name: e2e

on:
  workflow_dispatch:
  push:
    branches: [ main ]
  pull_request:
    branches: [ main, oci ]

permissions:
  contents: read

jobs:
  e2e-amd64-kubernetes:
    runs-on: ubuntu-latest
    services:
      registry:
        image: registry:2
        ports:
          - 5000:5000
    steps:
      - name: Checkout
        uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c
      - name: Restore Go cache
        uses: actions/cache@58c146cc91c5b9e778e71775dfe9bf1442ad9a12
        with:
          path: ~/go/pkg/mod
          key: ${{ runner.os }}-go1.18-${{ hashFiles('**/go.sum') }}
          restore-keys: |
            ${{ runner.os }}-go1.18-
      - name: Setup Go
        uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568
        with:
          go-version: 1.19.x
      - name: Setup Kubernetes
        uses: engineerd/setup-kind@aa272fe2a7309878ffc2a81c56cfe3ef108ae7d0 # v0.5.0
        with:
          version: v0.11.1
          image: kindest/node:v1.23.13
          config: .github/kind/config.yaml # disable KIND-net
      - name: Setup Calico for network policy
        run: |
          kubectl apply -f https://docs.projectcalico.org/v3.20/manifests/calico.yaml
          kubectl -n kube-system set env daemonset/calico-node FELIX_IGNORELOOSERPF=true
      - name: Setup Kustomize
        uses: fluxcd/pkg//actions/kustomize@main
      - name: Run tests
        run: make test
      - name: Run e2e tests
        run: TEST_KUBECONFIG=$HOME/.kube/config make e2e
      - name: Check if working tree is dirty
        run: |
          if [[ $(git diff --stat) != '' ]]; then
            git diff
            echo 'run make test and commit changes'
            exit 1
          fi
      - name: Build
        run: |
          go build -o /tmp/flux ./cmd/flux
      - name: flux check --pre
        run: |
          /tmp/flux check --pre
      - name: flux install --manifests
        run: |
          /tmp/flux install --manifests ./manifests/install/
      - name: flux create secret
        run: |
          /tmp/flux create secret git git-ssh-test \
            --url ssh://git@github.com/stefanprodan/podinfo
          /tmp/flux create secret git git-https-test \
            --url https://github.com/stefanprodan/podinfo \
            --username=test --password=test
          /tmp/flux create secret helm helm-test \
            --username=test --password=test
      - name: flux create source git
        run: |
          /tmp/flux create source git podinfo \
            --url https://github.com/stefanprodan/podinfo  \
            --tag-semver=">=3.2.3"
      - name: flux create source git export apply
        run: |
          /tmp/flux create source git podinfo-export \
            --url https://github.com/stefanprodan/podinfo  \
            --tag-semver=">=3.2.3" \
            --export | kubectl apply -f -
          /tmp/flux delete source git podinfo-export --silent
      - name: flux create source git libgit2 semver
        run: |
          /tmp/flux create source git podinfo-libgit2 \
            --url https://github.com/stefanprodan/podinfo  \
            --tag-semver=">=3.2.3" \
            --git-implementation=libgit2
          /tmp/flux delete source git podinfo-libgit2 --silent
      - name: flux get sources git
        run: |
          /tmp/flux get sources git
      - name: flux get sources git --all-namespaces
        run: |
          /tmp/flux get sources git --all-namespaces
      - name: flux create kustomization
        run: |
          /tmp/flux create kustomization podinfo \
            --source=podinfo \
            --path="./deploy/overlays/dev" \
            --prune=true \
            --interval=5m \
            --health-check="Deployment/frontend.dev" \
            --health-check="Deployment/backend.dev" \
            --health-check-timeout=3m
      - name: flux trace
        run: |
          /tmp/flux trace frontend \
            --kind=deployment \
            --api-version=apps/v1 \
            --namespace=dev
      - name: flux reconcile kustomization --with-source
        run: |
          /tmp/flux reconcile kustomization podinfo --with-source
      - name: flux get kustomizations
        run: |
          /tmp/flux get kustomizations
      - name: flux get kustomizations --all-namespaces
        run: |
          /tmp/flux get kustomizations --all-namespaces
      - name: flux suspend kustomization
        run: |
          /tmp/flux suspend kustomization podinfo
      - name: flux resume kustomization
        run: |
          /tmp/flux resume kustomization podinfo
      - name: flux export
        run: |
          /tmp/flux export source git --all
          /tmp/flux export kustomization --all
      - name: flux delete kustomization
        run: |
