SCALRCORE-30839 remove secret_key from read operation #1714
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: default | |
on: | |
push: | |
paths-ignore: | |
- CHANGELOG.md | |
- CONTRIBUTING.md | |
- README.md | |
jobs: | |
lint: | |
name: lint | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v3 | |
with: | |
go-version: "1.19" | |
- name: golangci-lint | |
uses: golangci/golangci-lint-action@v3 | |
with: | |
version: v1.48.0 | |
args: --timeout 2m | |
- name: Generate | |
run: go generate | |
- name: Validate generated code | |
shell: bash | |
run: | | |
if [ -z "$(git status --porcelain)" ]; then | |
echo "ok"; | |
else | |
echo "*** Unexpected differences after code generation. Run 'go generate' and commit."; | |
exit 1; | |
fi | |
docs-preview: | |
name: 'Docs: preview' | |
needs: [lint] | |
uses: ./.github/workflows/rdme.yml | |
with: | |
version: '0.0.4' | |
dry: true | |
secrets: | |
README_API_KEY: ${{ secrets.README_API_KEY }} | |
unit-tests: | |
name: unit-tests | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v3 | |
with: | |
go-version: "1.19" | |
- name: Run unit tests | |
run: make test | |
acc-tests: | |
runs-on: ubuntu-latest | |
name: acc-tests | |
env: | |
SCALR_TOKEN: ${{ secrets.SCALR_TOKEN }} | |
UPSTREAM_ID: ${{ github.run_number }} | |
steps: | |
- name: Sudo GitHub Token | |
id: generate_token | |
uses: tibdex/github-app-token@v1 | |
with: | |
app_id: ${{vars.SUDO_GHA_APP_ID}} | |
installation_id: ${{vars.SUDO_GHA_APP_INSTALLATION_ID}} | |
private_key: ${{secrets.SUDO_GHA_APP_PRIVATE_KEY}} | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v3 | |
with: | |
go-version: "1.19" | |
- name: Set API_BRANCH | |
run: echo "API_BRANCH=${GITHUB_REF#refs/heads/}" >> $GITHUB_ENV | |
- name: Check if same branch exists in fatmouse repository | |
id: check-branch | |
uses: actions/github-script@v6 | |
with: | |
github-token: ${{steps.generate_token.outputs.token}} | |
script: | | |
const owner = "Scalr"; | |
const repo = "fatmouse"; | |
const targetBranch = "${{ env.API_BRANCH }}"; | |
const default_branch = "master"; | |
try { | |
const { data: branch } = await github.request('GET /repos/{owner}/{repo}/branches/{branch}', { | |
owner: owner, | |
repo: repo, | |
branch: targetBranch | |
}); | |
console.log(`Branch found in the ${repo} repository: ${branch.name}`); | |
core.setOutput('branch', branch.name); | |
} catch (error) { | |
if (error.status === 404) { | |
console.log(`Branch not found in ${repo} repository.`); | |
core.setOutput('branch', default_branch); | |
} else { | |
console.error('Unexpected error:', error); | |
core.setFailed('Unexpected error'); | |
} | |
} | |
- name: Clone fatmouse repo | |
uses: actions/checkout@v3 | |
with: | |
repository: Scalr/fatmouse | |
path: fatmouse | |
ref: ${{ steps.check-branch.outputs.branch }} | |
token: ${{steps.generate_token.outputs.token}} | |
- id: auth | |
uses: google-github-actions/auth@v0 | |
with: | |
credentials_json: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }} | |
- name: Set up Cloud SDK | |
uses: google-github-actions/setup-gcloud@v0 | |
- name: Copy secrets | |
shell: bash | |
run: | | |
mkdir ~/.scalr-labs | |
gsutil cp gs://tacobell_development-156220/.secrets.yaml fatmouse/tacobell/.secrets.yaml | |
gsutil cp gs://tacobell_development-156220/github.json ~/.scalr-labs/github.json | |
- name: Configure docker | |
shell: bash | |
run: gcloud auth configure-docker eu.gcr.io | |
- name: Pull python builder | |
shell: bash | |
run: | | |
docker pull eu.gcr.io/development-156220/fatmouse/python-builder:master | |
docker tag eu.gcr.io/development-156220/fatmouse/python-builder:master fatmouse/python-builder:master | |
- name: Get current job log URL | |
uses: Tiryoh/gha-jobid-action@v0 | |
id: get-job-id | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
job_name: ${{ github.job }} | |
- name: Generate run tag | |
shell: bash | |
run: | | |
if [ ${{ github.run_attempt }} = 1 ]; then | |
RERUN_SUFFIX="" | |
else | |
RERUN_SUFFIX=$(echo -${{ github.run_attempt }}) | |
fi | |
echo "RUN_TAG=e2e-${{ github.workflow }}-${{ github.job }}-${{ github.run_number }}${RERUN_SUFFIX}" >> $GITHUB_ENV | |
- name: Create container | |
id: create | |
shell: bash | |
run: | | |
docker run --rm \ | |
-e GITHUB_WORKSPACE=true \ | |
-e GITHUB_OUTPUT=/fatmouse/output \ | |
-w /fatmouse \ | |
-v $PWD/fatmouse:/fatmouse \ | |
-v $GITHUB_OUTPUT:/fatmouse/output \ | |
-v ~/.scalr-labs:/etc/scalr-labs \ | |
fatmouse/python-builder:master python -u clickfile.py te up \ | |
--branch ${{ env.API_BRANCH }} \ | |
