-
Notifications
You must be signed in to change notification settings - Fork 156
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Revert "CI tests for OIDC authentication (#3074)"
This reverts commit 385a96a.
- Loading branch information
1 parent
3207575
commit dca1c19
Showing
19 changed files
with
18 additions
and
576 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -8,7 +8,6 @@ providerVersion: github.com/hashicorp/terraform-provider-aws/version.ProviderVer | |
env: | ||
PULUMI_MISSING_DOCS_ERROR: true | ||
AWS_REGION: "us-west-2" | ||
OIDC_ROLE_ARN: ${{ secrets.OIDC_ROLE_ARN }} | ||
makeTemplate: bridged | ||
checkoutSubmodules: true | ||
# TODO: remove XrunUpstreamTools flag after work to add docs replacement strategies to resources.go is completed | ||
|
@@ -95,99 +94,3 @@ extraTests: | |
uses: codecov/codecov-action@v3 | ||
env: | ||
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | ||
|
||
test_oidc: | ||
if: github.event_name == 'repository_dispatch' || | ||
github.event.pull_request.head.repo.full_name == github.repository | ||
name: test_oidc | ||
needs: build_sdk | ||
permissions: | ||
contents: read | ||
id-token: write | ||
runs-on: pulumi-ubuntu-8core | ||
steps: | ||
- name: Checkout Repo | ||
uses: actions/checkout@v3 | ||
with: | ||
ref: ${{ env.PR_COMMIT_SHA }} | ||
submodules: true | ||
- name: Checkout Scripts Repo | ||
uses: actions/checkout@v3 | ||
with: | ||
path: ci-scripts | ||
repository: pulumi/scripts | ||
- name: Unshallow clone for tags | ||
run: git fetch --prune --unshallow --tags | ||
- name: Install Go | ||
uses: actions/setup-go@v4 | ||
with: | ||
cache-dependency-path: | | ||
sdk/go.sum | ||
go-version: 1.21.x | ||
- name: Install pulumictl | ||
uses: jaxxstorm/[email protected] | ||
with: | ||
repo: pulumi/pulumictl | ||
- name: Install Pulumi CLI | ||
uses: pulumi/actions@v4 | ||
with: | ||
pulumi-version: v3.77.1 | ||
- name: Setup Node | ||
uses: actions/setup-node@v2 | ||
with: | ||
node-version: ${{ env.NODEVERSION }} | ||
registry-url: https://registry.npmjs.org | ||
- name: Download provider + tfgen binaries | ||
uses: actions/download-artifact@v2 | ||
with: | ||
name: ${{ env.PROVIDER }}-provider.tar.gz | ||
path: ${{ github.workspace }}/bin | ||
- name: Untar provider binaries | ||
run: >- | ||
tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ | ||
github.workspace}}/bin | ||
find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print -exec chmod +x {} \; | ||
- name: Download SDK | ||
uses: actions/download-artifact@v2 | ||
with: | ||
name: ${{ matrix.language }}-sdk.tar.gz | ||
path: ${{ github.workspace}}/sdk/ | ||
- name: Uncompress SDK folder | ||
run: tar -zxf ${{ github.workspace }}/sdk/${{ matrix.language }}.tar.gz -C ${{ | ||
github.workspace }}/sdk/${{ matrix.language }} | ||
- name: Update path | ||
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" | ||
- name: Install dependencies | ||
run: make install_${{ matrix.language}}_sdk | ||
- name: Install gotestfmt | ||
uses: GoTestTools/gotestfmt-action@v2 | ||
with: | ||
token: ${{ secrets.GITHUB_TOKEN }} | ||
version: v2.4.0 | ||
- name: Make upstream | ||
run: make upstream | ||
- name: Run selected tests with manual web identity/OIDC auth | ||
run: cd examples && go test -v -json -count=1 -run TestAccCloudWatchOidcManual -tags=${{ matrix.language }} -parallel 4 . 2>&1 | tee /tmp/gotest.log | gotestfmt | ||
- name: Configure AWS Credentials for OIDC | ||
uses: aws-actions/configure-aws-credentials@v4 | ||
with: | ||
unset-current-credentials: true | ||
aws-region: ${{ env.AWS_REGION }} | ||
role-duration-seconds: 3600 | ||
role-session-name: ${{ env.PROVIDER }}@githubActions | ||
role-to-assume: ${{ secrets.OIDC_ROLE_ARN }} | ||
- name: Run selected tests with configure-aws-credentials web identity/OIDC auth | ||
run: cd examples && go test -v -json -count=1 -run TestAccCloudWatch -tags=${{ matrix.language }} -parallel 4 . 2>&1 | tee /tmp/gotest.log | gotestfmt | ||
- if: failure() && github.event_name == 'push' | ||
name: Notify Slack | ||
uses: 8398a7/action-slack@v3 | ||
with: | ||
author_name: Failure in running ${{ matrix.language }} tests | ||
fields: repo,commit,author,action | ||
