chore(vlab): extend show tech to gather infra diagnostics #5836
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
| cancel-in-progress: true | |
| on: | |
| push: | |
| branches: | |
| - master | |
| - release/* | |
| tags: | |
| - "v*" | |
| paths-ignore: | |
| - "docs/**" | |
| - "README.md" | |
| pull_request: | |
| types: | |
| - opened | |
| - synchronize | |
| - reopened | |
| - labeled | |
| - unlabeled | |
| schedule: | |
| - cron: "0 6 * * *" # ~10pm PST | |
| - cron: "0 10 * * *" # ~2am PST | |
| workflow_dispatch: | |
| inputs: | |
| releasetest: | |
| type: boolean | |
| description: "Run release tests in vlab/hlab" | |
| required: false | |
| default: false | |
| debug_enabled: | |
| type: boolean | |
| description: "Run the build with tmate debugging enabled (https://github.com/marketplace/actions/debugging-with-tmate)" | |
| required: false | |
| default: false | |
| permissions: | |
| contents: read | |
| jobs: | |
| test-build: | |
| runs-on: lab | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: go.mod | |
| cache: false | |
| - name: Setup Just | |
| uses: extractions/setup-just@v3 | |
| - name: Lint and generate code | |
| run: | | |
| just --timestamp lint-gha gen _lint | |
| - name: More Go lint | |
| uses: golangci/golangci-lint-action@v6 | |
| with: | |
| # keep in sync with hack/tools.just | |
| version: v1.64.8 | |
| install-mode: goinstall | |
| - name: Build all | |
| run: | | |
| just --timestamp build kube-build build-multi | |
| - name: Run tests | |
| run: | | |
| just --timestamp test | |
| - name: Go mod tidy | |
| run: | | |
| go mod tidy | |
| go mod vendor | |
| # Don't remove it! We shouldn't allow CI to pass if there are any changes not committed after running gen/lint/test | |
| - name: Fail on dirty | |
| run: | | |
| if ! git status --short || [ -n "$(git status --porcelain)" ]; then | |
| git --no-pager diff -- . :^vendor | |
| echo "::error::Working directory is dirty. Please run 'just gen lint && go mod tidy && go mod vendor' and commit the changes." | |
| exit 1 | |
| fi | |
| - name: Test diagram generation | |
| run: | | |
| mkdir -p test-diagrams | |
| just run hhfab init -f --dev --gw | |
| just run hhfab vlab gen | |
| # Generate diagrams in all formats and save to test-diagrams directory | |
| just run hhfab diagram -f mermaid -o test-diagrams/default-vlab-diagram.mmd -v | |
| just run hhfab diagram -f drawio -o test-diagrams/default-vlab-diagram.drawio -v | |
| just run hhfab diagram -f dot -o test-diagrams/default-vlab-diagram.dot -v | |
| - name: Upload diagram artifacts | |
| uses: actions/upload-artifact@v5 | |
| with: | |
| name: test-build--diagrams | |
| path: test-diagrams | |
| - name: Setup tmate session for debug | |
| if: ${{ failure() && github.event_name == 'workflow_dispatch' && inputs.debug_enabled }} | |
| uses: mxschmitt/action-tmate@v3 | |
| timeout-minutes: 30 | |
| with: | |
| limit-access-to-actor: true | |
| # faster build installer without airgap using hosted runners and ghcr.io | |
| bundle: | |
| runs-on: ${{ matrix.os }} | |
| timeout-minutes: 15 | |
| needs: | |
| - test-build | |
| strategy: | |
| matrix: | |
| os: | |
| - ubuntu-latest-x86-4-cores | |
| - ubuntu-24.04-arm64-4-core | |
| - macos-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: go.mod | |
| cache: true | |
| - name: Setup Just | |
| uses: extractions/setup-just@v3 | |
