From 50de72b0d0de03720441fdcb3bdfa664f8b85606 Mon Sep 17 00:00:00 2001
From: Langleu <lars.lange@camunda.com>
Date: Tue, 19 Nov 2024 10:24:34 +0100
Subject: [PATCH] try out infra access

---
 .github/workflows/test-infra-access.yml | 36 +++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 .github/workflows/test-infra-access.yml

diff --git a/.github/workflows/test-infra-access.yml b/.github/workflows/test-infra-access.yml
new file mode 100644
index 0000000..a14d13c
--- /dev/null
+++ b/.github/workflows/test-infra-access.yml
@@ -0,0 +1,36 @@
+---
+name: Confirm Infra Access
+
+on:
+    push:
+
+permissions:
+    id-token: write
+
+jobs:
+    dummy-job:
+        runs-on: ubuntu-latest
+
+        steps:
+            - name: Checkout repository
+              uses: actions/checkout@v4
+            - name: Install Kubectl
+              uses: azure/setup-kubectl@v3
+            - uses: teleport-actions/setup@v1
+              with:
+                  version: 16.4.3
+            - uses: teleport-actions/auth-k8s@v2
+              with:
+                  proxy: camunda.teleport.sh:443
+                  token: infra-ci-prod-github-action-infraex
+                  kubernetes-cluster: camunda-ci-eks
+            - run: |
+                  kubectl version
+                  kubectl auth whoami  # see the impersonated users/groups
+                  kubectl get ns
+                  kubectl delete ns infraex-test-space
+                  kubectl create ns infraex-test-space
+                  kubectl label namespace infraex-test-space janitor/ttl=1h
+                  kubectl label namespace infraex-test-space camunda.cloud/ephemeral=true
+                  kubectl get ns infraex-test-space -o yaml
+                  kubectl delete ns infraex-test-space