2024-09-15 20:42:29 +00:00
|
|
|
---
|
|
|
|
name: test
|
|
|
|
on:
|
|
|
|
pull_request:
|
|
|
|
types:
|
|
|
|
- opened
|
|
|
|
- edited
|
|
|
|
- synchronize
|
|
|
|
branches:
|
|
|
|
- main
|
|
|
|
# paths:
|
|
|
|
# - roles/vault/**
|
|
|
|
|
|
|
|
jobs:
|
2024-09-15 21:00:26 +00:00
|
|
|
retrieve-credentials:
|
|
|
|
name: Retrieve Credentials
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
outputs:
|
|
|
|
registry-username: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_USERNAME }}
|
|
|
|
registry-token: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_TOKEN }}
|
|
|
|
steps:
|
|
|
|
- name: Get secrets from vault
|
|
|
|
id: import-secrets
|
|
|
|
uses: hashicorp/vault-action@v3
|
|
|
|
with:
|
|
|
|
url: "https://vault.ednz.fr"
|
|
|
|
method: approle
|
|
|
|
roleId: ${{ secrets.VAULT_APPROLE_ID }}
|
|
|
|
secretId: ${{ secrets.VAULT_APPROLE_SECRET_ID }}
|
|
|
|
secrets: |
|
|
|
|
kv/data/applications/gitea/users/actions username | GITEA_ACTIONS_USERNAME ;
|
|
|
|
kv/data/applications/gitea/users/actions token_write | GITEA_ACTIONS_TOKEN ;
|
|
|
|
|
2024-09-15 20:42:29 +00:00
|
|
|
end_to_end_vault:
|
2024-09-15 21:01:50 +00:00
|
|
|
needs: retrieve-credentials
|
2024-09-15 20:47:29 +00:00
|
|
|
strategy:
|
|
|
|
matrix:
|
|
|
|
test_os: ["vault_default", "vault_with_raft_enabled"]
|
|
|
|
scenario:
|
|
|
|
["debian11", "debian12", "ubuntu2004", "ubuntu2204", "ubuntu2404"]
|
2024-09-15 20:43:11 +00:00
|
|
|
uses: ./.gitea/workflows/e2e-tests.yml
|
2024-09-15 20:42:29 +00:00
|
|
|
with:
|
|
|
|
role: vault
|
2024-09-15 20:47:29 +00:00
|
|
|
scenario: ${{ matrix.scenario}}
|
|
|
|
test_os: ${{ matrix.test_os }}
|
2024-09-15 20:51:47 +00:00
|
|
|
secrets:
|
2024-09-15 21:00:26 +00:00
|
|
|
GITEA_ACTIONS_USERNAME: ${{ needs.retrieve-credentials.outputs.registry-username }}
|
|
|
|
GITEA_ACTIONS_TOKEN: ${{ needs.retrieve-credentials.outputs.registry-token }}
|