azure/k8s-deploy
1
0
Fork 0
mirror of https://github.com/Azure/k8s-deploy.git synced 2026-06-24 13:39:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: azure/k8s-deploy:main
Branches Tags
azure/k8s-deploy:main azure/k8s-deploy:dependabot/npm_and_yarn/actions-800da858a2 azure/k8s-deploy:releases/v6.0.0 azure/k8s-deploy:releases/v5.1.0 azure/k8s-deploy:releases/v5.0.4 azure/k8s-deploy:releases/v5.0.3 azure/k8s-deploy:davidgamero/release-v5.0.3 azure/k8s-deploy:releases/v5.0.2 azure/k8s-deploy:davidgamero/release-v5.0.2 azure/k8s-deploy:davidgamero/update-linkerd-install azure/k8s-deploy:releases/v5.0.1 azure/k8s-deploy:brfole/dependabot azure/k8s-deploy:davidgamero/typescript-5 azure/k8s-deploy:davidgamero/private-cluster-integration-multifile azure/k8s-deploy:fix-private-cluster-file-flag azure/k8s-deploy:releases/v5.0.0 azure/k8s-deploy:v5-node20-release azure/k8s-deploy:releases/v4.10.0 azure/k8s-deploy:releases/4.10.0 azure/k8s-deploy:releases/v4 azure/k8s-deploy:create-pull-request/patch azure/k8s-deploy:OliverMKing-patch-4 azure/k8s-deploy:create-release azure/k8s-deploy:kingoliver/privatebug azure/k8s-deploy:addSupportMessage azure/k8s-deploy:revert-247-jkatariya/debug-canary-and-tests azure/k8s-deploy:OliverMKing-patch-3 azure/k8s-deploy:OliverMKing-patch-2 azure/k8s-deploy:Vidyareddy/issueFormTemplate azure/k8s-deploy:Vidyareddy/docker-image azure/k8s-deploy:releases/v4.2.1 azure/k8s-deploy:Vidyareddy/annotaion-keyPrefix azure/k8s-deploy:Vidyareddy/traffic-split azure/k8s-deploy:annotation azure/k8s-deploy:OliverMKing-patch-1 azure/k8s-deploy:Vidyareddy/varcel-ncc azure/k8s-deploy:hari/beautify-logs azure/k8s-deploy:releases/v3 azure/k8s-deploy:releases/v2 azure/k8s-deploy:releases/v1.5 azure/k8s-deploy:build-js azure/k8s-deploy:kingoliver/smi-bug azure/k8s-deploy:releases/v1 azure/k8s-deploy:releases/v1.2 azure/k8s-deploy:releases/v1.3 azure/k8s-deploy:releases/v1.4
azure/k8s-deploy:v6 azure/k8s-deploy:v6.0.0 azure/k8s-deploy:v5 azure/k8s-deploy:v5.1.0 azure/k8s-deploy:v5.0.4 azure/k8s-deploy:v5.0.3 azure/k8s-deploy:v5.0.2 azure/k8s-deploy:v5.0.1 azure/k8s-deploy:v5.0.0 azure/k8s-deploy:v4.10.0 azure/k8s-deploy:4.10.0 azure/k8s-deploy:v4.10 azure/k8s-deploy:v4 azure/k8s-deploy:v4.9 azure/k8s-deploy:v4.8 azure/k8s-deploy:v4.7 azure/k8s-deploy:v4.6 azure/k8s-deploy:v4.5 azure/k8s-deploy:v4.4 azure/k8s-deploy:v4.3 azure/k8s-deploy:v4.2 azure/k8s-deploy:v4.1 azure/k8s-deploy:v4.0 azure/k8s-deploy:v3 azure/k8s-deploy:v3.3 azure/k8s-deploy:v3.2 azure/k8s-deploy:v3.1 azure/k8s-deploy:v3.0 azure/k8s-deploy:v2.0 azure/k8s-deploy:1.5 azure/k8s-deploy:v1.5 azure/k8s-deploy:v1.3 azure/k8s-deploy:v1.2 azure/k8s-deploy:v1 azure/k8s-deploy:v1.1 azure/k8s-deploy:v1.4 azure/k8s-deploy:v1.1.0
..
compare: azure/k8s-deploy:OliverMKing-patch-1
Branches Tags
azure/k8s-deploy:dependabot/npm_and_yarn/actions-800da858a2 azure/k8s-deploy:main azure/k8s-deploy:releases/v6.0.0 azure/k8s-deploy:releases/v5.1.0 azure/k8s-deploy:releases/v5.0.4 azure/k8s-deploy:releases/v5.0.3 azure/k8s-deploy:davidgamero/release-v5.0.3 azure/k8s-deploy:releases/v5.0.2 azure/k8s-deploy:davidgamero/release-v5.0.2 azure/k8s-deploy:davidgamero/update-linkerd-install azure/k8s-deploy:releases/v5.0.1 azure/k8s-deploy:brfole/dependabot azure/k8s-deploy:davidgamero/typescript-5 azure/k8s-deploy:davidgamero/private-cluster-integration-multifile azure/k8s-deploy:fix-private-cluster-file-flag azure/k8s-deploy:releases/v5.0.0 azure/k8s-deploy:v5-node20-release azure/k8s-deploy:releases/v4.10.0 azure/k8s-deploy:releases/4.10.0 azure/k8s-deploy:releases/v4 azure/k8s-deploy:create-pull-request/patch azure/k8s-deploy:OliverMKing-patch-4 azure/k8s-deploy:create-release azure/k8s-deploy:kingoliver/privatebug azure/k8s-deploy:addSupportMessage azure/k8s-deploy:revert-247-jkatariya/debug-canary-and-tests azure/k8s-deploy:OliverMKing-patch-3 azure/k8s-deploy:OliverMKing-patch-2 azure/k8s-deploy:Vidyareddy/issueFormTemplate azure/k8s-deploy:Vidyareddy/docker-image azure/k8s-deploy:releases/v4.2.1 azure/k8s-deploy:Vidyareddy/annotaion-keyPrefix azure/k8s-deploy:Vidyareddy/traffic-split azure/k8s-deploy:annotation azure/k8s-deploy:OliverMKing-patch-1 azure/k8s-deploy:Vidyareddy/varcel-ncc azure/k8s-deploy:hari/beautify-logs azure/k8s-deploy:releases/v3 azure/k8s-deploy:releases/v2 azure/k8s-deploy:releases/v1.5 azure/k8s-deploy:build-js azure/k8s-deploy:kingoliver/smi-bug azure/k8s-deploy:releases/v1 azure/k8s-deploy:releases/v1.2 azure/k8s-deploy:releases/v1.3 azure/k8s-deploy:releases/v1.4
azure/k8s-deploy:v6 azure/k8s-deploy:v6.0.0 azure/k8s-deploy:v5 azure/k8s-deploy:v5.1.0 azure/k8s-deploy:v5.0.4 azure/k8s-deploy:v5.0.3 azure/k8s-deploy:v5.0.2 azure/k8s-deploy:v5.0.1 azure/k8s-deploy:v5.0.0 azure/k8s-deploy:v4.10.0 azure/k8s-deploy:4.10.0 azure/k8s-deploy:v4.10 azure/k8s-deploy:v4 azure/k8s-deploy:v4.9 azure/k8s-deploy:v4.8 azure/k8s-deploy:v4.7 azure/k8s-deploy:v4.6 azure/k8s-deploy:v4.5 azure/k8s-deploy:v4.4 azure/k8s-deploy:v4.3 azure/k8s-deploy:v4.2 azure/k8s-deploy:v4.1 azure/k8s-deploy:v4.0 azure/k8s-deploy:v3 azure/k8s-deploy:v3.3 azure/k8s-deploy:v3.2 azure/k8s-deploy:v3.1 azure/k8s-deploy:v3.0 azure/k8s-deploy:v2.0 azure/k8s-deploy:1.5 azure/k8s-deploy:v1.5 azure/k8s-deploy:v1.3 azure/k8s-deploy:v1.2 azure/k8s-deploy:v1 azure/k8s-deploy:v1.1 azure/k8s-deploy:v1.4 azure/k8s-deploy:v1.1.0

2 Commits
main .. OliverMKing-patch-1

Author SHA1 Message Date
Oliver King 0b0b5178d5 fix broken yaml 2022-07-06 10:27:14 -04:00
Oliver King d43ff40a3e fix typo 2022-06-13 12:57:31 -04:00
134 changed files with 16184 additions and 15356 deletions
Expand all files Collapse all files
.github/CODEOWNERS
+1 -1
View File
@@ -1 +1 @@
* @Azure/cloud-native-github-action-owners * @Azure/aks-atlanta
.github/ISSUE_TEMPLATE/bugReportForm.yml
-36
View File
@@ -1,36 +0,0 @@
name: Bug Report
description: File a bug report specifying all inputs you provided for the action, we will respond to this thread with any questions.
title: 'Bug: '
labels: ['bug', 'triage']
assignees: '@Azure/aks-atlanta'
body:
- type: textarea
id: What-happened
attributes:
label: What happened?
description: Tell us what happened and how is it different from the expected?
placeholder: Tell us what you see!
validations:
required: true
- type: checkboxes
id: Version
attributes:
label: Version
options:
- label: I am using the latest version
required: true
- type: input
id: Runner
attributes:
label: Runner
description: What runner are you using?
placeholder: Mention the runner info (self-hosted, operating system)
validations:
required: true
- type: textarea
id: Logs
attributes:
label: Relevant log output
description: Run in debug mode for the most verbose logs. Please feel free to attach a screenshot of the logs
validations:
required: true
.github/ISSUE_TEMPLATE/config.yml
-6
View File
@@ -1,6 +0,0 @@
blank_issues_enabled: false
contact_links:
- name: GitHub Action "k8s-deploy" Support
url: https://github.com/Azure/k8s-deploy
security: https://github.com/Azure/k8s-deploy/blob/main/SECURITY.md
about: Please ask and answer questions here.
.github/ISSUE_TEMPLATE/featureRequestForm.yml
-13
View File
@@ -1,13 +0,0 @@
name: Feature Request
description: File a Feature Request form, we will respond to this thread with any questions.
title: 'Feature Request: '
labels: ['Feature']
assignees: '@Azure/aks-atlanta'
body:
- type: textarea
id: Feature_request
attributes:
label: Feature request
description: Provide example functionality and links to relevant docs
validations:
required: true
.github/actions/minikube-setup/action.yml
-53
View File
@@ -1,53 +0,0 @@
name: 'Setup Minikube Test Environment'
description: 'Common setup steps for minikube integration tests'
inputs:
install-smi:
description: 'Install Linkerd SMI for service mesh tests'
required: false
default: 'false'
runs:
using: 'composite'
steps:
- name: Install dependencies
shell: bash
run: |
rm -rf node_modules/
npm install
- name: Build
shell: bash
run: npm run build
- name: Install conntrack
shell: bash
run: sudo apt-get install -y conntrack
- uses: Azure/setup-kubectl@776406bce94f63e41d621b960d78ee25c8b76ede # v4.0.1
name: Install Kubectl
- id: setup-minikube
name: Setup Minikube
uses: medyagh/setup-minikube@e9e035a86bbc3caea26a450bd4dbf9d0c453682e # v0.0.21
with:
minikube-version: 1.37.0
kubernetes-version: 1.31.0
driver: 'docker'
- name: Install Linkerd and SMI
if: inputs.install-smi == 'true'
shell: bash
run: |
curl --proto '=https' --tlsv1.2 -sSfL https://run.linkerd.io/install-edge | sh
export PATH=$PATH:/home/runner/.linkerd2/bin
curl -sL https://linkerd.github.io/linkerd-smi/install | sh
kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.2.0/standard-install.yaml
linkerd install --crds | kubectl apply -f -
linkerd install --set proxyInit.runAsRoot=true | kubectl apply -f -
linkerd smi install | kubectl apply -f -
- uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # 6.1.0
name: Install Python
with:
python-version: '3.x'
.github/dependabot.yml
-18
View File
@@ -1,18 +0,0 @@
version: 2
updates:
- package-ecosystem: npm
directory: /
schedule:
interval: weekly
groups:
actions:
patterns:
- '*'
- package-ecosystem: github-actions
directory: .github/workflows
schedule:
interval: weekly
groups:
actions:
patterns:
- '*'
.github/workflows/codeql.yml
+41 -38
View File
@@ -1,49 +1,52 @@
name: 'Code scanning - action' name: "Code scanning - action"
on: on:
push: push:
pull_request: pull_request:
schedule: schedule:
- cron: '0 19 * * 0' - cron: '0 19 * * 0'
jobs: jobs:
CodeQL-Build: CodeQL-Build:
# CodeQL runs on ubuntu-latest and windows-latest
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
steps: # CodeQL runs on ubuntu-latest and windows-latest
- name: Checkout repository runs-on: ubuntu-latest
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 #v7.0.0
with:
# We must fetch at least the immediate parents so that if this is
# a pull request then we can checkout the head.
fetch-depth: 2
# Initializes the CodeQL tools for scanning. steps:
- name: Initialize CodeQL - name: Checkout repository
uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e #v3.29.5 uses: actions/checkout@v2
# Override language selection by uncommenting this and choosing your languages with:
# with: # We must fetch at least the immediate parents so that if this is
# languages: go, javascript, csharp, python, cpp, java # a pull request then we can checkout the head.
fetch-depth: 2
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this run was triggered by a pull request event, then checkout
# If this step fails, then you should remove it and run the build manually (see below) # the head of the pull request instead of the merge commit.
- name: Autobuild - run: git checkout HEAD^2
uses: github/codeql-action/autobuild@8aad20d150bbac5944a9f9d289da16a4b0d87c1e #v3.29.5 if: ${{ github.event_name == 'pull_request' }}
# ️ Command-line programs to run using the OS shell. # Initializes the CodeQL tools for scanning.
# 📚 https://git.io/JvXDl - name: Initialize CodeQL
uses: github/codeql-action/init@v1
# Override language selection by uncommenting this and choosing your languages
# with:
# languages: go, javascript, csharp, python, cpp, java
# ✏️ If the Autobuild fails above, remove it and uncomment the following three lines # Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# and modify them (or add more) to build your code if your project # If this step fails, then you should remove it and run the build manually (see below)
# uses a compiled language - name: Autobuild
uses: github/codeql-action/autobuild@v1
#- run: | # ️ Command-line programs to run using the OS shell.
# make bootstrap # 📚 https://git.io/JvXDl
# make release
- name: Perform CodeQL Analysis # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e #v3.29.5 # and modify them (or add more) to build your code if your project
# uses a compiled language
#- run: |
# make bootstrap
# make release
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1
.github/workflows/defaultLabels.yml
+27 -26
View File
@@ -2,34 +2,35 @@ name: setting-default-labels
# Controls when the action will run. # Controls when the action will run.
on: on:
schedule: schedule:
- cron: '0 0/3 * * *' - cron: "0 0/3 * * *"
# A workflow run is made up of one or more jobs that can run sequentially or in parallel # A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs: jobs:
build: build:
# The type of runner that the job will run on # The type of runner that the job will run on
runs-on: ubuntu-latest runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job # Steps represent a sequence of tasks that will be executed as part of the job
steps: steps:
- uses: actions/stale@eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899 # v10.3.0
name: Setting issue as idle
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
stale-issue-message: 'This issue is idle because it has been open for 14 days with no activity.'
stale-issue-label: 'idle'
days-before-stale: 14
days-before-close: -1
operations-per-run: 100
exempt-issue-labels: 'backlog'
- uses: actions/stale@eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899 # v10.3.0 - uses: actions/stale@v3
name: Setting PR as idle name: Setting issue as idle
with: with:
repo-token: ${{ secrets.GITHUB_TOKEN }} repo-token: ${{ secrets.GITHUB_TOKEN }}
stale-pr-message: 'This PR is idle because it has been open for 14 days with no activity.' stale-issue-message: 'This issue is idle because it has been open for 14 days with no activity.'
stale-pr-label: 'idle' stale-issue-label: 'idle'
days-before-stale: 14 days-before-stale: 14
days-before-close: -1 days-before-close: -1
operations-per-run: 100 operations-per-run: 100
exempt-issue-labels: 'backlog'
- uses: actions/stale@v3
name: Setting PR as idle
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
stale-pr-message: 'This PR is idle because it has been open for 14 days with no activity.'
stale-pr-label: 'idle'
days-before-stale: 14
days-before-close: -1
operations-per-run: 100
.github/workflows/prettify-code.yml
-18
View File
@@ -1,18 +0,0 @@
name: 'Run prettify'
on:
pull_request:
push:
branches: [main]
jobs:
prettier:
name: Prettier Check
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
- name: install deps
run: npm install
- name: Enforce Prettier
run: npm run format-check
.github/workflows/release-pr.yml
+10 -14
View File
@@ -1,18 +1,14 @@
name: Release Project name: Create release PR
on: on:
push: workflow_dispatch:
branches: inputs:
- main release:
paths: description: "Define release version (ex: v1, v2, v3)"
- CHANGELOG.md required: true
workflow_dispatch:
jobs: jobs:
release: release-pr:
permissions: uses: OliverMKing/javascript-release-workflow/.github/workflows/release-pr.yml@main
actions: read with:
contents: write release: ${{ github.event.inputs.release }}
uses: Azure/action-release-workflows/.github/workflows/release_js_project.yaml@3c677ba5ab58f5c5c1a6f0cfb176b333b1f27405 # v1
with:
changelogPath: ./CHANGELOG.md
.github/workflows/run-integration-tests-basic.yml
-52
View File
@@ -1,52 +0,0 @@
name: Minikube Integration Tests - basic
on:
pull_request:
branches:
- main
- 'releases/*'
push:
branches:
- main
- 'releases/*'
workflow_dispatch:
jobs:
run-integration-test:
name: Run Minikube Integration Tests
runs-on: ubuntu-22.04
env:
KUBECONFIG: /home/runner/.kube/config
NAMESPACE: test-${{ github.run_id }}
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
- uses: ./.github/actions/minikube-setup
name: Setup Minikube Environment
timeout-minutes: 5
- name: Create namespace to run tests
run: kubectl create ns ${{ env.NAMESPACE }}
- name: Cleaning any previously created items
run: |
python test/integration/k8s-deploy-delete.py 'Service' 'all' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Deployment' 'all' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Ingress' 'all' ${{ env.NAMESPACE }}
- name: Executing deploy action for pod
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/test.yml
test/integration/manifests/manifest_test_dir/test.yml
action: deploy
- name: Checking if deployments and services were created
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 labels=app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_basic selectorLabels=app:nginx
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_basic selectorLabels=app:nginx
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment3 containerName=nginx:1.14.2 labels=app:nginx3,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_basic selectorLabels=app:nginx3
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service3 labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_basic selectorLabels=app:nginx3
.github/workflows/run-integration-tests-bluegreen-ingress.yml
-156
View File
@@ -1,156 +0,0 @@
name: Minikube Integration Tests - blue-green ingress
on:
pull_request:
branches:
- main
- 'releases/*'
push:
branches:
- main
- 'releases/*'
workflow_dispatch:
jobs:
run-integration-test:
name: Blue-Green Ingress Tests
runs-on: ubuntu-22.04
env:
KUBECONFIG: /home/runner/.kube/config
NAMESPACE: test-${{ github.run_id }}
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
- uses: ./.github/actions/minikube-setup
name: Setup Minikube Environment
timeout-minutes: 5
- name: Create namespace to run tests
run: kubectl create ns ${{ env.NAMESPACE }}
- name: Cleaning any previously created items
run: |
python test/integration/k8s-deploy-delete.py 'Service' 'nginx-service' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Service' 'nginx-service-green' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Deployment' 'nginx-deployment-green' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Deployment' 'nginx-deployment' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Ingress' 'nginx-ingress' ${{ env.NAMESPACE }}
- name: Executing deploy action for ingress
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/blue-green/test-ingress.yml
strategy: blue-green
route-method: ingress
action: deploy
- name: Checking if deployments, services and ingresses were created with green labels and original tag
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-green containerName=nginx:1.14.2 labels=k8s.deploy.color:green,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:green
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-green labels=k8s.deploy.color:green,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:green
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Ingress name=nginx-ingress ingressServices=nginx-service-green,unrouted-service
- name: Executing promote action for ingress
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/blue-green/test-ingress.yml
strategy: blue-green
route-method: ingress
action: promote
- name: Checking if deployments, services and ingresses were created with none labels after first promote
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:None,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Ingress name=nginx-ingress ingressServices=nginx-service,unrouted-service
- name: Executing second deploy action for ingress with new tag
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:latest
manifests: |
test/integration/manifests/blue-green/test-ingress.yml
strategy: blue-green
route-method: ingress
action: deploy
- name: Checking if deployments (with new tag), services and ingresses were created with green labels after deploy, and old deployment persists
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-green containerName=nginx:latest labels=k8s.deploy.color:green,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:green
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-green labels=k8s.deploy.color:green,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:green
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:None,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Ingress name=nginx-ingress ingressServices=nginx-service-green,unrouted-service
- name: Executing second promote action for ingress now using new image tag
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:latest
manifests: |
test/integration/manifests/blue-green/test-ingress.yml
strategy: blue-green
route-method: ingress
action: promote
- name: Checking if deployments, services and ingresses were created with none labels after promote for new tag
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:None,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Ingress name=nginx-ingress ingressServices=nginx-service,unrouted-service
- name: Executing deploy action for ingress to be rejected using old tag
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/blue-green/test-ingress.yml
strategy: blue-green
route-method: ingress
action: deploy
- name: Checking if new deployments (with old tag), services and ingresses were created with green labels after deploy, and old deployment (with latest tag) persists
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-green containerName=nginx:1.14.2 labels=k8s.deploy.color:green,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:green
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-green labels=k8s.deploy.color:green,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:green
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:None,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Ingress name=nginx-ingress ingressServices=nginx-service-green,unrouted-service
- name: Executing reject action for ingress to reject new deployment with 1.14.2 tag
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/blue-green/test-ingress.yml
strategy: blue-green
route-method: ingress
action: reject
# MAY BE USEFUL TO ADD AN ANTI-CHECK - CHECK TO MAKE SURE CERTAIN OBJECTS DON'T EXIST
- name: Checking if deployments, services and ingresses were created with none labels and latest tag after reject
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:None,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_ingress selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Ingress name=nginx-ingress ingressServices=nginx-service,unrouted-service
- name: Cleaning up current set up
run: |
python test/integration/k8s-deploy-delete.py 'Service' 'nginx-service' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Deployment' 'nginx-deployment' ${{ env.NAMESPACE }}
- if: ${{ always() }}
name: Delete created namespace
run: kubectl delete ns ${{ env.NAMESPACE }}
.github/workflows/run-integration-tests-bluegreen-service.yml
-143
View File
@@ -1,143 +0,0 @@
name: Minikube Integration Tests - blue-green service
on:
pull_request:
branches:
- main
- 'releases/*'
push:
branches:
- main
- 'releases/*'
workflow_dispatch:
jobs:
run-integration-test:
name: Blue-Green Service Tests
runs-on: ubuntu-22.04
env:
KUBECONFIG: /home/runner/.kube/config
NAMESPACE: test-${{ github.run_id }}
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
- uses: ./.github/actions/minikube-setup
name: Setup Minikube Environment
timeout-minutes: 5
- name: Create namespace to run tests
run: kubectl create ns ${{ env.NAMESPACE }}
- name: Cleaning any previously created items
run: |
python test/integration/k8s-deploy-delete.py 'Service' 'all' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Deployment' 'all' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Ingress' 'all' ${{ env.NAMESPACE }}
- name: Executing deploy action for service
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/blue-green/test-service.yml
strategy: blue-green
route-method: service
action: deploy
- name: Checking if deployments and services were created with green labels and original tag
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-green containerName=nginx:1.14.2 labels=k8s.deploy.color:green,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:green
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:green,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:green
- name: Executing promote action for service
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/blue-green/test-service.yml
strategy: blue-green
route-method: service
action: promote
- name: Checking if deployments and services were created with none labels after first promote
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:None,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:None
- name: Executing second deploy action for service with new tag
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:latest
manifests: |
test/integration/manifests/blue-green/test-service.yml
strategy: blue-green
route-method: service
action: deploy
- name: Checking if deployments (with new tag) and services were created with green labels after deploy, and old deployment persists
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-green containerName=nginx:latest labels=k8s.deploy.color:green,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:green
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:green,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:green
- name: Executing second promote action for service now using new image tag
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:latest
manifests: |
test/integration/manifests/blue-green/test-service.yml
strategy: blue-green
route-method: service
action: promote
- name: Checking if deployments and services were created with none labels after promote for new tag
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:None,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:None
- name: Executing deploy action for service to be rejected using old tag
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/blue-green/test-service.yml
strategy: blue-green
route-method: service
action: deploy
- name: Checking if new deployments (with old tag) and services were created with green labels after deploy, and old deployment (with latest tag) persists
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-green containerName=nginx:1.14.2 labels=k8s.deploy.color:green,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:green
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:green,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:green
- name: Executing reject action for service to reject new deployment with 1.14.2 tag
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/blue-green/test-service.yml
strategy: blue-green
route-method: service
action: reject
# MAY BE USEFUL TO ADD AN ANTI-CHECK - CHECK TO MAKE SURE CERTAIN OBJECTS DON'T EXIST
- name: Checking if deployments and services were created with none labels and latest tag after reject
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=k8s.deploy.color:None,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_service selectorLabels=app:nginx,k8s.deploy.color:None
- name: Cleaning up current set up
run: |
python test/integration/k8s-deploy-delete.py 'Service' 'nginx-service' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Deployment' 'nginx-deployment' ${{ env.NAMESPACE }}
- if: ${{ always() }}
name: Delete created namespace
run: kubectl delete ns ${{ env.NAMESPACE }}
.github/workflows/run-integration-tests-bluegreen-smi.yml
-173
View File
@@ -1,173 +0,0 @@
name: Minikube Integration Tests - blue-green SMI
on:
pull_request:
branches:
- main
- 'releases/*'
push:
branches:
- main
- 'releases/*'
workflow_dispatch:
jobs:
run-integration-test:
name: Blue-Green SMI Tests
runs-on: ubuntu-22.04
env:
KUBECONFIG: /home/runner/.kube/config
NAMESPACE: test-${{ github.run_id }}
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
- uses: ./.github/actions/minikube-setup
name: Setup Minikube Environment
timeout-minutes: 5
with:
install-smi: 'true'
- name: Create namespace to run tests
run: kubectl create ns ${{ env.NAMESPACE }}
- name: Cleaning any previously created items
run: |
python test/integration/k8s-deploy-delete.py 'Service' 'all' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Deployment' 'all' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Ingress' 'all' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'TrafficSplit' 'all' ${{ env.NAMESPACE }}
- name: Executing deploy action for smi
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/blue-green/test-service.yml
strategy: blue-green
route-method: smi
action: deploy
- name: Checking if deployments, services, and ts objects were created with green labels and original tag
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-green containerName=nginx:1.14.2 labels=k8s.deploy.color:green,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx,k8s.deploy.color:green
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI,k8s.deploy.color:None selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-green labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI,k8s.deploy.color:green selectorLabels=app:nginx,k8s.deploy.color:green
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-trafficsplit tsServices=nginx-service-stable:0,nginx-service-green:100
- name: Executing promote action for smi
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/blue-green/test-service.yml
strategy: blue-green
route-method: smi
action: promote
# another good place for anti-test - ensure old deps are deleted after promote
- name: Checking if deployments, services, and ts objects were created with none labels after first promote
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI,k8s.deploy.color:None selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-trafficsplit tsServices=nginx-service-stable:100,nginx-service-green:0
- name: Executing second deploy action for smi with new tag
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:latest
manifests: |
test/integration/manifests/blue-green/test-service.yml
strategy: blue-green
route-method: smi
action: deploy
- name: Checking if deployments (with new tag) and services were created with green labels after deploy, and old deployment persists
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-green containerName=nginx:latest labels=k8s.deploy.color:green,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx,k8s.deploy.color:green
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI,k8s.deploy.color:None selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-green labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI,k8s.deploy.color:green selectorLabels=app:nginx,k8s.deploy.color:green
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-trafficsplit tsServices=nginx-service-stable:0,nginx-service-green:100
- name: Executing second promote action for smi now using new image tag
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:latest
manifests: |
test/integration/manifests/blue-green/test-service.yml
strategy: blue-green
route-method: smi
action: promote
- name: Checking if deployments and services were created with none labels after promote for new tag, ts is stable
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI,k8s.deploy.color:None selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-trafficsplit tsServices=nginx-service-stable:100,nginx-service-green:0
- name: Executing deploy action for smi to be rejected using old tag
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/blue-green/test-service.yml
strategy: blue-green
route-method: smi
action: deploy
- name: Checking if new deployments (with old tag) and services were created with green labels after deploy, and old deployment (with latest tag) persists
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-green containerName=nginx:1.14.2 labels=k8s.deploy.color:green,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx,k8s.deploy.color:green
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI,k8s.deploy.color:None selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-green labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI,k8s.deploy.color:green selectorLabels=app:nginx,k8s.deploy.color:green
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-trafficsplit tsServices=nginx-service-stable:0,nginx-service-green:100
- name: Executing reject action for smi to reject new deployment with 1.14.2 tag
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/blue-green/test-service.yml
strategy: blue-green
route-method: smi
action: reject
# MAY BE USEFUL TO ADD AN ANTI-CHECK - CHECK TO MAKE SURE CERTAIN OBJECTS DON'T EXIST
- name: Checking if deployments and services were created with none labels and latest tag after reject
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=k8s.deploy.color:None,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI selectorLabels=app:nginx
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_blue-green_SMI,k8s.deploy.color:None selectorLabels=app:nginx,k8s.deploy.color:None
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-trafficsplit tsServices=nginx-service-stable:100,nginx-service-green:0
- name: Cleaning up current set up
run: |
python test/integration/k8s-deploy-delete.py 'Service' 'nginx-service' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Deployment' 'nginx-deployment' ${{ env.NAMESPACE }}
- if: ${{ always() }}
name: Delete created namespace
run: kubectl delete ns ${{ env.NAMESPACE }}
.github/workflows/run-integration-tests-canary-pod.yml
-152
View File
@@ -1,152 +0,0 @@
name: Minikube Integration Tests - canary pod
on:
pull_request:
branches:
- main
- 'releases/*'
push:
branches:
- main
- 'releases/*'
workflow_dispatch:
jobs:
run-integration-test:
name: Canary Pod Tests
runs-on: ubuntu-22.04
env:
KUBECONFIG: /home/runner/.kube/config
NAMESPACE: test-${{ github.run_id }}
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
- uses: ./.github/actions/minikube-setup
name: Setup Minikube Environment
timeout-minutes: 5
- name: Create namespace to run tests
run: kubectl create ns ${{ env.NAMESPACE }}
- name: Cleaning any previously created items
run: |
python test/integration/k8s-deploy-delete.py 'Service' 'all' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Deployment' 'all' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Ingress' 'all' ${{ env.NAMESPACE }}
- name: Executing deploy action for pod
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/test.yml
strategy: canary
percentage: 50
traffic-split-method: pod
action: deploy
- name: Checking if deployments and services were created with canary labels and original tag
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-canary containerName=nginx:1.14.2 labels=workflow/version:canary,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx,workflow/version:canary
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
- name: Executing promote action for pod
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/test.yml
strategy: canary
percentage: 50
traffic-split-method: pod
action: promote
# another good place for anti-test - ensure old deps are deleted after promote
- name: Checking if deployments and services were created with stable labels after first promote
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 labels=app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
- name: Executing second deploy action for pod with new tag
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:latest
manifests: |
test/integration/manifests/test.yml
strategy: canary
percentage: 50
traffic-split-method: pod
action: deploy
- name: Checking if deployments (with new tag) and services were created with canary labels after deploy, and old deployment persists
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 labels=app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-canary containerName=nginx:latest labels=workflow/version:canary,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx,workflow/version:canary
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
- name: Executing second promote action for pod now using new image tag
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:latest
manifests: |
test/integration/manifests/test.yml
strategy: canary
percentage: 50
traffic-split-method: pod
action: promote
- name: Checking if deployments and services were created with stable labels after promote for new tag, ts is stable
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
- name: Executing deploy action for pod to be rejected using old tag
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/test.yml
strategy: canary
percentage: 50
traffic-split-method: pod
action: deploy
- name: Checking if new deployments (with old tag) and services were created with canary and baseline labels after deploy, and stable deployment (with latest tag) persists
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-canary containerName=nginx:1.14.2 labels=workflow/version:canary,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx,workflow/version:canary
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
- name: Executing reject action for pod to reject new deployment with 1.14.2 tag
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/test.yml
strategy: canary
percentage: 50
traffic-split-method: pod
action: reject
# MAY BE USEFUL TO ADD AN ANTI-CHECK - CHECK TO MAKE SURE CERTAIN OBJECTS DON'T EXIST
- name: Checking if deployments and services were created with stable labels and latest tag after reject
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:latest labels=app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_pod selectorLabels=app:nginx
- name: Cleaning up current set up
run: |
python test/integration/k8s-deploy-delete.py 'Service' 'nginx-service' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Deployment' 'nginx-deployment' ${{ env.NAMESPACE }}
- if: ${{ always() }}
name: Delete created namespace
run: kubectl delete ns ${{ env.NAMESPACE }}
.github/workflows/run-integration-tests-canary-smi.yml
-185
View File
@@ -1,185 +0,0 @@
name: Minikube Integration Tests - canary SMI
on:
pull_request:
branches:
- main
- 'releases/*'
push:
branches:
- main
- 'releases/*'
workflow_dispatch:
jobs:
run-integration-test:
name: Canary SMI Tests
runs-on: ubuntu-22.04
env:
KUBECONFIG: /home/runner/.kube/config
NAMESPACE: test-${{ github.run_id }}
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
- uses: ./.github/actions/minikube-setup
name: Setup Minikube Environment
timeout-minutes: 5
with:
install-smi: 'true'
- name: Create namespace to run tests
run: kubectl create ns ${{ env.NAMESPACE }}
- name: Cleaning any previously created items
run: |
python test/integration/k8s-deploy-delete.py 'Service' 'all' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Deployment' 'all' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Ingress' 'all' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'TrafficSplit' 'all' ${{ env.NAMESPACE }}
- name: Executing deploy action for smi
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/test.yml
strategy: canary
percentage: 50
traffic-split-method: smi
action: deploy
- name: Checking if deployments, services, and ts objects were created with canary labels and original tag
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-canary containerName=nginx:1.14.2 labels=workflow/version:canary,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx,workflow/version:canary
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-canary labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI,workflow/version:canary selectorLabels=app:nginx,workflow/version:canary
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-workflow-rollout tsServices=nginx-service-stable:0,nginx-service-canary:1000,nginx-service-baseline:0
- name: Executing promote action for smi
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/test.yml
strategy: canary
percentage: 50
traffic-split-method: smi
action: promote
# another good place for anti-test - ensure old deps are deleted after promote
- name: Checking if deployments, services, and ts objects were created with stable labels after first promote
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-stable containerName=nginx:1.14.2 labels=workflow/version:stable,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx,workflow/version:stable
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI,workflow/version:stable selectorLabels=app:nginx,workflow/version:stable
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-workflow-rollout tsServices=nginx-service-stable:1000,nginx-service-canary:0,nginx-service-baseline:0
- name: Executing second deploy action for smi with new tag
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:latest
manifests: |
test/integration/manifests/test.yml
strategy: canary
percentage: 50
traffic-split-method: smi
action: deploy
- name: Checking if deployments (with new tag) and services were created with canary labels after deploy, and old deployment persists
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-stable containerName=nginx:1.14.2 labels=workflow/version:stable,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx,workflow/version:stable
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-canary containerName=nginx:latest labels=workflow/version:canary,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx,workflow/version:canary
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-baseline containerName=nginx:1.14.2 labels=workflow/version:baseline,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx,workflow/version:baseline
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI,workflow/version:stable selectorLabels=app:nginx,workflow/version:stable
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-canary labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI,workflow/version:canary selectorLabels=app:nginx,workflow/version:canary
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-baseline labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI,workflow/version:baseline selectorLabels=app:nginx,workflow/version:baseline
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-workflow-rollout tsServices=nginx-service-stable:500,nginx-service-canary:250,nginx-service-baseline:250
- name: Executing second promote action for smi now using new image tag
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:latest
manifests: |
test/integration/manifests/test.yml
strategy: canary
percentage: 50
traffic-split-method: smi
action: promote
- name: Checking if deployments and services were created with stable labels after promote for new tag, ts is stable
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-stable containerName=nginx:latest labels=workflow/version:stable,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx,workflow/version:stable
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI,workflow/version:stable selectorLabels=app:nginx,workflow/version:stable
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-workflow-rollout tsServices=nginx-service-stable:1000,nginx-service-canary:0,nginx-service-baseline:0
- name: Executing deploy action for smi to be rejected using old tag
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/test.yml
strategy: canary
percentage: 50
traffic-split-method: smi
action: deploy
- name: Checking if new deployments (with old tag) and services were created with canary and baseline labels after deploy, and stable deployment (with latest tag) persists
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-canary containerName=nginx:1.14.2 labels=workflow/version:canary,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx,workflow/version:canary
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-baseline containerName=nginx:latest labels=workflow/version:baseline,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx,workflow/version:baseline
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-stable containerName=nginx:latest labels=workflow/version:stable,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx,workflow/version:stable
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI,workflow/version:stable selectorLabels=app:nginx,workflow/version:stable
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-baseline labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI,workflow/version:baseline selectorLabels=app:nginx,workflow/version:baseline
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-canary labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI,workflow/version:canary selectorLabels=app:nginx,workflow/version:canary
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-workflow-rollout tsServices=nginx-service-stable:500,nginx-service-canary:250,nginx-service-baseline:250
- name: Executing reject action for smi to reject new deployment with 1.14.2 tag
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/test.yml
strategy: canary
percentage: 50
traffic-split-method: smi
action: reject
# MAY BE USEFUL TO ADD AN ANTI-CHECK - CHECK TO MAKE SURE CERTAIN OBJECTS DON'T EXIST
- name: Checking if deployments and services were created with stable labels and latest tag after reject
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment-stable containerName=nginx:latest labels=workflow/version:stable,app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx,workflow/version:stable
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI selectorLabels=app:nginx
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service-stable labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_canary_SMI,workflow/version:stable selectorLabels=app:nginx,workflow/version:stable
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=TrafficSplit name=nginx-service-workflow-rollout tsServices=nginx-service-stable:1000,nginx-service-canary:0,nginx-service-baseline:0
- name: Cleaning up current set up
run: |
python test/integration/k8s-deploy-delete.py 'Service' 'all' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Deployment' 'all' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Ingress' 'all' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'TrafficSplit' 'all' ${{ env.NAMESPACE }}
- if: ${{ always() }}
name: Delete created namespace
run: kubectl delete ns ${{ env.NAMESPACE }}
.github/workflows/run-integration-tests-namespace-optional.yml
-113
View File
@@ -1,113 +0,0 @@
# This workflow is inspired by `run-integration-tests-bluegreen-ingress.yml` and introduces namespace-specific testing for manifests.
# It ensures deployments respect manifest-defined namespaces and tests deployments to multiple namespaces.
name: Minikube Integration Tests - Namespace Optional
on:
pull_request:
branches:
- main
- 'releases/*'
push:
branches:
- main
- 'releases/*'
workflow_dispatch:
jobs:
run-integration-test:
name: Namespace Optional Tests
runs-on: ubuntu-22.04
env:
KUBECONFIG: /home/runner/.kube/config
NAMESPACE1: integration-test-namespace1-${{ github.run_id }}
NAMESPACE2: integration-test-namespace2-${{ github.run_id }}
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
- uses: ./.github/actions/minikube-setup
name: Setup Minikube Environment
timeout-minutes: 5
- name: Create namespaces for tests
run: |
kubectl create ns ${{ env.NAMESPACE1 }}
kubectl create ns ${{ env.NAMESPACE2 }}
kubectl create ns test-namespace
- name: Cleaning any previously created items
run: |
python test/integration/k8s-deploy-delete.py 'Deployment' 'all' ${{ env.NAMESPACE1 }}
python test/integration/k8s-deploy-delete.py 'Deployment' 'all' ${{ env.NAMESPACE2 }}
# This tests whether the deployment respects the namespace defined in the manifest instead of defaulting to "default" when namespace is not provided.
- name: Test - Handles namespace correctly based on manifest
uses: ./
with:
images: nginx
manifests: |
test/integration/manifests/test_with_ns.yaml
test/integration/manifests/test_no_ns.yaml
action: deploy # Deploys manifests to specified namespaces or uses the namespace defined in the manifest
- name: Verify Deployment - test_with_ns.yaml (test-namespace)
run: |
python test/integration/k8s-deploy-test.py \
namespace=test-namespace \
kind=Deployment \
name=test-deployment \
containerName=nginx \
labels=app:test-app,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_Namespace_Optional \
selectorLabels=app:test-app
- name: Verify Deployment - test_no_ns.yaml (default namespace)
run: |
python test/integration/k8s-deploy-test.py \
namespace=default \
kind=Deployment \
name=test-deployment-no-ns \
containerName=nginx \
labels=app:test-app,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_Namespace_Optional \
selectorLabels=app:test-app
# This tests whether the deployment works when a file is deployed to two different provided namespaces.
- name: Test - Deploys the resource to namespace1
uses: ./
with:
namespace: ${{ env.NAMESPACE1 }}
images: nginx
manifests: |
test/integration/manifests/test_no_ns.yaml
action: deploy
- name: Test - Deploys the resource to namespace2
uses: ./
with:
namespace: ${{ env.NAMESPACE2 }}
images: nginx
manifests: |
test/integration/manifests/test_no_ns.yaml
action: deploy
- name: Verify Deployments in NAMESPACE1 & NAMESPACE2
run: |
for ns in ${{ env.NAMESPACE1 }} ${{ env.NAMESPACE2 }}; do
python test/integration/k8s-deploy-test.py \
namespace=$ns \
kind=Deployment \
name=test-deployment-no-ns \
containerName=nginx \
labels=app:test-app,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_Namespace_Optional \
selectorLabels=app:test-app
done
- name: Cleanup
run: |
echo "Cleaning up resources..."
python test/integration/k8s-deploy-delete.py 'Deployment' 'test-deployment' test-namespace
python test/integration/k8s-deploy-delete.py 'Deployment' 'test-deployment-no-ns' ${{ env.NAMESPACE1 }}
python test/integration/k8s-deploy-delete.py 'Deployment' 'test-deployment-no-ns' ${{ env.NAMESPACE2 }}
python test/integration/k8s-deploy-delete.py 'Deployment' 'test-deployment-no-ns' default
kubectl delete ns ${{ env.NAMESPACE1 }}
kubectl delete ns ${{ env.NAMESPACE2 }}
kubectl delete ns test-namespace
rm -rf test_with_ns.yaml test_no_ns.yaml
.github/workflows/run-integration-tests-private.yml
-85
View File
@@ -1,85 +0,0 @@
name: Cluster Integration Tests - private cluster
on:
pull_request:
branches:
- 'releases/*'
push:
branches:
- main
workflow_dispatch:
jobs:
run-integration-test:
name: Run Minikube Integration Tests
runs-on: ubuntu-22.04
env:
KUBECONFIG: /home/runner/.kube/config
NAMESPACE: test-${{ github.run_id }}
permissions:
contents: read
id-token: write
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
- name: Install dependencies
run: |
rm -rf node_modules/
npm install
- name: Build
run: npm run build
- name: Azure login
uses: azure/login@v3.0.0
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- uses: Azure/setup-kubectl@829323503d1be3d00ca8346e5391ca0b07a9ab0d # v5.1.0
name: Install Kubectl
- name: Create private AKS cluster and set context
run: |
set +x
# create cluster
az group create --location eastus2 --name ${{ env.NAMESPACE }}
az aks create --name ${{ env.NAMESPACE }} --resource-group ${{ env.NAMESPACE }} --enable-private-cluster --generate-ssh-keys
az aks get-credentials --resource-group ${{ env.NAMESPACE }} --name ${{ env.NAMESPACE }}
- name: Create namespace to run tests
run: |
az aks command invoke --resource-group ${{ env.NAMESPACE }} --name ${{ env.NAMESPACE }} --command "kubectl create ns ${{ env.NAMESPACE }}"
- uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # 6.2.0
name: Install Python
with:
python-version: '3.x'
- name: Executing deploy action for pod
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/test.yml
test/integration/manifests/test2.yml
action: deploy
private-cluster: true
resource-group: ${{ env.NAMESPACE }}
name: ${{ env.NAMESPACE }}
- name: Checking if deployments and services were created
run: |
python test/integration/k8s-deploy-test.py private=${{ env.NAMESPACE }} namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 labels=app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Cluster_Integration_Tests_-_private_cluster selectorLabels=app:nginx
python test/integration/k8s-deploy-test.py private=${{ env.NAMESPACE }} namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Cluster_Integration_Tests_-_private_cluster selectorLabels=app:nginx
python test/integration/k8s-deploy-test.py private=${{ env.NAMESPACE }} namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment2 containerName=nginx:1.14.2 labels=app:nginx2,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Cluster_Integration_Tests_-_private_cluster selectorLabels=app:nginx2
python test/integration/k8s-deploy-test.py private=${{ env.NAMESPACE }} namespace=${{ env.NAMESPACE }} kind=Service name=nginx-service2 labels=workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Cluster_Integration_Tests_-_private_cluster selectorLabels=app:nginx2
- name: Clean up AKS cluster
if: ${{ always() }}
run: |
echo "deleting AKS cluster and resource group"
az aks delete --yes --resource-group ${{ env.NAMESPACE }} --name ${{ env.NAMESPACE }}
az group delete --resource-group ${{ env.NAMESPACE }} --yes
.github/workflows/run-integration-tests-resource-annotation.yml
-65
View File
@@ -1,65 +0,0 @@
name: Minikube Integration Tests - resource annotation
on:
pull_request:
branches:
- main
- 'releases/*'
push:
branches:
- main
- 'releases/*'
workflow_dispatch:
jobs:
run-integration-test:
name: Resource Annotation Tests
runs-on: ubuntu-22.04
env:
KUBECONFIG: /home/runner/.kube/config
NAMESPACE: test-${{ github.run_id }}
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
- uses: ./.github/actions/minikube-setup
name: Setup Minikube Environment
timeout-minutes: 5
- name: Create namespace to run tests
run: kubectl create ns ${{ env.NAMESPACE }}
- name: Cleaning any previously created items
run: |
python test/integration/k8s-deploy-delete.py 'Service' 'all' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Deployment' 'all' ${{ env.NAMESPACE }}
python test/integration/k8s-deploy-delete.py 'Ingress' 'all' ${{ env.NAMESPACE }}
- name: Executing deploy action for pod with resource annotation enabled by default
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/test.yml
action: deploy
- name: Checking if deployments is created with additional resource annotation
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 labels=app:nginx,workflow:actions.github.com-k8s-deploy,workflowFriendlyName:Minikube_Integration_Tests_-_resource_annotation selectorLabels=app:nginx annotations=actions.github.com/k8s-deploy,deployment.kubernetes.io/revision,kubectl.kubernetes.io/last-applied-configuration
- name: Cleaning previously created deployment
run: |
python test/integration/k8s-deploy-delete.py 'Deployment' 'all' ${{ env.NAMESPACE }}
- name: Executing deploy action for pod with resource annotation disabled
uses: ./
with:
namespace: ${{ env.NAMESPACE }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/test.yml
action: deploy
annotate-resources: false
- name: Checking if deployment is created without additional resource annotation
run: |
python test/integration/k8s-deploy-test.py namespace=${{ env.NAMESPACE }} kind=Deployment name=nginx-deployment containerName=nginx:1.14.2 selectorLabels=app:nginx annotations=deployment.kubernetes.io/revision,kubectl.kubernetes.io/last-applied-configuration
.github/workflows/run-integration-tests.yml
+215
View File
@@ -0,0 +1,215 @@
name: Minikube Integration Tests
on:
pull_request:
branches:
- master
- main
- "releases/*"
push:
branches:
- master
- main
- "releases/*"
workflow_dispatch:
jobs:
run-integration-test:
name: Run Minikube Integration Tests
runs-on: ubuntu-latest
env:
KUBECONFIG: /home/runner/.kube/config
steps:
- uses: actions/checkout@v2
- name: Install dependencies
run: |
rm -rf node_modules/
npm install
- name: Install ncc
run: npm i -g @vercel/ncc
- name: Build
run: ncc build src/run.ts -o lib
- name: Set name of ns
run: echo "::set-output name=name::$(echo `date +%Y%m%d%H%M%S`)"
shell: bash
id: ns
- uses: Azure/setup-kubectl@v1
name: Install Kubectl
- id: setup-minikube
name: Setup Minikube
uses: manusa/actions-setup-minikube@v2.4.2
with:
minikube version: "v1.24.0"
kubernetes version: "v1.17.8"
driver: "none"
timeout-minutes: 3
- name: Create namespace to run tests
run: kubectl create ns test-${{ steps.ns.outputs.name }}
- uses: actions/setup-python@v2
name: Install Python
with:
python-version: "3.x"
- name: Cleaning any previously created items
run: |
python test/integration/k8s-deploy-delete.py 'Service' 'nginx-service' ${{ steps.ns.outputs.name }}
python test/integration/k8s-deploy-delete.py 'Service' 'nginx-service-green' ${{ steps.ns.outputs.name }}
python test/integration/k8s-deploy-delete.py 'Deployment' 'nginx-deployment-green' ${{ steps.ns.outputs.name }}
python test/integration/k8s-deploy-delete.py 'Deployment' 'nginx-deployment' ${{ steps.ns.outputs.name }}
python test/integration/k8s-deploy-delete.py 'Ingress' 'nginx-ingress' ${{ steps.ns.outputs.name }}
- name: Executing deploy action
uses: ./
with:
namespace: test-${{ steps.ns.outputs.name }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/test-service.yml
strategy: blue-green
route-method: service
action: deploy
- name: Checking if deploments and services were created with green labels
run: |
python test/integration/k8s-deploy-test.py 'Deployment' 'nginx-deployment-green' 'green' ${{ steps.ns.outputs.name }}
python test/integration/k8s-deploy-test.py 'Service' 'nginx-service' 'green' ${{ steps.ns.outputs.name }}
- name: Executing promote action
uses: ./
with:
namespace: test-${{ steps.ns.outputs.name }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/test-service.yml
strategy: blue-green
route-method: service
action: promote
- name: Checking if deploments and services were created with none labels after promote
run: |
python test/integration/k8s-deploy-test.py 'Deployment' 'nginx-deployment' 'None' ${{ steps.ns.outputs.name }}
python test/integration/k8s-deploy-test.py 'Service' 'nginx-service' 'None' ${{ steps.ns.outputs.name }}
- name: Executing deploy action on
uses: ./
with:
namespace: test-${{ steps.ns.outputs.name }}
images: nginx:1.19.1
manifests: |
test/integration/manifests/test-service.yml
strategy: blue-green
route-method: service
action: deploy
- name: Checking if deploments and services were created with green labels, and old workloads persist on deploy
run: |
python test/integration/k8s-deploy-test.py 'Deployment' 'nginx-deployment-green' 'green' ${{ steps.ns.outputs.name }}
python test/integration/k8s-deploy-test.py 'Service' 'nginx-service' 'green' ${{ steps.ns.outputs.name }}
python test/integration/k8s-deploy-test.py 'Deployment' 'nginx-deployment' 'None' ${{ steps.ns.outputs.name }}
- name: Executing reject action
uses: ./
with:
namespace: test-${{ steps.ns.outputs.name }}
images: nginx:1.19.1
manifests: |
test/integration/manifests/test-service.yml
strategy: blue-green
route-method: service
action: reject
- name: Checking if deploments and services were routed back to none labels after reject
run: |
python test/integration/k8s-deploy-test.py 'Deployment' 'nginx-deployment' 'None' ${{ steps.ns.outputs.name }}
python test/integration/k8s-deploy-test.py 'Service' 'nginx-service' 'None' ${{ steps.ns.outputs.name }}
- name: Cleaning up current set up
run: |
python test/integration/k8s-deploy-delete.py 'Service' 'nginx-service' ${{ steps.ns.outputs.name }}
python test/integration/k8s-deploy-delete.py 'Deployment' 'nginx-deployment' ${{ steps.ns.outputs.name }}
- name: Executing deploy action for ingress
uses: ./
with:
namespace: test-${{ steps.ns.outputs.name }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/test-ingress.yml
strategy: blue-green
route-method: ingress
action: deploy
- name: Checking if deploments, services and ingresses were created with green labels
run: |
python test/integration/k8s-deploy-test.py 'Deployment' 'nginx-deployment-green' 'green' ${{ steps.ns.outputs.name }}
python test/integration/k8s-deploy-test.py 'Service' 'nginx-service-green' 'green' ${{ steps.ns.outputs.name }}
python test/integration/k8s-deploy-test.py 'Ingress' 'nginx-ingress' 'green' ${{ steps.ns.outputs.name }}
- name: Executing promote action for ingress
uses: ./
with:
namespace: test-${{ steps.ns.outputs.name }}
images: nginx:1.14.2
manifests: |
test/integration/manifests/test-ingress.yml
strategy: blue-green
route-method: ingress
action: promote
- name: Checking if deploments, services and ingresses were created with none labels after promote
run: |
python test/integration/k8s-deploy-test.py 'Deployment' 'nginx-deployment' 'None' ${{ steps.ns.outputs.name }}
python test/integration/k8s-deploy-test.py 'Service' 'nginx-service' 'None' ${{ steps.ns.outputs.name }}
python test/integration/k8s-deploy-test.py 'Ingress' 'nginx-ingress' 'None' ${{ steps.ns.outputs.name }}
- name: Executing deploy action for ingress
uses: ./
with:
namespace: test-${{ steps.ns.outputs.name }}
images: nginx:1.19.1
manifests: |
test/integration/manifests/test-ingress.yml
strategy: blue-green
route-method: ingress
action: deploy
- name: Checking if deploments, services and ingresses were created with green labels after deploy, and old deployment persists
run: |
python test/integration/k8s-deploy-test.py 'Deployment' 'nginx-deployment-green' 'green' ${{ steps.ns.outputs.name }}
python test/integration/k8s-deploy-test.py 'Deployment' 'nginx-deployment' 'None' ${{ steps.ns.outputs.name }}
python test/integration/k8s-deploy-test.py 'Service' 'nginx-service' 'None' ${{ steps.ns.outputs.name }}
python test/integration/k8s-deploy-test.py 'Service' 'nginx-service-green' 'green' ${{ steps.ns.outputs.name }}
python test/integration/k8s-deploy-test.py 'Ingress' 'nginx-ingress' 'green' ${{ steps.ns.outputs.name }}
- name: Executing reject action for ingress
uses: ./
with:
namespace: test-${{ steps.ns.outputs.name }}
images: nginx:1.19.1
manifests: |
test/integration/manifests/test-ingress.yml
strategy: blue-green
route-method: ingress
action: reject
- name: Checking if deploments, services and ingresses were created with none labels after reject
run: |
python test/integration/k8s-deploy-test.py 'Deployment' 'nginx-deployment' 'None' ${{ steps.ns.outputs.name }}
python test/integration/k8s-deploy-test.py 'Service' 'nginx-service' 'None' ${{ steps.ns.outputs.name }}
python test/integration/k8s-deploy-test.py 'Ingress' 'nginx-ingress' 'None' ${{ steps.ns.outputs.name }}
- if: ${{ always() }}
name: Delete created namespace
run: kubectl delete ns test-${{ steps.ns.outputs.name }}
- if: ${{ always() }}
name: Posting result back to PR
run: |
if [ '${{ steps.job-type.outputs.type }}' == 'pr' ]; then ruby postStatus.rb ${{github.event.client_payload.repository}} ${{github.event.client_payload.commit}} ${{secrets.L2_REPO_TOKEN}} ${{job.status}} ${{github.run_id}} ${{matrix.os}} false ${{ secrets.L2_REPO_USER }}; fi
shell: bash
.github/workflows/tag-and-release.yml
+10
View File
@@ -0,0 +1,10 @@
name: Tag and create release draft
on:
push:
branches:
- releases/*
jobs:
tag-and-release:
uses: OliverMKing/javascript-release-workflow/.github/workflows/tag-and-release.yml@main
.github/workflows/unit-tests.yml
+16 -17
View File
@@ -1,20 +1,19 @@
name: 'Run unit tests.' name: "Run unit tests."
on: # rebuild any PRs and main branch changes on: # rebuild any PRs and main branch changes
pull_request: pull_request:
branches: branches:
- main - master
- 'releases/*' - "releases/*"
push: push:
branches: branches:
- main - master
- 'releases/*' - "releases/*"
jobs: jobs:
build: # make sure build/ci works properly build: # make sure build/ci works properly
name: Run Unit Tests runs-on: ubuntu-latest
runs-on: ubuntu-latest steps:
steps: - uses: actions/checkout@v1
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - run: |
- run: | npm install
npm install npm test
npm test
.gitignore
-2
View File
@@ -3,5 +3,3 @@ node_modules
.DS_Store .DS_Store
.idea .idea
lib/ lib/
coverage/
.husky/pre-commit
-13
View File
@@ -1,13 +0,0 @@
npm run typecheck || {
echo ""
echo "❌ Type check failed."
echo "💡 Run 'npm run typecheck' to see errors."
exit 1
}
npm test
npm run format-check || {
echo ""
echo "❌ Formatting check failed."
echo "💡 Run 'npm run format' or 'prettier --write .' to fix formatting issues."
exit 1
}
.prettierignore
-4
View File
@@ -1,4 +0,0 @@
# dependencies
/node_modules
coverage
/lib
.prettierrc.json
-8
View File
@@ -1,8 +0,0 @@
{
"trailingComma": "none",
"bracketSpacing": false,
"semi": false,
"tabWidth": 3,
"singleQuote": true,
"printWidth": 80
}
CHANGELOG.md
-88
View File
@@ -1,88 +0,0 @@
# Changelog
## [6.0.0] - 2026-04-17
### Changed
- #504 [Update Node.js runtime from node20 to node24](https://github.com/Azure/k8s-deploy/pull/504)
- #500 [Update action version references in README to latest majors](https://github.com/Azure/k8s-deploy/pull/500)
### Security
- #506 [Bump undici from 6.23.0 to 6.24.1](https://github.com/Azure/k8s-deploy/pull/506)
- #513 [Bump vite from 8.0.3 to 8.0.5](https://github.com/Azure/k8s-deploy/pull/513)
- #509 [Bump the actions group across 1 directory with 4 updates](https://github.com/Azure/k8s-deploy/pull/509)
- #510 [Bump the actions group across 1 directory with 2 updates](https://github.com/Azure/k8s-deploy/pull/510)
- #511 [Bump vitest from 4.1.1 to 4.1.2](https://github.com/Azure/k8s-deploy/pull/511)
- #514 [Bump the actions group with 2 updates](https://github.com/Azure/k8s-deploy/pull/514)
- #501 [Bump @types/node from 25.3.3 to 25.4.0](https://github.com/Azure/k8s-deploy/pull/501)
## [5.1.0] - 2026-03-03
### Added
- #458 [Ensure error messages display the correct namespace](https://github.com/Azure/k8s-deploy/pull/458)
- #482 [docker driver](https://github.com/Azure/k8s-deploy/pull/482)
- #492 [Migrate to esbuild/Vitest and upgrade @actions/\* to ESM-only versions](https://github.com/Azure/k8s-deploy/pull/492)
- #498 [Add typecheck to build script](https://github.com/Azure/k8s-deploy/pull/498)
## [5.0.4] - 2025-08-05
### Added
- #408 [Add missing README.md and action.yml parameters](https://github.com/Azure/k8s-deploy/pull/408)
- #414 [Fix the major update packages including Jest](https://github.com/Azure/k8s-deploy/pull/414)
- #418 [Add husky pre-commit hook.](https://github.com/Azure/k8s-deploy/pull/418)
- #420 [Make namespace input optional](https://github.com/Azure/k8s-deploy/pull/420)
- #424 [add server-side option for kubectl apply commands](https://github.com/Azure/k8s-deploy/pull/424)
- #425 [Add timeout to the rollout status](https://github.com/Azure/k8s-deploy/pull/425)
- #428 [Added additional check in getTempdirectory function](https://github.com/Azure/k8s-deploy/pull/428)
- #432 [Added error check for canary promote actions](https://github.com/Azure/k8s-deploy/pull/432)
- #436 [Add support for ScaledJob](https://github.com/Azure/k8s-deploy/pull/436)
- #440 [Add Enhanced Deployment Error Reporting and Logging](https://github.com/Azure/k8s-deploy/pull/440)
- #441 [Added timeout input description to README](https://github.com/Azure/k8s-deploy/pull/441)
## [5.0.3] - 2025-04-16
### Added
- #398 case-insensitive resource type
## [5.0.2] - 2025-04-15
### Added
- #396 Update new resource-type input for action
## [5.0.1] - 2024-03-12
### Added
- #356 Add fleet support
## [5.0.0] - 2024-03-12
### Changed
- #309 Updated to Node20 and upgraded release workflows to @v1 tag
- #306 update release workflow to use new prefix, remove deprecated release
- #303 fix: ensure imageNames are not empty strings
- #299 bump release workflow sha
- #298 bump minikube to fix runner deps
- #297 update release workflow
### Added
- #304 add v prefix for version tagging
- #302 adding ncc to build
- #301 adding release workflow artifact fix
## [4.10.0] - 2023-10-30
### Added
- #287 Make annotating resources optional
- #283 Fix “Service” route-method of the Blue-Green strategy with some manifest files
- #281 bump codeql to node 16
- #279 upgrade codeql
- #276 Fixes multiple namespaces bug
README.md
+230 -299
View File
@@ -1,18 +1,9 @@
# Deploy manifests action for Kubernetes # Deploy manifests action for Kubernetes
This action is used to deploy manifests to Kubernetes clusters. It requires that the cluster context be set earlier in the workflow by using either the [Azure/aks-set-context](https://github.com/Azure/aks-set-context/tree/releases/v4) action or the [Azure/k8s-set-context](https://github.com/Azure/k8s-set-context/tree/releases/v4) action. It also requires Kubectl to be installed (you can use the [Azure/setup-kubectl](https://github.com/Azure/setup-kubectl) action). This action is used to deploy manifests to Kubernetes clusters. It requires that the cluster context be set earlier in the workflow by using either the [Azure/aks-set-context](https://github.com/Azure/aks-set-context/tree/releases/v1) action or the [Azure/k8s-set-context](https://github.com/Azure/k8s-set-context/tree/releases/v1) action. It also requires Kubectl to be installed (you can use the [Azure/setup-kubectl](https://github.com/Azure/setup-kubectl) action).
