github-actions: use ephemeral tokens (#2462) #999

Workflow file for this run

.github/workflows/test-linux.yml at 3ffe9b4

	name: test-linux

	on:
	push:
	branches:
	- main
	paths-ignore:
	- '*.md'
	- '*.asciidoc'
	- 'docs/**'
	pull_request:
	paths-ignore:
	- '*.md'
	- '*.asciidoc'
	- 'docs/**'

	permissions:
	contents: read

	concurrency:
	group: '${{ github.workflow }}-${{ github.ref }}'
	cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}

	defaults:
	run:
	shell: bash

	env:
	NUGET_PACKAGES: ${{ github.workspace }}/.nuget/packages


	# 'pack' & 'tests' are required checks in this workflow.

	# To not burn unneeded CI cycles:
	# - Our required checks will always succeed if doc only changes are detected.
	# - all jobs depend on 'format' to not waste cycles on quickly fixable errors.

	jobs:

	format:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- name: Bootstrap Action Workspace
	uses: ./.github/workflows/bootstrap
	- name: Format
	run: ./build.sh format

	#required step
	pack:
	runs-on: ubuntu-latest
	needs: [ 'format' ]
	steps:
	- uses: actions/checkout@v4
	- name: Bootstrap Action Workspace
	uses: ./.github/workflows/bootstrap
	with:
	rust: 'true'

	- name: Package
	run: ./build.sh pack

	#required step
	tests:
	runs-on: ubuntu-latest
	needs: [ 'format' ]
	timeout-minutes: 30

	steps:
	- uses: actions/checkout@v4
	- name: Bootstrap Action Workspace
	uses: ./.github/workflows/bootstrap

	- name: 'Tests: Unit'
	run: ./build.sh test --test-suite unit

	azure-tests:
	runs-on: ubuntu-latest
	needs: [ 'format', 'tests' ]
	if: \|
	github.event_name != 'pull_request'
	\|\| github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false
	env:
	ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
	ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
	ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
	ARM_USE_OIDC: true
	AZURE_RESOURCE_GROUP_PREFIX: ci-dotnet-${{ github.run_id }}
	permissions:
	contents: read
	id-token: write
	steps:
	- uses: actions/checkout@v4
	- name: Bootstrap Action Workspace
	uses: ./.github/workflows/bootstrap
	with:
	azure: 'true'

	- name: 'Az CLI login'
	uses: azure/login@a65d910e8af852a8061c627c456678983e180302 # v2.2.0
	with:
	client-id: ${{ secrets.ARM_CLIENT_ID }}
	tenant-id: ${{ secrets.ARM_TENANT_ID }}
	subscription-id: ${{ secrets.ARM_SUBSCRIPTION_ID }}

	- name: 'Tests: Azure'
	run: ./build.sh test --test-suite azure

	- name: 'Teardown tests infra'
	if: ${{ always() }}
	run: \|
	for group in $(az group list --query "[?name \| starts_with(@,'${{ env.AZURE_RESOURCE_GROUP_PREFIX }}')]" --out json \| jq .[].name --raw-output); do
	az group delete --name "${group}" --no-wait --yes
	done

	integration-tests:
	runs-on: ubuntu-latest
	needs: [ 'format', 'tests' ]
	steps:
	- uses: actions/checkout@v4
	- name: Bootstrap Action Workspace
	uses: ./.github/workflows/bootstrap

	- name: 'Tests: Integrations'
	run: ./build.sh test --test-suite integrations

	startup-hook-tests:
	runs-on: ubuntu-latest
	needs: [ 'format', 'tests' ]
	steps:
	- uses: actions/checkout@v4
	- name: Bootstrap Action Workspace
	uses: ./.github/workflows/bootstrap

	- name: 'Tests: StartupHooks'
	run: ./build.sh test --test-suite startuphooks

	profiler-tests:
	runs-on: ubuntu-latest
	needs: [ 'format', 'tests' ]
	steps:
	- uses: actions/checkout@v4
	- name: Bootstrap Action Workspace
	id: bootstrap
	uses: ./.github/workflows/bootstrap
	with:
	rust: 'true'

	- name: 'Tests: Profiler'
	run: ./build.sh test --test-suite profiler

	- name: Build Profiler Docker Image
	run: \|
	docker build . -t docker.elastic.co/observability/apm-agent-dotnet:${{ steps.bootstrap.outputs.agent-version }} \
	--build-arg AGENT_ZIP_FILE=build/output/elastic_apm_profiler_${{ steps.bootstrap.outputs.agent-version }}-linux-x64.zip

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

github-actions: use ephemeral tokens (#2462) #999

Workflow file

github-actions: use ephemeral tokens (#2462) #999

Jobs

Run details

Workflow file for this run