-
Notifications
You must be signed in to change notification settings - Fork 5
133 lines (133 loc) · 4.69 KB
/
terraform-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
name: terraform-ci
on:
push:
branches:
- 'main'
- 'release/**'
pull_request:
branches:
- 'main'
- 'release/**'
env:
CONSUL_LICENSE: ${{ secrets.CONSUL_LICENSE }}
jobs:
action-lint:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
- name: Lint workflow
uses: docker://docker.mirror.hashicorp.services/rhysd/actionlint:latest
terraform-lint:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
- name: Setup Terraform
uses: hashicorp/setup-terraform@633666f66e0061ca3b725c73b2ec20cd13a8fdd1 # v2.0.3
with:
terraform_version: v1.3.1
- name: Validate
run: terraform fmt -check -recursive .
get-go-version:
uses: ./.github/workflows/reusable-get-go-version.yml
go-test-lint:
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./test/acceptance
needs:
- get-go-version
steps:
- name: Checkout
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
- name: Setup go
uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
with:
go-version: ${{ needs.get-go-version.outputs.go-version }}
cache-dependency-path: ./test/acceptance/go.sum
- name: lint-consul-retry
run: |
go install github.com/hashicorp/lint-consul-retry@latest
lint-consul-retry
- name: golangci-lint
uses: golangci/golangci-lint-action@08e2f20817b15149a52b5b3ebe7de50aff2ba8c5 # v3.4.0
with:
version: v1.51
args: "--verbose --enable gofmt --timeout 2m"
only-new-issues: false
skip-pkg-cache: true
skip-build-cache: true
working-directory: ./test/acceptance
acceptance:
strategy:
matrix:
platform:
- {goos: "linux", goarch: "amd64"}
- {goos: "linux", goarch: "arm64"}
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./test/acceptance
env:
TEST_RESULTS: /tmp/test-results
GOTESTSUM_VERSION: 1.8.0
OS: ${{ matrix.platform.goos }}
ARCH: ${{ matrix.platform.goarch }}
SESSION_MANAGER: ubuntu_64bit
needs:
- action-lint
- go-test-lint
- terraform-lint
- get-go-version
steps:
- name: Checkout
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
- uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
with:
go-version: ${{ needs.get-go-version.outputs.go-version }}
cache-dependency-path: ./test/acceptance/go.sum
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@2a1a44ac4aa01993040736bd95bb470da1a38365 # v2.9.0
- name: Setup gotestsum
shell: bash
run: |
url=https://github.com/gotestyourself/gotestsum/releases/download
curl -sSL "${url}/v${{ env.GOTESTSUM_VERSION }}/gotestsum_${{ env.GOTESTSUM_VERSION }}_linux_amd64.tar.gz" | \
tar -xz --overwrite -C /usr/local/bin gotestsum
- name: Install dependencies
run: |
sudo apt-get install -y expect
curl "https://s3.amazonaws.com/session-manager-downloads/plugin/latest/${{ env.SESSION_MANAGER }}/session-manager-plugin.deb" -o "session-manager-plugin.deb"
sudo dpkg -i session-manager-plugin.deb
- name: Configure AWS
# Environment variables for IAM roles are unsupported: https://github.com/aws/aws-cli/issues/5639
run: |
aws configure --profile lambda_user set aws_access_key_id "${{ secrets.AWS_ACCESS_KEY_ID }}"
aws configure --profile lambda_user set aws_secret_access_key "${{ secrets.AWS_SECRET_ACCESS_KEY }}"
aws configure set role_arn "${{ secrets.AWS_ROLE_ARN }}"
aws configure set region us-west-2
aws configure set source_profile lambda_user
- name: terraform init & apply
run: |
cd setup-terraform
terraform init
terraform apply -var arch="${{matrix.platform.goarch}}" -auto-approve
- name: Run acceptance tests
run: |
mkdir -p "$TEST_RESULTS"
gotestsum \
--packages "./..." \
--junitfile "$TEST_RESULTS/gotestsum-report.xml" \
--format standard-verbose -- \
./... -p 1 -timeout 90m -v -failfast
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
if: always()
with:
name: acceptance-test-results
path: ${{ env.TEST_RESULTS }}/gotestsum-report.xml
- name: terraform destroy
if: always()
run: |
cd setup-terraform
terraform destroy -auto-approve