If you are looking to automate your workflows to deploy to [Azure Web Apps](https://azure.microsoft.com/en-us/services/app-service/web/) and [Azure Web App for Containers](https://azure.microsoft.com/en-us/services/app-service/containers/), consider using [`Azure/webapps-deploy`](https://github.com/Azure/webapps-deploy) action. If you are looking to automate your workflows to deploy to [Azure Web Apps](https://azure.microsoft.com/en-us/services/app-service/web/) and [Azure Web App for Containers](https://azure.microsoft.com/en-us/services/app-service/containers/), consider using [`Azure/webapps-deploy`](https://github.com/Azure/webapps-deploy) action.
This action requires the following permissions from your workflow:
```yaml
permissions:
id-token: write
contents: read
actions: read
```
## Action capabilities ## Action capabilities
Following are the key capabilities of this action: Following are the key capabilities of this action:
@@ -24,15 +15,17 @@ Following are the key capabilities of this action:
- **Secret handling**: The secret names specified as inputs in the action are used to augment the input manifest files with imagePullSecrets values before deploying to the cluster. Also, checkout the [Azure/k8s-create-secret](https://github.com/Azure/k8s-create-secret) action for creation of generic or docker-registry secrets in the cluster. - **Secret handling**: The secret names specified as inputs in the action are used to augment the input manifest files with imagePullSecrets values before deploying to the cluster. Also, checkout the [Azure/k8s-create-secret](https://github.com/Azure/k8s-create-secret) action for creation of generic or docker-registry secrets in the cluster.
- **Deployment strategy** Supports both canary and blue-green deployment strategies - **Deployment strategy** Supports both canary and blue-green deployment strategies
- **Canary strategy**: Workloads suffixed with '-baseline' and '-canary' are created. There are two methods of traffic splitting supported:
- **Service Mesh Interface**: Service Mesh Interface abstraction allows for plug-and-play configuration with service mesh providers such as [Linkerd](https://linkerd.io/) and [Istio](https://istio.io/). Meanwhile, this action takes away the hard work of mapping SMI's TrafficSplit objects to the stable, baseline and canary services during the lifecycle of the deployment strategy. Service mesh based canary deployments using this action are more accurate as service mesh providers enable granular percentage traffic split (via service registry and sidecar containers injected into pods alongside application containers).
- **Only Kubernetes (no service mesh)**: In the absence of service mesh, while it may not be possible to achieve exact percentage split at the request level, it is still possible to perform canary deployments by deploying -baseline and -canary workload variants next to the stable variant. The service routes requests to pods of all three workload variants as the selector-label constraints are met (KubernetesManifest will honor these when creating -baseline and -canary variants). This achieves the intended effect of routing only a portion of total requests to the canary.
- **Blue-Green strategy**: Choosing blue-green strategy with this action leads to creation of workloads suffixed with '-green'. An identified service is one that is supplied as part of the input manifest(s) and targets a workload in the supplied manifest(s). There are three route-methods supported in the action:
- **Service route-method**: Identified services are configured to target the green deployments.
- **Ingress route-method**: Along with deployments, new services are created with '-green' suffix (for identified services), and the ingresses are in turn updated to target the new services.
- **SMI route-method**: A new [TrafficSplit](https://github.com/servicemeshinterface/smi-spec/blob/master/apis/traffic-split/v1alpha3/traffic-split.md) object is created for each identified service. The TrafficSplit object is updated to target the new deployments. This works only if SMI is set up in the cluster.
Traffic is routed to the new workloads only after the time provided as `version-switch-buffer` input has passed. The `promote` action creates workloads and services with new configurations but without any suffix. `reject` routes traffic back to the old workloads and deletes the '-green' workloads. - **Canary strategy**: Workloads suffixed with '-baseline' and '-canary' are created. There are two methods of traffic splitting supported:
- **Service Mesh Interface**: Service Mesh Interface abstraction allows for plug-and-play configuration with service mesh providers such as [Linkerd](https://linkerd.io/) and [Istio](https://istio.io/). Meanwhile, this action takes away the hard work of mapping SMI's TrafficSplit objects to the stable, baseline and canary services during the lifecycle of the deployment strategy. Service mesh based canary deployments using this action are more accurate as service mesh providers enable granular percentage traffic split (via service registry and sidecar containers injected into pods alongside application containers).
- **Only Kubernetes (no service mesh)**: In the absence of service mesh, while it may not be possible to achieve exact percentage split at the request level, it is still possible to perform canary deployments by deploying -baseline and -canary workload variants next to the stable variant. The service routes requests to pods of all three workload variants as the selector-label constraints are met (KubernetesManifest will honor these when creating -baseline and -canary variants). This achieves the intended effect of routing only a portion of total requests to the canary.
- **Blue-Green strategy**: Choosing blue-green strategy with this action leads to creation of workloads suffixed with '-green'. An identified service is one that is supplied as part of the input manifest(s) and targets a workload in the supplied manifest(s). There are three route-methods supported in the action:
- **Service route-method**: Identified services are configured to target the green deployments.
- **Ingress route-method**: Along with deployments, new services are created with '-green' suffix (for identified services), and the ingresses are in turn updated to target the new services.
- **SMI route-method**: A new [TrafficSplit](https://github.com/servicemeshinterface/smi-spec/blob/master/apis/traffic-split/v1alpha3/traffic-split.md) object is created for each identified service. The TrafficSplit object is updated to target the new deployments. This works only if SMI is set up in the cluster.
Traffic is routed to the new workloads only after the time provided as `version-switch-buffer` input has passed. The `promote` action creates workloads and services with new configurations but without any suffix. `reject` routes traffic back to the old workloads and deletes the '-green' workloads.
## Action inputs ## Action inputs
@@ -49,15 +42,7 @@ Following are the key capabilities of this action:
</tr> </tr>
<tr> <tr>
<td>manifests </br></br>(Required)</td> <td>manifests </br></br>(Required)</td>
<td>Path to the manifest files to be used for deployment. These can also be directories containing manifest files, in which case, all manifest files in the referenced directory at every depth will be deployed, or URLs to manifest files (like https://raw.githubusercontent.com/kubernetes/website/main/content/en/examples/controllers/nginx-deployment.yaml). Files and URLs not ending in .yml or .yaml will be ignored.</td> <td>Path to the manifest files to be used for deployment. These can also be directories containing manifest files, in which case, all manifest files in the referenced directory at every depth will be deployed. Files not ending in .yml or .yaml will be ignored.</td>
</tr>
<tr>
<td>strategy </br></br>(Required)</td>
<td>Acceptable values: basic/canary/blue-green. <br>
Default value: basic
<br>Deployment strategy to be used while applying manifest files on the cluster.
<br>basic - Template is force applied to all pods when deploying to cluster. NOTE: Can only be used with action == deploy
<br>canary - Canary deployment strategy is used when deploying to the cluster.<br>blue-green - Blue-Green deployment strategy is used when deploying to cluster.</td>
</tr> </tr>
<tr> <tr>
<td>namespace </br></br>(Optional) <td>namespace </br></br>(Optional)
@@ -77,20 +62,22 @@ Following are the key capabilities of this action:
<td>pull-images</br></br>(Optional)</td> <td>pull-images</br></br>(Optional)</td>
<td>Acceptable values: true/false</br>Default value: true</br>Switch whether to pull the images from the registry before deployment to find out Dockerfile's path in order to add it to the annotations</td> <td>Acceptable values: true/false</br>Default value: true</br>Switch whether to pull the images from the registry before deployment to find out Dockerfile's path in order to add it to the annotations</td>
</tr> </tr>
<tr>
<td>strategy </br></br>(Optional)</td>
<td>Acceptable values: none/canary/blue-green. <br>
Deployment strategy to be used while applying manifest files on the cluster.<br>none - No deployment strategy is used when deploying.<br>canary - Canary deployment strategy is used when deploying to the cluster.<br>blue-green - Blue-Green deployment strategy is used when deploying to cluster.</td>
</tr>
<tr> <tr>
<td>traffic-split-method </br></br>(Optional)</td> <td>traffic-split-method </br></br>(Optional)</td>
<td>Acceptable values: pod/smi.<br> Default value: pod <br>SMI: Percentage traffic split is done at request level using service mesh. Service mesh has to be setup by cluster admin. Orchestration of <a href="https://github.com/servicemeshinterface/smi-spec/blob/master/apis/traffic-split/v1alpha3/traffic-split.md" data-raw-source="TrafficSplit](https://github.com/deislabs/smi-spec/blob/master/traffic-split.md)">TrafficSplit</a> objects of SMI is handled by this action. <br>Pod: Percentage split not possible at request level in the absence of service mesh. Percentage input is used to calculate the replicas for baseline and canary as a percentage of replicas specified in the input manifests for the stable variant.</td> <td>Acceptable values: pod/smi.<br> Default value: pod <br>SMI: Percentage traffic split is done at request level using service mesh. Service mesh has to be setup by cluster admin. Orchestration of <a href="https://github.com/servicemeshinterface/smi-spec/blob/master/apis/traffic-split/v1alpha3/traffic-split.md" data-raw-source="TrafficSplit](https://github.com/deislabs/smi-spec/blob/master/traffic-split.md)">TrafficSplit</a> objects of SMI is handled by this action. <br>Pod: Percentage split not possible at request level in the absence of service mesh. Percentage input is used to calculate the replicas for baseline and canary as a percentage of replicas specified in the input manifests for the stable variant.</td>
</tr> </tr>
<tr>
<td>traffic-split-annotations </br></br>(Optional)</td>
<td>Annotations in the form of key/value pair to be added to TrafficSplit.</td>
<tr> <tr>
<td>percentage </br></br>(Optional but required if strategy is canary)</td> <td>percentage </br></br>(Optional but required if strategy is canary)</td>
<td>Used to compute the number of replicas of &#39;-baseline&#39; and &#39;-canary&#39; variants of the workloads found in manifest files. For the specified percentage input, if (percentage * numberOfDesirerdReplicas)/100 is not a round number, the floor of this number is used while creating &#39;-baseline&#39; and &#39;-canary&#39;.<br/><br/>For example, if Deployment hello-world was found in the input manifest file with &#39;replicas: 4&#39; and if &#39;strategy: canary&#39; and &#39;percentage: 25&#39; are given as inputs to the action, then the Deployments hello-world-baseline and hello-world-canary are created with 1 replica each. The &#39;-baseline&#39; variant is created with the same image and tag as the stable version (4 replica variant prior to deployment) while the &#39;-canary&#39; variant is created with the image and tag corresponding to the new changes being deployed</td> <td>Used to compute the number of replicas of &#39;-baseline&#39; and &#39;-canary&#39; variants of the workloads found in manifest files. For the specified percentage input, if (percentage * numberOfDesirerdReplicas)/100 is not a round number, the floor of this number is used while creating &#39;-baseline&#39; and &#39;-canary&#39;.<br/><br/>For example, if Deployment hello-world was found in the input manifest file with &#39;replicas: 4&#39; and if &#39;strategy: canary&#39; and &#39;percentage: 25&#39; are given as inputs to the action, then the Deployments hello-world-baseline and hello-world-canary are created with 1 replica each. The &#39;-baseline&#39; variant is created with the same image and tag as the stable version (4 replica variant prior to deployment) while the &#39;-canary&#39; variant is created with the image and tag corresponding to the new changes being deployed</td>
</tr> </tr>
<tr> <tr>
<td>baseline-and-canary-replicas </br></br> (Optional and relevant only if strategy is canary and traffic-split-method is smi)</td> <td>baseline-and-canary-replicas </br></br> (Optional and relevant only if traffic-split-method is canary)</td>
<td>The number of baseline and canary replicas. Percentage traffic split is controlled in the service mesh plane, the actual number of replicas for canary and baseline variants could be controlled independently of the traffic split. For example, assume that the input Deployment manifest desired 30 replicas to be used for stable and that the following inputs were specified for the action </br></br><code>&nbsp;&nbsp;&nbsp;&nbsp;strategy: canary<br>&nbsp;&nbsp;&nbsp;&nbsp;trafficSplitMethod: smi<br>&nbsp;&nbsp;&nbsp;&nbsp;percentage: 20<br>&nbsp;&nbsp;&nbsp;&nbsp;baselineAndCanaryReplicas: 1</code></br></br> In this case, stable variant will receive 80% traffic while baseline and canary variants will receive 10% each (20% split equally between baseline and canary). However, instead of creating baseline and canary with 3 replicas each, the explicit count of baseline and canary replicas is honored. That is, only 1 replica each is created for baseline and canary variants.</td> <td>The number of baseline and canary replicas. Percentage traffic split is controlled in the service mesh plane, the actual number of replicas for canary and baseline variants could be controlled independently of the traffic split. For example, assume that the input Deployment manifest desired 30 replicas to be used for stable and that the following inputs were specified for the action </br></br><code>&nbsp;&nbsp;&nbsp;&nbsp;strategy: canary<br>&nbsp;&nbsp;&nbsp;&nbsp;trafficSplitMethod: smi<br>&nbsp;&nbsp;&nbsp;&nbsp;percentage: 20<br>&nbsp;&nbsp;&nbsp;&nbsp;baselineAndCanaryReplicas: 1</code></br></br> In this case, stable variant will receive 80% traffic while baseline and canary variants will receive 10% each (20% split equally between baseline and canary). However, instead of creating baseline and canary with 3 replicas, the explicit count of baseline and canary replicas is honored. That is, only 1 replica each is created for baseline and canary variants.</td>
</tr> </tr>
<tr> <tr>
<td>route-method </br></br>(Optional and relevant only if strategy is blue-green)</td> <td>route-method </br></br>(Optional and relevant only if strategy is blue-green)</td>
@@ -104,44 +91,12 @@ Following are the key capabilities of this action:
<td>Acceptable values: 1-300.</br>Default value: 0.</br>Waits for the given input in minutes before routing traffic to '-green' workloads.</td> <td>Acceptable values: 1-300.</br>Default value: 0.</br>Waits for the given input in minutes before routing traffic to '-green' workloads.</td>
</tr> </tr>
<tr> <tr>
<td>private-cluster </br></br>(Optional and relevant only using K8's deploy for a cluster with private cluster enabled)</td> <td>force </br></br>(Optional)</td>
<td>Acceptable values: true, false</br>Default value: false.</td>
</tr>
<tr>
<td>resource-group</br></br>(Optional)</td>
<td>Name of resource group - Only required if using private cluster</td>
</tr>
<tr>
<td>name</br></br>(Optional)</td>
<td>Name of the private cluster - Only required if using private cluster</td>
</tr>
<tr>
<td>force</br></br>(Optional)</td>
<td>Deploy when a previous deployment already exists. If true then '--force' argument is added to the apply command. Using '--force' argument is not recommended in production.</td> <td>Deploy when a previous deployment already exists. If true then '--force' argument is added to the apply command. Using '--force' argument is not recommended in production.</td>
</tr> </tr>
<tr>
<td>server-side </br></br>(Optional)</td>
<td>The apply command runs in the server instead of the client. If true then '--server-side' argument is added to the apply command.</td>
</tr>
<tr>
<td>timeout</br></br>(Optional)</td>
<td>Default value: 10m</br>Timeout for the rollout status. Accepts time units like '10m', '1h', '30s'. If only a number is provided (e.g., '30'), it is assumed to be minutes.</td>
</tr>
<tr>
<td>annotate-resources</br></br>(Optional)</td>
<td>Acceptable values: true/false</br>Default value: true</br>Switch whether to annotate the resources or not. If set to false all annotations are skipped completely.</td>
</tr>
<tr> <tr>
<td>annotate-namespace</br></br>(Optional)</td> <td>annotate-namespace</br></br>(Optional)</td>
<td>Acceptable values: true/false</br>Default value: true</br>Switch whether to annotate the namespace resources object or not. Ignored when annotate-resources is set to false.</td> <td>Acceptable values: true/false</br>Default value: true</br>Switch whether to annotate the namespace resources object or not</td>
</tr>
<tr>
<td>skip-tls-verify</br></br>(Optional)</td>
<td>Acceptable values: true/false</br>Default value: false</br>True if the insecure-skip-tls-verify option should be used</td>
</tr>
<tr>
<td>resource-type (Optional)</td>
<td>Acceptable values: `Microsoft.ContainerService/managedClusters` (default), 'Microsoft.ContainerService/fleets'</td>
</tr> </tr>
</table> </table>
@@ -150,151 +105,131 @@ Following are the key capabilities of this action:
### Basic deployment (without any deployment strategy) ### Basic deployment (without any deployment strategy)
```yaml ```yaml
- uses: Azure/k8s-deploy@v5 - uses: Azure/k8s-deploy@v3.1
with: with:
namespace: 'myapp' namespace: "myapp"
manifests: | manifests: |
dir/manifestsDirectory dir/manifestsDirectory
images: 'contoso.azurecr.io/myapp:${{ event.run_id }}' images: "contoso.azurecr.io/myapp:${{ event.run_id }}"
imagepullsecrets: | imagepullsecrets: |
image-pull-secret1 image-pull-secret1
image-pull-secret2 image-pull-secret2
```
### Private cluster deployment
```yaml
- uses: Azure/k8s-deploy@v5
with:
resource-group: yourResourceGroup
name: yourClusterName
action: deploy
strategy: basic
private-cluster: true
manifests: |
manifests/azure-vote-backend-deployment.yaml
manifests/azure-vote-backend-service.yaml
manifests/azure-vote-frontend-deployment.yaml
manifests/azure-vote-frontend-service.yaml
images: |
registry.azurecr.io/containername
``` ```
### Canary deployment without service mesh ### Canary deployment without service mesh
```yaml ```yaml
- uses: Azure/k8s-deploy@v5 - uses: Azure/k8s-deploy@v3.1
with: with:
namespace: 'myapp' namespace: "myapp"
images: 'contoso.azurecr.io/myapp:${{ event.run_id }}' images: "contoso.azurecr.io/myapp:${{ event.run_id }}"
imagepullsecrets: | imagepullsecrets: |
image-pull-secret1 image-pull-secret1
image-pull-secret2 image-pull-secret2
manifests: | manifests: |
deployment.yaml deployment.yaml
service.yaml service.yaml
dir/manifestsDirectory dir/manifestsDirectory
strategy: canary strategy: canary
action: deploy action: deploy
percentage: 20 percentage: 20
``` ```
To promote/reject the canary created by the above snippet, the following YAML snippet could be used: To promote/reject the canary created by the above snippet, the following YAML snippet could be used:
```yaml ```yaml
- uses: Azure/k8s-deploy@v5 - uses: Azure/k8s-deploy@v3.1
with: with:
namespace: 'myapp' namespace: "myapp"
images: 'contoso.azurecr.io/myapp:${{ event.run_id }}' images: "contoso.azurecr.io/myapp:${{ event.run_id }}"
imagepullsecrets: | imagepullsecrets: |
image-pull-secret1 image-pull-secret1
image-pull-secret2 image-pull-secret2
manifests: | manifests: |
deployment.yaml deployment.yaml
service.yaml service.yaml
dir/manifestsDirectory dir/manifestsDirectory
strategy: canary strategy: canary
action: promote # substitute reject if you want to reject action: promote # substitute reject if you want to reject
``` ```
### Canary deployment based on Service Mesh Interface ### Canary deployment based on Service Mesh Interface
```yaml ```yaml
- uses: Azure/k8s-deploy@v5 - uses: Azure/k8s-deploy@v3.1
with: with:
namespace: 'myapp' namespace: "myapp"
images: 'contoso.azurecr.io/myapp:${{ event.run_id }}' images: "contoso.azurecr.io/myapp:${{ event.run_id }}"
imagepullsecrets: | imagepullsecrets: |
image-pull-secret1 image-pull-secret1
image-pull-secret2 image-pull-secret2
manifests: | manifests: |
deployment.yaml deployment.yaml
service.yaml service.yaml
dir/manifestsDirectory dir/manifestsDirectory
strategy: canary strategy: canary
action: deploy action: deploy
traffic-split-method: smi traffic-split-method: smi
percentage: 20 percentage: 20
baseline-and-canary-replicas: 1 baseline-and-canary-replicas: 1
``` ```
To promote/reject the canary created by the above snippet, the following YAML snippet could be used: To promote/reject the canary created by the above snippet, the following YAML snippet could be used:
```yaml ```yaml
- uses: Azure/k8s-deploy@v5 - uses: Azure/k8s-deploy@v3.1
with: with:
namespace: 'myapp' namespace: "myapp"
images: 'contoso.azurecr.io/myapp:${{ event.run_id }} ' images: "contoso.azurecr.io/myapp:${{ event.run_id }} "
imagepullsecrets: | imagepullsecrets: |
image-pull-secret1 image-pull-secret1
image-pull-secret2 image-pull-secret2
manifests: | manifests: |
deployment.yaml deployment.yaml
service.yaml service.yaml
dir/manifestsDirectory dir/manifestsDirectory
strategy: canary strategy: canary
traffic-split-method: smi traffic-split-method: smi
action: reject # substitute promote if you want to promote action: reject # substitute promote if you want to promote
``` ```
### Blue-Green deployment with different route methods ### Blue-Green deployment with different route methods
```yaml ```yaml
- uses: Azure/k8s-deploy@v5 - uses: Azure/k8s-deploy@v3.1
with: with:
namespace: 'myapp' namespace: "myapp"
images: 'contoso.azurecr.io/myapp:${{ event.run_id }}' images: "contoso.azurecr.io/myapp:${{ event.run_id }}"
imagepullsecrets: | imagepullsecrets: |
image-pull-secret1 image-pull-secret1
image-pull-secret2 image-pull-secret2
manifests: | manifests: |
deployment.yaml deployment.yaml
service.yaml service.yaml
ingress.yml ingress.yml
strategy: blue-green strategy: blue-green
action: deploy action: deploy
route-method: ingress # substitute with service/smi as per need route-method: ingress # substitute with service/smi as per need
version-switch-buffer: 15 version-switch-buffer: 15
``` ```
To promote/reject the green workload created by the above snippet, the following YAML snippet could be used: To promote/reject the green workload created by the above snippet, the following YAML snippet could be used:
```yaml ```yaml
- uses: Azure/k8s-deploy@v5 - uses: Azure/k8s-deploy@v3.1
with: with:
namespace: 'myapp' namespace: "myapp"
images: 'contoso.azurecr.io/myapp:${{ event.run_id }}' images: "contoso.azurecr.io/myapp:${{ event.run_id }}"
imagepullsecrets: | imagepullsecrets: |
image-pull-secret1 image-pull-secret1
image-pull-secret2 image-pull-secret2
manifests: | manifests: |
deployment.yaml deployment.yaml
service.yaml service.yaml
ingress.yml ingress.yml
strategy: blue-green strategy: blue-green
route-method: ingress # should be the same as the value when action was deploy route-method: ingress # should be the same as the value when action was deploy
action: promote # substitute reject if you want to reject action: promote # substitute reject if you want to reject
``` ```
## End to end workflows ## End to end workflows
@@ -307,47 +242,47 @@ Following are a few examples of not just this action, but how this action could
on: [push] on: [push]
jobs: jobs:
build: build:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v6 - uses: actions/checkout@master
- uses: Azure/docker-login@v2 - uses: Azure/docker-login@v1
with: with:
login-server: contoso.azurecr.io login-server: contoso.azurecr.io
username: ${{ secrets.REGISTRY_USERNAME }} username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }} password: ${{ secrets.REGISTRY_PASSWORD }}
- run: | - run: |
docker build . -t contoso.azurecr.io/k8sdemo:${{ github.sha }} docker build . -t contoso.azurecr.io/k8sdemo:${{ github.sha }}
docker push contoso.azurecr.io/k8sdemo:${{ github.sha }} docker push contoso.azurecr.io/k8sdemo:${{ github.sha }}
- uses: azure/setup-kubectl@v4 - uses: azure/setup-kubectl@v2.0
# Set the target AKS cluster. # Set the target AKS cluster.
- uses: Azure/aks-set-context@v4 - uses: Azure/aks-set-context@v1
with: with:
creds: '${{ secrets.AZURE_CREDENTIALS }}' creds: "${{ secrets.AZURE_CREDENTIALS }}"
cluster-name: contoso cluster-name: contoso
resource-group: contoso-rg resource-group: contoso-rg
- uses: Azure/k8s-create-secret@v5 - uses: Azure/k8s-create-secret@v1.1
with: with:
container-registry-url: contoso.azurecr.io container-registry-url: contoso.azurecr.io
container-registry-username: ${{ secrets.REGISTRY_USERNAME }} container-registry-username: ${{ secrets.REGISTRY_USERNAME }}
container-registry-password: ${{ secrets.REGISTRY_PASSWORD }} container-registry-password: ${{ secrets.REGISTRY_PASSWORD }}
secret-name: demo-k8s-secret secret-name: demo-k8s-secret
- uses: Azure/k8s-deploy@v5 - uses: Azure/k8s-deploy@v3.1
with: with:
action: deploy action: deploy
manifests: | manifests: |
manifests/deployment.yml manifests/deployment.yml
manifests/service.yml manifests/service.yml
images: | images: |
demo.azurecr.io/k8sdemo:${{ github.sha }} demo.azurecr.io/k8sdemo:${{ github.sha }}
imagepullsecrets: | imagepullsecrets: |
demo-k8s-secret demo-k8s-secret
``` ```
### Build container image and deploy to any Azure Kubernetes Service cluster ### Build container image and deploy to any Azure Kubernetes Service cluster
@@ -356,44 +291,44 @@ jobs:
on: [push] on: [push]
jobs: jobs:
build: build:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v6 - uses: actions/checkout@master
- uses: Azure/docker-login@v2 - uses: Azure/docker-login@v1
with: with:
login-server: contoso.azurecr.io login-server: contoso.azurecr.io
username: ${{ secrets.REGISTRY_USERNAME }} username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }} password: ${{ secrets.REGISTRY_PASSWORD }}
- run: | - run: |
docker build . -t contoso.azurecr.io/k8sdemo:${{ github.sha }} docker build . -t contoso.azurecr.io/k8sdemo:${{ github.sha }}
docker push contoso.azurecr.io/k8sdemo:${{ github.sha }} docker push contoso.azurecr.io/k8sdemo:${{ github.sha }}
- uses: azure/setup-kubectl@v4 - uses: azure/setup-kubectl@v2.0
- uses: Azure/k8s-set-context@v4 - uses: Azure/k8s-set-context@v2
with: with:
kubeconfig: ${{ secrets.KUBE_CONFIG }} kubeconfig: ${{ secrets.KUBE_CONFIG }}
- uses: Azure/k8s-create-secret@v5 - uses: Azure/k8s-create-secret@v1.1
with: with:
container-registry-url: contoso.azurecr.io container-registry-url: contoso.azurecr.io
container-registry-username: ${{ secrets.REGISTRY_USERNAME }} container-registry-username: ${{ secrets.REGISTRY_USERNAME }}
container-registry-password: ${{ secrets.REGISTRY_PASSWORD }} container-registry-password: ${{ secrets.REGISTRY_PASSWORD }}
secret-name: demo-k8s-secret secret-name: demo-k8s-secret
- uses: Azure/k8s-deploy@v5 - uses: Azure/k8s-deploy@v3.1
with: with:
action: deploy action: deploy
manifests: | manifests: |
manifests/deployment.yml manifests/deployment.yml
manifests/service.yml manifests/service.yml
images: | images: |
demo.azurecr.io/k8sdemo:${{ github.sha }} demo.azurecr.io/k8sdemo:${{ github.sha }}
imagepullsecrets: | imagepullsecrets: |
demo-k8s-secret demo-k8s-secret
``` ```
### Build image and add `dockerfile-path` label to it ### Build image and add `dockerfile-path` label to it
@@ -403,23 +338,23 @@ We can use this image in other workflows once built.
```yaml ```yaml
on: [push] on: [push]
env: env:
NAMESPACE: demo-ns2 NAMESPACE: demo-ns2
jobs: jobs:
build: build:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v6 - uses: actions/checkout@master
- uses: Azure/docker-login@v2 - uses: Azure/docker-login@v1
with: with:
login-server: contoso.azurecr.io login-server: contoso.azurecr.io
username: ${{ secrets.REGISTRY_USERNAME }} username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }} password: ${{ secrets.REGISTRY_PASSWORD }}
- run: | - run: |
docker build . -t contoso.azurecr.io/k8sdemo:${{ github.sha }} --label dockerfile-path=https://github.com/${{github.repo}}/blob/${{github.sha}}/Dockerfile docker build . -t contoso.azurecr.io/k8sdemo:${{ github.sha }} --label dockerfile-path=https://github.com/${{github.repo}}/blob/${{github.sha}}/Dockerfile
docker push contoso.azurecr.io/k8sdemo:${{ github.sha }} docker push contoso.azurecr.io/k8sdemo:${{ github.sha }}
``` ```
### Use bake action to get manifests deploying to a Kubernetes cluster ### Use bake action to get manifests deploying to a Kubernetes cluster
@@ -427,55 +362,55 @@ jobs:
```yaml ```yaml
on: [push] on: [push]
env: env:
NAMESPACE: demo-ns2 NAMESPACE: demo-ns2
jobs: jobs:
deploy: deploy:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v6 - uses: actions/checkout@master
- uses: Azure/docker-login@v2 - uses: Azure/docker-login@v1
with: with:
login-server: contoso.azurecr.io login-server: contoso.azurecr.io
username: ${{ secrets.REGISTRY_USERNAME }} username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }} password: ${{ secrets.REGISTRY_PASSWORD }}
- uses: azure/setup-kubectl@v4 - uses: azure/setup-kubectl@v2.0
# Set the target AKS cluster. # Set the target AKS cluster.
- uses: Azure/aks-set-context@v4 - uses: Azure/aks-set-context@v1
with: with:
creds: '${{ secrets.AZURE_CREDENTIALS }}' creds: "${{ secrets.AZURE_CREDENTIALS }}"
cluster-name: contoso cluster-name: contoso
resource-group: contoso-rg resource-group: contoso-rg
- uses: Azure/k8s-create-secret@v5 - uses: Azure/k8s-create-secret@v1.1
with: with:
namespace: ${{ env.NAMESPACE }} namespace: ${{ env.NAMESPACE }}
container-registry-url: contoso.azurecr.io container-registry-url: contoso.azurecr.io
container-registry-username: ${{ secrets.REGISTRY_USERNAME }} container-registry-username: ${{ secrets.REGISTRY_USERNAME }}
container-registry-password: ${{ secrets.REGISTRY_PASSWORD }} container-registry-password: ${{ secrets.REGISTRY_PASSWORD }}
secret-name: demo-k8s-secret secret-name: demo-k8s-secret
- uses: azure/k8s-bake@v3 - uses: azure/k8s-bake@v2
with: with:
renderEngine: 'helm' renderEngine: "helm"
helmChart: './aks-helloworld/' helmChart: "./aks-helloworld/"
overrideFiles: './aks-helloworld/values-override.yaml' overrideFiles: "./aks-helloworld/values-override.yaml"
overrides: | overrides: |
replicas:2 replicas:2
helm-version: 'latest' helm-version: "latest"
id: bake id: bake
- uses: Azure/k8s-deploy@v5 - uses: Azure/k8s-deploy@v1.2
with: with:
action: deploy action: deploy
manifests: ${{ steps.bake.outputs.manifestsBundle }} manifests: ${{ steps.bake.outputs.manifestsBundle }}
images: | images: |
contoso.azurecr.io/k8sdemo:${{ github.sha }} contoso.azurecr.io/k8sdemo:${{ github.sha }}
imagepullsecrets: | imagepullsecrets: |
demo-k8s-secret demo-k8s-secret
``` ```
## Traceability Fields Support ## Traceability Fields Support
@@ -497,7 +432,3 @@ provided by the bot. You will only need to do this once across all repos using o
This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or
contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments. contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
## Support
k8s-deploy is an open source project that is [**not** covered by the Microsoft Azure support policy](https://support.microsoft.com/en-us/help/2941892/support-for-linux-and-open-source-technology-in-azure). [Please search open issues here](https://github.com/Azure/k8s-deploy/issues), and if your issue isn't already represented please [open a new one](https://github.com/Azure/k8s-deploy/issues/new/choose). The project maintainers will respond to the best of their abilities.
SECURITY.md
+9 -9
View File
@@ -4,23 +4,23 @@
Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [many more](https://opensource.microsoft.com/). Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [many more](https://opensource.microsoft.com/).
If you believe you have found a security vulnerability in any Microsoft-owned repository that meets Microsoft's [definition](<https://docs.microsoft.com/en-us/previous-versions/tn-archive/cc751383(v=technet.10)>) of a security vulnerability, please report it to us as described below. If you believe you have found a security vulnerability in any Microsoft-owned repository that meets Microsoft's [definition](https://docs.microsoft.com/en-us/previous-versions/tn-archive/cc751383(v=technet.10)) of a security vulnerability, please report it to us as described below.
## Reporting Security Issues ## Reporting Security Issues
**Please do not report security vulnerabilities through public GitHub issues.** Instead, please report them to the Microsoft Security Response Center at [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://technet.microsoft.com/en-us/security/dn606155). **Please do not report security vulnerabilities through public GitHub issues.** Instead, please report them to the Microsoft Security Response Center at [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://technet.microsoft.com/en-us/security/dn606155).
You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc). You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc).
Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue: Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
- Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.) * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
- Full paths of source file(s) related to the manifestation of the issue * Full paths of source file(s) related to the manifestation of the issue
- The location of the affected source code (tag/branch/commit or direct URL) * The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue * Any special configuration required to reproduce the issue
- Step-by-step instructions to reproduce the issue * Step-by-step instructions to reproduce the issue
- Proof-of-concept or exploit code (if possible) * Proof-of-concept or exploit code (if possible)
- Impact of the issue, including how an attacker might exploit the issue * Impact of the issue, including how an attacker might exploit the issue
This information will help us triage your report more quickly. This information will help us triage your report more quickly.
action.yml
+63 -96
View File
@@ -1,100 +1,67 @@
name: 'Deploy to Kubernetes cluster' name: "Deploy to Kubernetes cluster"
description: 'Deploy to a Kubernetes cluster including, but not limited to Azure Kubernetes Service (AKS) clusters' description: "Deploy to a Kubernetes cluster including, but not limited to Azure Kubernetes Service (AKS) clusters"
inputs: inputs:
# Please ensure you have used either azure/k8s-actions/aks-set-context or azure/k8s-actions/k8s-set-context in the workflow before this action # Please ensure you have used either azure/k8s-actions/aks-set-context or azure/k8s-actions/k8s-set-context in the workflow before this action
# You also need to have kubectl installed (azure/setup-kubectl) # You also need to have kubectl installed (azure/setup-kubectl)
namespace: namespace:
description: 'Choose the target Kubernetes namespace. If the namespace is not provided, the commands will automatically use the namespace defined in the manifest files first or otherwise run in the default namespace.' description: "Choose the target Kubernetes namespace. If the namespace is not provided, the commands will run in the default namespace."
required: false required: false
default: '' manifests:
manifests: description: "Path to the manifest files which will be used for deployment."
description: 'Path to the manifest files which will be used for deployment.' required: true
required: true images:
images: description: "Fully qualified resource URL of the image(s) to be used for substitutions on the manifest files Example: contosodemo.azurecr.io/helloworld:test"
description: 'Fully qualified resource URL of the image(s) to be used for substitutions on the manifest files Example: contosodemo.azurecr.io/helloworld:test' required: false
required: false imagepullsecrets:
imagepullsecrets: description: "Name of a docker-registry secret that has already been set up within the cluster. Each of these secret names are added under imagePullSecrets field for the workloads found in the input manifest files"
description: 'Name of a docker-registry secret that has already been set up within the cluster. Each of these secret names are added under imagePullSecrets field for the workloads found in the input manifest files' required: false
required: false pull-images:
pull-images: description: "Switch whether to pull the images from the registry before deployment to find out Dockerfile's path in order to add it to the annotations"
description: "Switch whether to pull the images from the registry before deployment to find out Dockerfile's path in order to add it to the annotations" required: false
required: false default: true
default: true strategy:
strategy: description: "Deployment strategy to be used. Allowed values are none, canary and blue-green"
description: 'Deployment strategy to be used. Allowed values are basic, canary and blue-green' required: false
required: true default: "none"
default: 'basic' route-method:
route-method: description: "Route based on service, ingress or SMI for blue-green strategy"
description: 'Route based on service, ingress or SMI for blue-green strategy' required: false
required: false default: "service"
default: 'service' version-switch-buffer:
version-switch-buffer: description: "Indicates the buffer time in minutes before the switch is made to the green version (max is 300 min ie. 5hrs)"
description: 'Indicates the buffer time in minutes before the switch is made to the green version (max is 300 min ie. 5hrs)' required: false
required: false default: 0
default: 0 traffic-split-method:
traffic-split-method: description: "Traffic split method to be used. Allowed values are pod and smi"
description: 'Traffic split method to be used. Allowed values are pod and smi' required: false
required: false default: "pod"
default: 'pod' baseline-and-canary-replicas:
traffic-split-annotations: description: "Baseline and canary replicas count. Valid value between 0 to 100 (inclusive)"
description: 'Annotations in the form of key/value pair to be added to TrafficSplit. Relevant only if deployement strategy is blue-green or canary' required: false
required: false default: 0
baseline-and-canary-replicas: percentage:
description: 'Baseline and canary replicas count. Valid value between 0 to 100 (inclusive)' description: "Percentage of traffic redirect to canary deployment"
required: false required: false
default: '' default: 0
percentage: action:
description: 'Percentage of traffic redirect to canary deployment' description: "deploy, promote, or reject"
required: false required: true
default: 0 default: "deploy"
action: force:
description: 'deploy, promote, or reject' description: "Deploy when a previous deployment already exists. If true then --force argument is added to the apply command"
required: true required: false
default: 'deploy' default: false
force: token:
description: 'Deploy when a previous deployment already exists. If true then --force argument is added to the apply command' description: "Github token"
required: false default: ${{ github.token }}
default: false required: true
server-side: annotate-namespace:
description: 'The apply command runs in the server instead of the client. If true then --server-side argument is added to the apply command.' description: "Annotate the target namespace"
required: false required: false
default: false default: true
timeout:
description: 'Timeout for the rollout status'
required: false
default: 10m
token:
description: 'Github token'
default: ${{ github.token }}
required: true
annotate-resources:
description: 'Annotate the resources. If set to false all annotations are skipped completely.'
required: false
default: true
annotate-namespace:
description: 'Annotate the target namespace. Ignored when annotate-resources is set to false or no namespace is provided.'
required: false
default: true
private-cluster:
description: 'True if cluster is AKS private cluster'
required: false
default: false
resource-group:
description: 'Name of resource group - Only required if using private cluster'
required: false
name:
description: 'Name of the private cluster - Only required if using private cluster'
required: false
skip-tls-verify:
description: True if the insecure-skip-tls-verify option should be used. Input should be 'true' or 'false'.
default: false
resource-type:
description: Either Microsoft.ContainerService/managedClusters or Microsoft.ContainerService/fleets'.
