scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-01 11:08:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add ent-specific test binary build rules (#20334)

Browse Source 
This fixes the binary building on ent, except because I ran into problems with the binary-based tests there, I've included a bunch of `github.repository != 'hashicorp/vault-enterprise'` conditions to disable the binary building.  I'll fix the test problems in a future PR and remove those repo conditions.
This commit is contained in:
Nick Cabatoff
2023-04-25 10:49:34 -04:00
committed by GitHub
parent 6f7ae8b178
commit 3a3617a735
1 changed files with 58 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
.github/workflows/test-go.yml vendored
View File

@@ -61,29 +61,78 @@ jobs:
INDEX_JSON="$(jq --null-input --compact-output '. |= [inputs]' <<< "${INDEX_LIST}")" INDEX_JSON="$(jq --null-input --compact-output '. |= [inputs]' <<< "${INDEX_LIST}")"
echo "indexes=${INDEX_JSON}" >> "${GITHUB_OUTPUT}" echo "indexes=${INDEX_JSON}" >> "${GITHUB_OUTPUT}"
build-vault: build-vault:
permissions:
id-token: write # Note: this permission is explicitly required for Vault auth
contents: read
runs-on: ${{ fromJSON(inputs.runs-on) }} runs-on: ${{ fromJSON(inputs.runs-on) }}
name: Build Vault dev binary name: Build Vault dev binary
steps: steps:
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c
if: | if: |
! contains(inputs.extra-flags, '-race') && ! contains(inputs.extra-flags, '-race') &&
! contains(inputs.go-build-tags, 'fips') ! contains(inputs.go-build-tags, 'fips') &&
github.repository != 'hashicorp/vault-enterprise'
- uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613 - uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613
if: | if: |
! contains(inputs.extra-flags, '-race') && ! contains(inputs.extra-flags, '-race') &&
! contains(inputs.go-build-tags, 'fips') ! contains(inputs.go-build-tags, 'fips') &&
github.repository != 'hashicorp/vault-enterprise'
with: with:
go-version-file: ./.go-version go-version-file: ./.go-version
cache: true cache: true
- name: Authenticate to Vault
id: vault-auth
if: github.repository == 'hashicorp/vault-enterprise'
run: vault-auth
- name: Fetch Secrets
id: secrets
if: github.repository == 'hashicorp/vault-enterprise'
uses: hashicorp/vault-action@130d1f5f4fe645bb6c83e4225c04d64cfb62de6e
with:
url: ${{ steps.vault-auth.outputs.addr }}
caCertificate: ${{ steps.vault-auth.outputs.ca_certificate }}
token: ${{ steps.vault-auth.outputs.token }}
secrets: |
kv/data/github/${{ github.repository }}/datadog-ci DATADOG_API_KEY;
kv/data/github/${{ github.repository }}/github-token username-and-token | github-token;
kv/data/github/${{ github.repository }}/license license_1 | VAULT_LICENSE_CI;
kv/data/github/${{ github.repository }}/license license_2 | VAULT_LICENSE_2;
kv/data/github/${{ github.repository }}/hcp-link HCP_API_ADDRESS;
kv/data/github/${{ github.repository }}/hcp-link HCP_AUTH_URL;
kv/data/github/${{ github.repository }}/hcp-link HCP_CLIENT_ID;
kv/data/github/${{ github.repository }}/hcp-link HCP_CLIENT_SECRET;
kv/data/github/${{ github.repository }}/hcp-link HCP_RESOURCE_ID;
- id: setup-git-private
name: Setup Git configuration (private)
if: github.repository == 'hashicorp/vault-enterprise'
run: |
git config --global url."https://${{ steps.secrets.outputs.github-token }}@github.com".insteadOf https://github.com
- id: setup-git-public
name: Setup Git configuration (public)
if: github.repository != 'hashicorp/vault-enterprise'
run: |
git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN}}@github.com".insteadOf https://github.com
- id: go-mod-download
if: |
! contains(inputs.extra-flags, '-race') &&
! contains(inputs.go-build-tags, 'fips') &&
github.repository != 'hashicorp/vault-enterprise'
env:
GOPRIVATE: github.com/hashicorp/*
run: time go mod download -x
- id: build - id: build
if: | if: |
! contains(inputs.extra-flags, '-race') && ! contains(inputs.extra-flags, '-race') &&
! contains(inputs.go-build-tags, 'fips') ! contains(inputs.go-build-tags, 'fips') &&
run: make ci-bootstrap dev github.repository != 'hashicorp/vault-enterprise'
env:
GOPRIVATE: github.com/hashicorp/*
run: time make ci-bootstrap dev
- name: Save dev binary - name: Save dev binary
if: | if: |
! contains(inputs.extra-flags, '-race') && ! contains(inputs.extra-flags, '-race') &&
! contains(inputs.go-build-tags, 'fips') ! contains(inputs.go-build-tags, 'fips') &&
github.repository != 'hashicorp/vault-enterprise'
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce
with: with:
name: vault-dev name: vault-dev
@@ -149,7 +198,8 @@ jobs:
- name: Retrieve vault dev binary - name: Retrieve vault dev binary
if: | if: |
! contains(inputs.extra-flags, '-race') && ! contains(inputs.extra-flags, '-race') &&
! contains(inputs.go-build-tags, 'fips') ! contains(inputs.go-build-tags, 'fips') &&
github.repository != 'hashicorp/vault-enterprise'
uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b
with: with:
name: vault-dev name: vault-dev
@@ -157,7 +207,8 @@ jobs:
- name: Make vault dev binary executable - name: Make vault dev binary executable
if: | if: |
! contains(inputs.extra-flags, '-race') && ! contains(inputs.extra-flags, '-race') &&
! contains(inputs.go-build-tags, 'fips') ! contains(inputs.go-build-tags, 'fips') &&
github.repository != 'hashicorp/vault-enterprise'
run: chmod a+x bin/vault run: chmod a+x bin/vault
- id: run-go-tests - id: run-go-tests
name: Run Go tests name: Run Go tests