }
    }
@@ -75,7 +91,7 @@ export async function checkManifestStability(
 
 export async function checkPodStatus(
    kubectl: Kubectl,
-   podName: string
+   pod: Resource
 ): Promise<void> {
    const sleepTimeout = 10 * 1000 // 10 seconds
    const iterations = 60 // 60 * 10 seconds timeout = 10 minutes max timeout
@@ -85,8 +101,8 @@ export async function checkPodStatus(
    for (let i = 0; i < iterations; i++) {
       await sleep(sleepTimeout)
 
-      core.debug(`Polling for pod status: ${podName}`)
+      core.debug(`Polling for pod status: ${pod.name}`)
-      podStatus = await getPodStatus(kubectl, podName)
+      podStatus = await getPodStatus(kubectl, pod)
 
       if (
          podStatus &&
@@ -97,37 +113,42 @@ export async function checkPodStatus(
       }
    }
 
-   podStatus = await getPodStatus(kubectl, podName)
+   podStatus = await getPodStatus(kubectl, pod)
    switch (podStatus.phase) {
       case 'Succeeded':
       case 'Running':
          if (isPodReady(podStatus)) {
-            console.log(`pod/${podName} is successfully rolled out`)
+            console.log(`pod/${pod.name} is successfully rolled out`)
          } else {
             kubectlDescribeNeeded = true
          }
          break
       case 'Pending':
          if (!isPodReady(podStatus)) {
-            core.warning(`pod/${podName} rollout status check timed out`)
+            core.warning(`pod/${pod.name} rollout status check timed out`)
             kubectlDescribeNeeded = true
          }
          break
       case 'Failed':
-         core.error(`pod/${podName} rollout failed`)
+         core.error(`pod/${pod.name} rollout failed`)
          kubectlDescribeNeeded = true
          break
       default:
-         core.warning(`pod/${podName} rollout status: ${podStatus.phase}`)
+         core.warning(`pod/${pod.name} rollout status: ${podStatus.phase}`)
    }
 
    if (kubectlDescribeNeeded) {
-      await kubectl.describe('pod', podName)
+      await kubectl.describe(POD, pod.name, IS_SILENT, pod.namespace)
    }
 }
 
-async function getPodStatus(kubectl: Kubectl, podName: string) {
+async function getPodStatus(kubectl: Kubectl, pod: Resource) {
-   const podResult = await kubectl.getResource('pod', podName)
+   const podResult = await kubectl.getResource(
+      POD,
+      pod.name,
+      IS_SILENT,
+      pod.namespace
+   )
    checkForErrors([podResult])
 
    return JSON.parse(podResult.stdout).status
@@ -151,10 +172,12 @@ function isPodReady(podStatus: any): boolean {
    return allContainersAreReady
 }
 
-async function getService(kubectl: Kubectl, serviceName) {
+async function getService(kubectl: Kubectl, service: Resource) {
    const serviceResult = await kubectl.getResource(
       KubernetesConstants.DiscoveryAndLoadBalancerResource.SERVICE,
-      serviceName
+      service.name,
+      IS_SILENT,
+      service.namespace
    )
 
    checkForErrors([serviceResult])
@@ -163,25 +186,25 @@ async function getService(kubectl: Kubectl, serviceName) {
 
 async function waitForServiceExternalIPAssignment(
    kubectl: Kubectl,
-   serviceName: string
+   service: Resource
 ): Promise<void> {
    const sleepTimeout = 10 * 1000 // 10 seconds
    const iterations = 18 // 18 * 10 seconds timeout = 3 minutes max timeout
 
    for (let i = 0; i < iterations; i++) {
-      core.info(`Wait for service ip assignment : ${serviceName}`)
+      core.info(`Wait for service ip assignment : ${service.name}`)
       await sleep(sleepTimeout)
 
-      const status = (await getService(kubectl, serviceName)).status
+      const status = (await getService(kubectl, service)).status
       if (isLoadBalancerIPAssigned(status)) {
          core.info(
-            `ServiceExternalIP ${serviceName} ${status.loadBalancer.ingress[0].ip}`
+            `ServiceExternalIP ${service.name} ${status.loadBalancer.ingress[0].ip}`
          )
          return
       }
    }
 
