ci: Directly check for needed secrets before testing against cloud #704
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Continuous Integration | |
on: | |
pull_request: | |
push: | |
branches: | |
- main | |
jobs: | |
build-test: | |
strategy: | |
fail-fast: true | |
matrix: | |
os: [ubuntu-latest, macos-latest, macos-13, windows-latest, ubuntu-arm] | |
include: | |
- os: ubuntu-latest | |
checkGenCodeTarget: true | |
cloudTestTarget: true | |
- os: ubuntu-arm | |
runsOn: buildjet-4vcpu-ubuntu-2204-arm | |
runs-on: ${{ matrix.runsOn || matrix.os }} | |
env: | |
# We can't check this directly in the cloud test's `if:` condition below, | |
# so we have to check it here and report it in an env variable. | |
HAS_SECRETS: ${{ secrets.TEMPORAL_CLIENT_CERT != '' && secrets.TEMPORAL_CLIENT_KEY != '' }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version-file: 'go.mod' | |
- name: Install gotestsum | |
run: go install gotest.tools/gotestsum@latest | |
- name: Create junit-xml directory | |
run: mkdir junit-xml | |
- name: Test | |
run: gotestsum --junitfile junit-xml/${{matrix.os}}.xml -- ./... | |
- name: 'Upload junit-xml artifacts' | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: junit-xml--${{github.run_id}}--${{github.run_attempt}}--${{matrix.os}} | |
path: junit-xml | |
retention-days: 14 | |
- name: Regen code, confirm unchanged | |
if: ${{ matrix.checkGenCodeTarget }} | |
run: | | |
go run ./temporalcli/internal/cmd/gen-commands | |
git diff --exit-code | |
- name: Test cloud | |
if: ${{ matrix.cloudTestTarget && env.HAS_SECRETS == 'true' }} | |
env: | |
TEMPORAL_ADDRESS: ${{ vars.TEMPORAL_CLIENT_NAMESPACE }}.tmprl.cloud:7233 | |
TEMPORAL_NAMESPACE: ${{ vars.TEMPORAL_CLIENT_NAMESPACE }} | |
TEMPORAL_TLS_CERT: client.crt | |
TEMPORAL_TLS_CERT_CONTENT: ${{ secrets.TEMPORAL_CLIENT_CERT }} | |
TEMPORAL_TLS_KEY: client.key | |
TEMPORAL_TLS_KEY_CONTENT: ${{ secrets.TEMPORAL_CLIENT_KEY }} | |
shell: bash | |
run: | | |
printf '%s\n' "$TEMPORAL_TLS_CERT_CONTENT" >> client.crt | |
printf '%s\n' "$TEMPORAL_TLS_KEY_CONTENT" >> client.key | |
go run ./cmd/temporal workflow list --limit 2 |