.github/workflows/kubectl-aks.yml

name: Azure Kubernetes Service kubectl plugin CI
env:
  GO_VERSION: 1.18
  AZURE_PREFIX: kubectl-aks-ci
  AZURE_NODE_COUNT: 3 # multiple nodes are needed to allow running parallel 'run-command' against the same cluster
concurrency:
  # Only one workflow can run at a time unless
  # we create a new AKS cluster per github_ref (branch)
  group: kubectl-aks-ci

on:
  pull_request:
  push:
    branches:
      - main
    tags:
      - 'v*'

jobs:
  build:
    name: Build kubectl-aks
    runs-on: ubuntu-latest
    strategy:
      matrix:
        os: [ linux, darwin, windows ]
        arch: [ amd64, arm64 ]
        exclude:
          - os: windows
            arch: arm64
    steps:
      - name: Set up Go
        uses: actions/setup-go@v4
        with:
          go-version: ${{ env.GO_VERSION }}
          check-latest: true
      - name: Cache Go
        uses: actions/cache@v3
        with:
          path: |
            ~/.cache/go-build
            ~/go/pkg/mod
          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
          restore-keys: |
            ${{ runner.os }}-go-
      - name: Check out code
        uses: actions/checkout@v3
      - name: Build and generate tarball
        run: |
          target=kubectl-aks-${{ matrix.os }}-${{ matrix.arch }}

          make $target

          binary_name=kubectl-aks
          if [ ${{ matrix.os }} = "windows" ]; then
            binary_name=kubectl-aks.exe
          fi

          # Prepare binary as artifact, it will be used by other jobs
          mv $target $binary_name
          tar --sort=name --owner=root:0 --group=root:0 \
            -czf ${target}.tar.gz \
            $binary_name LICENSE
      - name: Add kubectl-aks-${{ matrix.os }}-${{ matrix.arch }}.tar.gz as artifact
        uses: actions/upload-artifact@v3
        with:
          name: kubectl-aks-${{ matrix.os }}-${{ matrix.arch }}-tar-gz
          path: kubectl-aks-${{ matrix.os }}-${{ matrix.arch }}.tar.gz

  lint:
    name: Run linter
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Setup go
        uses: actions/setup-go@v4
        with:
          go-version: ${{ env.GO_VERSION }}
          check-latest: true
      - name: Lint
        uses: golangci/golangci-lint-action@v3.5.0
        with:
          # This version number must be kept in sync with Makefile lint one.
          version: v1.53.2
          working-directory: /home/runner/work/kubectl-aks/kubectl-aks
          # Workaround to display the output:
          # https://github.com/golangci/golangci-lint-action/issues/119#issuecomment-981090648
          args: "--out-${NO_FUTURE}format colored-line-number"

  unit-tests:
    name: Run unit tests
    runs-on: ubuntu-latest
    steps:
      - name: Set up Go
        uses: actions/setup-go@v4
        with:
          go-version: ${{ env.GO_VERSION }}
          check-latest: true
      - name: Check out code
        uses: actions/checkout@v3
      - name: Cache Go
        uses: actions/cache@v3
        with:
          path: |
            ~/.cache/go-build
            ~/go/pkg/mod
          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
          restore-keys: |
            ${{ runner.os }}-go-
      - name: Run tests
        run: make unit-test

