name: e2e

on:
  workflow_dispatch:
  push:
    branches: [ 'main', 'release/**' ]
  pull_request:
    branches: [ 'main', 'release/**' ]
    paths-ignore: [ 'docs/**', 'rfcs/**' ]

permissions:
  contents: read

jobs:
  e2e-amd64-kubernetes:
    runs-on: ubuntu-latest
    services:
      registry:
        image: registry:2
        ports:
          - 5000:5000
    steps:
      - name: Checkout
        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
      - name: Setup Go
        uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
        with:
          go-version: 1.20.x
          cache-dependency-path: |
            **/go.sum
            **/go.mod
      - name: Setup Kubernetes
        uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0
        with:
          version: v0.20.0
          cluster_name: kind
          config: .github/kind/config.yaml # disable KIND-net
          # The versions below should target the newest Kubernetes version
          # Keep this up-to-date with https://endoflife.date/kubernetes
          node_image: kindest/node:v1.28.0@sha256:9f3ff58f19dcf1a0611d11e8ac989fdb30a28f40f236f59f0bea31fb956ccf5c
          kubectl_version: v1.28.0
      - name: Setup Calico for network policy
        run: |
          kubectl apply -f https://docs.projectcalico.org/v3.25/manifests/calico.yaml
          kubectl -n kube-system set env daemonset/calico-node FELIX_IGNORELOOSERPF=true
      - name: Setup Kustomize
        uses: fluxcd/pkg/actions/kustomize@main
      - name: Run tests
        run: make test
      - name: Run e2e tests
        run: TEST_KUBECONFIG=$HOME/.kube/config make e2e
      - name: Check if working tree is dirty
        run: |
          if [[ $(git diff --stat) != '' ]]; then
            git diff
            echo 'run make test and commit changes'
            exit 1
          fi
      - name: Build
        run: |
          go build -o /tmp/flux ./cmd/flux
      - name: flux check --pre
        run: |
          /tmp/flux check --pre
      - name: flux install --manifests
        run: |
          /tmp/flux install --manifests ./manifests/install/
      - name: flux create secret
        run: |
          /tmp/flux create secret git git-ssh-test \
            --url ssh://git@github.com/stefanprodan/podinfo
          /tmp/flux create secret git git-https-test \
            --url https://github.com/stefanprodan/podinfo \
            --username=test --password=test
          /tmp/flux create secret helm helm-test \
            --username=test --password=test
      - name: flux create source git
        run: |
          /tmp/flux create source git podinfo \
            --url https://github.com/stefanprodan/podinfo  \
            --tag-semver=">=6.3.5"
      - name: flux create source git export apply
        run: |
          /tmp/flux create source git podinfo-export \
            --url https://github.com/stefanprodan/podinfo  \
            --tag-semver=">=6.3.5" \
            --export | kubectl apply -f -
          /tmp/flux delete source git podinfo-export --silent
      - name: flux get sources git
        run: |
          /tmp/flux get sources git
      - name: flux get sources git --all-namespaces
        run: |
          /tmp/flux get sources git --all-namespaces
      - name: flux create kustomization
        run: |
          /tmp/flux create kustomization podinfo \
            --source=podinfo \
            --path="./deploy/overlays/dev" \
            --prune=true \
            --interval=5m \
            --health-check="Deployment/frontend.dev" \
            --health-check="Deployment/backend.dev" \
            --health-check-timeout=3m
      - name: flux trace
        run: |
          /tmp/flux trace frontend \
            --kind=deployment \
            --api-version=apps/v1 \
            --namespace=dev
      - name: flux reconcile kustomization --with-source
        run: |
          /tmp/flux reconcile kustomization podinfo --with-source
      - name: flux get kustomizations
        run: |
          /tmp/flux get kustomizations
      - name: flux get kustomizations --all-namespaces
        run: |
          /tmp/flux get kustomizations --all-namespaces
      - name: flux suspend kustomization
        run: |
          /tmp/flux suspend kustomization podinfo
      - name: flux resume kustomization
        run: |
          /tmp/flux resume kustomization podinfo
      - name: flux export
        run: |
          /tmp/flux export source git --all
          /tmp/flux export kustomization --all
      - name: flux delete kustomization
        run: |
          /tmp/flux delete kustomization podinfo --silent
      - name: flux create source helm