-   core.warning(`Wait for service ip assignment timed out${serviceName}`)
+   core.warning(`Wait for service ip assignment timed out ${service.name}`)
 }
 
 function isLoadBalancerIPAssigned(status: any) {

src/utilities/manifestUpdateUtils.ts

@@ -280,7 +280,8 @@ export function getResources(
          ) {
             resources.push({
                type: inputObject.kind,
-               name: inputObject.metadata.name
+               name: inputObject.metadata.name,
+               namespace: inputObject?.metadata?.namespace
             })
          }
       })

src/utilities/workflowAnnotationUtils.test.ts

@@ -1,4 +1,8 @@
-import {cleanLabel} from '../utilities/workflowAnnotationUtils'
+import {
+   cleanLabel,
+   removeInvalidLabelCharacters,
+   VALID_LABEL_REGEX
+} from '../utilities/workflowAnnotationUtils'
 
 describe('WorkflowAnnotationUtils', () => {
    describe('cleanLabel', () => {
@@ -16,5 +20,14 @@ describe('WorkflowAnnotationUtils', () => {
             cleanLabel('Workflow Name / With Slashes / And Spaces')
          ).toEqual('Workflow_Name_-_With_Slashes_-_And_Spaces')
       })
+      it('should return a blank string when regex fails (https://github.com/Azure/k8s-deploy/issues/266)', () => {
+         const label = '持续部署'
+         expect(cleanLabel(label)).toEqual('github-workflow-file')
+
+         let removedInvalidChars = removeInvalidLabelCharacters(label)
+
+         const regexResult = VALID_LABEL_REGEX.exec(removedInvalidChars)
+         expect(regexResult).toBe(null)
+      })
    })
 })

src/utilities/workflowAnnotationUtils.ts

@@ -2,6 +2,8 @@ import {DeploymentConfig} from '../types/deploymentConfig'
 
 const ANNOTATION_PREFIX = 'actions.github.com'
 
+export const VALID_LABEL_REGEX = /([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9]/
+
 export function getWorkflowAnnotations(
    lastSuccessRunSha: string,
    workflowFilePath: string,
@@ -37,11 +39,17 @@ export function getWorkflowAnnotationKeyLabel(): string {
  * @returns cleaned label
  */
 export function cleanLabel(label: string): string {
-   let removedInvalidChars = label
+   let removedInvalidChars = removeInvalidLabelCharacters(label)
+
+   const regexResult = VALID_LABEL_REGEX.exec(removedInvalidChars) || [
+      'github-workflow-file'
+   ]
+   return regexResult[0]
+}
+
+export function removeInvalidLabelCharacters(label: string): string {
+   return label
       .replace(/\s/gi, '_')
       .replace(/[\/\\\|]/gi, '-')
       .replace(/[^-A-Za-z0-9_.]/gi, '')
-
-   const regex = /([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9]/
-   return regex.exec(removedInvalidChars)[0] || ''
 }

test/integration/k8s-deploy-delete.py

@@ -1,12 +1,29 @@
-import subprocess, sys
+import subprocess
+import sys
 
-kind = sys.argv[1]
-name = sys.argv[2]
-namespace = 'test-' + sys.argv[3]
 
-try:
+def delete(kind, name, namespace):
-  print('kubectl delete ' + kind + ' ' + name + ' -n ' + namespace)
+    try:
-  deletion = subprocess.Popen(['kubectl', 'delete', kind, name, '--namespace', namespace])
+        if (name == "all"):
+            print('kubectl delete --all' + kind + ' -n ' + namespace)
+            deletion = subprocess.Popen(
+                ['kubectl', 'delete', kind, name, '--namespace', namespace])
             result, err = deletion.communicate()
-except Exception as ex:
+        else:
+            print('kubectl delete ' + kind + ' ' + name + ' -n ' + namespace)
+            deletion = subprocess.Popen(
+                ['kubectl', 'delete', kind, name, '--namespace', namespace])
+            result, err = deletion.communicate()
+    except Exception as ex:
         print('Error occured during deletion', ex)
+
+
+def main():
+    kind = sys.argv[1]
+    name = sys.argv[2]
+    namespace = 'test-' + sys.argv[3]
+    delete(kind, name, namespace)
+
+
+if __name__ == "__main__":
+    sys.exit(main())

test/integration/k8s-deploy-test.py

@@ -1,33 +1,252 @@
-import os, sys, json 
+from operator import truediv
+import os
+import sys
+import json
+from unicodedata import name
 
