Skip to content
Latchkey

minikube-e2e-docker workflow (eldadru/ksniff)

The minikube-e2e-docker workflow from eldadru/ksniff, explained and optimized by Latchkey.

C

CI health: C - fair

Point runs-on at Latchkey and get run de-duplication, job timeouts, SHA-pinned actions, self-healing for flaky steps, and up to 58% lower cost, applied automatically.

Grade your own workflow free or run it on Latchkey →
Source: eldadru/ksniff.github/workflows/minikube-e2e-docker.yamlLicense Apache-2.0View source

What it does

This is the minikube-e2e-docker workflow from the eldadru/ksniff repository, a real project running GitHub Actions. It is shown here with attribution under its Apache-2.0 license.

Below, Latchkey shows a faster, safer version produced by its optimization engine.

The workflow

workflow (.yml)
name: minikube-e2e-docker

# Controls when the workflow will run
on:
  # Triggers the workflow on push or pull request events but only for the master branch
  push:
    branches: [ master ]
  pull_request:
    branches: [ master ]

  # Allows you to run this workflow manually from the Actions tab
  workflow_dispatch:

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Setup Minikube
        uses: manusa/actions-setup-minikube@v2.4.2
        with:
          minikube version: 'v1.22.0'
          kubernetes version: 'v1.21.2'
          start args: --wait=all
          # github token: ${{ secrets.GITHUB_TOKEN }} Uncomment if we have API limit issues
      - name: Deploy test pod
        run: |
          kubectl create -f .github/workflows/assets/busybox-pod.yaml
          kubectl wait --for=condition=Ready pod/busybox-sleep
      - name: Build
        run: |
          make
      - name: Run ksniff privileged
        run: |
          sleep 60 && pkill kubectl-sniff & 
          set +e
          ./kubectl-sniff busybox-sleep --privileged --namespace default --output-file /tmp/output.pcap
          set -e
          if [ ! -f /tmp/output.pcap ]; then
            echo "PCAP not created"
            exit 1
          fi
      - if: failure()
        name: Check pod and events
        run: |
          kubectl get pods 
          kubectl get events
      
      - name: Build static-tcpdmp
        run: |
          sudo apt-get install libpcap-dev
          make static-tcpdump
          make install
          
      - name: Run ksniff with static tcpdump
        run: |
          sleep 60 && pkill kubectl-sniff & 
          set +e
          ./kubectl-sniff busybox-sleep --namespace default --output-file /tmp/output.pcap
          set -e
          if [ ! -f /tmp/output.pcap ]; then
            echo "PCAP not created"
            exit 1
          fi

The same workflow, on Latchkey

Removes redundant runs and caps runaway jobs. Added and changed lines are highlighted.

name: minikube-e2e-docker
 
# Controls when the workflow will run
on:
  # Triggers the workflow on push or pull request events but only for the master branch
  push:
    branches: [ master ]
  pull_request:
    branches: [ master ]
 
  # Allows you to run this workflow manually from the Actions tab
  workflow_dispatch:
 
concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 
jobs:
  build:
    timeout-minutes: 30
    runs-on: latchkey-small
    steps:
      - uses: actions/checkout@v2
      - name: Setup Minikube
        uses: manusa/actions-setup-minikube@v2.4.2
        with:
          minikube version: 'v1.22.0'
          kubernetes version: 'v1.21.2'
          start args: --wait=all
          # github token: ${{ secrets.GITHUB_TOKEN }} Uncomment if we have API limit issues
      - name: Deploy test pod
        run: |
          kubectl create -f .github/workflows/assets/busybox-pod.yaml
          kubectl wait --for=condition=Ready pod/busybox-sleep
      - name: Build
        run: |
          make
      - name: Run ksniff privileged
        run: |
          sleep 60 && pkill kubectl-sniff & 
          set +e
          ./kubectl-sniff busybox-sleep --privileged --namespace default --output-file /tmp/output.pcap
          set -e
          if [ ! -f /tmp/output.pcap ]; then
            echo "PCAP not created"
            exit 1
          fi
      - if: failure()
        name: Check pod and events
        run: |
          kubectl get pods 
          kubectl get events
      
      - name: Build static-tcpdmp
        run: |
          sudo apt-get install libpcap-dev
          make static-tcpdump
          make install
          
      - name: Run ksniff with static tcpdump
        run: |
          sleep 60 && pkill kubectl-sniff & 
          set +e
          ./kubectl-sniff busybox-sleep --namespace default --output-file /tmp/output.pcap
          set -e
          if [ ! -f /tmp/output.pcap ]; then
            echo "PCAP not created"
            exit 1
          fi
 

What changed

1 third-party action is referenced by a movable tag. Pin it to the commit SHA (Latchkey resolves and applies this automatically) so a repointed tag cannot change what runs.

What Latchkey heals here

This workflow has steps that commonly fail on transient issues (network, registries, flaky browsers). On Latchkey managed runners they are detected, retried, and self-healed instead of failing your build:

This workflow runs 1 job per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.

Actions used in this workflow