        run: |
          /tmp/flux create source helm podinfo \
            --url https://stefanprodan.github.io/podinfo
      - name: flux create helmrelease --source=HelmRepository/podinfo
        run: |
          /tmp/flux create hr podinfo-helm \
            --target-namespace=default \
            --source=HelmRepository/podinfo.flux-system \
            --chart=podinfo \
            --chart-version=">6.0.0 <7.0.0"
      - name: flux create helmrelease --source=GitRepository/podinfo
        run: |
          /tmp/flux create hr podinfo-git \
            --target-namespace=default \
            --source=GitRepository/podinfo \
            --chart=./charts/podinfo
      - name: flux reconcile helmrelease --with-source
        run: |
          /tmp/flux reconcile helmrelease podinfo-git --with-source
      - name: flux get helmreleases
        run: |
          /tmp/flux get helmreleases
      - name: flux get helmreleases --all-namespaces
        run: |
          /tmp/flux get helmreleases --all-namespaces
      - name: flux export helmrelease
        run: |
          /tmp/flux export hr --all
      - name: flux delete helmrelease podinfo-helm
        run: |
          /tmp/flux delete hr podinfo-helm --silent
      - name: flux delete helmrelease podinfo-git
        run: |
          /tmp/flux delete hr podinfo-git --silent
      - name: flux delete source helm
        run: |
          /tmp/flux delete source helm podinfo --silent
      - name: flux delete source git
        run: |
          /tmp/flux delete source git podinfo --silent
      - name: flux oci artifacts
        run: |
          /tmp/flux push artifact oci://localhost:5000/fluxcd/flux:${{ github.sha }} \
            --path="./manifests" \
            --source="${{ github.repositoryUrl }}" \
            --revision="${{ github.ref }}@sha1:${{ github.sha }}"
          /tmp/flux tag artifact oci://localhost:5000/fluxcd/flux:${{ github.sha }} \
            --tag latest
          /tmp/flux list artifacts oci://localhost:5000/fluxcd/flux
      - name: flux oci repositories
        run: |
          /tmp/flux create source oci podinfo-oci \
            --url oci://ghcr.io/stefanprodan/manifests/podinfo \
            --tag-semver 6.3.x \
            --interval 10m
          /tmp/flux create kustomization podinfo-oci \
            --source=OCIRepository/podinfo-oci \
            --path="./" \
            --prune=true \
            --interval=5m \
            --target-namespace=default \
            --wait=true \
            --health-check-timeout=3m
          /tmp/flux reconcile source oci podinfo-oci
          /tmp/flux suspend source oci podinfo-oci
          /tmp/flux get sources oci
          /tmp/flux resume source oci podinfo-oci
          /tmp/flux export source oci podinfo-oci
          /tmp/flux delete ks podinfo-oci --silent
          /tmp/flux delete source oci podinfo-oci --silent
      - name: flux create tenant
        run: |
          /tmp/flux create tenant dev-team --with-namespace=apps
          /tmp/flux -n apps create source helm podinfo \
            --url https://stefanprodan.github.io/podinfo
          /tmp/flux -n apps create hr podinfo-helm \
            --source=HelmRepository/podinfo \
            --chart=podinfo \
            --chart-version="6.3.x" \
            --service-account=dev-team
      - name: flux2-kustomize-helm-example
        run: |
          /tmp/flux create source git flux-system \
          --url=https://github.com/fluxcd/flux2-kustomize-helm-example \
          --branch=main \
          --ignore-paths="./clusters/**/flux-system/" \
          --recurse-submodules
          /tmp/flux create kustomization flux-system \
          --source=flux-system \
          --path=./clusters/staging
          kubectl -n flux-system wait kustomization/infra-controllers --for=condition=ready --timeout=5m
          kubectl -n flux-system wait kustomization/apps --for=condition=ready --timeout=5m
          kubectl -n podinfo wait helmrelease/podinfo --for=condition=ready --timeout=5m
      - name: flux tree
        run: |
          /tmp/flux tree kustomization flux-system | grep Service/podinfo
      - name: flux check
        run: |
          /tmp/flux check
      - name: flux uninstall
        run: |
          /tmp/flux uninstall --silent
      - name: Debug failure
        if: failure()
        run: |
          kubectl version --client --short
          kubectl -n flux-system get all
          kubectl -n flux-system describe pods
          kubectl -n flux-system get kustomizations -oyaml
          kubectl -n flux-system logs deploy/source-controller
          kubectl -n flux-system logs deploy/kustomize-controller