-RESULT = 'false'
+# This integration test is used to confirm that k8s resources of a specified name, type, and configuration have been deployed.
-k8_object = None
+# Expected configurations are fed into the python script as command-line arguments and are compared to the configuration of resources that have been deployed.
-kind = sys.argv[1]
-name = sys.argv[2]
-color = sys.argv[3]
-namespace = 'test-' + sys.argv[4]
 
-print('kubectl get '+kind+' '+name+' -n '+namespace+' -o json')
+# args will be formatted like labels=testkey:testValue,otherKey=otherValue
+# or for singular ones, just with containerName=container
 
-try:
-  k8_object = json.load(os.popen('kubectl get '+kind+' '+name+' -n '+namespace+' -o json'))
-except:
-  sys.exit(kind+' '+name+' not created')
 
-try:
+kindKey = "kind"
-  if kind == 'Deployment' and k8_object['spec']['selector']['matchLabels']['k8s.deploy.color'] == str(color):
+nameKey = "name"
-    RESULT = 'true'
+containerKey = "containerName"
-  if kind == 'Service' and k8_object['spec']['selector']['k8s.deploy.color'] == str(color):
+labelsKey = "labels"
-    RESULT = 'true'
+annotationsKey = "annotations"
+selectorLabelsKey = "selectorLabels"
+namespaceKey = "namespace"
+ingressServicesKey = "ingressServices"
+tsServicesKey = "tsServices"
+privateKey = "private"
+
+
+def parseArgs(sysArgs):
+    argsDict = stringListToDict(sysArgs, "=")
+
+    # mandatory parameters
+    if not kindKey in argsDict:
+        raise ValueError(f"missing key: {kindKey}")
+
+    if not nameKey in argsDict:
+        raise ValueError(f"missing key: {nameKey}")
+
+    if not namespaceKey in argsDict:
+        raise ValueError(f"missing key: {namespaceKey}")
+
+    # reformat map-like parameters (eg, paramName=key1:value1,key2:value2)
+    if labelsKey in argsDict:
+        argsDict[labelsKey] = stringListToDict(
+            argsDict[labelsKey].split(","), ":")
+
+    if annotationsKey in argsDict:
+        argsDict[annotationsKey] = stringListToDict(
+            argsDict[annotationsKey].split(","), ":")
+
+    if selectorLabelsKey in argsDict:
+        argsDict[selectorLabelsKey] = stringListToDict(
+            argsDict[selectorLabelsKey].split(","), ":")
+
+    if tsServicesKey in argsDict:
+        argsDict[tsServicesKey] = stringListToDict(
+            argsDict[tsServicesKey].split(","), ":")
+
+        for key in argsDict[tsServicesKey]:
+            argsDict[tsServicesKey][key] = int(argsDict[tsServicesKey][key])
+
+    # reformat list-like parameters (eg, paramName=value1,value2,value3)
+    if ingressServicesKey in argsDict:
+        argsDict[ingressServicesKey] = argsDict[ingressServicesKey].split(",")
+
+    return argsDict
+
+
+def stringListToDict(args: list[str], separator: str):
+    parsedArgs = {}
+    for arg in args:
+        print(f"parsing arg {arg}")
+        argSplit = arg.split(separator)
+        parsedArgs[argSplit[0]] = argSplit[1]
+
+    return parsedArgs
+
+
+def verifyDeployment(deployment, parsedArgs):
+    # test container image, labels, annotations, selector labels
+    if not containerKey in parsedArgs:
+        raise ValueError(
+            f"expected container image name not provided to inspect deployment {parsedArgs[nameKey]}")
+
+    actualImageName = deployment['spec']['template']['spec']['containers'][0]['image']
+    if not actualImageName == parsedArgs[containerKey]:
+        return False, f"expected container image name {parsedArgs[containerKey]} but got {actualImageName} instead"
+
+    if not selectorLabelsKey in parsedArgs:
+        raise ValueError(
+            f"expected selector labels not provided to inspect deployment {parsedArgs[nameKey]}")
+    dictMatch, msg = compareDicts(
+        deployment['spec']['selector']['matchLabels'], parsedArgs[selectorLabelsKey], selectorLabelsKey)
+    if not dictMatch:
+        return dictMatch, msg
+
+    if labelsKey in parsedArgs:
+        dictMatch, msg = compareDicts(
+            deployment['metadata']['labels'], parsedArgs[labelsKey], labelsKey)
+        if not dictMatch:
+            return dictMatch, msg
+
+    if annotationsKey in parsedArgs:
+        dictMatch, msg = compareDicts(
+            deployment['metadata']['annotations'], parsedArgs[annotationsKey], annotationsKey)
+        if not dictMatch:
+            return dictMatch, msg
+
+    return True, ""
+
+
+def verifyService(service, parsedArgs):
+    # test selector labels, labels, annotations
+    if not selectorLabelsKey in parsedArgs:
+        raise ValueError(
+            f"expected selector labels not provided to inspect service {parsedArgs[nameKey]}")
+    dictMatch, msg = compareDicts(
+        service['spec']['selector'], parsedArgs[selectorLabelsKey], selectorLabelsKey)
+    if not dictMatch:
+        return dictMatch, msg
+
+    if labelsKey in parsedArgs:
+        print(f" service is {service}")
+        dictMatch, msg = compareDicts(