required: false
default: 'Microsoft.ContainerService/managedClusters'
branding: branding:
color: 'green' color: "green"
runs: runs:
using: 'node24' using: "node12"
main: 'lib/index.js' main: "lib/index.js"
babel.config.js
-6
View File
@@ -1,6 +0,0 @@
module.exports = {
presets: [
['@babel/preset-env', {targets: {node: 'current'}}],
'@babel/preset-typescript'
]
}
jest.config.js
+10
View File
@@ -0,0 +1,10 @@
module.exports = {
clearMocks: true,
moduleFileExtensions: ['js', 'ts'],
testEnvironment: 'node',
testMatch: ['**/*.test.ts'],
transform: {
'^.+\\.ts$': 'ts-jest'
},
verbose: true
}
package-lock.json
Generated
+10937 -2107
View File
File diff suppressed because it is too large Load Diff
package.json
+26 -34
View File
@@ -1,36 +1,28 @@
{ {
"name": "k8s-deploy-action", "name": "k8s-deploy-action",
"version": "6.0.0", "version": "0.0.0",
"author": "Deepak Sattiraju", "author": "Deepak Sattiraju",
"license": "MIT", "license": "MIT",
"type": "module", "scripts": {
"scripts": { "build": "tsc --outDir ./lib --rootDir ./src",
"build": "tsc --noEmit && esbuild src/run.ts --bundle --platform=node --target=node20 --format=esm --outfile=lib/index.js --banner:js=\"import { createRequire } from 'module';const require = createRequire(import.meta.url);\"", "test": "jest"
"typecheck": "tsc --noEmit", },
"test": "vitest run", "dependencies": {
"coverage": "vitest run --coverage", "@actions/core": "^1.2.6",
"format": "prettier --write .", "@actions/exec": "^1.0.0",
"format-check": "prettier --check .", "@actions/io": "^1.0.0",
"prepare": "husky" "@actions/tool-cache": "1.1.2",
}, "@octokit/core": "^3.5.1",
"dependencies": { "@octokit/plugin-retry": "^3.0.9",
"@actions/core": "^3.0.1", "@types/minipass": "^3.1.2",
"@actions/exec": "^3.0.0", "js-yaml": "3.13.1"
"@actions/io": "^3.0.2", },
"@actions/tool-cache": "4.0.0", "devDependencies": {
"@octokit/core": "^7.0.6", "@types/jest": "^26.0.0",
"@octokit/plugin-retry": "^8.1.0", "@types/js-yaml": "^3.12.7",
"js-yaml": "4.2.0", "@types/node": "^12.20.41",
"minimist": "^1.2.8" "jest": "^26.0.0",
}, "ts-jest": "^25.5.1",
"devDependencies": { "typescript": "3.9.5"
"@types/js-yaml": "^4.0.9", }
"@types/minimist": "^1.2.5",
"@types/node": "^25.9.3",
"esbuild": "^0.28",
"husky": "^9.1.7",
"prettier": "^3.8.4",
"typescript": "6.0.3",
"vitest": "^4"
}
} }
src/actions/deploy.ts
+75 -71
View File
@@ -1,81 +1,85 @@
import * as core from '@actions/core' import * as core from "@actions/core";
import * as models from '../types/kubernetesTypes.js' import * as models from "../types/kubernetesTypes";
import * as KubernetesConstants from '../types/kubernetesTypes.js' import * as KubernetesConstants from "../types/kubernetesTypes";
import {Kubectl, Resource} from '../types/kubectl.js' import { Kubectl, Resource } from "../types/kubectl";
import { import {
getResources, getResources,
updateManifestFiles updateManifestFiles,
} from '../utilities/manifestUpdateUtils.js' } from "../utilities/manifestUpdateUtils";
import { routeBlueGreen } from "../strategyHelpers/blueGreen/blueGreenHelper";
import { import {
annotateAndLabelResources, annotateAndLabelResources,
checkManifestStability, checkManifestStability,
deployManifests deployManifests,
} from '../strategyHelpers/deploymentHelper.js' } from "../strategyHelpers/deploymentHelper";
import {DeploymentStrategy} from '../types/deploymentStrategy.js' import { DeploymentStrategy } from "../types/deploymentStrategy";
import {parseTrafficSplitMethod} from '../types/trafficSplitMethod.js' import { parseTrafficSplitMethod } from "../types/trafficSplitMethod";
import {ClusterType} from '../inputUtils.js' import { parseRouteStrategy } from "../types/routeStrategy";
export const ResourceTypeManagedCluster =
'Microsoft.ContainerService/managedClusters'
export const ResourceTypeFleet = 'Microsoft.ContainerService/fleets'
export async function deploy( export async function deploy(
kubectl: Kubectl, kubectl: Kubectl,
manifestFilePaths: string[], manifestFilePaths: string[],
deploymentStrategy: DeploymentStrategy, deploymentStrategy: DeploymentStrategy
resourceType: ClusterType,
timeout?: string
) { ) {
// update manifests // update manifests
const inputManifestFiles: string[] = updateManifestFiles(manifestFilePaths) const inputManifestFiles: string[] = updateManifestFiles(manifestFilePaths);
core.debug(`Input manifest files: ${inputManifestFiles}`) core.debug("Input manifest files: " + inputManifestFiles);
// deploy manifests // deploy manifests
core.startGroup('Deploying manifests') core.info("Deploying manifests");
const trafficSplitMethod = parseTrafficSplitMethod( const trafficSplitMethod = parseTrafficSplitMethod(
core.getInput('traffic-split-method', {required: true}) core.getInput("traffic-split-method", { required: true })
) );
const deployedManifestFiles = await deployManifests( const deployedManifestFiles = await deployManifests(
inputManifestFiles, inputManifestFiles,
deploymentStrategy, deploymentStrategy,
kubectl, kubectl,
trafficSplitMethod, trafficSplitMethod
timeout );
) core.debug("Deployed manifest files: " + deployedManifestFiles);
core.debug(`Deployed manifest files: ${deployedManifestFiles}`)
core.endGroup()
// check manifest stability // check manifest stability
core.startGroup('Checking manifest stability') core.info("Checking manifest stability");
const resourceTypes: Resource[] = getResources( const resourceTypes: Resource[] = getResources(
deployedManifestFiles, deployedManifestFiles,
models.DEPLOYMENT_TYPES.concat([ models.DEPLOYMENT_TYPES.concat([
KubernetesConstants.DiscoveryAndLoadBalancerResource.SERVICE KubernetesConstants.DiscoveryAndLoadBalancerResource.SERVICE,
]) ])
) );
await checkManifestStability(kubectl, resourceTypes);
await checkManifestStability(kubectl, resourceTypes, resourceType, timeout) if (deploymentStrategy == DeploymentStrategy.BLUE_GREEN) {
core.endGroup() core.info("Routing blue green");
const routeStrategy = parseRouteStrategy(
core.getInput("route-method", { required: true })
);
await routeBlueGreen(kubectl, inputManifestFiles, routeStrategy);
}
// print ingresses // print ingresses
core.startGroup('Printing ingresses') core.info("Printing ingresses");
const ingressResources: Resource[] = getResources(deployedManifestFiles, [ const ingressResources: Resource[] = getResources(deployedManifestFiles, [
KubernetesConstants.DiscoveryAndLoadBalancerResource.INGRESS KubernetesConstants.DiscoveryAndLoadBalancerResource.INGRESS,
]) ]);
for (const ingressResource of ingressResources) { for (const ingressResource of ingressResources) {
await kubectl.getResource( await kubectl.getResource(
KubernetesConstants.DiscoveryAndLoadBalancerResource.INGRESS, KubernetesConstants.DiscoveryAndLoadBalancerResource.INGRESS,
ingressResource.name, ingressResource.name
false, );
ingressResource.namespace }
)
}
core.endGroup()
// annotate resources // annotate resources
core.startGroup('Annotating resources') core.info("Annotating resources");
await annotateAndLabelResources( let allPods;
deployedManifestFiles, try {
kubectl, allPods = JSON.parse((await kubectl.getAllPods()).stdout);
resourceTypes } catch (e) {
) core.debug("Unable to parse pods: " + e);
core.endGroup() }
await annotateAndLabelResources(
deployedManifestFiles,
kubectl,
resourceTypes,
allPods
);
} }
src/actions/promote.ts
+155 -239
View File
@@ -1,256 +1,172 @@
import * as core from '@actions/core' import * as core from "@actions/core";
import * as canaryDeploymentHelper from '../strategyHelpers/canary/canaryHelper.js' import * as deploy from "./deploy";
import * as SMICanaryDeploymentHelper from '../strategyHelpers/canary/smiCanaryHelper.js' import * as canaryDeploymentHelper from "../strategyHelpers/canary/canaryHelper";
import * as PodCanaryHelper from '../strategyHelpers/canary/podCanaryHelper.js' import * as SMICanaryDeploymentHelper from "../strategyHelpers/canary/smiCanaryHelper";
import { import {
getResources, getResources,
updateManifestFiles updateManifestFiles,
} from '../utilities/manifestUpdateUtils.js' } from "../utilities/manifestUpdateUtils";
import {annotateAndLabelResources} from '../strategyHelpers/deploymentHelper.js' import * as models from "../types/kubernetesTypes";
import * as models from '../types/kubernetesTypes.js' import * as KubernetesManifestUtility from "../utilities/manifestStabilityUtils";
import * as KubernetesManifestUtility from '../utilities/manifestStabilityUtils.js'
import { import {
deleteGreenObjects, BlueGreenManifests,
getManifestObjects, deleteWorkloadsAndServicesWithLabel,
NONE_LABEL_VALUE deleteWorkloadsWithLabel,
} from '../strategyHelpers/blueGreen/blueGreenHelper.js' getManifestObjects,
GREEN_LABEL_VALUE,
import {BlueGreenManifests} from '../types/blueGreenTypes.js' NONE_LABEL_VALUE,
import {DeployResult} from '../types/deployResult.js' } from "../strategyHelpers/blueGreen/blueGreenHelper";
import { import {
promoteBlueGreenIngress, promoteBlueGreenService,
promoteBlueGreenService, routeBlueGreenService,
promoteBlueGreenSMI } from "../strategyHelpers/blueGreen/serviceBlueGreenHelper";
} from '../strategyHelpers/blueGreen/promote.js'
import { import {
routeBlueGreenService, promoteBlueGreenIngress,
routeBlueGreenIngressUnchanged, routeBlueGreenIngress,
routeBlueGreenSMI } from "../strategyHelpers/blueGreen/ingressBlueGreenHelper";
} from '../strategyHelpers/blueGreen/route.js'
import {cleanupSMI} from '../strategyHelpers/blueGreen/smiBlueGreenHelper.js'
import {Kubectl, Resource} from '../types/kubectl.js'
import {DeploymentStrategy} from '../types/deploymentStrategy.js'
import { import {
parseTrafficSplitMethod, cleanupSMI,
TrafficSplitMethod promoteBlueGreenSMI,
} from '../types/trafficSplitMethod.js' routeBlueGreenSMI,
import {parseRouteStrategy, RouteStrategy} from '../types/routeStrategy.js' } from "../strategyHelpers/blueGreen/smiBlueGreenHelper";
import {ClusterType} from '../inputUtils.js' import { Kubectl, Resource } from "../types/kubectl";
import { DeploymentStrategy } from "../types/deploymentStrategy";
import {
parseTrafficSplitMethod,
TrafficSplitMethod,
} from "../types/trafficSplitMethod";
import { parseRouteStrategy, RouteStrategy } from "../types/routeStrategy";
export async function promote( export async function promote(
kubectl: Kubectl, kubectl: Kubectl,
manifests: string[], manifests: string[],
deploymentStrategy: DeploymentStrategy, deploymentStrategy: DeploymentStrategy
resourceType: ClusterType,
timeout?: string
) { ) {
switch (deploymentStrategy) { switch (deploymentStrategy) {
case DeploymentStrategy.CANARY: case DeploymentStrategy.CANARY:
await promoteCanary(kubectl, manifests, timeout) await promoteCanary(kubectl, manifests);
break break;
case DeploymentStrategy.BLUE_GREEN: case DeploymentStrategy.BLUE_GREEN:
await promoteBlueGreen(kubectl, manifests, resourceType, timeout) await promoteBlueGreen(kubectl, manifests);
break break;
default: default:
throw Error('Invalid promote deployment strategy') throw Error("Invalid promote deployment strategy");
} }
} }
async function promoteCanary( async function promoteCanary(kubectl: Kubectl, manifests: string[]) {
kubectl: Kubectl, let includeServices = false;
manifests: string[],
timeout?: string
) {
let includeServices = false
const manifestFilesForDeployment: string[] = updateManifestFiles(manifests) const trafficSplitMethod = parseTrafficSplitMethod(
core.getInput("traffic-split-method", { required: true })
);
if (trafficSplitMethod == TrafficSplitMethod.SMI) {
includeServices = true;
const trafficSplitMethod = parseTrafficSplitMethod( // In case of SMI traffic split strategy when deployment is promoted, first we will redirect traffic to
core.getInput('traffic-split-method', {required: true}) // canary deployment, then update stable deployment and then redirect traffic to stable deployment
) core.info("Redirecting traffic to canary deployment");
let promoteResult: DeployResult await SMICanaryDeploymentHelper.redirectTrafficToCanaryDeployment(
let filesToAnnotate: string[]
if (trafficSplitMethod == TrafficSplitMethod.SMI) {
includeServices = true
// In case of SMI traffic split strategy when deployment is promoted, first we will redirect traffic to
// canary deployment, then update stable deployment and then redirect traffic to stable deployment
core.startGroup('Redirecting traffic to canary deployment')
await SMICanaryDeploymentHelper.redirectTrafficToCanaryDeployment(
kubectl,
manifests,
timeout
)
core.endGroup()
core.startGroup(
'Deploying input manifests with SMI canary strategy from promote'
)
promoteResult = await SMICanaryDeploymentHelper.deploySMICanary(
manifestFilesForDeployment,
kubectl,
true,
timeout
)
core.endGroup()
core.startGroup('Redirecting traffic to stable deployment')
const stableRedirectManifests =
await SMICanaryDeploymentHelper.redirectTrafficToStableDeployment(
kubectl,
manifests,
timeout
)
filesToAnnotate = promoteResult.manifestFiles.concat(
stableRedirectManifests
)
core.endGroup()
} else {
core.startGroup('Deploying input manifests from promote')
promoteResult = await PodCanaryHelper.deployPodCanary(
manifestFilesForDeployment,
kubectl,
true,
timeout
)
filesToAnnotate = promoteResult.manifestFiles
core.endGroup()
}
core.startGroup('Deleting canary and baseline workloads')
try {
await canaryDeploymentHelper.deleteCanaryDeployment(
kubectl,
manifests,
includeServices
)
} catch (ex) {
core.warning(
`Exception occurred while deleting canary and baseline workloads: ${ex}`
)
}
core.endGroup()
// annotate resources
core.startGroup('Annotating resources')
const resources: Resource[] = getResources(
filesToAnnotate,
models.DEPLOYMENT_TYPES.concat([
models.DiscoveryAndLoadBalancerResource.SERVICE
])
)
await annotateAndLabelResources(filesToAnnotate, kubectl, resources)
core.endGroup()
}
async function promoteBlueGreen(
kubectl: Kubectl,
manifests: string[],
resourceType: ClusterType,
timeout?: string
) {
// update container images and pull secrets
const inputManifestFiles: string[] = updateManifestFiles(manifests)
const manifestObjects: BlueGreenManifests =
getManifestObjects(inputManifestFiles)
const routeStrategy = parseRouteStrategy(
core.getInput('route-method', {required: true})
)
core.startGroup('Deleting old deployment and making new stable deployment')
const {deployResult} = await (async () => {
switch (routeStrategy) {
case RouteStrategy.INGRESS:
return await promoteBlueGreenIngress(
kubectl,
manifestObjects,
timeout
)
case RouteStrategy.SMI:
return await promoteBlueGreenSMI(kubectl, manifestObjects, timeout)
default:
return await promoteBlueGreenService(
kubectl,
manifestObjects,
timeout
)
}
})()
core.endGroup()
// checking stability of newly created deployments
core.startGroup('Checking manifest stability')
const deployedManifestFiles = deployResult.manifestFiles
const resources: Resource[] = getResources(
deployedManifestFiles,
models.DEPLOYMENT_TYPES.concat([
models.DiscoveryAndLoadBalancerResource.SERVICE
])
)
await KubernetesManifestUtility.checkManifestStability(
kubectl, kubectl,
resources, manifests
resourceType, );
timeout
)
core.endGroup()
core.startGroup( core.info("Deploying input manifests with SMI canary strategy");
'Routing to new deployments and deleting old workloads and services' await deploy.deploy(kubectl, manifests, DeploymentStrategy.CANARY);
)
if (routeStrategy == RouteStrategy.INGRESS) {
await routeBlueGreenIngressUnchanged(
kubectl,
manifestObjects.serviceNameMap,
manifestObjects.ingressEntityList
)
await deleteGreenObjects( core.info("Redirecting traffic to stable deployment");
kubectl, await SMICanaryDeploymentHelper.redirectTrafficToStableDeployment(
[].concat( kubectl,
manifestObjects.deploymentEntityList, manifests
manifestObjects.serviceEntityList );
), } else {
timeout core.info("Deploying input manifests");
) await deploy.deploy(kubectl, manifests, DeploymentStrategy.CANARY);
} else if (routeStrategy == RouteStrategy.SMI) { }
await routeBlueGreenSMI(
kubectl,
NONE_LABEL_VALUE,
manifestObjects.serviceEntityList
)
await deleteGreenObjects(
kubectl,
manifestObjects.deploymentEntityList,
timeout
)
await cleanupSMI(kubectl, manifestObjects.serviceEntityList, timeout)
} else {
await routeBlueGreenService(
kubectl,
NONE_LABEL_VALUE,
manifestObjects.serviceEntityList
)
await deleteGreenObjects(
kubectl,
manifestObjects.deploymentEntityList,
timeout
)
}
core.endGroup()
// annotate resources core.info("Deleting canary and baseline workloads");
core.startGroup('Annotating resources') try {
await annotateAndLabelResources(deployedManifestFiles, kubectl, resources) await canaryDeploymentHelper.deleteCanaryDeployment(
core.endGroup() kubectl,
manifests,
includeServices
);
} catch (ex) {
core.warning(
"Exception occurred while deleting canary and baseline workloads: " + ex
);
}
}
async function promoteBlueGreen(kubectl: Kubectl, manifests: string[]) {
// update container images and pull secrets
const inputManifestFiles: string[] = updateManifestFiles(manifests);
const manifestObjects: BlueGreenManifests =
getManifestObjects(inputManifestFiles);
const routeStrategy = parseRouteStrategy(
core.getInput("route-method", { required: true })
);
core.info("Deleting old deployment and making new one");
let result;
if (routeStrategy == RouteStrategy.INGRESS) {
result = await promoteBlueGreenIngress(kubectl, manifestObjects);
} else if (routeStrategy == RouteStrategy.SMI) {
result = await promoteBlueGreenSMI(kubectl, manifestObjects);
} else {
result = await promoteBlueGreenService(kubectl, manifestObjects);
}
// checking stability of newly created deployments
core.info("Checking manifest stability");
const deployedManifestFiles = result.newFilePaths;
const resources: Resource[] = getResources(
deployedManifestFiles,
models.DEPLOYMENT_TYPES.concat([
models.DiscoveryAndLoadBalancerResource.SERVICE,
])
);
await KubernetesManifestUtility.checkManifestStability(kubectl, resources);
core.info(
"Routing to new deployments and deleting old workloads and services"
);
if (routeStrategy == RouteStrategy.INGRESS) {
await routeBlueGreenIngress(
kubectl,
null,
manifestObjects.serviceNameMap,
manifestObjects.ingressEntityList
);
await deleteWorkloadsAndServicesWithLabel(
kubectl,
GREEN_LABEL_VALUE,
manifestObjects.deploymentEntityList,
manifestObjects.serviceEntityList
);
} else if (routeStrategy == RouteStrategy.SMI) {
await routeBlueGreenSMI(
kubectl,
NONE_LABEL_VALUE,
manifestObjects.serviceEntityList
);
await deleteWorkloadsWithLabel(
kubectl,
GREEN_LABEL_VALUE,
manifestObjects.deploymentEntityList
);
await cleanupSMI(kubectl, manifestObjects.serviceEntityList);
} else {
await routeBlueGreenService(
kubectl,
NONE_LABEL_VALUE,
manifestObjects.serviceEntityList
);
await deleteWorkloadsWithLabel(
kubectl,
GREEN_LABEL_VALUE,
manifestObjects.deploymentEntityList
);
}
} }
src/actions/reject.ts
+56 -76
View File
@@ -1,88 +1,68 @@
import * as core from '@actions/core' import * as core from "@actions/core";
import * as canaryDeploymentHelper from '../strategyHelpers/canary/canaryHelper.js' import * as canaryDeploymentHelper from "../strategyHelpers/canary/canaryHelper";
import * as SMICanaryDeploymentHelper from '../strategyHelpers/canary/smiCanaryHelper.js' import * as SMICanaryDeploymentHelper from "../strategyHelpers/canary/smiCanaryHelper";
import {Kubectl} from '../types/kubectl.js' import { Kubectl } from "../types/kubectl";
import {BlueGreenManifests} from '../types/blueGreenTypes.js' import { rejectBlueGreenService } from "../strategyHelpers/blueGreen/serviceBlueGreenHelper";
import { rejectBlueGreenIngress } from "../strategyHelpers/blueGreen/ingressBlueGreenHelper";
import { rejectBlueGreenSMI } from "../strategyHelpers/blueGreen/smiBlueGreenHelper";
import { DeploymentStrategy } from "../types/deploymentStrategy";
import { import {
rejectBlueGreenIngress, parseTrafficSplitMethod,
rejectBlueGreenService, TrafficSplitMethod,
rejectBlueGreenSMI } from "../types/trafficSplitMethod";
} from '../strategyHelpers/blueGreen/reject.js' import { parseRouteStrategy, RouteStrategy } from "../types/routeStrategy";
import {getManifestObjects} from '../strategyHelpers/blueGreen/blueGreenHelper.js'
import {DeploymentStrategy} from '../types/deploymentStrategy.js'
import {
parseTrafficSplitMethod,
TrafficSplitMethod
} from '../types/trafficSplitMethod.js'
import {parseRouteStrategy, RouteStrategy} from '../types/routeStrategy.js'
export async function reject( export async function reject(
kubectl: Kubectl, kubectl: Kubectl,
manifests: string[], manifests: string[],
deploymentStrategy: DeploymentStrategy, deploymentStrategy: DeploymentStrategy
timeout?: string
) { ) {
switch (deploymentStrategy) { switch (deploymentStrategy) {
case DeploymentStrategy.CANARY: case DeploymentStrategy.CANARY:
await rejectCanary(kubectl, manifests, timeout) await rejectCanary(kubectl, manifests);
break break;
case DeploymentStrategy.BLUE_GREEN: case DeploymentStrategy.BLUE_GREEN:
await rejectBlueGreen(kubectl, manifests, timeout) await rejectBlueGreen(kubectl, manifests);
break break;
default: default:
throw 'Invalid delete deployment strategy' throw "Invalid delete deployment strategy";
} }
} }
async function rejectCanary( async function rejectCanary(kubectl: Kubectl, manifests: string[]) {
kubectl: Kubectl, let includeServices = false;
manifests: string[],
timeout?: string
) {
let includeServices = false
const trafficSplitMethod = parseTrafficSplitMethod( const trafficSplitMethod = parseTrafficSplitMethod(
core.getInput('traffic-split-method', {required: true}) core.getInput("traffic-split-method", { required: true })
) );
if (trafficSplitMethod == TrafficSplitMethod.SMI) { if (trafficSplitMethod == TrafficSplitMethod.SMI) {
core.startGroup('Rejecting deployment with SMI canary strategy') core.info("Rejecting deployment with SMI canary strategy");
includeServices = true includeServices = true;
await SMICanaryDeploymentHelper.redirectTrafficToStableDeployment( await SMICanaryDeploymentHelper.redirectTrafficToStableDeployment(
kubectl,
manifests,
timeout
)
core.endGroup()
}
core.startGroup('Deleting baseline and canary workloads')
await canaryDeploymentHelper.deleteCanaryDeployment(
kubectl, kubectl,
manifests, manifests
includeServices, );
timeout }
)
core.endGroup() core.info("Deleting baseline and canary workloads");
await canaryDeploymentHelper.deleteCanaryDeployment(
kubectl,
manifests,
includeServices
);
} }
async function rejectBlueGreen( async function rejectBlueGreen(kubectl: Kubectl, manifests: string[]) {
kubectl: Kubectl, core.info("Rejecting deployment with blue green strategy");
manifests: string[],
timeout?: string
) {
const routeStrategy = parseRouteStrategy(
core.getInput('route-method', {required: true})
)
core.startGroup('Rejecting deployment with blue green strategy')
core.info(`using routeMethod ${routeStrategy}`)
const manifestObjects: BlueGreenManifests = getManifestObjects(manifests)
if (routeStrategy == RouteStrategy.INGRESS) { const routeStrategy = parseRouteStrategy(
await rejectBlueGreenIngress(kubectl, manifestObjects, timeout) core.getInput("route-method", { required: true })
} else if (routeStrategy == RouteStrategy.SMI) { );
await rejectBlueGreenSMI(kubectl, manifestObjects, timeout) if (routeStrategy == RouteStrategy.INGRESS) {
} else { await rejectBlueGreenIngress(kubectl, manifests);
await rejectBlueGreenService(kubectl, manifestObjects, timeout) } else if (routeStrategy == RouteStrategy.SMI) {
} await rejectBlueGreenSMI(kubectl, manifests);
core.endGroup() } else {
await rejectBlueGreenService(kubectl, manifests);
}
} }
src/inputUtils.test.ts
-33
View File
@@ -1,33 +0,0 @@
import {parseResourceTypeInput} from './inputUtils.js'
import {
ResourceTypeFleet,
ResourceTypeManagedCluster
} from './actions/deploy.js'
describe('InputUtils', () => {
describe('parseResourceTypeInput', () => {
it('should extract fleet exact match resource type', () => {
expect(
parseResourceTypeInput('Microsoft.ContainerService/fleets')
).toEqual(ResourceTypeFleet)
})
it('should match fleet case-insensitively', () => {
expect(
parseResourceTypeInput('Microsoft.containerservice/fleets')
).toEqual(ResourceTypeFleet)
})
it('should match managed cluster case-insensitively', () => {
expect(
parseResourceTypeInput('Microsoft.containerservice/MAnaGedClusterS')
).toEqual(ResourceTypeManagedCluster)
})
it('should error on unexpected values', () => {
expect(() => {
parseResourceTypeInput('icrosoft.ContainerService/ManagedCluster')
}).toThrow()
expect(() => {
parseResourceTypeInput('wrong-value')
}).toThrow()
})
})
})
src/inputUtils.ts
-35
View File
@@ -1,35 +0,0 @@
import * as core from '@actions/core'
import {parseAnnotations} from './types/annotations.js'
import {
ResourceTypeFleet,
ResourceTypeManagedCluster
} from './actions/deploy.js'
export const inputAnnotations = parseAnnotations(
core.getInput('annotations', {required: false})
)
export function getBufferTime(): number {
const inputBufferTime = parseInt(
core.getInput('version-switch-buffer') || '0'
)
if (inputBufferTime < 0 || inputBufferTime > 300)
throw Error('Version switch buffer must be between 0 and 300 (inclusive)')
return inputBufferTime
}
export function parseResourceTypeInput(rawInput: string): ClusterType {
switch (rawInput.toLowerCase()) {
case ResourceTypeFleet.toLowerCase():
return ResourceTypeFleet
case ResourceTypeManagedCluster.toLowerCase():
return ResourceTypeManagedCluster
}
throw new Error(
`Invalid resource type: ${rawInput}. Supported resource types are: ${ResourceTypeManagedCluster} (default), ${ResourceTypeFleet}`
)
}
export type ClusterType =
| typeof ResourceTypeManagedCluster
| typeof ResourceTypeFleet
src/run.ts
+49 -104
View File
@@ -1,111 +1,56 @@
import * as core from '@actions/core' import * as core from "@actions/core";
import {getKubectlPath, Kubectl} from './types/kubectl.js' import { getKubectlPath, Kubectl } from "./types/kubectl";
import { import { deploy } from "./actions/deploy";
deploy, import { promote } from "./actions/promote";
ResourceTypeFleet, import { reject } from "./actions/reject";
ResourceTypeManagedCluster import { Action, parseAction } from "./types/action";
} from './actions/deploy.js' import { parseDeploymentStrategy } from "./types/deploymentStrategy";
import {ClusterType} from './inputUtils.js' import { getFilesFromDirectories } from "./utilities/fileUtils";
import {promote} from './actions/promote.js'
import {reject} from './actions/reject.js'
import {Action, parseAction} from './types/action.js'
import {parseDeploymentStrategy} from './types/deploymentStrategy.js'
import {getFilesFromDirectoriesAndURLs} from './utilities/fileUtils.js'
import {PrivateKubectl} from './types/privatekubectl.js'
import {parseResourceTypeInput} from './inputUtils.js'
import {parseDuration} from './utilities/durationUtils.js'
export async function run() { export async function run() {
// verify kubeconfig is set // verify kubeconfig is set
if (!process.env['KUBECONFIG']) if (!process.env["KUBECONFIG"])
core.warning( core.warning(
'KUBECONFIG env is not explicitly set. Ensure cluster context is set by using k8s-set-context action.' "KUBECONFIG env is not explicitly set. Ensure cluster context is set by using k8s-set-context action."
) );
// get inputs // get inputs
const action: Action | undefined = parseAction( const action: Action | undefined = parseAction(
core.getInput('action', {required: true}) core.getInput("action", { required: true })
) );
const strategy = parseDeploymentStrategy(core.getInput('strategy')) const strategy = parseDeploymentStrategy(core.getInput("strategy"));
const manifestsInput = core.getInput('manifests', {required: true}) const manifestsInput = core.getInput("manifests", { required: true });
const manifestFilePaths = manifestsInput const manifestFilePaths = manifestsInput
.split(/[\n,;]+/) // split into each individual manifest .split(/[\n,;]+/) // split into each individual manifest
.map((manifest) => manifest.trim()) // remove surrounding whitespace .map((manifest) => manifest.trim()) // remove surrounding whitespace
.filter((manifest) => manifest.length > 0) // remove any blanks .filter((manifest) => manifest.length > 0); // remove any blanks
const fullManifestFilePaths = const fullManifestFilePaths = getFilesFromDirectories(manifestFilePaths)
await getFilesFromDirectoriesAndURLs(manifestFilePaths) // create kubectl
const kubectlPath = await getKubectlPath() const kubectlPath = await getKubectlPath();
const namespace = core.getInput('namespace') || '' // Sets namespace to an empty string if not provided, allowing the manifest-defined namespace to take precedence instead of "default". const namespace = core.getInput("namespace") || "default";
const isPrivateCluster = const kubectl = new Kubectl(kubectlPath, namespace, true);
core.getInput('private-cluster').toLowerCase() === 'true'
const resourceGroup = core.getInput('resource-group') || ''
const resourceName = core.getInput('name') || ''
const skipTlsVerify = core.getBooleanInput('skip-tls-verify')
let resourceType: ClusterType // run action
try { switch (action) {
// included in the trycatch to allow raw input to go out of scope after parsing case Action.DEPLOY: {
const resourceTypeInput = core.getInput('resource-type') await deploy(kubectl, fullManifestFilePaths, strategy);
resourceType = parseResourceTypeInput(resourceTypeInput) break;
} catch (e) { }
core.setFailed(e) case Action.PROMOTE: {
return await promote(kubectl, fullManifestFilePaths, strategy);
} break;
}
// Parse and validate timeout using extracted utility case Action.REJECT: {
let timeout: string await reject(kubectl, fullManifestFilePaths, strategy);
try { break;
const timeoutInput = core.getInput('timeout') || '10m' }
timeout = parseDuration(timeoutInput) default: {
core.debug(`Using timeout: ${timeout}`) throw Error(
} catch (e) { 'Not a valid action. The allowed actions are "deploy", "promote", and "reject".'
core.setFailed(`Invalid timeout parameter: ${e.message}`) );
return }
} }
const kubectl = isPrivateCluster
? new PrivateKubectl(
kubectlPath,
namespace,
skipTlsVerify,
resourceGroup,
resourceName
)
: new Kubectl(kubectlPath, namespace, skipTlsVerify)
// run action
switch (action) {
case Action.DEPLOY: {
await deploy(
kubectl,
fullManifestFilePaths,
strategy,
resourceType,
timeout
)
break
}
case Action.PROMOTE: {
await promote(
kubectl,
fullManifestFilePaths,
strategy,
resourceType,
timeout
)
break
}
case Action.REJECT: {
await reject(kubectl, fullManifestFilePaths, strategy, timeout)
break
}
default: {
throw Error(
'Not a valid action. The allowed actions are "deploy", "promote", and "reject".'
)
}
}
} }
run().catch(core.setFailed) run().catch(core.setFailed);
src/strategyHelpers/blueGreen/blueGreenHelper.test.ts
-333
View File
@@ -1,333 +0,0 @@
import {vi} from 'vitest'
import type {MockInstance} from 'vitest'
import {
deployWithLabel,
deleteGreenObjects,
deployObjects,
fetchResource,
getDeploymentMatchLabels,
getManifestObjects,
getNewBlueGreenObject,
GREEN_LABEL_VALUE,
isServiceRouted
} from './blueGreenHelper.js'
import {BlueGreenDeployment} from '../../types/blueGreenTypes.js'
import * as bgHelper from './blueGreenHelper.js'
import {Kubectl} from '../../types/kubectl.js'
import * as fileHelper from '../../utilities/fileUtils.js'
import {K8sObject} from '../../types/k8sObject.js'
import * as manifestUpdateUtils from '../../utilities/manifestUpdateUtils.js'
import {ExecOutput} from '@actions/exec'
vi.mock('../../types/kubectl')
const kubectl = new Kubectl('')
const TEST_TIMEOUT = '60s'
// Test constants to follow DRY principle
const EXPECTED_GREEN_OBJECTS = [
{name: 'nginx-service-green', kind: 'Service'},
{name: 'nginx-deployment-green', kind: 'Deployment'}
]
const MOCK_EXEC_OUTPUT = {
exitCode: 0,
stderr: '',
stdout: ''
} as ExecOutput
describe('bluegreenhelper functions', () => {
let testObjects
beforeEach(() => {
vi.restoreAllMocks()
vi.mocked(Kubectl).mockClear()
testObjects = getManifestObjects(['test/unit/manifests/test-ingress.yml'])
vi.spyOn(fileHelper, 'writeObjectsToFile').mockImplementationOnce(() => [
''
])
})
test('correctly deletes services and workloads according to label', async () => {
vi.spyOn(bgHelper, 'deleteObjects').mockReturnValue({} as Promise<void>)
const value = await deleteGreenObjects(
kubectl,
[].concat(
testObjects.deploymentEntityList,
testObjects.serviceEntityList
),
TEST_TIMEOUT
)
expect(value).toHaveLength(EXPECTED_GREEN_OBJECTS.length)
EXPECTED_GREEN_OBJECTS.forEach((expectedObject) => {
expect(value).toContainEqual(expectedObject)
})
})
test('handles timeout when deleting objects', async () => {
const deleteMock = vi.fn().mockResolvedValue(MOCK_EXEC_OUTPUT)
kubectl.delete = deleteMock
const deleteList = EXPECTED_GREEN_OBJECTS
await bgHelper.deleteObjects(kubectl, deleteList, TEST_TIMEOUT)
expect(deleteMock).toHaveBeenCalledTimes(deleteList.length)
deleteList.forEach(({name, kind}) => {
expect(deleteMock).toHaveBeenCalledWith(
[kind, name],
undefined,
TEST_TIMEOUT
)
})
})
test('parses objects correctly from one file (getManifestObjects)', () => {
const expectedTypes = [
{
list: testObjects.deploymentEntityList,
kind: 'Deployment',
selectorApp: 'nginx'
},
{list: testObjects.serviceEntityList, kind: 'Service'},
{list: testObjects.ingressEntityList, kind: 'Ingress'}
]
expectedTypes.forEach(({list, kind, selectorApp}) => {
expect(list[0].kind).toBe(kind)
if (selectorApp) {
expect(list[0].spec.selector.matchLabels.app).toBe(selectorApp)
}
})
})
test('parses other kinds of objects (getManifestObjects)', () => {
const otherObjectsCollection = getManifestObjects([
'test/unit/manifests/anomaly-objects-test.yml'
])
expect(
otherObjectsCollection.unroutedServiceEntityList[0].metadata.name
).toBe('unrouted-service')
expect(otherObjectsCollection.otherObjects[0].metadata.name).toBe(
'foobar-rollout'
)
})
test('correctly classifies routed services', () => {
expect(
isServiceRouted(
testObjects.serviceEntityList[0],
testObjects.deploymentEntityList
)
).toBe(true)
testObjects.serviceEntityList[0].spec.selector.app = 'fakeapp'
expect(
isServiceRouted(
testObjects.serviceEntityList[0],
testObjects.deploymentEntityList
)
).toBe(false)
})
test('correctly makes labeled workloads', async () => {
const kubectlApplySpy = vi.spyOn(kubectl, 'apply').mockResolvedValue({
stdout: 'deployment.apps/nginx-deployment created',
stderr: '',
exitCode: 0
})
const cwlResult: BlueGreenDeployment = await deployWithLabel(
kubectl,
testObjects.deploymentEntityList,
GREEN_LABEL_VALUE
)
expect(cwlResult.deployResult.manifestFiles[0]).toBe('')
kubectlApplySpy.mockRestore()
})
test('correctly makes new blue green object (getNewBlueGreenObject and addBlueGreenLabelsAndAnnotations)', () => {
const testCases = [
{
object: testObjects.deploymentEntityList[0],
expectedName: 'nginx-deployment-green'
},
{
object: testObjects.serviceEntityList[0],
expectedName: 'nginx-service-green'
}
]
testCases.forEach(({object, expectedName}) => {
const modifiedObject = getNewBlueGreenObject(object, GREEN_LABEL_VALUE)
expect(modifiedObject.metadata.name).toBe(expectedName)
expect(modifiedObject.metadata.labels['k8s.deploy.color']).toBe(
'green'
)
})
})
test('correctly fetches k8s objects', async () => {
const mockExecOutput = {
stderr: '',
stdout: JSON.stringify(testObjects.deploymentEntityList[0]),
exitCode: 0
}
vi.spyOn(kubectl, 'getResource').mockImplementation(() =>
Promise.resolve(mockExecOutput)
)
const fetched = await fetchResource(
kubectl,
'nginx-deployment',
'Deployment'
)
expect(fetched.metadata.name).toBe('nginx-deployment')
})
test('exits when fails to fetch k8s objects', async () => {
const errorTestCases = [
{
description: 'with stderr error',
mockOutput: {
stdout: 'this should not matter',
exitCode: 0,
stderr: 'this is a fake error'
} as ExecOutput,
mockImplementation: () => Promise.resolve
},
{
description: 'with undefined implementation',
mockOutput: null,
mockImplementation: () => undefined
}
]
for (const testCase of errorTestCases) {
const spy = vi.spyOn(kubectl, 'getResource')
if (testCase.mockOutput) {
spy.mockImplementation(() => Promise.resolve(testCase.mockOutput))
} else {
spy.mockResolvedValue(null)
}
const fetched = await fetchResource(
kubectl,
'nginx-deployment',
'Deployment'
)
expect(fetched).toBe(null)
spy.mockRestore()
}
})
test('returns undefined when fetch fails to unset k8s objects', async () => {
const mockExecOutput = {
stdout: JSON.stringify(testObjects.deploymentEntityList[0]),
exitCode: 0,
stderr: ''
} as ExecOutput
vi.spyOn(kubectl, 'getResource').mockResolvedValue(mockExecOutput)
vi.spyOn(
manifestUpdateUtils,
'UnsetClusterSpecificDetails'
).mockImplementation(() => {
throw new Error('test error')
})
expect(
await fetchResource(kubectl, 'nginx-deployment', 'Deployment')
).toBeUndefined()
})
test('gets deployment labels', () => {
const mockLabels = new Map<string, string>()
mockLabels[bgHelper.BLUE_GREEN_VERSION_LABEL] = GREEN_LABEL_VALUE
const mockPodObject: K8sObject = {
kind: 'Pod',
metadata: {name: 'testPod', labels: mockLabels},
spec: {}
}
expect(
getDeploymentMatchLabels(mockPodObject)[
bgHelper.BLUE_GREEN_VERSION_LABEL
]
).toBe(GREEN_LABEL_VALUE)
expect(
getDeploymentMatchLabels(testObjects.deploymentEntityList[0])['app']
).toBe('nginx')
})
describe('deployObjects', () => {
let mockObjects: any[]
let kubectlApplySpy: MockInstance
const mockSuccessResult: ExecOutput = {
stdout: 'deployment.apps/nginx-deployment created',
stderr: '',
exitCode: 0
}
const mockFailureResult: ExecOutput = {
stdout: '',
stderr: 'error: deployment failed',
exitCode: 1
}
beforeEach(() => {
// //@ts-ignore
// Kubectl.mockClear()
mockObjects = [testObjects.deploymentEntityList[0]]
kubectlApplySpy = vi.spyOn(kubectl, 'apply')
})
afterEach(() => {
vi.clearAllMocks()
})
it('should return execution result and manifest files when kubectl apply succeeds', async () => {
kubectlApplySpy.mockClear()
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
const result = await deployObjects(kubectl, mockObjects)
expect(result.execResult).toEqual(mockSuccessResult)
const timeoutArg = kubectlApplySpy.mock.calls[0][3]
expect(
typeof timeoutArg === 'string' || timeoutArg === undefined
).toBe(true)
expect(kubectlApplySpy).toHaveBeenCalledWith(
expect.any(Array),
expect.any(Boolean),
expect.any(Boolean),
timeoutArg
)
expect(kubectlApplySpy).toHaveBeenCalledTimes(1)
})
it('should throw an error when kubectl apply fails with non-zero exit code', async () => {
kubectlApplySpy.mockClear()
kubectlApplySpy.mockResolvedValue(mockFailureResult)
await expect(deployObjects(kubectl, mockObjects)).rejects.toThrow()
const timeoutArg = kubectlApplySpy.mock.calls[0][3]
expect(
typeof timeoutArg === 'string' || timeoutArg === undefined
).toBe(true)
expect(kubectlApplySpy).toHaveBeenCalledWith(
expect.any(Array),
expect.any(Boolean),
expect.any(Boolean),
timeoutArg
)
expect(kubectlApplySpy).toHaveBeenCalledTimes(1)
})
})
})
src/strategyHelpers/blueGreen/blueGreenHelper.ts
+298 -244
View File
@@ -1,301 +1,355 @@
import * as core from '@actions/core' import * as core from "@actions/core";
import * as fs from 'fs' import * as fs from "fs";
import * as yaml from 'js-yaml' import * as yaml from "js-yaml";
import { Kubectl } from "../../types/kubectl";
import {DeployResult} from '../../types/deployResult.js'
import {K8sObject, K8sDeleteObject} from '../../types/k8sObject.js'
import {Kubectl} from '../../types/kubectl.js'
import { import {
isDeploymentEntity, isDeploymentEntity,
isIngressEntity, isIngressEntity,
isServiceEntity, isServiceEntity,
KubernetesWorkload KubernetesWorkload,
} from '../../types/kubernetesTypes.js' } from "../../types/kubernetesTypes";
import * as fileHelper from "../../utilities/fileUtils";
import { routeBlueGreenService } from "./serviceBlueGreenHelper";
import { routeBlueGreenIngress } from "./ingressBlueGreenHelper";
import { routeBlueGreenSMI } from "./smiBlueGreenHelper";
import { import {
BlueGreenDeployment, UnsetClusterSpecificDetails,
BlueGreenManifests updateObjectLabels,
} from '../../types/blueGreenTypes.js' updateSelectorLabels,
import * as fileHelper from '../../utilities/fileUtils.js' } from "../../utilities/manifestUpdateUtils";
import {updateSpecLabels} from '../../utilities/manifestSpecLabelUtils.js' import { updateSpecLabels } from "../../utilities/manifestSpecLabelUtils";
import {checkForErrors} from '../../utilities/kubectlUtils.js' import { checkForErrors } from "../../utilities/kubectlUtils";
import { import { sleep } from "../../utilities/timeUtils";
UnsetClusterSpecificDetails, import { RouteStrategy } from "../../types/routeStrategy";
updateObjectLabels,
updateSelectorLabels
} from '../../utilities/manifestUpdateUtils.js'
export const GREEN_LABEL_VALUE = 'green' export const GREEN_LABEL_VALUE = "green";
export const NONE_LABEL_VALUE = 'None' export const NONE_LABEL_VALUE = "None";
export const BLUE_GREEN_VERSION_LABEL = 'k8s.deploy.color' export const BLUE_GREEN_VERSION_LABEL = "k8s.deploy.color";
export const GREEN_SUFFIX = '-green' export const GREEN_SUFFIX = "-green";
export const STABLE_SUFFIX = '-stable' export const STABLE_SUFFIX = "-stable";
export async function deleteGreenObjects( export interface BlueGreenManifests {
kubectl: Kubectl, serviceEntityList: any[];
toDelete: K8sObject[], serviceNameMap: Map<string, string>;
timeout?: string unroutedServiceEntityList: any[];
): Promise<K8sDeleteObject[]> { deploymentEntityList: any[];
// const resourcesToDelete: K8sDeleteObject[] = [] ingressEntityList: any[];
const resourcesToDelete: K8sDeleteObject[] = toDelete.map((obj) => { otherObjects: any[];
return {
name: getBlueGreenResourceName(obj.metadata.name, GREEN_SUFFIX),
kind: obj.kind,
namespace: obj.metadata.namespace
}
})
core.debug(`deleting green objects: ${JSON.stringify(resourcesToDelete)}`)
await deleteObjects(kubectl, resourcesToDelete, timeout)
return resourcesToDelete
} }
export async function deleteObjects( export async function routeBlueGreen(
kubectl: Kubectl, kubectl: Kubectl,
deleteList: K8sDeleteObject[], inputManifestFiles: string[],
timeout?: string routeStrategy: RouteStrategy
) { ) {
// delete services and deployments // sleep for buffer time
for (const delObject of deleteList) { const bufferTime: number = parseInt(
try { core.getInput("version-switch-buffer") || "0"
const result = await kubectl.delete( );
[delObject.kind, delObject.name], if (bufferTime < 0 || bufferTime > 300)
delObject.namespace, throw Error("Version switch buffer must be between 0 and 300 (inclusive)");
timeout const startSleepDate = new Date();
) core.info(
checkForErrors([result]) `Starting buffer time of ${bufferTime} minute(s) at ${startSleepDate.toISOString()}`
} catch (ex) { );
core.debug(`failed to delete object ${delObject.name}: ${ex}`) await sleep(bufferTime * 1000 * 60);
} const endSleepDate = new Date();
} core.info(
`Stopping buffer time of ${bufferTime} minute(s) at ${endSleepDate.toISOString()}`
);
const manifestObjects: BlueGreenManifests =
getManifestObjects(inputManifestFiles);
core.debug("Manifest objects: " + JSON.stringify(manifestObjects));
// route to new deployments
if (routeStrategy == RouteStrategy.INGRESS) {
await routeBlueGreenIngress(
kubectl,
GREEN_LABEL_VALUE,
manifestObjects.serviceNameMap,
manifestObjects.ingressEntityList
);
} else if (routeStrategy == RouteStrategy.SMI) {
await routeBlueGreenSMI(
kubectl,
GREEN_LABEL_VALUE,
manifestObjects.serviceEntityList
);
} else {
await routeBlueGreenService(
kubectl,
GREEN_LABEL_VALUE,
manifestObjects.serviceEntityList
);
}
}
export async function deleteWorkloadsWithLabel(
kubectl: Kubectl,
deleteLabel: string,
deploymentEntityList: any[]
) {
const resourcesToDelete = [];
deploymentEntityList.forEach((inputObject) => {
const name = inputObject.metadata.name;
const kind = inputObject.kind;
if (deleteLabel === NONE_LABEL_VALUE) {
// delete stable deployments
const resourceToDelete = { name, kind };
resourcesToDelete.push(resourceToDelete);
} else {
// delete new green deployments
const resourceToDelete = {
name: getBlueGreenResourceName(name, GREEN_SUFFIX),
kind: kind,
};
resourcesToDelete.push(resourceToDelete);
}
});
await deleteObjects(kubectl, resourcesToDelete);
}
export async function deleteWorkloadsAndServicesWithLabel(
kubectl: Kubectl,
deleteLabel: string,
deploymentEntityList: any[],
serviceEntityList: any[]
) {
// need to delete services and deployments
const deletionEntitiesList = deploymentEntityList.concat(serviceEntityList);
const resourcesToDelete = [];
deletionEntitiesList.forEach((inputObject) => {
const name = inputObject.metadata.name;
const kind = inputObject.kind;
if (deleteLabel === NONE_LABEL_VALUE) {
// delete stable objects
const resourceToDelete = { name, kind };
resourcesToDelete.push(resourceToDelete);
} else {
// delete green labels
const resourceToDelete = {
name: getBlueGreenResourceName(name, GREEN_SUFFIX),
kind: kind,
};
resourcesToDelete.push(resourceToDelete);
}
});
await deleteObjects(kubectl, resourcesToDelete);
}
export async function deleteObjects(kubectl: Kubectl, deleteList: any[]) {
// delete services and deployments
for (const delObject of deleteList) {
try {
const result = await kubectl.delete([delObject.kind, delObject.name]);
checkForErrors([result]);
} catch (ex) {
// Ignore failures of delete if it doesn't exist
}
}
} }
// other common functions // other common functions
export function getManifestObjects(filePaths: string[]): BlueGreenManifests { export function getManifestObjects(filePaths: string[]): BlueGreenManifests {
const deploymentEntityList: K8sObject[] = [] const deploymentEntityList = [];
const serviceEntityList: K8sObject[] = [] const routedServiceEntityList = [];
const routedServiceEntityList: K8sObject[] = [] const unroutedServiceEntityList = [];
const unroutedServiceEntityList: K8sObject[] = [] const ingressEntityList = [];
const ingressEntityList: K8sObject[] = [] const otherEntitiesList = [];
const otherEntitiesList: K8sObject[] = [] const serviceNameMap = new Map<string, string>();
const serviceNameMap = new Map<string, string>()
// Manifest objects per type. All resources should be parsed and filePaths.forEach((filePath: string) => {
// organized before we can check if services are “routed” or not. const fileContents = fs.readFileSync(filePath).toString();
filePaths.forEach((filePath: string) => { yaml.safeLoadAll(fileContents, (inputObject) => {
try { if (!!inputObject) {
const fileContents = fs.readFileSync(filePath).toString() const kind = inputObject.kind;
yaml.loadAll(fileContents, (inputObject: any) => { const name = inputObject.metadata.name;
if (!!inputObject) {
const kind = inputObject.kind if (isDeploymentEntity(kind)) {
if (isDeploymentEntity(kind)) { deploymentEntityList.push(inputObject);
deploymentEntityList.push(inputObject) } else if (isServiceEntity(kind)) {
} else if (isServiceEntity(kind)) { if (isServiceRouted(inputObject, deploymentEntityList)) {
serviceEntityList.push(inputObject) routedServiceEntityList.push(inputObject);
} else if (isIngressEntity(kind)) { serviceNameMap.set(
ingressEntityList.push(inputObject) name,
} else { getBlueGreenResourceName(name, GREEN_SUFFIX)
otherEntitiesList.push(inputObject) );
} } else {
} unroutedServiceEntityList.push(inputObject);
}) }
} catch (error) { } else if (isIngressEntity(kind)) {
core.error(`Error processing file ${filePath}: ${error.message}`) ingressEntityList.push(inputObject);
throw error } else {
otherEntitiesList.push(inputObject);
}
} }
}) });
});
serviceEntityList.forEach((inputObject: any) => { return {
if (isServiceRouted(inputObject, deploymentEntityList)) { serviceEntityList: routedServiceEntityList,
const name = inputObject.metadata.name serviceNameMap: serviceNameMap,
routedServiceEntityList.push(inputObject) unroutedServiceEntityList: unroutedServiceEntityList,
serviceNameMap.set(name, getBlueGreenResourceName(name, GREEN_SUFFIX)) deploymentEntityList: deploymentEntityList,
} else { ingressEntityList: ingressEntityList,
unroutedServiceEntityList.push(inputObject) otherObjects: otherEntitiesList,
} };
})
return {
serviceEntityList: routedServiceEntityList,
serviceNameMap: serviceNameMap,
unroutedServiceEntityList: unroutedServiceEntityList,
deploymentEntityList: deploymentEntityList,
ingressEntityList: ingressEntityList,
otherObjects: otherEntitiesList
}
} }
export function isServiceRouted( export function isServiceRouted(
serviceObject: any[], serviceObject: any[],
deploymentEntityList: any[] deploymentEntityList: any[]
): boolean { ): boolean {
const serviceSelector: any = getServiceSelector(serviceObject) let shouldBeRouted: boolean = false;
const serviceSelector: any = getServiceSelector(serviceObject);
return ( if (serviceSelector) {
serviceSelector && if (
deploymentEntityList.some((depObject) => { deploymentEntityList.some((depObject) => {
// finding if there is a deployment in the given manifests the service targets // finding if there is a deployment in the given manifests the service targets
const matchLabels: any = getDeploymentMatchLabels(depObject) const matchLabels: any = getDeploymentMatchLabels(depObject);
return ( return (
matchLabels && matchLabels &&
isServiceSelectorSubsetOfMatchLabel(serviceSelector, matchLabels) isServiceSelectorSubsetOfMatchLabel(serviceSelector, matchLabels)
) );
}) })
) ) {
shouldBeRouted = true;
}
}
return shouldBeRouted;
} }
export async function deployWithLabel( export async function createWorkloadsWithLabel(
kubectl: Kubectl, kubectl: Kubectl,
deploymentObjectList: any[], deploymentObjectList: any[],
nextLabel: string, nextLabel: string
timeout?: string ) {
): Promise<BlueGreenDeployment> { const newObjectsList = [];
const newObjectsList = deploymentObjectList.map((inputObject) => deploymentObjectList.forEach((inputObject) => {
getNewBlueGreenObject(inputObject, nextLabel) // creating deployment with label
) const newBlueGreenObject = getNewBlueGreenObject(inputObject, nextLabel);
core.debug(
"New blue-green object is: " + JSON.stringify(newBlueGreenObject)
);
newObjectsList.push(newBlueGreenObject);
});
core.debug( const manifestFiles = fileHelper.writeObjectsToFile(newObjectsList);
`objects deployed with label are ${JSON.stringify(newObjectsList)}` const result = await kubectl.apply(manifestFiles);
)
const deployResult = await deployObjects(kubectl, newObjectsList, timeout) return { result: result, newFilePaths: manifestFiles };
return {deployResult, objects: newObjectsList}
} }
export function getNewBlueGreenObject( export function getNewBlueGreenObject(
inputObject: any, inputObject: any,
labelValue: string labelValue: string
): K8sObject { ): object {
const newObject = JSON.parse(JSON.stringify(inputObject)) const newObject = JSON.parse(JSON.stringify(inputObject));
// Updating name only if label is green label is given // Updating name only if label is green label is given
if (labelValue === GREEN_LABEL_VALUE) { if (labelValue === GREEN_LABEL_VALUE) {
newObject.metadata.name = getBlueGreenResourceName( newObject.metadata.name = getBlueGreenResourceName(
inputObject.metadata.name, inputObject.metadata.name,
GREEN_SUFFIX GREEN_SUFFIX
) );
} }
// Adding labels and annotations // Adding labels and annotations
addBlueGreenLabelsAndAnnotations(newObject, labelValue) addBlueGreenLabelsAndAnnotations(newObject, labelValue);
return newObject return newObject;
} }
export function addBlueGreenLabelsAndAnnotations( export function addBlueGreenLabelsAndAnnotations(
inputObject: any, inputObject: any,
labelValue: string labelValue: string
) { ) {
//creating the k8s.deploy.color label //creating the k8s.deploy.color label
const newLabels = new Map<string, string>() const newLabels = new Map<string, string>();
newLabels[BLUE_GREEN_VERSION_LABEL] = labelValue newLabels[BLUE_GREEN_VERSION_LABEL] = labelValue;
// updating object labels and selector labels // updating object labels and selector labels
updateObjectLabels(inputObject, newLabels, false) updateObjectLabels(inputObject, newLabels, false);
updateSelectorLabels(inputObject, newLabels, false) updateSelectorLabels(inputObject, newLabels, false);
// updating spec labels if it is not a service // updating spec labels if it is a service
if (!isServiceEntity(inputObject.kind)) { if (!isServiceEntity(inputObject.kind)) {
updateSpecLabels(inputObject, newLabels, false) updateSpecLabels(inputObject, newLabels, false);
} }
} }
export function getBlueGreenResourceName(name: string, suffix: string) { export function getBlueGreenResourceName(name: string, suffix: string) {
return `${name}${suffix}` return `${name}${suffix}`;
} }
export function getDeploymentMatchLabels(deploymentObject: any): any { export function getDeploymentMatchLabels(deploymentObject: any): any {
if ( if (
deploymentObject?.kind?.toUpperCase() == deploymentObject?.kind?.toUpperCase() ==
KubernetesWorkload.POD.toUpperCase() && KubernetesWorkload.POD.toUpperCase() &&
deploymentObject?.metadata?.labels deploymentObject?.metadata?.labels
) { ) {
return deploymentObject.metadata.labels return deploymentObject.metadata.labels;
} else if (deploymentObject?.spec?.selector?.matchLabels) { } else if (deploymentObject?.spec?.selector?.matchLabels) {
return deploymentObject.spec.selector.matchLabels return deploymentObject.spec.selector.matchLabels;
} }
} }
export function getServiceSelector(serviceObject: any): any { export function getServiceSelector(serviceObject: any): any {
if (serviceObject?.spec?.selector) { if (serviceObject?.spec?.selector) {
return serviceObject.spec.selector return serviceObject.spec.selector;
} }
} }
export function isServiceSelectorSubsetOfMatchLabel( export function isServiceSelectorSubsetOfMatchLabel(
serviceSelector: any, serviceSelector: any,
matchLabels: any matchLabels: any
): boolean { ): boolean {
const serviceSelectorMap = new Map() const serviceSelectorMap = new Map();
const matchLabelsMap = new Map() const matchLabelsMap = new Map();
JSON.parse(JSON.stringify(serviceSelector), (key, value) => { JSON.parse(JSON.stringify(serviceSelector), (key, value) => {
serviceSelectorMap.set(key, value) serviceSelectorMap.set(key, value);
}) });
JSON.parse(JSON.stringify(matchLabels), (key, value) => { JSON.parse(JSON.stringify(matchLabels), (key, value) => {
matchLabelsMap.set(key, value) matchLabelsMap.set(key, value);
}) });
let isMatch = true let isMatch = true;
serviceSelectorMap.forEach((value, key) => { serviceSelectorMap.forEach((value, key) => {
if ( if (!!key && (!matchLabelsMap.has(key) || matchLabelsMap.get(key)) != value)
!!key && isMatch = false;
(!matchLabelsMap.has(key) || matchLabelsMap.get(key)) != value });
)
isMatch = false
})
return isMatch return isMatch;
} }
export async function fetchResource( export async function fetchResource(
kubectl: Kubectl, kubectl: Kubectl,
kind: string, kind: string,
name: string, name: string
namespace?: string ) {
): Promise<K8sObject> { const result = await kubectl.getResource(kind, name);
const result = await kubectl.getResource(kind, name, false, namespace) if (result == null || !!result.stderr) {
if (result == null || !!result.stderr) { return null;
return null }
}
if (!!result.stdout) { if (!!result.stdout) {
const resource = JSON.parse(result.stdout) as K8sObject const resource = JSON.parse(result.stdout);
try { try {
UnsetClusterSpecificDetails(resource) UnsetClusterSpecificDetails(resource);
return resource return resource;
} catch (ex) { } catch (ex) {
core.debug( core.debug(
`Exception occurred while Parsing ${resource} in Json object: ${ex}` `Exception occurred while Parsing ${resource} in Json object: ${ex}`
) );
} }
} }
}
export async function deployObjects(
kubectl: Kubectl,
objectsList: any[],
timeout?: string
): Promise<DeployResult> {
// Handle empty objects list gracefully to prevent "Configuration paths must exist" error
if (!objectsList || objectsList.length === 0) {
core.debug('No objects to deploy, skipping kubectl apply')
return {
execResult: {exitCode: 0, stdout: '', stderr: ''},
manifestFiles: []
}
}
const manifestFiles = fileHelper.writeObjectsToFile(objectsList)
const forceDeployment = core.getInput('force').toLowerCase() === 'true'
const serverSideApply = core.getInput('server-side').toLowerCase() === 'true'
const execResult = await kubectl.apply(
manifestFiles,
forceDeployment,
serverSideApply,
timeout
)
checkForErrors([execResult])
return {execResult, manifestFiles}
} }
src/strategyHelpers/blueGreen/deploy.test.ts
-377
View File
@@ -1,377 +0,0 @@
import {vi} from 'vitest'
import type {MockInstance} from 'vitest'
import {BlueGreenDeployment} from '../../types/blueGreenTypes.js'
import {
deployBlueGreen,
deployBlueGreenIngress,
deployBlueGreenService,
deployBlueGreenSMI
} from './deploy.js'
import * as routeTester from './route.js'
import {Kubectl} from '../../types/kubectl.js'
import {RouteStrategy} from '../../types/routeStrategy.js'
import * as TSutils from '../../utilities/trafficSplitUtils.js'
import * as bgHelper from './blueGreenHelper.js'
import * as smiHelper from './smiBlueGreenHelper.js'
import {ExecOutput} from '@actions/exec'
const ingressFilepath = ['test/unit/manifests/test-ingress-new.yml']
vi.mock('../../types/kubectl')
// Shared variables and mock objects used across all test suites
const mockDeployResult = {
execResult: {exitCode: 0, stderr: '', stdout: ''},
manifestFiles: []
}
const mockBgDeployment: BlueGreenDeployment = {
deployResult: mockDeployResult,
objects: []
}
describe('deploy tests', () => {
let kubectl: Kubectl
let kubectlApplySpy: MockInstance
const mockSuccessResult: ExecOutput = {
stdout: 'deployment.apps/nginx-deployment created',
stderr: '',
exitCode: 0
}
const mockFailureResult: ExecOutput = {
stdout: '',
stderr: 'error: deployment failed',
exitCode: 1
}
beforeEach(() => {
vi.mocked(Kubectl).mockClear()
kubectl = new Kubectl('')
kubectlApplySpy = vi.spyOn(kubectl, 'apply')
})
test('correctly determines deploy type and acts accordingly', async () => {
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
vi.spyOn(routeTester, 'routeBlueGreenForDeploy').mockImplementation(() =>
Promise.resolve(mockBgDeployment)
)
vi.spyOn(TSutils, 'getTrafficSplitAPIVersion').mockImplementation(() =>
Promise.resolve('v1alpha3')
)
const ingressResult = await deployBlueGreen(
kubectl,
ingressFilepath,
RouteStrategy.INGRESS
)
expect(ingressResult.objects.length).toBe(2)
const result = await deployBlueGreen(
kubectl,
ingressFilepath,
RouteStrategy.SERVICE
)
expect(result.objects.length).toBe(2)
const smiResult = await deployBlueGreen(
kubectl,
ingressFilepath,
RouteStrategy.SMI
)
expect(smiResult.objects.length).toBe(6)
})
test('correctly deploys blue/green ingress', async () => {
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
const value = await deployBlueGreenIngress(kubectl, ingressFilepath)
const nol = value.objects.map((obj) => {
if (obj.kind === 'Service') {
expect(obj.metadata.name).toBe('nginx-service-green')
}
if (obj.kind === 'Deployment') {
expect(obj.metadata.name).toBe('nginx-deployment-green')
}
})
})
// Consolidated error tests
test.each([
{
name: 'should throw error when kubectl apply fails during blue/green ingress deployment',
fn: () => deployBlueGreenIngress(kubectl, ingressFilepath),
setup: () => {}
},
{
name: 'should throw error when kubectl apply fails during blue/green deployment with INGRESS strategy',
fn: () =>
deployBlueGreen(kubectl, ingressFilepath, RouteStrategy.INGRESS),
setup: () => {
vi.spyOn(routeTester, 'routeBlueGreenForDeploy').mockImplementation(
() => Promise.resolve(mockBgDeployment)
)
vi.spyOn(TSutils, 'getTrafficSplitAPIVersion').mockImplementation(
() => Promise.resolve('v1alpha3')
)
}
},
{
name: 'should throw error when kubectl apply fails during blue/green deployment with SERVICE strategy',
fn: () =>
deployBlueGreen(kubectl, ingressFilepath, RouteStrategy.SERVICE),
setup: () => {
vi.spyOn(routeTester, 'routeBlueGreenForDeploy').mockImplementation(
() => Promise.resolve(mockBgDeployment)
)
vi.spyOn(TSutils, 'getTrafficSplitAPIVersion').mockImplementation(
() => Promise.resolve('v1alpha3')
)
}
},
{
name: 'should throw error when kubectl apply fails during blue/green deployment with SMI strategy',
fn: () => deployBlueGreen(kubectl, ingressFilepath, RouteStrategy.SMI),
setup: () => {
vi.spyOn(routeTester, 'routeBlueGreenForDeploy').mockImplementation(
() => Promise.resolve(mockBgDeployment)
)
vi.spyOn(TSutils, 'getTrafficSplitAPIVersion').mockImplementation(
() => Promise.resolve('v1alpha3')
)
}
},
{
name: 'should throw error when deployBlueGreenService fails',
fn: () => deployBlueGreenService(kubectl, ingressFilepath),
setup: () => {}
},
{
name: 'should throw error when deployBlueGreenSMI fails',
fn: () => deployBlueGreenSMI(kubectl, ingressFilepath),
setup: () => {}
}
])('$name', async ({fn, setup}) => {
kubectlApplySpy.mockResolvedValue(mockFailureResult)
setup()
await expect(fn()).rejects.toThrow()
const timeoutArg = kubectlApplySpy.mock.calls[0][3]
expect(typeof timeoutArg === 'string' || timeoutArg === undefined).toBe(
true
)
expect(kubectlApplySpy).toHaveBeenCalledWith(
expect.any(Array),
expect.any(Boolean),
expect.any(Boolean),
timeoutArg
)
expect(kubectlApplySpy).toHaveBeenCalledTimes(1)
})
})
// Timeout tests
describe('deploy timeout tests', () => {
let kubectl: Kubectl
beforeEach(() => {
vi.mocked(Kubectl).mockClear()
kubectl = new Kubectl('')
})
test('deployBlueGreen with timeout passes to strategy functions', async () => {
const timeout = '300s'
// Mock the helper functions that are actually called
const deployWithLabelSpy = vi
.spyOn(bgHelper, 'deployWithLabel')
.mockResolvedValue(mockBgDeployment)
const deployObjectsSpy = vi
.spyOn(bgHelper, 'deployObjects')
.mockResolvedValue(mockDeployResult)
const setupSMISpy = vi
.spyOn(smiHelper, 'setupSMI')
.mockResolvedValue(mockBgDeployment)
const routeSpy = vi
.spyOn(routeTester, 'routeBlueGreenForDeploy')
.mockResolvedValue(mockBgDeployment)
// Test INGRESS strategy
await deployBlueGreen(
kubectl,
ingressFilepath,
RouteStrategy.INGRESS,
timeout
)
expect(deployWithLabelSpy).toHaveBeenCalledWith(
kubectl,
expect.any(Array),
expect.any(String),
timeout
)
// Test SERVICE strategy
deployWithLabelSpy.mockClear()
deployObjectsSpy.mockClear()
await deployBlueGreen(
kubectl,
ingressFilepath,
RouteStrategy.SERVICE,
timeout
)
expect(deployWithLabelSpy).toHaveBeenCalledWith(
kubectl,
expect.any(Array),
expect.any(String),
timeout
)
// Test SMI strategy
deployWithLabelSpy.mockClear()
setupSMISpy.mockClear()
await deployBlueGreen(
kubectl,
ingressFilepath,
RouteStrategy.SMI,
timeout
)
expect(setupSMISpy).toHaveBeenCalledWith(
kubectl,
expect.any(Array),
timeout
)
deployWithLabelSpy.mockRestore()
deployObjectsSpy.mockRestore()
setupSMISpy.mockRestore()
routeSpy.mockRestore()
})
test('deployBlueGreenIngress with timeout', async () => {
const timeout = '240s'
// Mock the dependencies
const deployWithLabelSpy = vi
.spyOn(bgHelper, 'deployWithLabel')
.mockResolvedValue(mockBgDeployment)
const deployObjectsSpy = vi
.spyOn(bgHelper, 'deployObjects')
.mockResolvedValue(mockDeployResult)
await deployBlueGreenIngress(kubectl, ingressFilepath, timeout)
// Verify deployWithLabel was called with timeout
expect(deployWithLabelSpy).toHaveBeenCalledWith(
kubectl,
expect.any(Array),
expect.any(String),
timeout
)
// Verify deployObjects was called with timeout
expect(deployObjectsSpy).toHaveBeenCalledWith(
kubectl,
expect.any(Array),
timeout
)
deployWithLabelSpy.mockRestore()
deployObjectsSpy.mockRestore()
})
test('deployBlueGreenService with timeout', async () => {
const timeout = '180s'
// Mock the dependencies
const deployWithLabelSpy = vi
.spyOn(bgHelper, 'deployWithLabel')
.mockResolvedValue(mockBgDeployment)
const deployObjectsSpy = vi
.spyOn(bgHelper, 'deployObjects')
.mockResolvedValue(mockDeployResult)
await deployBlueGreenService(kubectl, ingressFilepath, timeout)
// Verify deployWithLabel was called with timeout
expect(deployWithLabelSpy).toHaveBeenCalledWith(
kubectl,
expect.any(Array),
expect.any(String),
timeout
)
// Verify deployObjects was called with timeout
expect(deployObjectsSpy).toHaveBeenCalledWith(
kubectl,
expect.any(Array),
timeout
)
deployWithLabelSpy.mockRestore()
deployObjectsSpy.mockRestore()
})
test('deployBlueGreenSMI with timeout', async () => {
const timeout = '360s'
// Mock the dependencies
const setupSMISpy = vi
.spyOn(smiHelper, 'setupSMI')
.mockResolvedValue(mockBgDeployment)
const deployObjectsSpy = vi
.spyOn(bgHelper, 'deployObjects')
.mockResolvedValue(mockDeployResult)
const deployWithLabelSpy = vi
.spyOn(bgHelper, 'deployWithLabel')
.mockResolvedValue(mockBgDeployment)
await deployBlueGreenSMI(kubectl, ingressFilepath, timeout)
// Verify setupSMI was called with timeout
expect(setupSMISpy).toHaveBeenCalledWith(
kubectl,
expect.any(Array),
timeout
)
// Verify deployObjects was called with timeout
expect(deployObjectsSpy).toHaveBeenCalledWith(
kubectl,
expect.any(Array),
timeout
)
setupSMISpy.mockRestore()
deployObjectsSpy.mockRestore()
deployWithLabelSpy.mockRestore()
})
test('deploy functions without timeout should pass undefined', async () => {
const deployWithLabelSpy = vi
.spyOn(bgHelper, 'deployWithLabel')
.mockResolvedValue(mockBgDeployment)
const deployObjectsSpy = vi
.spyOn(bgHelper, 'deployObjects')
.mockResolvedValue(mockDeployResult)
await deployBlueGreenIngress(kubectl, ingressFilepath)
// Verify deployWithLabel was called with undefined timeout
expect(deployWithLabelSpy).toHaveBeenCalledWith(
kubectl,
expect.any(Array),
expect.any(String),
undefined
)
deployWithLabelSpy.mockRestore()
deployObjectsSpy.mockRestore()
})
})
src/strategyHelpers/blueGreen/deploy.ts
-169
View File
@@ -1,169 +0,0 @@
import * as core from '@actions/core'
import {Kubectl} from '../../types/kubectl.js'
import {
BlueGreenDeployment,
BlueGreenManifests
} from '../../types/blueGreenTypes.js'
import {RouteStrategy} from '../../types/routeStrategy.js'
import {
deployWithLabel,
getManifestObjects,
GREEN_LABEL_VALUE,
deployObjects
} from './blueGreenHelper.js'
import {setupSMI} from './smiBlueGreenHelper.js'
import {routeBlueGreenForDeploy} from './route.js'
import {DeployResult} from '../../types/deployResult.js'
export async function deployBlueGreen(
kubectl: Kubectl,
files: string[],
routeStrategy: RouteStrategy,
timeout?: string
): Promise<BlueGreenDeployment> {
const blueGreenDeployment = await (async () => {
switch (routeStrategy) {
case RouteStrategy.INGRESS:
return await deployBlueGreenIngress(kubectl, files, timeout)
case RouteStrategy.SMI:
return await deployBlueGreenSMI(kubectl, files, timeout)
default:
return await deployBlueGreenService(kubectl, files, timeout)
}
})()
core.startGroup('Routing blue green')
const routeDeployment = await routeBlueGreenForDeploy(
kubectl,
files,
routeStrategy,
timeout
)
core.endGroup()
blueGreenDeployment.objects.push(...routeDeployment.objects)
blueGreenDeployment.deployResult.manifestFiles.push(
...routeDeployment.deployResult.manifestFiles
)
return blueGreenDeployment
}
export async function deployBlueGreenSMI(
kubectl: Kubectl,
filePaths: string[],
timeout?: string
): Promise<BlueGreenDeployment> {
// get all kubernetes objects defined in manifest files
const manifestObjects: BlueGreenManifests = getManifestObjects(filePaths)
// create services and other objects
const newObjectsList = [].concat(
manifestObjects.otherObjects,
manifestObjects.serviceEntityList,
manifestObjects.ingressEntityList,
manifestObjects.unroutedServiceEntityList
)
const otherObjDeployment: DeployResult = await deployObjects(
kubectl,
newObjectsList,
timeout
)
// make extraservices and trafficsplit
const smiAndSvcDeployment = await setupSMI(
kubectl,
manifestObjects.serviceEntityList,
timeout
)
// create new deloyments
const blueGreenDeployment: BlueGreenDeployment = await deployWithLabel(
kubectl,
manifestObjects.deploymentEntityList,
GREEN_LABEL_VALUE,
timeout
)
blueGreenDeployment.objects.push(...newObjectsList)
blueGreenDeployment.objects.push(...smiAndSvcDeployment.objects)
blueGreenDeployment.deployResult.manifestFiles.push(
...otherObjDeployment.manifestFiles
)
blueGreenDeployment.deployResult.manifestFiles.push(
...smiAndSvcDeployment.deployResult.manifestFiles
)
return blueGreenDeployment
}
export async function deployBlueGreenIngress(
kubectl: Kubectl,
filePaths: string[],
timeout?: string
): Promise<BlueGreenDeployment> {
// get all kubernetes objects defined in manifest files
const manifestObjects: BlueGreenManifests = getManifestObjects(filePaths)
// create deployments with green label value
const servicesAndDeployments = [].concat(
manifestObjects.deploymentEntityList,
manifestObjects.serviceEntityList
)
const workloadDeployment: BlueGreenDeployment = await deployWithLabel(
kubectl,
servicesAndDeployments,
GREEN_LABEL_VALUE,
timeout
)
const otherObjects = [].concat(
manifestObjects.otherObjects,
manifestObjects.unroutedServiceEntityList
)
await deployObjects(kubectl, otherObjects, timeout)
core.debug(
`new objects after processing services and other objects: \n
${JSON.stringify(servicesAndDeployments)}`
)
return {
deployResult: workloadDeployment.deployResult,
objects: [].concat(workloadDeployment.objects, otherObjects)
}
}
export async function deployBlueGreenService(
kubectl: Kubectl,
filePaths: string[],
timeout?: string
): Promise<BlueGreenDeployment> {
const manifestObjects: BlueGreenManifests = getManifestObjects(filePaths)
// create deployments with green label value
const blueGreenDeployment: BlueGreenDeployment = await deployWithLabel(
kubectl,
manifestObjects.deploymentEntityList,
GREEN_LABEL_VALUE,
timeout
)
// create other non deployment and non service entities
const newObjectsList = [].concat(
manifestObjects.otherObjects,
manifestObjects.ingressEntityList,
manifestObjects.unroutedServiceEntityList
)
await deployObjects(kubectl, newObjectsList, timeout)
// returning deployment details to check for rollout stability
return {
deployResult: blueGreenDeployment.deployResult,
objects: [].concat(blueGreenDeployment.objects, newObjectsList)
}
}
src/strategyHelpers/blueGreen/ingressBlueGreenHelper.test.ts
-123
View File
@@ -1,123 +0,0 @@
import {vi} from 'vitest'
import {getManifestObjects, GREEN_LABEL_VALUE} from './blueGreenHelper.js'
import * as bgHelper from './blueGreenHelper.js'
import {
getUpdatedBlueGreenIngress,
isIngressRouted,
validateIngresses
} from './ingressBlueGreenHelper.js'
import {Kubectl} from '../../types/kubectl.js'
import * as fileHelper from '../../utilities/fileUtils.js'
const betaFilepath = ['test/unit/manifests/test-ingress.yml']
const ingressFilepath = ['test/unit/manifests/test-ingress-new.yml']
const kubectl = new Kubectl('')
vi.mock('../../types/kubectl')
describe('ingress blue green helpers', () => {
let testObjects
beforeEach(() => {
vi.mocked(Kubectl).mockClear()
testObjects = getManifestObjects(ingressFilepath)
vi.spyOn(fileHelper, 'writeObjectsToFile').mockImplementationOnce(() => [
''
])
})
test('it should correctly classify ingresses', () => {
expect(
isIngressRouted(
testObjects.ingressEntityList[0],
testObjects.serviceNameMap
)
).toBe(true)
testObjects.ingressEntityList[0].spec.rules[0].http.paths = {}
expect(
isIngressRouted(
testObjects.ingressEntityList[0],
testObjects.serviceNameMap
)
).toBe(false)
expect(
isIngressRouted(
getManifestObjects(betaFilepath).ingressEntityList[0],
testObjects.serviceNameMap
)
).toBe(true)
})
test('it should correctly update ingresses', () => {
const updatedIng = getUpdatedBlueGreenIngress(
testObjects.ingressEntityList[0],
testObjects.serviceNameMap,
GREEN_LABEL_VALUE
)
expect(updatedIng.metadata.name).toBe('nginx-ingress')
expect(updatedIng.metadata.labels['k8s.deploy.color']).toBe('green')
expect(updatedIng.spec.rules[0].http.paths[0].backend.service.name).toBe(
'nginx-service-green'
)
const oldIngObjects = getManifestObjects(betaFilepath)
const oldIng = getUpdatedBlueGreenIngress(
oldIngObjects.ingressEntityList[0],
oldIngObjects.serviceNameMap,
GREEN_LABEL_VALUE
)
expect(updatedIng.metadata.labels['k8s.deploy.color']).toBe('green')
expect(updatedIng.spec.rules[0].http.paths[0].backend.service.name).toBe(
'nginx-service-green'
)
})
test('it should validate ingresses', async () => {
// what if nothing gets returned from fetchResource?
