Skip to content

VAULT-31184: Support identity token auth in data_artifactory_item #56

VAULT-31184: Support identity token auth in data_artifactory_item

VAULT-31184: Support identity token auth in data_artifactory_item #56

Workflow file for this run

---
name: test
on:
pull_request:
concurrency:
group: ${{ github.head_ref || github.run_id }}-test
cancel-in-progress: true
jobs:
build:
name: build
runs-on: ubuntu-latest
outputs:
linux-amd64-artifact: ${{ steps.outputs.outputs.linux-amd64-artifact }}
strategy:
fail-fast: true
matrix:
arch:
- amd64
- arm64
os:
- darwin
- linux
steps:
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: go.mod
- id: build
uses: ./.github/actions/build-provider
with:
target: ${{matrix.os}}/${{ matrix.arch }}
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: ${{ steps.build.outputs.name }}
path: dist/${{ steps.build.outputs.name }}
if-no-files-found: error
retention-days: 1
- id: outputs
run: |
{
echo "linux-amd64-artifact=terraform-provider-enos_$(cat VERSION)_linux_amd64"
} | tee -a "$GITHUB_OUTPUT"
go:
name: go test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: go.mod
- uses: ./.github/actions/build-flight-control
- run: make test-race-detector
go-acceptance:
name: TF_ACC=1 go test
runs-on: ubuntu-latest
env:
TF_VAR_ssh_key_name: enos-ci-ssh-key
TF_VAR_private_key_path: ./ssh.pem
steps:
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: go.mod
- uses: ./.github/actions/build-provider
with:
target: linux/amd64
- uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
with:
# The github actions service user creds for this account managed in hashicorp/enos-ci
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: "us-east-1"
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
role-skip-session-tagging: true
- uses: hashicorp/setup-terraform@v3
with:
terraform_wrapper: false
# Pin our version of Terraform to 1.8 while an issue with 1.9 erroneously planning
# is sorted https://github.com/hashicorp/terraform/issues/35424
terraform_version: "1.8.5"
- name: Configure ssh keys
run: |
echo "${{ secrets.ENOS_CI_SSH_KEY }}" > ./internal/plugin/enos-ci-ssh-key.pem
echo "${{ secrets.ENOS_CI_SSH_KEY }}" > ./internal/transport/ssh/enos-ci-ssh-key.pem
echo "${{ secrets.ENOS_CI_SSH_KEY }}" > enos/modules/go-acceptance-test-target/ssh.pem
chmod 600 ./internal/plugin/enos-ci-ssh-key.pem
chmod 600 ./internal/transport/ssh/enos-ci-ssh-key.pem
chmod 600 enos/modules/go-acceptance-test-target/ssh.pem
- name: Create up acceptance target host
id: target-host
working-directory: enos/modules/go-acceptance-test-target
run: |
terraform init
terraform plan -no-color
terraform apply -auto-approve
HOST_IP=$(terraform output instance_public_ip | tr -d \" | tr -d "\n")
{
echo "host_ip=$HOST_IP"
} | tee -a "$GITHUB_OUTPUT"
- run: make test-acc
env:
ARTIFACTORY_USER: ${{ secrets.ARTIFACTORY_USER }}
ARTIFACTORY_TOKEN: ${{ secrets.ARTIFACTORY_TOKEN }}
ENOS_TRANSPORT_USER: ubuntu
ENOS_TRANSPORT_PRIVATE_KEY_PATH: ./enos-ci-ssh-key.pem
ENOS_TRANSPORT_HOST: ${{ steps.target-host.outputs.host_ip }}
- run: terraform destroy -auto-approve
if: always()
working-directory: enos/modules/go-acceptance-test-target
validate-terraform-examples:
name: terraform validate examples
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: go.mod
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
path: dist
name: ${{ needs.build.outputs.linux-amd64-artifact }}
- uses: hashicorp/setup-terraform@v3
- name: Run terraform --chdir=examples/* validate
run: |
terraform -chdir=examples/core init
terraform -chdir=examples/core fmt -check -recursive
terraform -chdir=examples/core validate
terraform -chdir=examples/artifactory init
terraform -chdir=examples/artifactory fmt -check -recursive
terraform -chdir=examples/artifactory validate
scenarios:
name: enos scenario
needs: build
uses: ./.github/workflows/run-sample.yml
secrets: inherit
with:
sample-name: dev
download: ${{ needs.build.outputs.linux-amd64-artifact }}
static-analysis:
name: static analysis
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: go.mod
- uses: ./.github/actions/build-flight-control
- uses: hashicorp/setup-terraform@v3
with:
# the terraform wrapper will break terraform execution in enos because
# it changes the output to text when we expect it to be JSON.
terraform_wrapper: false
- uses: hashicorp/action-setup-enos@v1
with:
github-token:
${{ secrets.ELEVATED_GITHUB_TOKEN }}
- uses: ./.github/actions/set-up-gofumpt
- uses: ./.github/actions/set-up-golangci-lint
- name: Run make fmt-check
run: make fmt-check
- name: Run make lint
env:
LINT_OUT_FORMAT: github-actions
run: make lint
- name: Check doc delta
run: make check-doc-delta
- name: Lint Github Actions
uses: docker://docker.mirror.hashicorp.services/rhysd/actionlint@sha256:d84eca815fc24f72546ec1f2f416d9500ad3349ce7db098cf7a52256f5fd4384
with:
args: -color
completed-successfully:
if: always()
runs-on: ubuntu-latest
needs:
- build
- go
- go-acceptance
- validate-terraform-examples
- scenarios
- static-analysis
steps:
- id: status
name: Determine status
run: |
results=$(tr -d '\n' <<< '${{ toJSON(needs.*.result) }}')
if ! grep -q -v -E '(failure|cancelled)' <<< "$results"; then
exit 1
fi