-
Notifications
You must be signed in to change notification settings - Fork 293
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
56735bf
commit 5bb1079
Showing
22 changed files
with
424 additions
and
69 deletions.
There are no files selected for viewing
File renamed without changes.
File renamed without changes.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
--- | ||
name: Increment Milestone | ||
|
||
on: | ||
push: | ||
tags: | ||
- 'v*.*.*' | ||
|
||
permissions: | ||
issues: write | ||
contents: read | ||
|
||
jobs: | ||
increment-milestone: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 | ||
with: | ||
fetch-depth: 0 | ||
|
||
- name: "Increment Milestone" | ||
shell: bash | ||
run: bash ./scripts/increment-milestone.sh -u https://api.github.com/repos${{ github.owner }}/${{ github.repository }}/milestones -r ${{github.ref_name}} -t ${{secrets.GITHUB_TOKEN}} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,85 @@ | ||
--- | ||
name: Provider Tests | ||
on: | ||
pull_request: | ||
types: ["opened", "synchronize"] | ||
paths: | ||
- '.github/workflows/provider-test.yaml' | ||
- 'internal/**.go' | ||
- 'vendor/github.com/hashicorp/go-azure-sdk/sdk/auth/**' | ||
- 'vendor/github.com/hashicorp/go-azure-sdk/sdk/environments/**' | ||
|
||
permissions: | ||
contents: read | ||
id-token: write | ||
pull-requests: read | ||
|
||
jobs: | ||
secrets-check: | ||
runs-on: ubuntu-latest | ||
outputs: | ||
available: "${{ steps.check-secrets.outputs.available }}" | ||
steps: | ||
# we check for the ACTIONS_ID_TOKEN_REQUEST_URL variable as a proxy for other secrets | ||
# it will be unset when running for a PR from a fork, in which case we don't run these tests | ||
- id: check-secrets | ||
run: | | ||
if [[ "${ACTIONS_ID_TOKEN_REQUEST_URL}" == "" ]]; then | ||
echo "available=false" | tee ${GITHUB_OUTPUT} | ||
else | ||
echo "available=true" | tee ${GITHUB_OUTPUT} | ||
fi | ||
provider-tests: | ||
runs-on: [custom, linux, large] | ||
needs: [secrets-check] | ||
if: needs.secrets-check.outputs.available == 'true' | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 | ||
|
||
- name: Install Go | ||
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 | ||
with: | ||
go-version-file: ./.go-version | ||
|
||
- name: Azure CLI login | ||
run: az login --output none --username="${{ secrets.AZCLI_USERNAME }}" --password="${{ secrets.AZCLI_PASSWORD }}" | ||
|
||
- name: Set OIDC Token | ||
run: | | ||
echo "ARM_OIDC_TOKEN=$(curl -H "Accept: application/json; api-version=2.0" -H "Authorization: Bearer ${ACTIONS_ID_TOKEN_REQUEST_TOKEN}" -H "Content-Type: application/json" -G --data-urlencode "audience=api://AzureADTokenExchange" "${ACTIONS_ID_TOKEN_REQUEST_URL}" | jq -r '.value')" >>${GITHUB_ENV} | ||
- name: Set OIDC Token File Path | ||
run: echo "${ARM_OIDC_TOKEN}" >"${RUNNER_TEMP}/oidc-token.jwt" && echo "ARM_OIDC_TOKEN_FILE_PATH=${RUNNER_TEMP}/oidc-token.jwt" >>${GITHUB_ENV} | ||
|
||
- name: Set Client ID Path | ||
run: echo "${{ secrets.ARM_CLIENT_ID }}" >"${RUNNER_TEMP}/client-id" && echo "ARM_CLIENT_ID_PATH=${RUNNER_TEMP}/client-id" >>${GITHUB_ENV} | ||
|
||
- name: Set Client Secret Path | ||
run: echo "${{ secrets.ARM_CLIENT_SECRET }}" >"${RUNNER_TEMP}/client-secret" && echo "ARM_CLIENT_SECRET_PATH=${RUNNER_TEMP}/client-secret" >>${GITHUB_ENV} | ||
|
||
- name: Run provider tests | ||
run: make testacc TEST=./internal/provider TESTARGS="-run '^TestAcc'" | ||
env: | ||
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} | ||
ARM_CLIENT_CERTIFICATE: ${{ secrets.ARM_CLIENT_CERTIFICATE }} | ||
ARM_CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.ARM_CLIENT_CERTIFICATE_PASSWORD }} | ||
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} | ||
ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} | ||
|
||
- name: Clean Up OIDC Token File Path | ||
run: rm -f "${RUNNER_TEMP}/oidc-token.jwt" | ||
if: always() | ||
|
||
- name: Clean Up Client ID Path | ||
run: rm -f "${RUNNER_TEMP}/client-id" | ||
if: always() | ||
|
||
- name: Clean Up Client Secret Path | ||
run: rm -f "${RUNNER_TEMP}/client-secret" | ||
if: always() | ||
|
||
save-artifacts-on-fail: | ||