--run-url ${{ steps.get-job-id.outputs.html_url }} \ | |
--skip-ui-build \ | |
--agent-pool-id="${{vars.TACO_APOOL_ID}}" \ | |
${{ env.RUN_TAG }} | |
- name: Get Scalr hostname | |
shell: bash | |
run: | | |
SCALR_HOST=${{ steps.create.outputs.host }} | |
echo "SCALR_HOSTNAME=mainiacp.${SCALR_HOST/https:\/\//}" >> $GITHUB_ENV | |
- name: Run acceptance tests | |
env: | |
SCALR_HOSTNAME: ${{ env.SCALR_HOSTNAME }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
TEST_AWS_ACCESS_KEY: ${{ secrets.TEST_AWS_ACCESS_KEY }} | |
TEST_AWS_SECRET_KEY: ${{ secrets.TEST_AWS_SECRET_KEY }} | |
TEST_AWS_ROLE_ARN: ${{ secrets.TEST_AWS_ROLE_ARN }} | |
TEST_AWS_EXTERNAL_ID: ${{ secrets.TEST_AWS_EXTERNAL_ID }} | |
TEST_ARM_CLIENT_ID: ${{ secrets.TEST_ARM_CLIENT_ID }} | |
TEST_ARM_CLIENT_SECRET: ${{ secrets.TEST_ARM_CLIENT_SECRET }} | |
TEST_ARM_TENANT_ID: ${{ secrets.TEST_ARM_TENANT_ID }} | |
TEST_ARM_SUBSCRIPTION_ID: ${{ secrets.TEST_ARM_SUBSCRIPTION_ID }} | |
run: make testacc | |
- name: Install goveralls | |
env: | |
GO111MODULE: off | |
run: go get github.com/mattn/goveralls | |
- name: Send coverage | |
env: | |
COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: goveralls -coverprofile=covprofile -service=github | |
- name: Delete container | |
id: delete | |
if: ${{ always() }} | |
shell: bash | |
run: | | |
docker run --rm \ | |
-w /fatmouse \ | |
-v $PWD/fatmouse:/fatmouse \ | |
-v ~/.scalr-labs:/etc/scalr-labs \ | |
fatmouse/python-builder:master \ | |
python -u clickfile.py te rm \ | |
--no-wait ${{ env.RUN_TAG }} | |
upload-dev: | |
name: upload-dev | |
needs: [lint, unit-tests, acc-tests] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Import GPG key | |
id: import_gpg | |
uses: Scalr/ghaction-import-gpg@v2.1.1 | |
env: | |
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
- name: Set up Cloud SDK | |
uses: google-github-actions/setup-gcloud@v0 | |
with: | |
project_id: ${{ secrets.DEV_GCP_PROJECT_ID }} | |
service_account_key: ${{ secrets.DEV_GCP_SA_KEY }} | |
export_default_credentials: true | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Create dev-tag | |
run: | | |
BRANCH=$(git rev-parse --abbrev-ref HEAD | sed 's|\(.*\)|\L\1|g;s|/|-|g') | |
git tag v1.0.0-rc-$BRANCH | |
- name: Set up Go | |
uses: actions/setup-go@v3 | |
with: | |
go-version: "1.19" | |
- name: Run GoReleaser | |
uses: goreleaser/goreleaser-action@v3 | |
with: | |
version: v1.8.3 | |
args: release --skip-publish | |
env: | |
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} | |
- name: Upload provider to registry | |
uses: ./.github/actions/upload-provider | |
with: | |
gcs-bucket: ${{ secrets.DEV_BUCKET_NAME }} | |
registry-domain: ${{ secrets.DEV_DOMAIN }} | |
gpg-key-id: ${{ steps.import_gpg.outputs.fingerprint }} | |
gpg-pub-key: ${{ steps.import_gpg.outputs.pubkey }} | |
- name: Update network mirror | |
uses: ./.github/actions/update-network-mirror | |
with: | |
gcs-bucket: ${{ secrets.DEV_BUCKET_NAME }} | |
registry-domain: ${{ secrets.DEV_DOMAIN }} | |
dry-run: false | |
release: | |
name: release | |
if: startsWith(github.ref, 'refs/tags/') | |
needs: [lint, unit-tests, acc-tests] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Import GPG key | |
id: import_gpg | |
uses: Scalr/ghaction-import-gpg@v2.1.1 | |
env: | |
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
- name: Set up Cloud SDK | |
uses: google-github-actions/setup-gcloud@v0 | |
with: | |
project_id: ${{ secrets.GCP_PROJECT_ID }} | |
service_account_key: ${{ secrets.GCP_SA_KEY }} | |
export_default_credentials: true | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Set up Go | |
uses: actions/setup-go@v3 | |
with: | |
go-version: "1.19" | |
- name: Run GoReleaser | |
uses: goreleaser/goreleaser-action@v3 | |
with: | |
version: latest | |
args: release --rm-dist | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} | |
- name: Upload provider to registry | |
uses: ./.github/actions/upload-provider | |
with: | |
gcs-bucket: ${{ secrets.BUCKET_NAME }} | |
registry-domain: ${{ secrets.DOMAIN }} | |
gpg-key-id: ${{ steps.import_gpg.outputs.fingerprint }} | |
gpg-pub-key: ${{ steps.import_gpg.outputs.pubkey }} | |
- name: Update network mirror | |
uses: ./.github/actions/update-network-mirror | |
with: | |
gcs-bucket: ${{ secrets.BUCKET_NAME }} | |
registry-domain: ${{ secrets.DOMAIN }} | |
dry-run: false | |
docs-publish: | |
name: 'Docs: publish' | |
needs: [ release ] | |
uses: ./.github/workflows/rdme.yml | |
with: | |
version: '0.0.4' | |
dry: false | |
secrets: | |
README_API_KEY: ${{ secrets.README_API_KEY }} |