moved the output TEST_NAMES to wf-preparation job (was check-secret job) and added step export_tests..

Signed-off-by: Matan Avital <matavital13@gmail.com>
2026-04-15 06:58:11 +00:00 · 2023-03-20 17:22:52 +02:00
parent 62e3d3263d
commit 2ea9e1a596
1 changed files with 39 additions and 12 deletions
--- a/.github/workflows/b-binary-build-and-e2e-tests.yaml
+++ b/.github/workflows/b-binary-build-and-e2e-tests.yaml
@@ -36,10 +36,11 @@ on:


 jobs:
-  check-secret:
+  wf-preparation:
    name: secret-validator
    runs-on: ubuntu-latest
    outputs:
+      TEST_NAMES: ${{ steps.export_tests_to_env.outputs.TEST_NAMES }}
      is-secret-set: ${{ steps.check-secret-set.outputs.is-secret-set }}
    steps:
      - name: check if the necessary secrets are set in github secrets
@@ -53,11 +54,18 @@ jobs:
          REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
          REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
        run: "echo \"is-secret-set=${{ env.CUSTOMER != '' && \n                        env.USERNAME != '' &&\n                        env.PASSWORD != '' &&\n                        env.CLIENT_ID != '' &&\n                        env.SECRET_KEY != '' &&\n                        env.REGISTRY_USERNAME != '' &&\n                        env.REGISTRY_PASSWORD != ''\n                      }}\" >> $GITHUB_OUTPUT\n"
+
+      - id: export_tests_to_env
+        name: set test name
+        run: |
+          echo "TEST_NAMES=$input" >> $GITHUB_OUTPUT
+        env:
+          input: ${{ inputs.BINARY_TESTS }}
+        
+
  binary-build:
    if: ${{ github.event.inputs.BUILD_AND_TEST_LOCAL_KUBESCAPE_CLI == 'true' }}
    name: Create cross-platform build
-    outputs:
-      TEST_NAMES: ${{ steps.export_tests_to_env.outputs.TEST_NAMES }}
    env:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    runs-on: ${{ matrix.os }}
@@ -65,11 +73,13 @@ jobs:
      matrix:
        os: [ubuntu-20.04, macos-latest, windows-latest]
    steps:
+    
      - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # ratchet:actions/checkout@v3
        with:
          repository: ${{inputs.CHECKOUT_REPO}}
          fetch-depth: 0
          submodules: recursive
+
      - name: Cache Go modules (Linux)
        if: matrix.os == 'ubuntu-20.04'
        uses: actions/cache@69d9d449aced6a2ede0bc19182fadc3a0a42d2b0 # ratchet:actions/cache@v3
@@ -80,6 +90,7 @@ jobs:
          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
          restore-keys: |
            ${{ runner.os }}-go-
+
      - name: Cache Go modules (macOS)
        if: matrix.os == 'macos-latest'
        uses: actions/cache@69d9d449aced6a2ede0bc19182fadc3a0a42d2b0 # ratchet:actions/cache@v3
@@ -90,6 +101,7 @@ jobs:
          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
          restore-keys: |
            ${{ runner.os }}-go-
+
      - name: Cache Go modules (Windows)
        if: matrix.os == 'windows-latest'
        uses: actions/cache@69d9d449aced6a2ede0bc19182fadc3a0a42d2b0 # ratchet:actions/cache@v3
@@ -100,43 +112,53 @@ jobs:
          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
          restore-keys: |
            ${{ runner.os }}-go-
+
      - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # ratchet:actions/setup-go@v3
        name: Installing go
        with:
          go-version: ${{ inputs.GO_VERSION }}
          cache: true
+
      - name: Install MSYS2 & libgit2 (Windows)
        shell: cmd
        run: .\build.bat all
        if: matrix.os == 'windows-latest'
+
      - name: Install pkg-config (macOS)
        run: brew install pkg-config
        if: matrix.os == 'macos-latest'
+
      - name: Install libgit2 (Linux/macOS)
        run: make libgit2
        if: matrix.os != 'windows-latest'
+
      - name: Test core pkg
        run: go test "-tags=static,gitenabled" -v ./...
+
      - name: Test httphandler pkg
        run: cd httphandler && go test "-tags=static,gitenabled" -v ./...
