bug: Use the correct user instead of hardcoding leverage #92

Workflow file for this run

.github/workflows/le-toolbox-integration-test.yml at 32aafbc

	name: Leverage Toolbox Integration Test

	on: [pull_request]

	jobs:
	test_leverage:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout base branch
	uses: actions/checkout@v3

	- name: Clone RefArch
	run: \|
	printf "[INFO] Cloning RefArch"
	git clone https://github.com/binbashar/le-tf-infra-aws.git ./refarch


	- name: Build and reference Toolbox Image
	run: \|
	printf "[INFO] Build Toolbox\n"
	make init-makefiles
	make build-local
	DOCKER_REPO_NAME=$(grep -E "DOCKER_REPO_NAME +:=" Makefile \| sed -E 's/DOCKER_REPO_NAME +:= (.+)/\1/')
	DOCKER_IMG_NAME=$(grep -E "DOCKER_IMG_NAME +:=" Makefile \| sed -E 's/DOCKER_IMG_NAME +:= (.+)/\1/')
	LEVERAGE_CLI_TAG=$(grep -E "LEVERAGE_CLI_TAG +:=" Makefile \| sed -E 's/LEVERAGE_CLI_TAG +:= (.+)/\1/')
	TERRAFORM_TAG=$(grep -E "TERRAFORM_TAG +:=" Makefile \| sed -E 's/TERRAFORM_TAG +:= (.+)/\1/')
	TOOLBOX_VERSION=${TERRAFORM_TAG}-${LEVERAGE_CLI_TAG}
	TOOLBOX_IMAGE=${DOCKER_REPO_NAME}/${DOCKER_IMG_NAME}
	cat << EOF > refarch/build.env
	# Project settings
	PROJECT=bb

	# General
	MFA_ENABLED=false

	# Terraform
	TERRAFORM_IMAGE_TAG=${TOOLBOX_VERSION}
	EOF

	- name: Install CLI
	run: \|
	printf "[INFO] Installing CLI\n"
	python --version
	pip install leverage

	- name: Set up credentials
	run: \|
	printf "[INFO] Setting up credentials\n"
	mkdir -p ~/.aws/bb
	aws configure set aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }} --profile bb-deploymaster
	aws configure set aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }} --profile bb-deploymaster
	aws configure set region us-east-1 --profile bb-apps-devstg-devops
	aws configure set output json --profile bb-apps-devstg-devops
	aws configure set role_arn arn:aws:iam::${{ secrets.AWS_DEVSTG_ACCOUNT_ID }}:role/DeployMaster --profile bb-apps-devstg-devops
	aws configure set source_profile bb-deploymaster --profile bb-apps-devstg-devops
	cat << EOF > ~/.aws/credentials
	[bb-deploymaster]
	aws_access_key_id = ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws_secret_access_key = ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	EOF
	cp ~/.aws/credentials ~/.aws/bb/
	cp ~/.aws/config ~/.aws/bb/

	- name: Configure Reference Architecture
	run: \|
	echo "[INFO] Configure Reference Architecture\n"
	cat << EOF >> ./config/common.tfvars
	project = "bb"
	project_long = "binbash"
	region_primary = "us-east-1"
	region_secondary = "us-east-2"
	vault_address = "vault_trash"
	vault_token = "vault_trash"
	sso_region = "us-east-1"
	sso_enabled = false
	sso_start_url = "sso_trash"

	accounts = {
	security = {
	id = ${{ secrets.AWS_SECURITY_ACCOUNT_ID }}
	}
	apps-devstg = {
	id = ${{ secrets.AWS_DEVSTG_ACCOUNT_ID }}
	}
	}
	EOF
	echo "[INFO] Disable MFA\n"
	sed -i "s/^$MFA_ENABLED=$true/\1false/" build.env
	working-directory: ./refarch

	- name: Test Terraform
	env:
	LEVERAGE_INTERACTIVE: 0
	run: \|
	printf "[INFO] Testing terraform\n"
	# These are later mounted in the container
	mkdir ~/.ssh && touch ~/.gitconfig

	printf "[INFO] Initializing layer\n"
	leverage tf init

	printf "[INFO] Generating plan\n"
	leverage tf plan

	working-directory: ./refarch/apps-devstg/global/cli-test-layer

	- name: Test AWS
	run: \|
	printf "[INFO] Testing AWS\n"

	printf "[INFO] Getting identity\n"
	ID=$(leverage aws sts get-caller-identity --profile bb-apps-devstg-devops \| grep Account \| sed -E 's/^.("Account.+")[0-9]{12}".$/\1************"/')
	if [[ "$ID" == "\"Account\": \"************\"" ]];
	then
	printf "[INFO] OK \n"
	else
	printf "[ERROR] Fail \n"
	exit 1
	fi



	working-directory: ./refarch/apps-devstg/global/cli-test-layer

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

bug: Use the correct user instead of hardcoding leverage #92

Workflow file

bug: Use the correct user instead of hardcoding leverage #92

Jobs

Run details

Workflow file for this run