  create-aks-cluster:
    name: Create AKS cluster
    needs: [ build, lint, unit-tests ]
    runs-on: ubuntu-latest
    outputs:
      nodes: ${{ steps.nodes.outputs.result }}
    strategy:
      fail-fast: false
      matrix:
        arch: [ amd64 ]
    environment: aks
    permissions:
      # This is needed to use federated credentials:
      # https://learn.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-cli%2Clinux#set-up-azure-login-with-openid-connect-authentication
      id-token: write
      contents: read
    steps:
      - name: Login to Azure
        uses: azure/login@v1
        with:
          client-id: ${{ secrets.AZURE_AKS_CLIENT_ID }}
          tenant-id: ${{ secrets.AZURE_AKS_TENANT_ID }}
          subscription-id: ${{ secrets.AZURE_AKS_SUBSCRIPTION_ID }}
      - name: Create AKS cluster ${{ env.AZURE_PREFIX }}-${{ matrix.arch }}-cluster
        shell: bash
        run: |
          az aks create \
            --resource-group ${{ env.AZURE_PREFIX }}-rg \
            --name ${{ env.AZURE_PREFIX }}-${{ matrix.arch }}-cluster \
            --node-count ${{ env.AZURE_NODE_COUNT }} \
            --no-ssh-key
      - uses: azure/aks-set-context@v3
        name: Set AKS cluster ${{ env.AZURE_PREFIX }}-${{ matrix.arch }}-cluster context
        with:
          cluster-name: ${{ env.AZURE_PREFIX }}-${{ matrix.arch }}-cluster
          resource-group: ${{ env.AZURE_PREFIX }}-rg
          admin: false
      - name: Prepare list of nodes
        id: nodes
        shell: bash
        run: |
          echo "result=$(kubectl get nodes -o jsonpath={.items[*].metadata.name} | jq -R -s -c 'split(" ")')" >> $GITHUB_OUTPUT

  delete-aks-cluster:
    name: Delete AKS cluster
    if: always()
    needs: [ integration-tests ]
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        arch: [ amd64 ]
    environment: aks
    permissions:
      # This is needed to use federated credentials:
      # https://learn.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-cli%2Clinux#set-up-azure-login-with-openid-connect-authentication
      id-token: write
      contents: read
    steps:
      - name: Login to Azure
        uses: azure/login@v1
        with:
          client-id: ${{ secrets.AZURE_AKS_CLIENT_ID }}
          tenant-id: ${{ secrets.AZURE_AKS_TENANT_ID }}
          subscription-id: ${{ secrets.AZURE_AKS_SUBSCRIPTION_ID }}
      - name: Delete AKS cluster ${{ env.AZURE_PREFIX }}-${{ matrix.arch }}-cluster
        shell: bash
        run: |
          az aks delete \
            --resource-group ${{ env.AZURE_PREFIX }}-rg \
            --name ${{ env.AZURE_PREFIX }}-${{ matrix.arch }}-cluster \
            --yes

  integration-tests:
    name: Run integration tests
    needs: [ build, unit-tests , create-aks-cluster ]
    runs-on: ${{ matrix.os }}
    strategy:
      fail-fast: false
      matrix:
        os: [ ubuntu-latest, macOS-latest, windows-latest ]
        arch: [ amd64 ] # TODO: Support ARM
    environment: aks
    permissions:
      # This is needed to use federated credentials:
      # https://learn.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-cli%2Clinux#set-up-azure-login-with-openid-connect-authentication
      id-token: write
      contents: read
    steps:
      - name: Ensure enough nodes are available to run parallel tests
        shell: bash
        run: |
          if [ $(echo '${{ needs.create-aks-cluster.outputs.nodes }}' | jq -r '. | length') -lt ${{ strategy.job-total }} ]; then
            echo "Not enough nodes to run parallel tests"
            exit 1
          fi
      - name: Set up Go
        uses: actions/setup-go@v4
        with:
          go-version: ${{ env.GO_VERSION }}
          check-latest: true
      - name: Check out code
        uses: actions/checkout@v3
      - name: Set environment variables
        shell: bash
        run: |
          case ${{ matrix.os }} in
            ubuntu-latest)
              echo "os=linux" >> $GITHUB_ENV
              ;;
            macOS-latest)
              echo "os=darwin" >> $GITHUB_ENV
              ;;
            windows-latest)
              echo "os=windows" >> $GITHUB_ENV
              ;;
            *)
              echo "Not supported OS: ${{ matrix.os }}"
              exit 1
              ;;
          esac
      - name: Get kubectl-aks from artifact
        uses: actions/download-artifact@v3
        with:
          name: kubectl-aks-${{ env.os }}-${{ matrix.arch }}-tar-gz
      - name: Prepare kubectl-aks binary
        shell: bash
        run: |
          tar zxvf kubectl-aks-${{ env.os }}-${{ matrix.arch }}.tar.gz
          chmod +x kubectl-aks
          ls -la
      - name: Login to Azure
        uses: azure/login@v1
        with:
          client-id: ${{ secrets.AZURE_AKS_CLIENT_ID }}
          tenant-id: ${{ secrets.AZURE_AKS_TENANT_ID }}
          subscription-id: ${{ secrets.AZURE_AKS_SUBSCRIPTION_ID }}
      - name: Set AKS cluster context
        uses: azure/aks-set-context@v3
        with:
          cluster-name: ${{ env.AZURE_PREFIX }}-${{ matrix.arch }}-cluster
          resource-group: ${{ env.AZURE_PREFIX }}-rg
          admin: false
      - if: matrix.os != 'ubuntu-latest'
        # kubectl is already installed in Linux runners
        uses: azure/setup-kubectl@v3
        # setup-kubectl doesn't support v1.28.2+ macOS (amd64) yet
        # https://github.com/Azure/setup-kubectl/issues/88
        with:
          version: 'v1.28.2'
      - name: Run integration tests
        shell: bash
        run: |
          export AZURE_RESOURCE_GROUP=${{ env.AZURE_PREFIX }}-rg
          export AZURE_CLUSTER_NAME=${{ env.AZURE_PREFIX }}-${{ matrix.arch }}-cluster
          export AZURE_SUBSCRIPTION_ID=${{ secrets.AZURE_AKS_SUBSCRIPTION_ID }}
          export AZURE_NODE_NAME=$(echo '${{ needs.create-aks-cluster.outputs.nodes }}' | jq -r ".[${{ strategy.job-index }}]")
          make integration-test -o kubectl-aks