status: ${{ job.status }} | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
language: | ||
- nodejs |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -14,7 +14,6 @@ env: | |
NODEVERSION: 20.x | ||
NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | ||
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} | ||
OIDC_ROLE_ARN: ${{ secrets.OIDC_ROLE_ARN }} | ||
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} | ||
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} | ||
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} | ||
|
@@ -287,7 +286,6 @@ jobs: | |
- test | ||
- license_check | ||
- go_test_shim | ||
- test_oidc | ||
runs-on: pulumi-ubuntu-8core | ||
steps: | ||
- name: Checkout Repo | ||
|
@@ -519,97 +517,6 @@ jobs: | |
name: Upload coverage reports to Codecov | ||
uses: codecov/codecov-action@v3 | ||
timeout-minutes: 60 | ||
test_oidc: | ||
if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository | ||
name: test_oidc | ||
needs: build_sdk | ||
permissions: | ||
contents: read | ||
id-token: write | ||
runs-on: pulumi-ubuntu-8core | ||
steps: | ||
- name: Checkout Repo | ||
uses: actions/checkout@v3 | ||
with: | ||
ref: ${{ env.PR_COMMIT_SHA }} | ||
submodules: true | ||
- name: Checkout Scripts Repo | ||
uses: actions/checkout@v3 | ||
with: | ||
path: ci-scripts | ||
repository: pulumi/scripts | ||
- name: Unshallow clone for tags | ||
run: git fetch --prune --unshallow --tags | ||
- name: Install Go | ||
uses: actions/setup-go@v4 | ||
with: | ||
cache-dependency-path: | | ||
sdk/go.sum | ||
go-version: 1.21.x | ||
- name: Install pulumictl | ||
uses: jaxxstorm/[email protected] | ||
with: | ||
repo: pulumi/pulumictl | ||
- name: Install Pulumi CLI | ||
uses: pulumi/actions@v4 | ||
with: | ||
pulumi-version: v3.77.1 | ||
- name: Setup Node | ||
uses: actions/setup-node@v2 | ||
with: | ||
node-version: ${{ env.NODEVERSION }} | ||
registry-url: https://registry.npmjs.org | ||
- name: Download provider + tfgen binaries | ||
uses: actions/download-artifact@v2 | ||
with: | ||
name: ${{ env.PROVIDER }}-provider.tar.gz | ||
path: ${{ github.workspace }}/bin | ||
- name: Untar provider binaries | ||
run: |- | ||
tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace}}/bin | ||
find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print -exec chmod +x {} \; | ||
- name: Download SDK | ||
uses: actions/download-artifact@v2 | ||
with: | ||
name: ${{ matrix.language }}-sdk.tar.gz | ||
path: ${{ github.workspace}}/sdk/ | ||
- name: Uncompress SDK folder | ||
run: tar -zxf ${{ github.workspace }}/sdk/${{ matrix.language }}.tar.gz -C ${{ github.workspace }}/sdk/${{ matrix.language }} | ||
- name: Update path | ||
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" | ||
- name: Install dependencies | ||
run: make install_${{ matrix.language}}_sdk | ||
- name: Install gotestfmt | ||
uses: GoTestTools/gotestfmt-action@v2 | ||
with: | ||
token: ${{ secrets.GITHUB_TOKEN }} | ||
version: v2.4.0 | ||
- name: Make upstream | ||
run: make upstream | ||
- name: Run selected tests with manual web identity/OIDC auth | ||
run: cd examples && go test -v -json -count=1 -run TestAccCloudWatchOidcManual -tags=${{ matrix.language }} -parallel 4 . 2>&1 | tee /tmp/gotest.log | gotestfmt | ||
- name: Configure AWS Credentials for OIDC | ||
uses: aws-actions/configure-aws-credentials@v4 | ||
with: | ||
aws-region: ${{ env.AWS_REGION }} | ||
role-duration-seconds: 3600 | ||
role-session-name: ${{ env.PROVIDER }}@githubActions | ||
role-to-assume: ${{ secrets.OIDC_ROLE_ARN }} | ||
unset-current-credentials: true | ||
- name: Run selected tests with configure-aws-credentials web identity/OIDC auth | ||
run: cd examples && go test -v -json -count=1 -run TestAccCloudWatch -tags=${{ matrix.language }} -parallel 4 . 2>&1 | tee /tmp/gotest.log | gotestfmt | ||
- if: failure() && github.event_name == 'push' | ||
name: Notify Slack | ||
uses: 8398a7/action-slack@v3 | ||
with: | ||
author_name: Failure in running ${{ matrix.language }} tests | ||
fields: repo,commit,author,action | ||
status: ${{ job.status }} | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
language: | ||
- nodejs | ||
