hashistack/.gitea/workflows/e2e-tests-vault.yml

---
name: test
on:
  pull_request:
    types:
      - opened
      - edited
      - synchronize
    branches:
      - main
    # paths:
    #   - roles/vault/**

jobs:
  retrieve-credentials:
    name: Retrieve Credentials
    runs-on: ubuntu-latest
    outputs:
      registry-username: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_USERNAME }}
      registry-token: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_TOKEN }}
    steps:
      - name: Get secrets from vault
        id: import-secrets
        uses: hashicorp/vault-action@v3
        with:
          url: "https://vault.ednz.fr"
          method: approle
          roleId: ${{ secrets.VAULT_APPROLE_ID }}
          secretId: ${{ secrets.VAULT_APPROLE_SECRET_ID }}
          secrets: |
            kv/data/applications/gitea/users/actions username | GITEA_ACTIONS_USERNAME ;
            kv/data/applications/gitea/users/actions token_write | GITEA_ACTIONS_TOKEN ;

  end_to_end_vault:
    strategy:
      matrix:
        test_os: ["vault_default", "vault_with_raft_enabled"]
        scenario:
          ["debian11", "debian12", "ubuntu2004", "ubuntu2204", "ubuntu2404"]
    uses: ./.gitea/workflows/e2e-tests.yml
    with:
      role: vault
      scenario: ${{ matrix.scenario}}
      test_os: ${{ matrix.test_os }}
    secrets:
      GITEA_ACTIONS_USERNAME: ${{ needs.retrieve-credentials.outputs.registry-username }}
      GITEA_ACTIONS_TOKEN: ${{ needs.retrieve-credentials.outputs.registry-token }}
ci: test reusable workflows 2024-09-15 20:42:29 +00:00			`---`
			`name: test`
			`on:`
			`pull_request:`
			`types:`
			`- opened`
			`- edited`
			`- synchronize`
			`branches:`
			`- main`
			`# paths:`
			`# - roles/vault/**`

			`jobs:`
ci: pass secets to reusable workflow 2024-09-15 21:00:26 +00:00			`retrieve-credentials:`
			`name: Retrieve Credentials`
			`runs-on: ubuntu-latest`
			`outputs:`
			`registry-username: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_USERNAME }}`
			`registry-token: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_TOKEN }}`
			`steps:`
			`- name: Get secrets from vault`
			`id: import-secrets`
			`uses: hashicorp/vault-action@v3`
			`with:`
			`url: "https://vault.ednz.fr"`
			`method: approle`
			`roleId: ${{ secrets.VAULT_APPROLE_ID }}`
			`secretId: ${{ secrets.VAULT_APPROLE_SECRET_ID }}`
			`secrets: \|`
			`kv/data/applications/gitea/users/actions username \| GITEA_ACTIONS_USERNAME ;`
			`kv/data/applications/gitea/users/actions token_write \| GITEA_ACTIONS_TOKEN ;`

ci: test reusable workflows 2024-09-15 20:42:29 +00:00			`end_to_end_vault:`
ci: do not use matrix inside reusable workflow 2024-09-15 20:47:29 +00:00			`strategy:`
			`matrix:`
			`test_os: ["vault_default", "vault_with_raft_enabled"]`
			`scenario:`
			`["debian11", "debian12", "ubuntu2004", "ubuntu2204", "ubuntu2404"]`
ci: fix path for workflow 2024-09-15 20:43:11 +00:00			`uses: ./.gitea/workflows/e2e-tests.yml`
ci: test reusable workflows 2024-09-15 20:42:29 +00:00			`with:`
			`role: vault`
ci: do not use matrix inside reusable workflow 2024-09-15 20:47:29 +00:00			`scenario: ${{ matrix.scenario}}`
			`test_os: ${{ matrix.test_os }}`
ci: pass secets to reusable workflow 2024-09-15 20:51:47 +00:00			`secrets:`
ci: pass secets to reusable workflow 2024-09-15 21:00:26 +00:00			`GITEA_ACTIONS_USERNAME: ${{ needs.retrieve-credentials.outputs.registry-username }}`
			`GITEA_ACTIONS_TOKEN: ${{ needs.retrieve-credentials.outputs.registry-token }}`