if: ${{ needs.secrets-check.result }} == 'failure' || ${{ needs.provider-tests.result }} == 'failure' | ||
uses: ./.github/workflows/save-artifacts.yaml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
--- | ||
name: Pull Request New Commit | ||
|
||
permissions: | ||
pull-requests: write | ||
|
||
on: | ||
pull_request_target: | ||
types: [synchronize] | ||
|
||
jobs: | ||
remove-waiting-response: | ||
uses: ./.github/workflows/remove-issue-label.yaml | ||
with: | ||
label-name: "waiting-response" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
--- | ||
name: "Pull Request Reviewed Workflow" | ||
|
||
on: | ||
workflow_run: | ||
workflows: | ||
- "Pull Request Reviewed" | ||
types: | ||
- completed | ||
|
||
permissions: | ||
pull-requests: write | ||
|
||
jobs: | ||
add-or-remove-waiting-response: | ||
runs-on: ubuntu-latest | ||
outputs: | ||
ghrepo: ${{ steps.env_vars.outputs.ghrepo }} | ||
ghowner: ${{ steps.env_vars.outputs.ghowner }} | ||
prnumber: ${{ steps.env_vars.outputs.prnumber }} | ||
action: ${{ steps.env_vars.outputs.action }} | ||
artifact_outcome: ${{ steps.env_vars.outputs.artifact_outcome }} | ||
steps: | ||
- name: Get Artifact | ||
id: get_artifact | ||
continue-on-error: true | ||
uses: dawidd6/action-download-artifact@246dbf436b23d7c49e21a7ab8204ca9ecd1fe615 # v2.27.0 | ||
with: | ||
github_token: ${{secrets.GITHUB_TOKEN}} | ||
workflow: pull-request-reviewed.yaml | ||
|
||
- name: env_vars | ||
id: env_vars | ||
if: steps.get_artifact.outcome == 'success' | ||
run: | | ||
echo "ghrepo=$(cat artifact/ghrepo.txt)" >>${GITHUB_OUTPUT} | ||
echo "ghowner=$(cat artifact/ghowner.txt)" >>${GITHUB_OUTPUT} | ||
echo "prnumber=$(cat artifact/prnumber.txt)" >>${GITHUB_OUTPUT} | ||
echo "action=$(cat artifact/action.txt)" >>${GITHUB_OUTPUT} | ||
echo "artifact_outcome=success" >>${GITHUB_OUTPUT} | ||
add-waiting-reponse: | ||
needs: add-or-remove-waiting-response | ||
runs-on: ubuntu-latest | ||
if: needs.add-or-remove-waiting-response.outputs.artifact_outcome == 'success' && needs.add-or-remove-waiting-response.outputs.action == 'add-waiting-response' | ||
steps: | ||
- run: | | ||
curl -X POST -H "Accept: application/vnd.github+json" -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" "https://api.github.com/repos${{ needs.add-or-remove-waiting-response.outputs.ghowner }}/${{ needs.add-or-remove-waiting-response.outputs.ghrepo }}/issues/${{ needs.add-or-remove-waiting-response.outputs.prnumber }}/labels" -d '{"labels":["waiting-response"]}' | ||
remove-waiting-reponse: | ||
needs: add-or-remove-waiting-response | ||
if: needs.add-or-remove-waiting-response.outputs.artifact_outcome == 'success' && needs.add-or-remove-waiting-response.outputs.action == 'remove-waiting-response' | ||
uses: ./.github/workflows/remove-issue-label.yaml | ||
with: | ||
label-name: "waiting-response" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
--- | ||
name: "Pull Request Reviewed" | ||
|
||
on: | ||
pull_request_review: | ||
types: [submitted] | ||
|
||
permissions: | ||
pull-requests: read | ||
|
||
jobs: | ||
add-or-remove-waiting-response: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: "Set Artifacts for add-waiting-response" | ||
if: github.event.review.state != 'approved' && github.actor != github.event.pull_request.user.login | ||
shell: bash | ||
run: | | ||
mkdir -p wr_actions | ||
echo ${{ github.owner }} > wr_actions/ghowner.txt | ||
echo ${{ github.repository }} > wr_actions/ghrepo.txt | ||
echo ${{ github.event.pull_request.number }} > wr_actions/prnumber.txt | ||
echo "add-waiting-response" > wr_actions/action.txt | ||
- name: "Set Artifacts for remove-waiting-response" | ||
if: github.actor == github.event.pull_request.user.login | ||
shell: bash | ||
run: | | ||
mkdir -p wr_actions | ||
echo ${{ github.owner }} > wr_actions/ghowner.txt | ||
echo ${{ github.repository }} > wr_actions/ghrepo.txt | ||
echo ${{ github.event.pull_request.number }} > wr_actions/prnumber.txt | ||
echo "remove-waiting-response" > wr_actions/action.txt | ||
- uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 | ||
with: | ||
name: artifact | ||
path: wr_actions |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.