fix: pin google provider and terraform versions due to breaking changes #427
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI - Integration Tests | |
| on: | |
| pull_request: | |
| branches: | |
| - master | |
| push: | |
| branches: | |
| - master | |
| workflow_dispatch: | |
| concurrency: terraform | |
| jobs: | |
| integration_test: | |
| name: Test-Kitchen | |
| runs-on: ubuntu-latest | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_QA_CLOUDNATIVE_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_QA_CLOUDNATIVE_SECRET_ACCESS_KEY }} | |
| AWS_REGION: ${{ secrets.AWS_REGION }} | |
| TF_VAR_project_id: ${{secrets.GCP_DRAIOS_PROJECT_ID}} | |
| TF_VAR_organization_domain: ${{secrets.GCP_DRAIOS_ORG_DOMAIN}} | |
| TF_VAR_sysdig_secure_api_token: ${{secrets.KUBELAB_SECURE_API_TOKEN}} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v2 | |
| - uses: ruby/setup-ruby@v1 | |
| with: | |
| ruby-version: 2.7 | |
| bundler-cache: true | |
| - name: Set up gcloud Cloud SDK environment | |
| uses: google-github-actions/[email protected] | |
| with: | |
| project_id: ${{ secrets.GCP_DRAIOS_PROJECT_ID }} | |
| service_account_key: ${{ secrets.GCP_DRAIOS_SA_KEY }} | |
| export_default_credentials: true | |
| - name: Run single-project test | |
| run: bundle exec kitchen test "single-project-gcp" | |
| - name: Destroy single-project resources | |
| if: ${{ failure() }} | |
| run: bundle exec kitchen destroy "single-project-gcp" | |
| - name: Run organization test | |
| run: bundle exec kitchen test "organization-gcp" | |
| - name: Destroy organization resources | |
| if: ${{ failure() }} | |
| run: bundle exec kitchen destroy "organization-gcp" | |
| # organization-optimized-compliance | |
| # - name: Run organization test | |
| # run: bundle exec kitchen test "organization-optimized-compliance" | |
| # | |
| # - name: Destroy organization resources | |
| # if: ${{ failure() }} | |
| # run: bundle exec kitchen destroy "organization-optimized-compliance" | |
| - name: Create kind cluster | |
| uses: helm/[email protected] | |
| - name: Run single-project-k8s test | |
| run: bundle exec kitchen test "single-project-k8s-gcp" | |
| - name: Inspect k8s failures | |
| if: ${{ failure() }} | |
| run: | | |
| kubectl get namespaces | |
| # removing get deployments and pods because of random name in GCP | |
| - name: Destroy single-project-k8s resources | |
| if: ${{ failure() }} | |
| run: bundle exec kitchen destroy "single-project-k8s-gcp" |