PWX-36873: Add vault cooldowns #106
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: integration tests | |
on: | |
pull_request: | |
branches: | |
- master | |
defaults: | |
run: | |
# reference: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#using-a-specific-shell | |
shell: bash --noprofile --norc -eo pipefail -x {0} | |
jobs: | |
vault: | |
# Minikube setup requires ubuntu 18.04 or 20.04. | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: checkout | |
uses: actions/checkout@v2 | |
- name: setup golang | |
uses: actions/setup-go@v2 | |
with: | |
go-version: 1.19 | |
- name: setup minikube | |
uses: manusa/[email protected] | |
with: | |
minikube version: 'v1.30.1' | |
kubernetes version: 'v1.22.17' | |
start args: --memory 6g --cpus=2 | |
github token: ${{ secrets.GITHUB_TOKEN }} | |
- name: deploy vault | |
run: tests/scripts/deploy-validate-vault.sh deploy | |
- name: run vault suite test | |
run: | | |
kubectl port-forward vault-0 8200:8200 & | |
VAULT_TOKEN=$(< vault-token) make ci-test | |
- name: run vault token integration test | |
run: | | |
VAULT_ADDR=http://127.0.0.1:8200 VAULT_TOKEN=$(< vault-token) make integration-test | |
- name: run vault approle integration test | |
run: | | |
VAULT_ADDR=http://127.0.0.1:8200 VAULT_AUTH_METHOD=approle VAULT_APPROLE_ROLE_ID=$(< vault-role_id) VAULT_APPROLE_SECRET_ID=$(< vault-secret_id) make integration-test | |
- name: validate vault keys are gone | |
run: tests/scripts/deploy-validate-vault.sh validate | |
- name: setup tmate session for debugging | |
if: failure() | |
uses: mxschmitt/action-tmate@v3 | |
timeout-minutes: 120 |