Fix functional tests / add functional test for secrets #82
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Functional Tests | |
on: | |
issue_comment: | |
types: [created] | |
jobs: | |
gate: | |
if: ${{ github.event.issue.pull_request && github.event.comment.body == '/functional-test' }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Update PR Comment | |
if: github.event_name != 'pull_request' | |
uses: peter-evans/create-or-update-comment@v3 | |
with: | |
comment-id: ${{ github.event.comment.id }} | |
reactions: rocket | |
body: | | |
<br> | |
**Launched workflow:** [Functional tests](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) | |
aks: | |
name: AKS image building | |
runs-on: ubuntu-latest | |
needs: [gate] | |
permissions: | |
contents: read | |
id-token: write | |
pull-requests: write | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- name: Authenticate with Azure | |
uses: azure/login@v1 | |
with: | |
creds: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}' | |
- name: Run functional test suite | |
uses: ./.github/actions/cloud-image-building | |
env: | |
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | |
ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} | |
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
AZURE_LOCATION: ${{ secrets.AZURE_LOCATION }} | |
with: | |
target: aks | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
# # NOTE: https://github.com/Azure/login/issues/180 | |
# # the following setup will use OIDC to retrieve a short-lived access token but, unfortunately, those access tokens | |
# # are only valid for 10m and there is currently no way to configure the expiry. use these steps once this issue is | |
# # resolved; it may require a config change either here or on the Azure SP. #azureisdumb | |
# - name: Authenticate with Azure | |
# uses: azure/login@v1 | |
# with: | |
# client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
# tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
# subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
# | |
# - name: Run functional test suite | |
# uses: ./.github/actions/cloud-image-building | |
# env: | |
# ARM_USE_OIDC: true | |
# ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | |
# ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
# ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
# AZURE_LOCATION: ${{ secrets.AZURE_LOCATION }} | |
# with: | |
# target: aks | |
# github_token: ${{ secrets.GITHUB_TOKEN }} | |
gke: | |
name: GKE image building | |
runs-on: ubuntu-latest | |
needs: [gate] | |
permissions: | |
contents: read | |
id-token: write | |
pull-requests: write | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- name: Authenticate with Google Cloud | |
uses: google-github-actions/auth@v1 | |
with: | |
service_account: ${{ secrets.GCP_IAM_SERVICE_ACCOUNT }} | |
workload_identity_provider: ${{ secrets.GCP_IAM_WORKLOAD_IDENTITY_PROVIDER }} | |
- name: Run functional test suite | |
uses: ./.github/actions/cloud-image-building | |
env: | |
GCP_REGION: ${{ secrets.GCP_REGION }} | |
GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }} | |
with: | |
target: gke | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
eks: | |
name: EKS image building | |
runs-on: ubuntu-latest | |
needs: [gate] | |
permissions: | |
contents: read | |
id-token: write | |
pull-requests: write | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- name: Authenticate with AWS | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ secrets.AWS_IAM_ROLE }} | |
aws-region: ${{ secrets.AWS_REGION }} | |
- name: Run functional test suite | |
uses: ./.github/actions/cloud-image-building | |
env: | |
AWS_REGION: ${{ secrets.AWS_REGION }} | |
with: | |
target: eks | |
github_token: ${{ secrets.GITHUB_TOKEN }} |