hcp-ansible/.gitea/workflows/e2e-tests-vault.yml

49 lines
1.5 KiB
YAML
Raw Normal View History

2024-09-15 20:42:29 +00:00
---
name: test
on:
pull_request:
types:
- opened
- edited
- synchronize
branches:
- main
# paths:
# - roles/vault/**
jobs:
2024-09-15 21:00:26 +00:00
retrieve-credentials:
name: Retrieve Credentials
runs-on: ubuntu-latest
outputs:
registry-username: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_USERNAME }}
registry-token: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_TOKEN }}
steps:
- name: Get secrets from vault
id: import-secrets
uses: hashicorp/vault-action@v3
with:
url: "https://vault.ednz.fr"
method: approle
roleId: ${{ secrets.VAULT_APPROLE_ID }}
secretId: ${{ secrets.VAULT_APPROLE_SECRET_ID }}
secrets: |
kv/data/applications/gitea/users/actions username | GITEA_ACTIONS_USERNAME ;
kv/data/applications/gitea/users/actions token_write | GITEA_ACTIONS_TOKEN ;
2024-09-15 20:42:29 +00:00
end_to_end_vault:
2024-09-15 21:01:50 +00:00
needs: retrieve-credentials
strategy:
matrix:
test_os: ["vault_default", "vault_with_raft_enabled"]
scenario:
["debian11", "debian12", "ubuntu2004", "ubuntu2204", "ubuntu2404"]
2024-09-15 20:43:11 +00:00
uses: ./.gitea/workflows/e2e-tests.yml
2024-09-15 20:42:29 +00:00
with:
role: vault
scenario: ${{ matrix.scenario}}
test_os: ${{ matrix.test_os }}
2024-09-15 20:51:47 +00:00
secrets:
2024-09-15 21:00:26 +00:00
GITEA_ACTIONS_USERNAME: ${{ needs.retrieve-credentials.outputs.registry-username }}
GITEA_ACTIONS_TOKEN: ${{ needs.retrieve-credentials.outputs.registry-token }}