hcp-ansible/.gitea/workflows/e2e-tests-vault.yml
Bertrand Lanson 3a6586719b
All checks were successful
development / Check commit compliance (push) Successful in 5s
pull-requests-open / Check commit compliance (pull_request) Successful in 7s
ci: add nomad and consul tests, only run tests when they change
2024-09-16 19:43:52 +02:00

50 lines
1.5 KiB
YAML

---
name: test
on:
pull_request:
types:
- opened
- edited
- synchronize
branches:
- main
paths:
- roles/vault/**
- plugins/modules/vault_unseal.py
jobs:
retrieve-credentials:
name: Retrieve Credentials
runs-on: ubuntu-latest
outputs:
registry-username: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_USERNAME }}
registry-token: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_TOKEN }}
steps:
- name: Get secrets from vault
id: import-secrets
uses: hashicorp/vault-action@v3
with:
url: "https://vault.ednz.fr"
method: approle
roleId: ${{ secrets.VAULT_APPROLE_ID }}
secretId: ${{ secrets.VAULT_APPROLE_SECRET_ID }}
secrets: |
kv/data/applications/gitea/users/actions username | GITEA_ACTIONS_USERNAME ;
kv/data/applications/gitea/users/actions token_write | GITEA_ACTIONS_TOKEN ;
end_to_end_vault:
needs: retrieve-credentials
strategy:
matrix:
test_os:
["debian11", "debian12", "ubuntu2004", "ubuntu2204", "ubuntu2404"]
scenario: ["vault_default", "vault_with_raft_enabled"]
uses: ./.gitea/workflows/e2e-tests.yml
with:
role: vault
scenario: ${{ matrix.scenario }}
test_os: ${{ matrix.test_os }}
secrets:
GITEA_ACTIONS_USERNAME: ${{ needs.retrieve-credentials.outputs.registry-username }}
GITEA_ACTIONS_TOKEN: ${{ needs.retrieve-credentials.outputs.registry-token }}