e2e: Move tests to gh action using azure workers

.github/workflows/ccruntime_e2e.yaml

@@ -0,0 +1,30 @@
+name: ccruntime e2e tests
+on:
+  pull_request:
+    branches:
+      - main
+
+permissions:
+  contents: read
+
+jobs:
+  e2e:
+    name: operator tests
+    strategy:
+      matrix:
+        runtimeclass: ["kata-qemu", "kata-clh"]
+        instance: ["az-ubuntu-2004", "az-ubuntu-2204"]
+    runs-on: ${{ matrix.instance }}
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install deps
+        run: |
+          sudo apt-get update -y
+          sudo apt-get install -y ansible python-is-python3
+
+      - name: Run e2e tests
+        run: |
+          cd tests/e2e
+          export PATH="$PATH:/usr/local/bin"
+          ./run-local.sh -r "${{ matrix.runtimeclass }}" -u

tests/e2e/cluster/up.sh

@@ -57,11 +57,11 @@ main() {
 
 	# Untaint the node so that pods can be scheduled on it.
 	for role in master control-plane; do
-		kubectl taint nodes "$(hostname)" \
+		kubectl taint nodes "$SAFE_HOST_NAME" \
 			"node-role.kubernetes.io/$role:NoSchedule-"
 	done
 
-	kubectl label node "$(hostname)" node.kubernetes.io/worker=
+	kubectl label node "$SAFE_HOST_NAME" node.kubernetes.io/worker=
 }
 
 main "$@"

tests/e2e/lib.sh

@@ -5,6 +5,9 @@
 # SPDX-License-Identifier: Apache-2.0
 #
 
+# Normalize system hostname to the usual kubectl node name
+export SAFE_HOST_NAME=$(hostname | tr '[:upper:]' '[:lower:]')
+
 # Wait until the node is ready. It is set a timeout of 180 seconds.
 #
 check_node_is_ready() {

tests/e2e/operator.sh

@@ -87,9 +87,9 @@ install_operator() {
 
 	# The node should be 'worker' labeled
 	local label="node.kubernetes.io/worker"
-	if ! kubectl get node "$(hostname)" -o jsonpath='{.metadata.labels}' \
+	if ! kubectl get node "$SAFE_HOST_NAME" -o jsonpath='{.metadata.labels}' \
 		| grep -q "$label"; then
-		kubectl label node "$(hostname)" "$label="
+		kubectl label node "$SAFE_HOST_NAME" "$label="
 	fi
 
 	handle_older_containerd
@@ -169,7 +169,7 @@ uninstall_ccruntime() {
 	local cmd="! sudo -E kubectl get pods -n confidential-containers-system|"
 	cmd+="grep -q -e cc-operator-daemon-install"
 	cmd+=" -e cc-operator-pre-install-daemon"
-	if ! wait_for_process 180 30 "$cmd"; then
+	if ! wait_for_process 720 30 "$cmd"; then
 		echo "ERROR: there are ccruntime pods still running"
 		echo "::group::Describe pods from $op_ns namespace"
 		kubectl -n "$op_ns" describe pods || true
@@ -182,10 +182,10 @@ uninstall_ccruntime() {
 	! kubectl get --no-headers runtimeclass 2>/dev/null | grep -q kata
 
 	# Labels should be gone
-	if kubectl get nodes "$(hostname)" -o jsonpath='{.metadata.labels}' | \
+	if kubectl get nodes "$SAFE_HOST_NAME" -o jsonpath='{.metadata.labels}' | \
 		grep -q -e cc-preinstall -e katacontainers.io; then
 		echo "ERROR: there are labels left behind"
-		kubectl get nodes "$(hostname)" -o jsonpath='{.metadata.labels}'
+		kubectl get nodes "$SAFE_HOST_NAME" -o jsonpath='{.metadata.labels}'
 
 		return 1
 	fi
@@ -247,7 +247,7 @@ uninstall_operator() {
 	local pod="cc-operator-controller-manager"
 	local cmd="! kubectl get pods -n confidential-containers-system |"
 	cmd+="grep -q $pod"
-	if ! wait_for_process 90 30 "$cmd"; then
+	if ! wait_for_process 180 30 "$cmd"; then
 		echo "ERROR: the controller manager is still running"
 
 		local pod_id="$(get_pods_regex $pod $op_ns)"