Merge pull request #5 from fluxcd/setup-kubernetes

Add composite action for Kubernetes e2e testing

Author: stefanprodan

.github/actions/setup-kubernetes/action.yaml

@@ -0,0 +1,35 @@
+name: setup-kubernetes
+author: "The Flux Authors"
+description: Setups Kubernetes Kind cluster and Docker BuildKit for Flux controller e2e testing
+inputs:
+  go-version:
+    description: 'Go version to setup'
+    required: true
+  kind-version:
+    description: 'Kind version to setup'
+    required: false
+    default: 'v0.30.0'
+runs:
+  using: "composite"
+  steps:
+    - name: Checkout
+      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+    - name: Setup Kustomize
+      uses: fluxcd/pkg/actions/kustomize@bf02f0a2d612cc07e0892166369fa8f63246aabb # main
+    - name: Setup QEMU
+      uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0
+    - name: Setup Docker Buildx
+      id: buildx
+      uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
+    - name: Setup Go
+      uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+      with:
+        go-version: ${{ inputs.go-version }}
+        cache-dependency-path: |
+          **/go.sum
+          **/go.mod
+    - name: Setup Kubernetes
+      uses: helm/kind-action@a1b0e391336a6ee6713a0583f8c6240d70863de3 # v1.12.0
+      with:
+        version: ${{ inputs.kind-version }}
+        cluster_name: kind

.github/dependabot.yaml

@@ -2,7 +2,9 @@ version: 2
 
 updates:
   - package-ecosystem: "github-actions"
-    directory: "/"
+    directories:
+      - "/"
+      - "/.github/actions/*"
     groups:
       actions:
         patterns:

README.md

@@ -3,38 +3,35 @@
 [![license](https://img.shields.io/github/license/fluxcd/gha-workflows.svg)](https://github.com/fluxcd/gha-workflows/blob/main/LICENSE)
 [![release](https://img.shields.io/github/release/fluxcd/gha-workflows/all.svg)](https://github.com/fluxcd/gha-workflows/releases)
 
-This repository contains reusable GitHub Workflows shared across the Flux controller repositories.
+This repository contains reusable GitHub Workflows and Composite Actions shared across the Flux controller repositories.
 
 ## Workflows
 
-### Release Flux controllers
+### Release Flux controller
 
 The [controller-release](.github/workflows/controller-release.yaml) workflow automates the release of
 Flux controllers by performing the following steps:
 
-- Builds multi-arch images for `linux/amd64`, `linux/arm64` and `linux/arm/v7` with Docker
-- Generates SBOMs for each architecture with Syft
-- Pushes the images to `ghcr.io/fluxcd` and `docker.io/fluxcd`
-- Signs the images with Cosign and GitHub OIDC
-- Creates a GitHub Release with GoReleaser
-- Outputs metadata for SLSA attestations
+- Builds multi-arch images for `linux/amd64`, `linux/arm64` and `linux/arm/v7` with Docker.
+- Generates SBOMs for each architecture with Syft.
+- Pushes the images to `ghcr.io/fluxcd` and `docker.io/fluxcd`.
+- Signs the images with Cosign and GitHub OIDC.
+- Creates a GitHub Release with GoReleaser.
+- Outputs metadata for SLSA attestations.
 
 Example usage:
 
 ```yaml
 name: release
-
 on:
   push:
-    tags:
-      - 'v*'
+    tags: [ 'v*' ]
   workflow_dispatch:
     inputs:
       tag:
         description: 'image tag prefix'
         default: 'rc'
         required: false
-
 jobs:
   release:
     permissions:
@@ -47,7 +44,7 @@ jobs:
       release-candidate-prefix: ${{ github.event.inputs.tag }}
     secrets:
       github-token: ${{ secrets.GITHUB_TOKEN }}
-      dockerhub-token: ${{ secrets.DOCKER_FLUXCD_PASSWORD }}
+      dockerhub-token: ${{ secrets.DOCKERHUB_TOKEN }}
 ```
 
 3rd-party actions used:
@@ -83,8 +80,8 @@ on:
 jobs:
   backport:
     permissions:
-      contents: write
-      pull-requests: write
+      contents: write # for reading and creating branches.
+      pull-requests: write # for creating pull requests against release branches.
     uses: fluxcd/gha-workflows/.github/workflows/[email protected]
     secrets:
       github-token: ${{ secrets.GITHUB_TOKEN }}
@@ -112,8 +109,8 @@ on:
 jobs:
   analyze:
     permissions:
-      contents: read
-      security-events: write
+      contents: read # for reading the repository code.
+      security-events: write # for uploading the CodeQL analysis results.
     uses: fluxcd/gha-workflows/.github/workflows/[email protected]
     secrets:
       github-token: ${{ secrets.GITHUB_TOKEN }}
@@ -140,15 +137,14 @@ name: sync-labels
 on:
   workflow_dispatch:
   push:
-    branches:
-      - main
+    branches: [ main ]
     paths:
       - .github/labels.yaml
 jobs:
   sync-labels:
     permissions:
-      issues: write
-      contents: read
+      contents: read # for reading the labels file.
+      issues: write # for creating and updating labels.
     uses: fluxcd/gha-workflows/.github/workflows/[email protected]
     with:
       labels-file: .github/labels.yaml
@@ -160,6 +156,42 @@ jobs:
 
 - [EndBug/label-sync](https://github.com/EndBug/label-sync)
 
+## Composite Actions
+
+### Setup Kubernetes
+
+The [setup-kubernetes](.github/actions/setup-kubernetes/action.yaml) composite action configures
+the GitHub runner to build and test Flux controllers with Kubernetes Kind clusters.
+
+Example usage:
+
+```yaml
+name: e2e
+on:
+  pull_request:
+  push:
+    branches: [ main ]
+jobs:
+  kind:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read # for reading the repository code.
+    steps:
+      - name: Test suite setup
+        uses: fluxcd/gha-workflows/.github/actions/[email protected]
+        with:
+          go-version: 1.25.x
+          kind-version: v0.30.0
+      - name: Run tests
+        run: make test
+```
+
+3rd-party actions used:
+
+- [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action)
+- [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
+- [helm/kind-action](https://github.com/helm/kind-action)
+
 ## Contributing
 
 - The workflows must be placed in the `.github/workflows` directory and