vi.spyOn(bgHelper, 'fetchResource').mockResolvedValue(null)
let validResponse = await validateIngresses(
kubectl,
testObjects.ingressEntityList,
testObjects.serviceNameMap
)
expect(validResponse.areValid).toBe(false)
// test valid ingress
let mockIngress = JSON.parse(
JSON.stringify(testObjects.ingressEntityList[0])
)
mockIngress.spec.rules[0].http.paths[0].backend.service.name =
'nginx-service-green'
const mockLabels = new Map<string, string>()
mockLabels[bgHelper.BLUE_GREEN_VERSION_LABEL] = GREEN_LABEL_VALUE
mockIngress.metadata.labels = mockLabels
vi.spyOn(bgHelper, 'fetchResource').mockImplementation(() =>
Promise.resolve(mockIngress)
)
validResponse = await validateIngresses(
kubectl,
testObjects.ingressEntityList,
testObjects.serviceNameMap
)
expect(validResponse.areValid).toBe(true)
// test invalid labels
mockIngress.metadata.labels[bgHelper.BLUE_GREEN_VERSION_LABEL] =
bgHelper.NONE_LABEL_VALUE
mockIngress.spec.rules[0].http.paths[0].backend.service.name =
'nginx-service'
validResponse = await validateIngresses(
kubectl,
testObjects.ingressEntityList,
testObjects.serviceNameMap
)
expect(validResponse.areValid).toBe(false)
// test missing fields
mockIngress = {}
validResponse = await validateIngresses(
kubectl,
testObjects.ingressEntityList,
testObjects.serviceNameMap
)
expect(validResponse.areValid).toBe(false)
})
})
src/strategyHelpers/blueGreen/ingressBlueGreenHelper.ts
+213 -105
View File
@@ -1,121 +1,229 @@
import * as core from '@actions/core' import { Kubectl } from "../../types/kubectl";
import {K8sIngress} from '../../types/k8sObject.js' import * as fileHelper from "../../utilities/fileUtils";
import { import {
addBlueGreenLabelsAndAnnotations, addBlueGreenLabelsAndAnnotations,
BLUE_GREEN_VERSION_LABEL, BLUE_GREEN_VERSION_LABEL,
GREEN_LABEL_VALUE, BlueGreenManifests,
fetchResource createWorkloadsWithLabel,
} from './blueGreenHelper.js' deleteWorkloadsAndServicesWithLabel,
import {Kubectl} from '../../types/kubectl.js' fetchResource,
getManifestObjects,
getNewBlueGreenObject,
GREEN_LABEL_VALUE,
NONE_LABEL_VALUE,
} from "./blueGreenHelper";
import * as core from "@actions/core";
const BACKEND = 'backend' const BACKEND = "BACKEND";
export function getUpdatedBlueGreenIngress( export async function deployBlueGreenIngress(
inputObject: any, kubectl: Kubectl,
serviceNameMap: Map<string, string>, filePaths: string[]
type: string ) {
): K8sIngress { // get all kubernetes objects defined in manifest files
const newObject = JSON.parse(JSON.stringify(inputObject)) const manifestObjects: BlueGreenManifests = getManifestObjects(filePaths);
// add green labels and values
addBlueGreenLabelsAndAnnotations(newObject, type)
// update ingress labels // create deployments with green label value
if (inputObject.apiVersion === 'networking.k8s.io/v1beta1') { const result = createWorkloadsWithLabel(
return updateIngressBackendBetaV1(newObject, serviceNameMap) kubectl,
} manifestObjects.deploymentEntityList,
return updateIngressBackend(newObject, serviceNameMap) GREEN_LABEL_VALUE
);
// create new services and other objects
let newObjectsList = [];
manifestObjects.serviceEntityList.forEach((inputObject) => {
const newBlueGreenObject = getNewBlueGreenObject(
inputObject,
GREEN_LABEL_VALUE
);
newObjectsList.push(newBlueGreenObject);
});
newObjectsList = newObjectsList
.concat(manifestObjects.otherObjects)
.concat(manifestObjects.unroutedServiceEntityList);
const manifestFiles = fileHelper.writeObjectsToFile(newObjectsList);
await kubectl.apply(manifestFiles);
return result;
} }
export function updateIngressBackendBetaV1( export async function promoteBlueGreenIngress(
inputObject: any, kubectl: Kubectl,
serviceNameMap: Map<string, string> manifestObjects
): any { ) {
inputObject = JSON.parse(JSON.stringify(inputObject), (key, value) => { //checking if anything to promote
if (key.toLowerCase() === BACKEND) { if (
const {serviceName} = value !validateIngressesState(
if (serviceNameMap.has(serviceName)) { kubectl,
// update service name with corresponding bluegreen name only if service is provied in given manifests manifestObjects.ingressEntityList,
value.serviceName = serviceNameMap.get(serviceName) manifestObjects.serviceNameMap
} )
) {
throw "Ingress not in promote state";
}
// create stable deployments with new configuration
const result = createWorkloadsWithLabel(
kubectl,
manifestObjects.deploymentEntityList,
NONE_LABEL_VALUE
);
// create stable services with new configuration
const newObjectsList = [];
manifestObjects.serviceEntityList.forEach((inputObject) => {
const newBlueGreenObject = getNewBlueGreenObject(
inputObject,
NONE_LABEL_VALUE
);
newObjectsList.push(newBlueGreenObject);
});
const manifestFiles = fileHelper.writeObjectsToFile(newObjectsList);
await kubectl.apply(manifestFiles);
return result;
}
export async function rejectBlueGreenIngress(
kubectl: Kubectl,
filePaths: string[]
) {
// get all kubernetes objects defined in manifest files
const manifestObjects: BlueGreenManifests = getManifestObjects(filePaths);
// route ingress to stables services
await routeBlueGreenIngress(
kubectl,
null,
manifestObjects.serviceNameMap,
manifestObjects.ingressEntityList
);
// delete green services and deployments
await deleteWorkloadsAndServicesWithLabel(
kubectl,
GREEN_LABEL_VALUE,
manifestObjects.deploymentEntityList,
manifestObjects.serviceEntityList
);
}
export async function routeBlueGreenIngress(
kubectl: Kubectl,
nextLabel: string,
serviceNameMap: Map<string, string>,
ingressEntityList: any[]
) {
let newObjectsList = [];
if (!nextLabel) {
newObjectsList = ingressEntityList.filter((ingress) =>
isIngressRouted(ingress, serviceNameMap)
);
} else {
ingressEntityList.forEach((inputObject) => {
if (isIngressRouted(inputObject, serviceNameMap)) {
const newBlueGreenIngressObject = getUpdatedBlueGreenIngress(
inputObject,
serviceNameMap,
GREEN_LABEL_VALUE
);
newObjectsList.push(newBlueGreenIngressObject);
} else {
newObjectsList.push(inputObject);
} }
});
}
return value core.debug("New objects: " + JSON.stringify(newObjectsList));
}) const manifestFiles = fileHelper.writeObjectsToFile(newObjectsList);
await kubectl.apply(manifestFiles);
}
return inputObject export function validateIngressesState(
kubectl: Kubectl,
ingressEntityList: any[],
serviceNameMap: Map<string, string>
): boolean {
let areIngressesTargetingNewServices: boolean = true;
ingressEntityList.forEach(async (inputObject) => {
if (isIngressRouted(inputObject, serviceNameMap)) {
//querying existing ingress
const existingIngress = await fetchResource(
kubectl,
inputObject.kind,
inputObject.metadata.name
);
if (!!existingIngress) {
const currentLabel: string =
existingIngress?.metadata?.labels[BLUE_GREEN_VERSION_LABEL];
// if not green label, then wrong configuration
if (currentLabel != GREEN_LABEL_VALUE)
areIngressesTargetingNewServices = false;
} else {
// no ingress at all, so nothing to promote
areIngressesTargetingNewServices = false;
}
}
});
return areIngressesTargetingNewServices;
}
function isIngressRouted(
ingressObject: any,
serviceNameMap: Map<string, string>
): boolean {
let isIngressRouted: boolean = false;
// check if ingress targets a service in the given manifests
JSON.parse(JSON.stringify(ingressObject), (key, value) => {
if (key === "serviceName" && serviceNameMap.has(value)) {
isIngressRouted = true;
}
return value;
});
return isIngressRouted;
}
export function getUpdatedBlueGreenIngress(
inputObject: any,
serviceNameMap: Map<string, string>,
type: string
): object {
if (!type) {
return inputObject;
}
const newObject = JSON.parse(JSON.stringify(inputObject));
// add green labels and values
addBlueGreenLabelsAndAnnotations(newObject, type);
// update ingress labels
return updateIngressBackend(newObject, serviceNameMap);
} }
export function updateIngressBackend( export function updateIngressBackend(
inputObject: any, inputObject: any,
serviceNameMap: Map<string, string> serviceNameMap: Map<string, string>
): any { ): any {
inputObject = JSON.parse(JSON.stringify(inputObject), (key, value) => { inputObject = JSON.parse(JSON.stringify(inputObject), (key, value) => {
if ( if (key.toUpperCase() === BACKEND) {
key.toLowerCase() === BACKEND && const { serviceName } = value;
serviceNameMap.has(value.service.name) if (serviceNameMap.has(serviceName)) {
) { // update service name with corresponding bluegreen name only if service is provied in given manifests
value.service.name = serviceNameMap.get(value.service.name) value.serviceName = serviceNameMap.get(serviceName);
} }
return value }
})
return inputObject return value;
} });
export function isIngressRouted( return inputObject;
ingressObject: any,
serviceNameMap: Map<string, string>
): boolean {
let isIngressRouted: boolean = false
// check if ingress targets a service in the given manifests
JSON.parse(JSON.stringify(ingressObject), (key, value) => {
isIngressRouted =
isIngressRouted ||
(key === 'service' &&
value.hasOwnProperty('name') &&
serviceNameMap.has(value.name))
isIngressRouted =
isIngressRouted || (key === 'serviceName' && serviceNameMap.has(value))
return value
})
return isIngressRouted
}
export async function validateIngresses(
kubectl: Kubectl,
ingressEntityList: any[],
serviceNameMap: Map<string, string>
): Promise<{areValid: boolean; invalidIngresses: string[]}> {
let areValid: boolean = true
const invalidIngresses = []
for (const inputObject of ingressEntityList) {
if (isIngressRouted(inputObject, serviceNameMap)) {
//querying existing ingress
const existingIngress = await fetchResource(
kubectl,
inputObject.kind,
inputObject.metadata.name,
inputObject?.metadata?.namespace
)
const isValid =
!!existingIngress &&
existingIngress?.metadata?.labels[BLUE_GREEN_VERSION_LABEL] ===
GREEN_LABEL_VALUE
if (!isValid) {
core.debug(
`Invalid ingress detected (must be in green state): ${JSON.stringify(
inputObject
)}`
)
invalidIngresses.push(inputObject.metadata.name)
}
// to be valid, ingress should exist and should be green
areValid = areValid && isValid
}
}
return {areValid, invalidIngresses}
} }
src/strategyHelpers/blueGreen/promote.test.ts
-399
View File
@@ -1,399 +0,0 @@
import {vi} from 'vitest'
import type {MockInstance} from 'vitest'
import {getManifestObjects} from './blueGreenHelper.js'
import {
promoteBlueGreenIngress,
promoteBlueGreenService,
promoteBlueGreenSMI
} from './promote.js'
import {TrafficSplitObject} from '../../types/k8sObject.js'
import * as servicesTester from './serviceBlueGreenHelper.js'
import {Kubectl} from '../../types/kubectl.js'
import {MAX_VAL, MIN_VAL, TRAFFIC_SPLIT_OBJECT} from './smiBlueGreenHelper.js'
import * as smiTester from './smiBlueGreenHelper.js'
import * as bgHelper from './blueGreenHelper.js'
import {ExecOutput} from '@actions/exec'
const ingressFilepath = ['test/unit/manifests/test-ingress-new.yml']
vi.mock('../../types/kubectl')
// Shared variables used across all test suites
let testObjects: any
const kubectl = new Kubectl('')
// Shared mock objects following DRY principle
const mockSuccessResult: ExecOutput = {
stdout: 'deployment.apps/nginx-deployment created',
stderr: '',
exitCode: 0
}
const mockFailureResult: ExecOutput = {
stdout: '',
stderr: 'error: deployment failed',
exitCode: 1
}
const mockBgDeployment = {
deployResult: {
execResult: {exitCode: 0, stderr: '', stdout: ''},
manifestFiles: []
},
objects: []
}
describe('promote tests', () => {
let kubectlApplySpy: MockInstance
beforeEach(() => {
vi.mocked(Kubectl).mockClear()
testObjects = getManifestObjects(ingressFilepath)
kubectlApplySpy = vi.spyOn(kubectl, 'apply')
})
test('promote blue/green ingress', async () => {
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
const mockLabels = new Map<string, string>()
mockLabels[bgHelper.BLUE_GREEN_VERSION_LABEL] = bgHelper.GREEN_LABEL_VALUE
vi.spyOn(bgHelper, 'fetchResource').mockImplementation(() =>
Promise.resolve({
kind: 'Ingress',
spec: {},
metadata: {labels: mockLabels, name: 'nginx-ingress-green'}
})
)
const value = await promoteBlueGreenIngress(kubectl, testObjects)
const objects = value.objects
expect(objects).toHaveLength(2)
for (const obj of objects) {
if (obj.kind === 'Service') {
expect(obj.metadata.name).toBe('nginx-service')
} else if (obj.kind == 'Deployment') {
expect(obj.metadata.name).toBe('nginx-deployment')
}
expect(obj.metadata.labels['k8s.deploy.color']).toBe('None')
}
})
test('fail to promote invalid blue/green ingress', async () => {
const mockLabels = new Map<string, string>()
mockLabels[bgHelper.BLUE_GREEN_VERSION_LABEL] = bgHelper.NONE_LABEL_VALUE
vi.spyOn(bgHelper, 'fetchResource').mockImplementation(() =>
Promise.resolve({
kind: 'Ingress',
spec: {},
metadata: {labels: mockLabels, name: 'nginx-ingress-green'}
})
)
await expect(
promoteBlueGreenIngress(kubectl, testObjects)
).rejects.toThrow()
})
test('promote blue/green service', async () => {
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
const mockLabels = new Map<string, string>()
mockLabels[bgHelper.BLUE_GREEN_VERSION_LABEL] = bgHelper.GREEN_LABEL_VALUE
vi.spyOn(bgHelper, 'fetchResource').mockImplementation(() =>
Promise.resolve({
kind: 'Service',
spec: {selector: mockLabels},
metadata: {labels: mockLabels, name: 'nginx-service-green'}
})
)
let value = await promoteBlueGreenService(kubectl, testObjects)
expect(value.objects).toHaveLength(1)
expect(
value.objects[0].metadata.labels[bgHelper.BLUE_GREEN_VERSION_LABEL]
).toBe(bgHelper.NONE_LABEL_VALUE)
expect(value.objects[0].metadata.name).toBe('nginx-deployment')
})
test('fail to promote invalid blue/green service', async () => {
const mockLabels = new Map<string, string>()
mockLabels[bgHelper.BLUE_GREEN_VERSION_LABEL] = bgHelper.NONE_LABEL_VALUE
vi.spyOn(bgHelper, 'fetchResource').mockImplementation(() =>
Promise.resolve({
kind: 'Service',
spec: {},
metadata: {labels: mockLabels, name: 'nginx-ingress-green'}
})
)
vi.spyOn(servicesTester, 'validateServicesState').mockImplementationOnce(
() => Promise.resolve(false)
)
await expect(
promoteBlueGreenService(kubectl, testObjects)
).rejects.toThrow()
})
test('promote blue/green SMI', async () => {
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
const mockLabels = new Map<string, string>()
mockLabels[bgHelper.BLUE_GREEN_VERSION_LABEL] = bgHelper.NONE_LABEL_VALUE
const mockTsObject: TrafficSplitObject = {
apiVersion: 'v1alpha3',
kind: TRAFFIC_SPLIT_OBJECT,
metadata: {
name: 'nginx-service-trafficsplit',
labels: new Map<string, string>(),
annotations: new Map<string, string>()
},
spec: {
service: 'nginx-service',
backends: [
{
service: 'nginx-service-stable',
weight: MIN_VAL
},
{
service: 'nginx-service-green',
weight: MAX_VAL
}
]
}
}
vi.spyOn(bgHelper, 'fetchResource').mockImplementation(() =>
Promise.resolve(mockTsObject)
)
const deployResult = await promoteBlueGreenSMI(kubectl, testObjects)
expect(deployResult.objects).toHaveLength(1)
expect(deployResult.objects[0].metadata.name).toBe('nginx-deployment')
expect(
deployResult.objects[0].metadata.labels[
bgHelper.BLUE_GREEN_VERSION_LABEL
]
).toBe(bgHelper.NONE_LABEL_VALUE)
})
test('promote blue/green SMI with bad trafficsplit', async () => {
const mockLabels = new Map<string, string>()
mockLabels[bgHelper.BLUE_GREEN_VERSION_LABEL] = bgHelper.NONE_LABEL_VALUE
vi.spyOn(smiTester, 'validateTrafficSplitsState').mockImplementation(() =>
Promise.resolve(false)
)
await expect(promoteBlueGreenSMI(kubectl, testObjects)).rejects.toThrow()
})
// Consolidated error tests
test.each([
{
name: 'should throw error when kubectl apply fails during blue/green ingress promotion',
fn: () => promoteBlueGreenIngress(kubectl, testObjects),
setup: () => {
const mockLabels = new Map<string, string>()
mockLabels[bgHelper.BLUE_GREEN_VERSION_LABEL] =
bgHelper.GREEN_LABEL_VALUE
vi.spyOn(bgHelper, 'fetchResource').mockImplementation(() =>
Promise.resolve({
kind: 'Ingress',
spec: {},
metadata: {labels: mockLabels, name: 'nginx-ingress-green'}
})
)
}
},
{
name: 'should throw error when kubectl apply fails during blue/green service promotion',
fn: () => promoteBlueGreenService(kubectl, testObjects),
setup: () => {
const mockLabels = new Map<string, string>()
mockLabels[bgHelper.BLUE_GREEN_VERSION_LABEL] =
bgHelper.GREEN_LABEL_VALUE
vi.spyOn(bgHelper, 'fetchResource').mockImplementation(() =>
Promise.resolve({
kind: 'Service',
spec: {selector: mockLabels},
metadata: {labels: mockLabels, name: 'nginx-service-green'}
})
)
vi.spyOn(servicesTester, 'validateServicesState').mockResolvedValue(
true
)
}
},
{
name: 'should throw error when kubectl apply fails during blue/green SMI promotion',
fn: () => promoteBlueGreenSMI(kubectl, testObjects),
setup: () => {
const mockTsObject: TrafficSplitObject = {
apiVersion: 'v1alpha3',
kind: TRAFFIC_SPLIT_OBJECT,
metadata: {
name: 'nginx-service-trafficsplit',
labels: new Map<string, string>(),
annotations: new Map<string, string>()
},
spec: {
service: 'nginx-service',
backends: [
{service: 'nginx-service-stable', weight: MIN_VAL},
{service: 'nginx-service-green', weight: MAX_VAL}
]
}
}
vi.spyOn(bgHelper, 'fetchResource').mockResolvedValue(mockTsObject)
vi.spyOn(smiTester, 'validateTrafficSplitsState').mockResolvedValue(
true
)
}
}
])('$name', async ({fn, setup}) => {
kubectlApplySpy.mockClear()
kubectlApplySpy.mockResolvedValue(mockFailureResult)
setup()
await expect(fn()).rejects.toThrow()
const timeoutArg = kubectlApplySpy.mock.calls[0][3]
expect(typeof timeoutArg === 'string' || timeoutArg === undefined).toBe(
true
)
expect(kubectlApplySpy).toHaveBeenCalledWith(
expect.any(Array),
expect.any(Boolean),
expect.any(Boolean),
timeoutArg
)
expect(kubectlApplySpy).toHaveBeenCalledTimes(1)
})
})
// Timeout tests
describe('promote timeout tests', () => {
beforeEach(() => {
vi.mocked(Kubectl).mockClear()
testObjects = getManifestObjects(ingressFilepath)
})
const mockDeployWithLabel = () =>
vi.spyOn(bgHelper, 'deployWithLabel').mockResolvedValue(mockBgDeployment)
const setupFetchResource = (
kind: string,
name: string,
labelValue: string
) => {
const mockLabels = new Map<string, string>()
mockLabels[bgHelper.BLUE_GREEN_VERSION_LABEL] = labelValue
vi.spyOn(bgHelper, 'fetchResource').mockResolvedValue({
kind,
spec: {},
metadata: {labels: mockLabels, name}
})
}
test.each([
{
name: 'promoteBlueGreenIngress with timeout',
fn: promoteBlueGreenIngress,
kind: 'Ingress',
resourceName: 'nginx-ingress-green',
timeout: '300s',
setup: () =>
setupFetchResource(
'Ingress',
'nginx-ingress-green',
bgHelper.GREEN_LABEL_VALUE
)
},
{
name: 'promoteBlueGreenService with timeout',
fn: promoteBlueGreenService,
kind: 'Service',
resourceName: 'nginx-service-green',
timeout: '240s',
setup: () => {
setupFetchResource(
'Service',
'nginx-service-green',
bgHelper.GREEN_LABEL_VALUE
)
vi.spyOn(servicesTester, 'validateServicesState').mockResolvedValue(
true
)
}
},
{
name: 'promoteBlueGreenSMI with timeout',
fn: promoteBlueGreenSMI,
kind: 'TrafficSplit',
resourceName: 'nginx-service-trafficsplit',
timeout: '180s',
setup: () => {
const mockTsObject: TrafficSplitObject = {
apiVersion: 'v1alpha3',
kind: TRAFFIC_SPLIT_OBJECT,
metadata: {
name: 'nginx-service-trafficsplit',
labels: new Map<string, string>(),
annotations: new Map<string, string>()
},
spec: {
service: 'nginx-service',
backends: [
{service: 'nginx-service-stable', weight: MIN_VAL},
{service: 'nginx-service-green', weight: MAX_VAL}
]
}
}
vi.spyOn(bgHelper, 'fetchResource').mockResolvedValue(mockTsObject)
vi.spyOn(smiTester, 'validateTrafficSplitsState').mockResolvedValue(
true
)
}
}
])('$name', async ({fn, timeout, setup}) => {
setup()
const deployWithLabelSpy = mockDeployWithLabel()
await fn(kubectl, testObjects, timeout)
expect(deployWithLabelSpy).toHaveBeenCalledWith(
kubectl,
expect.any(Array),
bgHelper.NONE_LABEL_VALUE,
timeout
)
deployWithLabelSpy.mockRestore()
})
test('promote functions without timeout should pass undefined', async () => {
setupFetchResource(
'Ingress',
'nginx-ingress-green',
bgHelper.GREEN_LABEL_VALUE
)
const deployWithLabelSpy = mockDeployWithLabel()
await promoteBlueGreenIngress(kubectl, testObjects)
expect(deployWithLabelSpy).toHaveBeenCalledWith(
kubectl,
expect.any(Array),
bgHelper.NONE_LABEL_VALUE,
undefined
)
deployWithLabelSpy.mockRestore()
})
})
src/strategyHelpers/blueGreen/promote.ts
-87
View File
@@ -1,87 +0,0 @@
import * as core from '@actions/core'
import {Kubectl} from '../../types/kubectl.js'
import {BlueGreenDeployment} from '../../types/blueGreenTypes.js'
import {deployWithLabel, NONE_LABEL_VALUE} from './blueGreenHelper.js'
import {validateIngresses} from './ingressBlueGreenHelper.js'
import {validateServicesState} from './serviceBlueGreenHelper.js'
import {validateTrafficSplitsState} from './smiBlueGreenHelper.js'
export async function promoteBlueGreenIngress(
kubectl: Kubectl,
manifestObjects,
timeout?: string
): Promise<BlueGreenDeployment> {
//checking if anything to promote
const {areValid, invalidIngresses} = await validateIngresses(
kubectl,
manifestObjects.ingressEntityList,
manifestObjects.serviceNameMap
)
if (!areValid) {
throw new Error(
`Ingresses are not in promote state: ${invalidIngresses.toString()}`
)
}
// create stable deployments with new configuration
const result: BlueGreenDeployment = await deployWithLabel(
kubectl,
[].concat(
manifestObjects.deploymentEntityList,
manifestObjects.serviceEntityList
),
NONE_LABEL_VALUE,
timeout
)
// create stable services with new configuration
return result
}
export async function promoteBlueGreenService(
kubectl: Kubectl,
manifestObjects,
timeout?: string
): Promise<BlueGreenDeployment> {
// checking if services are in the right state ie. targeting green deployments
if (
!(await validateServicesState(kubectl, manifestObjects.serviceEntityList))
) {
throw new Error('Found services not in promote state')
}
// creating stable deployments with new configurations
return await deployWithLabel(
kubectl,
manifestObjects.deploymentEntityList,
NONE_LABEL_VALUE,
timeout
)
}
export async function promoteBlueGreenSMI(
kubectl: Kubectl,
manifestObjects,
timeout?: string
): Promise<BlueGreenDeployment> {
// checking if there is something to promote
if (
!(await validateTrafficSplitsState(
kubectl,
manifestObjects.serviceEntityList
))
) {
throw Error('Not in promote state SMI')
}
// create stable deployments with new configuration
return await deployWithLabel(
kubectl,
manifestObjects.deploymentEntityList,
NONE_LABEL_VALUE,
timeout
)
}
src/strategyHelpers/blueGreen/reject.test.ts
-270
View File
@@ -1,270 +0,0 @@
import {vi} from 'vitest'
import type {MockInstance} from 'vitest'
import {getManifestObjects} from './blueGreenHelper.js'
import {Kubectl} from '../../types/kubectl.js'
import * as TSutils from '../../utilities/trafficSplitUtils.js'
import {
rejectBlueGreenIngress,
rejectBlueGreenService,
rejectBlueGreenSMI
} from './reject.js'
import * as bgHelper from './blueGreenHelper.js'
import * as routeHelper from './route.js'
const ingressFilepath = ['test/unit/manifests/test-ingress-new.yml']
const kubectl = new Kubectl('')
const TEST_TIMEOUT_SHORT = '60s'
const TEST_TIMEOUT_LONG = '120s'
vi.mock('../../types/kubectl')
// Shared mock objects following DRY principle
const mockSuccessResult = {
stdout: 'deployment.apps/nginx-deployment created',
stderr: '',
exitCode: 0
}
const mockFailureResult = {
stdout: '',
stderr: 'error: deployment failed',
exitCode: 1
}
const mockBgDeployment = {
deployResult: {
execResult: {stdout: '', stderr: '', exitCode: 0},
manifestFiles: []
},
objects: [
{
kind: 'Ingress',
metadata: {
name: 'nginx-ingress',
labels: new Map<string, string>()
},
spec: {}
}
]
}
const mockDeleteResult = [
{name: 'nginx-service-green', kind: 'Service'},
{name: 'nginx-deployment-green', kind: 'Deployment'}
]
describe('reject tests', () => {
let testObjects: any
let kubectlApplySpy: MockInstance
beforeEach(() => {
vi.mocked(Kubectl).mockClear()
vi.restoreAllMocks()
testObjects = getManifestObjects(ingressFilepath)
kubectlApplySpy = vi.spyOn(kubectl, 'apply')
})
test('reject blue/green ingress', async () => {
// Mock kubectl.apply to return successful result
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
const value = await rejectBlueGreenIngress(kubectl, testObjects)
const bgDeployment = value.routeResult
const deleteResult = value.deleteResult
expect(deleteResult).toHaveLength(2)
for (const obj of deleteResult) {
if (obj.kind == 'Service') {
expect(obj.name).toBe('nginx-service-green')
}
if (obj.kind == 'Deployment') {
expect(obj.name).toBe('nginx-deployment-green')
}
}
expect(bgDeployment.objects).toHaveLength(1)
expect(bgDeployment.objects[0].metadata.name).toBe('nginx-ingress')
})
test('reject blue/green ingress with timeout', async () => {
// Mock routeBlueGreenIngressUnchanged and deleteGreenObjects
vi.spyOn(routeHelper, 'routeBlueGreenIngressUnchanged').mockResolvedValue(
mockBgDeployment
)
vi.spyOn(bgHelper, 'deleteGreenObjects').mockResolvedValue(
mockDeleteResult
)
const value = await rejectBlueGreenIngress(
kubectl,
testObjects,
TEST_TIMEOUT_LONG
)
const bgDeployment = value.routeResult
const deleteResult = value.deleteResult
expect(deleteResult).toHaveLength(2)
for (const obj of deleteResult) {
if (obj.kind === 'Service') {
expect(obj.name).toBe('nginx-service-green')
}
if (obj.kind === 'Deployment') {
expect(obj.name).toBe('nginx-deployment-green')
}
}
expect(bgDeployment.objects).toHaveLength(1)
expect(bgDeployment.objects[0].metadata.name).toBe('nginx-ingress')
// Verify deleteGreenObjects is called with timeout
expect(bgHelper.deleteGreenObjects).toHaveBeenCalledWith(
kubectl,
[].concat(
testObjects.deploymentEntityList,
testObjects.serviceEntityList
),
TEST_TIMEOUT_LONG
)
expect(routeHelper.routeBlueGreenIngressUnchanged).toHaveBeenCalledWith(
kubectl,
testObjects.serviceNameMap,
testObjects.ingressEntityList,
TEST_TIMEOUT_LONG
)
})
test('reject blue/green service', async () => {
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
vi.spyOn(bgHelper, 'deleteGreenObjects').mockResolvedValue(
mockDeleteResult
)
const value = await rejectBlueGreenService(
kubectl,
testObjects,
TEST_TIMEOUT_SHORT
)
const deleteResult = value.deleteResult
expect(deleteResult).toHaveLength(2)
expect(deleteResult).toContainEqual({
name: 'nginx-service-green',
kind: 'Service'
})
expect(deleteResult).toContainEqual({
name: 'nginx-deployment-green',
kind: 'Deployment'
})
})
test('reject blue/green service with timeout', async () => {
// Mock routeBlueGreenService and deleteGreenObjects
vi.spyOn(routeHelper, 'routeBlueGreenService').mockResolvedValue({
deployResult: {
execResult: {stdout: '', stderr: '', exitCode: 0},
manifestFiles: []
},
objects: [
{
kind: 'Service',
metadata: {
name: 'nginx-service',
labels: new Map<string, string>()
},
spec: {}
}
]
})
vi.spyOn(bgHelper, 'deleteGreenObjects').mockResolvedValue([
{name: 'nginx-deployment-green', kind: 'Deployment'}
])
const value = await rejectBlueGreenService(
kubectl,
testObjects,
TEST_TIMEOUT_LONG
)
const bgDeployment = value.routeResult
const deleteResult = value.deleteResult
// Verify deleteGreenObjects is called with timeout
expect(bgHelper.deleteGreenObjects).toHaveBeenCalledWith(
kubectl,
testObjects.deploymentEntityList,
TEST_TIMEOUT_LONG
)
// Assertions for routeResult and deleteResult
expect(deleteResult).toHaveLength(1)
expect(deleteResult[0].name).toBe('nginx-deployment-green')
expect(bgDeployment.objects).toHaveLength(1)
expect(bgDeployment.objects[0].metadata.name).toBe('nginx-service')
})
test('reject blue/green SMI', async () => {
// Mock kubectl.apply to return successful result
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
vi.spyOn(TSutils, 'getTrafficSplitAPIVersion').mockImplementation(() =>
Promise.resolve('v1alpha3')
)
const rejectResult = await rejectBlueGreenSMI(kubectl, testObjects)
expect(rejectResult.deleteResult).toHaveLength(2)
})
// Consolidated error tests
test.each([
{
name: 'should throw error when kubectl apply fails during blue/green ingress rejection',
fn: () => rejectBlueGreenIngress(kubectl, testObjects),
setup: () => {
vi.spyOn(bgHelper, 'deleteGreenObjects').mockResolvedValue(
mockDeleteResult
)
}
},
{
name: 'should throw error when kubectl apply fails during blue/green service rejection',
fn: () => rejectBlueGreenService(kubectl, testObjects),
setup: () => {
vi.spyOn(bgHelper, 'deleteGreenObjects').mockResolvedValue(
mockDeleteResult
)
}
},
{
name: 'should throw error when kubectl apply fails during blue/green SMI rejection',
fn: () => rejectBlueGreenSMI(kubectl, testObjects),
setup: () => {
vi.spyOn(TSutils, 'getTrafficSplitAPIVersion').mockImplementation(
() => Promise.resolve('v1alpha3')
)
}
}
])('$name', async ({fn, setup}) => {
kubectlApplySpy.mockClear()
kubectlApplySpy.mockResolvedValue(mockFailureResult)
setup()
await expect(fn()).rejects.toThrow()
const timeoutArg = kubectlApplySpy.mock.calls[0][3]
expect(typeof timeoutArg === 'string' || timeoutArg === undefined).toBe(
true
)
expect(kubectlApplySpy).toHaveBeenCalledWith(
expect.any(Array),
expect.any(Boolean),
expect.any(Boolean),
timeoutArg
)
expect(kubectlApplySpy).toHaveBeenCalledTimes(1)
})
})
src/strategyHelpers/blueGreen/reject.ts
-91
View File
@@ -1,91 +0,0 @@
import {K8sDeleteObject} from '../../types/k8sObject.js'
import {Kubectl} from '../../types/kubectl.js'
import {
BlueGreenDeployment,
BlueGreenManifests,
BlueGreenRejectResult
} from '../../types/blueGreenTypes.js'
import {deleteGreenObjects, NONE_LABEL_VALUE} from './blueGreenHelper.js'
import {routeBlueGreenSMI} from './route.js'
import {cleanupSMI} from './smiBlueGreenHelper.js'
import {routeBlueGreenIngressUnchanged, routeBlueGreenService} from './route.js'
export async function rejectBlueGreenIngress(
kubectl: Kubectl,
manifestObjects: BlueGreenManifests,
timeout?: string
): Promise<BlueGreenRejectResult> {
// get all kubernetes objects defined in manifest files
// route ingress to stables services
const routeResult = await routeBlueGreenIngressUnchanged(
kubectl,
manifestObjects.serviceNameMap,
manifestObjects.ingressEntityList,
timeout
)
// delete green services and deployments
const deleteResult = await deleteGreenObjects(
kubectl,
[].concat(
manifestObjects.deploymentEntityList,
manifestObjects.serviceEntityList
),
timeout
)
return {routeResult, deleteResult}
}
export async function rejectBlueGreenService(
kubectl: Kubectl,
manifestObjects: BlueGreenManifests,
timeout?: string
): Promise<BlueGreenRejectResult> {
// route to stable objects
const routeResult = await routeBlueGreenService(
kubectl,
NONE_LABEL_VALUE,
manifestObjects.serviceEntityList,
timeout
)
// delete new deployments with green suffix
const deleteResult = await deleteGreenObjects(
kubectl,
manifestObjects.deploymentEntityList,
timeout
)
return {routeResult, deleteResult}
}
export async function rejectBlueGreenSMI(
kubectl: Kubectl,
manifestObjects: BlueGreenManifests,
timeout?: string
): Promise<BlueGreenRejectResult> {
// route trafficsplit to stable deployments
const routeResult = await routeBlueGreenSMI(
kubectl,
NONE_LABEL_VALUE,
manifestObjects.serviceEntityList,
timeout
)
// delete rejected new bluegreen deployments
const deletedObjects = await deleteGreenObjects(
kubectl,
manifestObjects.deploymentEntityList,
timeout
)
// delete trafficsplit and extra services
const cleanupResult = await cleanupSMI(
kubectl,
manifestObjects.serviceEntityList,
timeout
)
return {routeResult, deleteResult: [].concat(deletedObjects, cleanupResult)}
}
src/strategyHelpers/blueGreen/route.test.ts
-342
View File
@@ -1,342 +0,0 @@
import {vi} from 'vitest'
import type {MockInstance} from 'vitest'
import {K8sIngress, TrafficSplitObject} from '../../types/k8sObject.js'
import {Kubectl} from '../../types/kubectl.js'
import * as fileHelper from '../../utilities/fileUtils.js'
import * as TSutils from '../../utilities/trafficSplitUtils.js'
import {RouteStrategy} from '../../types/routeStrategy.js'
import {BlueGreenManifests} from '../../types/blueGreenTypes.js'
import {
BLUE_GREEN_VERSION_LABEL,
getManifestObjects,
GREEN_LABEL_VALUE
} from './blueGreenHelper.js'
import * as bgHelper from './blueGreenHelper.js'
import * as smiHelper from './smiBlueGreenHelper.js'
import {
routeBlueGreenIngress,
routeBlueGreenService,
routeBlueGreenForDeploy,
routeBlueGreenSMI,
routeBlueGreenIngressUnchanged
} from './route.js'
vi.mock('../../types/kubectl')
const ingressFilepath = ['test/unit/manifests/test-ingress-new.yml']
const kc = new Kubectl('')
// Shared mock objects following DRY principle
const mockSuccessResult = {
stdout: 'deployment.apps/nginx-deployment created',
stderr: '',
exitCode: 0
}
const mockFailureResult = {
stdout: '',
stderr: 'error: deployment failed',
exitCode: 1
}
describe('route function tests', () => {
let testObjects: BlueGreenManifests
let kubectlApplySpy: MockInstance
beforeEach(() => {
vi.mocked(Kubectl).mockClear()
testObjects = getManifestObjects(ingressFilepath)
kubectlApplySpy = vi.spyOn(kc, 'apply')
vi.spyOn(fileHelper, 'writeObjectsToFile').mockImplementationOnce(() => [
''
])
})
test('correctly prepares blue/green ingresses for deployment', async () => {
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
const unroutedIngCopy: K8sIngress = JSON.parse(
JSON.stringify(testObjects.ingressEntityList[0])
)
unroutedIngCopy.metadata.name = 'nginx-ingress-unrouted'
unroutedIngCopy.spec.rules[0].http.paths[0].backend.service.name =
'fake-service'
testObjects.ingressEntityList.push(unroutedIngCopy)
const value = await routeBlueGreenIngress(
kc,
testObjects.serviceNameMap,
testObjects.ingressEntityList
)
expect(value.objects).toHaveLength(2)
expect(value.objects[0].metadata.name).toBe('nginx-ingress')
expect(
(value.objects[0] as K8sIngress).spec.rules[0].http.paths[0].backend
.service.name
).toBe('nginx-service-green')
expect(value.objects[1].metadata.name).toBe('nginx-ingress-unrouted')
// unrouted services shouldn't get their service name changed
expect(
(value.objects[1] as K8sIngress).spec.rules[0].http.paths[0].backend
.service.name
).toBe('fake-service')
})
test('correctly prepares blue/green services for deployment', async () => {
const value = await routeBlueGreenService(
kc,
GREEN_LABEL_VALUE,
testObjects.serviceEntityList
)
expect(value.objects).toHaveLength(1)
expect(value.objects[0].metadata.name).toBe('nginx-service')
expect(value.objects[0].metadata.labels[BLUE_GREEN_VERSION_LABEL]).toBe(
GREEN_LABEL_VALUE
)
})
test('correctly identifies route pattern and acts accordingly', async () => {
vi.spyOn(TSutils, 'getTrafficSplitAPIVersion').mockImplementation(() =>
Promise.resolve('v1alpha3')
)
const ingressResult = await routeBlueGreenForDeploy(
kc,
ingressFilepath,
RouteStrategy.INGRESS
)
expect(ingressResult.objects.length).toBe(1)
expect(ingressResult.objects[0].metadata.name).toBe('nginx-ingress')
const serviceResult = await routeBlueGreenForDeploy(
kc,
ingressFilepath,
RouteStrategy.SERVICE
)
expect(serviceResult.objects.length).toBe(1)
expect(serviceResult.objects[0].metadata.name).toBe('nginx-service')
const smiResult = await routeBlueGreenForDeploy(
kc,
ingressFilepath,
RouteStrategy.SMI
)
expect(smiResult.objects).toHaveLength(1)
expect(smiResult.objects[0].metadata.name).toBe(
'nginx-service-trafficsplit'
)
expect(
(smiResult.objects as TrafficSplitObject[])[0].spec.backends
).toHaveLength(2)
})
// Consolidated error tests
test.each([
{
name: 'should throw error when kubectl apply fails during blue/green ingress routing',
fn: () =>
routeBlueGreenIngress(
kc,
testObjects.serviceNameMap,
testObjects.ingressEntityList
),
setup: () => {}
},
{
name: 'should throw error when kubectl apply fails during blue/green service routing',
fn: () =>
routeBlueGreenService(
kc,
GREEN_LABEL_VALUE,
testObjects.serviceEntityList
),
setup: () => {}
},
{
name: 'should throw error when kubectl apply fails during blue/green SMI routing',
fn: () =>
routeBlueGreenSMI(
kc,
GREEN_LABEL_VALUE,
testObjects.serviceEntityList
),
setup: () => {
vi.spyOn(TSutils, 'getTrafficSplitAPIVersion').mockImplementation(
() => Promise.resolve('v1alpha3')
)
}
},
{
name: 'should throw error when kubectl apply fails during blue/green ingress unchanged routing',
fn: () =>
routeBlueGreenIngressUnchanged(
kc,
testObjects.serviceNameMap,
testObjects.ingressEntityList
),
setup: () => {}
}
])('$name', async ({fn, setup}) => {
kubectlApplySpy.mockClear()
kubectlApplySpy.mockResolvedValue(mockFailureResult)
setup()
await expect(fn()).rejects.toThrow()
expect(kubectlApplySpy).toHaveBeenCalledTimes(1)
})
})
// Timeout tests
describe('route timeout tests', () => {
let testObjects: BlueGreenManifests
beforeEach(() => {
vi.mocked(Kubectl).mockClear()
testObjects = getManifestObjects(ingressFilepath)
vi.spyOn(fileHelper, 'writeObjectsToFile').mockImplementationOnce(() => [
''
])
})
afterEach(() => {
vi.restoreAllMocks()
})
test('routeBlueGreenService with timeout', async () => {
const timeout = '240s'
// Mock deployObjects to capture timeout parameter
const deployObjectsSpy = vi
.spyOn(bgHelper, 'deployObjects')
.mockResolvedValue({
execResult: mockSuccessResult,
manifestFiles: []
})
const value = await routeBlueGreenService(
kc,
GREEN_LABEL_VALUE,
testObjects.serviceEntityList,
timeout
)
expect(deployObjectsSpy).toHaveBeenCalledWith(
kc,
expect.any(Array),
timeout
)
expect(value.objects).toHaveLength(1)
deployObjectsSpy.mockRestore()
})
test('routeBlueGreenSMI with timeout', async () => {
const timeout = '300s'
vi.spyOn(TSutils, 'getTrafficSplitAPIVersion').mockImplementation(() =>
Promise.resolve('v1alpha3')
)
// Mock deployObjects and createTrafficSplitObject to capture timeout parameter
const deployObjectsSpy = vi
.spyOn(bgHelper, 'deployObjects')
.mockResolvedValue({
execResult: mockSuccessResult,
manifestFiles: []
})
const createTrafficSplitSpy = vi
.spyOn(smiHelper, 'createTrafficSplitObject')
.mockResolvedValue({
apiVersion: 'split.smi-spec.io/v1alpha3',
kind: 'TrafficSplit',
metadata: {
name: 'nginx-service-trafficsplit',
labels: new Map(),
annotations: new Map()
},
spec: {service: 'nginx-service', backends: []}
})
const value = await routeBlueGreenSMI(
kc,
GREEN_LABEL_VALUE,
testObjects.serviceEntityList,
timeout
)
expect(createTrafficSplitSpy).toHaveBeenCalledWith(
kc,
'nginx-service',
GREEN_LABEL_VALUE,
timeout
)
expect(deployObjectsSpy).toHaveBeenCalledWith(
kc,
expect.any(Array),
timeout
)
expect(value.objects).toHaveLength(1)
deployObjectsSpy.mockRestore()
createTrafficSplitSpy.mockRestore()
})
test('routeBlueGreenIngressUnchanged with timeout', async () => {
const timeout = '180s'
// Mock deployObjects to capture timeout parameter
const deployObjectsSpy = vi
.spyOn(bgHelper, 'deployObjects')
.mockResolvedValue({
execResult: mockSuccessResult,
manifestFiles: []
})
const value = await routeBlueGreenIngressUnchanged(
kc,
testObjects.serviceNameMap,
testObjects.ingressEntityList,
timeout
)
expect(deployObjectsSpy).toHaveBeenCalledWith(
kc,
expect.any(Array),
timeout
)
expect(value.objects).toHaveLength(1)
deployObjectsSpy.mockRestore()
})
test('route functions without timeout should pass undefined', async () => {
const deployObjectsSpy = vi
.spyOn(bgHelper, 'deployObjects')
.mockResolvedValue({
execResult: mockSuccessResult,
manifestFiles: []
})
// Test routeBlueGreenService without timeout
await routeBlueGreenService(
kc,
GREEN_LABEL_VALUE,
testObjects.serviceEntityList
)
expect(deployObjectsSpy).toHaveBeenCalledWith(
kc,
expect.any(Array),
undefined
)
deployObjectsSpy.mockRestore()
})
})
src/strategyHelpers/blueGreen/route.ts
-150
View File
@@ -1,150 +0,0 @@
import {sleep} from '../../utilities/timeUtils.js'
import {RouteStrategy} from '../../types/routeStrategy.js'
import {Kubectl} from '../../types/kubectl.js'
import {
BlueGreenDeployment,
BlueGreenManifests
} from '../../types/blueGreenTypes.js'
import {
getManifestObjects,
GREEN_LABEL_VALUE,
deployObjects
} from './blueGreenHelper.js'
import {
getUpdatedBlueGreenIngress,
isIngressRouted
} from './ingressBlueGreenHelper.js'
import {getUpdatedBlueGreenService} from './serviceBlueGreenHelper.js'
import {createTrafficSplitObject} from './smiBlueGreenHelper.js'
import * as core from '@actions/core'
import {K8sObject, TrafficSplitObject} from '../../types/k8sObject.js'
import {getBufferTime} from '../../inputUtils.js'
export async function routeBlueGreenForDeploy(
kubectl: Kubectl,
inputManifestFiles: string[],
routeStrategy: RouteStrategy,
timeout?: string
): Promise<BlueGreenDeployment> {
// sleep for buffer time
const bufferTime: number = getBufferTime()
const startSleepDate = new Date()
core.info(
`Starting buffer time of ${bufferTime} minute(s) at ${startSleepDate.toISOString()}`
)
await sleep(bufferTime * 1000 * 60)
const endSleepDate = new Date()
core.info(
`Stopping buffer time of ${bufferTime} minute(s) at ${endSleepDate.toISOString()}`
)
const manifestObjects: BlueGreenManifests =
getManifestObjects(inputManifestFiles)
// route to new deployments
if (routeStrategy == RouteStrategy.INGRESS) {
return await routeBlueGreenIngress(
kubectl,
manifestObjects.serviceNameMap,
manifestObjects.ingressEntityList,
timeout
)
} else if (routeStrategy == RouteStrategy.SMI) {
return await routeBlueGreenSMI(
kubectl,
GREEN_LABEL_VALUE,
manifestObjects.serviceEntityList,
timeout
)
} else {
return await routeBlueGreenService(
kubectl,
GREEN_LABEL_VALUE,
manifestObjects.serviceEntityList,
timeout
)
}
}
export async function routeBlueGreenIngress(
kubectl: Kubectl,
serviceNameMap: Map<string, string>,
ingressEntityList: any[],
timeout?: string
): Promise<BlueGreenDeployment> {
// const newObjectsList = []
const newObjectsList: K8sObject[] = ingressEntityList.map((obj) => {
if (isIngressRouted(obj, serviceNameMap)) {
const newBlueGreenIngressObject = getUpdatedBlueGreenIngress(
obj,
serviceNameMap,
GREEN_LABEL_VALUE
)
return newBlueGreenIngressObject
} else {
core.debug(`unrouted ingress detected ${obj.metadata.name}`)
return obj
}
})
const deployResult = await deployObjects(kubectl, newObjectsList, timeout)
return {deployResult, objects: newObjectsList}
}
export async function routeBlueGreenIngressUnchanged(
kubectl: Kubectl,
serviceNameMap: Map<string, string>,
ingressEntityList: any[],
timeout?: string
): Promise<BlueGreenDeployment> {
const objects = ingressEntityList.filter((ingress) =>
isIngressRouted(ingress, serviceNameMap)
)
const deployResult = await deployObjects(kubectl, objects, timeout)
return {deployResult, objects}
}
export async function routeBlueGreenService(
kubectl: Kubectl,
nextLabel: string,
serviceEntityList: any[],
timeout?: string
): Promise<BlueGreenDeployment> {
const objects = serviceEntityList.map((serviceObject) =>
getUpdatedBlueGreenService(serviceObject, nextLabel)
)
const deployResult = await deployObjects(kubectl, objects, timeout)
return {deployResult, objects}
}
export async function routeBlueGreenSMI(
kubectl: Kubectl,
nextLabel: string,
serviceEntityList: any[],
timeout?: string
): Promise<BlueGreenDeployment> {
// let tsObjects: TrafficSplitObject[] = []
const tsObjects: TrafficSplitObject[] = await Promise.all(
serviceEntityList.map(async (serviceObject) => {
const tsObject: TrafficSplitObject = await createTrafficSplitObject(
kubectl,
serviceObject.metadata.name,
nextLabel,
timeout
)
return tsObject
})
)
const deployResult = await deployObjects(kubectl, tsObjects, timeout)
return {deployResult, objects: tsObjects}
}
src/strategyHelpers/blueGreen/serviceBlueGreenHelper.test.ts
-65
View File
@@ -1,65 +0,0 @@
import {vi} from 'vitest'
import * as core from '@actions/core'
import {
BLUE_GREEN_VERSION_LABEL,
getManifestObjects,
GREEN_LABEL_VALUE
} from './blueGreenHelper.js'
import * as bgHelper from './blueGreenHelper.js'
import {Kubectl} from '../../types/kubectl.js'
import {
getServiceSpecLabel,
getUpdatedBlueGreenService,
validateServicesState
} from './serviceBlueGreenHelper.js'
let testObjects
const ingressFilepath = ['test/unit/manifests/test-ingress-new.yml']
vi.mock('../../types/kubectl')
const kubectl = new Kubectl('')
describe('blue/green service helper tests', () => {
beforeEach(() => {
vi.mocked(Kubectl).mockClear()
testObjects = getManifestObjects(ingressFilepath)
})
test('getUpdatedBlueGreenService', () => {
const newService = getUpdatedBlueGreenService(
testObjects.serviceEntityList[0],
GREEN_LABEL_VALUE
)
expect(newService.metadata.labels[BLUE_GREEN_VERSION_LABEL]).toBe(
GREEN_LABEL_VALUE
)
expect(newService.spec.selector[BLUE_GREEN_VERSION_LABEL]).toBe(
GREEN_LABEL_VALUE
)
})
test('validateServicesState', async () => {
const mockLabels = new Map<string, string>()
mockLabels[BLUE_GREEN_VERSION_LABEL] = bgHelper.GREEN_LABEL_VALUE
const mockSelectors = new Map<string, string>()
mockSelectors[BLUE_GREEN_VERSION_LABEL] = GREEN_LABEL_VALUE
vi.spyOn(bgHelper, 'fetchResource').mockImplementation(() =>
Promise.resolve({
kind: 'Service',
spec: {selector: mockSelectors},
metadata: {labels: mockLabels, name: 'nginx-service-green'}
})
)
expect(
await validateServicesState(kubectl, testObjects.serviceEntityList)
).toBe(true)
})
test('getServiceSpecLabel', () => {
testObjects.serviceEntityList[0].spec.selector[BLUE_GREEN_VERSION_LABEL] =
GREEN_LABEL_VALUE
expect(getServiceSpecLabel(testObjects.serviceEntityList[0])).toBe(
GREEN_LABEL_VALUE
)
})
})
src/strategyHelpers/blueGreen/serviceBlueGreenHelper.ts
+132 -36
View File
@@ -1,50 +1,146 @@
import * as core from '@actions/core' import { Kubectl } from "../../types/kubectl";
import {K8sServiceObject} from '../../types/k8sObject.js' import * as fileHelper from "../../utilities/fileUtils";
import {Kubectl} from '../../types/kubectl.js'
import { import {
addBlueGreenLabelsAndAnnotations, addBlueGreenLabelsAndAnnotations,
BLUE_GREEN_VERSION_LABEL, BLUE_GREEN_VERSION_LABEL,
fetchResource, BlueGreenManifests,
GREEN_LABEL_VALUE createWorkloadsWithLabel,
} from './blueGreenHelper.js' deleteWorkloadsWithLabel,
fetchResource,
getManifestObjects,
GREEN_LABEL_VALUE,
NONE_LABEL_VALUE,
} from "./blueGreenHelper";
export async function deployBlueGreenService(
kubectl: Kubectl,
filePaths: string[]
) {
const manifestObjects: BlueGreenManifests = getManifestObjects(filePaths);
// create deployments with green label value
const result = await createWorkloadsWithLabel(
kubectl,
manifestObjects.deploymentEntityList,
GREEN_LABEL_VALUE
);
// create other non deployment and non service entities
const newObjectsList = manifestObjects.otherObjects
.concat(manifestObjects.ingressEntityList)
.concat(manifestObjects.unroutedServiceEntityList);
const manifestFiles = fileHelper.writeObjectsToFile(newObjectsList);
if (manifestFiles.length > 0) await kubectl.apply(manifestFiles);
// returning deployment details to check for rollout stability
return result;
}
export async function promoteBlueGreenService(
kubectl: Kubectl,
manifestObjects
) {
// checking if services are in the right state ie. targeting green deployments
if (
!(await validateServicesState(kubectl, manifestObjects.serviceEntityList))
) {
throw "Not inP promote state";
}
// creating stable deployments with new configurations
return await createWorkloadsWithLabel(
kubectl,
manifestObjects.deploymentEntityList,
NONE_LABEL_VALUE
);
}
export async function rejectBlueGreenService(
kubectl: Kubectl,
filePaths: string[]
) {
// get all kubernetes objects defined in manifest files
const manifestObjects: BlueGreenManifests = getManifestObjects(filePaths);
// route to stable objects
await routeBlueGreenService(
kubectl,
NONE_LABEL_VALUE,
manifestObjects.serviceEntityList
);
// delete new deployments with green suffix
await deleteWorkloadsWithLabel(
kubectl,
GREEN_LABEL_VALUE,
manifestObjects.deploymentEntityList
);
}
export async function routeBlueGreenService(
kubectl: Kubectl,
nextLabel: string,
serviceEntityList: any[]
) {
const newObjectsList = [];
serviceEntityList.forEach((serviceObject) => {
const newBlueGreenServiceObject = getUpdatedBlueGreenService(
serviceObject,
nextLabel
);
newObjectsList.push(newBlueGreenServiceObject);
});
// configures the services
const manifestFiles = fileHelper.writeObjectsToFile(newObjectsList);
await kubectl.apply(manifestFiles);
}
// add green labels to configure existing service // add green labels to configure existing service
export function getUpdatedBlueGreenService( function getUpdatedBlueGreenService(
inputObject: any, inputObject: any,
labelValue: string labelValue: string
): K8sServiceObject { ): object {
const newObject = JSON.parse(JSON.stringify(inputObject)) const newObject = JSON.parse(JSON.stringify(inputObject));
// Adding labels and annotations. // Adding labels and annotations.
