aherman
/
boundary
mirror of https://github.com/hashicorp/boundary
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ci(cliui): Move to separate workflow

Browse Source 
This will run the cli ui (bats) tests in a separate workflow from the
build workflow. This takes advantage of the newer workflow_run event to
trigger the tests after the build has completed, so that the artifacts
from the build step can still be used.
pull/3044/head
Timothy Messier 3 years ago
parent a241ca452c
commit e76b3b9511
No known key found for this signature in database
GPG Key ID: EFD2F184F7600572
2 changed files with 141 additions and 116 deletions
Show Stats Download Patch File Download Diff File

117
.github/workflows/build.yml vendored
Unescape View File

@ -353,7 +353,7 @@ jobs:
- product-metadata
- set-product-version
- build-linux
runs-on: ubuntu-latest
runs-on: ${{ fromJSON(vars.BUILDER_LINUX) }}
strategy:
matrix:
arch: ["arm", "arm64", "386", "amd64"]
@ -399,118 +399,3 @@ jobs:
docker-image-name: ${{ needs.build-docker.outputs.name }}
docker-image-file: "boundary_default_linux_amd64_${{ needs.set-product-version.outputs.product-version }}_${{ github.sha }}.docker.dev.tar"
secrets: inherit
bats:
runs-on: ubuntu-latest
name: CLI tests
if: "! github.event.pull_request.head.repo.fork"
needs:
- set-product-version
- build-linux
steps:
- uses: actions/checkout@v3
- name: Import GPG key for Boundary pass keystore
id: import_gpg
uses: crazy-max/ghaction-import-gpg@v5
with:
gpg_private_key: ${{ secrets.ENOS_GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.ENOS_GPG_PASSPHRASE }}
- name: Trust the pass keystore GPG key
id: trust_gpg
run: |
gpg -a --encrypt -r ${{ secrets.ENOS_GPG_UID }} --trust-model always
echo "trusted-key ${{ secrets.ENOS_GPG_UID }}" >> ~/.gnupg/gpg.conf
cat ~/.gnupg/gpg.conf
- name: Set up Bats CLI UI tests dependency cache
id: dep-cache
uses: actions/cache@v3
with:
path: /tmp/bats-cli-ui-deps
key: enos-bats-cli-ui-deps-jq-1.6-password-store-1.7.4-vault-1.12.2
- name: Set up Node for Bats install
uses: actions/setup-node@v3
with:
node-version: 16
- name: Install Bats via NPM
# Use npm so this workflow is portable on multiple runner distros
run: npm install --location=global bats
- name: Download jq for Bats CLI UI tests
if: steps.dep-cache.outputs.cache-hit != 'true'
# NOTE: if you update the jq version make sure to update the dep cache key
run: |
mkdir -p /tmp/bats-cli-ui-deps
wget https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64 -O /tmp/bats-cli-ui-deps/jq-bin
- name: Install jq for Bats CLI UI tests
run: |
chmod +x /tmp/bats-cli-ui-deps/jq-bin
