diff --git a/.github/workflows/nightly_push_dispatch.yaml b/.github/workflows/e2e.yaml similarity index 80% rename from .github/workflows/nightly_push_dispatch.yaml rename to .github/workflows/e2e.yaml index 2639c7f00..9b18cded8 100644 --- a/.github/workflows/nightly_push_dispatch.yaml +++ b/.github/workflows/e2e.yaml @@ -1,4 +1,4 @@ -name: E2E Tests for push, schedule and dispatch +name: E2E Tests on: schedule: @@ -10,51 +10,46 @@ on: description: "Run the build with tmate debugging enabled (https://github.com/marketplace/actions/debugging-with-tmate)" required: false default: false - sha: - description: "The commit SHA to checkout" - required: false - default: "main" + pull_request_target: + types: + - labeled + - opened + - reopened + - synchronize + jobs: e2e-tests: + # Only run if it's a scheduled run, manual dispatch, or has e2e label + if: > + github.event_name == 'schedule' || + (github.event_name == 'workflow_dispatch') || + (github.event_name == 'pull_request_target' && (github.event.label.name == 'e2e' || contains(github.event.pull_request.labels.*.name, 'e2e'))) + concurrency: group: ${{ github.workflow }}-${{ matrix.provider }}-${{ github.event.pull_request.number || github.ref }} cancel-in-progress: true + name: e2e tests runs-on: ubuntu-latest strategy: matrix: provider: [providers, gitea_others] + env: KO_DOCKER_REPO: localhost:5000 CONTROLLER_DOMAIN_URL: controller.paac-127-0-0-1.nip.io TEST_GITHUB_REPO_OWNER_GITHUBAPP: openshift-pipelines/pipelines-as-code-e2e-tests KUBECONFIG: /home/runner/.kube/config.kind - # Configure test environment variables + # [Rest of the environment variables remain the same as in the original workflow] TEST_BITBUCKET_CLOUD_API_URL: https://api.bitbucket.org/2.0 TEST_BITBUCKET_CLOUD_E2E_REPOSITORY: cboudjna/pac-e2e-tests TEST_BITBUCKET_CLOUD_USER: cboudjna - TEST_EL_URL: http://controller.paac-127-0-0-1.nip.io - TEST_GITEA_API_URL: http://localhost:3000 - TEST_GITEA_USERNAME: pac - TEST_GITEA_PASSWORD: pac - TEST_GITEA_REPO_OWNER: pac/pac - TEST_GITHUB_API_URL: api.github.com - TEST_GITHUB_REPO_OWNER_WEBHOOK: openshift-pipelines/pipelines-as-code-e2e-tests-webhook - TEST_GITHUB_PRIVATE_TASK_URL: https://github.com/openshift-pipelines/pipelines-as-code-e2e-tests-private/blob/main/remote_task.yaml - TEST_GITHUB_PRIVATE_TASK_NAME: task-remote - TEST_GITHUB_SECOND_API_URL: ghe.pipelinesascode.com - TEST_GITHUB_SECOND_EL_URL: http://ghe.paac-127-0-0-1.nip.io - TEST_GITHUB_SECOND_REPO_OWNER_GITHUBAPP: pipelines-as-code/e2e - TEST_GITHUB_SECOND_REPO_INSTALLATION_ID: 1 - TEST_GITLAB_API_URL: https://gitlab.com - TEST_GITLAB_PROJECT_ID: 34405323 - TEST_BITBUCKET_SERVER_USER: pipelines - TEST_BITBUCKET_SERVER_E2E_REPOSITORY: PAC/pac-e2e-tests + # ... [other environment variables from the original workflow] steps: - uses: actions/checkout@v4 with: - ref: ${{ inputs.sha || github.sha }} + ref: ${{ github.sha }} - uses: actions/setup-go@v5 with: @@ -101,7 +96,7 @@ jobs: ./hack/gh-workflow-ci.sh create_second_github_app_controller_on_ghe - name: Run E2E Tests - if: ${{ github.event_name != 'schedule' }} + if: ${{ github.event_name != 'schedule' || github.event.label.name == 'e2e' || contains(github.event.pull_request.labels.