+            service['metadata']['labels'], parsedArgs[labelsKey], labelsKey)
+        if not dictMatch:
+            return dictMatch, msg
+
+    if annotationsKey in parsedArgs:
+        dictMatch, msg = compareDicts(
+            service['metadata']['annotations'], parsedArgs[annotationsKey], annotationsKey)
+        if not dictMatch:
+            return dictMatch, msg
+
+    return True, ""
+
+
+def verifyIngress(ingress, parsedArgs):
+    # test services in paths
+    if not ingressServicesKey in parsedArgs:
+        raise ValueError(
+            f"expected services not provided to inspect ingress {parsedArgs[nameKey]}")
+
+    expectedIngresses = parsedArgs[ingressServicesKey]
+    for i in range(len(ingress['spec']['rules'][0]['http']['paths'])):
+        print(
+            f"service obj is {ingress['spec']['rules'][0]['http']['paths'][i]}")
+        svcName = ingress['spec']['rules'][0]['http']['paths'][i]['backend']['service']['name']
+        if svcName != expectedIngresses[i]:
+            return False, f"for ingress {parsedArgs[nameKey]} expected svc name {expectedIngresses[i]} at position {i} but got {svcName}"
+
+    return True, ""
+
+
+def verifyTSObject(tsObj, parsedArgs):
+    if not tsServicesKey in parsedArgs:
+        raise ValueError(
+            f"expected services not provided to inspect ts object {parsedArgs[nameKey]}")
+
+    expectedServices = parsedArgs[tsServicesKey]
+    actualServices = {}
+    backends = tsObj['spec']['backends']
+    for i in range(len(backends)):
+        svcName = backends[i]['service']
+        svcWeight = int(backends[i]['weight'])
+        actualServices[svcName] = svcWeight
+
+    dictResult, msg = compareDicts(
+        actualServices, expectedServices, tsServicesKey)
+    if not dictResult:
+        return False, msg
+
+    return True, ""
+
+
+def compareDicts(actual: dict, expected: dict, paramName=""):
+    actualKeys = actual.keys()
+    expectedKeys = expected.keys()
+
+    if not actualKeys == expectedKeys:
+        msg = f'dicts had different keys.\n actual: {actual}\n expected: {expected}'
+        if not paramName == "":
+            msg = f"for param {paramName}, " + msg
+        return False, msg
+    for key in actualKeys:
+        if not actual[key] == expected[key]:
+            msg = f'dicts differed at key {key}.\n actual[{key}] is {actual[key]} and expected[{key}] is {expected[key]}'
+            if not paramName == "":
+                msg = f"for param {paramName}, " + msg
+            return False, msg
+
+    return True, ""
+
+
+def main():
+    parsedArgs: dict = parseArgs(sys.argv[1:])
+    RESULT = False
+    msg = "unknown type (no verification method currently exists)"
+    k8_object = None
+
+    kind = parsedArgs[kindKey]
+    name = parsedArgs[nameKey]
+    namespace = parsedArgs[namespaceKey]
+    cmd = 'kubectl get '+kind + ' '+name+' -n '+namespace+' -o json'
+
+    k8s_object = None
+    azPrefix = ""
+    try:
+        if privateKey in parsedArgs:
+            uniqueName = parsedArgs[privateKey]
+            azPrefix = f"az aks command invoke --resource-group {uniqueName} --name {uniqueName} --command "
+            cmd = azPrefix + "'" + cmd + "'"
+            outputString = os.popen(cmd).read()
+            successExit = "exitcode=0"
+            if successExit not in outputString:
+                raise ValueError(f"private cluster get failed for {kind} {name}")
+
+            objString = outputString.split(successExit)[1]
+            k8_object = json.loads(objString)
+
+        else:
+            k8_object = json.load(os.popen(cmd))
+
+        if k8_object == None:
+            raise ValueError(f"{kind} {name} was not found")
+    
+    except:
+        msg = kind+' '+name+' not created or not found'
+        getAllObjectsCmd = azPrefix + 'kubectl get '+kind+' -n '+namespace
+        if not azPrefix == "":
+            getAllObjectsCmd = azPrefix + "'{getAllObjectsCmd}'" # add extra set of quotes
+        cmd =  + "'" + cmd + "'"
+        foundObjects = os.popen().read()
+        suffix = f"resources of type {kind}: {foundObjects}"
+        sys.exit(msg + " " + suffix)
+
+    if kind == 'Deployment':
+        RESULT, msg = verifyDeployment(
+            k8_object, parsedArgs)
+    if kind == 'Service':
+        RESULT, msg = verifyService(
+            k8_object, parsedArgs)
     if kind == 'Ingress':
-    suffix = ''
+        RESULT, msg = verifyIngress(k8_object, parsedArgs)
-    if str(color) == 'green':
+    if kind == "TrafficSplit":
-      suffix = '-green'
+        RESULT, msg = verifyTSObject(k8_object, parsedArgs)
-    if k8_object['spec']['rules'][0]['http']['paths'][0]['backend']['serviceName']=='nginx-service'+suffix and k8_object['spec']['rules'][0]['http']['paths'][1]['backend']['serviceName']=='unrouted-service':
-      RESULT = 'true'
-except:
-  pass    
 
