canonical
diff --git a/‎.github/workflows/build-snap.yml
Lines changed: 74 additions & 13 deletions b/‎.github/workflows/build-snap.yml
Lines changed: 74 additions & 13 deletions
diff --git a/‎docs/build.md
Lines changed: 8 additions & 1 deletion b/‎docs/build.md
Lines changed: 8 additions & 1 deletion
diff --git a/‎scripts/wrappers/common/cluster/utils.py
Lines changed: 1 addition & 1 deletion b/‎scripts/wrappers/common/cluster/utils.py
Lines changed: 1 addition & 1 deletion
@@ -1,12 +1,17 @@
 name: Build MicroK8s snap on PR and push to master
 
 on:
-  push:
-    branches:
-      - master
-  pull_request:
-    branches:
-      - master
+  - push
+  - pull_request
+
+### While we work on the strict feature we want the tests to run even if we do put PRs against the master.
+### When this work get merged into master the following should be commented in.
+#  push:
+#    branches:
+#      - master
+#  pull_request:
+#    branches:
+#      - master
 
 jobs:
   build:
@@ -47,24 +52,80 @@ jobs:
       - name: Running upgrade path test
         run: |
           set -x
-          sudo -E UPGRADE_MICROK8S_FROM=latest/edge UPGRADE_MICROK8S_TO=`pwd`/`ls microk8s*.snap` pytest -s ./tests/test-upgrade-path.py
-          sudo snap remove microk8s --purge
-      - name: Running addons tests
+          # Remove the snapd refresh as soon as v2.52 lands
+          sudo snap refresh snapd --channel=latest/edge
+      - name: Check branches
+        run: |
+          set -x
+          (cd tests; pytest -s verify-branches.py)
+      - name: Running addons tests in strict mode
         run: |
           set -x
-          sudo snap install *.snap --classic --dangerous
+          sudo snap install microk8s.snap --dangerous
+          sudo ./tests/connect-all-interfaces.sh
           ./tests/smoke-test.sh
           export UNDER_TIME_PRESSURE="True"
+          export SKIP_OPENEBS="True"
           export SKIP_PROMETHEUS="False"
           (cd tests; pytest -s verify-branches.py)
           sudo -E bash -c "cd /var/snap/microk8s/common/addons/core/tests; pytest -s -ra test-addons.py"
           sudo microk8s enable community
           sudo -E bash -c "cd /var/snap/microk8s/common/addons/community/tests; pytest -s -ra test-addons.py"
+          grep -Po "Report tarball is at \K.+" |
+          sudo xargs -I {} mv {} inspection-report-strict-${{ strategy.job-index }}.tar.gz
           sudo snap remove microk8s --purge
-      - name: Running upgrade tests
+          sudo rm -rf $HOME/.kube
+          sudo rm -rf $HOME/.config/helm
+          sudo dmesg | grep 'apparmor="DENIED"' > ./denials-${{ strategy.job-index }}.log
+      - name: Upload strict inspect tarball
+        uses: actions/upload-artifact@v2
+        with:
+          name: inspection-report-strict-actions
+          path: ./inspection-report-strict-${{ strategy.job-index }}.tar.gz
+      - name: Upload AppArmor denials
+        uses: actions/upload-artifact@v2
+        with:
+          name: apparmor-denials
+          path: ./denials-${{ strategy.job-index }}.log
+      - name: Running addons tests in devmode
         run: |
           set -x
-          sudo snap install *.snap --classic --dangerous
+          ################ Until devmode of docker-support is fixed we skip this part of the tests #######
+          exit 0
+          sudo snap install microk8s.snap --devmode --dangerous
+          sudo ./tests/connect-all-interfaces.sh
+          ./tests/smoke-test.sh
           export UNDER_TIME_PRESSURE="True"
-          sudo -E bash -c "cd /var/snap/microk8s/common/addons/core/ ; UPGRADE_MICROK8S_FROM=latest/edge UPGRADE_MICROK8S_TO=`pwd`/`ls microk8s*.snap` pytest -s ./tests/test-upgrade.py"
+          export SKIP_OPENEBS="False"
+          export SKIP_PROMETHEUS="False"
+          (cd tests; sudo -E pytest -s -ra test-addons.py)
+          sudo microk8s inspect |
+          grep -Po "Report tarball is at \K.+" |
+          sudo xargs -I {} mv {} inspection-report-devmode-${{ strategy.job-index }}.tar.gz
           sudo snap remove microk8s --purge
+      - name: Upload devmode inspect tarball
+        uses: actions/upload-artifact@v2
+        with:
+          name: inspection-report-devmode-actions
+          path: ./inspection-report-devmode-${{ strategy.job-index }}.tar.gz
+      - name: Generate AppArmor on failure
+        run: sudo dmesg | grep 'apparmor="DENIED"' > ./denials-${{ strategy.job-index }}.log
+        if: failure()
+      - name: Upload AppArmor denials failure
+        uses: actions/upload-artifact@v2
+        with:
+          name: apparmor-denials
+          path: ./denials-${{ strategy.job-index }}.log
+        if: failure()
+      - name: Generate inspect tarball
+        run: >
+          sudo microk8s inspect |
+          grep -Po "Report tarball is at \K.+" |
+          sudo xargs -I {} mv {} inspection-report-fail-${{ strategy.job-index }}.tar.gz
+        if: failure()
+      - name: Upload inspect tarball
+        uses: actions/upload-artifact@v2
+        with:
+          name: inspection-report-actions
+          path: ./inspection-report-fail-${{ strategy.job-index }}.tar.gz
+        if: failure()
@@ -83,9 +83,16 @@ lxc file pull test-build/root/microk8s/microk8s_v1.9.6_amd64.snap .
 After copying it, you can install it with:
 
 ```shell
-snap install microk8s_*_amd64.snap --classic --dangerous
+sudo snap install microk8s_latest_amd64.snap --dangerous
 ```
 
+Finally, you need to connect the interfaces. To this end you can use the `connect-all-interfaces.sh` under the `tests` directory:
+
+```shell
+sudo tests/connect-all-interfaces.sh
+```
+
+
 ## Assembling the Calico CNI manifest
 
 The calico CNI manifest can be found under `upgrade-scripts/000-switch-to-calico/resources/calico.yaml`.
 
@@ -29,7 +29,7 @@ def try_set_file_permissions(file):
 
     os.chmod(file, 0o660)
     try:
-        shutil.chown(file, group="microk8s")
+        shutil.chown(file, group="snap_microk8s")
     except LookupError:
         # not setting the group means only the current user can access the file
         pass