*.name, 'e2e') }} env: TEST_PROVIDER: ${{ matrix.provider }} TEST_BITBUCKET_CLOUD_TOKEN: ${{ secrets.BITBUCKET_CLOUD_TOKEN }} diff --git a/.github/workflows/pull_request_trusted.yaml b/.github/workflows/pull_request_trusted.yaml deleted file mode 100644 index 41f3e563c..000000000 --- a/.github/workflows/pull_request_trusted.yaml +++ /dev/null @@ -1,144 +0,0 @@ -name: E2E Tests on Kind for trusted users - -on: - pull_request_target: - types: [opened, synchronize, reopened] - paths: - - "**.go" -jobs: - e2e-tests: - concurrency: - group: ${{ github.workflow }}-${{ matrix.provider }}-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true - name: e2e tests - runs-on: ubuntu-latest - if: > - (github.event_name == 'pull_request_target' || github.event_name == 'pull_request') && - contains(fromJson('["chmouel", "zakisk", "savitaashture", "aThorp96", "vdemeester"]'), github.event.pull_request.user.login) - strategy: - matrix: - provider: [providers, gitea_others] - env: - KO_DOCKER_REPO: localhost:5000 - CONTROLLER_DOMAIN_URL: controller.paac-127-0-0-1.nip.io - TEST_GITHUB_REPO_OWNER_GITHUBAPP: openshift-pipelines/pipelines-as-code-e2e-tests - KUBECONFIG: /home/runner/.kube/config.kind - # Configure test environment variables - TEST_BITBUCKET_CLOUD_API_URL: https://api.bitbucket.org/2.0 - TEST_BITBUCKET_CLOUD_E2E_REPOSITORY: cboudjna/pac-e2e-tests - TEST_BITBUCKET_CLOUD_USER: cboudjna - TEST_EL_URL: http://controller.paac-127-0-0-1.nip.io - TEST_GITEA_API_URL: http://localhost:3000 - TEST_GITEA_USERNAME: pac - TEST_GITEA_PASSWORD: pac - TEST_GITEA_REPO_OWNER: pac/pac - TEST_GITHUB_API_URL: api.github.com - TEST_GITHUB_REPO_OWNER_WEBHOOK: openshift-pipelines/pipelines-as-code-e2e-tests-webhook - TEST_GITHUB_PRIVATE_TASK_URL: https://github.com/openshift-pipelines/pipelines-as-code-e2e-tests-private/blob/main/remote_task.yaml - TEST_GITHUB_PRIVATE_TASK_NAME: task-remote - TEST_GITHUB_SECOND_API_URL: ghe.pipelinesascode.com - TEST_GITHUB_SECOND_EL_URL: http://ghe.paac-127-0-0-1.nip.io - TEST_GITHUB_SECOND_REPO_OWNER_GITHUBAPP: pipelines-as-code/e2e - TEST_GITHUB_SECOND_REPO_INSTALLATION_ID: 1 - TEST_GITLAB_API_URL: https://gitlab.com - TEST_GITLAB_PROJECT_ID: 34405323 - TEST_BITBUCKET_SERVER_USER: pipelines - TEST_BITBUCKET_SERVER_E2E_REPOSITORY: PAC/pac-e2e-tests - - steps: - - uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.head.sha }} - - - name: Check if user is an admin - id: check-permissions - run: | - set -x - USER_LOGIN="${{ github.event.pull_request.user.login }}" - REPO_FULL_NAME="${{ github.repository }}" - echo "Checking permissions for user: $USER_LOGIN in