From 3a6586719b39d5d97ae5cf92d6bea5d5784d9fed Mon Sep 17 00:00:00 2001 From: Bertrand Lanson Date: Mon, 16 Sep 2024 19:43:52 +0200 Subject: [PATCH] ci: add nomad and consul tests, only run tests when they change --- .gitea/workflows/e2e-tests-consul.yml | 48 +++++++++++++++++++++++++++ .gitea/workflows/e2e-tests-nomad.yml | 48 +++++++++++++++++++++++++++ .gitea/workflows/e2e-tests-vault.yml | 5 +-- 3 files changed, 99 insertions(+), 2 deletions(-) create mode 100644 .gitea/workflows/e2e-tests-consul.yml create mode 100644 .gitea/workflows/e2e-tests-nomad.yml diff --git a/.gitea/workflows/e2e-tests-consul.yml b/.gitea/workflows/e2e-tests-consul.yml new file mode 100644 index 0000000..f6aaead --- /dev/null +++ b/.gitea/workflows/e2e-tests-consul.yml @@ -0,0 +1,48 @@ +--- +name: test +on: + pull_request: + types: + - opened + - edited + - synchronize + branches: + - main + paths: + - roles/consul/** + +jobs: + retrieve-credentials: + name: Retrieve Credentials + runs-on: ubuntu-latest + outputs: + registry-username: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_USERNAME }} + registry-token: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_TOKEN }} + steps: + - name: Get secrets from vault + id: import-secrets + uses: hashicorp/vault-action@v3 + with: + url: "https://vault.ednz.fr" + method: approle + roleId: ${{ secrets.VAULT_APPROLE_ID }} + secretId: ${{ secrets.VAULT_APPROLE_SECRET_ID }} + secrets: | + kv/data/applications/gitea/users/actions username | GITEA_ACTIONS_USERNAME ; + kv/data/applications/gitea/users/actions token_write | GITEA_ACTIONS_TOKEN ; + + end_to_end_vault: + needs: retrieve-credentials + strategy: + matrix: + test_os: + ["debian11", "debian12", "ubuntu2004", "ubuntu2204", "ubuntu2404"] + scenario: ["consul_default", "consul_with_acl_enabled"] + uses: ./.gitea/workflows/e2e-tests.yml + with: + role: vault + scenario: ${{ matrix.scenario }} + test_os: ${{ matrix.test_os }} + secrets: + GITEA_ACTIONS_USERNAME: ${{ needs.retrieve-credentials.outputs.registry-username }} + GITEA_ACTIONS_TOKEN: ${{ needs.retrieve-credentials.outputs.registry-token }} diff --git a/.gitea/workflows/e2e-tests-nomad.yml b/.gitea/workflows/e2e-tests-nomad.yml new file mode 100644 index 0000000..ae1ebf6 --- /dev/null +++ b/.gitea/workflows/e2e-tests-nomad.yml @@ -0,0 +1,48 @@ +--- +name: test +on: + pull_request: + types: + - opened + - edited + - synchronize + branches: + - main + paths: + - roles/nomad/** + +jobs: + retrieve-credentials: + name: Retrieve Credentials + runs-on: ubuntu-latest + outputs: + registry-username: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_USERNAME }} + registry-token: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_TOKEN }} + steps: + - name: Get secrets from vault + id: import-secrets + uses: hashicorp/vault-action@v3 + with: + url: "https://vault.ednz.fr" + method: approle + roleId: ${{ secrets.VAULT_APPROLE_ID }} + secretId: ${{ secrets.VAULT_APPROLE_SECRET_ID }} + secrets: | + kv/data/applications/gitea/users/actions username | GITEA_ACTIONS_USERNAME ; + kv/data/applications/gitea/users/actions token_write | GITEA_ACTIONS_TOKEN ; + + end_to_end_vault: + needs: retrieve-credentials + strategy: + matrix: + test_os: + ["debian11", "debian12", "ubuntu2004", "ubuntu2204", "ubuntu2404"] + scenario: ["nomad_default", "nomad_with_acl_enabled"] + uses: ./.gitea/workflows/e2e-tests.yml + with: + role: vault + scenario: ${{ matrix.scenario }} + test_os: ${{ matrix.test_os }} + secrets: + GITEA_ACTIONS_USERNAME: ${{ needs.retrieve-credentials.outputs.registry-username }} + GITEA_ACTIONS_TOKEN: ${{ needs.retrieve-credentials.outputs.registry-token }} diff --git a/.gitea/workflows/e2e-tests-vault.yml b/.gitea/workflows/e2e-tests-vault.yml index f272c06..1cd869b 100644 --- a/.gitea/workflows/e2e-tests-vault.yml +++ b/.gitea/workflows/e2e-tests-vault.yml @@ -8,8 +8,9 @@ on: - synchronize branches: - main - # paths: - # - roles/vault/** + paths: + - roles/vault/** + - plugins/modules/vault_unseal.py jobs: retrieve-credentials: