-
Notifications
You must be signed in to change notification settings - Fork 2
142 lines (125 loc) · 5.57 KB
/
tests.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
name: Tests
on:
push:
branches:
- main
- master
pull_request:
concurrency:
group: terraform-google-secret-manager
cancel-in-progress: false
jobs:
pre-commit:
runs-on: ubuntu-latest
name: Static Analysis
steps:
- name: Checkout
# for security reasons we pin commit ids and not tags.
# actions/[email protected] -> 2541b1294d2704b0964813337f33b291d3f8596b
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
with:
fetch-depth: 0
# - name: Setup SSH to Private Modules
# # for security reasons we pin commit ids and not tags.
# # webfactory/[email protected] -> fc49353b67b2b7c1e0e6a600572d01a69f2672dd
# uses: webfactory/ssh-agent@fc49353b67b2b7c1e0e6a600572d01a69f2672dd
# with:
# ssh-private-key: |
# ${{ secrets.DEPLOY_KEY__REPOSITORY_A }}
# ${{ secrets.DEPLOY_KEY__REPOSITORY_B }}
- name: Set up Golang
# for security reasons we pin commit ids and not tags.
# actions/[email protected] -> b22fbbc2921299758641fab08929b4ac52b32923
uses: actions/setup-go@b22fbbc2921299758641fab08929b4ac52b32923
with:
go-version: 1.17.6
- name: Set up Terramate
uses: giantswarm/install-binary-action@e97402b0aa95939ddba5b36aa77f8abc58a37fd5
with:
binary: terramate
version: 0.2.1
# https://github.com/mineiros-io/terramate/releases/download/v${version}/terramate_${version}_${os}_${arch}.tar.gz
download_url: "https://github.com/mineiros-io/${binary}/releases/download/v${version}/terramate_${version}_linux_x86_64.tar.gz"
tarball_binary_path: "${binary}"
- name: Clean Up Terramate Install Artifacts
run: rm -rf terramate
- name: Set up Terradoc
# for security reasons we pin commit ids and not tags.
# mineiros-io/terradoc@main -> af1a7b3ae3635958adf5ee2f40e0c3e70fd0803a
run: go install github.com/mineiros-io/terradoc/cmd/terradoc@af1a7b3ae3635958adf5ee2f40e0c3e70fd0803a
env:
GOPROXY: direct
- name: Set up Terraform
# for security reasons we pin commit ids and not tags.
# hashicorp/[email protected] -> 17d4c9b8043b238f6f35641cdd8433da1e6f3867
uses: hashicorp/setup-terraform@17d4c9b8043b238f6f35641cdd8433da1e6f3867
with:
terraform_version: 1.3.0
terraform_wrapper: false
- name: Setup TFLint
# for security reasons we pin commit ids and not tags.
# terraform-linters/[email protected] -> 9e653e0f7de0839150e03280e0981e0c25eaf10a
uses: terraform-linters/setup-tflint@9e653e0f7de0839150e03280e0981e0c25eaf10a
with:
tflint_version: v0.41.0
- name: Setup and run pre-commit
# for security reasons we pin commit ids and not tags.
# pre-commit/[email protected] -> 9b88afc9cd57fd75b655d5c71bd38146d07135fe
uses: pre-commit/action@9b88afc9cd57fd75b655d5c71bd38146d07135fe
unit-tests:
# needs: pre-commit
runs-on: ubuntu-latest
name: Unit Tests
steps:
- name: Checkout
# for security reasons we pin commit ids and not tags.
# actions/[email protected] -> 2541b1294d2704b0964813337f33b291d3f8596b
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
with:
fetch-depth: 0
# - name: Setup SSH to Private Modules
# # for security reasons we pin commit ids and not tags.
# # webfactory/[email protected] -> fc49353b67b2b7c1e0e6a600572d01a69f2672dd
# uses: webfactory/ssh-agent@fc49353b67b2b7c1e0e6a600572d01a69f2672dd
# with:
# ssh-private-key: |
# ${{ secrets.DEPLOY_KEY__REPOSITORY_A }}
# ${{ secrets.DEPLOY_KEY__REPOSITORY_B }}
- name: Check for Terraform file changes
# for security reasons we pin commit ids and not tags.
# getsentry/[email protected] -> b2feaf19c27470162a626bd6fa8438ae5b263721
uses: getsentry/paths-filter@b2feaf19c27470162a626bd6fa8438ae5b263721
id: changes
with:
filters: |
terraform:
- '*.tf'
- 'test/**/*.tf'
- 'test/**/*.go'
- 'test/go.mod'
- 'test/go.sum'
- name: Set up Terraform
if: steps.changes.outputs.terraform == 'true'
# for security reasons we pin commit ids and not tags.
# hashicorp/[email protected] -> 17d4c9b8043b238f6f35641cdd8433da1e6f3867
uses: hashicorp/setup-terraform@17d4c9b8043b238f6f35641cdd8433da1e6f3867
with:
terraform_version: 1.2.1
terraform_wrapper: false
- name: Set up Golang
if: steps.changes.outputs.terraform == 'true'
# for security reasons we pin commit ids and not tags.
# actions/[email protected] -> b22fbbc2921299758641fab08929b4ac52b32923
uses: actions/setup-go@b22fbbc2921299758641fab08929b4ac52b32923
with:
go-version: 1.17.6
- name: Run Unit Tests
if: steps.changes.outputs.terraform == 'true'
run: make test/unit-tests
env:
AWS_SECRET_ACCESS_KEY: ${{ secrets.MINEIROS_TESTING_AWS_SECRET_ACCESS_KEY }}
AWS_ACCESS_KEY_ID: ${{ secrets.MINEIROS_TESTING_AWS_ACCESS_KEY_ID }}
GOOGLE_CREDENTIALS: ${{ secrets.MINEIROS_TESTING_GCP_SA_KEY_FILE }}
TEST_GCP_PROJECT: ${{ secrets.MINEIROS_TESTING_GCP_PROJECT }}
TEST_GCP_ORG_DOMAIN: ${{ secrets.MINEIROS_TESTING_GCP_ORG_DOMAIN }}
TEST_GCP_BILLING_ACCOUNT: ${{ secrets.MINEIROS_TESTING_GCP_BILLING_ACCOUNT }}