Update bug bounty process (#216) #257
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Run acceptance tests | |
on: | |
push: | |
# Workflow dispatch listener to enable on-demand acceptance test runs on external PRs. | |
# How to use this: | |
# * Do a sanity check on the submitted PR | |
# * Copy the most recent commit hash of the PR branch | |
# * Go to 'Actions' -> 'Run acceptance tests' -> 'Run workflow' | |
# * Fill in the following: | |
# * `checkout-repo`: `<PR author>/connect-helm-charts` | |
# * `checkout-ref`: <copied commit hash> | |
# * `branch`: `acceptance-tests-on-forks` | |
workflow_dispatch: | |
inputs: | |
checkout-repo: | |
required: false | |
checkout-ref: | |
required: false | |
jobs: | |
test: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
repository: ${{ github.event.inputs.checkout-repo }} | |
ref: ${{ github.event.inputs.checkout-ref }} | |
- name: Set up Helm | |
uses: azure/setup-helm@v1 | |
with: | |
version: v3.4.1 | |
- name: Set up ct CLI | |
uses: helm/chart-testing-action@v2.1.0 | |
with: | |
version: v3.4.0 | |
- name: Check if chart has changed | |
id: list-changed | |
run: | | |
changed=$(ct list-changed --config ct.yaml) | |
if [[ -n "$changed" ]]; then | |
echo "::set-output name=changed::true" | |
fi | |
- name: Install yq | |
run: sudo snap install yq | |
if: steps.list-changed.outputs.changed == 'true' | |
- name: Add fixtures to YAML test cases | |
env: | |
OP_CONNECT_CREDENTIALS: ${{ secrets.OP_CONNECT_CREDENTIALS }} | |
OP_CONNECT_TOKEN: ${{ secrets.OP_CONNECT_TOKEN }} | |
run: | | |
cat > fixtures.yaml << EOF | |
acceptanceTests: | |
enabled: true | |
fixtures: | |
vaultId: v5pz6venw4roosmkzdq2nhpv6u | |
itemId: hrgkzhrlvscomepxlgafb2m3ca | |
secretValue: RGVhciBzZWN1cml0eSByZXNlYXJjaGVyLCB0aGlzIGlzIGp1c3QgYSBkdW1teSBzZWNyZXQuIFBsZWFzZSBkb24ndCByZXBvcnQgaXQu | |
EOF | |
for values_file in charts/connect/ci/*.yaml; do | |
# Add secrets | |
yq eval '.connect.credentials = strenv(OP_CONNECT_CREDENTIALS) | .operator.token.value = strenv(OP_CONNECT_TOKEN)' -i $values_file | |
# Add acceptance test fixtures | |
yq eval-all --inplace 'select(fileIndex == 0) * select(fileIndex == 1)' $values_file fixtures.yaml | |
done | |
- name: Spin up local Kubernetes cluster | |
uses: helm/kind-action@v1.2.0 | |
- name: Deploy and run acceptance tests | |
run: ct install --config ct.yaml |