-
Notifications
You must be signed in to change notification settings - Fork 2
190 lines (181 loc) · 6.66 KB
/
test.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
---
name: test
on:
pull_request:
concurrency:
group: ${{ github.head_ref || github.run_id }}-test
cancel-in-progress: true
jobs:
build:
name: build
runs-on: ubuntu-latest
outputs:
linux-amd64-artifact: ${{ steps.outputs.outputs.linux-amd64-artifact }}
strategy:
fail-fast: true
matrix:
arch:
- amd64
- arm64
os:
- darwin
- linux
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version-file: go.mod
- id: build
uses: ./.github/actions/build-provider
with:
target: ${{matrix.os}}/${{ matrix.arch }}
- uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: ${{ steps.build.outputs.name }}
path: dist/${{ steps.build.outputs.name }}
if-no-files-found: error
retention-days: 1
- id: outputs
run: |
{
echo "linux-amd64-artifact=terraform-provider-enos_$(cat VERSION)_linux_amd64"
} | tee -a "$GITHUB_OUTPUT"
go:
name: go test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version-file: go.mod
- uses: ./.github/actions/build-flight-control
- run: make test-race-detector
go-acceptance:
name: TF_ACC=1 go test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version-file: go.mod
- uses: ./.github/actions/build-provider
with:
target: linux/amd64
- uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
with:
# The github actions service user creds for this account managed in hashicorp/enos-ci
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: "us-east-1"
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
role-skip-session-tagging: true
- uses: hashicorp/setup-terraform@v3
with:
terraform_wrapper: false
# Pin our version of Terraform to 1.8 while an issue with 1.9 erroneously planning
# is sorted https://github.com/hashicorp/terraform/issues/35424
terraform_version: "~>1.8"
- name: Create up acceptance target host
working-directory: enos/modules/go-acceptance-test-target
run: |
terraform init
terraform plan -no-color
terraform apply -auto-approve
HOST_IP=$(terraform output instance_public_ip | tr -d \" | tr -d "\n")
echo "host_ip=$HOST_IP" >> "$GITHUB_ENV"
- name: Configure ssh keys
run: |
echo "${{ secrets.ENOS_CI_SSH_KEY }}" > ./internal/plugin/enos-ci-ssh-key.pem
echo "${{ secrets.ENOS_CI_SSH_KEY }}" > ./internal/transport/ssh/enos-ci-ssh-key.pem
chmod 600 ./internal/plugin/enos-ci-ssh-key.pem
chmod 600 ./internal/transport/ssh/enos-ci-ssh-key.pem
- run: make test-acc
env:
ARTIFACTORY_USER: ${{ secrets.ARTIFACTORY_USER }}
ARTIFACTORY_TOKEN: ${{ secrets.ARTIFACTORY_TOKEN }}
ENOS_TRANSPORT_USER: ubuntu
ENOS_TRANSPORT_PRIVATE_KEY_PATH: ./enos-ci-ssh-key.pem
ENOS_TRANSPORT_HOST: ${{ env.host_ip }}
- run: terraform destroy -auto-approve
if: always()
working-directory: enos/modules/go-acceptance-test-target
validate-terraform-examples:
name: terraform validate examples
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version-file: go.mod
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
path: dist
name: ${{ needs.build.outputs.linux-amd64-artifact }}
- uses: hashicorp/setup-terraform@v3
- name: Run terraform --chdir=examples/* validate
run: |
terraform -chdir=examples/core init
terraform -chdir=examples/core fmt -check -recursive
terraform -chdir=examples/core validate
terraform -chdir=examples/artifactory init
terraform -chdir=examples/artifactory fmt -check -recursive
terraform -chdir=examples/artifactory validate
scenarios:
name: enos scenario
needs: build
uses: ./.github/workflows/run-sample.yml
secrets: inherit
with:
sample-name: dev
download: ${{ needs.build.outputs.linux-amd64-artifact }}
static-analysis:
name: static analysis
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version-file: go.mod
- uses: ./.github/actions/build-flight-control
- uses: hashicorp/setup-terraform@v3
with:
# the terraform wrapper will break terraform execution in enos because
# it changes the output to text when we expect it to be JSON.
terraform_wrapper: false
- uses: hashicorp/action-setup-enos@v1
with:
github-token:
${{ secrets.ELEVATED_GITHUB_TOKEN }}
- uses: ./.github/actions/set-up-gofumpt
- uses: ./.github/actions/set-up-golangci-lint
- name: Run make fmt-check
run: make fmt-check
- name: Run make lint
env:
LINT_OUT_FORMAT: github-actions
run: make lint
- name: Check doc delta
run: make check-doc-delta
- name: Lint Github Actions
uses: docker://docker.mirror.hashicorp.services/rhysd/actionlint@sha256:d84eca815fc24f72546ec1f2f416d9500ad3349ce7db098cf7a52256f5fd4384
with:
args: -color
completed-successfully:
if: always()
runs-on: ubuntu-latest
needs:
- build
- go
- go-acceptance
- validate-terraform-examples
- scenarios
- static-analysis
steps:
- id: status
name: Determine status
run: |
results=$(tr -d '\n' <<< '${{ toJSON(needs.*.result) }}')
if ! grep -q -v -E '(failure|cancelled)' <<< "$results"; then
exit 1
fi