.github/workflows/canary-integration-test.yml

name: integration tests
on:
  pull_request:
    branches:
      - master

defaults:
  run:
    # reference: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#using-a-specific-shell
    shell: bash --noprofile --norc -eo pipefail -x {0}

jobs:
  vault:
    # Minikube setup requires ubuntu 18.04 or 20.04.
    runs-on: ubuntu-20.04
    steps:
    - name: checkout
      uses: actions/checkout@v2

    - name: setup golang
      uses: actions/setup-go@v2
      with:
        go-version: 1.19

    - name: setup minikube
      uses: manusa/actions-setup-minikube@v2.4.2
      with:
        minikube version: 'v1.30.1'
        kubernetes version: 'v1.22.17'
        start args: --memory 6g --cpus=2
        github token: ${{ secrets.GITHUB_TOKEN }}

    - name: deploy vault
      run: tests/scripts/deploy-validate-vault.sh deploy

    - name: run vault suite test
      run: |
        kubectl port-forward vault-0 8200:8200 &
        VAULT_TOKEN=$(< vault-token) make ci-test

    - name: run vault token integration test
      run: |
        VAULT_ADDR=http://127.0.0.1:8200 VAULT_TOKEN=$(< vault-token) make integration-test

    - name: run vault approle integration test
      run: |
        VAULT_ADDR=http://127.0.0.1:8200 VAULT_AUTH_METHOD=approle VAULT_APPROLE_ROLE_ID=$(< vault-role_id) VAULT_APPROLE_SECRET_ID=$(< vault-secret_id) make integration-test

    - name: validate vault keys are gone
      run: tests/scripts/deploy-validate-vault.sh validate

    - name: setup tmate session for debugging
      if: failure()
      uses: mxschmitt/action-tmate@v3
      timeout-minutes: 120