Skip to content

Fix functional tests / add functional test for secrets #82

Fix functional tests / add functional test for secrets

Fix functional tests / add functional test for secrets #82

Workflow file for this run

name: Functional Tests
on:
issue_comment:
types: [created]
jobs:
gate:
if: ${{ github.event.issue.pull_request && github.event.comment.body == '/functional-test' }}
runs-on: ubuntu-latest
steps:
- name: Update PR Comment
if: github.event_name != 'pull_request'
uses: peter-evans/create-or-update-comment@v3
with:
comment-id: ${{ github.event.comment.id }}
reactions: rocket
body: |
<br>
**Launched workflow:** [Functional tests](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})
aks:
name: AKS image building
runs-on: ubuntu-latest
needs: [gate]
permissions:
contents: read
id-token: write
pull-requests: write
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Authenticate with Azure
uses: azure/login@v1
with:
creds: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
- name: Run functional test suite
uses: ./.github/actions/cloud-image-building
env:
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
AZURE_LOCATION: ${{ secrets.AZURE_LOCATION }}
with:
target: aks
github_token: ${{ secrets.GITHUB_TOKEN }}
# # NOTE: https://github.com/Azure/login/issues/180
# # the following setup will use OIDC to retrieve a short-lived access token but, unfortunately, those access tokens
# # are only valid for 10m and there is currently no way to configure the expiry. use these steps once this issue is
# # resolved; it may require a config change either here or on the Azure SP. #azureisdumb
# - name: Authenticate with Azure
# uses: azure/login@v1
# with:
# client-id: ${{ secrets.AZURE_CLIENT_ID }}
# tenant-id: ${{ secrets.AZURE_TENANT_ID }}
# subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
#
# - name: Run functional test suite
# uses: ./.github/actions/cloud-image-building
# env:
# ARM_USE_OIDC: true
# ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
# ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
# ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# AZURE_LOCATION: ${{ secrets.AZURE_LOCATION }}
# with:
# target: aks
# github_token: ${{ secrets.GITHUB_TOKEN }}
gke:
name: GKE image building
runs-on: ubuntu-latest
needs: [gate]
permissions:
contents: read
id-token: write
pull-requests: write
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Authenticate with Google Cloud
uses: google-github-actions/auth@v1
with:
service_account: ${{ secrets.GCP_IAM_SERVICE_ACCOUNT }}
workload_identity_provider: ${{ secrets.GCP_IAM_WORKLOAD_IDENTITY_PROVIDER }}
- name: Run functional test suite
uses: ./.github/actions/cloud-image-building
env:
GCP_REGION: ${{ secrets.GCP_REGION }}
GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }}
with:
target: gke
github_token: ${{ secrets.GITHUB_TOKEN }}
eks:
name: EKS image building
runs-on: ubuntu-latest
needs: [gate]
permissions:
contents: read
id-token: write
pull-requests: write
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Authenticate with AWS
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: ${{ secrets.AWS_IAM_ROLE }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Run functional test suite
uses: ./.github/actions/cloud-image-building
env:
AWS_REGION: ${{ secrets.AWS_REGION }}
with:
target: eks
github_token: ${{ secrets.GITHUB_TOKEN }}