Home Explore Help
Sign In
logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets
1
0
Fork 0
Files Issues 0 Wiki
Tree: 9e6a69fd51
Branches Tags
helm-externa...
/
.github
/
actions
/
e2e-managed
/
action.yml

action.yml 4.7 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148 
  1. name: "e2e"
    2. 

  2. description: "runs our e2e test suite"
    3. 

  3. 

  4. runs:
    5. 

  5.   using: composite
    6. 

  6.   steps:
    7. 

  7. 

  8.     # create new status check for this specific provider
    9. 

  9.     - uses: actions/github-script@v6
    10. 

  10.       with:
    11. 

  11.         github-token: ${{ env.GITHUB_TOKEN }}
    12. 

  12.         script: |
    13. 

  13.           const { data: pull } = await github.rest.pulls.get({
    14. 

  14.             ...context.repo,
    15. 

  15.             pull_number: process.env.GITHUB_PR_NUMBER
    16. 

  16.           });
    17. 

  17.           const ref = pull.head.sha;
    18. 

  18.           const { data: checks } = await github.rest.checks.listForRef({
    19. 

  19.             ...context.repo,
    20. 

  20.             ref
    21. 

  21.           });
    22. 

  22.           const job_name = "e2e-managed-" + process.env.CLOUD_PROVIDER
    23. 

  23.           const check = checks.check_runs.filter(c => c.name === job_name);
    24. 

  24.           if(check && check.length > 0){
    25. 

  25.             const { data: result } = await github.rest.checks.update({
    26. 

  26.               ...context.repo,
    27. 

  27.               check_run_id: check[0].id,
    28. 

  28.               status: 'in_progress',
    29. 

  29.             });
    30. 

  30.             return result;
    31. 

  31.           }
    32. 

  32.           const { data: result } = await github.rest.checks.create({
    33. 

  33.             ...context.repo,
    34. 

  34.             name: job_name,
    35. 

  35.             head_sha: pull.head.sha,
    36. 

  36.             status: 'in_progress',
    37. 

  37.           });
    38. 

  38.           return result;
    39. 

  39. 

  40.     - name: Configure AWS Credentials
    41. 

  41.       uses: aws-actions/configure-aws-credentials@v1
    42. 

  42.       with:
    43. 

  43.         role-to-assume: ${{ env.AWS_OIDC_ROLE_ARN }}
    44. 

  44.         aws-region: ${{ env.AWS_REGION }}
    45. 

  45. 

  46.     - name: Setup Go
    47. 

  47.       uses: actions/setup-go@v3
    48. 

  48.       with:
    49. 

  49.         go-version: "1.21"
    50. 

  50. 

  51.     - name: Find the Go Cache
    52. 

  52.       id: go
    53. 

  53.       shell: bash
    54. 

  54.       run: |
    55. 

  55.         echo "::set-output name=build-cache::$(go env GOCACHE)"
    56. 

  56.         echo "::set-output name=mod-cache::$(go env GOMODCACHE)"
    57. 

  57. 

  58.     - name: Cache the Go Build Cache
    59. 

  59.       uses: actions/cache@v3
    60. 

  60.       with:
    61. 

  61.         path: ${{ steps.go.outputs.build-cache }}
    62. 

  62.         key: ${{ runner.os }}-build-unit-tests-${{ github.sha }}-${{ hashFiles('**/go.sum') }}
    63. 

  63.         restore-keys: ${{ runner.os }}-build-unit-tests-${{ github.sha }}-
    64. 

  64. 

  65.     - name: Cache Go Dependencies
    66. 

  66.       uses: actions/cache@v3
    67. 

  67.       with:
    68. 

  68.         path: ${{ steps.go.outputs.mod-cache }}
    69. 

  69.         key: ${{ runner.os }}-pkg-${{ github.sha }}-${{ hashFiles('**/go.sum') }}
    70. 

  70.         restore-keys: ${{ runner.os }}-pkg-${{ github.sha }}-
    71. 

  71. 

  72.     - name: Setup TFLint
    73. 

  73.       uses: terraform-linters/setup-tflint@v2
    74. 

  74.       with:
    75. 

  75.         tflint_version: v0.28.0  # Must be specified. See: https://github.com/terraform-linters/tflint/releases for latest versions
    76. 

  76. 

  77.     - name: Run TFLint
    78. 

