Skip to content

chore: support IRSA for aws s3 provider #572

chore: support IRSA for aws s3 provider

chore: support IRSA for aws s3 provider #572

Workflow file for this run

name: Main CI
on:
push:
branches:
- "master"
tags:
- "*"
pull_request:
branches:
- "*"
env:
dockerhub_publish: ${{ secrets.DOCKER_PASS != '' }}
jobs:
meta:
runs-on: ubuntu-latest
outputs:
container_tags: ${{ steps.docker_action_meta.outputs.tags }}
container_labels: ${{ steps.docker_action_meta.outputs.labels }}
container_buildtime: ${{ fromJSON(steps.docker_action_meta.outputs.json).labels['org.opencontainers.image.created'] }}
container_version: ${{ fromJSON(steps.docker_action_meta.outputs.json).labels['org.opencontainers.image.version'] }}
container_revision: ${{ fromJSON(steps.docker_action_meta.outputs.json).labels['org.opencontainers.image.revision'] }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
submodules: false
persist-credentials: false
- name: Docker meta
id: docker_action_meta
uses: docker/metadata-action@v4.0.1
with:
images: |
name=ghcr.io/${{ github.repository }}/container
name=andrewgaul/s3proxy,enable=${{ env.dockerhub_publish }}
flavor: |
latest=auto
tags: |
type=sha,format=long
type=sha
type=match,pattern=s3proxy-(.*),group=1
type=ref,event=branch
type=ref,event=pr
type=ref,event=tag
labels: |
org.opencontainers.image.licenses=Apache-2.0
runTests:
runs-on: ubuntu-latest
needs: [meta]
steps:
- uses: actions/checkout@v4
with:
submodules: "recursive"
- uses: actions/setup-java@v4
with:
distribution: "temurin"
java-version: "11"
cache: "maven"
- uses: actions/setup-python@v4
with:
python-version: "3.11"
cache: "pip"
#Run tests
- name: Maven Set version
run: |
mvn versions:set -DnewVersion=${{ needs.meta.outputs.version }}
- name: Maven Package
run: |
mvn package verify -DskipTests
- name: Maven Test
run: |
mvn test
- name: Maven Test with transient-nio2
run: |
# TODO: run other test classes
mvn test -Ds3proxy.test.conf=s3proxy-transient-nio2.conf -Dtest=AwsSdkTest
- name: Maven Test with filesystem-nio2
run: |
# TODO: run other test classes
mkdir /tmp/blobstore
mvn test -Ds3proxy.test.conf=s3proxy-filesystem-nio2.conf -Dtest=AwsSdkTest
- name: Install Azurite
run: npx --yes --loglevel info azurite --version
- name: Start Azurite
shell: bash
run: npx --yes azurite azurite-blob &
- name: Maven Test with Azurite
run: |
# TODO: run other test classes
mvn test -Ds3proxy.test.conf=s3proxy-azurite.conf -Dtest=AwsSdkTest
- name: Install Minio
run: |
curl -o minio https://dl.min.io/server/minio/release/linux-amd64/minio
chmod +x minio
- name: Start Minio
run: |
mkdir mnt/
MINIO_SERVER_URL=http://127.0.0.1:9000 MINIO_ROOT_USER=remote-identity MINIO_ROOT_PASSWORD=remote-credential ./minio server mnt/ &
- name: Maven Test with Minio
run: |
# TODO: run other test classes
mvn test -Ds3proxy.test.conf=s3proxy-minio.conf -Dtest=AwsSdkTest
kill $(pidof minio)
- name: Install s3-tests
run: |
python -m pip install --upgrade pip
pip install tox tox-gh-actions
- name: Run s3-tests
run: |
./src/test/resources/run-s3-tests.sh
- name: Run s3-tests with transient-nio2
run: |
./src/test/resources/run-s3-tests.sh s3proxy-transient-nio2.conf
- name: Run s3-tests with Azurite
run: |
./src/test/resources/run-s3-tests.sh s3proxy-azurite.conf
kill $(pidof node)
#Store the target
- uses: actions/upload-artifact@v4
with:
name: s3proxy
path: target/s3proxy
- uses: actions/upload-artifact@v4
with:
name: pom
path: pom.xml
Containerize:
runs-on: ubuntu-latest
needs: [runTests, meta]
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
with:
name: s3proxy
path: target
- uses: actions/download-artifact@v4
with:
name: pom
path: .
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
uses: docker/login-action@v3
if: github.event_name != 'pull_request' && env.dockerhub_publish == 'true'
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASS }}
- name: Login to GHCR
uses: docker/login-action@v3
if: github.event_name != 'pull_request'
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64,linux/arm/v7
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ needs.meta.outputs.container_tags }}
labels: ${{ needs.meta.outputs.container_labels }}
build-args: |
BUILDTIME=${{ needs.meta.outputs.container_buildtime }}
VERSION=${{ needs.meta.outputs.container_version }}
REVISION=${{ needs.meta.outputs.container_revision }}
cache-from: type=gha
cache-to: type=gha,mode=max