sudo cp /tmp/bats-cli-ui-deps/jq-bin /usr/local/bin/jq
- name: Download and unzip pass for Boundary keyring
if: steps.dep-cache.outputs.cache-hit != 'true'
# NOTE: if you update the password store version make sure to update the dep cache key
run: |
mkdir -p /tmp/bats-cli-ui-deps/pass
wget https://git.zx2c4.com/password-store/snapshot/password-store-1.7.4.tar.xz -O /tmp/bats-cli-ui-deps/pass/pass.tar.xz
cd /tmp/bats-cli-ui-deps/pass
tar -xvf pass.tar.xz
- name: Install pass for Boundary keyring
run: |
cd /tmp/bats-cli-ui-deps/pass/password-store-1.7.4
sudo make install
pass init ${{ secrets.ENOS_GPG_UID }}
- name: Download Vault AMD64 binary for integration testing
if: steps.dep-cache.outputs.cache-hit != 'true'
run: |
wget https://releases.hashicorp.com/vault/1.12.2/vault_1.12.2_linux_amd64.zip -O /tmp/bats-cli-ui-deps/vault.zip
- name: Install Vault
run: |
unzip /tmp/bats-cli-ui-deps/vault.zip -d /usr/local/bin
- name: Download Linux AMD64 Boundary bundle
id: download
uses: actions/download-artifact@v3
with:
name: boundary_${{ needs.set-product-version.outputs.product-version }}_linux_amd64.zip
path: /tmp
- name: Unpack boundary bundle
run: |
unzip ${{steps.download.outputs.download-path}}/boundary_${{ needs.set-product-version.outputs.product-version }}_linux_amd64.zip -d /usr/local/bin
rm ${{steps.download.outputs.download-path}}/boundary_${{ needs.set-product-version.outputs.product-version }}_linux_amd64.zip
- name: Versions
run: |
echo "go version:"
go version
echo "bats version:"
bats --version
echo "jq version:"
jq --version
echo "gpg version:"
gpg --version
echo "pass version:"
pass --version
echo "bash version:"
bash --version
echo "boundary version:"
boundary version
echo "vault version:"
vault version
- name: Run cli bats tests
run: |
export VAULT_ADDR=http://127.0.0.1:8200
export VAULT_TOKEN=boundarytok
make -C internal/tests/cli test-vault-up
until vault status; do docker container inspect boundary-cli-tests-vault &> /dev/null || exit -1; sleep 1; done
make test-cli
- name: Cleanup
if: success() || failure()
run: |
make -C internal/tests/cli test-vault-down
- name: Send Slack message
if: ${{ failure() }}
uses: slackapi/slack-github-action@007b2c3c751a190b6f0f040e47ed024deaa72844 # v1.23.0
with:
channel-id: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_CHANNEL_ID }}
payload: |
{
"text": ":x: bats tests failed: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}\n*Branch:* ${{ github.event.ref }}\n*SHA:* <${{ github.event.head_commit.url }}|${{ github.event.after }}>"
}
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_TOKEN }}

