[DPE - 6153] - Propagate the security index intitialized through the peercluster relation #3183
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright 2024 Canonical Ltd. | |
| # See LICENSE file for licensing details. | |
| name: Tests | |
| concurrency: | |
| group: "${{ github.workflow }}-${{ github.ref }}" | |
| cancel-in-progress: true | |
| on: | |
| pull_request: | |
| schedule: | |
| - cron: '53 0 * * *' # Daily at 00:53 UTC | |
| # Triggered on push to branch "2/edge" by .github/workflows/release.yaml | |
| workflow_call: | |
| jobs: | |
| lint: | |
| name: Lint | |
| uses: canonical/data-platform-workflows/.github/workflows/[email protected] | |
| unit-test: | |
| name: Unit test charm | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install tox & poetry | |
| run: | | |
| pipx install tox | |
| pipx install poetry | |
| - name: Run tests | |
| run: tox run -e unit | |
| terraform-test: | |
| name: Terraform - Lint and Simple Deployment | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 120 | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: lint charm module | |
| run: | | |
| pushd ./terraform | |
| terraform init | |
| terraform fmt | |
| terraform validate | |
| pushd ./tests | |
| terraform init | |
| terraform fmt | |
| terraform validate | |
| popd | |
| popd | |
| - name: run checks - prepare | |
| run: | | |
| sudo snap install juju --channel=3.6/beta --classic | |
| sudo snap install juju-wait --channel=latest/stable --classic | |
| sudo snap install jq | |
| - name: LXD setup | |
| run: | | |
| sudo snap refresh lxd --channel=latest/stable | |
| sudo adduser "$USER" 'lxd' | |
| # `newgrp` does not work in GitHub Actions; use `sg` instead | |
| sg 'lxd' -c "lxd waitready" | |
| sg 'lxd' -c "lxd init --auto" | |
| sg 'lxd' -c "lxc network set lxdbr0 ipv6.address none" | |
| sudo iptables -F FORWARD | |
| sudo iptables -P FORWARD ACCEPT | |
| - name: Juju setup | |
| run: | | |
| sg 'lxd' -c "juju bootstrap 'localhost' --config model-logs-size=10G" | |
| juju model-defaults logging-config='<root>=INFO; unit=DEBUG' | |
| juju add-model test | |
| - name: Terraform deploy | |
| run: | | |
| pushd ./terraform/tests/ | |
| TF_VAR_model_name="test" terraform apply -target null_resource.simple_deployment_juju_wait_deployment -auto-approve | |
| popd | |
| lib-check: | |
| name: Check libraries | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - run: | | |
| # Workaround for https://github.com/canonical/charmcraft/issues/1389#issuecomment-1880921728 | |
| touch requirements.txt | |
| - name: Check libs | |
| uses: canonical/charming-actions/[email protected] | |
| with: | |
| credentials: ${{ secrets.CHARMHUB_TOKEN }} | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| use-labels: false | |
| fail-build: ${{ github.event_name == 'pull_request' }} | |
| build: | |
| name: Build charm | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| path: | |
| - . | |
| - ./tests/integration/relations/opensearch_provider/application-charm/ | |
| uses: canonical/data-platform-workflows/.github/workflows/[email protected] | |
| with: | |
| path-to-charm-directory: ${{ matrix.path }} | |
| cache: true | |
| integration-test: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| juju: | |
| # This runs on all runs | |
| - agent: 3.5.3 # renovate: juju-agent-pin-minor | |
| allure_report: true | |
| # This runs only on scheduled runs, DPW 21 specifics (scheduled + 3.6/X) | |
| - snap_channel: 3.6/beta | |
| allure_report: false | |
| name: Integration test charm | ${{ matrix.juju.agent || matrix.juju.snap_channel }} | |
| needs: | |
| - lint | |
| - unit-test | |
| - build | |
| uses: canonical/data-platform-workflows/.github/workflows/[email protected] | |
| with: | |
| juju-agent-version: ${{ matrix.juju.agent }} | |
| juju-snap-channel: ${{ matrix.juju.snap_channel }} | |
| _beta_allure_report: ${{ matrix.juju.allure_report }} | |
| artifact-prefix: packed-charm-cache-true | |
| cloud: lxd | |
| secrets: | |
| # GitHub appears to redact each line of a multi-line secret | |
| # Avoid putting `{` or `}` on a line by itself so that it doesn't get redacted in logs | |
| integration-test: | | |
| { "AWS_ACCESS_KEY": "${{ secrets.AWS_ACCESS_KEY }}", | |
| "AWS_SECRET_KEY": "${{ secrets.AWS_SECRET_KEY }}", | |
| "GCP_ACCESS_KEY": "${{ secrets.GCP_ACCESS_KEY }}", | |
| "GCP_SECRET_KEY": "${{ secrets.GCP_SECRET_KEY }}", | |
| "GCP_SERVICE_ACCOUNT": "${{ secrets.GCP_SERVICE_ACCOUNT }}", } | |
| permissions: | |
| contents: write |