addBlueGreenLabelsAndAnnotations(newObject, labelValue) addBlueGreenLabelsAndAnnotations(newObject, labelValue);
return newObject return newObject;
} }
export async function validateServicesState( export async function validateServicesState(
kubectl: Kubectl, kubectl: Kubectl,
serviceEntityList: any[] serviceEntityList: any[]
): Promise<boolean> { ): Promise<boolean> {
let areServicesGreen: boolean = true let areServicesGreen: boolean = true;
for (const serviceObject of serviceEntityList) { for (const serviceObject of serviceEntityList) {
// finding the existing routed service // finding the existing routed service
const existingService = await fetchResource( const existingService = await fetchResource(
kubectl, kubectl,
serviceObject.kind, serviceObject.kind,
serviceObject.metadata.name, serviceObject.metadata.name
serviceObject?.metadata?.namespace );
)
let isServiceGreen = if (!!existingService) {
!!existingService && const currentLabel: string = getServiceSpecLabel(existingService);
getServiceSpecLabel(existingService as K8sServiceObject) == if (currentLabel != GREEN_LABEL_VALUE) {
GREEN_LABEL_VALUE // service should be targeting deployments with green label
areServicesGreen = areServicesGreen && isServiceGreen areServicesGreen = false;
} }
} else {
// service targeting deployment doesn't exist
areServicesGreen = false;
}
}
return areServicesGreen return areServicesGreen;
} }
export function getServiceSpecLabel(inputObject: K8sServiceObject): string { export function getServiceSpecLabel(inputObject: any): string {
return inputObject.spec.selector[BLUE_GREEN_VERSION_LABEL] if (inputObject?.spec?.selector[BLUE_GREEN_VERSION_LABEL]) {
return inputObject.spec.selector[BLUE_GREEN_VERSION_LABEL];
}
return "";
} }
src/strategyHelpers/blueGreen/smiBlueGreenHelper.test.ts
-418
View File
@@ -1,418 +0,0 @@
import {vi} from 'vitest'
import {TrafficSplitObject} from '../../types/k8sObject.js'
import {Kubectl} from '../../types/kubectl.js'
import * as fileHelper from '../../utilities/fileUtils.js'
import * as TSutils from '../../utilities/trafficSplitUtils.js'
import {BlueGreenManifests} from '../../types/blueGreenTypes.js'
import {
BLUE_GREEN_VERSION_LABEL,
getManifestObjects,
GREEN_LABEL_VALUE,
NONE_LABEL_VALUE
} from './blueGreenHelper.js'
import {
cleanupSMI,
createTrafficSplitObject,
getGreenSMIServiceResource,
getStableSMIServiceResource,
MAX_VAL,
MIN_VAL,
setupSMI,
TRAFFIC_SPLIT_OBJECT,
validateTrafficSplitsState
} from './smiBlueGreenHelper.js'
import * as bgHelper from './blueGreenHelper.js'
vi.mock('../../types/kubectl')
const kc = new Kubectl('')
const ingressFilepath = ['test/unit/manifests/test-ingress-new.yml']
// Shared mock objects following DRY principle
const mockSuccessResult = {
stdout: 'service/nginx-service-stable created',
stderr: '',
exitCode: 0
}
const mockFailureResult = {
stdout: '',
stderr: 'error: service creation failed',
exitCode: 1
}
const mockTsObject: TrafficSplitObject = {
apiVersion: 'v1alpha3',
kind: TRAFFIC_SPLIT_OBJECT,
metadata: {
name: 'nginx-service-trafficsplit',
labels: new Map<string, string>(),
annotations: new Map<string, string>()
},
spec: {
service: 'nginx-service',
backends: [
{
service: 'nginx-service-stable',
weight: MIN_VAL
},
{
service: 'nginx-service-green',
weight: MAX_VAL
}
]
}
}
describe('SMI Helper tests', () => {
let testObjects: BlueGreenManifests
beforeEach(() => {
vi.mocked(Kubectl).mockClear()
vi.spyOn(TSutils, 'getTrafficSplitAPIVersion').mockImplementation(() =>
Promise.resolve('')
)
testObjects = getManifestObjects(ingressFilepath)
vi.spyOn(fileHelper, 'writeObjectsToFile').mockImplementationOnce(() => [
''
])
})
test('setupSMI tests', async () => {
vi.spyOn(kc, 'apply').mockResolvedValue(mockSuccessResult)
const smiResults = await setupSMI(kc, testObjects.serviceEntityList)
let found = 0
for (const obj of smiResults.objects) {
if (obj.metadata.name === 'nginx-service-stable') {
expect(obj.metadata.labels[BLUE_GREEN_VERSION_LABEL]).toBe(
NONE_LABEL_VALUE
)
expect(obj.spec.selector.app).toBe('nginx')
found++
}
if (obj.metadata.name === 'nginx-service-green') {
expect(obj.metadata.labels[BLUE_GREEN_VERSION_LABEL]).toBe(
GREEN_LABEL_VALUE
)
found++
}
if (obj.metadata.name === 'nginx-service-trafficsplit') {
found++
// expect stable weight to be max val
const casted = obj as TrafficSplitObject
expect(casted.spec.backends).toHaveLength(2)
for (const be of casted.spec.backends) {
if (be.service === 'nginx-service-stable') {
expect(be.weight).toBe(MAX_VAL)
}
if (be.service === 'nginx-service-green') {
expect(be.weight).toBe(MIN_VAL)
}
}
}
}
expect(found).toBe(3)
})
test('createTrafficSplitObject tests', async () => {
const noneTsObject: TrafficSplitObject = await createTrafficSplitObject(
kc,
testObjects.serviceEntityList[0].metadata.name,
NONE_LABEL_VALUE
)
expect(noneTsObject.metadata.name).toBe('nginx-service-trafficsplit')
for (let be of noneTsObject.spec.backends) {
if (be.service === 'nginx-service-stable') {
expect(be.weight).toBe(MAX_VAL)
}
if (be.service === 'nginx-service-green') {
expect(be.weight).toBe(MIN_VAL)
}
}
const greenTsObject: TrafficSplitObject = await createTrafficSplitObject(
kc,
testObjects.serviceEntityList[0].metadata.name,
GREEN_LABEL_VALUE
)
expect(greenTsObject.metadata.name).toBe('nginx-service-trafficsplit')
for (const be of greenTsObject.spec.backends) {
if (be.service === 'nginx-service-stable') {
expect(be.weight).toBe(MIN_VAL)
}
if (be.service === 'nginx-service-green') {
expect(be.weight).toBe(MAX_VAL)
}
}
})
test('getSMIServiceResource test', () => {
const stableResult = getStableSMIServiceResource(
testObjects.serviceEntityList[0]
)
const greenResult = getGreenSMIServiceResource(
testObjects.serviceEntityList[0]
)
expect(stableResult.metadata.name).toBe('nginx-service-stable')
expect(stableResult.metadata.labels[BLUE_GREEN_VERSION_LABEL]).toBe(
NONE_LABEL_VALUE
)
expect(greenResult.metadata.name).toBe('nginx-service-green')
expect(greenResult.metadata.labels[BLUE_GREEN_VERSION_LABEL]).toBe(
GREEN_LABEL_VALUE
)
})
test('validateTrafficSplitsState', async () => {
vi.spyOn(bgHelper, 'fetchResource').mockImplementation(() =>
Promise.resolve(mockTsObject)
)
let valResult = await validateTrafficSplitsState(
kc,
testObjects.serviceEntityList
)
expect(valResult).toBe(true)
const mockTsCopy = JSON.parse(JSON.stringify(mockTsObject))
mockTsCopy.spec.backends[0].weight = MAX_VAL
vi.spyOn(bgHelper, 'fetchResource').mockImplementation(() =>
Promise.resolve(mockTsCopy)
)
valResult = await validateTrafficSplitsState(
kc,
testObjects.serviceEntityList
)
expect(valResult).toBe(false)
vi.spyOn(bgHelper, 'fetchResource').mockResolvedValue(null)
valResult = await validateTrafficSplitsState(
kc,
testObjects.serviceEntityList
)
expect(valResult).toBe(false)
})
test('cleanupSMI test', async () => {
const deleteObjects = await cleanupSMI(kc, testObjects.serviceEntityList)
expect(deleteObjects).toHaveLength(1)
expect(deleteObjects[0].name).toBe('nginx-service-green')
expect(deleteObjects[0].kind).toBe('Service')
})
// Consolidated error tests using test.each for DRY principle
test.each([
{
name: 'should throw error when kubectl apply fails during SMI setup',
fn: () => setupSMI(kc, testObjects.serviceEntityList),
setup: () => {
vi.spyOn(kc, 'apply').mockResolvedValue(mockFailureResult)
}
}
])('$name', async ({fn, setup}) => {
setup()
await expect(fn()).rejects.toThrow()
})
// Timeout-specific tests
test('setupSMI with timeout test', async () => {
const deployObjectsSpy = vi
.spyOn(bgHelper, 'deployObjects')
.mockResolvedValue({
execResult: mockSuccessResult,
manifestFiles: []
})
const timeout = '300s'
const smiResults = await setupSMI(
kc,
testObjects.serviceEntityList,
timeout
)
// Verify deployObjects was called with timeout
expect(deployObjectsSpy).toHaveBeenCalledWith(
kc,
expect.any(Array),
timeout
)
expect(smiResults.objects).toBeDefined()
expect(smiResults.deployResult).toBeDefined()
deployObjectsSpy.mockRestore()
})
test('createTrafficSplitObject with timeout test', async () => {
const deleteObjectsSpy = vi
.spyOn(bgHelper, 'deleteObjects')
.mockResolvedValue()
const timeout = '180s'
const tsObject = await createTrafficSplitObject(
kc,
testObjects.serviceEntityList[0].metadata.name,
NONE_LABEL_VALUE,
timeout
)
// Verify deleteObjects was called with timeout
expect(deleteObjectsSpy).toHaveBeenCalledWith(
kc,
expect.arrayContaining([
expect.objectContaining({
name: 'nginx-service-trafficsplit',
kind: TRAFFIC_SPLIT_OBJECT
})
]),
timeout
)
expect(tsObject.metadata.name).toBe('nginx-service-trafficsplit')
expect(tsObject.spec.backends).toHaveLength(2)
deleteObjectsSpy.mockRestore()
})
test('createTrafficSplitObject with GREEN_LABEL_VALUE and timeout test', async () => {
const deleteObjectsSpy = vi
.spyOn(bgHelper, 'deleteObjects')
.mockResolvedValue()
const timeout = '240s'
const tsObject = await createTrafficSplitObject(
kc,
testObjects.serviceEntityList[0].metadata.name,
GREEN_LABEL_VALUE,
timeout
)
// Verify deleteObjects was called with timeout
expect(deleteObjectsSpy).toHaveBeenCalledWith(
kc,
expect.any(Array),
timeout
)
// Verify weights are correct for green deployment
for (const be of tsObject.spec.backends) {
if (be.service === 'nginx-service-stable') {
expect(be.weight).toBe(MIN_VAL)
}
if (be.service === 'nginx-service-green') {
expect(be.weight).toBe(MAX_VAL)
}
}
deleteObjectsSpy.mockRestore()
})
test('cleanupSMI with timeout test', async () => {
const deleteObjectsSpy = vi
.spyOn(bgHelper, 'deleteObjects')
.mockResolvedValue()
const timeout = '120s'
const deleteObjects = await cleanupSMI(
kc,
testObjects.serviceEntityList,
timeout
)
// Verify deleteObjects was called with timeout
expect(deleteObjectsSpy).toHaveBeenCalledWith(
kc,
expect.arrayContaining([
expect.objectContaining({
name: 'nginx-service-green',
kind: 'Service'
})
]),
timeout
)
expect(deleteObjects).toHaveLength(1)
expect(deleteObjects[0].name).toBe('nginx-service-green')
expect(deleteObjects[0].kind).toBe('Service')
deleteObjectsSpy.mockRestore()
})
test('setupSMI without timeout test', async () => {
const deployObjectsSpy = vi
.spyOn(bgHelper, 'deployObjects')
.mockResolvedValue({
execResult: mockSuccessResult,
manifestFiles: []
})
const smiResults = await setupSMI(kc, testObjects.serviceEntityList)
// Verify deployObjects was called without timeout (undefined)
expect(deployObjectsSpy).toHaveBeenCalledWith(
kc,
expect.any(Array),
undefined
)
expect(smiResults.objects).toBeDefined()
expect(smiResults.deployResult).toBeDefined()
deployObjectsSpy.mockRestore()
})
test('createTrafficSplitObject without timeout test', async () => {
const deleteObjectsSpy = vi
.spyOn(bgHelper, 'deleteObjects')
.mockResolvedValue()
const tsObject = await createTrafficSplitObject(
kc,
testObjects.serviceEntityList[0].metadata.name,
NONE_LABEL_VALUE
)
// Verify deleteObjects was called without timeout (undefined)
expect(deleteObjectsSpy).toHaveBeenCalledWith(
kc,
expect.any(Array),
undefined
)
expect(tsObject.metadata.name).toBe('nginx-service-trafficsplit')
deleteObjectsSpy.mockRestore()
})
test('cleanupSMI without timeout test', async () => {
const deleteObjectsSpy = vi
.spyOn(bgHelper, 'deleteObjects')
.mockResolvedValue()
const deleteObjects = await cleanupSMI(kc, testObjects.serviceEntityList)
// Verify deleteObjects was called without timeout (undefined)
expect(deleteObjectsSpy).toHaveBeenCalledWith(
kc,
expect.any(Array),
undefined
)
expect(deleteObjects).toHaveLength(1)
deleteObjectsSpy.mockRestore()
})
})
src/strategyHelpers/blueGreen/smiBlueGreenHelper.ts
+238 -173
View File
@@ -1,207 +1,272 @@
import * as core from '@actions/core' import { Kubectl } from "../../types/kubectl";
import {Kubectl} from '../../types/kubectl.js' import * as kubectlUtils from "../../utilities/trafficSplitUtils";
import * as kubectlUtils from '../../utilities/trafficSplitUtils.js' import * as fileHelper from "../../utilities/fileUtils";
import { import {
deleteObjects, BlueGreenManifests,
deployObjects, createWorkloadsWithLabel,
fetchResource, deleteObjects,
getBlueGreenResourceName, deleteWorkloadsWithLabel,
getNewBlueGreenObject, fetchResource,
GREEN_LABEL_VALUE, getBlueGreenResourceName,
GREEN_SUFFIX, getManifestObjects,
NONE_LABEL_VALUE, getNewBlueGreenObject,
STABLE_SUFFIX GREEN_LABEL_VALUE,
} from './blueGreenHelper.js' GREEN_SUFFIX,
import {BlueGreenDeployment} from '../../types/blueGreenTypes.js' NONE_LABEL_VALUE,
import { STABLE_SUFFIX,
K8sDeleteObject, } from "./blueGreenHelper";
K8sObject,
TrafficSplitObject
} from '../../types/k8sObject.js'
import {DeployResult} from '../../types/deployResult.js'
import {inputAnnotations} from '../../inputUtils.js'
export const TRAFFIC_SPLIT_OBJECT_NAME_SUFFIX = '-trafficsplit' const TRAFFIC_SPLIT_OBJECT_NAME_SUFFIX = "-trafficsplit";
export const TRAFFIC_SPLIT_OBJECT = 'TrafficSplit' const TRAFFIC_SPLIT_OBJECT = "TrafficSplit";
export const MIN_VAL = 0 const MIN_VAL = 0;
export const MAX_VAL = 100 const MAX_VAL = 100;
export async function setupSMI( export async function deployBlueGreenSMI(
kubectl: Kubectl, kubectl: Kubectl,
serviceEntityList: any[], filePaths: string[]
timeout?: string ) {
): Promise<BlueGreenDeployment> { // get all kubernetes objects defined in manifest files
const newObjectsList = [] const manifestObjects: BlueGreenManifests = getManifestObjects(filePaths);
const trafficObjectList = []
serviceEntityList.forEach((serviceObject) => { // create services and other objects
// create a trafficsplit for service const newObjectsList = manifestObjects.otherObjects
trafficObjectList.push(serviceObject) .concat(manifestObjects.serviceEntityList)
// set up the services for trafficsplit .concat(manifestObjects.ingressEntityList)
const newStableService = getStableSMIServiceResource(serviceObject) .concat(manifestObjects.unroutedServiceEntityList);
const newGreenService = getGreenSMIServiceResource(serviceObject) const manifestFiles = fileHelper.writeObjectsToFile(newObjectsList);
newObjectsList.push(newStableService) await kubectl.apply(manifestFiles);
newObjectsList.push(newGreenService)
})
const tsObjects: TrafficSplitObject[] = [] // make extraservices and trafficsplit
// route to stable service await setupSMI(kubectl, manifestObjects.serviceEntityList);
for (const svc of trafficObjectList) {
const tsObject = await createTrafficSplitObject(
kubectl,
svc.metadata.name,
NONE_LABEL_VALUE,
timeout
)
tsObjects.push(tsObject as TrafficSplitObject)
}
const objectsToDeploy = [].concat(newObjectsList, tsObjects) // create new deloyments
return await createWorkloadsWithLabel(
kubectl,
manifestObjects.deploymentEntityList,
GREEN_LABEL_VALUE
);
}
// create services export async function promoteBlueGreenSMI(kubectl: Kubectl, manifestObjects) {
const smiDeploymentResult: DeployResult = await deployObjects( // checking if there is something to promote
if (
!(await validateTrafficSplitsState(
kubectl, kubectl,
objectsToDeploy, manifestObjects.serviceEntityList
timeout ))
) ) {
throw Error("Not in promote state SMI");
}
return { // create stable deployments with new configuration
objects: objectsToDeploy, return await createWorkloadsWithLabel(
deployResult: smiDeploymentResult kubectl,
} manifestObjects.deploymentEntityList,
NONE_LABEL_VALUE
);
} }
let trafficSplitAPIVersion = '' export async function rejectBlueGreenSMI(
kubectl: Kubectl,
filePaths: string[]
) {
// get all kubernetes objects defined in manifest files
const manifestObjects: BlueGreenManifests = getManifestObjects(filePaths);
export async function createTrafficSplitObject( // route trafficsplit to stable deploymetns
kubectl: Kubectl, await routeBlueGreenSMI(
name: string, kubectl,
nextLabel: string, NONE_LABEL_VALUE,
timeout?: string manifestObjects.serviceEntityList
): Promise<TrafficSplitObject> { );
// cache traffic split api version
if (!trafficSplitAPIVersion)
trafficSplitAPIVersion =
await kubectlUtils.getTrafficSplitAPIVersion(kubectl)
// retrieve annotations for TS object // delete rejected new bluegreen deployments
const annotations = inputAnnotations await deleteWorkloadsWithLabel(
kubectl,
GREEN_LABEL_VALUE,
manifestObjects.deploymentEntityList
);
// decide weights based on nextlabel // delete trafficsplit and extra services
const stableWeight: number = await cleanupSMI(kubectl, manifestObjects.serviceEntityList);
nextLabel === GREEN_LABEL_VALUE ? MIN_VAL : MAX_VAL
const greenWeight: number =
nextLabel === GREEN_LABEL_VALUE ? MAX_VAL : MIN_VAL
const trafficSplitObject: TrafficSplitObject = {
apiVersion: trafficSplitAPIVersion,
kind: TRAFFIC_SPLIT_OBJECT,
metadata: {
name: getBlueGreenResourceName(name, TRAFFIC_SPLIT_OBJECT_NAME_SUFFIX),
annotations: annotations,
labels: new Map<string, string>()
},
spec: {
service: name,
backends: [
{
service: getBlueGreenResourceName(name, STABLE_SUFFIX),
weight: stableWeight
},
{
service: getBlueGreenResourceName(name, GREEN_SUFFIX),
weight: greenWeight
}
]
}
}
const deleteList: K8sDeleteObject[] = [
{
name: trafficSplitObject.metadata.name,
kind: trafficSplitObject.kind
}
]
await deleteObjects(kubectl, deleteList, timeout)
return trafficSplitObject
} }
export function getStableSMIServiceResource(inputObject: K8sObject): K8sObject { export async function setupSMI(kubectl: Kubectl, serviceEntityList: any[]) {
const newObject = JSON.parse(JSON.stringify(inputObject)) const newObjectsList = [];
// adding stable suffix to service name const trafficObjectList = [];
newObject.metadata.name = getBlueGreenResourceName(
serviceEntityList.forEach((serviceObject) => {
// create a trafficsplit for service
trafficObjectList.push(serviceObject);
// set up the services for trafficsplit
const newStableService = getSMIServiceResource(
serviceObject,
STABLE_SUFFIX
);
const newGreenService = getSMIServiceResource(serviceObject, GREEN_SUFFIX);
newObjectsList.push(newStableService);
newObjectsList.push(newGreenService);
});
// create services
const manifestFiles = fileHelper.writeObjectsToFile(newObjectsList);
await kubectl.apply(manifestFiles);
// route to stable service
trafficObjectList.forEach((inputObject) => {
createTrafficSplitObject(
kubectl,
inputObject.metadata.name,
NONE_LABEL_VALUE
);
});
}
let trafficSplitAPIVersion = "";
async function createTrafficSplitObject(
kubectl: Kubectl,
name: string,
nextLabel: string
): Promise<any> {
// cache traffic split api version
if (!trafficSplitAPIVersion)
trafficSplitAPIVersion = await kubectlUtils.getTrafficSplitAPIVersion(
kubectl
);
// decide weights based on nextlabel
const stableWeight: number =
nextLabel === GREEN_LABEL_VALUE ? MIN_VAL : MAX_VAL;
const greenWeight: number =
nextLabel === GREEN_LABEL_VALUE ? MAX_VAL : MIN_VAL;
const trafficSplitObject = JSON.stringify({
apiVersion: trafficSplitAPIVersion,
kind: "TrafficSplit",
metadata: {
name: getBlueGreenResourceName(name, TRAFFIC_SPLIT_OBJECT_NAME_SUFFIX),
},
spec: {
service: name,
backends: [
{
service: getBlueGreenResourceName(name, STABLE_SUFFIX),
weight: stableWeight,
},
{
service: getBlueGreenResourceName(name, GREEN_SUFFIX),
weight: greenWeight,
},
],
},
});
// create traffic split object
const trafficSplitManifestFile = fileHelper.writeManifestToFile(
trafficSplitObject,
TRAFFIC_SPLIT_OBJECT,
getBlueGreenResourceName(name, TRAFFIC_SPLIT_OBJECT_NAME_SUFFIX)
);
await kubectl.apply(trafficSplitManifestFile);
}
export function getSMIServiceResource(
inputObject: any,
suffix: string
): object {
const newObject = JSON.parse(JSON.stringify(inputObject));
if (suffix === STABLE_SUFFIX) {
// adding stable suffix to service name
newObject.metadata.name = getBlueGreenResourceName(
inputObject.metadata.name, inputObject.metadata.name,
STABLE_SUFFIX STABLE_SUFFIX
) );
return getNewBlueGreenObject(newObject, NONE_LABEL_VALUE) return getNewBlueGreenObject(newObject, NONE_LABEL_VALUE);
} else {
// green label will be added for these
return getNewBlueGreenObject(newObject, GREEN_LABEL_VALUE);
}
} }
export function getGreenSMIServiceResource(inputObject: K8sObject): K8sObject { export async function routeBlueGreenSMI(
const newObject = JSON.parse(JSON.stringify(inputObject)) kubectl: Kubectl,
return getNewBlueGreenObject(newObject, GREEN_LABEL_VALUE) nextLabel: string,
serviceEntityList: any[]
) {
for (const serviceObject of serviceEntityList) {
// route trafficsplit to given label
await createTrafficSplitObject(
kubectl,
serviceObject.metadata.name,
nextLabel
);
}
} }
export async function validateTrafficSplitsState( export async function validateTrafficSplitsState(
kubectl: Kubectl, kubectl: Kubectl,
serviceEntityList: any[] serviceEntityList: any[]
): Promise<boolean> { ): Promise<boolean> {
let trafficSplitsInRightState: boolean = true let trafficSplitsInRightState: boolean = true;
for (const serviceObject of serviceEntityList) { for (const serviceObject of serviceEntityList) {
const name = serviceObject.metadata.name const name = serviceObject.metadata.name;
let trafficSplitObject = await fetchResource( let trafficSplitObject = await fetchResource(
kubectl, kubectl,
TRAFFIC_SPLIT_OBJECT, TRAFFIC_SPLIT_OBJECT,
getBlueGreenResourceName(name, TRAFFIC_SPLIT_OBJECT_NAME_SUFFIX), getBlueGreenResourceName(name, TRAFFIC_SPLIT_OBJECT_NAME_SUFFIX)
serviceObject?.metadata?.namespace );
)
core.debug( if (!trafficSplitObject) {
`ts object extracted was ${JSON.stringify(trafficSplitObject)}` // no traffic split exits
) trafficSplitsInRightState = false;
if (!trafficSplitObject) { }
core.debug(`no traffic split exits for ${name}`)
trafficSplitsInRightState = false trafficSplitObject = JSON.parse(JSON.stringify(trafficSplitObject));
continue trafficSplitObject.spec.backends.forEach((element) => {
// checking if trafficsplit in right state to deploy
if (element.service === getBlueGreenResourceName(name, GREEN_SUFFIX)) {
if (element.weight != MAX_VAL) trafficSplitsInRightState = false;
} }
trafficSplitObject.spec.backends.forEach((element) => { if (element.service === getBlueGreenResourceName(name, STABLE_SUFFIX)) {
// checking if trafficsplit in right state to deploy if (element.weight != MIN_VAL) trafficSplitsInRightState = false;
if (element.service === getBlueGreenResourceName(name, GREEN_SUFFIX)) { }
trafficSplitsInRightState = });
trafficSplitsInRightState && element.weight == MAX_VAL }
}
if ( return trafficSplitsInRightState;
element.service === getBlueGreenResourceName(name, STABLE_SUFFIX)
) {
trafficSplitsInRightState =
trafficSplitsInRightState && element.weight == MIN_VAL
}
})
}
return trafficSplitsInRightState
} }
export async function cleanupSMI( export async function cleanupSMI(kubectl: Kubectl, serviceEntityList: any[]) {
kubectl: Kubectl, const deleteList = [];
serviceEntityList: any[],
timeout?: string
): Promise<K8sDeleteObject[]> {
const deleteList: K8sDeleteObject[] = []
serviceEntityList.forEach((serviceObject) => { serviceEntityList.forEach((serviceObject) => {
deleteList.push({ deleteList.push({
name: getBlueGreenResourceName( name: getBlueGreenResourceName(
serviceObject.metadata.name, serviceObject.metadata.name,
GREEN_SUFFIX TRAFFIC_SPLIT_OBJECT_NAME_SUFFIX
), ),
kind: serviceObject.kind, kind: TRAFFIC_SPLIT_OBJECT,
namespace: serviceObject?.metadata?.namespace });
})
})
// delete all objects deleteList.push({
await deleteObjects(kubectl, deleteList, timeout) name: getBlueGreenResourceName(serviceObject.metadata.name, GREEN_SUFFIX),
kind: serviceObject.kind,
});
return deleteList deleteList.push({
name: getBlueGreenResourceName(
serviceObject.metadata.name,
STABLE_SUFFIX
),
kind: serviceObject.kind,
});
});
// delete all objects
await deleteObjects(kubectl, deleteList);
} }
src/strategyHelpers/canary/canaryHelper.ts
+134 -184
View File
@@ -1,246 +1,196 @@
import {Kubectl} from '../../types/kubectl.js' import { Kubectl } from "../../types/kubectl";
import * as fs from 'fs' import * as fs from "fs";
import * as yaml from 'js-yaml' import * as yaml from "js-yaml";
import * as core from '@actions/core' import * as core from "@actions/core";
import {ExecOutput} from '@actions/exec'
import { import {
isDeploymentEntity, isDeploymentEntity,
isServiceEntity, isServiceEntity,
KubernetesWorkload KubernetesWorkload,
} from '../../types/kubernetesTypes.js' } from "../../types/kubernetesTypes";
import * as utils from '../../utilities/manifestUpdateUtils.js' import * as utils from "../../utilities/manifestUpdateUtils";
import { import {
updateObjectAnnotations, updateObjectAnnotations,
updateObjectLabels, updateObjectLabels,
updateSelectorLabels updateSelectorLabels,
} from '../../utilities/manifestUpdateUtils.js' } from "../../utilities/manifestUpdateUtils";
import {updateSpecLabels} from '../../utilities/manifestSpecLabelUtils.js' import { updateSpecLabels } from "../../utilities/manifestSpecLabelUtils";
import {checkForErrors} from '../../utilities/kubectlUtils.js' import { checkForErrors } from "../../utilities/kubectlUtils";
export const CANARY_VERSION_LABEL = 'workflow/version' export const CANARY_VERSION_LABEL = "workflow/version";
const BASELINE_SUFFIX = '-baseline' const BASELINE_SUFFIX = "-baseline";
export const BASELINE_LABEL_VALUE = 'baseline' export const BASELINE_LABEL_VALUE = "baseline";
const CANARY_SUFFIX = '-canary' const CANARY_SUFFIX = "-canary";
export const CANARY_LABEL_VALUE = 'canary' export const CANARY_LABEL_VALUE = "canary";
export const STABLE_SUFFIX = '-stable' export const STABLE_SUFFIX = "-stable";
export const STABLE_LABEL_VALUE = 'stable' export const STABLE_LABEL_VALUE = "stable";
export async function deleteCanaryDeployment( export async function deleteCanaryDeployment(
kubectl: Kubectl, kubectl: Kubectl,
manifestFilePaths: string[], manifestFilePaths: string[],
includeServices: boolean, includeServices: boolean
timeout?: string ) {
): Promise<string[]> { if (manifestFilePaths == null || manifestFilePaths.length == 0) {
if (manifestFilePaths == null || manifestFilePaths.length == 0) { throw new Error("Manifest file not found");
throw new Error('Manifest files for deleting canary deployment not found') }
}
const deletedFiles = await cleanUpCanary( await cleanUpCanary(kubectl, manifestFilePaths, includeServices);
kubectl,
manifestFilePaths,
includeServices,
timeout
)
return deletedFiles
} }
export function markResourceAsStable(inputObject: any): object { export function markResourceAsStable(inputObject: any): object {
if (isResourceMarkedAsStable(inputObject)) { if (isResourceMarkedAsStable(inputObject)) {
return inputObject return inputObject;
} }
const newObject = JSON.parse(JSON.stringify(inputObject)) const newObject = JSON.parse(JSON.stringify(inputObject));
addCanaryLabelsAndAnnotations(newObject, STABLE_LABEL_VALUE) addCanaryLabelsAndAnnotations(newObject, STABLE_LABEL_VALUE);
return newObject return newObject;
} }
export function isResourceMarkedAsStable(inputObject: any): boolean { export function isResourceMarkedAsStable(inputObject: any): boolean {
return ( return (
inputObject?.metadata?.labels[CANARY_VERSION_LABEL] === STABLE_LABEL_VALUE inputObject?.metadata?.labels[CANARY_VERSION_LABEL] === STABLE_LABEL_VALUE
) );
} }
export function getStableResource(inputObject: any): object { export function getStableResource(inputObject: any): object {
const replicaCount = specContainsReplicas(inputObject.kind) const replicaCount = specContainsReplicas(inputObject.kind)
? inputObject.spec.replicas ? inputObject.metadata.replicas
: 0 : 0;
return getNewCanaryObject(inputObject, replicaCount, STABLE_LABEL_VALUE) return getNewCanaryObject(inputObject, replicaCount, STABLE_LABEL_VALUE);
} }
export function getNewBaselineResource( export function getNewBaselineResource(
stableObject: any, stableObject: any,
replicas?: number replicas?: number
): object { ): object {
return getNewCanaryObject(stableObject, replicas, BASELINE_LABEL_VALUE) return getNewCanaryObject(stableObject, replicas, BASELINE_LABEL_VALUE);
} }
export function getNewCanaryResource( export function getNewCanaryResource(
inputObject: any, inputObject: any,
replicas?: number replicas?: number
): object { ): object {
return getNewCanaryObject(inputObject, replicas, CANARY_LABEL_VALUE) return getNewCanaryObject(inputObject, replicas, CANARY_LABEL_VALUE);
} }
export async function fetchResource( export async function fetchResource(
kubectl: Kubectl, kubectl: Kubectl,
kind: string, kind: string,
name: string name: string
) { ) {
let result: ExecOutput const result = await kubectl.getResource(kind, name);
try {
result = await kubectl.getResource(kind, name)
} catch (e) {
core.debug(`detected error while fetching resources: ${e}`)
}
if (!result || result?.stderr) { if (!result || result?.stderr) {
return null return null;
} }
if (result.stdout) { if (result.stdout) {
const resource = JSON.parse(result.stdout) const resource = JSON.parse(result.stdout);
try { try {
utils.UnsetClusterSpecificDetails(resource) utils.UnsetClusterSpecificDetails(resource);
return resource return resource;
} catch (ex) { } catch (ex) {
core.debug( core.debug(
`Exception occurred while parsing ${resource} in JSON object: ${ex}` `Exception occurred while Parsing ${resource} in JSON object: ${ex}`
) );
} }
} }
} }
export function getCanaryResourceName(name: string) { export function getCanaryResourceName(name: string) {
return name + CANARY_SUFFIX return name + CANARY_SUFFIX;
} }
export function getBaselineResourceName(name: string) { export function getBaselineResourceName(name: string) {
return name + BASELINE_SUFFIX return name + BASELINE_SUFFIX;
} }
export function getStableResourceName(name: string) { export function getStableResourceName(name: string) {
return name + STABLE_SUFFIX return name + STABLE_SUFFIX;
}
export function getBaselineDeploymentFromStableDeployment(
inputObject: any,
replicaCount: number
): object {
// TODO: REFACTOR TO MAKE EVERYTHING TYPE SAFE
const oldName = inputObject.metadata.name
const newName =
oldName.substring(0, oldName.length - STABLE_SUFFIX.length) +
BASELINE_SUFFIX
const newObject = getNewCanaryObject(
inputObject,
replicaCount,
BASELINE_LABEL_VALUE
) as any
newObject.metadata.name = newName
return newObject
} }
function getNewCanaryObject( function getNewCanaryObject(
inputObject: any, inputObject: any,
replicas: number, replicas: number,
type: string type: string
): object { ): object {
const newObject = JSON.parse(JSON.stringify(inputObject)) const newObject = JSON.parse(JSON.stringify(inputObject));
// Updating name // Updating name
if (type === CANARY_LABEL_VALUE) { if (type === CANARY_LABEL_VALUE) {
newObject.metadata.name = getCanaryResourceName(inputObject.metadata.name) newObject.metadata.name = getCanaryResourceName(inputObject.metadata.name);
} else if (type === STABLE_LABEL_VALUE) { } else if (type === STABLE_LABEL_VALUE) {
newObject.metadata.name = getStableResourceName(inputObject.metadata.name) newObject.metadata.name = getStableResourceName(inputObject.metadata.name);
} else { } else {
newObject.metadata.name = getBaselineResourceName( newObject.metadata.name = getBaselineResourceName(
inputObject.metadata.name inputObject.metadata.name
) );
} }
addCanaryLabelsAndAnnotations(newObject, type) addCanaryLabelsAndAnnotations(newObject, type);
if (specContainsReplicas(newObject.kind)) { if (specContainsReplicas(newObject.kind)) {
newObject.spec.replicas = replicas newObject.spec.replicas = replicas;
} }
return newObject return newObject;
} }
function specContainsReplicas(kind: string) { function specContainsReplicas(kind: string) {
return ( return (
kind.toLowerCase() !== KubernetesWorkload.POD.toLowerCase() && kind.toLowerCase() !== KubernetesWorkload.POD.toLowerCase() &&
kind.toLowerCase() !== KubernetesWorkload.DAEMON_SET.toLowerCase() && kind.toLowerCase() !== KubernetesWorkload.DAEMON_SET.toLowerCase() &&
!isServiceEntity(kind) !isServiceEntity(kind)
) );
} }
function addCanaryLabelsAndAnnotations(inputObject: any, type: string) { function addCanaryLabelsAndAnnotations(inputObject: any, type: string) {
const newLabels = new Map<string, string>() const newLabels = new Map<string, string>();
newLabels[CANARY_VERSION_LABEL] = type newLabels[CANARY_VERSION_LABEL] = type;
updateObjectLabels(inputObject, newLabels, false) updateObjectLabels(inputObject, newLabels, false);
updateObjectAnnotations(inputObject, newLabels, false) updateObjectAnnotations(inputObject, newLabels, false);
updateSelectorLabels(inputObject, newLabels, false) updateSelectorLabels(inputObject, newLabels, false);
if (!isServiceEntity(inputObject.kind)) { if (!isServiceEntity(inputObject.kind)) {
updateSpecLabels(inputObject, newLabels, false) updateSpecLabels(inputObject, newLabels, false);
} }
} }
async function cleanUpCanary( async function cleanUpCanary(
kubectl: Kubectl, kubectl: Kubectl,
files: string[], files: string[],
includeServices: boolean, includeServices: boolean
timeout?: string ) {
): Promise<string[]> { const deleteObject = async function (kind, name) {
const deleteObject = async function ( try {
kind: string, const result = await kubectl.delete([kind, name]);
name: string, checkForErrors([result]);
namespace: string | undefined } catch (ex) {
) { // Ignore failures of delete if it doesn't exist
try { }
const result = await kubectl.delete([kind, name], namespace, timeout) };
checkForErrors([result])
} catch (ex) { for (const filePath of files) {
// Ignore failures of delete if it doesn't exist const fileContents = fs.readFileSync(filePath).toString();
const parsedYaml = yaml.safeLoadAll(fileContents);
for (const inputObject of parsedYaml) {
const name = inputObject.metadata.name;
const kind = inputObject.kind;
if (
isDeploymentEntity(kind) ||
(includeServices && isServiceEntity(kind))
) {
const canaryObjectName = getCanaryResourceName(name);
const baselineObjectName = getBaselineResourceName(name);
await deleteObject(kind, canaryObjectName);
await deleteObject(kind, baselineObjectName);
} }
} }
}
const deletedFiles: string[] = []
for (const filePath of files) {
try {
const fileContents = fs.readFileSync(filePath).toString()
const parsedYaml: any[] = yaml.loadAll(fileContents)
for (const inputObject of parsedYaml) {
const name = inputObject.metadata.name
const kind = inputObject.kind
const namespace: string | undefined =
inputObject?.metadata?.namespace
if (
isDeploymentEntity(kind) ||
(includeServices && isServiceEntity(kind))
) {
deletedFiles.push(filePath)
const canaryObjectName = getCanaryResourceName(name)
const baselineObjectName = getBaselineResourceName(name)
await deleteObject(kind, canaryObjectName, namespace)
await deleteObject(kind, baselineObjectName, namespace)
}
}
} catch (error) {
core.error(`Failed to process file ${filePath}: ${error.message}`)
throw error
}
}
return deletedFiles
} }
src/strategyHelpers/canary/podCanaryHelper.test.ts
-288
View File
@@ -1,288 +0,0 @@
import {vi} from 'vitest'
import type {MockInstance} from 'vitest'
vi.mock('@actions/core')
import * as core from '@actions/core'
import {Kubectl} from '../../types/kubectl.js'
import {
deployPodCanary,
calculateReplicaCountForCanary
} from './podCanaryHelper.js'
vi.mock('../../types/kubectl')
const kc = new Kubectl('')
// Shared mock objects following DRY principle
const mockSuccessResult = {
stdout: 'deployment.apps/nginx-deployment created',
stderr: '',
exitCode: 0
}
const mockFailureResult = {
stdout: '',
stderr: 'error: deployment failed',
exitCode: 1
}
// Use existing test manifest files
const testManifestFiles = ['test/unit/manifests/basic-test.yml']
// Test constants
const VALID_PERCENTAGE = 50
const INVALID_LOW_PERCENTAGE = -10
const INVALID_HIGH_PERCENTAGE = 150
const MIN_PERCENTAGE = 0
const MAX_PERCENTAGE = 100
const TIMEOUT_300S = '300s'
describe('Pod Canary Helper tests', () => {
let mockFilePaths: string[]
let kubectlApplySpy: MockInstance
beforeEach(() => {
vi.mocked(Kubectl).mockClear()
vi.restoreAllMocks()
mockFilePaths = testManifestFiles
kubectlApplySpy = vi.spyOn(kc, 'apply')
// Mock core.getInput with default values
vi.spyOn(core, 'getInput').mockImplementation((name: string) => {
switch (name) {
case 'percentage':
return VALID_PERCENTAGE.toString()
case 'force':
return 'false'
case 'server-side':
return 'false'
default:
return ''
}
})
})
afterEach(() => {
vi.restoreAllMocks()
kubectlApplySpy.mockClear()
})
describe('deployPodCanary', () => {
test('should deploy canary successfully when kubectl apply succeeds', async () => {
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
const result = await deployPodCanary(mockFilePaths, kc, false)
expect(result.execResult).toEqual(mockSuccessResult)
expect(result.manifestFiles).toBeDefined()
expect(kubectlApplySpy).toHaveBeenCalled()
})
test('should throw error when kubectl apply fails', async () => {
kubectlApplySpy.mockResolvedValue(mockFailureResult)
await expect(
deployPodCanary(mockFilePaths, kc, false)
).rejects.toThrow()
expect(kubectlApplySpy).toHaveBeenCalledTimes(1)
})
test('should deploy stable only when onlyDeployStable is true', async () => {
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
const result = await deployPodCanary(mockFilePaths, kc, true)
expect(result.execResult).toEqual(mockSuccessResult)
expect(kubectlApplySpy).toHaveBeenCalled()
})
test('should handle timeout parameter', async () => {
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
const result = await deployPodCanary(
mockFilePaths,
kc,
false,
TIMEOUT_300S
)
expect(result.execResult).toEqual(mockSuccessResult)
expect(kubectlApplySpy).toHaveBeenCalledWith(
expect.any(Array),
false,
false,
TIMEOUT_300S
)
})
test('should throw error for invalid low percentage', async () => {
vi.spyOn(core, 'getInput').mockImplementation((name: string) => {
if (name === 'percentage') return INVALID_LOW_PERCENTAGE.toString()
return ''
})
await expect(
deployPodCanary(mockFilePaths, kc, false)
).rejects.toThrow(
`Percentage must be between ${MIN_PERCENTAGE} and ${MAX_PERCENTAGE}`
)
})
test('should throw error for invalid high percentage', async () => {
vi.spyOn(core, 'getInput').mockImplementation((name: string) => {
if (name === 'percentage') return INVALID_HIGH_PERCENTAGE.toString()
return ''
})
await expect(
deployPodCanary(mockFilePaths, kc, false)
).rejects.toThrow(
`Percentage must be between ${MIN_PERCENTAGE} and ${MAX_PERCENTAGE}`
)
})
test('should handle valid edge case percentages', async () => {
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
// Test minimum valid percentage
vi.spyOn(core, 'getInput').mockImplementation((name: string) => {
if (name === 'percentage') return MIN_PERCENTAGE.toString()
return ''
})
const resultMin = await deployPodCanary(mockFilePaths, kc, false)
expect(resultMin.execResult).toEqual(mockSuccessResult)
// Test maximum valid percentage
vi.spyOn(core, 'getInput').mockImplementation((name: string) => {
if (name === 'percentage') return MAX_PERCENTAGE.toString()
return ''
})
const resultMax = await deployPodCanary(mockFilePaths, kc, false)
expect(resultMax.execResult).toEqual(mockSuccessResult)
})
test('should handle force deployment option', async () => {
vi.spyOn(core, 'getInput').mockImplementation((name: string) => {
switch (name) {
case 'percentage':
return VALID_PERCENTAGE.toString()
case 'force':
return 'true'
default:
return ''
}
})
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
const result = await deployPodCanary(mockFilePaths, kc, false)
expect(result.execResult).toEqual(mockSuccessResult)
expect(kubectlApplySpy).toHaveBeenCalledWith(
expect.any(Array),
true, // force should be true
false,
undefined
)
})
test('should handle server-side apply option', async () => {
vi.spyOn(core, 'getInput').mockImplementation((name: string) => {
switch (name) {
case 'percentage':
return VALID_PERCENTAGE.toString()
case 'server-side':
return 'true'
default:
return ''
}
})
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
const result = await deployPodCanary(mockFilePaths, kc, false)
expect(result.execResult).toEqual(mockSuccessResult)
expect(kubectlApplySpy).toHaveBeenCalledWith(
expect.any(Array),
false,
true, // server-side should be true
undefined
)
})
})
describe('calculateReplicaCountForCanary', () => {
test('should calculate correct replica count for given percentage', () => {
const mockObject = {
kind: 'Deployment',
metadata: {
name: 'test-deployment'
},
spec: {
replicas: 10
}
}
// 50% of 10 replicas = 5
const result50 = calculateReplicaCountForCanary(mockObject, 50)
expect(result50).toBe(5)
// 25% of 10 replicas = 2.5, rounded to 3
const result25 = calculateReplicaCountForCanary(mockObject, 25)
expect(result25).toBe(3)
// 10% of 10 replicas = 1
const result10 = calculateReplicaCountForCanary(mockObject, 10)
expect(result10).toBe(1)
})
test('should return minimum 1 replica even for very low percentages', () => {
const mockObject = {
kind: 'Deployment',
metadata: {
name: 'test-deployment'
},
spec: {
replicas: 2
}
}
// 1% of 2 replicas = 0.02, but should return minimum 1
const result = calculateReplicaCountForCanary(mockObject, 1)
expect(result).toBe(1)
})
test('should handle 100% percentage correctly', () => {
const mockObject = {
kind: 'Deployment',
metadata: {
name: 'test-deployment'
},
spec: {
replicas: 5
}
}
const result = calculateReplicaCountForCanary(mockObject, 100)
expect(result).toBe(5)
})
test('should handle 0% percentage correctly', () => {
const mockObject = {
kind: 'Deployment',
metadata: {
name: 'test-deployment'
},
spec: {
replicas: 10
}
}
// 0% should still return minimum 1 replica
const result = calculateReplicaCountForCanary(mockObject, 0)
expect(result).toBe(1)
})
})
})
src/strategyHelpers/canary/podCanaryHelper.ts
+77 -105
View File
@@ -1,118 +1,90 @@
import {Kubectl} from '../../types/kubectl.js' import { Kubectl } from "../../types/kubectl";
import * as core from '@actions/core' import * as core from "@actions/core";
import * as fs from 'fs' import * as fs from "fs";
import * as yaml from 'js-yaml' import * as yaml from "js-yaml";
import * as fileHelper from '../../utilities/fileUtils.js' import * as fileHelper from "../../utilities/fileUtils";
import * as canaryDeploymentHelper from './canaryHelper.js' import * as canaryDeploymentHelper from "./canaryHelper";
import {isDeploymentEntity} from '../../types/kubernetesTypes.js' import { isDeploymentEntity } from "../../types/kubernetesTypes";
import {getReplicaCount} from '../../utilities/manifestUpdateUtils.js' import { getReplicaCount } from "../../utilities/manifestUpdateUtils";
import {DeployResult} from '../../types/deployResult.js'
import {K8sObject} from '../../types/k8sObject.js'
import {checkForErrors} from '../../utilities/kubectlUtils.js'
export async function deployPodCanary( export async function deployPodCanary(filePaths: string[], kubectl: Kubectl) {
filePaths: string[], const newObjectsList = [];
kubectl: Kubectl, const percentage = parseInt(core.getInput("percentage"));
onlyDeployStable: boolean = false,
timeout?: string
): Promise<DeployResult> {
const newObjectsList = []
const percentage = parseInt(core.getInput('percentage', {required: true}))
if (percentage < 0 || percentage > 100) if (percentage < 0 || percentage > 100)
throw Error('Percentage must be between 0 and 100') throw Error("Percentage must be between 0 and 100");
for (const filePath of filePaths) { for (const filePath of filePaths) {
try { const fileContents = fs.readFileSync(filePath).toString();
const fileContents = fs.readFileSync(filePath, 'utf8') const parsedYaml = yaml.safeLoadAll(fileContents);
const parsedYaml = yaml.loadAll(fileContents) for (const inputObject of parsedYaml) {
for (const inputObject of parsedYaml) { const name = inputObject.metadata.name;
if ( const kind = inputObject.kind;
inputObject &&
typeof inputObject === 'object' &&
'metadata' in inputObject &&
'kind' in inputObject &&
'spec' in inputObject &&
typeof inputObject.metadata === 'object' &&
'name' in inputObject.metadata &&
typeof inputObject.metadata.name === 'string' &&
typeof inputObject.kind === 'string'
) {
const obj = inputObject as K8sObject
const name = obj.metadata.name
const kind = obj.kind
if (!onlyDeployStable && isDeploymentEntity(kind)) { if (isDeploymentEntity(kind)) {
core.debug('Calculating replica count for canary') core.debug("Calculating replica count for canary");
const canaryReplicaCount = calculateReplicaCountForCanary( const canaryReplicaCount = calculateReplicaCountForCanary(
obj, inputObject,
percentage percentage
) );
core.debug('Replica count is ' + canaryReplicaCount) core.debug("Replica count is " + canaryReplicaCount);
const newCanaryObject = // Get stable object
canaryDeploymentHelper.getNewCanaryResource( core.debug("Querying stable object");
obj, const stableObject = await canaryDeploymentHelper.fetchResource(
canaryReplicaCount kubectl,
) kind,
newObjectsList.push(newCanaryObject) name
);
// if there's already a stable object, deploy baseline as well if (!stableObject) {
const stableObject = core.debug("Stable object not found. Creating canary object");
await canaryDeploymentHelper.fetchResource( const newCanaryObject = canaryDeploymentHelper.getNewCanaryResource(
kubectl, inputObject,
kind, canaryReplicaCount
name );
) newObjectsList.push(newCanaryObject);
if (stableObject) { } else {
core.debug( core.debug(
`Stable object found for ${kind} ${name}. Creating baseline objects` "Creating canary and baseline objects. Stable object found: " +
) JSON.stringify(stableObject)
const newBaselineObject = );
canaryDeploymentHelper.getNewBaselineResource(
stableObject, const newCanaryObject = canaryDeploymentHelper.getNewCanaryResource(
canaryReplicaCount inputObject,
) canaryReplicaCount
core.debug( );
'New baseline object: ' + core.debug("New canary object: " + JSON.stringify(newCanaryObject));
JSON.stringify(newBaselineObject)
) const newBaselineObject =
newObjectsList.push(newBaselineObject) canaryDeploymentHelper.getNewBaselineResource(
} stableObject,
} else { canaryReplicaCount
// deploy non deployment entity or regular deployments for promote as they are );
newObjectsList.push(obj) core.debug(
} "New baseline object: " + JSON.stringify(newBaselineObject)
} );
}
} catch (error) { newObjectsList.push(newCanaryObject);
core.error( newObjectsList.push(newBaselineObject);
`Failed to parse YAML file at ${filePath}: ${error.message}` }
) } else {
throw error // update non deployment entity as it is
newObjectsList.push(inputObject);
} }
} }
}
core.debug('New objects list: ' + JSON.stringify(newObjectsList)) core.debug("New objects list: " + JSON.stringify(newObjectsList));
const manifestFiles = fileHelper.writeObjectsToFile(newObjectsList) const manifestFiles = fileHelper.writeObjectsToFile(newObjectsList);
const forceDeployment = core.getInput('force').toLowerCase() === 'true' const forceDeployment = core.getInput("force").toLowerCase() === "true";
const serverSideApply = core.getInput('server-side').toLowerCase() === 'true'
const execResult = await kubectl.apply( const result = await kubectl.apply(manifestFiles, forceDeployment);
manifestFiles, return { result, newFilePaths: manifestFiles };
forceDeployment,
serverSideApply,
timeout
)
checkForErrors([execResult])
return {execResult, manifestFiles}
} }
export function calculateReplicaCountForCanary( function calculateReplicaCountForCanary(inputObject: any, percentage: number) {
inputObject: any, const inputReplicaCount = getReplicaCount(inputObject);
percentage: number return Math.round((inputReplicaCount * percentage) / 100);
) {
const inputReplicaCount = getReplicaCount(inputObject)
return Math.max(1, Math.round((inputReplicaCount * percentage) / 100))
} }
src/strategyHelpers/canary/smiCanaryHelper.test.ts
-223
View File
@@ -1,223 +0,0 @@
import {vi} from 'vitest'
import type {MockInstance} from 'vitest'
vi.mock('@actions/core', async (importOriginal) => {
const actual: any = await importOriginal()
return {
...actual,
getInput: vi.fn().mockReturnValue(''),
debug: vi.fn(),
info: vi.fn(),
warning: vi.fn(),
error: vi.fn(),
setFailed: vi.fn(),
setOutput: vi.fn(),
group: vi
.fn()
.mockImplementation(
async (_name: string, fn: () => Promise<void>) => await fn()
)
}
})
import * as core from '@actions/core'
import * as fs from 'fs'
import {Kubectl} from '../../types/kubectl.js'
import {
deploySMICanary,
redirectTrafficToCanaryDeployment,
redirectTrafficToStableDeployment
} from './smiCanaryHelper.js'
vi.mock('../../types/kubectl')
const kc = new Kubectl('')
// Shared mock objects following DRY principle
const mockSuccessResult = {
stdout: 'deployment.apps/nginx-deployment created',
stderr: '',
exitCode: 0
}
const mockFailureResult = {
stdout: '',
stderr: 'error: deployment failed',
exitCode: 1
}
const mockExecuteCommandResult = {
stdout: 'split.smi-spec.io/v1alpha1\nsplit.smi-spec.io/v1alpha2',
stderr: '',
exitCode: 0
}
// Use existing test manifest files
const testManifestFiles = ['test/unit/manifests/basic-test.yml']
// Test constants
const VALID_REPLICA_COUNT = 5
const TIMEOUT_300S = '300s'
const TIMEOUT_240S = '240s'
describe('SMI Canary Helper tests', () => {
let mockFilePaths: string[]
let kubectlApplySpy: MockInstance
let kubectlExecuteCommandSpy: MockInstance
beforeEach(() => {
vi.mocked(Kubectl).mockClear()
vi.restoreAllMocks()
mockFilePaths = testManifestFiles
kubectlApplySpy = vi.spyOn(kc, 'apply')
kubectlExecuteCommandSpy = vi
.spyOn(kc, 'executeCommand')
.mockResolvedValue(mockExecuteCommandResult)
// Mock core.getInput with default values
vi.spyOn(core, 'getInput').mockImplementation((name: string) => {
switch (name) {
case 'percentage':
return '50'
case 'baseline-and-canary-replicas':
return ''
case 'force':
return 'false'
case 'server-side':
return 'false'
default:
return ''
}
})
})
afterEach(() => {
vi.restoreAllMocks()
kubectlApplySpy.mockClear()
})
describe('deploySMICanary', () => {
test('should deploy canary successfully when kubectl apply succeeds', async () => {
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
const result = await deploySMICanary(mockFilePaths, kc, false)
expect(result.execResult).toEqual(mockSuccessResult)
expect(result.manifestFiles).toBeDefined()
expect(kubectlApplySpy).toHaveBeenCalled()
})
test('should throw error when kubectl apply fails', async () => {
kubectlApplySpy.mockResolvedValue(mockFailureResult)
await expect(
deploySMICanary(mockFilePaths, kc, false)
).rejects.toThrow()
expect(kubectlApplySpy).toHaveBeenCalledTimes(2)
})
test('should deploy stable only when onlyDeployStable is true', async () => {
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
const result = await deploySMICanary(mockFilePaths, kc, true)
expect(result.execResult).toEqual(mockSuccessResult)
expect(kubectlApplySpy).toHaveBeenCalled()
})
test('should handle custom replica count from input', async () => {
vi.spyOn(core, 'getInput').mockImplementation((name: string) => {
switch (name) {
case 'baseline-and-canary-replicas':
return VALID_REPLICA_COUNT.toString()
case 'percentage':
return '50'
default:
return ''
}
})
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
const result = await deploySMICanary(mockFilePaths, kc, false)
expect(result.execResult).toEqual(mockSuccessResult)
})
})
describe('redirectTrafficToCanaryDeployment', () => {
test('should redirect traffic to canary deployment successfully', async () => {
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
await redirectTrafficToCanaryDeployment(kc, mockFilePaths)
expect(kubectlApplySpy).toHaveBeenCalled()
})
test('should handle timeout parameter', async () => {
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
await redirectTrafficToCanaryDeployment(
kc,
mockFilePaths,
TIMEOUT_300S
)
expect(kubectlApplySpy).toHaveBeenCalledWith(
expect.any(Array),
false,
false,
TIMEOUT_300S
)
})
test('should throw error when kubectl apply fails', async () => {
kubectlApplySpy.mockResolvedValue(mockFailureResult)
await expect(
redirectTrafficToCanaryDeployment(kc, mockFilePaths)
).rejects.toThrow()
expect(kubectlApplySpy).toHaveBeenCalledTimes(1)
})
})
describe('redirectTrafficToStableDeployment', () => {
test('should redirect traffic to stable deployment successfully', async () => {
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
const result = await redirectTrafficToStableDeployment(
kc,
mockFilePaths
)
expect(result).toBeDefined()
expect(kubectlApplySpy).toHaveBeenCalled()
})
test('should handle timeout parameter', async () => {
kubectlApplySpy.mockResolvedValue(mockSuccessResult)
const result = await redirectTrafficToStableDeployment(
kc,
mockFilePaths,
TIMEOUT_240S
)
expect(result).toBeDefined()
expect(kubectlApplySpy).toHaveBeenCalledWith(
expect.any(Array),