|
||
name: master | ||
on: | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -15,7 +15,6 @@ env: | |
NODEVERSION: 20.x | ||
NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | ||
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} | ||
OIDC_ROLE_ARN: ${{ secrets.OIDC_ROLE_ARN }} | ||
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} | ||
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} | ||
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} | ||
|
@@ -230,7 +229,6 @@ jobs: | |
- test | ||
- license_check | ||
- go_test_shim | ||
- test_oidc | ||
runs-on: pulumi-ubuntu-8core | ||
steps: | ||
- name: Checkout Repo | ||
|
@@ -444,97 +442,6 @@ jobs: | |
name: Upload coverage reports to Codecov | ||
uses: codecov/codecov-action@v3 | ||
timeout-minutes: 60 | ||
test_oidc: | ||
if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository | ||
name: test_oidc | ||
needs: build_sdk | ||
permissions: | ||
contents: read | ||
id-token: write | ||
runs-on: pulumi-ubuntu-8core | ||
steps: | ||
- name: Checkout Repo | ||
uses: actions/checkout@v3 | ||
with: | ||
ref: ${{ env.PR_COMMIT_SHA }} | ||
submodules: true | ||
- name: Checkout Scripts Repo | ||
uses: actions/checkout@v3 | ||
with: | ||
path: ci-scripts | ||
repository: pulumi/scripts | ||
- name: Unshallow clone for tags | ||
run: git fetch --prune --unshallow --tags | ||
- name: Install Go | ||
uses: actions/setup-go@v4 | ||
with: | ||
cache-dependency-path: | | ||
sdk/go.sum | ||
go-version: 1.21.x | ||
- name: Install pulumictl | ||
uses: jaxxstorm/[email protected] | ||
with: | ||
repo: pulumi/pulumictl | ||
- name: Install Pulumi CLI | ||
uses: pulumi/actions@v4 | ||
with: | ||
pulumi-version: v3.77.1 | ||
- name: Setup Node | ||
uses: actions/setup-node@v2 | ||
with: | ||
node-version: ${{ env.NODEVERSION }} | ||
registry-url: https://registry.npmjs.org | ||
- name: Download provider + tfgen binaries | ||
uses: actions/download-artifact@v2 | ||
with: | ||
name: ${{ env.PROVIDER }}-provider.tar.gz | ||
path: ${{ github.workspace }}/bin | ||
- name: Untar provider binaries | ||
run: |- | ||
tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace}}/bin | ||
find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print -exec chmod +x {} \; | ||
- name: Download SDK | ||
uses: actions/download-artifact@v2 | ||
with: | ||
name: ${{ matrix.language }}-sdk.tar.gz | ||
path: ${{ github.workspace}}/sdk/ | ||
- name: Uncompress SDK folder | ||
run: tar -zxf ${{ github.workspace }}/sdk/${{ matrix.language }}.tar.gz -C ${{ github.workspace }}/sdk/${{ matrix.language }} | ||
- name: Update path | ||
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" | ||
- name: Install dependencies | ||
run: make install_${{ matrix.language}}_sdk | ||
- name: Install gotestfmt | ||
uses: GoTestTools/gotestfmt-action@v2 | ||
with: | ||
token: ${{ secrets.GITHUB_TOKEN }} | ||
version: v2.4.0 | ||
- name: Make upstream | ||
run: make upstream | ||
- name: Run selected tests with manual web identity/OIDC auth | ||
run: cd examples && go test -v -json -count=1 -run TestAccCloudWatchOidcManual -tags=${{ matrix.language }} -parallel 4 . 2>&1 | tee /tmp/gotest.log | gotestfmt | ||
- name: Configure AWS Credentials for OIDC | ||
uses: aws-actions/configure-aws-credentials@v4 | ||
with: | ||
aws-region: ${{ env.AWS_REGION }} | ||
role-duration-seconds: 3600 | ||
role-session-name: ${{ env.PROVIDER }}@githubActions | ||
role-to-assume: ${{ secrets.OIDC_ROLE_ARN }} | ||
unset-current-credentials: true | ||
- name: Run selected tests with configure-aws-credentials web identity/OIDC auth | ||
run: cd examples && go test -v -json -count=1 -run TestAccCloudWatch -tags=${{ matrix.language }} -parallel 4 . 2>&1 | tee /tmp/gotest.log | gotestfmt | ||
- if: failure() && github.event_name == 'push' | ||
name: Notify Slack | ||
uses: 8398a7/action-slack@v3 | ||
with: | ||
author_name: Failure in running ${{ matrix.language }} tests | ||
fields: repo,commit,author,action | ||
status: ${{ job.status }} | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
language: | ||
- nodejs | ||
|
||
name: prerelease | ||
on: | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.