Result of tsccr-helper -pin-all-workflows . (#433) #348
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This GitHub action runs your tests for each commit push and/or PR. Optionally | |
# you can turn it on using a cron schedule for regular testing. | |
# | |
name: Acceptance Tests | |
on: | |
# Commenting out for now, since the Service Account with Vault can only create 10 secret keys | |
# at a time. If this runs twice (on push, when it's already PR'ed) that's 8 secret keys. | |
# TODO (mbang): re-evaluate ttl on tokens | |
# pull_request: | |
# paths-ignore: | |
# - 'README.md' | |
push: | |
branches: | |
- main | |
paths-ignore: | |
- 'README.md' | |
# For systems with an upstream API that could drift unexpectedly (like most SaaS systems, etc.), | |
# we recommend testing at a regular interval not necessarily tied to code changes. This will | |
# ensure you are alerted to something breaking due to an API change, even if the code did not | |
# change. | |
# schedule: | |
# - cron: '0 13 * * *' | |
jobs: | |
# ensure the code builds... | |
build: | |
name: Build | |
runs-on: ubuntu-latest | |
timeout-minutes: 5 | |
steps: | |
- name: Set up Go | |
uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0 | |
with: | |
go-version: '1.18' | |
id: go | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 | |
- name: Get dependencies | |
run: | | |
go mod download | |
- name: Build | |
run: | | |
go build -v . | |
# run acceptance tests in a matrix with Terraform core versions | |
test: | |
name: Matrix Test | |
needs: build | |
runs-on: ubuntu-latest | |
timeout-minutes: 150 | |
strategy: | |
fail-fast: false | |
max-parallel: 1 | |
matrix: | |
# list whatever Terraform versions here you would like to support | |
terraform: | |
- '0.12.31' | |
# skipping due to https://github.com/hashicorp/terraform/issues/25961 test failures | |
# - '0.13.4' | |
- '0.14.11' | |
- '1.0.3' | |
steps: | |
- name: Set up Go | |
uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0 | |
with: | |
go-version: '1.16' | |
id: go | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 | |
- name: Get dependencies | |
run: | | |
go mod download | |
- name: Get credentials | |
id: vault | |
uses: hashicorp/[email protected] | |
with: | |
url: ${{ secrets.VAULT_ADDR }} | |
method: approle | |
roleId: ${{ secrets.ROLE_ID }} | |
secretId: ${{ secrets.SECRET_ID }} | |
tlsSkipVerify: true | |
exportEnv: false | |
namespace: admin/tpgw | |
secrets: | | |
gcp/key/tf-acctest private_key_data | |
- name: Pre-sweep lingering resources | |
timeout-minutes: 10 | |
env: | |
GOOGLEWORKSPACE_CUSTOMER_ID: ${{ secrets.GOOGLEWORKSPACE_CUSTOMER_ID }} | |
GOOGLEWORKSPACE_IMPERSONATED_USER_EMAIL: ${{ secrets.GOOGLEWORKSPACE_IMPERSONATED_USER_EMAIL }} | |
run: | | |
export GOOGLEWORKSPACE_CREDENTIALS=$(echo -n ${{ steps.vault.outputs.private_key_data }} | base64 --decode) | |
go test ./internal/provider -v -sweep=us-central1 -sweep-run= -timeout 60m | |
- name: TF acceptance tests | |
timeout-minutes: 120 | |
env: | |
TF_ACC: "1" | |
TF_LOG: "DEBUG" | |
TF_ACC_TERRAFORM_VERSION: ${{ matrix.terraform }} | |
# Set whatever additional acceptance test env vars here. You can | |
# optionally use data from your repository secrets using the | |
# following syntax: | |
# SOME_VAR: ${{ secrets.SOME_VAR }} | |
GOOGLEWORKSPACE_CUSTOMER_ID: ${{ secrets.GOOGLEWORKSPACE_CUSTOMER_ID }} | |
GOOGLEWORKSPACE_DOMAIN: ${{ secrets.GOOGLEWORKSPACE_DOMAIN }} | |
GOOGLEWORKSPACE_IMPERSONATED_USER_EMAIL: ${{ secrets.GOOGLEWORKSPACE_IMPERSONATED_USER_EMAIL }} | |
GOOGLEWORKSPACE_IMPERSONATED_SERVICE_ACCOUNT: ${{ secrets.GOOGLEWORKSPACE_IMPERSONATED_SERVICE_ACCOUNT }} | |
run: | | |
export GOOGLEWORKSPACE_CREDENTIALS=$(echo -n ${{ steps.vault.outputs.private_key_data }} | base64 --decode) | |
go test -v -cover ./internal/provider/ -timeout 120m | |
- name: Post-sweep lingering resources | |
timeout-minutes: 10 | |
env: | |
GOOGLEWORKSPACE_CUSTOMER_ID: ${{ secrets.GOOGLEWORKSPACE_CUSTOMER_ID }} | |
GOOGLEWORKSPACE_IMPERSONATED_USER_EMAIL: ${{ secrets.GOOGLEWORKSPACE_IMPERSONATED_USER_EMAIL }} | |
run: | | |
export GOOGLEWORKSPACE_CREDENTIALS=$(echo -n ${{ steps.vault.outputs.private_key_data }} | base64 --decode) | |
go test ./internal/provider -v -sweep=us-central1 -sweep-run= -timeout 60m |