| - name: Setup docker on MacOS | |
| if: matrix.os == 'macos-latest' | |
| run: | | |
| brew install --formula docker | |
| - name: Setup oras | |
| uses: oras-project/setup-oras@v1 | |
| - name: Setup local registry | |
| env: | |
| LOCALREG_SYNC_REGISTRY: ghcr.io | |
| LOCALREG_SYNC_USERNAME: ${{ github.actor }} | |
| LOCALREG_SYNC_PASSWORD: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| just --timestamp _localreg & | |
| - name: Build hhfab for local OS/ARCH | |
| run: | | |
| just --timestamp oci_repo=127.0.0.1:30000 oci=http hhfab-build-local _hhfabctl-push-main | |
| - name: hhfab init | |
| env: | |
| HHFAB_REG_REPO: 127.0.0.1:30000 | |
| run: | | |
| bin/hhfab init -v --dev --import-host-upstream | |
| - name: hhfab build --mode=manual | |
| run: | | |
| bin/hhfab build -v --mode=manual | |
| ls -lah result | |
| - name: hhfab build --mode=usb | |
| run: | | |
| bin/hhfab build -v --mode=usb | |
| ls -lah result | |
| - name: hhfab build --mode=iso | |
| run: | | |
| bin/hhfab build -v --mode=iso | |
| ls -lah result | |
| - name: Dump local registry logs | |
| if: ${{ always() }} | |
| run: | | |
| cat .zot/log | |
| - name: Setup tmate session for debug | |
| if: ${{ failure() && github.event_name == 'workflow_dispatch' && inputs.debug_enabled }} | |
| uses: mxschmitt/action-tmate@v3 | |
| timeout-minutes: 30 | |
| with: | |
| limit-access-to-actor: true | |
| bundles: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - bundle | |
| if: ${{ always() }} | |
| steps: | |
| - run: | | |
| result="${{ needs.bundle.result }}" | |
| if [[ $result == "success" || $result == "skipped" ]]; then | |
| exit 0 | |
| else | |
| exit 1 | |
| fi | |
| vlab: | |
| name: "${{ matrix.hybrid && 'h' || 'v' }}-${{ matrix.upgradefrom && 'up' || '' }}${{ matrix.upgradefrom }}${{ matrix.upgradefrom && '-' || '' }}${{ matrix.mesh && 'mesh-' || '' }}${{ matrix.gateway && 'gw-' || '' }}${{ matrix.includeonie && 'onie-' || '' }}${{ matrix.buildmode }}-${{ matrix.vpcmode }}${{ (inputs.releasetest == true || contains(github.event.pull_request.labels.*.name, 'ci:+release') || github.event.schedule == '0 6 * * *') && '-rt' || '' }}" | |
| needs: | |
| - test-build | |
| uses: ./.github/workflows/run-vlab.yaml | |
| with: | |
| # if pull_request: skip hlab if not ci:+hlab and skip vlab if ci:-vlab | |
| skip: >- | |
| ${{ | |
| github.event_name == 'pull_request' | |
| && ( | |
| matrix.hybrid && !contains(github.event.pull_request.labels.*.name, 'ci:+hlab') | |
| || !matrix.hybrid && contains(github.event.pull_request.labels.*.name, 'ci:-vlab') | |
| || matrix.upgradefrom != '' && contains(github.event.pull_request.labels.*.name, 'ci:-upgrade') | |
| ) | |
| }} | |
| fabricatorref: ${{ github.ref }} | |
| fabricmode: spine-leaf | |
| mesh: ${{ matrix.mesh }} | |
| gateway: ${{ matrix.gateway }} | |
| includeonie: ${{ matrix.includeonie }} | |
| buildmode: ${{ matrix.buildmode }} | |
| vpcmode: ${{ matrix.vpcmode }} | |
| releasetest: ${{ inputs.releasetest == true || contains(github.event.pull_request.labels.*.name, 'ci:+release') || github.event.schedule == '0 6 * * *' }} | |
| hybrid: ${{ matrix.hybrid }} | |
| upgradefrom: ${{ matrix.upgradefrom }} | |
| strategy: | |
| fail-fast: false | |
| # usb/iso/manual build modes as a base | |
| matrix: | |
| mesh: | |
| - false | |
| gateway: | |
| - false | |
| includeonie: | |
| - false | |
