fix sha naming #14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Integration Tests between the different implementations | |
# Run either when pushing directly to main/master or in a PR targeting main/master | |
on: | |
push: | |
branches: | |
- master | |
- main | |
pull_request: | |
branches: | |
- master | |
- main | |
permissions: | |
id-token: write | |
contents: read | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
lang: [go, rust] | |
defaults: | |
run: | |
working-directory: ${{matrix.lang}} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions-rs/toolchain@v1 | |
if: ${{ matrix.lang == 'rust'}} | |
with: | |
toolchain: stable | |
- uses: Swatinem/[email protected] | |
if: ${{ matrix.lang == 'rust'}} | |
with: | |
cache-directories: rust | |
- uses: actions/setup-go@v4 | |
if: ${{ matrix.lang == 'go'}} | |
with: | |
go-version: ">=1.21.0" | |
cache-dependency-path: go/go.sum | |
- name: Run build script for compiled languages | |
if: ${{ hashFiles(join(matrix.lang,'build.sh')) != '' }} | |
run: "./build.sh" | |
- name: Archive code coverage results | |
uses: actions/upload-artifact@v3 | |
with: | |
name: ${{matrix.lang}} | |
path: ${{matrix.lang}}/vault | |
tests: | |
needs: build | |
runs-on: ubuntu-latest | |
env: | |
# VAULT_STACK overwrites default 'vault' for vaults | |
VAULT_STACK: nitor-vault-integration-testing | |
# at the moment we store to the values to fixed keys so this needs to have limited concurrency | |
concurrency: 1 | |
steps: | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
role-to-assume: ${{secrets.AWS_CI_ROLE}} | |
aws-region: eu-west-1 | |
- uses: actions/checkout@v4 | |
- name: Download reports' artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
path: bin | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: "3.12" | |
cache: pip | |
- name: install python vault | |
run: python -m pip install . | |
working-directory: python | |
- name: add execute rights & run --version for all versions | |
run: | | |
chmod +x bin/go/vault bin/rust/vault | |
vault --version | |
bin/go/vault --version | |
bin/rust/vault --version | |
- name: store secret with python | |
run: vault -s 'secret-python' -v 'sha-${{github.sha}}' -w | |
- name: store secret with rust | |
run: bin/go/vault -s 'secret-go' -v 'sha-${{github.sha}}' -w | |
- name: store secret with rust | |
run: bin/rust/vault -s 'secret-rust' -v 'sha-${{github.sha}}' -w | |
- name: validate go and rust secret equality with python | |
run: diff <(vault -l secret-go) <(vault -l secret-rust) | |
- name: validate python and rust secret equality with go | |
run: diff <(bin/go/vault -l secret-rust) <(bin/go/vault -l secret-python) | |
- name: validate go and python secret equality with rust | |
run: diff <(bin/rust/vault -l secret-go) <(bin/rust/vault -l secret-python) |