-if RESULT=='false':
+    if not RESULT:
-  sys.exit(kind+' '+name+' not labelled properly')
+        sys.exit(f"{kind} {name} failed check: {msg}")
-print('Test passed')
+
+    print('Test passed')
+
+
+if __name__ == "__main__":
+    sys.exit(main())

test/integration/manifests/blue-green/test-ingress.yml

@@ -16,7 +16,7 @@ spec:
       spec:
          containers:
             - name: nginx
-              image: nginx:1.14.2
+              image: nginx
               ports:
                  - containerPort: 80
 ---
@@ -32,7 +32,7 @@ spec:
         port: 80
         targetPort: 80
 ---
-apiVersion: networking.k8s.io/v1beta1
+apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
    name: nginx-ingress
@@ -43,10 +43,16 @@ spec:
       - http:
            paths:
               - path: /testpath
+                pathType: Prefix
                 backend:
-                   serviceName: nginx-service
+                   service:
-                   servicePort: 80
+                      name: nginx-service
+                      port:
+                         number: 80
               - path: /testpath2
+                pathType: Prefix
                 backend:
-                   serviceName: unrouted-service
+                   service:
-                   servicePort: 80
+                      name: unrouted-service
+                      port:
+                         number: 80

test/integration/manifests/blue-green/test-service.yml

@@ -16,7 +16,7 @@ spec:
       spec:
          containers:
             - name: nginx
-              image: nginx:1.14.2
+              image: nginx
               ports:
                  - containerPort: 80
 ---

test/integration/manifests/test.yml

@@ -0,0 +1,33 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+   name: nginx-deployment
+   labels:
+      app: nginx
+spec:
+   replicas: 1
+   selector:
+      matchLabels:
+         app: nginx
+   template:
+      metadata:
+         labels:
+            app: nginx
+      spec:
+         containers:
+            - name: nginx
+              image: nginx
+              ports:
+                 - containerPort: 80
+---
+apiVersion: v1
+kind: Service
+metadata:
+   name: nginx-service
+spec:
+   selector:
+      app: nginx
+   ports:
+      - protocol: TCP
+        port: 80
+        targetPort: 80