false,
false,
TIMEOUT_240S
)
})
test('should throw error when kubectl apply fails during traffic redirect to stable', async () => {
kubectlApplySpy.mockResolvedValue(mockFailureResult)
await expect(
redirectTrafficToStableDeployment(kc, mockFilePaths)
).rejects.toThrow()
expect(kubectlApplySpy).toHaveBeenCalledTimes(1)
})
})
})
src/strategyHelpers/canary/smiCanaryHelper.ts
+258 -359
View File
@@ -1,420 +1,319 @@
import {Kubectl} from '../../types/kubectl.js' import { Kubectl } from "../../types/kubectl";
import * as core from '@actions/core' import * as core from "@actions/core";
import * as fs from 'fs' import * as fs from "fs";
import * as yaml from 'js-yaml' import * as yaml from "js-yaml";
import * as fileHelper from '../../utilities/fileUtils.js' import * as fileHelper from "../../utilities/fileUtils";
import * as kubectlUtils from '../../utilities/trafficSplitUtils.js' import * as kubectlUtils from "../../utilities/trafficSplitUtils";
import * as canaryDeploymentHelper from './canaryHelper.js' import * as canaryDeploymentHelper from "./canaryHelper";
import * as podCanaryHelper from './podCanaryHelper.js'
import { import {
isDeploymentEntity, isDeploymentEntity,
isServiceEntity isServiceEntity,
} from '../../types/kubernetesTypes.js' } from "../../types/kubernetesTypes";
import {checkForErrors} from '../../utilities/kubectlUtils.js' import { checkForErrors } from "../../utilities/kubectlUtils";
import {inputAnnotations} from '../../inputUtils.js'
import {DeployResult} from '../../types/deployResult.js'
import {K8sObject} from '../../types/k8sObject.js'
const TRAFFIC_SPLIT_OBJECT_NAME_SUFFIX = '-workflow-rollout' const TRAFFIC_SPLIT_OBJECT_NAME_SUFFIX = "-workflow-rollout";
const TRAFFIC_SPLIT_OBJECT = 'TrafficSplit' const TRAFFIC_SPLIT_OBJECT = "TrafficSplit";
export async function deploySMICanary( export async function deploySMICanary(filePaths: string[], kubectl: Kubectl) {
filePaths: string[], const canaryReplicaCount = parseInt(
kubectl: Kubectl, core.getInput("baseline-and-canary-replicas")
onlyDeployStable: boolean = false, );
timeout?: string if (canaryReplicaCount < 0 || canaryReplicaCount > 100)
): Promise<DeployResult> { throw Error("Baseline-and-canary-replicas must be between 0 and 100");
const canaryReplicasInput = core.getInput('baseline-and-canary-replicas')
let canaryReplicaCount
let calculateReplicas = true
if (canaryReplicasInput !== '') {
canaryReplicaCount = parseInt(canaryReplicasInput)
calculateReplicas = false
core.debug(
`read replica count ${canaryReplicaCount} from input: ${canaryReplicasInput}`
)
}
if (canaryReplicaCount < 0 && canaryReplicaCount > 100) const newObjectsList = [];
throw Error('Baseline-and-canary-replicas must be between 0 and 100') filePaths.forEach((filePath: string) => {
const fileContents = fs.readFileSync(filePath).toString();
yaml.safeLoadAll(fileContents, (inputObject) => {
const name = inputObject.metadata.name;
const kind = inputObject.kind;
const newObjectsList = [] if (isDeploymentEntity(kind)) {
for await (const filePath of filePaths) { const stableObject = canaryDeploymentHelper.fetchResource(
try { kubectl,
const fileContents = fs.readFileSync(filePath).toString() kind,
const inputObjects: K8sObject[] = yaml.loadAll( name
fileContents );
) as K8sObject[]
for (const inputObject of inputObjects) {
const name = inputObject.metadata.name
const kind = inputObject.kind
if (!onlyDeployStable && isDeploymentEntity(kind)) { if (!stableObject) {
if (calculateReplicas) { core.debug("Stable object not found. Creating only canary object");
// calculate for each object const newCanaryObject = canaryDeploymentHelper.getNewCanaryResource(
const percentage = parseInt( inputObject,
core.getInput('percentage', {required: true}) canaryReplicaCount
) );
canaryReplicaCount = newObjectsList.push(newCanaryObject);
podCanaryHelper.calculateReplicaCountForCanary( } else {
inputObject, if (!canaryDeploymentHelper.isResourceMarkedAsStable(stableObject)) {
percentage throw Error(`StableSpecSelectorNotExist : ${name}`);
) }
core.debug(`calculated replica count ${canaryReplicaCount}`)
}
core.debug('Creating canary object') core.debug(
const newCanaryObject = "Stable object found. Creating canary and baseline objects"
canaryDeploymentHelper.getNewCanaryResource( );
inputObject, const newCanaryObject = canaryDeploymentHelper.getNewCanaryResource(
canaryReplicaCount inputObject,
) canaryReplicaCount
newObjectsList.push(newCanaryObject) );
const newBaselineObject =
const stableObject = await canaryDeploymentHelper.fetchResource( canaryDeploymentHelper.getNewBaselineResource(
kubectl, stableObject,
kind, canaryReplicaCount
canaryDeploymentHelper.getStableResourceName(name) );
) newObjectsList.push(newCanaryObject);
if (stableObject) { newObjectsList.push(newBaselineObject);
core.debug( }
`Stable object found for ${kind} ${name}. Creating baseline objects` } else {
) // Update non deployment entity as it is
const newBaselineObject = newObjectsList.push(inputObject);
canaryDeploymentHelper.getBaselineDeploymentFromStableDeployment(
stableObject,
canaryReplicaCount
)
newObjectsList.push(newBaselineObject)
}
} else if (isDeploymentEntity(kind)) {
core.debug(
`creating stable deployment with ${inputObject.spec.replicas} replicas`
)
const stableDeployment =
canaryDeploymentHelper.getStableResource(inputObject)
newObjectsList.push(stableDeployment)
} else {
// Update non deployment entity or stable deployment as it is
newObjectsList.push(inputObject)
}
}
} catch (error) {
core.error(`Failed to process file at ${filePath}: ${error.message}`)
throw error
} }
} });
core.debug( });
`deploying canary objects with SMI: \n ${JSON.stringify(newObjectsList)}`
)
const newFilePaths = fileHelper.writeObjectsToFile(newObjectsList)
const forceDeployment = core.getInput('force').toLowerCase() === 'true'
const serverSideApply = core.getInput('server-side').toLowerCase() === 'true'
const result = await kubectl.apply( const newFilePaths = fileHelper.writeObjectsToFile(newObjectsList);
newFilePaths, const forceDeployment = core.getInput("force").toLowerCase() === "true";
forceDeployment, const result = await kubectl.apply(newFilePaths, forceDeployment);
serverSideApply, await createCanaryService(kubectl, filePaths);
timeout return { result, newFilePaths };
)
const svcDeploymentFiles = await createCanaryService(
kubectl,
filePaths,
timeout
)
checkForErrors([result])
newFilePaths.push(...svcDeploymentFiles)
return {execResult: result, manifestFiles: newFilePaths}
} }
async function createCanaryService( async function createCanaryService(kubectl: Kubectl, filePaths: string[]) {
kubectl: Kubectl, const newObjectsList = [];
filePaths: string[], const trafficObjectsList = [];
timeout?: string
): Promise<string[]> {
const newObjectsList = []
const trafficObjectsList: string[] = []
for (const filePath of filePaths) { for (const filePath of filePaths) {
try { const fileContents = fs.readFileSync(filePath).toString();
const fileContents = fs.readFileSync(filePath).toString() const parsedYaml = yaml.safeLoadAll(fileContents);
const parsedYaml: K8sObject[] = yaml.loadAll( for (const inputObject of parsedYaml) {
fileContents const name = inputObject.metadata.name;
) as K8sObject[] const kind = inputObject.kind;
for (const inputObject of parsedYaml) { if (isServiceEntity(kind)) {
const name = inputObject.metadata.name const newCanaryServiceObject =
const kind = inputObject.kind canaryDeploymentHelper.getNewCanaryResource(inputObject);
newObjectsList.push(newCanaryServiceObject);
if (isServiceEntity(kind)) { const newBaselineServiceObject =
core.debug(`Creating services for ${kind} ${name}`) canaryDeploymentHelper.getNewBaselineResource(inputObject);
const newCanaryServiceObject = newObjectsList.push(newBaselineServiceObject);
canaryDeploymentHelper.getNewCanaryResource(inputObject)
newObjectsList.push(newCanaryServiceObject)
const newBaselineServiceObject = const stableObject = await canaryDeploymentHelper.fetchResource(
canaryDeploymentHelper.getNewBaselineResource(inputObject) kubectl,
newObjectsList.push(newBaselineServiceObject) kind,
canaryDeploymentHelper.getStableResourceName(name)
);
if (!stableObject) {
const newStableServiceObject =
canaryDeploymentHelper.getStableResource(inputObject);
newObjectsList.push(newStableServiceObject);
const stableObject = await canaryDeploymentHelper.fetchResource( core.debug("Creating the traffic object for service: " + name);
kubectl, const trafficObject = await createTrafficSplitManifestFile(
kind, kubectl,
canaryDeploymentHelper.getStableResourceName(name) name,
) 0,
if (!stableObject) { 0,
const newStableServiceObject = 1000
canaryDeploymentHelper.getStableResource(inputObject) );
newObjectsList.push(newStableServiceObject)
core.debug('Creating the traffic object for service: ' + name) trafficObjectsList.push(trafficObject);
const trafficObject = await createTrafficSplitManifestFile( } else {
kubectl, let updateTrafficObject = true;
name, const trafficObject = await canaryDeploymentHelper.fetchResource(
0, kubectl,
0, TRAFFIC_SPLIT_OBJECT,
1000, getTrafficSplitResourceName(name)
timeout );
)
trafficObjectsList.push(trafficObject) if (trafficObject) {
} else { const trafficJObject = JSON.parse(JSON.stringify(trafficObject));
let updateTrafficObject = true if (trafficJObject?.spec?.backends) {
const trafficObject = trafficJObject.spec.backends.forEach((s) => {
await canaryDeploymentHelper.fetchResource( if (
kubectl, s.service ===
TRAFFIC_SPLIT_OBJECT, canaryDeploymentHelper.getCanaryResourceName(name) &&
getTrafficSplitResourceName(name) s.weight === "1000m"
) ) {
core.debug("Update traffic objcet not required");
if (trafficObject) { updateTrafficObject = false;
const trafficJObject = JSON.parse( }
JSON.stringify(trafficObject) });
)
if (trafficJObject?.spec?.backends) {
trafficJObject.spec.backends.forEach((s) => {
if (
s.service ===
canaryDeploymentHelper.getCanaryResourceName(
name
) &&
s.weight === '1000m'
) {
core.debug('Update traffic objcet not required')
updateTrafficObject = false
}
})
}
}
if (updateTrafficObject) {
core.debug(
'Stable service object present so updating the traffic object for service: ' +
name
)
trafficObjectsList.push(
await updateTrafficSplitObject(kubectl, name)
)
}
}
} }
} }
} catch (error) {
core.error(`Failed to process file at ${filePath}: ${error.message}`) if (updateTrafficObject) {
throw error core.debug(
"Stable service object present so updating the traffic object for service: " +
name
);
trafficObjectsList.push(updateTrafficSplitObject(kubectl, name));
}
}
} }
} }
}
const manifestFiles = fileHelper.writeObjectsToFile(newObjectsList) const manifestFiles = fileHelper.writeObjectsToFile(newObjectsList);
manifestFiles.push(...trafficObjectsList) manifestFiles.push(...trafficObjectsList);
const forceDeployment = core.getInput('force').toLowerCase() === 'true' const forceDeployment = core.getInput("force").toLowerCase() === "true";
const serverSideApply = core.getInput('server-side').toLowerCase() === 'true'
const result = await kubectl.apply( const result = await kubectl.apply(manifestFiles, forceDeployment);
manifestFiles, checkForErrors([result]);
forceDeployment,
serverSideApply,
timeout
)
checkForErrors([result])
return manifestFiles
} }
export async function redirectTrafficToCanaryDeployment( export async function redirectTrafficToCanaryDeployment(
kubectl: Kubectl, kubectl: Kubectl,
manifestFilePaths: string[], manifestFilePaths: string[]
timeout?: string
) { ) {
await adjustTraffic(kubectl, manifestFilePaths, 0, 1000, timeout) await adjustTraffic(kubectl, manifestFilePaths, 0, 1000);
} }
export async function redirectTrafficToStableDeployment( export async function redirectTrafficToStableDeployment(
kubectl: Kubectl, kubectl: Kubectl,
manifestFilePaths: string[], manifestFilePaths: string[]
timeout?: string ) {
): Promise<string[]> { await adjustTraffic(kubectl, manifestFilePaths, 1000, 0);
return await adjustTraffic(kubectl, manifestFilePaths, 1000, 0, timeout)
} }
async function adjustTraffic( async function adjustTraffic(
kubectl: Kubectl, kubectl: Kubectl,
manifestFilePaths: string[], manifestFilePaths: string[],
stableWeight: number, stableWeight: number,
canaryWeight: number, canaryWeight: number
timeout?: string
) { ) {
if (!manifestFilePaths || manifestFilePaths?.length == 0) { if (!manifestFilePaths || manifestFilePaths?.length == 0) {
return return;
} }
const trafficSplitManifests = [] const trafficSplitManifests = [];
for (const filePath of manifestFilePaths) { for (const filePath of manifestFilePaths) {
try { const fileContents = fs.readFileSync(filePath).toString();
const fileContents = fs.readFileSync(filePath).toString() const parsedYaml = yaml.safeLoadAll(fileContents);
const parsedYaml: K8sObject[] = yaml.loadAll( for (const inputObject of parsedYaml) {
fileContents const name = inputObject.metadata.name;
) as K8sObject[] const kind = inputObject.kind;
for (const inputObject of parsedYaml) { if (isServiceEntity(kind)) {
const name = inputObject.metadata.name trafficSplitManifests.push(
const kind = inputObject.kind await createTrafficSplitManifestFile(
kubectl,
if (isServiceEntity(kind)) { name,
trafficSplitManifests.push( stableWeight,
await createTrafficSplitManifestFile( 0,
kubectl, canaryWeight
name, )
stableWeight, );
0,
canaryWeight,
timeout
)
)
}
}
} catch (error) {
core.error(`Failed to process file at ${filePath}: ${error.message}`)
throw error
} }
} }
}
if (trafficSplitManifests.length <= 0) { if (trafficSplitManifests.length <= 0) {
return return;
} }
const forceDeployment = core.getInput('force').toLowerCase() === 'true' const forceDeployment = core.getInput("force").toLowerCase() === "true";
const serverSideApply = core.getInput('server-side').toLowerCase() === 'true' const result = await kubectl.apply(trafficSplitManifests, forceDeployment);
const result = await kubectl.apply( checkForErrors([result]);
trafficSplitManifests,
forceDeployment,
serverSideApply,
timeout
)
checkForErrors([result])
return trafficSplitManifests
} }
async function updateTrafficSplitObject( async function updateTrafficSplitObject(
kubectl: Kubectl, kubectl: Kubectl,
serviceName: string serviceName: string
): Promise<string> { ): Promise<string> {
const percentage = parseInt(core.getInput('percentage', {required: true})) const percentage = parseInt(core.getInput("percentage"));
if (percentage < 0 || percentage > 100) if (percentage < 0 || percentage > 100)
throw Error('Percentage must be between 0 and 100') throw Error("Percentage must be between 0 and 100");
const percentageWithMuliplier = percentage * 10 const percentageWithMuliplier = percentage * 10;
const baselineAndCanaryWeight = percentageWithMuliplier / 2 const baselineAndCanaryWeight = percentageWithMuliplier / 2;
const stableDeploymentWeight = 1000 - percentageWithMuliplier const stableDeploymentWeight = 1000 - percentageWithMuliplier;
core.debug( core.debug(
'Creating the traffic object with canary weight: ' + "Creating the traffic object with canary weight: " +
baselineAndCanaryWeight + baselineAndCanaryWeight +
', baseline weight: ' + ",baseling weight: " +
baselineAndCanaryWeight + baselineAndCanaryWeight +
', stable weight: ' + ",stable: " +
stableDeploymentWeight stableDeploymentWeight
) );
return await createTrafficSplitManifestFile( return await createTrafficSplitManifestFile(
kubectl, kubectl,
serviceName, serviceName,
stableDeploymentWeight, stableDeploymentWeight,
baselineAndCanaryWeight, baselineAndCanaryWeight,
baselineAndCanaryWeight baselineAndCanaryWeight
) );
} }
async function createTrafficSplitManifestFile( async function createTrafficSplitManifestFile(
kubectl: Kubectl, kubectl: Kubectl,
serviceName: string, serviceName: string,
stableWeight: number, stableWeight: number,
baselineWeight: number, baselineWeight: number,
canaryWeight: number, canaryWeight: number
timeout?: string
): Promise<string> { ): Promise<string> {
const smiObjectString = await getTrafficSplitObject( const smiObjectString = await getTrafficSplitObject(
kubectl, kubectl,
serviceName, serviceName,
stableWeight, stableWeight,
baselineWeight, baselineWeight,
canaryWeight, canaryWeight
timeout );
) const manifestFile = fileHelper.writeManifestToFile(
const manifestFile = fileHelper.writeManifestToFile( smiObjectString,
smiObjectString, TRAFFIC_SPLIT_OBJECT,
TRAFFIC_SPLIT_OBJECT, serviceName
serviceName );
)
if (!manifestFile) { if (!manifestFile) {
throw new Error('Unable to create traffic split manifest file') throw new Error("Unable to create traffic split manifest file");
} }
return manifestFile return manifestFile;
} }
let trafficSplitAPIVersion = '' let trafficSplitAPIVersion = "";
async function getTrafficSplitObject( async function getTrafficSplitObject(
kubectl: Kubectl, kubectl: Kubectl,
name: string, name: string,
stableWeight: number, stableWeight: number,
baselineWeight: number, baselineWeight: number,
canaryWeight: number, canaryWeight: number
timeout?: string
): Promise<string> { ): Promise<string> {
// cached version // cached version
if (!trafficSplitAPIVersion) { if (!trafficSplitAPIVersion) {
trafficSplitAPIVersion = trafficSplitAPIVersion = await kubectlUtils.getTrafficSplitAPIVersion(
await kubectlUtils.getTrafficSplitAPIVersion(kubectl) kubectl
} );
}
return JSON.stringify({ return JSON.stringify({
apiVersion: trafficSplitAPIVersion, apiVersion: trafficSplitAPIVersion,
kind: 'TrafficSplit', kind: "TrafficSplit",
metadata: { metadata: {
name: getTrafficSplitResourceName(name), name: getTrafficSplitResourceName(name),
annotations: inputAnnotations },
}, spec: {
spec: { backends: [
backends: [ {
{ service: canaryDeploymentHelper.getStableResourceName(name),
service: canaryDeploymentHelper.getStableResourceName(name), weight: stableWeight,
weight: stableWeight },
}, {
{ service: canaryDeploymentHelper.getBaselineResourceName(name),
service: canaryDeploymentHelper.getBaselineResourceName(name), weight: baselineWeight,
weight: baselineWeight },
}, {
{ service: canaryDeploymentHelper.getCanaryResourceName(name),
service: canaryDeploymentHelper.getCanaryResourceName(name), weight: canaryWeight,
weight: canaryWeight },
} ],
], service: name,
service: name },
} });
})
} }
function getTrafficSplitResourceName(name: string) { function getTrafficSplitResourceName(name: string) {
return name + TRAFFIC_SPLIT_OBJECT_NAME_SUFFIX return name + TRAFFIC_SPLIT_OBJECT_NAME_SUFFIX;
} }
src/strategyHelpers/deploymentHelper.ts
+174 -269
View File
@@ -1,313 +1,218 @@
import * as fs from 'fs' import * as fs from "fs";
import * as yaml from 'js-yaml' import * as yaml from "js-yaml";
import * as canaryDeploymentHelper from './canary/canaryHelper.js' import * as canaryDeploymentHelper from "./canary/canaryHelper";
import * as models from '../types/kubernetesTypes.js' import * as models from "../types/kubernetesTypes";
import {isDeploymentEntity} from '../types/kubernetesTypes.js' import { isDeploymentEntity } from "../types/kubernetesTypes";
import * as fileHelper from '../utilities/fileUtils.js' import * as fileHelper from "../utilities/fileUtils";
import * as KubernetesManifestUtility from '../utilities/manifestStabilityUtils.js' import * as KubernetesManifestUtility from "../utilities/manifestStabilityUtils";
import {Kubectl, Resource} from '../types/kubectl.js' import { Kubectl, Resource } from "../types/kubectl";
import {deployPodCanary} from './canary/podCanaryHelper.js' import { deployPodCanary } from "./canary/podCanaryHelper";
import {deploySMICanary} from './canary/smiCanaryHelper.js' import { deploySMICanary } from "./canary/smiCanaryHelper";
import {DeploymentConfig} from '../types/deploymentConfig.js' import { DeploymentConfig } from "../types/deploymentConfig";
import {deployBlueGreen} from './blueGreen/deploy.js' import { deployBlueGreenService } from "./blueGreen/serviceBlueGreenHelper";
import {DeploymentStrategy} from '../types/deploymentStrategy.js' import { deployBlueGreenIngress } from "./blueGreen/ingressBlueGreenHelper";
import * as core from '@actions/core' import { deployBlueGreenSMI } from "./blueGreen/smiBlueGreenHelper";
import { DeploymentStrategy } from "../types/deploymentStrategy";
import * as core from "@actions/core";
import { import {
parseTrafficSplitMethod, parseTrafficSplitMethod,
TrafficSplitMethod TrafficSplitMethod,
} from '../types/trafficSplitMethod.js' } from "../types/trafficSplitMethod";
import {parseRouteStrategy} from '../types/routeStrategy.js' import { parseRouteStrategy, RouteStrategy } from "../types/routeStrategy";
import {ExecOutput} from '@actions/exec' import { ExecOutput } from "@actions/exec";
import { import {
getWorkflowAnnotationKeyLabel, getWorkflowAnnotationKeyLabel,
getWorkflowAnnotations, getWorkflowAnnotations,
cleanLabel } from "../utilities/workflowAnnotationUtils";
} from '../utilities/workflowAnnotationUtils.js'
import { import {
annotateChildPods, annotateChildPods,
checkForErrors, checkForErrors,
getLastSuccessfulRunSha getLastSuccessfulRunSha,
} from '../utilities/kubectlUtils.js' } from "../utilities/kubectlUtils";
import { import {
getWorkflowFilePath, getWorkflowFilePath,
normalizeWorkflowStrLabel normalizeWorkflowStrLabel,
} from '../utilities/githubUtils.js' } from "../utilities/githubUtils";
import {getDeploymentConfig} from '../utilities/dockerUtils.js' import { getDeploymentConfig } from "../utilities/dockerUtils";
import {DeployResult} from '../types/deployResult.js'
import {ClusterType} from '../inputUtils.js'
export async function deployManifests( export async function deployManifests(
files: string[], files: string[],
deploymentStrategy: DeploymentStrategy, deploymentStrategy: DeploymentStrategy,
kubectl: Kubectl, kubectl: Kubectl,
trafficSplitMethod: TrafficSplitMethod, trafficSplitMethod: TrafficSplitMethod
timeout?: string
): Promise<string[]> { ): Promise<string[]> {
switch (deploymentStrategy) { switch (deploymentStrategy) {
case DeploymentStrategy.CANARY: { case DeploymentStrategy.CANARY: {
const canaryDeployResult: DeployResult = const { result, newFilePaths } =
trafficSplitMethod == TrafficSplitMethod.SMI trafficSplitMethod == TrafficSplitMethod.SMI
? await deploySMICanary(files, kubectl, false, timeout) ? await deploySMICanary(files, kubectl)
: await deployPodCanary(files, kubectl, false, timeout) : await deployPodCanary(files, kubectl);
checkForErrors([canaryDeployResult.execResult]) checkForErrors([result]);
return canaryDeployResult.manifestFiles return newFilePaths;
}
case DeploymentStrategy.BLUE_GREEN: {
const routeStrategy = parseRouteStrategy(
core.getInput("route-method", { required: true })
);
const { result, newFilePaths } = await Promise.resolve(
(routeStrategy == RouteStrategy.INGRESS &&
deployBlueGreenIngress(kubectl, files)) ||
(routeStrategy == RouteStrategy.SMI &&
deployBlueGreenSMI(kubectl, files)) ||
deployBlueGreenService(kubectl, files)
);
checkForErrors([result]);
return newFilePaths;
}
case undefined: {
core.warning("Deployment strategy is not recognized.");
}
default: {
const trafficSplitMethod = parseTrafficSplitMethod(
core.getInput("traffic-split-method", { required: true })
);
const forceDeployment = core.getInput("force").toLowerCase() === "true";
if (trafficSplitMethod === TrafficSplitMethod.SMI) {
const updatedManifests = appendStableVersionLabelToResource(files);
const result = await kubectl.apply(updatedManifests, forceDeployment);
checkForErrors([result]);
} else {
const result = await kubectl.apply(files, forceDeployment);
checkForErrors([result]);
} }
case DeploymentStrategy.BLUE_GREEN: { return files;
const routeStrategy = parseRouteStrategy( }
core.getInput('route-method', {required: true}) }
)
const blueGreenDeployment = await deployBlueGreen(
kubectl,
files,
routeStrategy,
timeout
)
core.debug(
`objects deployed for ${routeStrategy}: ${JSON.stringify(
blueGreenDeployment.objects
)} `
)
checkForErrors([blueGreenDeployment.deployResult.execResult])
const deployedManifestFiles =
blueGreenDeployment.deployResult.manifestFiles
core.debug(
`from blue-green service, deployed manifest files are ${deployedManifestFiles}`
)
return deployedManifestFiles
}
case DeploymentStrategy.BASIC: {
const trafficSplitMethod = parseTrafficSplitMethod(
core.getInput('traffic-split-method', {required: true})
)
const forceDeployment = core.getInput('force').toLowerCase() === 'true'
const serverSideApply =
core.getInput('server-side').toLowerCase() === 'true'
if (trafficSplitMethod === TrafficSplitMethod.SMI) {
const updatedManifests = appendStableVersionLabelToResource(files)
const result = await kubectl.apply(
updatedManifests,
forceDeployment,
serverSideApply,
timeout
)
checkForErrors([result])
} else {
const result = await kubectl.apply(
files,
forceDeployment,
serverSideApply,
timeout
)
checkForErrors([result])
}
return files
}
default: {
throw new Error('Deployment strategy is not recognized.')
}
}
} }
function appendStableVersionLabelToResource(files: string[]): string[] { function appendStableVersionLabelToResource(files: string[]): string[] {
const manifestFiles = [] const manifestFiles = [];
const newObjectsList = [] const newObjectsList = [];
files.forEach((filePath: string) => { files.forEach((filePath: string) => {
try { const fileContents = fs.readFileSync(filePath).toString();
const fileContents = fs.readFileSync(filePath).toString()
yaml.loadAll(fileContents, function (inputObject) { yaml.safeLoadAll(fileContents, function (inputObject) {
const kind = (inputObject as {kind: string}).kind const { kind } = inputObject;
if (isDeploymentEntity(kind)) { if (isDeploymentEntity(kind)) {
const updatedObject = const updatedObject =
canaryDeploymentHelper.markResourceAsStable(inputObject) canaryDeploymentHelper.markResourceAsStable(inputObject);
newObjectsList.push(updatedObject) newObjectsList.push(updatedObject);
} else { } else {
manifestFiles.push(filePath) manifestFiles.push(filePath);
}
})
} catch (error) {
core.error(`Failed to parse file at ${filePath}: ${error.message}`)
throw error
} }
}) });
});
const updatedManifestFiles = fileHelper.writeObjectsToFile(newObjectsList) const updatedManifestFiles = fileHelper.writeObjectsToFile(newObjectsList);
manifestFiles.push(...updatedManifestFiles) manifestFiles.push(...updatedManifestFiles);
return manifestFiles return manifestFiles;
} }
export async function checkManifestStability( export async function checkManifestStability(
kubectl: Kubectl, kubectl: Kubectl,
resources: Resource[], resources: Resource[]
resourceType: ClusterType,
timeout?: string
): Promise<void> { ): Promise<void> {
await KubernetesManifestUtility.checkManifestStability( await KubernetesManifestUtility.checkManifestStability(kubectl, resources);
kubectl,
resources,
resourceType,
timeout
)
} }
export async function annotateAndLabelResources( export async function annotateAndLabelResources(
files: string[], files: string[],
kubectl: Kubectl, kubectl: Kubectl,
resourceTypes: Resource[] resourceTypes: Resource[],
allPods: any
) { ) {
const defaultWorkflowFileName = 'k8s-deploy-failed-workflow-annotation' const githubToken = core.getInput("token");
const githubToken = core.getInput('token') const workflowFilePath = await getWorkflowFilePath(githubToken);
let workflowFilePath
try {
workflowFilePath = await getWorkflowFilePath(githubToken)
} catch (ex) {
core.warning(`Failed to extract workflow file name: ${ex}`)
workflowFilePath = defaultWorkflowFileName
}
const deploymentConfig = await getDeploymentConfig() const deploymentConfig = await getDeploymentConfig();
const annotationKeyLabel = getWorkflowAnnotationKeyLabel() const annotationKeyLabel = getWorkflowAnnotationKeyLabel(workflowFilePath);
const shouldAnnotateResources = !( await annotateResources(
core.getInput('annotate-resources').toLowerCase() === 'false' files,
) kubectl,
resourceTypes,
if (shouldAnnotateResources) { allPods,
await annotateResources( annotationKeyLabel,
files, workflowFilePath,
kubectl, deploymentConfig
resourceTypes, );
annotationKeyLabel, await labelResources(files, kubectl, annotationKeyLabel);
workflowFilePath,
deploymentConfig
).catch((err) => core.warning(`Failed to annotate resources: ${err} `))
}
await labelResources(files, kubectl, annotationKeyLabel).catch((err) =>
core.warning(`Failed to label resources: ${err}`)
)
} }
async function annotateResources( async function annotateResources(
files: string[], files: string[],
kubectl: Kubectl, kubectl: Kubectl,
resourceTypes: Resource[], resourceTypes: Resource[],
annotationKey: string, allPods: any,
workflowFilePath: string, annotationKey: string,
deploymentConfig: DeploymentConfig workflowFilePath: string,
deploymentConfig: DeploymentConfig
) { ) {
const annotateResults: ExecOutput[] = [] const annotateResults: ExecOutput[] = [];
const namespace = core.getInput('namespace') || '' // Sets namespace to an empty string if not provided, allowing the manifest-defined namespace to take precedence instead of "default". const namespace = core.getInput("namespace") || "default";
const lastSuccessSha = await getLastSuccessfulRunSha( const lastSuccessSha = await getLastSuccessfulRunSha(
kubectl, kubectl,
namespace, namespace,
annotationKey annotationKey
) );
if (core.isDebug()) { const annotationKeyValStr = `${annotationKey}=${getWorkflowAnnotations(
try { lastSuccessSha,
core.debug(`files getting annotated are ${JSON.stringify(files)}`) workflowFilePath,
for (const filePath of files) { deploymentConfig
core.debug('printing objects getting annotated...') )}`;
const fileContents = fs.readFileSync(filePath).toString()
const inputObjects = yaml.loadAll(fileContents)
for (const inputObject of inputObjects) {
core.debug(`object: ${JSON.stringify(inputObject)}`)
}
}
} catch (error) {
core.error(`Failed to load and parse files: ${error.message}`)
throw error
}
}
const annotationKeyValStr = `${annotationKey}=${getWorkflowAnnotations( const annotateNamespace = !(core.getInput("annotate-namespace").toLowerCase() === "false");
lastSuccessSha, if (annotateNamespace) {
workflowFilePath, annotateResults.push(
deploymentConfig await kubectl.annotate("namespace", namespace, annotationKeyValStr)
)}` );
}
annotateResults.push(await kubectl.annotateFiles(files, annotationKeyValStr));
const annotateNamespace = !( for (const resource of resourceTypes) {
namespace === '' || if (
core.getInput('annotate-namespace').toLowerCase() === 'false' resource.type.toLowerCase() !==
) // If namespace is empty, we don't annotate it. If the input is false, we also don't annotate it. models.KubernetesWorkload.POD.toLowerCase()
) {
(
await annotateChildPods(
kubectl,
resource.type,
resource.name,
annotationKeyValStr,
allPods
)
).forEach((execResult) => annotateResults.push(execResult));
}
}
if (annotateNamespace) { checkForErrors(annotateResults, true);
annotateResults.push(
await kubectl.annotate(
'namespace',
namespace,
annotationKeyValStr,
namespace
)
)
}
for (const file of files) {
try {
const annotateResult = await kubectl.annotateFiles(
file,
annotationKeyValStr,
namespace
)
annotateResults.push(annotateResult)
} catch (e) {
core.warning(`failed to annotate resource: ${e}`)
}
}
for (const resource of resourceTypes) {
if (
resource.type.toLowerCase() !==
models.KubernetesWorkload.POD.toLowerCase()
) {
;(
await annotateChildPods(
kubectl,
resource.type,
resource.name,
resource.namespace,
annotationKeyValStr
)
).forEach((execResult) => annotateResults.push(execResult))
}
}
checkForErrors(annotateResults, true)
} }
async function labelResources( async function labelResources(
files: string[], files: string[],
kubectl: Kubectl, kubectl: Kubectl,
label: string label: string
) { ) {
const labels = [ const labels = [
`workflowFriendlyName=${cleanLabel( `workflowFriendlyName=${normalizeWorkflowStrLabel(
normalizeWorkflowStrLabel(process.env.GITHUB_WORKFLOW) process.env.GITHUB_WORKFLOW
)}`, )}`,
`workflow=${cleanLabel(label)}` `workflow=${label}`,
] ];
const labelResults = [] checkForErrors([await kubectl.labelFiles(files, labels)], true);
for (const file of files) {
try {
const labelResult = await kubectl.labelFiles(file, labels)
labelResults.push(labelResult)
} catch (e) {
core.warning(`failed to annotate resource: ${e}`)
}
}
checkForErrors(labelResults, true)
} }
src/types/action.test.ts
+19 -19
View File
@@ -1,22 +1,22 @@
import {Action, parseAction} from './action.js' import { Action, parseAction } from "./action";
describe('Action type', () => { describe("Action type", () => {
test('it has required values', () => { test("it has required values", () => {
const vals = <any>Object.values(Action) const vals = <any>Object.values(Action);
expect(vals.includes('deploy')).toBe(true) expect(vals.includes("deploy")).toBe(true);
expect(vals.includes('promote')).toBe(true) expect(vals.includes("promote")).toBe(true);
expect(vals.includes('reject')).toBe(true) expect(vals.includes("reject")).toBe(true);
}) });
test('it can parse valid values from a string', () => { test("it can parse valid values from a string", () => {
expect(parseAction('deploy')).toBe(Action.DEPLOY) expect(parseAction("deploy")).toBe(Action.DEPLOY);
expect(parseAction('Deploy')).toBe(Action.DEPLOY) expect(parseAction("Deploy")).toBe(Action.DEPLOY);
expect(parseAction('DEPLOY')).toBe(Action.DEPLOY) expect(parseAction("DEPLOY")).toBe(Action.DEPLOY);
expect(parseAction('deploY')).toBe(Action.DEPLOY) expect(parseAction("deploY")).toBe(Action.DEPLOY);
}) });
test("it will return undefined if it can't parse values from a string", () => { test("it will return undefined if it can't parse values from a string", () => {
expect(parseAction('invalid')).toBe(undefined) expect(parseAction("invalid")).toBe(undefined);
expect(parseAction('unsupportedType')).toBe(undefined) expect(parseAction("unsupportedType")).toBe(undefined);
}) });
}) });
src/types/action.ts
+8 -8
View File
@@ -1,7 +1,7 @@
export enum Action { export enum Action {
DEPLOY = 'deploy', DEPLOY = "deploy",
PROMOTE = 'promote', PROMOTE = "promote",
REJECT = 'reject' REJECT = "reject",
} }
/** /**
@@ -10,8 +10,8 @@ export enum Action {
* @returns The Action enum or undefined if it can't be parsed * @returns The Action enum or undefined if it can't be parsed
*/ */
export const parseAction = (str: string): Action | undefined => export const parseAction = (str: string): Action | undefined =>
Action[ Action[
Object.keys(Action).filter( Object.keys(Action).filter(
(k) => Action[k].toString().toLowerCase() === str.toLowerCase() (k) => Action[k].toString().toLowerCase() === str.toLowerCase()
)[0] as keyof typeof Action )[0] as keyof typeof Action
] ];
src/types/annotations.ts
-8
View File
@@ -1,8 +0,0 @@
export function parseAnnotations(str: string) {
if (str == '') {
return new Map<string, string>()
} else {
const annotation = JSON.parse(str)
return new Map<string, string>(annotation)
}
}
src/types/blueGreenTypes.ts
-21
View File
@@ -1,21 +0,0 @@
import {DeployResult} from './deployResult.js'
import {K8sObject, K8sDeleteObject} from './k8sObject.js'
export interface BlueGreenDeployment {
deployResult: DeployResult
objects: K8sObject[]
}
export interface BlueGreenManifests {
serviceEntityList: K8sObject[]
serviceNameMap: Map<string, string>
unroutedServiceEntityList: K8sObject[]
deploymentEntityList: K8sObject[]
ingressEntityList: K8sObject[]
otherObjects: K8sObject[]
}
export interface BlueGreenRejectResult {
deleteResult: K8sDeleteObject[]
routeResult: BlueGreenDeployment
}
src/types/deployResult.ts
-6
View File
@@ -1,6 +0,0 @@
import {ExecOutput} from '@actions/exec'
export interface DeployResult {
execResult: ExecOutput
manifestFiles: string[]
}
src/types/deploymentConfig.ts
+3 -3
View File
@@ -1,5 +1,5 @@
export interface DeploymentConfig { export interface DeploymentConfig {
manifestFilePaths: string[] manifestFilePaths: string[];
helmChartFilePaths: string[] helmChartFilePaths: string[];
dockerfilePaths: any dockerfilePaths: any;
} }
src/types/deploymentStrategy.test.ts
+24 -25
View File
@@ -1,28 +1,27 @@
import { import {
DeploymentStrategy, DeploymentStrategy,
parseDeploymentStrategy parseDeploymentStrategy,
} from './deploymentStrategy.js' } from "./deploymentStrategy";
describe('Deployment strategy type', () => { describe("Deployment strategy type", () => {
test('it has required values', () => { test("it has required values", () => {
const vals = <any>Object.values(DeploymentStrategy) const vals = <any>Object.values(DeploymentStrategy);
expect(vals.includes('canary')).toBe(true) expect(vals.includes("canary")).toBe(true);
expect(vals.includes('blue-green')).toBe(true) expect(vals.includes("blue-green")).toBe(true);
expect(vals.includes('basic')).toBe(true) });
})
test('it can parse valid values from a string', () => { test("it can parse valid values from a string", () => {
expect(parseDeploymentStrategy('blue-green')).toBe( expect(parseDeploymentStrategy("blue-green")).toBe(
DeploymentStrategy.BLUE_GREEN DeploymentStrategy.BLUE_GREEN
) );
expect(parseDeploymentStrategy('Blue-green')).toBe( expect(parseDeploymentStrategy("Blue-green")).toBe(
DeploymentStrategy.BLUE_GREEN DeploymentStrategy.BLUE_GREEN
) );
expect(parseDeploymentStrategy('BLUE-GREEN')).toBe( expect(parseDeploymentStrategy("BLUE-GREEN")).toBe(
DeploymentStrategy.BLUE_GREEN DeploymentStrategy.BLUE_GREEN
) );
expect(parseDeploymentStrategy('blue-greeN')).toBe( expect(parseDeploymentStrategy("blue-greeN")).toBe(
DeploymentStrategy.BLUE_GREEN DeploymentStrategy.BLUE_GREEN
) );
}) });
}) });
src/types/deploymentStrategy.ts
+9 -10
View File
@@ -1,7 +1,6 @@
export enum DeploymentStrategy { export enum DeploymentStrategy {
BASIC = 'basic', CANARY = "canary",
CANARY = 'canary', BLUE_GREEN = "blue-green",
BLUE_GREEN = 'blue-green'
} }
/** /**
@@ -10,11 +9,11 @@ export enum DeploymentStrategy {
* @returns The DeploymentStrategy enum or undefined if it can't be parsed * @returns The DeploymentStrategy enum or undefined if it can't be parsed
*/ */
export const parseDeploymentStrategy = ( export const parseDeploymentStrategy = (
str: string str: string
): DeploymentStrategy | undefined => ): DeploymentStrategy | undefined =>
DeploymentStrategy[ DeploymentStrategy[
Object.keys(DeploymentStrategy).filter( Object.keys(DeploymentStrategy).filter(
(k) => (k) =>
DeploymentStrategy[k].toString().toLowerCase() === str.toLowerCase() DeploymentStrategy[k].toString().toLowerCase() === str.toLowerCase()
)[0] as keyof typeof DeploymentStrategy )[0] as keyof typeof DeploymentStrategy
] ];
src/types/docker.test.ts
+82 -85
View File
@@ -1,101 +1,98 @@
import {vi} from 'vitest' import { DockerExec } from "./docker";
vi.mock('@actions/exec') import * as actions from "@actions/exec";
import {DockerExec} from './docker.js' const dockerPath = "dockerPath";
import * as actions from '@actions/exec' const image = "image";
const args = ["arg1", "arg2", "arg3"];
const dockerPath = 'dockerPath' describe("Docker class", () => {
const image = 'image' const docker = new DockerExec(dockerPath);
const args = ['arg1', 'arg2', 'arg3']
describe('Docker class', () => { describe("with a success exec return", () => {
const docker = new DockerExec(dockerPath) const execReturn = { exitCode: 0, stdout: "Output", stderr: "" };
describe('with a success exec return', () => { beforeEach(() => {
const execReturn = {exitCode: 0, stdout: 'Output', stderr: ''} jest.spyOn(actions, "getExecOutput").mockImplementation(async () => {
return execReturn;
});
});
beforeEach(() => { test("pulls an image", async () => {
vi.spyOn(actions, 'getExecOutput').mockImplementation(async () => { await docker.pull(image, args);
return execReturn expect(actions.getExecOutput).toBeCalledWith(
}) dockerPath,
}) ["pull", image, ...args],
{ silent: false }
);
});
test('pulls an image', async () => { test("pulls an image silently", async () => {
await docker.pull(image, args) await docker.pull(image, args, true);
expect(actions.getExecOutput).toHaveBeenCalledWith( expect(actions.getExecOutput).toBeCalledWith(
dockerPath, dockerPath,
['pull', image, ...args], ["pull", image, ...args],
{silent: false} { silent: true }
) );
}) });
test('pulls an image silently', async () => { test("inspects a docker image", async () => {
await docker.pull(image, args, true) const result = await docker.inspect(image, args);
expect(actions.getExecOutput).toHaveBeenCalledWith( expect(result).toBe(execReturn.stdout);
dockerPath, expect(actions.getExecOutput).toBeCalledWith(
['pull', image, ...args], dockerPath,
{silent: true} ["inspect", image, ...args],
) { silent: false }
}) );
});
test('inspects a docker image', async () => { test("inspects a docker image silently", async () => {
const result = await docker.inspect(image, args) const result = await docker.inspect(image, args, true);
expect(result).toBe(execReturn.stdout) expect(result).toBe(execReturn.stdout);
expect(actions.getExecOutput).toHaveBeenCalledWith( expect(actions.getExecOutput).toBeCalledWith(
dockerPath, dockerPath,
['inspect', image, ...args], ["inspect", image, ...args],
{silent: false} { silent: true }
) );
}) });
});
test('inspects a docker image silently', async () => { describe("with an unsuccessful exec return code", () => {
const result = await docker.inspect(image, args, true) const execReturn = { exitCode: 3, stdout: "", stderr: "" };
expect(result).toBe(execReturn.stdout)
expect(actions.getExecOutput).toHaveBeenCalledWith(
dockerPath,
['inspect', image, ...args],
{silent: true}
)
})
})
describe('with an unsuccessful exec return code', () => { beforeEach(() => {
const execReturn = {exitCode: 3, stdout: '', stderr: ''} jest.spyOn(actions, "getExecOutput").mockImplementation(async () => {
return execReturn;
});
});
beforeEach(() => { test("pulls an image", async () => {
vi.spyOn(actions, 'getExecOutput').mockImplementation(async () => { await expect(docker.pull(image, args)).rejects.toThrow();
return execReturn });
})
})
test('pulls an image', async () => { test("inspects a docker image", async () => {
await expect(docker.pull(image, args)).rejects.toThrow() const result = await expect(
}) docker.inspect(image, args)
).rejects.toThrow();
});
});
test('inspects a docker image', async () => { describe("with an unsuccessful exec return code", () => {
const result = await expect( const execReturn = { exitCode: 0, stdout: "", stderr: "Output" };
docker.inspect(image, args)
).rejects.toThrow()
})
})
describe('with an unsuccessful exec return code', () => { beforeEach(() => {
const execReturn = {exitCode: 0, stdout: '', stderr: 'Output'} jest.spyOn(actions, "getExecOutput").mockImplementation(async () => {
return execReturn;
});
});
beforeEach(() => { test("pulls an image", async () => {
vi.spyOn(actions, 'getExecOutput').mockImplementation(async () => { await expect(docker.pull(image, args)).rejects.toThrow();
return execReturn });
})
})
test('pulls an image', async () => { test("inspects a docker image", async () => {
await expect(docker.pull(image, args)).rejects.toThrow() const result = await expect(
}) docker.inspect(image, args)
).rejects.toThrow();
test('inspects a docker image', async () => { });
const result = await expect( });
docker.inspect(image, args) });
).rejects.toThrow()
})
})
})
src/types/docker.ts
+24 -24
View File
@@ -1,32 +1,32 @@
import {getExecOutput} from '@actions/exec' import { getExecOutput } from "@actions/exec";
export class DockerExec { export class DockerExec {
private readonly dockerPath: string private readonly dockerPath: string;
constructor(dockerPath: string) { constructor(dockerPath: string) {
this.dockerPath = dockerPath this.dockerPath = dockerPath;
} }
public async pull(image: string, args: string[], silent?: boolean) { public async pull(image: string, args: string[], silent?: boolean) {
const result = await this.execute(['pull', image, ...args], silent) const result = await this.execute(["pull", image, ...args], silent);
if (result.stderr != '' || result.exitCode != 0) { if (result.stderr != "" || result.exitCode != 0) {
throw new Error(`docker images pull failed: ${result.stderr}`) throw new Error(`docker images pull failed: ${result.stderr}`);
} }
} }
public async inspect( public async inspect(
image: string, image: string,
args: string[], args: string[],
silent: boolean = false silent: boolean = false
): Promise<string> { ): Promise<string> {
const result = await this.execute(['inspect', image, ...args], silent) const result = await this.execute(["inspect", image, ...args], silent);
if (result.stderr != '' || result.exitCode != 0) if (result.stderr != "" || result.exitCode != 0)
throw new Error(`docker inspect failed: ${result.stderr}`) throw new Error(`docker inspect failed: ${result.stderr}`);
return result.stdout return result.stdout;
} }
private async execute(args: string[], silent: boolean = false) { private async execute(args: string[], silent: boolean = false) {
return await getExecOutput(this.dockerPath, args, {silent}) return await getExecOutput(this.dockerPath, args, { silent });
} }
} }
src/types/errorable.ts
-48
View File
@@ -1,48 +0,0 @@
export interface Succeeded<T> {
readonly succeeded: true
readonly result: T
}
export interface Failed {
readonly succeeded: false
readonly error: string
}
export type Errorable<T> = Succeeded<T> | Failed
export function succeeded<T>(e: Errorable<T>): e is Succeeded<T> {
return e.succeeded
}
export function failed<T>(e: Errorable<T>): e is Failed {
return !e.succeeded
}
export function map<T, U>(e: Errorable<T>, fn: (t: T) => U): Errorable<U> {
if (failed(e)) {
return {succeeded: false, error: e.error}
}
return {succeeded: true, result: fn(e.result)}
}
export function combine<T>(es: Errorable<T>[]): Errorable<T[]> {
const failures = es.filter(failed)
if (failures.length > 0) {
return {
succeeded: false,
error: failures.map((f) => f.error).join('\n')
}
}
return {
succeeded: true,
result: es.map((e) => (e as Succeeded<T>).result)
}
}
export function getErrorMessage(error: unknown) {
if (error instanceof Error) {
return error.message
}
return String(error)
}
src/types/githubClient.ts
+29 -31
View File
@@ -1,40 +1,38 @@
import * as core from '@actions/core' import * as core from "@actions/core";
import {Octokit} from '@octokit/core' import { Octokit } from "@octokit/core";
import {Endpoints} from '@octokit/types' import { Endpoints } from "@octokit/types";
import {retry} from '@octokit/plugin-retry' import { retry } from "@octokit/plugin-retry";
export const OkStatusCode = 200 export const OkStatusCode = 200;
const RetryOctokit = Octokit.plugin(retry) const RetryOctokit = Octokit.plugin(retry);
const RETRY_COUNT = 5 const RETRY_COUNT = 5;
const requestUrl = 'GET /repos/{owner}/{repo}/actions/workflows' const requestUrl = "GET /repos/{owner}/{repo}/actions/workflows";
type responseType = type responseType =
Endpoints['GET /repos/{owner}/{repo}/actions/workflows']['response'] Endpoints["GET /repos/{owner}/{repo}/actions/workflows"]["response"];
export class GitHubClient { export class GitHubClient {
private readonly repository: string private readonly repository: string;
private readonly token: string private readonly token: string;
constructor(repository: string, token: string) { constructor(repository: string, token: string) {
this.repository = repository this.repository = repository;
this.token = token this.token = token;
} }
// prettier-ignore public async getWorkflows(): Promise<responseType> {
public async getWorkflows(): Promise<responseType> { const octokit = new RetryOctokit({
const octokit = new RetryOctokit({ auth: this.token,
auth: this.token, request: { retries: RETRY_COUNT },
request: {retries: RETRY_COUNT}, });
baseUrl: process.env["GITHUB_API_URL"] || "https://api.github.com", const [owner, repo] = this.repository.split("/");
core.debug(`Getting workflows for repo: ${this.repository}`);
return Promise.resolve(
await octokit.request(requestUrl, {
owner,
repo,
}) })
const [owner, repo] = this.repository.split('/') );
}
core.debug(`Getting workflows for repo: ${this.repository}`)
return Promise.resolve(
await octokit.request(requestUrl, {
owner,
repo
})
)
}
} }
src/types/k8sObject.ts
-59
View File
@@ -1,59 +0,0 @@
export interface K8sObject {
metadata: {
name: string
labels: Map<string, string>
namespace?: string
}
kind: string
spec: any
}
export interface K8sServiceObject extends K8sObject {
spec: {
selector: Map<string, string>
}
}
export interface K8sDeleteObject {
name: string
kind: string
namespace?: string
}
export interface K8sIngress extends K8sObject {
spec: {
rules: [
{
http: {
paths: [
{
backend: {
service: {
name: string
}
}
}
]
}
}
]
}
}
export interface TrafficSplitObject extends K8sObject {
apiVersion: string
metadata: {
name: string
labels: Map<string, string>
annotations: Map<string, string>
}
spec: {
service: string
backends: TrafficSplitBackend[]
}
}
export interface TrafficSplitBackend {
service: string
weight: number
}
src/types/kubectl.test.ts
+301 -698
View File
File diff suppressed because it is too large Load Diff
src/types/kubectl.ts
+140 -243
View File
@@ -1,271 +1,168 @@
import {ExecOutput, getExecOutput} from '@actions/exec' import { ExecOutput, getExecOutput } from "@actions/exec";
import {createInlineArray} from '../utilities/arrayUtils.js' import { createInlineArray } from "../utilities/arrayUtils";
import * as core from '@actions/core' import * as core from "@actions/core";
import * as toolCache from '@actions/tool-cache' import * as toolCache from "@actions/tool-cache";
import * as io from '@actions/io' import * as io from "@actions/io";
export interface Resource { export interface Resource {
name: string name: string;
type: string type: string;
namespace?: string
} }
export class Kubectl { export class Kubectl {
protected readonly kubectlPath: string private readonly kubectlPath: string;
protected readonly namespace: string private readonly namespace: string;
protected readonly ignoreSSLErrors: boolean private readonly ignoreSSLErrors: boolean;
protected readonly resourceGroup: string
protected readonly name: string
protected isPrivateCluster: boolean
constructor( constructor(
kubectlPath: string, kubectlPath: string,
namespace: string = '', namespace: string = "default",
ignoreSSLErrors: boolean = false, ignoreSSLErrors: boolean = false
resourceGroup: string = '', ) {
name: string = '' this.kubectlPath = kubectlPath;
) { this.ignoreSSLErrors = !!ignoreSSLErrors;
this.kubectlPath = kubectlPath this.namespace = namespace;
this.ignoreSSLErrors = !!ignoreSSLErrors }
this.namespace = namespace
this.resourceGroup = resourceGroup
this.name = name
}
public async apply( public async apply(
configurationPaths: string | string[], configurationPaths: string | string[],
force: boolean = false, force: boolean = false
serverSide: boolean = false, ): Promise<ExecOutput> {
timeout?: string try {
): Promise<ExecOutput> { if (!configurationPaths || configurationPaths?.length === 0)
try { throw Error("Configuration paths must exist");
if (!configurationPaths || configurationPaths?.length === 0)
throw Error('Configuration paths must exist')
const applyArgs: string[] = [ const applyArgs: string[] = [
'apply', "apply",
'-f', "-f",
createInlineArray(configurationPaths) createInlineArray(configurationPaths),
] ];
if (force) applyArgs.push('--force') if (force) applyArgs.push("--force");
if (serverSide) applyArgs.push('--server-side')
if (timeout) applyArgs.push(`--timeout=${timeout}`)
return await this.execute(applyArgs.concat(this.getFlags())) return await this.execute(applyArgs);
} catch (err) { } catch (err) {
core.debug('Kubectl apply failed:' + err) core.debug("Kubectl apply failed:" + err);
throw err }
} }
}
public async describe( public async describe(
resourceType: string, resourceType: string,
resourceName: string, resourceName: string,
silent: boolean = false, silent: boolean = false
namespace?: string ): Promise<ExecOutput> {
): Promise<ExecOutput> { return await this.execute(["describe", resourceType, resourceName], silent);
return await this.execute( }
['describe', resourceType, resourceName].concat(
this.getFlags(namespace)
),
silent
)
}
public async getNewReplicaSet(deployment: string, namespace?: string) { public async getNewReplicaSet(deployment: string) {
const result = await this.describe( const result = await this.describe("deployment", deployment, true);
'deployment',
deployment,
true,
namespace
)
let newReplicaSet = '' let newReplicaSet = "";
if (result?.stdout) { if (result?.stdout) {
const stdout = result.stdout.split('\n') const stdout = result.stdout.split("\n");
