Skip to content

Run tests for PRs #327

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 15, 2020
Merged

Run tests for PRs #327

merged 1 commit into from
Sep 15, 2020

Conversation

@ansd
Copy link
Member

@ansd ansd commented Sep 10, 2020
edited
Loading

Run unit, integration, helm chart, and system tests tests.

Closes to #270

System tests run against a kind cluster on a GitHub hosted Ubuntu VM.

Why not running the system tests against GKE?

This would require to add a GitHub secret with the GCP key file for authentication: gcloud auth activate-service-account [ACCOUNT] --key-file=KEY_FILE.
This comes with two drawbacks:

  1. PRs opened by forks won't be able to access this secret. Therefore, the action wouldn't be able to authenticate with GCP:

secrets are not passed to the runner when a workflow is triggered from a forked repository

see https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets

  1. The key-file has JSON format. The same site states:

avoid creating secrets that contain JSON

When (accidentally) printing that JSON, the private key doesn't get redacted and would be accessible in the logs by every GitHub user:

2020-09-11T10:08:35.8906119Z   ***
2020-09-11T10:08:35.8907179Z   ***
2020-09-11T10:08:35.8907513Z   ***
2020-09-11T10:08:35.8907954Z   "private_key": "-----BEGIN PRIVATE KEY-----
2020-09-11T10:08:35.8908275Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8908597Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8908933Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8909238Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8909666Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8909985Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8910305Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8910636Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8910940Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8911249Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8911554Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8912259Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8912576Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8912890Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8913224Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8913541Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8913856Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8914175Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8914549Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8914858Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8915171Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8915522Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8915828Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8916138Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8916473Z aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2020-09-11T10:08:35.8916771Z aaaaaaaaaaaaaaaaaaaaaaa=
2020-09-11T10:08:35.8917271Z -----END PRIVATE KEY-----
2020-09-11T10:08:35.8917549Z ",
2020-09-11T10:08:35.8918130Z   ***
2020-09-11T10:08:35.8918420Z   ***
2020-09-11T10:08:35.8918801Z   ***
2020-09-11T10:08:35.8919144Z   ***
2020-09-11T10:08:35.8919494Z   ***
2020-09-11T10:08:35.8920362Z   ***
2020-09-11T10:08:35.8920647Z ***

The solution in google-github-actions/setup-gcloud#134 to base64 encode the secret isn't convincing.

@ansd
Add GitHub actions for PRs
2e5ca22 
Run unit, integration, helm chart, and system tests

Closes to #270
coro
coro reviewed Sep 14, 2020
View reviewed changes
@Zerpet
Copy link
Member

Zerpet commented Sep 14, 2020

I'm going to add a WIP label to this PR based on #327 (comment). @ansd feel free to remove the label once you are happy with the state of the PR.

@Zerpet Zerpet added the WIP This issue hasn't been discussed or scheduled. Do not work on it. label Sep 14, 2020
@coro coro removed the WIP This issue hasn't been discussed or scheduled. Do not work on it. label Sep 15, 2020
@coro coro merged commit 22a628b into main Sep 15, 2020
@coro coro deleted the pr-pipeline branch September 15, 2020 08:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@michaelklishin michaelklishin michaelklishin approved these changes

@MirahImage MirahImage MirahImage approved these changes

+1 more reviewer

@coro coro coro left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@ansd @Zerpet @michaelklishin @coro @MirahImage