From 32e09b9cc27a4627842d4f4b3361726395756981 Mon Sep 17 00:00:00 2001
From: Bertrand Lanson <bertrand.lanson@protonmail.com>
Date: Sun, 15 Sep 2024 22:42:29 +0200
Subject: [PATCH] ci: test reusable workflows

---
 .gitea/workflows/e2e-tests-vault.yml | 20 +++++++++
 .gitea/workflows/e2e-tests.yml       | 65 ++++++++++++++++++++++++++++
 2 files changed, 85 insertions(+)
 create mode 100644 .gitea/workflows/e2e-tests-vault.yml
 create mode 100644 .gitea/workflows/e2e-tests.yml

diff --git a/.gitea/workflows/e2e-tests-vault.yml b/.gitea/workflows/e2e-tests-vault.yml
new file mode 100644
index 0000000..af817a2
--- /dev/null
+++ b/.gitea/workflows/e2e-tests-vault.yml
@@ -0,0 +1,20 @@
+---
+name: test
+on:
+  pull_request:
+    types:
+      - opened
+      - edited
+      - synchronize
+    branches:
+      - main
+    # paths:
+    #   - roles/vault/**
+
+jobs:
+  end_to_end_vault:
+    uses: ./.github/workflows/e2e-tests.yml
+    with:
+      role: vault
+      scenarios: "['vault_default', 'vault_with_raft_enabled']"
+      test_os: "['debian11', 'debian12', 'ubuntu2004', 'ubuntu2204', 'ubuntu2404']"
diff --git a/.gitea/workflows/e2e-tests.yml b/.gitea/workflows/e2e-tests.yml
new file mode 100644
index 0000000..bfd3dcb
--- /dev/null
+++ b/.gitea/workflows/e2e-tests.yml
@@ -0,0 +1,65 @@
+---
+name: End-to-end tests
+
+on:
+  workflow_call:
+    inputs:
+      role:
+        required: true
+        type: string
+        description: "Which role should be tested"
+      scenarios:
+        required: true
+        type: string
+        description: "Which scenarios should be run (stringified list)"
+      test_os:
+        required: true
+        type: string
+        description: "On which OS to run the tests (stringified list)"
+
+jobs:
+  retrieve-credentials:
+    name: Retrieve Credentials
+    runs-on: ubuntu-latest
+    outputs:
+      registry-username: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_USERNAME }}
+      registry-token: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_TOKEN }}
+    steps:
+      - name: Get secrets from vault
+        id: import-secrets
+        uses: hashicorp/vault-action@v3
+        with:
+          url: "https://vault.ednz.fr"
+          method: approle
+          roleId: ${{ secrets.VAULT_APPROLE_ID }}
+          secretId: ${{ secrets.VAULT_APPROLE_SECRET_ID }}
+          secrets: |
+            kv/data/applications/gitea/users/actions username | GITEA_ACTIONS_USERNAME ;
+            kv/data/applications/gitea/users/actions token_write | GITEA_ACTIONS_TOKEN ;
+
+  molecule-test:
+    name: Molecule tests
+    runs-on: ubuntu-latest
+    container:
+      image: git.ednz.fr/container-factory/ansible-runner:act-latest
+      credentials:
+        username: ${{needs.retrieve-credentials.outputs.registry-username}}
+        password: ${{needs.retrieve-credentials.outputs.registry-token}}
+    strategy:
+      matrix:
+        test_os: ${{ fromJSON(inputs.test_os) }}
+        scenario: ${{ fromJSON(inputs.scenarios) }}
+    env:
+      ANSIBLE_HOST_KEY_CHECKING: "false"
+      ANSIBLE_FORCE_COLOR: "true"
+      ANSIBLE_PYTHON_INTERPRETER: /usr/bin/python3
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: "Molecule test"
+        run: molecule test -s ${{ matrix.scenario }}
+        shell: bash
+        working-directory: ${{ gitea.workspace }}/roles/${{ inputs.role }}
+        env:
+          MOLECULE_TEST_OS: ${{ matrix.test_os }}