| buildmode: | |
| - usb | |
| - iso | |
| - manual | |
| vpcmode: | |
| - l2vni | |
| hybrid: | |
| - false | |
| upgradefrom: | |
| - "" | |
| include: | |
| # mesh l2vni | |
| - mesh: true | |
| includeonie: false | |
| gateway: false | |
| buildmode: iso | |
| vpcmode: l2vni | |
| hybrid: false | |
| upgradefrom: "" | |
| # mesh l3vni | |
| - mesh: true | |
| includeonie: false | |
| gateway: false | |
| buildmode: iso | |
| vpcmode: l3vni | |
| hybrid: false | |
| upgradefrom: "" | |
| # gateway l2vni w/ onie, usb (max artifacts) | |
| - mesh: false | |
| gateway: true | |
| includeonie: true | |
| buildmode: usb | |
| vpcmode: l2vni | |
| hybrid: false | |
| upgradefrom: "" | |
| # gateway l2vni w/ onie, iso (max artifacts) | |
| - mesh: false | |
| gateway: true | |
| includeonie: true | |
| buildmode: iso | |
| vpcmode: l2vni | |
| hybrid: false | |
| upgradefrom: "" | |
| # l3vni | |
| - mesh: false | |
| gateway: false | |
| includeonie: false | |
| buildmode: iso | |
| vpcmode: l3vni | |
| hybrid: false | |
| upgradefrom: "" | |
| # gateway l3vni | |
| - mesh: false | |
| gateway: true | |
| includeonie: false | |
| buildmode: iso | |
| vpcmode: l3vni | |
| hybrid: false | |
| upgradefrom: "" | |
| # hlab gateway l2vni | |
| - mesh: false | |
| gateway: true | |
| includeonie: false | |
| buildmode: iso | |
| vpcmode: l2vni | |
| hybrid: true | |
| upgradefrom: "" | |
| # l2vni from 25.04 | |
| - mesh: false | |
| gateway: false | |
| includeonie: false | |
| buildmode: iso | |
| vpcmode: l2vni | |
| hybrid: false | |
| upgradefrom: "25.04" | |
| # l3vni from 25.04 | |
| - mesh: false | |
| gateway: false | |
| includeonie: false | |
| buildmode: iso | |
| vpcmode: l3vni | |
| hybrid: false | |
| upgradefrom: "25.04" | |
| # mesh l2vni from 25.04 | |
| - fabricmode: spine-leaf | |
| mesh: true | |
| gateway: false | |
| includeonie: false | |
| buildmode: iso | |
| vpcmode: l2vni | |
| hybrid: false | |
| upgradefrom: "25.04" | |
| # gateway l2vni from 25.05 | |
| - mesh: false | |
| gateway: true | |
| includeonie: false | |
| buildmode: iso | |
| vpcmode: l2vni | |
| hybrid: false | |
| upgradefrom: "25.05" | |
| # gateway l3vni from 25.05 | |
| - mesh: false | |
| gateway: true | |
| includeonie: false | |
| buildmode: iso | |
| vpcmode: l3vni | |
| hybrid: false | |
| upgradefrom: "25.05" | |
| # gateway mesh l2vni from 25.05 | |
| - fabricmode: spine-leaf | |
| mesh: true | |
| gateway: true | |
| includeonie: false | |
| buildmode: iso | |
| vpcmode: l2vni | |
| hybrid: false | |
| upgradefrom: "25.05" | |
| vlabs: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - vlab | |
| if: ${{ always() }} | |
| steps: | |
| - run: | | |
| result="${{ needs.vlab.result }}" | |
| if [[ $result == "success" || $result == "skipped" ]]; then | |
| exit 0 | |
| else | |
| exit 1 | |
| fi | |
| publish-test-results: | |
| if: ${{ (inputs.releasetest == true || contains(github.event.pull_request.labels.*.name, 'ci:+release') || github.event.schedule == '0 6 * * *') && !cancelled() }} | |
| runs-on: lab | |
| needs: | |
| - vlabs | |
| permissions: | |
| checks: write | |
| pull-requests: write | |
| steps: | |
| - name: Download Artifacts | |
| uses: actions/download-artifact@v6 | |
| with: | |
| path: artifacts | |
| - name: Publish Test Results | |
| uses: EnricoMi/publish-unit-test-result-action@v2 | |
| with: | |