  78.       shell: bash
    79. 

  79.       run: find ${{ github.workspace }} | grep tf$ | xargs -n1 dirname | xargs -IXXX -n1 /bin/sh -c 'set -o errexit; cd XXX; pwd; tflint --loglevel=info .; cd - >/dev/null'
    80. 

  80. 

  81.     - name: Setup TF Gcloud Provider
    82. 

  82.       shell: bash
    83. 

  83.       if: env.CLOUD_PROVIDER == 'gcp'
    84. 

  84.       env:
    85. 

  85.         GCP_SM_SA_GKE_JSON: ${{ env.GCP_SM_SA_GKE_JSON }}
    86. 

  86.       run: |-
    87. 

  87.         mkdir -p terraform/gcp/secrets
    88. 

  88.         echo ${GCP_SM_SA_GKE_JSON} > terraform/gcp/secrets/gcloud-service-account-key.json
    89. 

  89. 

  90.     - name: Show TF
    91. 

  91.       shell: bash
    92. 

  92.       run: |-
    93. 

  93.         PROVIDER=${{env.CLOUD_PROVIDER}}
    94. 

  94.         make tf.show.${PROVIDER}
    95. 

  95. 

  96.     - name: Apply TF
    97. 

  97.       shell: bash
    98. 

  98.       env:
    99. 

  99.         TF_VAR_OIDC_TOKEN: "${{steps.fetch-token.outputs.result}}"
    100. 

  100.       run: |-
    101. 

  101.         PROVIDER=${{env.CLOUD_PROVIDER}}
    102. 

  102.         make tf.apply.${PROVIDER}
    103. 

  103. 

  104.     - name: Setup gcloud CLI
    105. 

  105.       if: env.CLOUD_PROVIDER == 'gcp'
    106. 

  106.       uses: google-github-actions/setup-gcloud@v0
    107. 

  107.       with:
    108. 

  108.         service_account_key: ${{ env.GCP_SM_SA_GKE_JSON }}
    109. 

  109.         project_id: ${{ env.GCP_PROJECT_ID }}
    110. 

  110.         install_components: 'gke-gcloud-auth-plugin'
    111. 

  111. 

  112.     - name: Get the GKE credentials
    113. 

  113.       shell: bash
    114. 

  114.       if: env.CLOUD_PROVIDER == 'gcp'
    115. 

  115.       run: |-
    116. 

  116.         gcloud container clusters get-credentials "$GCP_GKE_CLUSTER" --zone "$GCP_GKE_ZONE" --project "$GCP_PROJECT_ID"
    117. 

  117. 

  118.     - name: Get the AWS credentials
    119. 

  119.       shell: bash
    120. 

  120.       if: env.CLOUD_PROVIDER == 'aws'
    121. 

  121.       run: |-
    122. 

  122.         aws --region $AWS_REGION eks update-kubeconfig --name $AWS_CLUSTER_NAME
    123. 

  123. 

  124.     - name: Login to Docker
    125. 

  125.       uses: docker/login-action@v2
    126. 

  126.       if: env.GHCR_USERNAME != ''
    127. 

  127.       with:
    128. 

  128.         registry: ghcr.io
    129. 

  129.         username: ${{ env.GHCR_USERNAME }}
    130. 

  130.         password: ${{ env.GHCR_TOKEN }}
    131. 

  131. 

  132.     - name: Run managed e2e Tests
    133. 

  133.       shell: bash
    134. 

  134.       env:
    135. 

  135.         GCP_SM_SA_JSON: ${{ env.GCP_SM_SA_JSON }}
    136. 

  136.       run: |
    137. 

  137.         export PATH=$PATH:$(go env GOPATH)/bin
    138. 

  138.         PROVIDER=${{env.CLOUD_PROVIDER}}
    139. 

  139.         go install github.com/onsi/ginkgo/v2/ginkgo@v2.1.6
    140. 

  140.         make test.e2e.managed GINKGO_LABELS="${PROVIDER}" TEST_SUITES="provider"
    141. 

  141. 

  142.     - name: Destroy TF
    143. 

  143.       shell: bash
    144. 

  144.       if: always()
    145. 

  145.       run: |-
    146. 

  146.         PROVIDER=${{env.CLOUD_PROVIDER}}
    147. 

  147.         make tf.destroy.${PROVIDER}
    148. 

  148.