forked from bank-vaults/bank-vaults
-
Notifications
You must be signed in to change notification settings - Fork 0
128 lines (108 loc) · 3.34 KB
/
ci-config-crud-e2e.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
name: CI - E2E tests
on:
pull_request: {}
workflow_dispatch:
inputs:
log-level:
description: 'Set log level for verbosity'
required: false
default: 'info'
type: choice
options:
- 'info'
- 'debug'
jobs:
validate-config-crud:
name: Validate Config CRUD
runs-on: ubuntu-latest
services:
vault:
image: vault:1.9.1
ports:
- 8200:8200
options: >-
--name=vault
--cap-add=IPC_LOCK
env:
VAULT_DEV_ROOT_TOKEN_ID: e2e_tests
env:
GO_VERSION: 1.19.2
VAULT_TOKEN: 'e2e_tests'
VAULT_ADDR: 'http://0.0.0.0:8200'
VAULT_LOG_FILE: 'vault.log'
BANK_VAULTS_LOG_FILE: 'bank-vaults.log'
BANK_VAULTS_CONFIG_FILE: '/tmp/vault-config.yml'
# The input value changes according to the workflow context.
LOG_LEVEL: "${{ github.event.inputs.log-level || inputs.log-level }}"
steps:
- name: Copy Vault binary
run: |
docker cp vault:/bin/vault /usr/local/bin/vault
- name: Checkout code
uses: actions/checkout@v3
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: ${{ env.GO_VERSION }}
- uses: actions/cache@v3
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Build bank-vaults binary
run: |
go install ./cmd/bank-vaults/...
- name: Run bank-vaults
run: |
touch "${BANK_VAULTS_CONFIG_FILE}"
bank-vaults configure \
--mode dev \
--vault-config-file "${BANK_VAULTS_CONFIG_FILE}" \
&> "${BANK_VAULTS_LOG_FILE}" & disown
- name: Test group - Audit
if: always()
run: |
bash scripts/validate-config-crud/validate-config-crud.sh "audit"
- name: Test group - Auth
if: always()
run: |
bash scripts/validate-config-crud/validate-config-crud.sh "auth"
- name: Test group - Groups
if: always()
run: |
bash scripts/validate-config-crud/validate-config-crud.sh "groups"
- name: Test group - Group-Aliases
if: always()
run: |
bash scripts/validate-config-crud/validate-config-crud.sh "group-aliases"
- name: Test group - Policies
if: always()
run: |
bash scripts/validate-config-crud/validate-config-crud.sh "policies"
- name: Test group - StartupSecrets
if: always()
run: |
bash scripts/validate-config-crud/validate-config-crud.sh "startupSecrets"
- name: Test group - Secrets
if: always()
run: |
bash scripts/validate-config-crud/validate-config-crud.sh "secrets"
- name: Print logs
if: always()
run: |
echo -e "\nVaults logs ..."
docker logs vault &> "${VAULT_LOG_FILE}"
cat "${VAULT_LOG_FILE}"
echo -e "\nBank-Vaults logs ..."
cat "${BANK_VAULTS_LOG_FILE}"
- name: Store log files
if: always()
uses: actions/upload-artifact@v3
with:
name: logs
path: |
${{ env.VAULT_LOG_FILE }}
${{ env.BANK_VAULTS_LOG_FILE }}