VAULT-31184: Support identity token auth in data_artifactory_item
#56
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: test | |
on: | |
pull_request: | |
concurrency: | |
group: ${{ github.head_ref || github.run_id }}-test | |
cancel-in-progress: true | |
jobs: | |
build: | |
name: build | |
runs-on: ubuntu-latest | |
outputs: | |
linux-amd64-artifact: ${{ steps.outputs.outputs.linux-amd64-artifact }} | |
strategy: | |
fail-fast: true | |
matrix: | |
arch: | |
- amd64 | |
- arm64 | |
os: | |
- darwin | |
- linux | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
with: | |
go-version-file: go.mod | |
- id: build | |
uses: ./.github/actions/build-provider | |
with: | |
target: ${{matrix.os}}/${{ matrix.arch }} | |
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
with: | |
name: ${{ steps.build.outputs.name }} | |
path: dist/${{ steps.build.outputs.name }} | |
if-no-files-found: error | |
retention-days: 1 | |
- id: outputs | |
run: | | |
{ | |
echo "linux-amd64-artifact=terraform-provider-enos_$(cat VERSION)_linux_amd64" | |
} | tee -a "$GITHUB_OUTPUT" | |
go: | |
name: go test | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
with: | |
go-version-file: go.mod | |
- uses: ./.github/actions/build-flight-control | |
- run: make test-race-detector | |
go-acceptance: | |
name: TF_ACC=1 go test | |
runs-on: ubuntu-latest | |
env: | |
TF_VAR_ssh_key_name: enos-ci-ssh-key | |
TF_VAR_private_key_path: ./ssh.pem | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
with: | |
go-version-file: go.mod | |
- uses: ./.github/actions/build-provider | |
with: | |
target: linux/amd64 | |
- uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 | |
with: | |
# The github actions service user creds for this account managed in hashicorp/enos-ci | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: "us-east-1" | |
role-to-assume: ${{ secrets.AWS_ROLE_ARN }} | |
role-skip-session-tagging: true | |
- uses: hashicorp/setup-terraform@v3 | |
with: | |
terraform_wrapper: false | |
# Pin our version of Terraform to 1.8 while an issue with 1.9 erroneously planning | |
# is sorted https://github.com/hashicorp/terraform/issues/35424 | |
terraform_version: "1.8.5" | |
- name: Configure ssh keys | |
run: | | |
echo "${{ secrets.ENOS_CI_SSH_KEY }}" > ./internal/plugin/enos-ci-ssh-key.pem | |
echo "${{ secrets.ENOS_CI_SSH_KEY }}" > ./internal/transport/ssh/enos-ci-ssh-key.pem | |
echo "${{ secrets.ENOS_CI_SSH_KEY }}" > enos/modules/go-acceptance-test-target/ssh.pem | |
chmod 600 ./internal/plugin/enos-ci-ssh-key.pem | |
chmod 600 ./internal/transport/ssh/enos-ci-ssh-key.pem | |
chmod 600 enos/modules/go-acceptance-test-target/ssh.pem | |
- name: Create up acceptance target host | |
id: target-host | |
working-directory: enos/modules/go-acceptance-test-target | |
run: | | |
terraform init | |
terraform plan -no-color | |
terraform apply -auto-approve | |
HOST_IP=$(terraform output instance_public_ip | tr -d \" | tr -d "\n") | |
{ | |
echo "host_ip=$HOST_IP" | |
} | tee -a "$GITHUB_OUTPUT" | |
- run: make test-acc | |
env: | |
ARTIFACTORY_USER: ${{ secrets.ARTIFACTORY_USER }} | |
ARTIFACTORY_TOKEN: ${{ secrets.ARTIFACTORY_TOKEN }} | |
ENOS_TRANSPORT_USER: ubuntu | |
ENOS_TRANSPORT_PRIVATE_KEY_PATH: ./enos-ci-ssh-key.pem | |
ENOS_TRANSPORT_HOST: ${{ steps.target-host.outputs.host_ip }} | |
- run: terraform destroy -auto-approve | |
if: always() | |
working-directory: enos/modules/go-acceptance-test-target | |
validate-terraform-examples: | |
name: terraform validate examples | |
runs-on: ubuntu-latest | |
needs: build | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
with: | |
go-version-file: go.mod | |
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
with: | |
path: dist | |
name: ${{ needs.build.outputs.linux-amd64-artifact }} | |
- uses: hashicorp/setup-terraform@v3 | |
- name: Run terraform --chdir=examples/* validate | |
run: | | |
terraform -chdir=examples/core init | |
terraform -chdir=examples/core fmt -check -recursive | |
terraform -chdir=examples/core validate | |
terraform -chdir=examples/artifactory init | |
terraform -chdir=examples/artifactory fmt -check -recursive | |
terraform -chdir=examples/artifactory validate | |
scenarios: | |
name: enos scenario | |
needs: build | |
uses: ./.github/workflows/run-sample.yml | |
secrets: inherit | |
with: | |
sample-name: dev | |
download: ${{ needs.build.outputs.linux-amd64-artifact }} | |
static-analysis: | |
name: static analysis | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
with: | |
go-version-file: go.mod | |
- uses: ./.github/actions/build-flight-control | |
- uses: hashicorp/setup-terraform@v3 | |
with: | |
# the terraform wrapper will break terraform execution in enos because | |
# it changes the output to text when we expect it to be JSON. | |
terraform_wrapper: false | |
- uses: hashicorp/action-setup-enos@v1 | |
with: | |
github-token: | |
${{ secrets.ELEVATED_GITHUB_TOKEN }} | |
- uses: ./.github/actions/set-up-gofumpt | |
- uses: ./.github/actions/set-up-golangci-lint | |
- name: Run make fmt-check | |
run: make fmt-check | |
- name: Run make lint | |
env: | |
LINT_OUT_FORMAT: github-actions | |
run: make lint | |
- name: Check doc delta | |
run: make check-doc-delta | |
- name: Lint Github Actions | |
uses: docker://docker.mirror.hashicorp.services/rhysd/actionlint@sha256:d84eca815fc24f72546ec1f2f416d9500ad3349ce7db098cf7a52256f5fd4384 | |
with: | |
args: -color | |
completed-successfully: | |
if: always() | |
runs-on: ubuntu-latest | |
needs: | |
- build | |
- go | |
- go-acceptance | |
- validate-terraform-examples | |
- scenarios | |
- static-analysis | |
steps: | |
- id: status | |
name: Determine status | |
run: | | |
results=$(tr -d '\n' <<< '${{ toJSON(needs.*.result) }}') | |
if ! grep -q -v -E '(failure|cancelled)' <<< "$results"; then | |
exit 1 | |
fi |