Home Explore Help
Sign In
logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

chore: ok-to-test-managed command only to trigger

Signed-off-by: Lucas Severo Alves <lucassalves65@gmail.com>
Lucas Severo Alves 4 years ago
parent
73472be795
commit
767b801696
2 changed files with 42 additions and 116 deletions
Split View Show Diff Stats
  1. 7 116
      .github/workflows/e2e-managed.yml
  2. 35 0
      .github/workflows/ok-to-test-managed.yml

+ 7 - 116
.github/workflows/e2e-managed.yml
View File 

@@ -1,8 +1,8 @@
 
-# Run secret-dependent e2e tests only after /ok-to-test approval
 
+# Run secret-dependent e2e tests only after /ok-to-test-managed approval
 
 on:
 
   pull_request:
 
   repository_dispatch:
 
-    types: [ok-to-test-command]
 
+    types: [ok-to-test-managed-command]
 
 
 env:
 
   # Common versions
 
@@ -35,127 +35,18 @@ env:
 
 name: e2e tests
 
 
 jobs:
 
-  # Branch-based pull request
 
-  integration-trusted-managed:
 
-    runs-on: ubuntu-latest
 
-    if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository
 
-    steps:
 
-
 
-    - name: Branch based PR checkout
 
-      uses: actions/checkout@v2
 
-
 
-    # <insert integration tests needing secrets>
 
-
 
-    - name: Fetch History
 
-      run: git fetch --prune --unshallow
 
-
 
-    - name: Setup Go
 
-      uses: actions/setup-go@v2
 
-      with:
 
-        go-version: ${{ env.GO_VERSION }}
 
-
 
-    - name: Find the Go Cache
 
-      id: go
 
-      run: |
 
-        echo "::set-output name=build-cache::$(go env GOCACHE)"
 
-        echo "::set-output name=mod-cache::$(go env GOMODCACHE)"
 
-
 
-    - name: Cache the Go Build Cache
 
-      uses: actions/cache@v2.1.7
 
-      with:
 
-        path: ${{ steps.go.outputs.build-cache }}
 
-        key: ${{ runner.os }}-build-unit-tests-${{ hashFiles('**/go.sum') }}
 
-        restore-keys: ${{ runner.os }}-build-unit-tests-
 
-
 
-    - name: Cache Go Dependencies
 
-      uses: actions/cache@v2.1.7
 
-      with:
 
-        path: ${{ steps.go.outputs.mod-cache }}
 
-        key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }}
 
-        restore-keys: ${{ runner.os }}-pkg-
 
-    
-    - name: Setup gcloud CLI
 
-      uses: google-github-actions/setup-gcloud@master
 
-      with:
 
-        service_account_key: ${{ env.GCP_SM_SA_GKE_JSON }}
 
-        project_id: ${{ env.GCP_PROJECT_ID }}
 
-    
-    - name: Setup TFLint
 
-      uses: terraform-linters/setup-tflint@v1
 
-      with:
 
-        tflint_version: v0.28.0  # Must be specified. See: https://github.com/terraform-linters/tflint/releases for latest versions
 
-
 
-    - name: Run TFLint
 
-      run: find ${{ github.workspace }} | grep tf$ | xargs -n1 dirname | xargs -IXXX -n1 /bin/sh -c 'set -o errexit; cd XXX; pwd; tflint --loglevel=info .; cd - >/dev/null'
 
-
 
-    - name: Setup TF Gcloud Provider
 
-      run: |-
 
-        mkdir -p terraform/gcp/secrets
 
-        echo ${GCP_SM_SA_GKE_JSON} > terraform/gcp/secrets/gcloud-service-account-key.json
 
-
 
-    - name: Show TF GKE
 
-      run: |-
 
-        make tf.show.gcp
 
-
 
-    - name: Setup Infracost
 
-      uses: infracost/actions/setup@v1
 
-      with:
 
-        api-key: ${{ secrets.INFRACOST_API_KEY }}
 
-
 
-    - name: Generate Infracost JSON
 
-      run: infracost breakdown --path terraform/gcp/plan.json --format json --out-file /tmp/infracost.json
 
-
 
-    - name: Post Infracost comment
 
-      uses: infracost/actions/comment@v1
 
-      with:
 
-        path: /tmp/infracost.json
 
-        # Choose the commenting behavior, 'update' is a good default:
 
-        behavior: update # Create a single comment and update it. The "quietest" option.                 
-        # behavior: delete-and-new # Delete previous comments and create a new one.
 