140
.github/workflows/test-cli-ui.yml vendored
Unescape View File

@ -0,0 +1,140 @@
name: test-cli-ui
on:
workflow_dispatch:
workflow_run:
workflows: [ build ]
types:
- completed
permissions:
contents: read
actions: read
jobs:
set-product-version:
runs-on: ${{ fromJSON(vars.RUNNER) }}
outputs:
product-version: ${{ steps.set-product-version.outputs.product-version }}
base-product-version: $${{ steps.set-product-version.outputs.base-product-version }}
prerelease-product-version: ${{ steps.set-product-version.outputs.prerelease-product-version }}
steps:
- uses: actions/checkout@v3
- name: Set Product version
id: set-product-version
uses: hashicorp/actions-set-product-version@v1
bats:
runs-on: ${{ fromJSON(vars.RUNNER) }}
name: CLI tests
if: "! github.event.pull_request.head.repo.fork"
needs:
- set-product-version
steps:
- uses: actions/checkout@v3
- name: Import GPG key for Boundary pass keystore
id: import_gpg
uses: crazy-max/ghaction-import-gpg@v5
with:
gpg_private_key: ${{ secrets.ENOS_GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.ENOS_GPG_PASSPHRASE }}
- name: Trust the pass keystore GPG key
id: trust_gpg
run: |
gpg -a --encrypt -r ${{ secrets.ENOS_GPG_UID }} --trust-model always
echo "trusted-key ${{ secrets.ENOS_GPG_UID }}" >> ~/.gnupg/gpg.conf
cat ~/.gnupg/gpg.conf
- name: Set up Bats CLI UI tests dependency cache
id: dep-cache
uses: actions/cache@v3
with:
path: /tmp/bats-cli-ui-deps
key: enos-bats-cli-ui-deps-jq-1.6-password-store-1.7.4-vault-1.12.2
- name: Set up Node for Bats install
uses: actions/setup-node@v3
with:
node-version: 16
- name: Install Bats via NPM
# Use npm so this workflow is portable on multiple runner distros
run: npm install --location=global bats
- name: Download jq for Bats CLI UI tests
if: steps.dep-cache.outputs.cache-hit != 'true'
# NOTE: if you update the jq version make sure to update the dep cache key
run: |
mkdir -p /tmp/bats-cli-ui-deps
wget https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64 -O /tmp/bats-cli-ui-deps/jq-bin
- name: Install jq for Bats CLI UI tests
run: |
chmod +x /tmp/bats-cli-ui-deps/jq-bin
sudo cp /tmp/bats-cli-ui-deps/jq-bin /usr/local/bin/jq
- name: Download and unzip pass for Boundary keyring
if: steps.dep-cache.outputs.cache-hit != 'true'
# NOTE: if you update the password store version make sure to update the dep cache key
run: |
mkdir -p /tmp/bats-cli-ui-deps/pass
wget https://git.zx2c4.com/password-store/snapshot/password-store-1.7.4.tar.xz -O /tmp/bats-cli-ui-deps/pass/pass.tar.xz
cd /tmp/bats-cli-ui-deps/pass
tar -xvf pass.tar.xz
- name: Install pass for Boundary keyring
run: |
cd /tmp/bats-cli-ui-deps/pass/password-store-1.7.4
sudo make install
pass init ${{ secrets.ENOS_GPG_UID }}
- name: Download Vault AMD64 binary for integration testing
if: steps.dep-cache.outputs.cache-hit != 'true'
run: |
wget https://releases.hashicorp.com/vault/1.12.2/vault_1.12.2_linux_amd64.zip -O /tmp/bats-cli-ui-deps/vault.zip
- name: Install Vault
run: |
unzip /tmp/bats-cli-ui-deps/vault.zip -d /usr/local/bin
- name: Download Linux AMD64 Boundary bundle
uses: dawidd6/action-download-artifact@5e780fc7bbd0cac69fc73271ed86edf5dcb72d67 # v2.26.0
with:
workflow: build.yml
commit: ${{ github.sha }}
name: boundary_${{ needs.set-product-version.outputs.product-version }}_linux_amd64.zip
path: /tmp
- name: Unpack boundary bundle
run: |
unzip /tmp/boundary_${{ needs.set-product-version.outputs.product-version }}_linux_amd64.zip -d /usr/local/bin
rm /tmp/boundary_${{ needs.set-product-version.outputs.product-version }}_linux_amd64.zip
- name: Versions
run: |
echo "go version:"
go version
echo "bats version:"
bats --version
echo "jq version:"
jq --version
echo "gpg version:"
gpg --version
echo "pass version:"
pass --version
echo "bash version:"
bash --version
echo "boundary version:"
boundary version
echo "vault version:"
vault version
- name: Run cli bats tests
run: |
export VAULT_ADDR=http://127.0.0.1:8200
export VAULT_TOKEN=boundarytok
make -C internal/tests/cli test-vault-up
until vault status; do docker container inspect boundary-cli-tests-vault &> /dev/null || exit 255; sleep 1; done
make test-cli
- name: Cleanup
if: success() || failure()
run: |
make -C internal/tests/cli test-vault-down
- name: Send Slack message
if: ${{ failure() }}
uses: slackapi/slack-github-action@007b2c3c751a190b6f0f040e47ed024deaa72844 # v1.23.0
with:
channel-id: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_CHANNEL_ID }}
payload: |
{
"text": ":x: bats tests failed: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}\n*Branch:* ${{ github.event.ref }}\n*SHA:* <${{ github.event.head_commit.url }}|${{ github.event.after }}>"
}
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_TOKEN }}
Write Preview
Loading…
Cancel
Save