Add jitter to the main "authenticate and open streams" loop (#129) #31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build, Deploy and Onboard Cloud Operator To Live Services | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| test-deploy-onboard-live: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and push Docker image | |
| id: build-and-push | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| push: true | |
| platforms: linux/amd64 | |
| build-args: | | |
| VERSION=${{ steps.meta.outputs.tags }} | |
| tags: | | |
| ghcr.io/${{ github.repository }}:${{ steps.meta.outputs.tags }} | |
| - name: Install kubectl | |
| uses: azure/setup-kubectl@v4 | |
| with: | |
| version: "v1.24.0" | |
| - name: Install Minikube | |
| run: | | |
| curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 | |
| sudo install minikube-linux-amd64 /usr/local/bin/minikube | |
| - name: Start Minikube | |
| run: | | |
| minikube start --driver=docker | |
| - name: Wait for Minikube to be ready | |
| run: | | |
| minikube kubectl -- get nodes | |
| - name: Set up Helm | |
| uses: azure/[email protected] | |
| with: | |
| version: "v3.16.4" | |
| - name: Package Helm chart | |
| run: | | |
| helm package cloud-operator && kubectl create ns illumio-cloud | |
| - name: Install Helm chart and Deploy Operator | |
| env: | |
| ONBOARDING_CLIENT_ID: ${{ secrets.ONBOARDING_CLIENT_ID }} | |
| ONBOARDING_CLIENT_SECRET: ${{ secrets.ONBOARDING_CLIENT_SECRET }} | |
| run: | | |
| helm upgrade --install illumio cloud-operator-*.tgz \ | |
| --namespace illumio-cloud \ | |
| --create-namespace \ | |
| --set image.repository=ghcr.io/${{ github.repository }} \ | |
| --set image.tag=${{ steps.meta.outputs.tags }} \ | |
| --set image.pullPolicy=Always \ | |
| --set onboardingSecret.clientId=$ONBOARDING_CLIENT_ID \ | |
| --set onboardingSecret.clientSecret=$ONBOARDING_CLIENT_SECRET | |
| - name: Wait for Kubernetes Pod to be Ready | |
| run: | | |
| # Give minikube time to pull image and install operator before trying to check for app label | |
| sleep 5s | |
| kubectl wait --for=condition=ready pod -l app=cloud-operator -n illumio-cloud --timeout=300s | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: '^1.23' | |
| - name: Install dependencies | |
| run: go mod tidy | |
| - name: Run tests | |
| env: | |
| TENANT_ID: ${{ secrets.TENANT_ID }} | |
| CLOUD_API_KEY: ${{ secrets.CLOUD_API_KEY }} | |
| CLOUD_API_SECRET: ${{ secrets.CLOUD_API_SECRET }} | |
| USER_ID: ${{ secrets.USER_ID }} | |
| run: | | |
| # Give time for cluster to onboard completely | |
| sleep 10s | |
| go test -v ./integration-testing/... | |