diff --git a/.github/actions/deploy-components/action.yaml b/.github/actions/deploy-components/action.yaml index e734a38b..0f89ecbc 100644 --- a/.github/actions/deploy-components/action.yaml +++ b/.github/actions/deploy-components/action.yaml @@ -37,6 +37,22 @@ inputs: description: 'Set slim chart version' required: false default: '' + slim-controller-image-tag: + description: 'Set slim controller container image version' + required: false + default: '' + preload-slim-images: + description: 'Load prebuilt slim images into kind' + required: false + default: 'false' + slim-node-image: + description: 'Full slim node image reference to load into kind' + required: false + default: '' + slim-controller-image: + description: 'Full slim controller image reference to load into kind' + required: false + default: '' deploy-directory: description: 'Deploy directory to a kind cluster' required: false @@ -116,6 +132,20 @@ runs: task -d ./${{ inputs.checkout-path }} integrations:kind:create \ KIND_CLUSTER_NAME=${{ inputs.kind-cluster-name }} + - name: Load prebuilt slim images into kind + if: ${{ inputs.preload-slim-images != 'false' }} + shell: bash + run: | + set -euo pipefail + + if [ -z "${{ inputs.slim-node-image }}" ] || [ -z "${{ inputs.slim-controller-image }}" ]; then + echo "Both slim-node-image and slim-controller-image are required when preload-slim-images is enabled." + exit 1 + fi + + kind load docker-image "${{ inputs.slim-node-image }}" --name "${{ inputs.kind-cluster-name }}" + kind load docker-image "${{ inputs.slim-controller-image }}" --name "${{ inputs.kind-cluster-name }}" + - name: Deploy SPIRE if: ${{ inputs.deploy-spire != 'false' }} shell: bash @@ -128,12 +158,14 @@ runs: run: | task -d ./${{ inputs.checkout-path }} integrations:slim:test-env:deploy:controller \ SLIM_IMAGE_TAG=${{ inputs.slim-image-tag }} \ + SLIM_CONTROLLER_IMAGE_TAG=${{ inputs.slim-controller-image-tag }} \ SLIM_CHART_TAG=${{ inputs.slim-chart-tag }} \ KIND_CLUSTER_NAME=${{ inputs.kind-cluster-name }} \ HELM_NAMESPACE=${{ inputs.kind-cluster-namespace }} task -d ./${{ inputs.checkout-path }} integrations:slim:test-env:deploy:clusters \ SLIM_IMAGE_TAG=${{ inputs.slim-image-tag }} \ + SLIM_CONTROLLER_IMAGE_TAG=${{ inputs.slim-controller-image-tag }} \ SLIM_CHART_TAG=${{ inputs.slim-chart-tag }} \ KIND_CLUSTER_NAME=${{ inputs.kind-cluster-name }} \ HELM_NAMESPACE=${{ inputs.kind-cluster-namespace }} diff --git a/.github/workflows/test-integrations.yaml b/.github/workflows/test-integrations.yaml index 8e1ae3ee..73d7e418 100644 --- a/.github/workflows/test-integrations.yaml +++ b/.github/workflows/test-integrations.yaml @@ -112,6 +112,52 @@ jobs: with: kind-version: ${{ needs.set-kind-version.outputs.kind-version }} + - name: Resolve slim image tags + id: resolve-slim-tags + shell: bash + run: | + set -euo pipefail + if [ -n "${{ inputs.override_slim_image_tag }}" ]; then + tag="${{ inputs.override_slim_image_tag }}" + else + tag="local-${GITHUB_SHA::12}" + fi + echo "slim_tag=${tag}" >> "$GITHUB_OUTPUT" + echo "controller_tag=${tag}" >> "$GITHUB_OUTPUT" + + - name: Checkout slim source + if: ${{ inputs.override_slim_image_tag == '' }} + uses: actions/checkout@v4 + with: + repository: agntcy/slim + fetch-depth: 1 + path: slim-src + + - name: Set up Docker Buildx + if: ${{ inputs.override_slim_image_tag == '' }} + uses: docker/setup-buildx-action@v3 + + - name: Build slim images (linux/amd64) + if: ${{ inputs.override_slim_image_tag == '' }} + shell: bash + run: | + set -euo pipefail + SLIM_TAG="${{ steps.resolve-slim-tags.outputs.slim_tag }}" + + docker buildx build \ + --platform linux/amd64 \ + --load \ + --tag "ghcr.io/agntcy/slim:${SLIM_TAG}" \ + --file slim-src/data-plane/Dockerfile \ + slim-src + + docker buildx build \ + --platform linux/amd64 \ + --load \ + --tag "ghcr.io/agntcy/slim/control-plane:${SLIM_TAG}" \ + --file slim-src/control-plane/Dockerfile \ + slim-src + - name: Deploy Slim with Controller uses: ./.github/actions/deploy-components with: @@ -119,7 +165,11 @@ jobs: deploy-spire: "true" deploy-slim-topology: "true" slim-config: "spire" - slim-image-tag: ${{ inputs.override_slim_image_tag }} + preload-slim-images: ${{ inputs.override_slim_image_tag == '' }} + slim-node-image: ghcr.io/agntcy/slim:${{ steps.resolve-slim-tags.outputs.slim_tag }} + slim-controller-image: ghcr.io/agntcy/slim/control-plane:${{ steps.resolve-slim-tags.outputs.controller_tag }} + slim-image-tag: ${{ steps.resolve-slim-tags.outputs.slim_tag }} + slim-controller-image-tag: ${{ steps.resolve-slim-tags.outputs.controller_tag }} slim-chart-tag: ${{ inputs.override_slim_chart_tag }} - name: Run slim topology test diff --git a/integrations/agntcy-slim/Taskfile.yml b/integrations/agntcy-slim/Taskfile.yml index 73c5c404..f9f03f8b 100644 --- a/integrations/agntcy-slim/Taskfile.yml +++ b/integrations/agntcy-slim/Taskfile.yml @@ -14,11 +14,11 @@ vars: MCP_PROXY_IMAGE_TAG: '{{ .MCP_PROXY_IMAGE_TAG | default "0.1.5" }}' SLIM_CONFIG: '{{ .SLIM_CONFIG | default "base" }}' - SLIM_CHART_TAG: '{{ .SLIM_CHART_TAG | default "v0.7.0" }}' - SLIM_IMAGE_TAG: '{{ .SLIM_IMAGE_TAG | default "0.7.2-dev.1" }}' + SLIM_CHART_TAG: '{{ .SLIM_CHART_TAG | default "v1.0.0" }}' + SLIM_IMAGE_TAG: '{{ .SLIM_IMAGE_TAG | default "1.3.0-rc.0" }}' - SLIM_CONTROLLER_CHART_TAG: '{{ .SLIM_CONTROLLER_CHART_TAG | default "v0.7.0" }}' - SLIM_CONTROLLER_IMAGE_TAG: '{{ .SLIM_CONTROLLER_IMAGE_TAG | default "0.7.2-dev.1" }}' + SLIM_CONTROLLER_CHART_TAG: '{{ .SLIM_CONTROLLER_CHART_TAG | default "v1.0.0" }}' + SLIM_CONTROLLER_IMAGE_TAG: '{{ .SLIM_CONTROLLER_IMAGE_TAG | default "1.0.0" }}' SLIM_CONTROLLER_ENDPOINT: '{{ .SLIM_CONTROLLER_ENDPOINT | default "https://slim-control.admin.svc.cluster.local:50052" }}' SLIM_CONTROLLER_LOCAL_ENDPOINT: '{{ .SLIM_CONTROLLER_LOCAL_ENDPOINT | default "localhost:50051" }}' @@ -116,6 +116,22 @@ tasks: - test-env:generate:cluster-configs cmd: | #!/bin/sh + cleanup_watch() { + if [ -n "${KUBE_WATCH_PID:-}" ]; then + kill "$KUBE_WATCH_PID" 2>/dev/null || true + wait "$KUBE_WATCH_PID" 2>/dev/null || true + fi + } + trap cleanup_watch EXIT + + # Watch workload resources cluster-wide for up to 10m while Helm --wait runs (multi-namespace deploy). + if command -v timeout >/dev/null 2>&1; then + timeout 600s kubectl get pods -A -o wide -w & + else + kubectl get pods -A -o wide -w & + fi + KUBE_WATCH_PID=$! + for file in "./config/.gen"/*.yaml ;do helm upgrade agntcy-$(basename "$file" .yaml) \ oci://{{ .IMAGE_REPO }}/slim/helm/slim \ diff --git a/integrations/agntcy-slim/config/peer-to-peer.yaml b/integrations/agntcy-slim/config/peer-to-peer.yaml index 0ac1feda..ec054825 100644 --- a/integrations/agntcy-slim/config/peer-to-peer.yaml +++ b/integrations/agntcy-slim/config/peer-to-peer.yaml @@ -6,7 +6,7 @@ topology: - "cluster-b" image: ghcr.io/agntcy/slim/bindings-examples:0.7.1 args: - - p2p + - slim-bindings-p2p - --local - org/ns/alice - --spire-socket-path @@ -20,7 +20,7 @@ topology: - "cluster-a" image: ghcr.io/agntcy/slim/bindings-examples:0.7.1 args: - - p2p + - slim-bindings-p2p - --local - org/ns/bob - --remote diff --git a/integrations/agntcy-slim/tests/topology_test.go b/integrations/agntcy-slim/tests/topology_test.go index 9ff1a6ae..056a90da 100644 --- a/integrations/agntcy-slim/tests/topology_test.go +++ b/integrations/agntcy-slim/tests/topology_test.go @@ -182,7 +182,7 @@ var _ = ginkgo.Describe("Agntcy slim topology test", func() { cfgJSON, err := json.Marshal(cfg) gomega.Expect(err).NotTo(gomega.HaveOccurred(), "failed to marshal client config") - args := append(args, "--slim", string(cfgJSON)) + args := append(args, "--slim-config", string(cfgJSON)) k8sHelper = k8sHelper.WithArgs(args).WithSpire() } else { @@ -196,7 +196,7 @@ var _ = ginkgo.Describe("Agntcy slim topology test", func() { cfgJSON, err := json.Marshal(cfg) gomega.Expect(err).NotTo(gomega.HaveOccurred(), "failed to marshal client config") - args = append(args, "--slim", string(cfgJSON)) + args = append(args, "--slim-config", string(cfgJSON)) k8sHelper = k8sHelper.WithArgs(args) }