-        # behavior: hide-and-new # Minimize previous comments and create a new one.
 
-        # behavior: new # Create a new cost estimate comment on every push.
 
-
 
-    - name: Apply TF GKE
 
-      run: |-
 
-        make tf.apply.gcp
 
-
 
-    - name: Get the GKE credentials
 
-      run: |-
 
-        gcloud container clusters get-credentials "$GCP_GKE_CLUSTER" --zone "$GCP_GKE_ZONE" --project "$GCP_PROJECT_ID"
 
-
 
-    - name: Login to Docker
 
-      uses: docker/login-action@v1
 
-      if: env.GHCR_USERNAME != ''
 
-      with:
 
-        registry: ghcr.io
 
-        username: ${{ secrets.GHCR_USERNAME }}
 
-        password: ${{ secrets.GHCR_TOKEN }}
 
-
 
-    - name: Run e2e Tests for GCP
 
-      run: |
 
-        export E2E_VERSION=$GITHUB_SHA
 
-        export PR_IMG_TAG=$GITHUB_SHA
 
-        export PATH=$PATH:$(go env GOPATH)/bin
 
-        go get github.com/onsi/ginkgo/ginkgo
 
-        make test.e2e.managed FOCUS="gcpmanaged"
 
-
 
-    - name: Destroy TF GKE
 
-      if: always()
 
-      run: |-
 
-        make tf.destroy.gcp
 
-
 
-
 
-  # Repo owner has commented /ok-to-test on a (fork-based) pull request
 
+  # Repo owner has commented /ok-to-test-managed on a (fork-based) pull request
 
   integration-fork-managed:
 
     runs-on: ubuntu-latest
 
     if:
 
       github.event_name == 'repository_dispatch'
 
     steps:
 
 
-    - name: Branch based PR checkout
 
+    # Check out merge commit
 
+    - name: Fork based /ok-to-test-managed checkout
 
       uses: actions/checkout@v2
 
-
 
-    # <insert integration tests needing secrets>
 
+      with:
 
+        ref: 'refs/pull/${{ github.event.client_payload.pull_request.number }}/merge'
 
 
     - name: Fetch History
 
       run: git fetch --prune --unshallow

+ 35 - 0
.github/workflows/ok-to-test-managed.yml
View File 

@@ -0,0 +1,35 @@
 
+# If someone with write access comments "/ok-to-test-managed" on a pull request, emit a repository_dispatch event
 
+name: Ok To Test
 
+
 
+on:
 
+  issue_comment:
 
+    types: [created]
 
+
 
+jobs:
 
+  ok-to-test-managed:
 
+    runs-on: ubuntu-latest
 
+    # Only run for PRs, not issue comments
 
+    if: ${{ github.event.issue.pull_request }}
 
+    steps:
 
+    # Generate a GitHub App installation access token from an App ID and private key
 
+    # To create a new GitHub App:
 
+    #   https://developer.github.com/apps/building-github-apps/creating-a-github-app/
 
+    # See app.yml for an example app manifest
 
+    - name: Generate token
 
+      id: generate_token
 
+      uses: tibdex/github-app-token@v1
 
+      with:
 
+        app_id: ${{ secrets.APP_ID }}
 
+        private_key: ${{ secrets.PRIVATE_KEY }}
 
+
 
+    - name: Slash Command Dispatch
 
+      uses: peter-evans/slash-command-dispatch@v2.3.0
 
+      env:
 
+        TOKEN: ${{ steps.generate_token.outputs.token }}
 
+      with:
 
+        token: ${{ env.TOKEN }} # GitHub App installation access token
 
+        # token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} # PAT or OAuth token will also work
 
+        reaction-token: ${{ secrets.GITHUB_TOKEN }}
 
+        issue-type: pull-request
 
+        commands: ok-to-test-managed
 
+        permission: maintain