-
-
Notifications
You must be signed in to change notification settings - Fork 1
125 lines (99 loc) · 3.12 KB
/
test-iamlive-action.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
name: Test iamlive action
on:
push:
pull_request:
types: [opened, synchronize, reopened]
jobs:
check-dist:
name: Check dist
runs-on: ubuntu-22.04
permissions:
contents: read
steps:
- name: Check out code
uses: actions/[email protected]
- name: Setup Node
uses: actions/[email protected]
with:
node-version: '20'
- name: Setup pnpm
run: npm install --location=global pnpm
- name: Install dependencies
run: pnpm install
- name: Check diff is up to date
run: |
pnpm build
git diff --quiet -- dist || {
echo "::error::The ./dist is outdated, run 'pnpm build' and commit"
exit 1
}
utilize:
name: Use iamlive action
runs-on: ubuntu-22.04
needs: [check-dist]
permissions:
contents: read
env:
AWS_CSM_ENABLED: 'true'
strategy:
fail-fast: true
matrix:
iamliveVersion: [v1.1.8, v1.1.11]
steps:
- name: Check out code
uses: actions/[email protected]
- name: Setup Node
uses: actions/[email protected]
with:
node-version: '20'
- name: Setup Python
uses: actions/[email protected]
with:
python-version: '3.x'
- name: Setup iamlive
id: setup-iamlive
uses: ./
with:
iamlive-version: ${{ matrix.iamliveVersion }}
auto-capture: true
output-file: ./test-policy-${{ matrix.iamliveVersion }}.json
- name: Check output and installPath
run: |
[ "${IAMLIVE_VERSION}" == ${{ matrix.iamliveVersion }} ] || { echo >&2 "::error::Expected ${{ matrix.iamliveVersion }} to be installed."; exit 1; }
hash iamlive 2>/dev/null || { echo >&2 "iamlive can not be found in the PATH."; exit 1; }
echo "::notice::Installed iamlive ${IAMLIVE_VERSION} at $(which iamlive)"
env:
IAMLIVE_VERSION: ${{ steps.setup-iamlive.outputs.iamlive-version }}
- name: Setup LocalStack
run: |
pip install localstack awscli-local[ver1]
docker pull localstack/localstack
localstack start -d
echo "Waiting for LocalStack startup..."
localstack wait -t 30
echo "Startup complete"
- name: Call a bunch of aws apis
run: |
awslocal s3 mb s3://test
awslocal s3 ls
- name: Is iamlive still running
run: ps aux | grep iamlive
assert:
name: Assert policy
runs-on: ubuntu-22.04
needs: [utilize]
strategy:
fail-fast: true
matrix:
iamliveVersion: [v1.1.8, v1.1.11]
steps:
- name: download-policy
uses: actions/[email protected]
with:
name: test-policy-${{ matrix.iamliveVersion }}.json
- name: check-policy
run: |
echo "assert policy has file"
cat test-policy-${{ matrix.iamliveVersion }}.json
cat test-policy-${{ matrix.iamliveVersion }}.json | grep 's3:CreateBucket'
cat test-policy-${{ matrix.iamliveVersion }}.json | grep 's3:ListAllMyBuckets'