Skip to content
Smoke Test with IPv6

chore(deps): update cilium/little-vm-helper action to v0.0.18 (v1.15) #1384

Sign in to view logs

chore(deps): update cilium/little-vm-helper action to v0.0.18 (v1.15)

chore(deps): update cilium/little-vm-helper action to v0.0.18 (v1.15) #1384

Workflow file for this run

.github/workflows/tests-smoke-ipv6.yaml at f08ebee
name: Smoke Test with IPv6
# Any change in triggers needs to be reflected in the concurrency group.
on:
pull_request: {}
push:
branches:
- v1.15
- ft/v1.15/**
permissions: read-all
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.event.after }}
cancel-in-progress: true
env:
cilium_cli_ci_version:
CILIUM_CLI_MODE: helm
KIND_CONFIG: .github/kind-config-ipv6.yaml
# Skip external traffic (e.g. 1.1.1.1 and www.google.com) due to no support for IPv6 in github action
CONFORMANCE_TEMPLATE: examples/kubernetes/connectivity-check/connectivity-check-internal.yaml
TIMEOUT: 5m
LOG_TIME: 30m
jobs:
check_changes:
name: Deduce required tests from code changes
runs-on: ubuntu-22.04
outputs:
tested: ${{ steps.tested-tree.outputs.src }}
steps:
- name: Checkout code
if: ${{ !github.event.pull_request }}
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
persist-credentials: false
fetch-depth: 0
- name: Check code changes
uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
id: tested-tree
with:
# For `push` events, compare against the `ref` base branch
# For `pull_request` events, this is ignored and will compare against the pull request base branch
base: ${{ github.ref }}
filters: |
src:
- '!(test|Documentation)/**'
conformance-test-ipv6:
needs: check_changes
if: ${{ needs.check_changes.outputs.tested == 'true' }}
runs-on: ubuntu-22.04
name: Installation and Conformance Test (ipv6)
steps:
- name: Checkout target branch to access local actions
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
ref: ${{ github.base_ref || github.ref }}
persist-credentials: false
- name: Set Environment Variables
uses: ./.github/actions/set-env-variables
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
persist-credentials: false
- name: Get Cilium's default values
id: default_vars
uses: ./.github/actions/helm-default
with:
image-tag: ${{ github.event.pull_request.head.sha }}
- name: Set image tag
id: sha
run: |
echo sha=${{ steps.default_vars.outputs.sha }} >> $GITHUB_OUTPUT
- name: Precheck generated connectivity manifest files
run: |
make -C examples/kubernetes/connectivity-check fmt
make -C examples/kubernetes/connectivity-check all
test -z "$(git status --porcelain)" || (echo "please run 'make -C examples/kubernetes/connectivity-check fmt all' and submit your changes"; exit 1)
- name: Enable IPv6 in docker
run: |
sudo cat /etc/docker/daemon.json || true
# Keep existing config like cgroup-parent in github action
sudo sh -c "echo '{ \"exec-opts\": [\"native.cgroupdriver=cgroupfs\"], \"cgroup-parent\": \"/actions_job\", \"ipv6\": true, \"fixed-cidr-v6\": \"2001:db8:1::/64\" }' > /etc/docker/daemon.json"
sudo cat /etc/docker/daemon.json
sudo ip -6 route add 2001:db8:1::/64 dev docker0
sudo sysctl net.ipv6.conf.default.forwarding=1
sudo sysctl net.ipv6.conf.all.forwarding=1
sudo systemctl restart docker
- name: Create kind cluster
uses: helm/kind-action@99576bfa6ddf9a8e612d83b513da5a75875caced # v1.9.0
with:
version: ${{ env.KIND_VERSION }}
node_image: ${{ env.KIND_K8S_IMAGE }}
kubectl_version: ${{ env.KIND_K8S_VERSION }}
config: ${{ env.KIND_CONFIG }}
wait: 0 # The control-plane never becomes ready, since no CNI is present
- name: Wait for images to be available
timeout-minutes: 30
shell: bash
run: |
for image in cilium-ci operator-generic-ci hubble-relay-ci ; do
until docker manifest inspect quay.io/${{ env.QUAY_ORGANIZATION_DEV }}/$image:${{ steps.sha.outputs.sha }} &> /dev/null; do sleep 45s; done
done
- name: Set up install variables
id: vars
run: |
CILIUM_INSTALL_DEFAULTS="${{ steps.default_vars.outputs.cilium_install_defaults }} \
--helm-set nodeinit.enabled=true \
--helm-set kubeProxyReplacement=true \
--helm-set ipam.mode=kubernetes \
--helm-set hubble.enabled=true \
--helm-set hubble.relay.enabled=true \
--helm-set ipv6.enabled=true \
--helm-set ipv4.enabled=false \
--helm-set routingMode=native \
--helm-set autoDirectNodeRoutes=true \
--helm-set ipv6NativeRoutingCIDR=2001:db8:1::/64 \
--helm-set ingressController.enabled=true"
echo cilium_install_defaults=${CILIUM_INSTALL_DEFAULTS} >> $GITHUB_OUTPUT
- name: Install Cilium CLI
uses: cilium/cilium-cli@a9579d1afc528b085930c5237a69ee77b2c2be76 # v0.16.4
with:
repository: ${{ env.CILIUM_CLI_RELEASE_REPO }}
release-version: ${{ env.CILIUM_CLI_VERSION }}
ci-version: ${{ env.cilium_cli_ci_version }}
- name: Install Cilium
id: install-cilium
run: |
cilium install ${{ steps.vars.outputs.cilium_install_defaults }}
- name: Wait for Cilium status to be ready
run: |
cilium status --wait
kubectl -n kube-system get pods
- name: Port forward Relay
run: |
cilium hubble port-forward&
sleep 10s
[[ $(pgrep -f "cilium.*hubble.*port-forward|kubectl.*port-forward.*hubble-relay" | wc -l) == 2 ]]
- name: Run conformance test (e.g. connectivity check without external 1.1.1.1 and www.google.com)
run: |
kubectl apply -f ${{ env.CONFORMANCE_TEMPLATE }}
kubectl wait --for=condition=Available --all deployment --timeout=${{ env.TIMEOUT }}
- name: Report cluster failure status and capture cilium-sysdump
if: ${{ failure() && steps.install-cilium.outcome != 'skipped' }}
# The following is needed to prevent hubble from receiving an empty
# file (EOF) on stdin and displaying no flows.
shell: 'script -q -e -c "bash --noprofile --norc -eo pipefail {0}"'
run: |
echo "=== Retrieve cluster state ==="
kubectl get pods --all-namespaces -o wide
cilium status
cilium sysdump --output-filename cilium-sysdump-out
- name: Upload cilium-sysdump
uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2
if: ${{ failure() }}
with:
name: cilium-sysdump-out.zip
path: cilium-sysdump-out.zip