core.debug('stdout from getNewReplicaSet is ' + JSON.stringify(stdout)) stdout.forEach((line: string) => {
stdout.forEach((line: string) => { const newreplicaset = "newreplicaset";
const newreplicaset = 'newreplicaset' if (line && line.toLowerCase().indexOf(newreplicaset) > -1)
if (line && line.toLowerCase().indexOf(newreplicaset) > -1) { newReplicaSet = line
core.debug( .substring(newreplicaset.length)
`found string of interest for replicaset, line is ${line}` .trim()
) .split(" ")[0];
core.debug( });
`substring is ${line.substring(newreplicaset.length).trim()}` }
)
newReplicaSet = line
.substring(newreplicaset.length)
.trim()
.split(' ')[0]
}
})
}
return newReplicaSet return newReplicaSet;
} }
public async annotate( public async annotate(
resourceType: string, resourceType: string,
resourceName: string, resourceName: string,
annotation: string, annotation: string
namespace?: string ): Promise<ExecOutput> {
): Promise<ExecOutput> { const args = [
const args = [ "annotate",
'annotate', resourceType,
resourceType, resourceName,
resourceName, annotation,
annotation, "--overwrite",
'--overwrite' ];
].concat(this.getFlags(namespace)) return await this.execute(args);
return await this.execute(args) }
}
public async annotateFiles( public async annotateFiles(
files: string | string[], files: string | string[],
annotation: string, annotation: string
namespace?: string ): Promise<ExecOutput> {
): Promise<ExecOutput> { const args = [
const filesToAnnotate = createInlineArray(files) "annotate",
core.debug(`annotating ${filesToAnnotate} with annotation ${annotation}`) "-f",
const args = [ createInlineArray(files),
'annotate', annotation,
'-f', "--overwrite",
filesToAnnotate, ];
annotation, return await this.execute(args);
'--overwrite' }
].concat(this.getFlags(namespace))
return await this.execute(args)
}
public async labelFiles( public async labelFiles(
files: string | string[], files: string | string[],
labels: string[], labels: string[]
namespace?: string ): Promise<ExecOutput> {
): Promise<ExecOutput> { const args = [
const args = [ "label",
'label', "-f",
'-f', createInlineArray(files),
createInlineArray(files), ...labels,
...labels, "--overwrite",
'--overwrite' ];
].concat(this.getFlags(namespace)) return await this.execute(args);
return await this.execute(args) }
}
public async getAllPods(): Promise<ExecOutput> { public async getAllPods(): Promise<ExecOutput> {
return await this.execute( return await this.execute(["get", "pods", "-o", "json"], true);
['get', 'pods', '-o', 'json'].concat(this.getFlags()), }
true
)
}
public async checkRolloutStatus( public async checkRolloutStatus(
resourceType: string, resourceType: string,
name: string, name: string
namespace?: string, ): Promise<ExecOutput> {
timeout?: string return await this.execute(["rollout", "status", `${resourceType}/${name}`]);
): Promise<ExecOutput> { }
const command = ['rollout', 'status', `${resourceType}/${name}`].concat(
this.getFlags(namespace)
)
if (timeout) {
command.push(`--timeout=${timeout}`)
}
return await this.execute(command)
}
public async getResource( public async getResource(
resourceType: string, resourceType: string,
name: string, name: string
silentFailure: boolean = false, ): Promise<ExecOutput> {
namespace?: string return await this.execute(["get", `${resourceType}/${name}`, "-o", "json"]);
): Promise<ExecOutput> { }
core.debug(
'fetching resource of type ' + resourceType + ' and name ' + name
)
return await this.execute(
['get', `${resourceType}/${name}`, '-o', 'json'].concat(
this.getFlags(namespace)
),
silentFailure
)
}
public executeCommand(command: string, args?: string, timeout?: string) { public executeCommand(command: string, args?: string) {
if (!command) throw new Error('Command must be defined') if (!command) throw new Error("Command must be defined");
const a = args ? [args] : [] return args ? this.execute([command, args]) : this.execute([command]);
return this.execute( }
[command, ...a.concat(this.getFlags())],
false,
timeout
)
}
public delete( public delete(args: string | string[]) {
args: string | string[], if (typeof args === "string") return this.execute(["delete", args]);
namespace?: string, return this.execute(["delete", ...args]);
timeout?: string }
) {
if (typeof args === 'string')
return this.execute(
['delete', args].concat(this.getFlags(namespace)),
false,
timeout
)
return this.execute(
['delete', ...args.concat(this.getFlags(namespace))],
false,
timeout
)
}
protected async execute( private async execute(args: string[], silent: boolean = false) {
args: string[], if (this.ignoreSSLErrors) {
silent: boolean = false, args.push("--insecure-skip-tls-verify");
timeout?: string }
) { args = args.concat(["--namespace", this.namespace]);
if (timeout) {
args.push(`--timeout=${timeout}`)
}
// core.debug(`Kubectl run with command: ${this.kubectlPath} ${args}`) core.debug(`Kubectl run with command: ${this.kubectlPath} ${args}`);
core.debug( return await getExecOutput(this.kubectlPath, args, { silent });
`Kubectl run with command: ${this.kubectlPath} ${args.join(' ')}` }
)
return await getExecOutput(this.kubectlPath, args, {
silent
})
}
public getNamespace(namespaceOverride?: string): string {
return namespaceOverride || this.namespace
}
protected getFlags(namespaceOverride?: string): string[] {
const flags = []
if (this.ignoreSSLErrors) {
flags.push('--insecure-skip-tls-verify')
}
const ns = this.getNamespace(namespaceOverride)
if (ns) {
flags.push('--namespace', ns)
}
return flags
}
} }
export async function getKubectlPath() { export async function getKubectlPath() {
const version = core.getInput('kubectl-version') const version = core.getInput("kubectl-version");
const kubectlPath = version const kubectlPath = version
? toolCache.find('kubectl', version) ? toolCache.find("kubectl", version)
: await io.which('kubectl', true) : await io.which("kubectl", true);
if (!kubectlPath) if (!kubectlPath)
throw Error( throw Error(
'kubectl not found. You must install it before running this action' "kubectl not found. You must install it before running this action"
) );
return kubectlPath return kubectlPath;
} }
src/types/kubernetesTypes.test.ts
+100 -104
View File
@@ -1,119 +1,115 @@
import { import {
DEPLOYMENT_TYPES, DEPLOYMENT_TYPES,
DiscoveryAndLoadBalancerResource, DiscoveryAndLoadBalancerResource,
isDeploymentEntity, isDeploymentEntity,
isIngressEntity, isIngressEntity,
isServiceEntity, isServiceEntity,
isWorkloadEntity, isWorkloadEntity,
KubernetesWorkload, KubernetesWorkload,
ResourceKindNotDefinedError, ResourceKindNotDefinedError,
ServiceTypes, ServiceTypes,
WORKLOAD_TYPES, WORKLOAD_TYPES,
WORKLOAD_TYPES_WITH_ROLLOUT_STATUS WORKLOAD_TYPES_WITH_ROLLOUT_STATUS,
} from './kubernetesTypes.js' } from "./kubernetesTypes";
describe('Kubernetes types', () => { describe("Kubernetes types", () => {
it('contains kubernetes workloads', () => { it("contains kubernetes workloads", () => {
expect(KubernetesWorkload.POD).toBe('Pod') expect(KubernetesWorkload.POD).toBe("Pod");
expect(KubernetesWorkload.REPLICASET).toBe('Replicaset') expect(KubernetesWorkload.REPLICASET).toBe("Replicaset");
expect(KubernetesWorkload.DEPLOYMENT).toBe('Deployment') expect(KubernetesWorkload.DEPLOYMENT).toBe("Deployment");
expect(KubernetesWorkload.STATEFUL_SET).toBe('StatefulSet') expect(KubernetesWorkload.STATEFUL_SET).toBe("StatefulSet");
expect(KubernetesWorkload.DAEMON_SET).toBe('DaemonSet') expect(KubernetesWorkload.DAEMON_SET).toBe("DaemonSet");
expect(KubernetesWorkload.JOB).toBe('job') expect(KubernetesWorkload.JOB).toBe("job");
expect(KubernetesWorkload.CRON_JOB).toBe('cronjob') expect(KubernetesWorkload.CRON_JOB).toBe("cronjob");
expect(KubernetesWorkload.SCALED_JOB).toBe('scaledjob') });
})
it('contains discovery and load balancer resources', () => { it("contains discovery and load balancer resources", () => {
expect(DiscoveryAndLoadBalancerResource.SERVICE).toBe('service') expect(DiscoveryAndLoadBalancerResource.SERVICE).toBe("service");
expect(DiscoveryAndLoadBalancerResource.INGRESS).toBe('ingress') expect(DiscoveryAndLoadBalancerResource.INGRESS).toBe("ingress");
}) });
it('contains service types', () => { it("contains service types", () => {
expect(ServiceTypes.LOAD_BALANCER).toBe('LoadBalancer') expect(ServiceTypes.LOAD_BALANCER).toBe("LoadBalancer");
expect(ServiceTypes.NODE_PORT).toBe('NodePort') expect(ServiceTypes.NODE_PORT).toBe("NodePort");
expect(ServiceTypes.CLUSTER_IP).toBe('ClusterIP') expect(ServiceTypes.CLUSTER_IP).toBe("ClusterIP");
}) });
it('contains deployment types', () => { it("contains deployment types", () => {
const expected = [ const expected = [
'deployment', "deployment",
'replicaset', "replicaset",
'daemonset', "daemonset",
'pod', "pod",
'statefulset' "statefulset",
] ];
expect(expected.every((val) => DEPLOYMENT_TYPES.includes(val))).toBe(true) expect(expected.every((val) => DEPLOYMENT_TYPES.includes(val))).toBe(true);
}) });
it('contains workload types', () => { it("contains workload types", () => {
const expected = [ const expected = [
'deployment', "deployment",
'replicaset', "replicaset",
'daemonset', "daemonset",
'pod', "pod",
'statefulset', "statefulset",
'job', "job",
'cronjob', "cronjob",
'scaledjob' ];
] expect(expected.every((val) => WORKLOAD_TYPES.includes(val))).toBe(true);
expect(expected.every((val) => WORKLOAD_TYPES.includes(val))).toBe(true) });
})
it('contains workload types with rollout status', () => { it("contains workload types with rollout status", () => {
const expected = ['deployment', 'daemonset', 'statefulset'] const expected = ["deployment", "daemonset", "statefulset"];
expect( expect(
expected.every((val) => expected.every((val) => WORKLOAD_TYPES_WITH_ROLLOUT_STATUS.includes(val))
WORKLOAD_TYPES_WITH_ROLLOUT_STATUS.includes(val) ).toBe(true);
) });
).toBe(true)
})
it('checks if kind is deployment entity', () => { it("checks if kind is deployment entity", () => {
// throws on no kind // throws on no kind
expect(() => isDeploymentEntity(undefined)).toThrow( expect(() => isDeploymentEntity(undefined)).toThrow(
ResourceKindNotDefinedError ResourceKindNotDefinedError
) );
expect(isDeploymentEntity('deployment')).toBe(true) expect(isDeploymentEntity("deployment")).toBe(true);
expect(isDeploymentEntity('Deployment')).toBe(true) expect(isDeploymentEntity("Deployment")).toBe(true);
expect(isDeploymentEntity('deploymenT')).toBe(true) expect(isDeploymentEntity("deploymenT")).toBe(true);
expect(isDeploymentEntity('DEPLOYMENT')).toBe(true) expect(isDeploymentEntity("DEPLOYMENT")).toBe(true);
}) });
it('checks if kind is workload entity', () => { it("checks if kind is workload entity", () => {
// throws on no kind // throws on no kind
expect(() => isWorkloadEntity(undefined)).toThrow( expect(() => isWorkloadEntity(undefined)).toThrow(
ResourceKindNotDefinedError ResourceKindNotDefinedError
) );
expect(isWorkloadEntity('deployment')).toBe(true) expect(isWorkloadEntity("deployment")).toBe(true);
expect(isWorkloadEntity('Deployment')).toBe(true) expect(isWorkloadEntity("Deployment")).toBe(true);
expect(isWorkloadEntity('deploymenT')).toBe(true) expect(isWorkloadEntity("deploymenT")).toBe(true);
expect(isWorkloadEntity('DEPLOYMENT')).toBe(true) expect(isWorkloadEntity("DEPLOYMENT")).toBe(true);
}) });
it('checks if kind is service entity', () => { it("checks if kind is service entity", () => {
// throws on no kind // throws on no kind
expect(() => isServiceEntity(undefined)).toThrow( expect(() => isServiceEntity(undefined)).toThrow(
ResourceKindNotDefinedError ResourceKindNotDefinedError
) );
expect(isServiceEntity('service')).toBe(true) expect(isServiceEntity("service")).toBe(true);
expect(isServiceEntity('Service')).toBe(true) expect(isServiceEntity("Service")).toBe(true);
expect(isServiceEntity('servicE')).toBe(true) expect(isServiceEntity("servicE")).toBe(true);
expect(isServiceEntity('SERVICE')).toBe(true) expect(isServiceEntity("SERVICE")).toBe(true);
}) });
it('checks if kind is ingress entity', () => { it("checks if kind is ingress entity", () => {
// throws on no kind // throws on no kind
expect(() => isIngressEntity(undefined)).toThrow( expect(() => isIngressEntity(undefined)).toThrow(
ResourceKindNotDefinedError ResourceKindNotDefinedError
) );
expect(isIngressEntity('ingress')).toBe(true) expect(isIngressEntity("ingress")).toBe(true);
expect(isIngressEntity('Ingress')).toBe(true) expect(isIngressEntity("Ingress")).toBe(true);
expect(isIngressEntity('ingresS')).toBe(true) expect(isIngressEntity("ingresS")).toBe(true);
expect(isIngressEntity('INGRESS')).toBe(true) expect(isIngressEntity("INGRESS")).toBe(true);
}) });
}) });
src/types/kubernetesTypes.ts
+48 -50
View File
@@ -1,83 +1,81 @@
export class KubernetesWorkload { export class KubernetesWorkload {
public static POD: string = 'Pod' public static POD: string = "Pod";
public static REPLICASET: string = 'Replicaset' public static REPLICASET: string = "Replicaset";
public static DEPLOYMENT: string = 'Deployment' public static DEPLOYMENT: string = "Deployment";
public static STATEFUL_SET: string = 'StatefulSet' public static STATEFUL_SET: string = "StatefulSet";
public static DAEMON_SET: string = 'DaemonSet' public static DAEMON_SET: string = "DaemonSet";
public static JOB: string = 'job' public static JOB: string = "job";
public static CRON_JOB: string = 'cronjob' public static CRON_JOB: string = "cronjob";
public static SCALED_JOB: string = 'scaledjob'
} }
export class DiscoveryAndLoadBalancerResource { export class DiscoveryAndLoadBalancerResource {
public static SERVICE: string = 'service' public static SERVICE: string = "service";
public static INGRESS: string = 'ingress' public static INGRESS: string = "ingress";
} }
export class ServiceTypes { export class ServiceTypes {
public static LOAD_BALANCER: string = 'LoadBalancer' public static LOAD_BALANCER: string = "LoadBalancer";
public static NODE_PORT: string = 'NodePort' public static NODE_PORT: string = "NodePort";
public static CLUSTER_IP: string = 'ClusterIP' public static CLUSTER_IP: string = "ClusterIP";
} }
export const DEPLOYMENT_TYPES: string[] = [ export const DEPLOYMENT_TYPES: string[] = [
'deployment', "deployment",
'replicaset', "replicaset",
'daemonset', "daemonset",
'pod', "pod",
'statefulset' "statefulset",
] ];
export const WORKLOAD_TYPES: string[] = [ export const WORKLOAD_TYPES: string[] = [
'deployment', "deployment",
'replicaset', "replicaset",
'daemonset', "daemonset",
'pod', "pod",
'statefulset', "statefulset",
'job', "job",
'cronjob', "cronjob",
'scaledjob' ];
]
export const WORKLOAD_TYPES_WITH_ROLLOUT_STATUS: string[] = [ export const WORKLOAD_TYPES_WITH_ROLLOUT_STATUS: string[] = [
'deployment', "deployment",
'daemonset', "daemonset",
'statefulset' "statefulset",
] ];
export function isDeploymentEntity(kind: string): boolean { export function isDeploymentEntity(kind: string): boolean {
if (!kind) throw ResourceKindNotDefinedError if (!kind) throw ResourceKindNotDefinedError;
return DEPLOYMENT_TYPES.some((type: string) => { return DEPLOYMENT_TYPES.some((type: string) => {
return type.toLowerCase() === kind.toLowerCase() return type.toLowerCase() === kind.toLowerCase();
}) });
} }
export function isWorkloadEntity(kind: string): boolean { export function isWorkloadEntity(kind: string): boolean {
if (!kind) throw ResourceKindNotDefinedError if (!kind) throw ResourceKindNotDefinedError;
return WORKLOAD_TYPES.some( return WORKLOAD_TYPES.some(
(type: string) => type.toLowerCase() === kind.toLowerCase() (type: string) => type.toLowerCase() === kind.toLowerCase()
) );
} }
export function isServiceEntity(kind: string): boolean { export function isServiceEntity(kind: string): boolean {
if (!kind) throw ResourceKindNotDefinedError if (!kind) throw ResourceKindNotDefinedError;
return 'service' === kind.toLowerCase() return "service" === kind.toLowerCase();
} }
export function isIngressEntity(kind: string): boolean { export function isIngressEntity(kind: string): boolean {
if (!kind) throw ResourceKindNotDefinedError if (!kind) throw ResourceKindNotDefinedError;
return 'ingress' === kind.toLowerCase() return "ingress" === kind.toLowerCase();
} }
export const ResourceKindNotDefinedError = Error('Resource kind not defined') export const ResourceKindNotDefinedError = Error("Resource kind not defined");
export const NullInputObjectError = Error('Null inputObject') export const NullInputObjectError = Error("Null inputObject");
export const InputObjectKindNotDefinedError = Error( export const InputObjectKindNotDefinedError = Error(
'Input object kind not defined' "Input object kind not defined"
) );
export const InputObjectMetadataNotDefinedError = Error( export const InputObjectMetadataNotDefinedError = Error(
'Input object metatada not defined' "Input object metatada not defined"
) );
src/types/privatekubectl.test.ts
-64
View File
@@ -1,64 +0,0 @@
import {vi} from 'vitest'
vi.mock('@actions/exec')
import * as fileUtils from '../utilities/fileUtils.js'
import fs from 'node:fs'
import {
PrivateKubectl,
extractFileNames,
replaceFileNamesWithShallowNamesRelativeToTemp
} from './privatekubectl.js'
import * as exec from '@actions/exec'
describe('Private kubectl', () => {
const testString = `kubectl annotate -f /tmp/testdir/test.yml,/tmp/test2.yml,/tmp/testdir/subdir/test3.yml -f /tmp/test4.yml --filename /tmp/test5.yml actions.github.com/k8s-deploy={"run":"3498366832","repository":"jaiveerk/k8s-deploy","workflow":"Minikube Integration Tests - private cluster","workflowFileName":"run-integration-tests-private.yml","jobName":"run-integration-test","createdBy":"jaiveerk","runUri":"https://github.com/jaiveerk/k8s-deploy/actions/runs/3498366832","commit":"c63b323186ea1320a31290de6dcc094c06385e75","lastSuccessRunCommit":"NA","branch":"refs/heads/main","deployTimestamp":1668787848577,"dockerfilePaths":{"nginx:1.14.2":""},"manifestsPaths":["https://github.com/jaiveerk/k8s-deploy/blob/c63b323186ea1320a31290de6dcc094c06385e75/test/integration/test.yml"],"helmChartPaths":[],"provider":"GitHub"} --overwrite --namespace test-3498366832`
const mockKube = new PrivateKubectl(
'kubectlPath',
'namespace',
true,
'resourceGroup',
'resourceName'
)
const spy = vi
.spyOn(fileUtils, 'getTempDirectory')
.mockImplementation(() => {
return '/tmp'
})
vi.spyOn(fs, 'writeFileSync').mockImplementation(() => {})
vi.spyOn(fs, 'readFileSync').mockImplementation((filename) => {
return 'test contents'
})
it('should extract filenames correctly', () => {
expect(extractFileNames(testString)).toEqual([
'/tmp/testdir/test.yml',
'/tmp/test2.yml',
'/tmp/testdir/subdir/test3.yml',
'/tmp/test4.yml',
'/tmp/test5.yml'
])
})
it('should replace filenames with shallow names for relative locations in tmp correctly', () => {
expect(
replaceFileNamesWithShallowNamesRelativeToTemp(testString)
).toEqual(
`kubectl annotate -f testdir-test.yml,test2.yml,testdir-subdir-test3.yml -f test4.yml --filename test5.yml actions.github.com/k8s-deploy={"run":"3498366832","repository":"jaiveerk/k8s-deploy","workflow":"Minikube Integration Tests - private cluster","workflowFileName":"run-integration-tests-private.yml","jobName":"run-integration-test","createdBy":"jaiveerk","runUri":"https://github.com/jaiveerk/k8s-deploy/actions/runs/3498366832","commit":"c63b323186ea1320a31290de6dcc094c06385e75","lastSuccessRunCommit":"NA","branch":"refs/heads/main","deployTimestamp":1668787848577,"dockerfilePaths":{"nginx:1.14.2":""},"manifestsPaths":["https://github.com/jaiveerk/k8s-deploy/blob/c63b323186ea1320a31290de6dcc094c06385e75/test/integration/test.yml"],"helmChartPaths":[],"provider":"GitHub"} --overwrite --namespace test-3498366832`
)
})
test('Should throw well defined Error on error from Azure', async () => {
const errorMsg = 'An error message'
vi.spyOn(exec, 'getExecOutput').mockImplementation(async () => {
return {exitCode: 1, stdout: '', stderr: errorMsg}
})
await expect(mockKube.executeCommand('az', 'test')).rejects.toThrow(
Error(
`Call to private cluster failed. Command: 'kubectl az test --insecure-skip-tls-verify --namespace namespace', errormessage: ${errorMsg}`
)
)
})
})
src/types/privatekubectl.ts
-169
View File
@@ -1,169 +0,0 @@
import {Kubectl} from './kubectl.js'
import minimist from 'minimist'
import {ExecOptions, ExecOutput, getExecOutput} from '@actions/exec'
import * as core from '@actions/core'
import fs from 'node:fs'
import * as path from 'path'
import {getTempDirectory} from '../utilities/fileUtils.js'
export class PrivateKubectl extends Kubectl {
protected async execute(args: string[], silent: boolean = false) {
args.unshift('kubectl')
let kubectlCmd = args.join(' ')
let addFileFlag = false
let eo = <ExecOptions>{
silent: true,
failOnStdErr: false,
ignoreReturnCode: true
}
if (this.containsFilenames(kubectlCmd)) {
kubectlCmd = replaceFileNamesWithShallowNamesRelativeToTemp(kubectlCmd)
addFileFlag = true
}
if (this.resourceGroup === '') {
throw Error('Resource group must be specified for private cluster')
}
if (this.name === '') {
throw Error('Cluster name must be specified for private cluster')
}
const privateClusterArgs = [
'aks',
'command',
'invoke',
'--resource-group',
this.resourceGroup,
'--name',
this.name,
'--command',
`${kubectlCmd}`
]
if (addFileFlag) {
const tempDirectory = getTempDirectory()
eo.cwd = path.join(tempDirectory, 'manifests')
privateClusterArgs.push(...['--file', '.'])
}
core.debug(
`private cluster Kubectl run with invoke command: ${kubectlCmd}`
)
const allArgs = [...privateClusterArgs, '-o', 'json']
core.debug(`full form of az command: az ${allArgs.join(' ')}`)
const runOutput = await getExecOutput('az', allArgs, eo)
core.debug(
`from kubectl private cluster command got run output ${JSON.stringify(
runOutput
)}`
)
if (runOutput.exitCode !== 0) {
throw Error(
`Call to private cluster failed. Command: '${kubectlCmd}', errormessage: ${runOutput.stderr}`
)
}
const runObj: {logs: string; exitCode: number} = JSON.parse(
runOutput.stdout
)
if (!silent) core.info(runObj.logs)
if (runObj.exitCode !== 0) {
throw Error(`failed private cluster Kubectl command: ${kubectlCmd}`)
}
return {
exitCode: runObj.exitCode,
stdout: runObj.logs,
stderr: ''
} as ExecOutput
}
private containsFilenames(str: string) {
return str.includes('-f ') || str.includes('filename ')
}
}
function createTempManifestsDirectory(): string {
const manifestsDirPath = path.join(getTempDirectory(), 'manifests')
if (!fs.existsSync(manifestsDirPath)) {
fs.mkdirSync(manifestsDirPath, {recursive: true})
}
return manifestsDirPath
}
export function replaceFileNamesWithShallowNamesRelativeToTemp(
kubectlCmd: string
) {
let filenames = extractFileNames(kubectlCmd)
core.debug(`filenames originally provided in kubectl command: ${filenames}`)
let relativeShallowNames = filenames.map((filename) => {
const relativeName = path.relative(getTempDirectory(), filename)
const relativePathElements = relativeName.split(path.sep)
const shallowName = relativePathElements.join('-')
// make manifests dir in temp if it doesn't already exist
const manifestsTempDir = createTempManifestsDirectory()
const shallowPath = path.join(manifestsTempDir, shallowName)
core.debug(
`moving contents from ${filename} to shallow location at ${shallowPath}`
)
core.debug(`reading contents from ${filename}`)
const contents = fs.readFileSync(filename).toString()
core.debug(`writing contents to new path ${shallowPath}`)
fs.writeFileSync(shallowPath, contents)
return shallowName
})
let result = kubectlCmd
if (filenames.length != relativeShallowNames.length) {
throw Error(
'replacing filenames with relative path from temp dir, ' +
filenames.length +
' filenames != ' +
relativeShallowNames.length +
'basenames'
)
}
for (let index = 0; index < filenames.length; index++) {
result = result.replace(filenames[index], relativeShallowNames[index])
}
return result
}
export function extractFileNames(strToParse: string) {
const fileNames: string[] = []
const argv = minimist(strToParse.split(' '))
const fArg = 'f'
const filenameArg = 'filename'
fileNames.push(...extractFilesFromMinimist(argv, fArg))
fileNames.push(...extractFilesFromMinimist(argv, filenameArg))
return fileNames
}
export function extractFilesFromMinimist(argv, arg: string): string[] {
if (!argv[arg]) {
return []
}
const toReturn: string[] = []
if (typeof argv[arg] === 'string') {
toReturn.push(...argv[arg].split(','))
} else {
for (const value of argv[arg] as string[]) {
toReturn.push(...value.split(','))
}
}
return toReturn
}
src/types/routeStrategy.test.ts
+19 -19
View File
@@ -1,22 +1,22 @@
import {parseRouteStrategy, RouteStrategy} from './routeStrategy.js' import { parseRouteStrategy, RouteStrategy } from "./routeStrategy";
describe('Route strategy type', () => { describe("Route strategy type", () => {
test('it has required values', () => { test("it has required values", () => {
const vals = <any>Object.values(RouteStrategy) const vals = <any>Object.values(RouteStrategy);
expect(vals.includes('ingress')).toBe(true) expect(vals.includes("ingress")).toBe(true);
expect(vals.includes('smi')).toBe(true) expect(vals.includes("smi")).toBe(true);
expect(vals.includes('service')).toBe(true) expect(vals.includes("service")).toBe(true);
}) });
test('it can parse valid values from a string', () => { test("it can parse valid values from a string", () => {
expect(parseRouteStrategy('ingress')).toBe(RouteStrategy.INGRESS) expect(parseRouteStrategy("ingress")).toBe(RouteStrategy.INGRESS);
expect(parseRouteStrategy('Ingress')).toBe(RouteStrategy.INGRESS) expect(parseRouteStrategy("Ingress")).toBe(RouteStrategy.INGRESS);
expect(parseRouteStrategy('ingresS')).toBe(RouteStrategy.INGRESS) expect(parseRouteStrategy("ingresS")).toBe(RouteStrategy.INGRESS);
expect(parseRouteStrategy('INGRESS')).toBe(RouteStrategy.INGRESS) expect(parseRouteStrategy("INGRESS")).toBe(RouteStrategy.INGRESS);
}) });
test("it will return undefined if it can't parse values from a string", () => { test("it will return undefined if it can't parse values from a string", () => {
expect(parseRouteStrategy('invalid')).toBe(undefined) expect(parseRouteStrategy("invalid")).toBe(undefined);
expect(parseRouteStrategy('unsupportedType')).toBe(undefined) expect(parseRouteStrategy("unsupportedType")).toBe(undefined);
}) });
}) });
src/types/routeStrategy.ts
+8 -8
View File
@@ -1,12 +1,12 @@
export enum RouteStrategy { export enum RouteStrategy {
INGRESS = 'ingress', INGRESS = "ingress",
SMI = 'smi', SMI = "smi",
SERVICE = 'service' SERVICE = "service",
} }
export const parseRouteStrategy = (str: string): RouteStrategy | undefined => export const parseRouteStrategy = (str: string): RouteStrategy | undefined =>
RouteStrategy[ RouteStrategy[
Object.keys(RouteStrategy).filter( Object.keys(RouteStrategy).filter(
(k) => RouteStrategy[k].toString().toLowerCase() === str.toLowerCase() (k) => RouteStrategy[k].toString().toLowerCase() === str.toLowerCase()
)[0] as keyof typeof RouteStrategy )[0] as keyof typeof RouteStrategy
] ];
src/types/trafficSplitMethod.test.ts
+20 -20
View File
@@ -1,24 +1,24 @@
import { import {
parseTrafficSplitMethod, parseTrafficSplitMethod,
TrafficSplitMethod TrafficSplitMethod,
} from './trafficSplitMethod.js' } from "./trafficSplitMethod";
describe('Traffic split method type', () => { describe("Traffic split method type", () => {
test('it has required values', () => { test("it has required values", () => {
const vals = <any>Object.values(TrafficSplitMethod) const vals = <any>Object.values(TrafficSplitMethod);
expect(vals.includes('pod')).toBe(true) expect(vals.includes("pod")).toBe(true);
expect(vals.includes('smi')).toBe(true) expect(vals.includes("smi")).toBe(true);
}) });
test('it can parse valid values from a string', () => { test("it can parse valid values from a string", () => {
expect(parseTrafficSplitMethod('pod')).toBe(TrafficSplitMethod.POD) expect(parseTrafficSplitMethod("pod")).toBe(TrafficSplitMethod.POD);
expect(parseTrafficSplitMethod('Pod')).toBe(TrafficSplitMethod.POD) expect(parseTrafficSplitMethod("Pod")).toBe(TrafficSplitMethod.POD);
expect(parseTrafficSplitMethod('poD')).toBe(TrafficSplitMethod.POD) expect(parseTrafficSplitMethod("poD")).toBe(TrafficSplitMethod.POD);
expect(parseTrafficSplitMethod('POD')).toBe(TrafficSplitMethod.POD) expect(parseTrafficSplitMethod("POD")).toBe(TrafficSplitMethod.POD);
}) });
test("it will return undefined if it can't parse values from a string", () => { test("it will return undefined if it can't parse values from a string", () => {
expect(parseTrafficSplitMethod('invalid')).toBe(undefined) expect(parseTrafficSplitMethod("invalid")).toBe(undefined);
expect(parseTrafficSplitMethod('unsupportedType')).toBe(undefined) expect(parseTrafficSplitMethod("unsupportedType")).toBe(undefined);
}) });
}) });
src/types/trafficSplitMethod.ts
+9 -9
View File
@@ -1,6 +1,6 @@
export enum TrafficSplitMethod { export enum TrafficSplitMethod {
POD = 'pod', POD = "pod",
SMI = 'smi' SMI = "smi",
} }
/** /**
@@ -9,11 +9,11 @@ export enum TrafficSplitMethod {
* @returns The TrafficSplitMethod enum or undefined if it can't be parsed * @returns The TrafficSplitMethod enum or undefined if it can't be parsed
*/ */
export const parseTrafficSplitMethod = ( export const parseTrafficSplitMethod = (
str: string str: string
): TrafficSplitMethod | undefined => ): TrafficSplitMethod | undefined =>
TrafficSplitMethod[ TrafficSplitMethod[
Object.keys(TrafficSplitMethod).filter( Object.keys(TrafficSplitMethod).filter(
(k) => (k) =>
TrafficSplitMethod[k].toString().toLowerCase() === str.toLowerCase() TrafficSplitMethod[k].toString().toLowerCase() === str.toLowerCase()
)[0] as keyof typeof TrafficSplitMethod )[0] as keyof typeof TrafficSplitMethod
] ];
src/utilities/arrayUtils.test.ts
+10 -10
View File
@@ -1,12 +1,12 @@
import {createInlineArray} from './arrayUtils.js' import { createInlineArray } from "./arrayUtils";
describe('array utilities', () => { describe("array utilities", () => {
it('creates an inline array', () => { it("creates an inline array", () => {
const strings = ['str1', 'str2', 'str3'] const strings = ["str1", "str2", "str3"];
expect(createInlineArray(strings)).toBe(strings.join(',')) expect(createInlineArray(strings)).toBe(strings.join(","));
const string = 'str1' const string = "str1";
expect(createInlineArray([string])).toBe(string) expect(createInlineArray([string])).toBe(string);
expect(createInlineArray(string)).toBe(string) expect(createInlineArray(string)).toBe(string);
}) });
}) });
src/utilities/arrayUtils.ts
+4 -4
View File
@@ -1,6 +1,6 @@
export function createInlineArray(str: string | string[]): string { export function createInlineArray(str: string | string[]): string {
if (typeof str === 'string') { if (typeof str === "string") {
return str return str;
} }
return str.join(',') return str.join(",");
} }
src/utilities/dockerUtils.test.ts
+13 -18
View File
@@ -1,20 +1,15 @@
import {vi} from 'vitest' import * as io from "@actions/io";
vi.mock('@actions/io') import { checkDockerPath } from "./dockerUtils";
import * as io from '@actions/io' describe("docker utilities", () => {
import {checkDockerPath} from './dockerUtils.js' it("checks if docker is installed", async () => {
// docker installed
const path = "path";
jest.spyOn(io, "which").mockImplementationOnce(async () => path);
expect(() => checkDockerPath()).not.toThrow();
describe('docker utilities', () => { // docker not installed
it('checks if docker is installed', async () => { jest.spyOn(io, "which").mockImplementationOnce(async () => undefined);
// docker installed await expect(() => checkDockerPath()).rejects.toThrow();
const path = 'path' });
vi.spyOn(io, 'which').mockImplementationOnce(async () => path) });
expect(() => checkDockerPath()).not.toThrow()
// docker not installed
vi.spyOn(io, 'which').mockImplementationOnce(async () => {
throw new Error('not found')
})
await expect(() => checkDockerPath()).rejects.toThrow()
})
})
src/utilities/dockerUtils.ts
+59 -63
View File
@@ -1,79 +1,75 @@
import * as io from '@actions/io' import * as io from "@actions/io";
import {DeploymentConfig} from '../types/deploymentConfig.js' import { DeploymentConfig } from "../types/deploymentConfig";
import * as core from '@actions/core' import * as core from "@actions/core";
import {DockerExec} from '../types/docker.js' import { DockerExec } from "../types/docker";
import {getNormalizedPath} from './githubUtils.js' import { getNormalizedPath } from "./githubUtils";
export async function getDeploymentConfig(): Promise<DeploymentConfig> { export async function getDeploymentConfig(): Promise<DeploymentConfig> {
let helmChartPaths: string[] = let helmChartPaths: string[] =
process.env?.HELM_CHART_PATHS?.split(';').filter((path) => path != '') || process.env?.HELM_CHART_PATHS?.split(";").filter((path) => path != "") ||
[] [];
helmChartPaths = helmChartPaths.map((helmchart) => helmChartPaths = helmChartPaths.map((helmchart) =>
getNormalizedPath(helmchart.trim()) getNormalizedPath(helmchart.trim())
) );
let inputManifestFiles: string[] = let inputManifestFiles: string[] =
core core
.getInput('manifests') .getInput("manifests")
.split(/[\n,;]+/) .split(/[\n,;]+/)
.filter((manifest) => manifest.trim().length > 0) || [] .filter((manifest) => manifest.trim().length > 0) || [];
if (helmChartPaths?.length == 0) { if (helmChartPaths?.length == 0) {
inputManifestFiles = inputManifestFiles.map((manifestFile) => inputManifestFiles = inputManifestFiles.map((manifestFile) =>
getNormalizedPath(manifestFile) getNormalizedPath(manifestFile)
) );
} }
const imageNames = const imageNames = core.getInput("images").split("\n") || [];
core const imageDockerfilePathMap: { [id: string]: string } = {};
.getInput('images')
.split('\n')
.filter((image) => image.length > 0) || []
const imageDockerfilePathMap: {[id: string]: string} = {}
const pullImages = !(core.getInput('pull-images').toLowerCase() === 'false') const pullImages = !(core.getInput("pull-images").toLowerCase() === "false");
if (pullImages) { if (pullImages) {
//Fetching from image label if available //Fetching from image label if available
for (const image of imageNames) { for (const image of imageNames) {
try { try {
imageDockerfilePathMap[image] = await getDockerfilePath(image) imageDockerfilePathMap[image] = await getDockerfilePath(image);
} catch (ex) { } catch (ex) {
core.warning( core.warning(
`Failed to get dockerfile path for image ${image.toString()}: ${ex} ` `Failed to get dockerfile path for image ${image.toString()}: ${ex} `
) );
}
} }
} }
}
return Promise.resolve(<DeploymentConfig>{ return Promise.resolve(<DeploymentConfig>{
manifestFilePaths: inputManifestFiles, manifestFilePaths: inputManifestFiles,
helmChartFilePaths: helmChartPaths, helmChartFilePaths: helmChartPaths,
dockerfilePaths: imageDockerfilePathMap dockerfilePaths: imageDockerfilePathMap,
}) });
} }
async function getDockerfilePath(image: any): Promise<string> { async function getDockerfilePath(image: any): Promise<string> {
await checkDockerPath() await checkDockerPath();
const dockerExec: DockerExec = new DockerExec('docker') const dockerExec: DockerExec = new DockerExec("docker");
await dockerExec.pull(image, [], false) await dockerExec.pull(image, [], false);
const imageInspectResult: string = await dockerExec.inspect(image, [], false) const imageInspectResult: string = await dockerExec.inspect(image, [], false);
const imageConfig = JSON.parse(imageInspectResult)[0] const imageConfig = JSON.parse(imageInspectResult)[0];
const DOCKERFILE_PATH_LABEL_KEY = 'dockerfile-path' const DOCKERFILE_PATH_LABEL_KEY = "dockerfile-path";
let pathValue: string = '' let pathValue: string = "";
if ( if (
imageConfig?.Config?.Labels && imageConfig?.Config?.Labels &&
imageConfig?.Config?.Labels[DOCKERFILE_PATH_LABEL_KEY] imageConfig?.Config?.Labels[DOCKERFILE_PATH_LABEL_KEY]
) { ) {
const pathLabel = imageConfig.Config.Labels[DOCKERFILE_PATH_LABEL_KEY] const pathLabel = imageConfig.Config.Labels[DOCKERFILE_PATH_LABEL_KEY];
pathValue = getNormalizedPath(pathLabel) pathValue = getNormalizedPath(pathLabel);
} }
return Promise.resolve(pathValue) return Promise.resolve(pathValue);
} }
export async function checkDockerPath() { export async function checkDockerPath() {
const dockerPath = await io.which('docker', false) const dockerPath = await io.which("docker", false);
if (!dockerPath) { if (!dockerPath) {
throw new Error('Docker is not installed.') throw new Error("Docker is not installed.");
} }
} }
src/utilities/durationUtils.test.ts
-167
View File
@@ -1,167 +0,0 @@
import {vi, type Mocked} from 'vitest'
import {parseDuration} from './durationUtils.js'
import * as core from '@actions/core'
// Mock core.debug
vi.mock('@actions/core')
const mockCore = core as Mocked<typeof core>
// Test data constants
const VALID_TIMEOUTS = {
withUnits: ['5s', '10m', '1h', '500ms'],
decimals: ['0.5s', '1.25m', '2.5h'],
caseInsensitive: ['5S', '10M', '1H'],
expectedLowercase: ['5s', '10m', '1h'],
bareNumbers: ['5', '15', '120'],
expectedWithMinutes: ['5m', '15m', '120m'],
whitespace: [' 10s', '1m ', '\t2h\n'],
expectedTrimmed: ['10s', '1m', '2h'],
rangeValid: ['1ms', '999ms', '0.5s', '1439m', '23.999h'],
edgeCases: ['0.001s', '0.0167m', '24h']
}
const INVALID_TIMEOUTS = {
badFormats: ['', 'abc', '30x', '30 s', '30sm'],
negative: ['-5m', '-1s', '-0.5h'],
zero: ['0s', '0m', '0h', '0ms'],
belowMin: ['0.0001s', '0.00001ms'],
aboveMax: ['25h', '1441m', '86401s']
}
const ERROR_MESSAGES = {
invalidFormat: (input: string) =>
`Invalid duration format: "${input}". Use: number + unit (30s, 5m, 1h) or just number (assumes minutes)`,
notPositive: (input: string) => `Duration must be positive: "${input}"`,
outOfRange: (input: string) =>
`Duration out of range (1ms to 24h): "${input}"`
}
// Helper functions
const expectValidTimeout = (input: string, expected: string) => {
expect(parseDuration(input)).toBe(expected)
}
const expectInvalidTimeout = (input: string, expectedError: string) => {
expect(() => parseDuration(input)).toThrow(expectedError)
}
describe('validateTimeoutDuration', () => {
beforeEach(() => {
vi.clearAllMocks()
})
describe('valid timeout formats', () => {
const validCases: Array<[string, string, string]> = [
...VALID_TIMEOUTS.withUnits.map((v): [string, string, string] => [
v,
v,
'accepts number with valid units'
]),
...VALID_TIMEOUTS.decimals.map((v): [string, string, string] => [
v,
v,
'accepts decimal number with units'
]),
...VALID_TIMEOUTS.caseInsensitive.map(
(v, i): [string, string, string] => [
v,
VALID_TIMEOUTS.expectedLowercase[i],
'handles case-insensitive units'
]
),
...VALID_TIMEOUTS.bareNumbers.map((v, i): [string, string, string] => [
v,
VALID_TIMEOUTS.expectedWithMinutes[i],
'assumes minutes for bare numbers'
]),
...VALID_TIMEOUTS.whitespace.map((v, i): [string, string, string] => [
v,
VALID_TIMEOUTS.expectedTrimmed[i],
'trims whitespace'
])
]
test.each(validCases)('%s → %s (%s)', (input, expected, description) => {
expectValidTimeout(input, expected)
})
test('logs assumption for bare numbers only', () => {
parseDuration('5')
expect(mockCore.debug).toHaveBeenCalledWith(
'No unit specified for timeout "5", assuming minutes'
)
vi.clearAllMocks()
parseDuration('30s')
expect(mockCore.debug).not.toHaveBeenCalled()
})
})
describe('invalid timeout formats', () => {
const invalidCases: Array<[string, string]> = [
...INVALID_TIMEOUTS.badFormats.map((t): [string, string] => [
t,
ERROR_MESSAGES.invalidFormat(t)
]),
...INVALID_TIMEOUTS.negative.map((t): [string, string] => [
t,
ERROR_MESSAGES.invalidFormat(t)
]),
...INVALID_TIMEOUTS.zero.map((t): [string, string] => [
t,
ERROR_MESSAGES.notPositive(t)
])
]
test.each(invalidCases)('rejects %s', (input, expectedError) => {
expectInvalidTimeout(input, expectedError)
})
})
describe('range validation', () => {
const rangeCases: Array<[string, string, boolean]> = [
...VALID_TIMEOUTS.rangeValid.map((v): [string, string, boolean] => [
v,
v,
true
]),
...INVALID_TIMEOUTS.belowMin.map((v): [string, string, boolean] => [
v,
ERROR_MESSAGES.outOfRange(v),
false
]),
...INVALID_TIMEOUTS.aboveMax.map((v): [string, string, boolean] => [
v,
ERROR_MESSAGES.outOfRange(v),
false
]),
...VALID_TIMEOUTS.edgeCases.map((v): [string, string, boolean] => [
v,
v,
true
])
]
test.each(rangeCases)('%s is %s', (input, expected, isValid) => {
if (isValid) {
expectValidTimeout(input, expected)
} else {
expectInvalidTimeout(input, expected)
}
})
})
describe('edge cases', () => {
test.each([
['0.001s', '0.001s'],
['0.0167m', '0.0167m'],
['23.999h', '23.999h'],
['1439m', '1439m'],
['5.0m', '5m'],
['005s', '5s']
])('parses and normalizes: %s → %s', (input, expected) => {
expectValidTimeout(input, expected)
})
})
})
src/utilities/durationUtils.ts
-38
View File
@@ -1,38 +0,0 @@
import * as core from '@actions/core'
export function parseDuration(duration: string): string {
const trimmed = duration.trim()
// Parse number and optional unit using regex
const match = /^(\d+(?:\.\d+)?)(ms|s|m|h)?$/i.exec(trimmed)
if (!match) {
throw new Error(
`Invalid duration format: "${duration}". Use: number + unit (30s, 5m, 1h) or just number (assumes minutes)`
)
}
const value = parseFloat(match[1])
const unit = match[2]?.toLowerCase() || 'm'
if (value <= 0) {
throw new Error(`Duration must be positive: "${duration}"`)
}
// Calculate total seconds for validation
const multipliers = {ms: 0.001, s: 1, m: 60, h: 3600}
const totalSeconds = value * multipliers[unit as keyof typeof multipliers]
// Validate bounds (1ms to 24h)
if (totalSeconds < 0.001 || totalSeconds > 86400) {
throw new Error(`Duration out of range (1ms to 24h): "${duration}"`)
}
// Log assumption for bare numbers (when no unit was provided)
if (!duration.trim().match(/\d+(ms|s|m|h)$/i)) {
core.debug(
`No unit specified for timeout "${duration}", assuming minutes`
)
}
return `${value}${unit}`
}
src/utilities/fileUtils.test.ts
+35 -460
View File
@@ -1,474 +1,49 @@
import {vi} from 'vitest' import {
import * as fileUtils from './fileUtils.js' getFilesFromDirectories
} from "./fileUtils";
import * as yaml from 'js-yaml' import * as path from "path";
import fs from 'node:fs'
import os from 'node:os'
import * as path from 'path'
import {K8sObject} from '../types/k8sObject.js'
const sampleYamlUrl = describe("File utils", () => {
'https://raw.githubusercontent.com/kubernetes/website/main/content/en/examples/controllers/nginx-deployment.yaml' it("detects files in nested directories and ignores non-manifest files and empty dirs", () => {
describe('File utils', () => { const testPath = path.join("test", "unit", "manifests")
beforeAll(() => { const testSearch: string[] = getFilesFromDirectories([testPath])
process.env.GITHUB_WORKSPACE ??= process.cwd()
})
test('correctly parses a yaml file from a URL', async () => {
const tempFile = await fileUtils.writeYamlFromURLToFile(sampleYamlUrl, 0)
const fileContents = fs.readFileSync(tempFile).toString()
const inputObjects: K8sObject[] = yaml.loadAll(
fileContents
) as K8sObject[]
expect(inputObjects).toHaveLength(1)
for (const obj of inputObjects) { const expectedManifests =
expect(obj.metadata.name).toBe('nginx-deployment') [
expect(obj.kind).toBe('Deployment') "test/unit/manifests/manifest_test_dir/another_layer/deep-ingress.yaml",
} "test/unit/manifests/manifest_test_dir/another_layer/deep-service.yaml",
}) "test/unit/manifests/manifest_test_dir/nested-test-service.yaml",
"test/unit/manifests/test-ingress.yml",
"test/unit/manifests/test-service.yml"
]
it('fails when a bad URL is given among other files', async () => {
const badUrl = 'https://www.github.com'
const testPath = path.join('test', 'unit', 'manifests') // is there a more efficient way to test equality w random order?
await expect( expect(testSearch).toHaveLength(5);
fileUtils.getFilesFromDirectoriesAndURLs([testPath, badUrl])
).rejects.toThrow()
})
it('detects files in nested directories with the same name and ignores non-manifest files and empty dirs', async () => {
const testPath = path.join('test', 'unit', 'manifests')
const testSearch: string[] =
await fileUtils.getFilesFromDirectoriesAndURLs([
testPath,
sampleYamlUrl
])
const expectedManifests = [
'test/unit/manifests/manifest_test_dir/another_layer/test-ingress.yaml',
'test/unit/manifests/manifest_test_dir/another_layer/nested-test-service.yaml',
'test/unit/manifests/manifest_test_dir/nested-test-service.yaml',
'test/unit/manifests/test-ingress.yml',
'test/unit/manifests/test-ingress-new.yml',
'test/unit/manifests/test-service.yml',
'test/unit/manifests/basic-test.yml'
]
expect(testSearch).toHaveLength(10)
expectedManifests.forEach((fileName) => { expectedManifests.forEach((fileName) => {
if (fileName.startsWith('test/unit')) { expect(testSearch).toContain(fileName)
expect(testSearch).toContain(path.resolve(fileName))
} else {
expect(fileName.includes(fileUtils.urlFileKind)).toBe(true)
expect(fileName.startsWith(fileUtils.getTempDirectory()))
}
}) })
})
it('crashes when an invalid file is provided', async () => { });
const badPath = path.join('test', 'unit', 'manifests', 'nonexistent.yaml')
const goodPath = path.join(
'test',
'unit',
'manifests',
'manifest_test_dir'
)
await expect( it("crashes when an invalid file is provided", () => {
fileUtils.getFilesFromDirectoriesAndURLs([badPath, goodPath]) const badPath = path.join("test", "unit", "manifests", "nonexistent.yaml")
).rejects.toThrow() const goodPath = path.join("test", "unit", "manifests", "manifest_test_dir")
})
it("doesn't duplicate files when nested dir included", async () => { expect(() => {getFilesFromDirectories([badPath, goodPath])}).toThrowError()
const outerPath = path.join('test', 'unit', 'manifests') });
const fileAtOuter = path.join(
'test',
'unit',
'manifests',
'test-service.yml'
)
const innerPath = path.join(
'test',
'unit',
'manifests',
'manifest_test_dir'
)
expect( it("doesn't duplicate files when nested dir included", () => {
await fileUtils.getFilesFromDirectoriesAndURLs([ const outerPath = path.join("test", "unit", "manifests")
outerPath, const fileAtOuter = path.join("test", "unit", "manifests", "test-service.yml")
fileAtOuter, const innerPath = path.join("test", "unit", "manifests", "manifest_test_dir")
innerPath
])
).toHaveLength(9)
})
it('throws an error for an invalid URL', async () => { expect(getFilesFromDirectories([outerPath, fileAtOuter, innerPath])).toHaveLength(5)
const badUrl = 'https://www.github.com' })
await expect( });
fileUtils.writeYamlFromURLToFile(badUrl, 0)
).rejects.toBeTruthy()
})
it('rejects manifest inputs that resolve outside the workspace', async () => {
const originalWs = process.env.GITHUB_WORKSPACE
const ws = fs.mkdtempSync(path.join(os.tmpdir(), 'ws-'))
const outside = fs.mkdtempSync(path.join(os.tmpdir(), 'outside-'))
fs.writeFileSync(path.join(outside, 'secrets.yaml'), 'api_key: x')
process.env.GITHUB_WORKSPACE = ws
try {
await expect(
fileUtils.getFilesFromDirectoriesAndURLs([outside])
).rejects.toThrow(/outside the workspace/)
await expect(
fileUtils.getFilesFromDirectoriesAndURLs([
path.join(outside, 'secrets.yaml')
])
).rejects.toThrow(/outside the workspace/)
} finally {
if (originalWs === undefined) delete process.env.GITHUB_WORKSPACE
else process.env.GITHUB_WORKSPACE = originalWs
fs.rmSync(ws, {recursive: true, force: true})
fs.rmSync(outside, {recursive: true, force: true})
}
})
it('rejects symlinks inside a directory that escape the workspace', async () => { // files that don't exist / nested files that don't exist / something else with non-manifest
const originalWs = process.env.GITHUB_WORKSPACE // lots of combinations of pointing to a directory and non yaml/yaml file
const ws = fs.mkdtempSync(path.join(os.tmpdir(), 'ws-')) // similarly named files in different folders
const outside = fs.mkdtempSync(path.join(os.tmpdir(), 'outside-'))
const escapeTarget = path.join(outside, 'passwd.yaml')
fs.writeFileSync(escapeTarget, 'root:x:0:0')
const dir = path.join(ws, 'manifests')
fs.mkdirSync(dir)
fs.symlinkSync(escapeTarget, path.join(dir, 'escape.yaml'))
process.env.GITHUB_WORKSPACE = ws
try {
await expect(
fileUtils.getFilesFromDirectoriesAndURLs([dir])
).rejects.toThrow(/outside the workspace/)
} finally {
if (originalWs === undefined) delete process.env.GITHUB_WORKSPACE
else process.env.GITHUB_WORKSPACE = originalWs
fs.rmSync(ws, {recursive: true, force: true})
fs.rmSync(outside, {recursive: true, force: true})
}
})
})
describe('moveFileToTmpDir', () => {
let workspace: string
let originalWorkspace: string | undefined
let originalTemp: string | undefined
let originalCwd: string
let tmpDir: string
beforeEach(() => {
originalWorkspace = process.env.GITHUB_WORKSPACE
originalTemp = process.env.RUNNER_TEMP
originalCwd = process.cwd()
workspace = fs.mkdtempSync(path.join(os.tmpdir(), 'ws-'))
tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'rt-'))
process.env.GITHUB_WORKSPACE = workspace
process.env.RUNNER_TEMP = tmpDir
})
afterEach(() => {
process.chdir(originalCwd)
if (originalWorkspace === undefined) delete process.env.GITHUB_WORKSPACE
else process.env.GITHUB_WORKSPACE = originalWorkspace
if (originalTemp === undefined) delete process.env.RUNNER_TEMP
else process.env.RUNNER_TEMP = originalTemp
fs.rmSync(workspace, {recursive: true, force: true})
fs.rmSync(tmpDir, {recursive: true, force: true})
})
it('copies a workspace file to RUNNER_TEMP using a basename-only destination', () => {
const src = path.join(workspace, 'svc.yaml')
fs.writeFileSync(src, 'kind: Service')
const out = fileUtils.moveFileToTmpDir(src)
expect(fs.realpathSync(path.dirname(out))).toBe(fs.realpathSync(tmpDir))
expect(path.basename(out)).toMatch(/^svc_\d+_\d+\.yaml$/)
expect(fs.readFileSync(out).toString()).toBe('kind: Service')
})
it('rejects relative traversal that escapes the workspace', () => {
const outside = fs.mkdtempSync(path.join(os.tmpdir(), 'outside-'))
fs.writeFileSync(path.join(outside, 'secrets.yaml'), 'api_key: x')
process.chdir(workspace)
const rel = path.relative(workspace, path.join(outside, 'secrets.yaml'))
expect(() => fileUtils.moveFileToTmpDir(rel)).toThrow(
/outside the workspace/
)
fs.rmSync(outside, {recursive: true, force: true})
})
it('does not collide when two inputs share a basename', () => {
const a = path.join(workspace, 'a')
const b = path.join(workspace, 'b')
fs.mkdirSync(a)
fs.mkdirSync(b)
fs.writeFileSync(path.join(a, 'svc.yaml'), 'A')
fs.writeFileSync(path.join(b, 'svc.yaml'), 'B')
const outA = fileUtils.moveFileToTmpDir(path.join(a, 'svc.yaml'))
const outB = fileUtils.moveFileToTmpDir(path.join(b, 'svc.yaml'))
expect(outA).not.toBe(outB)
expect(fs.readFileSync(outA).toString()).toBe('A')
expect(fs.readFileSync(outB).toString()).toBe('B')
})
})
describe('assertPathWithinWorkspace', () => {
let workspace: string
let outside: string
let originalWorkspace: string | undefined
let originalCwd: string
beforeEach(() => {
originalWorkspace = process.env.GITHUB_WORKSPACE
originalCwd = process.cwd()
workspace = fs.mkdtempSync(path.join(os.tmpdir(), 'ws-'))
outside = fs.mkdtempSync(path.join(os.tmpdir(), 'outside-'))
process.env.GITHUB_WORKSPACE = workspace
})
afterEach(() => {
process.chdir(originalCwd)
if (originalWorkspace === undefined) {
delete process.env.GITHUB_WORKSPACE
} else {
process.env.GITHUB_WORKSPACE = originalWorkspace
}
fs.rmSync(workspace, {recursive: true, force: true})
fs.rmSync(outside, {recursive: true, force: true})
})
it('returns the resolved path for files inside the workspace', () => {
const inside = path.join(workspace, 'a.yaml')
fs.writeFileSync(inside, 'kind: X')
const result = fileUtils.assertPathWithinWorkspace(inside)
expect(result).toBe(fs.realpathSync(inside))
})
it('accepts workspace files whose basename starts with ..', () => {
const inside = path.join(workspace, '..bar.yaml')
fs.writeFileSync(inside, 'kind: X')
expect(fileUtils.assertPathWithinWorkspace(inside)).toBe(
fs.realpathSync(inside)
)
})
it('throws for relative traversal paths that escape the workspace', () => {
const target = path.join(outside, 'secrets.yaml')
fs.writeFileSync(target, 'api_key: secret')
const rel = path.relative(workspace, target)
process.chdir(workspace)
expect(() => fileUtils.assertPathWithinWorkspace(rel)).toThrow(
/outside the workspace/
)
})
it('resolves relative paths against GITHUB_WORKSPACE even when CWD differs', () => {
const inside = path.join(workspace, 'manifest.yaml')
fs.writeFileSync(inside, 'kind: X')
// Deliberately chdir somewhere unrelated so a process.cwd()-based
// resolver would either reject or resolve to the wrong place.