          /tmp/flux delete kustomization podinfo --silent
      - name: flux create source helm
        run: |
          /tmp/flux create source helm podinfo \
            --url https://stefanprodan.github.io/podinfo
      - name: flux create helmrelease --source=HelmRepository/podinfo
        run: |
          /tmp/flux create hr podinfo-helm \
            --target-namespace=default \
            --source=HelmRepository/podinfo.flux-system \
            --chart=podinfo \
            --chart-version=">4.0.0 <5.0.0"
      - name: flux create helmrelease --source=GitRepository/podinfo
        run: |
          /tmp/flux create hr podinfo-git \
            --target-namespace=default \
            --source=GitRepository/podinfo \
            --chart=./charts/podinfo
      - name: flux reconcile helmrelease --with-source
        run: |
          /tmp/flux reconcile helmrelease podinfo-git --with-source
      - name: flux get helmreleases
        run: |
          /tmp/flux get helmreleases
      - name: flux get helmreleases --all-namespaces
        run: |
          /tmp/flux get helmreleases --all-namespaces
      - name: flux export helmrelease
        run: |
          /tmp/flux export hr --all
      - name: flux delete helmrelease podinfo-helm
        run: |
          /tmp/flux delete hr podinfo-helm --silent
      - name: flux delete helmrelease podinfo-git
        run: |
          /tmp/flux delete hr podinfo-git --silent
      - name: flux delete source helm
        run: |
          /tmp/flux delete source helm podinfo --silent
      - name: flux delete source git
        run: |
          /tmp/flux delete source git podinfo --silent
      - name: flux oci artifacts
        run: |
          /tmp/flux push artifact oci://localhost:5000/fluxcd/flux:${{ github.sha }} \
            --path="./manifests" \
            --source="${{ github.repositoryUrl }}" \
            --revision="${{ github.ref }}/${{ github.sha }}"
          /tmp/flux tag artifact oci://localhost:5000/fluxcd/flux:${{ github.sha }} \
            --tag latest
          /tmp/flux list artifacts oci://localhost:5000/fluxcd/flux
      - name: flux oci repositories
        run: |
          /tmp/flux create source oci podinfo-oci \
            --url oci://ghcr.io/stefanprodan/manifests/podinfo \
            --tag-semver 6.1.x \
            --interval 10m
          /tmp/flux create kustomization podinfo-oci \
            --source=OCIRepository/podinfo-oci \
            --path="./kustomize" \
            --prune=true \
            --interval=5m \
            --target-namespace=default \
            --wait=true \
            --health-check-timeout=3m
          /tmp/flux reconcile source oci podinfo-oci
          /tmp/flux suspend source oci podinfo-oci
          /tmp/flux get sources oci
          /tmp/flux resume source oci podinfo-oci
          /tmp/flux export source oci podinfo-oci
          /tmp/flux delete ks podinfo-oci --silent
          /tmp/flux delete source oci podinfo-oci --silent
      - name: flux create tenant
        run: |
          /tmp/flux create tenant dev-team --with-namespace=apps
          /tmp/flux -n apps create source helm podinfo \
            --url https://stefanprodan.github.io/podinfo
          /tmp/flux -n apps create hr podinfo-helm \
            --source=HelmRepository/podinfo \
            --chart=podinfo \
            --chart-version="5.0.x" \
            --service-account=dev-team
      - name: flux2-kustomize-helm-example
        run: |
          /tmp/flux create source git flux-system \
          --url=https://github.com/fluxcd/flux2-kustomize-helm-example \
          --branch=main \
          --ignore-paths="./clusters/**/flux-system/" \
          --recurse-submodules
          /tmp/flux create kustomization flux-system \
          --source=flux-system \
          --path=./clusters/staging
          kubectl -n flux-system wait kustomization/infra-controllers --for=condition=ready --timeout=5m
          kubectl -n flux-system wait kustomization/apps --for=condition=ready --timeout=5m
          kubectl -n podinfo wait helmrelease/podinfo --for=condition=ready --timeout=5m
      - name: flux tree
        run: |
          /tmp/flux tree kustomization flux-system | grep Service/podinfo
      - name: flux check
        run: |
          /tmp/flux check
      - name: flux uninstall
        run: |
          /tmp/flux uninstall --silent
      - name: Debug failure
        if: failure()
        run: |
          kubectl version --client --short
          kubectl -n flux-system get all
          kubectl -n flux-system describe pods
          kubectl -n flux-system get kustomizations -oyaml
          kubectl -n flux-system logs deploy/source-controller
          kubectl -n flux-system logs deploy/kustomize-controller