build(deps): bump github.com/aws/aws-sdk-go from 1.44.248 to 1.44.307 #115
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: [pull_request] | |
env: | |
GO_VERSION: 1.19.2 | |
jobs: | |
checks: | |
name: Checks | |
runs-on: ubuntu-latest | |
services: | |
vault: | |
image: vault:1.6.2 | |
env: | |
SKIP_SETCAP: true | |
VAULT_DEV_ROOT_TOKEN_ID: 227e1cce-6bf7-30bb-2d2a-acc854318caf | |
ports: | |
- 8200:8200 | |
steps: | |
- name: Set up Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- name: Check out code | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 # chart testing fails otherwise | |
- name: Check licenses | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: make license-check | |
- name: Set up chart-testing | |
uses: helm/[email protected] | |
- name: Run chart-testing | |
run: ct lint --debug --config charts/testing.yaml | |
- name: Setup test dependencies | |
run: | | |
sudo apt install opensc softhsm | |
sudo mkdir -p /var/lib/softhsm/tokens/ | |
sudo softhsm2-util --init-token --free --label bank-vaults --so-pin banzai --pin banzai | |
sudo pkcs11-tool --module /usr/lib/softhsm/libsofthsm2.so --keypairgen --key-type rsa:2048 --pin banzai --token-label bank-vaults --label bank-vaults | |
sudo chown -R runner:docker /etc/softhsm /var/lib/softhsm | |
- name: Run verification | |
run: make check | |
env: | |
VAULT_TOKEN: 227e1cce-6bf7-30bb-2d2a-acc854318caf | |
build-bank-vaults: | |
name: Build bank-vaults | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Build and push | |
uses: docker/build-push-action@v4 | |
with: | |
context: . | |
file: ./Dockerfile | |
tags: bank-vaults:latest | |
outputs: type=docker,dest=/tmp/bank-vaults.tar | |
- name: Upload artifact | |
uses: actions/upload-artifact@v3 | |
with: | |
name: bank-vaults | |
path: /tmp/bank-vaults.tar | |
build-vault-secrets-webhook: | |
name: Build webhook | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Build and push | |
uses: docker/build-push-action@v4 | |
with: | |
context: . | |
file: ./Dockerfile.webhook | |
tags: vault-secrets-webhook:latest | |
outputs: type=docker,dest=/tmp/vault-secrets-webhook.tar | |
- name: Upload artifact | |
uses: actions/upload-artifact@v3 | |
with: | |
name: vault-secrets-webhook | |
path: /tmp/vault-secrets-webhook.tar | |
build-vault-operator: | |
name: Build operator | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Build and push | |
uses: docker/build-push-action@v4 | |
with: | |
context: . | |
file: ./Dockerfile.operator | |
tags: vault-operator:latest | |
outputs: type=docker,dest=/tmp/vault-operator.tar | |
- name: Upload artifact | |
uses: actions/upload-artifact@v3 | |
with: | |
name: vault-operator | |
path: /tmp/vault-operator.tar | |
build-vault-env: | |
name: Build vault-env | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Build and push | |
uses: docker/build-push-action@v4 | |
with: | |
context: . | |
file: ./Dockerfile.vault-env | |
tags: vault-env:latest | |
outputs: type=docker,dest=/tmp/vault-env.tar | |
- name: Upload artifact | |
uses: actions/upload-artifact@v3 | |
with: | |
name: vault-env | |
path: /tmp/vault-env.tar | |
# # Uncomment for debugging with SSH | |
# - name: Setup upterm session | |
# uses: lhotari/action-upterm@v1 | |
# with: | |
# ## limits ssh access and adds the ssh public key for the user which triggered the workflow | |
# limit-access-to-actor: true | |
# ## limits ssh access and adds the ssh public keys of the listed GitHub users | |
# limit-access-to-users: bonifaido | |
acceptance-test: | |
name: Acceptance test | |
runs-on: ubuntu-latest | |
needs: [build-bank-vaults, build-vault-operator, build-vault-env, build-vault-secrets-webhook] | |
strategy: | |
matrix: | |
k8s_version: ["v1.25.8", "v1.24.12", "v1.23.17"] | |
vault_version: ["1.13.1", "1.12.5", "1.11.9", "1.10.11"] | |
env: | |
KURUN_VERSION: "0.6.4" | |
steps: | |
- name: Set up Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
- name: Start kind cluster | |
run: | | |
kind version | |
kind create cluster --config test/kind.yaml --image kindest/node:${{ matrix.k8s_version }} --wait 1m | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Download Bank-Vaults docker image | |
uses: actions/download-artifact@v3 | |
with: | |
name: bank-vaults | |
path: /tmp | |
- name: Download operator docker image | |
uses: actions/download-artifact@v3 | |
with: | |
name: vault-operator | |
path: /tmp | |
- name: Download vault-env docker image | |
uses: actions/download-artifact@v3 | |
with: | |
name: vault-env | |
path: /tmp | |
- name: Download webhook docker image | |
uses: actions/download-artifact@v3 | |
with: | |
name: vault-secrets-webhook | |
path: /tmp | |
- name: Load Docker images to kind | |
run: | | |
kind load image-archive /tmp/bank-vaults.tar | |
kind load image-archive /tmp/vault-operator.tar | |
kind load image-archive /tmp/vault-env.tar | |
kind load image-archive /tmp/vault-secrets-webhook.tar | |
- name: Install kurun | |
run: | | |
curl -Lo kurun https://github.com/banzaicloud/kurun/releases/download/${KURUN_VERSION}/kurun-linux-amd64 && chmod +x kurun && sudo mv kurun /usr/local/bin/ | |
- name: Acceptance test | |
run: go test -v -timeout 900s -tags kubeall ./test | |
env: | |
VAULT_VERSION: ${{ matrix.vault_version }} | |
multi-cluster-acceptance-test: | |
name: Operator multi-cluster acceptance test | |
runs-on: ubuntu-latest | |
needs: build-vault-operator | |
env: | |
GO_VERSION: "1.19.2" | |
K8S_VERSION: "v1.23.4" | |
HELM_VERSION: "v3.8.0" | |
KIND_VERSION: "v0.12.0" | |
steps: | |
- name: Set up Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
- uses: azure/setup-helm@v3 | |
with: | |
version: ${{ env.HELM_VERSION }} | |
token: ${{ secrets.GITHUB_TOKEN }} | |
- uses: engineerd/[email protected] | |
with: | |
version: ${{ env.KIND_VERSION }} | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Download operator docker image | |
uses: actions/download-artifact@v3 | |
with: | |
name: vault-operator | |
path: /tmp | |
- name: Install envtpl | |
run: go install github.com/subfuzion/envtpl/...@428c2d7 | |
- name: Install cidr | |
run: go install github.com/hankjacobs/cidr@master | |
- name: Build the Helm charts | |
run: | | |
helm dep build ./charts/vault-operator | |
- name: Operator Multi-DC Raft test | |
run: | | |
./operator/deploy/multi-dc/test/multi-dc-raft.sh install |