process.chdir(os.tmpdir())
const result = fileUtils.assertPathWithinWorkspace('manifest.yaml')
expect(result).toBe(fs.realpathSync(inside))
})
it('throws for absolute paths outside the workspace', () => {
const target = path.join(outside, 'secrets.yaml')
fs.writeFileSync(target, 'api_key: secret')
expect(() => fileUtils.assertPathWithinWorkspace(target)).toThrow(
/outside the workspace/
)
})
it('throws when a symlink inside the workspace points outside', () => {
const target = path.join(outside, 'secrets.yaml')
fs.writeFileSync(target, 'api_key: secret')
const link = path.join(workspace, 'evil.yaml')
fs.symlinkSync(target, link)
expect(() => fileUtils.assertPathWithinWorkspace(link)).toThrow(
/outside the workspace/
)
})
it('throws a clear error for missing files', () => {
const missing = path.join(workspace, 'nope.yaml')
expect(() => fileUtils.assertPathWithinWorkspace(missing)).toThrow(
/does not exist or is not readable/
)
})
it('skips containment when GITHUB_WORKSPACE is unset', () => {
delete process.env.GITHUB_WORKSPACE
const target = path.join(outside, 'whatever.yaml')
fs.writeFileSync(target, 'kind: X')
expect(fileUtils.assertPathWithinWorkspace(target)).toBe(target)
})
})
import {EventEmitter} from 'node:events'
import {PassThrough} from 'node:stream'
import * as https from 'node:https'
const httpsState = vi.hoisted(() => ({impl: null as any}))
vi.mock('https', async (importOriginal) => {
const actual = await importOriginal<typeof import('https')>()
const get = (...args: any[]) =>
httpsState.impl ? httpsState.impl(...args) : (actual.get as any)(...args)
return {
...actual,
default: {...actual, get},
get
}
})
describe('writeYamlFromURLToFile error handling', () => {
let tempDir: string
let originalRunnerTemp: string | undefined
beforeEach(() => {
originalRunnerTemp = process.env.RUNNER_TEMP
tempDir = fs.mkdtempSync(path.join(os.tmpdir(), 'url-fetch-'))
process.env.RUNNER_TEMP = tempDir
})
afterEach(() => {
httpsState.impl = null
vi.restoreAllMocks()
if (originalRunnerTemp === undefined) {
delete process.env.RUNNER_TEMP
} else {
process.env.RUNNER_TEMP = originalRunnerTemp
}
fs.rmSync(tempDir, {recursive: true, force: true})
})
// Wait one tick so cleanupAndReject's async fs.rm callback can fire
// before the test inspects the temp directory.
const waitForCleanup = () =>
new Promise<void>((r) => setImmediate(() => setImmediate(r)))
function mockHttpsGet(
makeResponse: () => {
response: EventEmitter & {
statusCode?: number
statusMessage?: string
pipe: PassThrough['pipe']
resume: () => void
}
requestEmitter: EventEmitter
}
) {
httpsState.impl = ((url: string, cb?: any) => {
const {response, requestEmitter} = makeResponse()
if (cb) setImmediate(() => cb(response))
return requestEmitter as any
}) as any
}
it('rejects on HTTP 500 without writing a file', async () => {
const requestEmitter = new EventEmitter()
const response = Object.assign(new PassThrough(), {
statusCode: 500,
statusMessage: 'Server Error',
resume() {
/* drain */
}
})
mockHttpsGet(() => ({response: response as any, requestEmitter}))
await expect(
fileUtils.writeYamlFromURLToFile('https://example.com/x.yaml', 99)
).rejects.toThrow(/Server Error/)
})
it('rejects when the response stream errors mid-download', async () => {
const requestEmitter = new EventEmitter()
const response = Object.assign(new PassThrough(), {
statusCode: 200,
statusMessage: 'OK',
resume() {}
})
mockHttpsGet(() => ({response: response as any, requestEmitter}))
const p = fileUtils.writeYamlFromURLToFile(
'https://example.com/y.yaml',
100
)
setImmediate(() => response.emit('error', new Error('socket reset')))
await expect(p).rejects.toThrow(/socket reset/)
})
it('rejects on request-level errors', async () => {
const requestEmitter = new EventEmitter()
const response = Object.assign(new PassThrough(), {
statusCode: 200,
resume() {}
})
mockHttpsGet(() => ({response: response as any, requestEmitter}))
const p = fileUtils.writeYamlFromURLToFile(
'https://example.com/z.yaml',
101
)
setImmediate(() => requestEmitter.emit('error', new Error('DNS failure')))
await expect(p).rejects.toThrow(/DNS failure/)
})
it('removes temp file when verification fails', async () => {
const requestEmitter = new EventEmitter()
const response = Object.assign(new PassThrough(), {
statusCode: 200,
statusMessage: 'OK'
})
mockHttpsGet(() => ({response: response as any, requestEmitter}))
const before = new Set(fs.readdirSync(tempDir))
const p = fileUtils.writeYamlFromURLToFile(
'https://example.com/bad.yaml',
200
)
// Stream a YAML document missing required k8s fields so verifyYaml fails.
setImmediate(() => {
response.end('not: a-real-manifest\n')
})
await expect(p).rejects.toThrow(/missing fields|failed to parse/)
await waitForCleanup()
const after = fs.readdirSync(tempDir).filter((f) => !before.has(f))
expect(after).toEqual([])
})
it('removes temp file on mid-stream response error', async () => {
const requestEmitter = new EventEmitter()
const response = Object.assign(new PassThrough(), {
statusCode: 200,
statusMessage: 'OK',
resume() {}
})
mockHttpsGet(() => ({response: response as any, requestEmitter}))
const before = new Set(fs.readdirSync(tempDir))
const p = fileUtils.writeYamlFromURLToFile(
'https://example.com/midstream.yaml',
201
)
setImmediate(() => {
response.write('kind: Foo\n')
response.emit('error', new Error('socket reset'))
})
await expect(p).rejects.toThrow(/socket reset/)
await waitForCleanup()
const after = fs.readdirSync(tempDir).filter((f) => !before.has(f))
expect(after).toEqual([])
})
})
src/utilities/fileUtils.ts
+84 -269
View File
@@ -1,294 +1,109 @@
import fs from 'node:fs' import * as fs from "fs";
import * as https from 'https' import * as path from "path";
import * as path from 'path' import * as core from "@actions/core";
import * as core from '@actions/core' import * as os from "os";
import * as os from 'os' import { getCurrentTime } from "./timeUtils";
import * as yaml from 'js-yaml'
import {Errorable, succeeded, failed, Failed} from '../types/errorable.js'
import {getCurrentTime} from './timeUtils.js'
import {isHttpUrl} from './githubUtils.js'
import {K8sObject} from '../types/k8sObject.js'
export const urlFileKind = 'urlfile'
let moveCounter = 0
export function getTempDirectory(): string { export function getTempDirectory(): string {
return process.env['RUNNER_TEMP'] || os.tmpdir() return process.env["runner.tempDirectory"] || os.tmpdir();
}
// Exported for tests. Validates that `inputPath` resolves (after symlink
// resolution) to a location inside GITHUB_WORKSPACE. When GITHUB_WORKSPACE
// is not set (e.g. local dev / unit tests), the check is skipped — callers
// that write to RUNNER_TEMP still get protection from basename-only
// destinations.
export function assertPathWithinWorkspace(inputPath: string): string {
const workspace = process.env.GITHUB_WORKSPACE
if (!workspace) {
core.warning(
'GITHUB_WORKSPACE is not set; skipping manifest path containment check'
)
return inputPath
}
const resolvedWorkspace = fs.realpathSync(path.resolve(workspace))
// Resolve relative inputs against the workspace (not process.cwd()), so
// a relative `manifests:` input is interpreted consistently regardless of
// whether a prior step changed the working directory. Absolute paths are
// passed through unchanged and still validated below.
const absoluteInput = path.isAbsolute(inputPath)
? inputPath
: path.resolve(resolvedWorkspace, inputPath)
let resolvedInput: string
try {
resolvedInput = fs.realpathSync(absoluteInput)
} catch (e) {
throw new Error(
`manifest path ${inputPath} does not exist or is not readable: ${e}`
)
}
const rel = path.relative(resolvedWorkspace, resolvedInput)
if (
rel === '' ||
(rel !== '..' &&
!rel.startsWith('..' + path.sep) &&
!path.isAbsolute(rel))
) {
return resolvedInput
}
throw new Error(
`manifest path ${inputPath} resolves to ${resolvedInput}, ` +
`which is outside the workspace ${resolvedWorkspace}`
)
} }
export function writeObjectsToFile(inputObjects: any[]): string[] { export function writeObjectsToFile(inputObjects: any[]): string[] {
const newFilePaths = [] const newFilePaths = [];
inputObjects.forEach((inputObject: any) => { inputObjects.forEach((inputObject: any) => {
try { try {
const inputObjectString = JSON.stringify(inputObject) const inputObjectString = JSON.stringify(inputObject);
if (inputObject?.metadata?.name) { if (inputObject?.metadata?.name) {
const fileName = getNewTempManifestFileName( const fileName = getManifestFileName(
inputObject.kind, inputObject.kind,
inputObject.metadata.name inputObject.metadata.name
) );
fs.writeFileSync(path.join(fileName), inputObjectString) fs.writeFileSync(path.join(fileName), inputObjectString);
newFilePaths.push(fileName) newFilePaths.push(fileName);
} else { } else {
core.debug( core.debug(
'Input object is not proper K8s resource object. Object: ' + "Input object is not proper K8s resource object. Object: " +
inputObjectString inputObjectString
) );
}
} catch (ex) {
core.debug(
`Exception occurred while writing object to file ${inputObject}: ${ex}`
)
} }
}) } catch (ex) {
core.debug(
`Exception occurred while writing object to file ${inputObject}: ${ex}`
);
}
});
return newFilePaths return newFilePaths;
} }
export function writeManifestToFile( export function writeManifestToFile(
inputObjectString: string, inputObjectString: string,
kind: string, kind: string,
name: string name: string
): string { ): string {
if (inputObjectString) { if (inputObjectString) {
try {
const fileName = getManifestFileName(kind, name);
fs.writeFileSync(path.join(fileName), inputObjectString);
return fileName;
} catch (ex) {
throw Error(
`Exception occurred while writing object to file: ${inputObjectString}. Exception: ${ex}`
);
}
}
}
function getManifestFileName(kind: string, name: string) {
const filePath = `${kind}_${name}_ ${getCurrentTime().toString()}`;
const tempDirectory = getTempDirectory();
return path.join(tempDirectory, path.basename(filePath));
}
export function getFilesFromDirectories(
filePaths: string[]
): string[]{
const fullPathSet: Set<string> = new Set<string>()
filePaths.forEach((fileName => {
try { try {
const fileName = getNewTempManifestFileName(kind, name) if(fs.lstatSync(fileName).isDirectory()){
fs.writeFileSync(path.join(fileName), inputObjectString) recurisveManifestGetter(fileName).forEach((file) => {fullPathSet.add(file)})
return fileName } else if(getFileExtension(fileName) === "yml" || getFileExtension(fileName) === "yaml"){
fullPathSet.add(fileName)
} else{
core.debug(`Detected non-manifest file, ${fileName}, continuing... ` )
}
} catch (ex) { } catch (ex) {
throw Error( throw Error(
`Exception occurred while writing object to file: ${inputObjectString}. Exception: ${ex}` `Exception occurred while reading the file ${fileName}: ${ex}`
) );
} }
} }))
return Array.from(fullPathSet)
} }
export function moveFileToTmpDir(originalFilepath: string) { function recurisveManifestGetter(dirName: string): string[]{
const safeSource = assertPathWithinWorkspace(originalFilepath) const toRet: string[] = []
const tempDirectory = getTempDirectory()
const ext = path.extname(safeSource)
const base = path.basename(safeSource, ext)
const uniqueName = `${base}_${getCurrentTime()}_${moveCounter++}${ext}`
const newPath = path.join(tempDirectory, uniqueName)
core.debug(`reading original contents from path: ${originalFilepath}`) fs.readdirSync(dirName).forEach((fileName) => {
const contents = fs.readFileSync(safeSource)
core.debug(`writing contents to new path ${newPath}`)
fs.writeFileSync(newPath, contents)
core.debug(`moved contents from ${originalFilepath} to ${newPath}`)
return newPath
}
function getNewTempManifestFileName(kind: string, name: string) {
const filePath = `${kind}_${name}_${getCurrentTime().toString()}`
const tempDirectory = getTempDirectory()
return path.join(tempDirectory, path.basename(filePath))
}
export async function getFilesFromDirectoriesAndURLs(
filePaths: string[]
): Promise<string[]> {
const fullPathSet: Set<string> = new Set<string>()
let fileCounter = 0
for (const fileName of filePaths) {
try {
if (isHttpUrl(fileName)) {
try {
const tempFilePath: string = await writeYamlFromURLToFile(
fileName,
fileCounter++
)
fullPathSet.add(tempFilePath)
} catch (e) {
throw Error(
`encountered error trying to pull YAML from URL ${fileName}: ${e}`
)
}
continue
}
const safePath = assertPathWithinWorkspace(fileName)
if (fs.lstatSync(safePath).isDirectory()) {
recurisveManifestGetter(safePath).forEach((file) => {
fullPathSet.add(file)
})
} else if (
getFileExtension(safePath) === 'yml' ||
getFileExtension(safePath) === 'yaml'
) {
fullPathSet.add(safePath)
} else {
core.debug(
`Detected non-manifest file, ${fileName}, continuing... `
)
}
} catch (ex) {
throw Error(
`Exception occurred while reading the file ${fileName}: ${ex}`
)
}
}
const arr = Array.from(fullPathSet)
return arr
}
export async function writeYamlFromURLToFile(
url: string,
fileNumber: number
): Promise<string> {
return new Promise((resolve, reject) => {
https
.get(url, (response) => {
const code = response.statusCode ?? 0
if (code >= 400) {
response.resume()
reject(
new Error(
`received response status ${response.statusMessage} from url ${url}`
)
)
return
}
const targetPath = getNewTempManifestFileName(
urlFileKind,
fileNumber.toString()
)
// Once the write stream is created the file exists on disk;
// route all post-stream rejections through this helper so we
// don't leave truncated YAML in RUNNER_TEMP for later tooling
// to pick up. Do NOT unlink on the success path.
const cleanupAndReject = (err: unknown) => {
fs.rm(targetPath, {force: true}, () => reject(err))
}
const fileWriter = fs.createWriteStream(targetPath)
fileWriter.on('error', cleanupAndReject)
fileWriter.on('finish', () => {
try {
const verification = verifyYaml(targetPath, url)
if (succeeded(verification)) {
core.debug(
`outputting YAML contents from ${url} to ${targetPath}: ${JSON.stringify(
verification.result
)}`
)
resolve(targetPath)
} else {
cleanupAndReject(new Error(verification.error))
}
} catch (e) {
cleanupAndReject(e)
}
})
response.on('error', cleanupAndReject)
response.pipe(fileWriter)
})
.on('error', reject)
})
}
function verifyYaml(filepath: string, url: string): Errorable<K8sObject[]> {
const fileContents = fs.readFileSync(filepath).toString()
let inputObjects
try {
inputObjects = yaml.loadAll(fileContents)
} catch (e) {
return {
succeeded: false,
error: `failed to parse manifest from url ${url}: ${e}`
}
}
if (!inputObjects || inputObjects.length == 0) {
return {
succeeded: false,
error: `failed to parse manifest from url ${url}: no objects detected in manifest`
}
}
for (const obj of inputObjects) {
if (obj == null || !obj.kind || !obj.apiVersion || !obj.metadata) {
return {
succeeded: false,
error: `failed to parse manifest from ${url}: missing fields`
}
}
}
return {succeeded: true, result: inputObjects}
}
function recurisveManifestGetter(dirName: string): string[] {
const toRet: string[] = []
fs.readdirSync(dirName).forEach((fileName) => {
const fnwd: string = path.join(dirName, fileName) const fnwd: string = path.join(dirName, fileName)
if (fs.lstatSync(fnwd).isDirectory()) { if(fs.lstatSync(fnwd).isDirectory()){
toRet.push(...recurisveManifestGetter(fnwd)) toRet.push(...recurisveManifestGetter(fnwd))
} else if ( } else if(getFileExtension(fileName) === "yml" || getFileExtension(fileName) === "yaml"){
getFileExtension(fileName) === 'yml' || toRet.push(path.join(dirName, fileName))
getFileExtension(fileName) === 'yaml' } else{
) { core.debug(`Detected non-manifest file, ${fileName}, continuing... ` )
toRet.push(assertPathWithinWorkspace(fnwd))
} else {
core.debug(`Detected non-manifest file, ${fileName}, continuing... `)
} }
}) })
return toRet return toRet
} }
function getFileExtension(fileName: string) { function getFileExtension(fileName: string){
return fileName.slice(((fileName.lastIndexOf('.') - 1) >>> 0) + 2) return fileName.slice((fileName.lastIndexOf(".") - 1 >>> 0) + 2)
} }
src/utilities/githubUtils.test.ts
+40 -40
View File
@@ -1,48 +1,48 @@
import { import {
getNormalizedPath, getNormalizedPath,
isHttpUrl, isHttpUrl,
normalizeWorkflowStrLabel normalizeWorkflowStrLabel,
} from './githubUtils.js' } from "./githubUtils";
describe('Github utils', () => { describe("Github utils", () => {
it('normalizes workflow string labels', () => { it("normalizes workflow string labels", () => {
const workflowsPath = '.github/workflows/' const workflowsPath = ".github/workflows/";
const path = 'test/path/test' const path = "test/path/test";
expect(normalizeWorkflowStrLabel(workflowsPath + path)).toBe(path) expect(normalizeWorkflowStrLabel(workflowsPath + path)).toBe(path);
expect(normalizeWorkflowStrLabel(path)).toBe(path) expect(normalizeWorkflowStrLabel(path)).toBe(path);
expect(normalizeWorkflowStrLabel(path + workflowsPath)).toBe( expect(normalizeWorkflowStrLabel(path + workflowsPath)).toBe(
path + workflowsPath path + workflowsPath
) );
expect(normalizeWorkflowStrLabel(path + ' ' + path)).toBe( expect(normalizeWorkflowStrLabel(path + " " + path)).toBe(
path + '_' + path path + "_" + path
) );
}) });
it('normalizes path', () => { it("normalizes path", () => {
const httpUrl = 'http://www.test.com' const httpUrl = "http://www.test.com";
expect(getNormalizedPath(httpUrl)).toBe(httpUrl) expect(getNormalizedPath(httpUrl)).toBe(httpUrl);
const httpsUrl = 'https://www.test.com' const httpsUrl = "https://www.test.com";
expect(getNormalizedPath(httpsUrl)).toBe(httpsUrl) expect(getNormalizedPath(httpsUrl)).toBe(httpsUrl);
const repo = 'gh_repo' const repo = "gh_repo";
const sha = 'gh_sha' const sha = "gh_sha";
const path = 'path' const path = "path";
process.env.GITHUB_REPOSITORY = repo process.env.GITHUB_REPOSITORY = repo;
process.env.GITHUB_SHA = sha process.env.GITHUB_SHA = sha;
expect(getNormalizedPath(path)).toBe( expect(getNormalizedPath(path)).toBe(
`https://github.com/${repo}/blob/${sha}/${path}` `https://github.com/${repo}/blob/${sha}/${path}`
) );
}) });
it('checks if url is http', () => { it("checks if url is http", () => {
expect(isHttpUrl('www.test.com')).toBe(false) expect(isHttpUrl("www.test.com")).toBe(false);
expect(isHttpUrl('http.test.com')).toBe(false) expect(isHttpUrl("http.test.com")).toBe(false);
expect(isHttpUrl('http:.test.com')).toBe(false) expect(isHttpUrl("http:.test.com")).toBe(false);
expect(isHttpUrl('http:/.test.com')).toBe(false) expect(isHttpUrl("http:/.test.com")).toBe(false);
expect(isHttpUrl('https://www.test.com')).toBe(true) expect(isHttpUrl("https://www.test.com")).toBe(true);
expect(isHttpUrl('http://wwww.test.com')).toBe(true) expect(isHttpUrl("http://wwww.test.com")).toBe(true);
}) });
}) });
src/utilities/githubUtils.ts
+39 -39
View File
@@ -1,54 +1,54 @@
import {GitHubClient, OkStatusCode} from '../types/githubClient.js' import { GitHubClient, OkStatusCode } from "../types/githubClient";
import * as core from '@actions/core' import * as core from "@actions/core";
export async function getWorkflowFilePath( export async function getWorkflowFilePath(
githubToken: string githubToken: string
): Promise<string> { ): Promise<string> {
let workflowFilePath = process.env.GITHUB_WORKFLOW let workflowFilePath = process.env.GITHUB_WORKFLOW;
if (!workflowFilePath.startsWith('.github/workflows/')) { if (!workflowFilePath.startsWith(".github/workflows/")) {
const githubClient = new GitHubClient( const githubClient = new GitHubClient(
process.env.GITHUB_REPOSITORY, process.env.GITHUB_REPOSITORY,
githubToken githubToken
) );
const response = await githubClient.getWorkflows() const response = await githubClient.getWorkflows();
if (response) { if (response) {
if (response.status === OkStatusCode && response.data.total_count) { if (response.status === OkStatusCode && response.data.total_count) {
if (response.data.total_count > 0) { if (response.data.total_count > 0) {
for (const workflow of response.data.workflows) { for (const workflow of response.data.workflows) {
if (process.env.GITHUB_WORKFLOW === workflow.name) { if (process.env.GITHUB_WORKFLOW === workflow.name) {
workflowFilePath = workflow.path workflowFilePath = workflow.path;
break break;
}
}
} }
} else if (response.status != OkStatusCode) { }
core.error( }
`An error occurred while getting list of workflows on the repo. Status code: ${response.status}` } else if (response.status != OkStatusCode) {
) core.error(
} `An error occurred while getting list of workflows on the repo. Status code: ${response.status}`
} else { );
core.error(`Failed to get response from workflow list API`)
} }
} } else {
return Promise.resolve(workflowFilePath) core.error(`Failed to get response from workflow list API`);
}
}
return Promise.resolve(workflowFilePath);
} }
export function normalizeWorkflowStrLabel(workflowName: string): string { export function normalizeWorkflowStrLabel(workflowName: string): string {
const workflowsPath = '.github/workflows/' const workflowsPath = ".github/workflows/";
workflowName = workflowName.startsWith(workflowsPath) workflowName = workflowName.startsWith(workflowsPath)
? workflowName.replace(workflowsPath, '') ? workflowName.replace(workflowsPath, "")
: workflowName : workflowName;
return workflowName.replace(/ /g, '_') return workflowName.replace(/ /g, "_");
} }
export function getNormalizedPath(pathValue: string) { export function getNormalizedPath(pathValue: string) {
if (!isHttpUrl(pathValue)) { if (!isHttpUrl(pathValue)) {
//if it is not an http url then convert to link from current repo and commit //if it is not an http url then convert to link from current repo and commit
return `https://github.com/${process.env.GITHUB_REPOSITORY}/blob/${process.env.GITHUB_SHA}/${pathValue}` return `https://github.com/${process.env.GITHUB_REPOSITORY}/blob/${process.env.GITHUB_SHA}/${pathValue}`;
} }
return pathValue return pathValue;
} }
export function isHttpUrl(url: string) { export function isHttpUrl(url: string) {
return /^https?:\/\/.*$/.test(url) return /^https?:\/\/.*$/.test(url);
} }
src/utilities/kubectlUtils.test.ts
+54 -58
View File
@@ -1,65 +1,61 @@
import {vi} from 'vitest' import * as core from "@actions/core";
vi.mock('@actions/core') import { ExecOutput } from "@actions/exec";
import { checkForErrors } from "./kubectlUtils";
import * as core from '@actions/core' describe("Kubectl utils", () => {
import {ExecOutput} from '@actions/exec' it("checks for errors", () => {
import {checkForErrors} from './kubectlUtils.js' const success: ExecOutput = { stderr: "", stdout: "success", exitCode: 0 };
const successWithStderr: ExecOutput = {
stderr: "error",
stdout: "",
exitCode: 0,
};
const failWithExitCode: ExecOutput = {
stderr: "",
stdout: "",
exitCode: 1,
};
const failWithExitWithStderr: ExecOutput = {
stderr: "error",
stdout: "",
exitCode: 2,
};
describe('Kubectl utils', () => { // with throw behavior
it('checks for errors', () => { expect(() => checkForErrors([success])).not.toThrow();
const success: ExecOutput = {stderr: '', stdout: 'success', exitCode: 0} expect(() => checkForErrors([successWithStderr])).not.toThrow();
const successWithStderr: ExecOutput = { expect(() => checkForErrors([success, successWithStderr])).not.toThrow();
stderr: 'error', expect(() => checkForErrors([failWithExitCode])).toThrow();
stdout: '', expect(() => checkForErrors([failWithExitWithStderr])).toThrow();
exitCode: 0 expect(() => checkForErrors([success, failWithExitCode])).toThrow();
} expect(() =>
const failWithExitCode: ExecOutput = { checkForErrors([successWithStderr, failWithExitCode])
stderr: '', ).toThrow();
stdout: '', expect(() =>
exitCode: 1 checkForErrors([success, successWithStderr, failWithExitCode])
} ).toThrow();
const failWithExitWithStderr: ExecOutput = { expect(() =>
stderr: 'error', checkForErrors([success, successWithStderr, failWithExitWithStderr])
stdout: '', ).toThrow();
exitCode: 2
}
// with throw behavior // with warn behavior
expect(() => checkForErrors([success])).not.toThrow() jest.spyOn(core, "warning").mockImplementation(() => {});
expect(() => checkForErrors([successWithStderr])).not.toThrow() let warningCalls = 0;
expect(() => checkForErrors([success, successWithStderr])).not.toThrow() expect(() => checkForErrors([success], true)).not.toThrow();
expect(() => checkForErrors([failWithExitCode])).toThrow() expect(core.warning).toBeCalledTimes(warningCalls);
expect(() => checkForErrors([failWithExitWithStderr])).toThrow()
expect(() => checkForErrors([success, failWithExitCode])).toThrow()
expect(() =>
checkForErrors([successWithStderr, failWithExitCode])
).toThrow()
expect(() =>
checkForErrors([success, successWithStderr, failWithExitCode])
).toThrow()
expect(() =>
checkForErrors([success, successWithStderr, failWithExitWithStderr])
).toThrow()
// with warn behavior expect(() => checkForErrors([successWithStderr], true)).not.toThrow();
const warnSpy = vi.spyOn(core, 'warning').mockImplementation(() => {}) expect(core.warning).toBeCalledTimes(++warningCalls);
warnSpy.mockClear()
let warningCalls = 0
expect(() => checkForErrors([success], true)).not.toThrow()
expect(core.warning).toHaveBeenCalledTimes(warningCalls)
expect(() => checkForErrors([successWithStderr], true)).not.toThrow() expect(() =>
expect(core.warning).toHaveBeenCalledTimes(++warningCalls) checkForErrors([success, successWithStderr], true)
).not.toThrow();
expect(core.warning).toBeCalledTimes(++warningCalls);
expect(() => expect(() => checkForErrors([failWithExitCode], true)).not.toThrow();
checkForErrors([success, successWithStderr], true) expect(core.warning).toBeCalledTimes(++warningCalls);
).not.toThrow()
expect(core.warning).toHaveBeenCalledTimes(++warningCalls)
expect(() => checkForErrors([failWithExitCode], true)).not.toThrow() expect(() => checkForErrors([failWithExitWithStderr], true)).not.toThrow();
expect(core.warning).toHaveBeenCalledTimes(++warningCalls) expect(core.warning).toBeCalledTimes(++warningCalls);
});
expect(() => checkForErrors([failWithExitWithStderr], true)).not.toThrow() });
expect(core.warning).toHaveBeenCalledTimes(++warningCalls)
})
})
src/utilities/kubectlUtils.ts
+66 -86
View File
@@ -1,102 +1,82 @@
import * as core from '@actions/core' import * as core from "@actions/core";
import {ExecOutput} from '@actions/exec' import { ExecOutput } from "@actions/exec";
import {Kubectl} from '../types/kubectl.js' import { Kubectl } from "../types/kubectl";
const NAMESPACE = 'namespace'
export function checkForErrors( export function checkForErrors(
execResults: ExecOutput[], execResults: ExecOutput[],
warnIfError?: boolean warnIfError?: boolean
) { ) {
let stderr = '' let stderr = "";
execResults.forEach((result) => { execResults.forEach((result) => {
if (result?.exitCode !== 0) { if (result?.exitCode !== 0) {
stderr += result?.stderr + ' \n' stderr += result?.stderr + " \n";
} else if (result?.stderr) { } else if (result?.stderr) {
core.warning(result.stderr) core.warning(result.stderr);
} }
}) });
if (stderr.length > 0) { if (stderr.length > 0) {
if (warnIfError) { if (warnIfError) {
core.warning(stderr.trim()) core.warning(stderr.trim());
} else { } else {
throw new Error(stderr.trim()) throw new Error(stderr.trim());
} }
} }
} }
export async function getLastSuccessfulRunSha( export async function getLastSuccessfulRunSha(
kubectl: Kubectl, kubectl: Kubectl,
namespaceName: string, namespaceName: string,
annotationKey: string annotationKey: string
): Promise<string> { ): Promise<string> {
try { try {
const result = await kubectl.getResource( const result = await kubectl.getResource("namespace", namespaceName);
NAMESPACE, if (result?.stderr) {
namespaceName, core.warning(result.stderr);
false, return process.env.GITHUB_SHA;
namespaceName } else if (result?.stdout) {
) const annotationsSet = JSON.parse(result.stdout).metadata.annotations;
if (result?.stderr) { if (annotationsSet && annotationsSet[annotationKey]) {
core.warning(result.stderr) return JSON.parse(annotationsSet[annotationKey].replace(/'/g, '"'))
return process.env.GITHUB_SHA .commit;
} else if (result?.stdout) { } else {
const annotationsSet = JSON.parse(result.stdout).metadata.annotations return "NA";
if (annotationsSet && annotationsSet[annotationKey]) {
return JSON.parse(annotationsSet[annotationKey].replace(/'/g, '"'))
.commit
} else {
return 'NA'
}
} }
} catch (ex) { }
core.warning(`Failed to get commits from cluster. ${JSON.stringify(ex)}`) } catch (ex) {
return '' core.warning(`Failed to get commits from cluster. ${JSON.stringify(ex)}`);
} return "";
}
} }
export async function annotateChildPods( export async function annotateChildPods(
kubectl: Kubectl, kubectl: Kubectl,
resourceType: string, resourceType: string,
resourceName: string, resourceName: string,
namespace: string | undefined, annotationKeyValStr: string,
annotationKeyValStr: string allPods
): Promise<ExecOutput[]> { ): Promise<ExecOutput[]> {
let owner = resourceName let owner = resourceName;
if (resourceType.toLowerCase().indexOf('deployment') > -1) { if (resourceType.toLowerCase().indexOf("deployment") > -1) {
owner = await kubectl.getNewReplicaSet(resourceName, namespace) owner = await kubectl.getNewReplicaSet(resourceName);
} }
const commandExecutionResults = [] const commandExecutionResults = [];
if (allPods?.items && allPods.items?.length > 0) {
allPods.items.forEach((pod) => {
const owners = pod?.metadata?.ownerReferences;
if (owners) {
for (const ownerRef of owners) {
if (ownerRef.name === owner) {
commandExecutionResults.push(
kubectl.annotate("pod", pod.metadata.name, annotationKeyValStr)
);
break;
}
}
}
});
}
let allPods return await Promise.all(commandExecutionResults);
try {
allPods = JSON.parse((await kubectl.getAllPods()).stdout)
} catch (e) {
core.debug(`Unable to parse pods: ${e}`)
}
if (allPods?.items && allPods.items?.length > 0) {
allPods.items.forEach((pod) => {
const owners = pod?.metadata?.ownerReferences
if (owners) {
for (const ownerRef of owners) {
if (ownerRef.name === owner) {
commandExecutionResults.push(
kubectl.annotate(
'pod',
pod.metadata.name,
annotationKeyValStr,
namespace
)
)
break
}
}
}
})
}
return await Promise.all(commandExecutionResults)
} }
src/utilities/manifestPullSecretUtils.ts
+31 -45
View File
@@ -1,58 +1,44 @@
import {KubernetesWorkload} from '../types/kubernetesTypes.js' import { KubernetesWorkload } from "../types/kubernetesTypes";
export function getImagePullSecrets(inputObject: any) { export function getImagePullSecrets(inputObject: any) {
const kind = inputObject?.kind?.toLowerCase() if (!inputObject?.spec) return null;
const spec = inputObject?.spec
if (!spec || !kind) return null if (
inputObject.kind.toLowerCase() === KubernetesWorkload.CRON_JOB.toLowerCase()
)
return inputObject?.spec?.jobTemplate?.spec?.template?.spec
?.imagePullSecrets;
switch (kind) { if (inputObject.kind.toLowerCase() === KubernetesWorkload.POD.toLowerCase())
case KubernetesWorkload.CRON_JOB.toLowerCase(): return inputObject.spec.imagePullSecrets;
return spec.jobTemplate?.spec?.template?.spec?.imagePullSecrets
case KubernetesWorkload.SCALED_JOB.toLowerCase(): if (inputObject?.spec?.template?.spec) {
return spec.jobTargetRef?.template?.spec?.imagePullSecrets return inputObject.spec.template.spec.imagePullSecrets;
}
case KubernetesWorkload.POD.toLowerCase():
return spec.imagePullSecrets
default:
return spec.template?.spec?.imagePullSecrets || null
}
} }
export function setImagePullSecrets( export function setImagePullSecrets(
inputObject: any, inputObject: any,
newImagePullSecrets: any newImagePullSecrets: any
) { ) {
const kind = inputObject?.kind?.toLowerCase() if (!inputObject || !inputObject.spec || !newImagePullSecrets) return;
const spec = inputObject?.spec
if (!inputObject || !spec || !newImagePullSecrets || !kind) return if (inputObject.kind.toLowerCase() === KubernetesWorkload.POD.toLowerCase()) {
inputObject.spec.imagePullSecrets = newImagePullSecrets;
return;
}
switch (kind) { if (
case KubernetesWorkload.POD.toLowerCase(): inputObject.kind.toLowerCase() === KubernetesWorkload.CRON_JOB.toLowerCase()
spec.imagePullSecrets = newImagePullSecrets ) {
break if (inputObject?.spec?.jobTemplate?.spec?.template?.spec)
inputObject.spec.jobTemplate.spec.template.spec.imagePullSecrets =
newImagePullSecrets;
return;
}
case KubernetesWorkload.CRON_JOB.toLowerCase(): if (inputObject?.spec?.template?.spec) {
if (spec.jobTemplate?.spec?.template?.spec) { inputObject.spec.template.spec.imagePullSecrets = newImagePullSecrets;
spec.jobTemplate.spec.template.spec.imagePullSecrets = return;
newImagePullSecrets }
}
break
case KubernetesWorkload.SCALED_JOB.toLowerCase():
if (spec.jobTargetRef?.template?.spec) {
spec.jobTargetRef.template.spec.imagePullSecrets =
newImagePullSecrets
}
break
default:
if (spec.template?.spec) {
spec.template.spec.imagePullSecrets = newImagePullSecrets
}
break
}
} }
src/utilities/manifestSpecLabelUtils.ts
+45 -71
View File
@@ -1,97 +1,71 @@
import { import {
InputObjectKindNotDefinedError, InputObjectKindNotDefinedError,
isServiceEntity, isServiceEntity,
KubernetesWorkload, KubernetesWorkload,
NullInputObjectError NullInputObjectError,
} from '../types/kubernetesTypes.js' } from "../types/kubernetesTypes";
export function updateSpecLabels( export function updateSpecLabels(
inputObject: any, inputObject: any,
newLabels: Map<string, string>, newLabels: Map<string, string>,
override: boolean override: boolean
) { ) {
if (!inputObject) throw NullInputObjectError if (!inputObject) throw NullInputObjectError;
if (!inputObject.kind) throw InputObjectKindNotDefinedError if (!inputObject.kind) throw InputObjectKindNotDefinedError;
if (!newLabels) return if (!newLabels) return;
let existingLabels = getSpecLabels(inputObject) let existingLabels = getSpecLabels(inputObject);
if (override) { if (override) {
existingLabels = newLabels existingLabels = newLabels;
} else { } else {
existingLabels = existingLabels || new Map<string, string>() existingLabels = existingLabels || new Map<string, string>();
Object.keys(newLabels).forEach( Object.keys(newLabels).forEach(
(key) => (existingLabels[key] = newLabels[key]) (key) => (existingLabels[key] = newLabels[key])
) );
} }
setSpecLabels(inputObject, existingLabels) setSpecLabels(inputObject, existingLabels);
} }
function getSpecLabels(inputObject: any) { function getSpecLabels(inputObject: any) {
const kind = inputObject?.kind?.toLowerCase() if (!inputObject) return null;
const spec = inputObject?.spec
if (!inputObject || !kind) return null if (inputObject.kind.toLowerCase() === KubernetesWorkload.POD.toLowerCase())
return inputObject.metadata.labels;
switch (kind) { if (inputObject?.spec?.template?.metadata)
case KubernetesWorkload.POD.toLowerCase(): return inputObject.spec.template.metadata.labels;
return inputObject.metadata.labels
case KubernetesWorkload.CRON_JOB.toLowerCase(): return null;
return spec?.jobTemplate?.spec?.template?.metadata?.labels
case KubernetesWorkload.SCALED_JOB.toLowerCase():
return spec?.jobTargetRef?.template?.metadata?.labels
default:
return spec?.template?.metadata?.labels || null
}
} }
function setSpecLabels(inputObject: any, newLabels: any) { function setSpecLabels(inputObject: any, newLabels: any) {
const kind = inputObject?.kind?.toLowerCase() if (!inputObject || !newLabels) return null;
const spec = inputObject?.spec
if (!inputObject || !newLabels || !kind) return null if (inputObject.kind.toLowerCase() === KubernetesWorkload.POD.toLowerCase()) {
inputObject.metadata.labels = newLabels;
return;
}
switch (kind) { if (inputObject?.spec?.template?.metatada) {
case KubernetesWorkload.POD.toLowerCase(): inputObject.spec.template.metatada.labels = newLabels;
inputObject.metadata.labels = newLabels return;
break }
case KubernetesWorkload.CRON_JOB.toLowerCase():
if (spec?.jobTemplate?.spec?.template?.metadata) {
spec.jobTemplate.spec.template.metadata.labels = newLabels
}
break
case KubernetesWorkload.SCALED_JOB.toLowerCase():
if (spec?.jobTargetRef?.template?.metadata) {
spec.jobTargetRef.template.metadata.labels = newLabels
}
break
default:
if (spec?.template?.metadata) {
spec.template.metadata.labels = newLabels
}
break
}
} }
export function getSpecSelectorLabels(inputObject: any) { export function getSpecSelectorLabels(inputObject: any) {
if (inputObject?.spec?.selector) { if (inputObject?.spec?.selector) {
if (isServiceEntity(inputObject.kind)) return inputObject.spec.selector if (isServiceEntity(inputObject.kind)) return inputObject.spec.selector;
else return inputObject.spec.selector.matchLabels else return inputObject.spec.selector.matchLabels;
} }
} }
export function setSpecSelectorLabels(inputObject: any, newLabels: any) { export function setSpecSelectorLabels(inputObject: any, newLabels: any) {
if (inputObject?.spec?.selector) { if (inputObject?.spec?.selector) {
if (isServiceEntity(inputObject.kind)) if (isServiceEntity(inputObject.kind))
inputObject.spec.selector = newLabels inputObject.spec.selector = newLabels;
else inputObject.spec.selector.matchLabels = newLabels else inputObject.spec.selector.matchLabels = newLabels;
} }
} }
src/utilities/manifestStabilityUtils.test.ts
-622
View File
@@ -1,622 +0,0 @@
import {vi} from 'vitest'
import type {MockInstance} from 'vitest'
vi.mock('@actions/core', async (importOriginal) => {
const actual: any = await importOriginal()
return {
...actual,
getInput: vi.fn().mockReturnValue(''),
debug: vi.fn(),
info: vi.fn(),
warning: vi.fn(),
error: vi.fn(),
setFailed: vi.fn(),
setOutput: vi.fn()
}
})
import * as manifestStabilityUtils from './manifestStabilityUtils.js'
import {Kubectl} from '../types/kubectl.js'
import {
ResourceTypeFleet,
ResourceTypeManagedCluster
} from '../actions/deploy.js'
import {ExecOutput} from '@actions/exec'
import {exitCode, stdout} from 'process'
import * as core from '@actions/core'
import * as timeUtils from './timeUtils.js'
describe('manifestStabilityUtils', () => {
const kc = new Kubectl('')
const resources = [
{
type: 'deployment',
name: 'test',
namespace: 'default'
}
]
it('should return immediately if the resource type is fleet', async () => {
const spy = vi.spyOn(manifestStabilityUtils, 'checkManifestStability')
const checkRolloutStatusSpy = vi.spyOn(kc, 'checkRolloutStatus')
await manifestStabilityUtils.checkManifestStability(
kc,
resources,
ResourceTypeFleet
)
expect(checkRolloutStatusSpy).not.toHaveBeenCalled()
expect(spy).toHaveReturned()
})
it('should run fully if the resource type is managedCluster', async () => {
const spy = vi.spyOn(manifestStabilityUtils, 'checkManifestStability')
const checkRolloutStatusSpy = vi
.spyOn(kc, 'checkRolloutStatus')
.mockImplementation(() => {
return new Promise<ExecOutput>((resolve, reject) => {
resolve({
exitCode: 0,
stderr: '',
stdout: ''
})
})
})
await manifestStabilityUtils.checkManifestStability(
kc,
resources,
ResourceTypeManagedCluster
)
expect(checkRolloutStatusSpy).toHaveBeenCalled()
expect(spy).toHaveReturned()
})
it('should pass timeout to checkRolloutStatus when provided', async () => {
const timeout = '300s'
const checkRolloutStatusSpy = vi
.spyOn(kc, 'checkRolloutStatus')
.mockImplementation(() => {
return new Promise<ExecOutput>((resolve, reject) => {
resolve({
exitCode: 0,
stderr: '',
stdout: ''
})
})
})
await manifestStabilityUtils.checkManifestStability(
kc,
resources,
ResourceTypeManagedCluster,
timeout
)
expect(checkRolloutStatusSpy).toHaveBeenCalledWith(
'deployment',
'test',
'default',
timeout
)
})
it('should call checkRolloutStatus without timeout when not provided', async () => {
const checkRolloutStatusSpy = vi
.spyOn(kc, 'checkRolloutStatus')
.mockImplementation(() => {
return new Promise<ExecOutput>((resolve, reject) => {
resolve({
exitCode: 0,
stderr: '',
stdout: ''
})
})
})
await manifestStabilityUtils.checkManifestStability(
kc,
resources,
ResourceTypeManagedCluster
)
expect(checkRolloutStatusSpy).toHaveBeenCalledWith(
'deployment',
'test',
'default',
undefined
)
})
})
describe('checkManifestStability failure and resource-specific scenarios', () => {
let kc: Kubectl
let coreErrorSpy: MockInstance
let coreInfoSpy: MockInstance
let coreWarningSpy: MockInstance
beforeEach(() => {
kc = new Kubectl('', 'default')
coreErrorSpy = vi.spyOn(core, 'error').mockImplementation(() => {})
coreInfoSpy = vi.spyOn(core, 'info').mockImplementation(() => {})
coreWarningSpy = vi.spyOn(core, 'warning').mockImplementation(() => {})
})
afterEach(() => {
vi.restoreAllMocks()
})
it('should call describe and collect errors when a rollout fails', async () => {
const resources = [
{type: 'deployment', name: 'failing-app', namespace: 'app-ns-123'}
]
const rolloutError = new Error('Progress deadline exceeded')
const describeOutput =
'Events:\n Type\tReason\tMessage\n Normal\tScalingReplicaSet\tScaled up replica set failing-app-123 to 1'
// Arrange: Mock rollout to fail and describe to succeed
const checkRolloutStatusSpy = vi
.spyOn(kc, 'checkRolloutStatus')
.mockRejectedValue(rolloutError)
const describeSpy = vi.spyOn(kc, 'describe').mockResolvedValue({
stdout: describeOutput,
stderr: '',
exitCode: 0
})
// Act & Assert: Expect the function to throw the final aggregated error
const expectedErrorMessage = `Rollout failed for deployment/failing-app in namespace app-ns-123: ${rolloutError.message}`
await expect(
manifestStabilityUtils.checkManifestStability(
kc,
resources,
ResourceTypeManagedCluster
)
).rejects.toThrow(
`Rollout status failed for the following resources:\n${expectedErrorMessage}`
)
// Assert that the correct functions were called
expect(checkRolloutStatusSpy).toHaveBeenCalledTimes(1)
expect(coreErrorSpy).toHaveBeenCalledWith(expectedErrorMessage)
expect(describeSpy).toHaveBeenCalledWith(
'deployment',
'failing-app',
false,
'app-ns-123'
)
expect(coreInfoSpy).toHaveBeenCalledWith(
`Describe output for deployment/failing-app:\n${describeOutput}`
)
})
it('should use the default kubectl namespace when none is provided', async () => {
const resources = [{type: 'deployment', name: 'failing-app'}]
const rolloutError = new Error('Progress deadline exceeded')
const describeOutput =
'Events:\n Type\tReason\tMessage\n Normal\tScalingReplicaSet\tScaled up replica set failing-app-123 to 1'
// Arrange: Mock rollout to fail and describe to succeed
const checkRolloutStatusSpy = vi
.spyOn(kc, 'checkRolloutStatus')
.mockRejectedValue(rolloutError)
const describeSpy = vi.spyOn(kc, 'describe').mockResolvedValue({
stdout: describeOutput,
stderr: '',
exitCode: 0
})
// Act & Assert: Expect the function to throw the final aggregated error
const expectedErrorMessage = `Rollout failed for deployment/failing-app in namespace default: ${rolloutError.message}`
await expect(
manifestStabilityUtils.checkManifestStability(
kc,
resources,
ResourceTypeManagedCluster
)
).rejects.toThrow(
`Rollout status failed for the following resources:\n${expectedErrorMessage}`
)
// Assert that the correct functions were called
expect(checkRolloutStatusSpy).toHaveBeenCalledTimes(1)
expect(coreErrorSpy).toHaveBeenCalledWith(expectedErrorMessage)
expect(describeSpy).toHaveBeenCalledWith(
'deployment',
'failing-app',
false,
undefined
)
expect(coreInfoSpy).toHaveBeenCalledWith(
`Describe output for deployment/failing-app:\n${describeOutput}`
)
})
it('should call checkPodStatus for pod resources', async () => {
const resources = [{type: 'Pod', name: 'test-pod', namespace: 'default'}]
// Arrange: Spy on checkPodStatus and checkRolloutStatus
const checkPodStatusSpy = vi
.spyOn(manifestStabilityUtils, 'checkPodStatus')
.mockResolvedValue() // Assume pod becomes ready
const checkRolloutStatusSpy = vi.spyOn(kc, 'checkRolloutStatus')
// Act
await manifestStabilityUtils.checkManifestStability(
kc,
resources,
ResourceTypeManagedCluster
)
// Assert
expect(checkPodStatusSpy).toHaveBeenCalledWith(kc, resources[0])
expect(checkRolloutStatusSpy).not.toHaveBeenCalled()
})
it('should warn and describe when a pod check fails', async () => {
const resources = [
{type: 'Pod', name: 'failing-pod', namespace: 'default'}
]
const podError = new Error('Pod rollout failed')
// Arrange: Mock checkPodStatus to fail
const checkPodStatusSpy = vi
.spyOn(manifestStabilityUtils, 'checkPodStatus')
.mockRejectedValue(podError)
const describeSpy = vi.spyOn(kc, 'describe').mockResolvedValue({
stdout: 'describe output',
stderr: '',
exitCode: 0
})
// Act: This should not throw, only warn.
await manifestStabilityUtils.checkManifestStability(
kc,
resources,
ResourceTypeManagedCluster
)
// Assert
expect(checkPodStatusSpy).toHaveBeenCalled()
expect(coreWarningSpy).toHaveBeenCalledWith(
expect.stringContaining(`Could not determine pod status`)
)
expect(describeSpy).toHaveBeenCalledWith(
'Pod',
'failing-pod',
false,
'default'
)
})
it('should wait for external IP for a LoadBalancer service', async () => {
//Spying on sleep to avoid actual delays in tests
vi.spyOn(timeUtils, 'sleep').mockResolvedValue(undefined)
const resources = [
{type: 'service', name: 'test-svc', namespace: 'default'}
]
const serviceWithoutIp = {
spec: {type: 'LoadBalancer'},
status: {loadBalancer: {}}
}
const serviceWithIp = {
spec: {type: 'LoadBalancer'},
status: {loadBalancer: {ingress: [{ip: '8.8.8.8'}]}}
}
// Arrange: Mock getResource to simulate the IP being assigned on the second poll
const getResourceSpy = vi
.spyOn(kc, 'getResource')
// First call: Initial service check
.mockResolvedValueOnce({
stdout: JSON.stringify(serviceWithoutIp),
stderr: '',
exitCode: 0
})
// Second call: First polling iteration (no IP yet)
.mockResolvedValueOnce({
stdout: JSON.stringify(serviceWithoutIp),
stderr: '',
exitCode: 0
})
// Third call: Second polling iteration (IP assigned)
.mockResolvedValueOnce({
stdout: JSON.stringify(serviceWithIp),
stderr: '',
exitCode: 0
})
// Act
await manifestStabilityUtils.checkManifestStability(
kc,
resources,
ResourceTypeManagedCluster
)
// Assert
expect(getResourceSpy).toHaveBeenCalledTimes(3)
expect(coreInfoSpy).toHaveBeenCalledWith(
'ServiceExternalIP test-svc 8.8.8.8'
)
})
it('should warn and describe when a service check fails', async () => {
const resources = [
{type: 'service', name: 'broken-svc', namespace: 'default'}
]
const getServiceError = new Error('Service not found')
// Arrange: Mock getService to fail, and describe to succeed
// Note: We mock getResource because getService is a private helper
const getResourceSpy = vi
.spyOn(kc, 'getResource')
.mockRejectedValue(getServiceError)
const describeSpy = vi.spyOn(kc, 'describe').mockResolvedValue({
stdout: 'describe output',
stderr: '',
exitCode: 0
})
// Act: Run the stability check. It should NOT throw an error, only warn.
await manifestStabilityUtils.checkManifestStability(
kc,
resources,
ResourceTypeManagedCluster
)
// Assert
expect(getResourceSpy).toHaveBeenCalled()
expect(coreWarningSpy).toHaveBeenCalledWith(
expect.stringContaining(
`Could not determine service status of: broken-svc`
)
)
expect(describeSpy).toHaveBeenCalledWith(
'service',
'broken-svc',
false,
'default'
)
})
it('should not wait for an IP for a ClusterIP service', async () => {
const resources = [
{type: 'service', name: 'cluster-ip-svc', namespace: 'default'}
]
const clusterIpService = {
spec: {type: 'ClusterIP'}, // Not a LoadBalancer
status: {}
}
// Arrange
const getResourceSpy = vi.spyOn(kc, 'getResource').mockResolvedValue({
stdout: JSON.stringify(clusterIpService),
stderr: '',
exitCode: 0
})
// Act
await manifestStabilityUtils.checkManifestStability(
kc,
resources,
ResourceTypeManagedCluster
)
// Assert: getResource is called once to get the spec, but not again for polling.
expect(getResourceSpy).toHaveBeenCalledTimes(1)
expect(coreInfoSpy).not.toHaveBeenCalledWith(
expect.stringContaining('ServiceExternalIP')
)
})
})
describe('checkManifestStability additional scenarios', () => {
let kc: Kubectl
let coreErrorSpy: MockInstance
let coreInfoSpy: MockInstance
let coreWarningSpy: MockInstance
beforeEach(() => {
kc = new Kubectl('')
coreErrorSpy = vi.spyOn(core, 'error').mockImplementation(() => {})
coreInfoSpy = vi.spyOn(core, 'info').mockImplementation(() => {})
coreWarningSpy = vi.spyOn(core, 'warning').mockImplementation(() => {})
})
afterEach(() => {
vi.restoreAllMocks()
})
it('should aggregate errors from deployment and pod failures', async () => {
const resources = [
{type: 'deployment', name: 'deploy-failure', namespace: 'default'},
{type: 'pod', name: 'pod-failure', namespace: 'default'}
]
const deploymentError = new Error('Deployment rollout failed')
const podError = new Error('Pod not ready in time')
// Arrange: Mock failures
const checkRolloutStatusSpy = vi
.spyOn(kc, 'checkRolloutStatus')
.mockRejectedValue(deploymentError)
// For pod: simulate a pod check failure
const checkPodStatusSpy = vi
.spyOn(manifestStabilityUtils, 'checkPodStatus')
.mockRejectedValue(podError)
// For both, simulate a successful describe call to provide additional details
const describeSpy = vi.spyOn(kc, 'describe').mockResolvedValue({
stdout: 'describe aggregated output',
stderr: '',
exitCode: 0
})
// Act & Assert:
const expectedDeploymentError = `Rollout failed for deployment/deploy-failure in namespace default: ${deploymentError.message}`
const expectedFullError = `Rollout status failed for the following resources:\n${expectedDeploymentError}`
await expect(
manifestStabilityUtils.checkManifestStability(
kc,
resources,
ResourceTypeManagedCluster
)
).rejects.toThrow(expectedFullError)
// Assert that each failure was caught and processed
expect(checkRolloutStatusSpy).toHaveBeenCalledWith(
'deployment',
'deploy-failure',
'default',
undefined
)
expect(checkPodStatusSpy).toHaveBeenCalledWith(kc, resources[1])
expect(describeSpy).toHaveBeenCalled()
expect(coreErrorSpy).toHaveBeenCalledWith(expectedDeploymentError)
})
it('should complete without errors when all resources are stable', async () => {
const resources = [
{type: 'deployment', name: 'stable-deploy', namespace: 'default'},
{type: 'pod', name: 'stable-pod', namespace: 'default'},
{type: 'service', name: 'stable-svc', namespace: 'default'}
]
// Arrange:
// Deployment rollout succeeds
vi.spyOn(kc, 'checkRolloutStatus').mockResolvedValue({
exitCode: 0,
stderr: '',
stdout: ''
})
// Pod becomes ready
vi.spyOn(manifestStabilityUtils, 'checkPodStatus').mockResolvedValue()
// Simulate a LoadBalancer service that already has an external IP
const stableService = {
spec: {type: 'LoadBalancer'},
status: {loadBalancer: {ingress: [{ip: '1.2.3.4'}]}}
}
vi.spyOn(kc, 'getResource').mockResolvedValue({
stdout: JSON.stringify(stableService),
stderr: '',
exitCode: 0
})
// Provide a describe result to avoid warnings
vi.spyOn(kc, 'describe').mockResolvedValue({
stdout: 'describe output stable',
stderr: '',
exitCode: 0
})
// Act & Assert:
await expect(
manifestStabilityUtils.checkManifestStability(
kc,
resources,
ResourceTypeManagedCluster
)
).resolves.not.toThrow()
})
})
describe('getContainerErrors', () => {
it('should return an empty string if all containers are ready', () => {
const podStatus = {
containerStatuses: [
{
name: 'app',
ready: true,
state: {running: {startedAt: '2025-07-18T10:00:00Z'}}
}
]
}
expect(manifestStabilityUtils.getContainerErrors(podStatus)).toBe('')
})
it('should report an error for a waiting container', () => {
const podStatus = {
containerStatuses: [
{
name: 'app',
ready: false,
state: {
waiting: {
reason: 'ImagePullBackOff',
message: 'Back-off pulling image "my-image:latest"'
}
}
}
]
}
const expectedError =
'Container issues: Container \'app\' is waiting: ImagePullBackOff - Back-off pulling image "my-image:latest"'
expect(manifestStabilityUtils.getContainerErrors(podStatus)).toBe(
expectedError
)
})
it('should report an error for a terminated container', () => {
const podStatus = {
containerStatuses: [
{
name: 'job-runner',
ready: false,
state: {
terminated: {
reason: 'Error',
message: 'The job failed with exit code 1'
}
}
}
]
}
const expectedError =
"Container issues: Container 'job-runner' terminated: Error - The job failed with exit code 1"
expect(manifestStabilityUtils.getContainerErrors(podStatus)).toBe(
expectedError
)
})
it('should report an error for a waiting init container', () => {
const podStatus = {
initContainerStatuses: [
{
name: 'init-db',
ready: false,
state: {
waiting: {
reason: 'PodInitializing'
}
}
}
]
}
const expectedError =
"Container issues: Init container 'init-db' is waiting: PodInitializing - No message"
expect(manifestStabilityUtils.getContainerErrors(podStatus)).toBe(
expectedError
)
})
it('should combine errors from multiple containers', () => {
const podStatus = {
containerStatuses: [
{
name: 'main-app',
ready: false,
state: {waiting: {reason: 'CrashLoopBackOff'}}
}
],
initContainerStatuses: [
{
name: 'init-migrations',
ready: false,
state: {terminated: {reason: 'Error'}}
}
]
}
const expectedError =
"Container issues: Container 'main-app' is waiting: CrashLoopBackOff - No message; Init container 'init-migrations' terminated: Error - No message"
expect(manifestStabilityUtils.getContainerErrors(podStatus)).toBe(
expectedError
)
})
})

Some files were not shown because too many files have changed in this diff Show More