| files: "artifacts/**/release-test.xml" | |
| report_individual_runs: true | |
| check_name: "Release Tests" | |
| publish-release: | |
| runs-on: lab | |
| if: ${{ startsWith(github.event.ref, 'refs/tags/v') && github.event_name == 'push' }} | |
| needs: | |
| - test-build | |
| - bundle | |
| - vlab | |
| permissions: | |
| contents: write # to be able to create a GH release | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: go.mod | |
| cache: false | |
| - name: Login to ghcr.io | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Publish Images, Helm charts and Bins on release | |
| run: | | |
| just --timestamp oci_repo=ghcr.io push push-multi | |
| - name: Create GH Release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| make_latest: true # TODO do it for master only | |
| files: | | |
| bin/hhfab-*.tar.gz | |
| bin/hhfabctl-*.tar.gz | |
| # Bump fabricator docs in the docs repository | |
| - name: Checkout docs repository | |
| uses: actions/checkout@v6 | |
| with: | |
| repository: githedgehog/docs | |
| path: docs-repo | |
| persist-credentials: false | |
| - name: Copy docs from fabricator to docs | |
| run: | | |
| cp docs/api.md docs-repo/docs/reference/fab-api.md.gen | |
| - name: Generate token for the docs repository | |
| uses: actions/create-github-app-token@v2 | |
| id: docs-app-token | |
| with: | |
| app-id: ${{ secrets.DOCS_APP_ID }} | |
| private-key: ${{ secrets.DOCS_PRIVATE_KEY }} | |
| repositories: | | |
| docs | |
| - name: Create Pull Request for docs | |
| uses: peter-evans/create-pull-request@v7 | |
| with: | |
| token: ${{ steps.docs-app-token.outputs.token }} | |
| path: docs-repo | |
| branch: pr/auto/fabricator-bump | |
| commit-message: | | |
| Update docs from fabricator@${{ github.ref_name }} | |
| This is an automated commit created by GitHub Actions workflow, | |
| in the fabricator repository. | |
| signoff: true | |
| title: "Update docs from fabricator@${{ github.ref_name }}" | |
| body: | | |
| This is an automated Pull Request created by GitHub Actions workflow, | |
| in the fabricator repository. | |
| - name: Setup tmate session for debug | |
| if: ${{ failure() && github.event_name == 'workflow_dispatch' && inputs.debug_enabled }} | |
| uses: mxschmitt/action-tmate@v3 | |
| timeout-minutes: 30 | |
| with: | |
| limit-access-to-actor: true | |
| publish-master: | |
| runs-on: lab | |
| if: ${{ github.ref == 'refs/heads/master' && github.event_name == 'push' }} | |
| needs: | |
| - test-build | |
| - bundle | |
| - vlab | |
| permissions: | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: go.mod | |
| cache: false | |
| - name: Login to ghcr.io | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Generate temp artifacts version | |
| id: version-gen | |
| env: | |
| commit_sha: ${{ github.event.pull_request.head.sha || github.sha }} | |
| run: | | |
| echo "version=v0-master-${commit_sha::9}" >> "$GITHUB_OUTPUT" | |
| echo "ref=${commit_sha}" >> "$GITHUB_OUTPUT" | |
| - name: Build all and push all artifacts | |
| run: | | |
| just --timestamp oci_repo=ghcr.io version="${{ steps.version-gen.outputs.version }}" push push-multi | |
| - name: Setup tmate session for debug | |
| if: ${{ failure() && github.event_name == 'workflow_dispatch' && inputs.debug_enabled }} | |
| uses: mxschmitt/action-tmate@v3 | |
| timeout-minutes: 30 | |
| with: | |
| limit-access-to-actor: true |