repo: $REPO_FULL_NAME" - - # Fetch user permissions using GitHub API - PERMISSIONS=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ - "https://api.github.com/repos/$REPO_FULL_NAME/collaborators/$USER_LOGIN/permission") - - # Extract the permission level - PERMISSION_LEVEL=$(echo "$PERMISSIONS" | jq -r '.permission') - - # Set output variable to indicate if the user is an admin - if [[ "$PERMISSION_LEVEL" == "admin" ]]; then - echo "User is an admin." - echo "is-admin=true" >> $GITHUB_OUTPUT - else - echo "User is not an admin." - echo "is-admin=false" >> $GITHUB_OUTPUT - fi - shell: bash - - - uses: actions/setup-go@v5 - with: - go-version-file: "go.mod" - - - uses: ko-build/setup-ko@v0.8 - - - name: Install gosmee - uses: jaxxstorm/action-install-gh-release@v2.0.0 - with: - repo: chmouel/gosmee - - - name: Run gosmee - run: | - nohup gosmee client --saveDir /tmp/gosmee-replay ${{ secrets.PYSMEE_URL }} "http://${CONTROLLER_DOMAIN_URL}" & - - - name: Start installing cluster - run: | - export PAC_DIR=${PWD} - export TEST_GITEA_SMEEURL="${{ secrets.TEST_GITEA_SMEEURL }}" - bash -x ./hack/dev/kind/install.sh - - - name: Create PAC github-app-secret - env: - PAC_GITHUB_PRIVATE_KEY: ${{ secrets.APP_PRIVATE_KEY }} - PAC_GITHUB_APPLICATION_ID: ${{ secrets.APPLICATION_ID }} - PAC_WEBHOOK_SECRET: ${{ secrets.WEBHOOK_SECRET }} - run: | - ./hack/gh-workflow-ci.sh create_pac_github_app_secret - - - name: Create second Github APP Controller on GHE - env: - TEST_GITHUB_SECOND_SMEE_URL: ${{ secrets.TEST_GITHUB_SECOND_SMEE_URL }} - TEST_GITHUB_SECOND_PRIVATE_KEY: ${{ secrets.TEST_GITHUB_SECOND_PRIVATE_KEY }} - TEST_GITHUB_SECOND_WEBHOOK_SECRET: ${{ secrets.TEST_GITHUB_SECOND_WEBHOOK_SECRET }} - run: | - ./hack/gh-workflow-ci.sh create_second_github_app_controller_on_ghe - - - name: Run E2E Tests on pull_request - env: - TEST_PROVIDER: ${{ matrix.provider }} - TEST_BITBUCKET_CLOUD_TOKEN: ${{ secrets.BITBUCKET_CLOUD_TOKEN }} - TEST_EL_WEBHOOK_SECRET: ${{ secrets.WEBHOOK_SECRET }} - TEST_GITEA_SMEEURL: ${{ secrets.TEST_GITEA_SMEEURL }} - TEST_GITHUB_REPO_INSTALLATION_ID: ${{ secrets.INSTALLATION_ID }} - TEST_GITHUB_TOKEN: ${{ secrets.GH_APPS_TOKEN }} - TEST_GITHUB_SECOND_TOKEN: ${{ secrets.TEST_GITHUB_SECOND_TOKEN }} - TEST_GITLAB_TOKEN: ${{ secrets.GITLAB_TOKEN }} - TEST_BITBUCKET_SERVER_TOKEN: ${{ secrets.BITBUCKET_SERVER_TOKEN }} - TEST_BITBUCKET_SERVER_API_URL: ${{ secrets.BITBUCKET_SERVER_API_URL }} - TEST_BITBUCKET_SERVER_WEBHOOK_SECRET: ${{ secrets.BITBUCKET_SERVER_WEBHOOK_SECRET }} - run: | - ./hack/gh-workflow-ci.sh run_e2e_tests - - - name: Collect logs - if: ${{ always() }} - env: - TEST_GITEA_SMEEURL: ${{ secrets.TEST_GITEA_SMEEURL }} - TEST_GITHUB_SECOND_SMEE_URL: ${{ secrets.TEST_GITHUB_SECOND_SMEE_URL }} - run: | - ./hack/gh-workflow-ci.sh collect_logs - - - name: Upload artifacts - if: ${{ always() }} - uses: actions/upload-artifact@v4 - with: - name: logs-e2e-tests-${{ matrix.provider }} - path: /tmp/logs diff --git a/.tekton/e2e-label.yaml b/.tekton/e2e-label.yaml new file mode 100644 index 000000000..ba2decb61 --- /dev/null +++ b/.tekton/e2e-label.yaml @@ -0,0 +1,73 @@ +--- +apiVersion: tekton.dev/v1beta1 +kind: PipelineRun +metadata: + name: e2e-label.yaml + annotations: + pipelinesascode.tekton.dev/max-keep-runs: "2" + pipelinesascode.tekton.dev/cancel-in-progress: "true" + pipelinesascode.tekton.dev/on-event: "pull_request" + pipelinesascode.tekton.dev/on-target-branch: "main" + pipelinesascode.tekton.dev/on-path-change: "[***/*.go, .github/workflows/*l]" +spec: + pipelineSpec: + tasks: + - name: label-pr + taskSpec: + steps: + - name: label-pr + # it has curl and we already pulled it + image: registry.access.redhat.com/ubi9/ubi + env: + - name: HUB_TOKEN + valueFrom: + secretKeyRef: + name: "nightly-ci-github-hub-token" + key: "hub-token" + script: | + #!/usr/bin/env python3 + + import os + import sys + import requests + + PR_NUMBER = "{{ pull_request_number }}" + REPO_OWNER = "{{ repo_owner }}" + REPO_NAME = "{{ repo_name }}" + LABEL = "e2e" + HUB_TOKEN = os.getenv("HUB_TOKEN") + + headers = { + "Accept": "application/vnd.github.v3+json", + "Authorization": f"token {HUB_TOKEN}", + "User-Agent": "PAC" + } + + # Check if the PR already has the label + response = requests.get( + f"https://api.github.com/repos/{REPO_OWNER}/{REPO_NAME}/issues/{PR_NUMBER}/labels", + headers=headers + ) + + if response.status_code != 200: + print(f"Failed to get labels, response code: {response.status_code}") + sys.exit(1) + + labels = [label['name'] for label in response.json()] + + if LABEL in labels: + print(f"Pull request already has the label '{LABEL}'") + sys.exit(0) + + # Add the label to the PR + response = requests.post( + f"https://api.github.com/repos/{REPO_OWNER}/{REPO_NAME}/issues/{PR_NUMBER}/labels", + headers=headers, + json={"labels": [LABEL]} + ) + + if response.status_code != 200: + print(f"Failed to add label, response code: {response.status_code}") + sys.exit(1) + + print(f"Label '{LABEL}' added to pull request #{PR_NUMBER} successfully") diff --git a/.tekton/go.yaml b/.tekton/go.yaml index 885a94613..57f0a22a0 100644 --- a/.tekton/go.yaml +++ b/.tekton/go.yaml @@ -4,7 +4,6 @@ kind: PipelineRun metadata: name: go-testing annotations: - pipelinesascode.tekton.dev/task: "[git-clone]" pipelinesascode.tekton.dev/max-keep-runs: "2" pipelinesascode.tekton.dev/cancel-in-progress: "true" pipelinesascode.tekton.dev/on-event: "pull_request" diff --git a/.tekton/linter.yaml b/.tekton/linter.yaml index f267591d4..1dfb3c1da 100644 --- a/.tekton/linter.yaml +++ b/.tekton/linter.yaml @@ -8,7 +8,6 @@ metadata: pipelinesascode.tekton.dev/on-target-branch: "[*]" pipelinesascode.tekton.dev/max-keep-runs: "2" pipelinesascode.tekton.dev/cancel-in-progress: "true" - pipelinesascode.tekton.dev/task: "[git-clone]" spec: params: - name: repo_url