  documentation-test:
    name: Run documentation tests
    runs-on: ubuntu-latest
    needs: [ build, unit-tests ]
    steps:
      - uses: actions/checkout@v3
      - name: Setup go
        uses: actions/setup-go@v4
        with:
          go-version: '>=1.20.0' # ie requires go 1.20+
          check-latest: true
      # Use official krew installation guide:
      # https://krew.sigs.k8s.io/docs/user-guide/setup/install/
      - name: Install krew
        run: |
          set -x; cd "$(mktemp -d)" && \
          OS="$(uname | tr '[:upper:]' '[:lower:]')" && \
          ARCH="$(uname -m | sed -e 's/x86_64/amd64/' -e 's/\(arm\)\(64\)\?.*/\1\2/' -e 's/aarch64$/arm64/')" && \
          KREW="krew-${OS}_${ARCH}" && \
          curl -fsSLO "https://github.com/kubernetes-sigs/krew/releases/latest/download/${KREW}.tar.gz" && \
          tar zxvf "${KREW}.tar.gz" && \
          ./"${KREW}" install krew && \
          cp ~/.krew/bin/kubectl-krew /usr/local/bin/kubectl-krew
          echo "$HOME/.krew/bin" >> $GITHUB_PATH
      - name: Run Documentation tests
        run: make documentation-test -o kubectl-aks

  release:
    name: Release
    needs: [ integration-tests ]
    runs-on: ubuntu-latest
    permissions:
      contents: write
    if: startsWith(github.ref, 'refs/tags/v')
    steps:
    # Checkout the repo to get the .krew.yaml file
    - uses: actions/checkout@v3
    - name: Get all artifacts.
      uses: actions/download-artifact@v3
    - name: Rename all artifacts to kubectl-aks-${{ github.ref_name }}.tar.gz
      shell: bash
      run: |
        for i in kubectl-aks-*-*-tar-gz/kubectl-aks-*-*.tar.gz; do
          mv $i $(dirname $i)/$(basename $i .tar.gz)-${{ github.ref_name }}.tar.gz
        done
    - name: Create Release
      id: create_release
      uses: softprops/action-gh-release@v1
      with:
        token: ${{ secrets.GITHUB_TOKEN }}
        name: Release ${{ github.ref }}
    - name: Upload kubectl-aks binaries to the release
      uses: csexton/release-asset-action@v2
      with:
        pattern: "kubectl-aks-*-*-tar-gz/kubectl-aks-*-*.tar.gz"
        github-token: ${{ secrets.GITHUB_TOKEN }}
        release-url: ${{ steps.create_release.outputs.upload_url }}
    - name: Update new version in krew-index
      if: github.repository == 'azure/kubectl-aks'
      uses: rajatjindal/krew-release-bot@v0.0.46