+
      - name: Build
        env:
          RELEASE: ${{ inputs.RELEASE }}
          CLIENT: ${{ inputs.CLIENT }}
          CGO_ENABLED: ${{ inputs.CGO_ENABLED }}
        run: python3 --version && python3 build.py
+
      - name: Smoke Testing (Windows / MacOS)
        env:
          RELEASE: ${{ inputs.RELEASE }}
          KUBESCAPE_SKIP_UPDATE_CHECK: "true"
        run: python3 smoke_testing/init.py ${PWD}/build/kubescape-${{ matrix.os }}
        if: matrix.os != 'ubuntu-20.04'
+
      - name: Smoke Testing (Linux)
        env:
          RELEASE: ${{ inputs.RELEASE }}
          KUBESCAPE_SKIP_UPDATE_CHECK: "true"
        run: python3 smoke_testing/init.py ${PWD}/build/kubescape-ubuntu-latest
        if: matrix.os == 'ubuntu-20.04'
+
      - name: golangci-lint
        if: matrix.os == 'ubuntu-20.04'
        continue-on-error: true
@@ -145,12 +167,7 @@ jobs:
          version: latest
          args: --timeout 10m --build-tags=static
          only-new-issues: true
-      - id: export_tests_to_env
-        name: set test name
-        run: |
-          echo "TEST_NAMES=$input" >> $GITHUB_OUTPUT
-        env:
-          input: ${{ inputs.BINARY_TESTS }}
+
      - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb # ratchet:actions/upload-artifact@v3.1.1
        name: Upload artifact (Linux)
        if: matrix.os == 'ubuntu-20.04'
@@ -158,6 +175,7 @@ jobs:
          name: kubescape-ubuntu-latest
          path: build/
          if-no-files-found: error
+
      - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb # ratchet:actions/upload-artifact@v3.1.1
        name: Upload artifact (MacOS, Win)
        if: matrix.os != 'ubuntu-20.04'
@@ -165,13 +183,14 @@ jobs:
          name: kubescape-${{ matrix.os }}
          path: build/
          if-no-files-found: error
+
  run-tests:
    strategy:
      fail-fast: false
      matrix:
-        TEST: ${{ fromJson(needs.binary-build.outputs.TEST_NAMES) }}
-    needs: [check-secret, binary-build]
-    if: ${{ (needs.check-secret.outputs.is-secret-set == 'true') && (always() && (contains(needs.*.result, 'success') || contains(needs.*.result, 'skipped')) && !(contains(needs.*.result, 'failure')) && !(contains(needs.*.result, 'cancelled'))) }}
+        TEST: ${{ fromJson(needs.wf-preparation.outputs.TEST_NAMES) }}
+    needs: [wf-preparation, binary-build]
+    if: ${{ (needs.wf-preparation.outputs.is-secret-set == 'true') && (always() && (contains(needs.*.result, 'success') || contains(needs.*.result, 'skipped')) && !(contains(needs.*.result, 'failure')) && !(contains(needs.*.result, 'cancelled'))) }}
    runs-on: ubuntu-latest # This cannot change
    steps:
      - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # ratchet:actions/download-artifact@v3.0.2
@@ -180,30 +199,38 @@ jobs:
        with:
          name: kubescape-ubuntu-latest
          path: "~"
+
      - run: ls -laR
+
      - name: chmod +x
        if: github.event.inputs.BUILD_AND_TEST_LOCAL_KUBESCAPE_CLI == 'true'
        run: chmod +x -R ${{steps.download-artifact.outputs.download-path}}/kubescape-ubuntu-latest
+
      - name: Checkout systests repo
        uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # ratchet:actions/checkout@v3
        with:
          repository: armosec/system-tests
          path: .
+
      - uses: actions/setup-python@d27e3f3d7c64b4bbf8e4abfb9b63b83e846e0435 # ratchet:actions/setup-python@v4
        with:
          python-version: '3.8.13'
          cache: 'pip'
+
      - name: create env
        run: ./create_env.sh
+
      - name: Generate uuid
        id: uuid
        run: |
          echo "RANDOM_UUID=$(uuidgen)" >> $GITHUB_OUTPUT
+
      - name: Create k8s Kind Cluster
        id: kind-cluster-install
        uses: helm/kind-action@d08cf6ff1575077dee99962540d77ce91c62387d # ratchet:helm/kind-action@v1.3.0
        with:
          cluster_name: ${{ steps.uuid.outputs.RANDOM_UUID }}
+
      - name: run-tests-on-local-built-kubescape
        if: github.event.inputs.BUILD_AND_TEST_LOCAL_KUBESCAPE_CLI == 'true'
        env: