ci:upload test results to datadog (#17206)
* WIP * ci:upload test results to datadog * fix use of envvar in expression * getting correct permission in reusable-unit.yml * getting correct permission in reusable-unit.yml * fixing DATADOG_API_KEY envvar expresssion * pass datadog-api-key * removing type from datadog-api-key
This commit is contained in:
parent
f72d75d6b2
commit
281e1696ca
42
.github/workflows/go-tests.yml
vendored
42
.github/workflows/go-tests.yml
vendored
|
@ -21,7 +21,6 @@ permissions:
|
||||||
|
|
||||||
env:
|
env:
|
||||||
TEST_RESULTS: /tmp/test-results
|
TEST_RESULTS: /tmp/test-results
|
||||||
GOTESTSUM_VERSION: 1.8.2
|
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
setup:
|
setup:
|
||||||
|
@ -215,6 +214,7 @@ jobs:
|
||||||
# secrets:
|
# secrets:
|
||||||
# elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
# elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
||||||
# consul-license: ${{secrets.CONSUL_LICENSE}}
|
# consul-license: ${{secrets.CONSUL_LICENSE}}
|
||||||
|
# datadog-api-key: "${{ !endsWith(github.repository, '-enterprise') && secrets.DATADOG_API_KEY || '' }}"
|
||||||
|
|
||||||
go-test-oss:
|
go-test-oss:
|
||||||
needs:
|
needs:
|
||||||
|
@ -227,9 +227,13 @@ jobs:
|
||||||
runs-on: ${{ needs.setup.outputs.compute-xl }}
|
runs-on: ${{ needs.setup.outputs.compute-xl }}
|
||||||
repository-name: ${{ github.repository }}
|
repository-name: ${{ github.repository }}
|
||||||
go-tags: ""
|
go-tags: ""
|
||||||
|
permissions:
|
||||||
|
id-token: write # NOTE: this permission is explicitly required for Vault auth.
|
||||||
|
contents: read
|
||||||
secrets:
|
secrets:
|
||||||
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
||||||
consul-license: ${{secrets.CONSUL_LICENSE}}
|
consul-license: ${{secrets.CONSUL_LICENSE}}
|
||||||
|
datadog-api-key: "${{ !endsWith(github.repository, '-enterprise') && secrets.DATADOG_API_KEY || '' }}"
|
||||||
|
|
||||||
go-test-enterprise:
|
go-test-enterprise:
|
||||||
if: ${{ endsWith(github.repository, '-enterprise') }}
|
if: ${{ endsWith(github.repository, '-enterprise') }}
|
||||||
|
@ -243,9 +247,13 @@ jobs:
|
||||||
runs-on: ${{ needs.setup.outputs.compute-xl }}
|
runs-on: ${{ needs.setup.outputs.compute-xl }}
|
||||||
repository-name: ${{ github.repository }}
|
repository-name: ${{ github.repository }}
|
||||||
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}"
|
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}"
|
||||||
|
permissions:
|
||||||
|
id-token: write # NOTE: this permission is explicitly required for Vault auth.
|
||||||
|
contents: read
|
||||||
secrets:
|
secrets:
|
||||||
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
||||||
consul-license: ${{secrets.CONSUL_LICENSE}}
|
consul-license: ${{secrets.CONSUL_LICENSE}}
|
||||||
|
datadog-api-key: "${{ !endsWith(github.repository, '-enterprise') && secrets.DATADOG_API_KEY || '' }}"
|
||||||
|
|
||||||
go-test-race:
|
go-test-race:
|
||||||
needs:
|
needs:
|
||||||
|
@ -259,9 +267,13 @@ jobs:
|
||||||
runs-on: ${{ needs.setup.outputs.compute-xl }}
|
runs-on: ${{ needs.setup.outputs.compute-xl }}
|
||||||
repository-name: ${{ github.repository }}
|
repository-name: ${{ github.repository }}
|
||||||
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}"
|
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}"
|
||||||
|
permissions:
|
||||||
|
id-token: write # NOTE: this permission is explicitly required for Vault auth.
|
||||||
|
contents: read
|
||||||
secrets:
|
secrets:
|
||||||
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
||||||
consul-license: ${{secrets.CONSUL_LICENSE}}
|
consul-license: ${{secrets.CONSUL_LICENSE}}
|
||||||
|
datadog-api-key: "${{ !endsWith(github.repository, '-enterprise') && secrets.DATADOG_API_KEY || '' }}"
|
||||||
|
|
||||||
go-test-32bit:
|
go-test-32bit:
|
||||||
needs:
|
needs:
|
||||||
|
@ -275,9 +287,13 @@ jobs:
|
||||||
runs-on: ${{ needs.setup.outputs.compute-xl }}
|
runs-on: ${{ needs.setup.outputs.compute-xl }}
|
||||||
repository-name: ${{ github.repository }}
|
repository-name: ${{ github.repository }}
|
||||||
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}"
|
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}"
|
||||||
|
permissions:
|
||||||
|
id-token: write # NOTE: this permission is explicitly required for Vault auth.
|
||||||
|
contents: read
|
||||||
secrets:
|
secrets:
|
||||||
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
||||||
consul-license: ${{secrets.CONSUL_LICENSE}}
|
consul-license: ${{secrets.CONSUL_LICENSE}}
|
||||||
|
datadog-api-key: "${{ !endsWith(github.repository, '-enterprise') && secrets.DATADOG_API_KEY || '' }}"
|
||||||
|
|
||||||
go-test-envoyextensions:
|
go-test-envoyextensions:
|
||||||
needs:
|
needs:
|
||||||
|
@ -289,9 +305,13 @@ jobs:
|
||||||
runs-on: ${{ needs.setup.outputs.compute-xl }}
|
runs-on: ${{ needs.setup.outputs.compute-xl }}
|
||||||
repository-name: ${{ github.repository }}
|
repository-name: ${{ github.repository }}
|
||||||
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}"
|
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}"
|
||||||
|
permissions:
|
||||||
|
id-token: write # NOTE: this permission is explicitly required for Vault auth.
|
||||||
|
contents: read
|
||||||
secrets:
|
secrets:
|
||||||
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
||||||
consul-license: ${{secrets.CONSUL_LICENSE}}
|
consul-license: ${{secrets.CONSUL_LICENSE}}
|
||||||
|
datadog-api-key: "${{ !endsWith(github.repository, '-enterprise') && secrets.DATADOG_API_KEY || '' }}"
|
||||||
|
|
||||||
go-test-troubleshoot:
|
go-test-troubleshoot:
|
||||||
needs:
|
needs:
|
||||||
|
@ -303,9 +323,13 @@ jobs:
|
||||||
runs-on: ${{ needs.setup.outputs.compute-xl }}
|
runs-on: ${{ needs.setup.outputs.compute-xl }}
|
||||||
repository-name: ${{ github.repository }}
|
repository-name: ${{ github.repository }}
|
||||||
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}"
|
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}"
|
||||||
|
permissions:
|
||||||
|
id-token: write # NOTE: this permission is explicitly required for Vault auth.
|
||||||
|
contents: read
|
||||||
secrets:
|
secrets:
|
||||||
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
||||||
consul-license: ${{secrets.CONSUL_LICENSE}}
|
consul-license: ${{secrets.CONSUL_LICENSE}}
|
||||||
|
datadog-api-key: "${{ !endsWith(github.repository, '-enterprise') && secrets.DATADOG_API_KEY || '' }}"
|
||||||
|
|
||||||
go-test-api-1-19:
|
go-test-api-1-19:
|
||||||
needs:
|
needs:
|
||||||
|
@ -317,9 +341,13 @@ jobs:
|
||||||
runs-on: ${{ needs.setup.outputs.compute-xl }}
|
runs-on: ${{ needs.setup.outputs.compute-xl }}
|
||||||
repository-name: ${{ github.repository }}
|
repository-name: ${{ github.repository }}
|
||||||
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}"
|
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}"
|
||||||
|
permissions:
|
||||||
|
id-token: write # NOTE: this permission is explicitly required for Vault auth.
|
||||||
|
contents: read
|
||||||
secrets:
|
secrets:
|
||||||
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
||||||
consul-license: ${{secrets.CONSUL_LICENSE}}
|
consul-license: ${{secrets.CONSUL_LICENSE}}
|
||||||
|
datadog-api-key: "${{ !endsWith(github.repository, '-enterprise') && secrets.DATADOG_API_KEY || '' }}"
|
||||||
|
|
||||||
go-test-api-1-20:
|
go-test-api-1-20:
|
||||||
needs:
|
needs:
|
||||||
|
@ -331,9 +359,13 @@ jobs:
|
||||||
runs-on: ${{ needs.setup.outputs.compute-xl }}
|
runs-on: ${{ needs.setup.outputs.compute-xl }}
|
||||||
repository-name: ${{ github.repository }}
|
repository-name: ${{ github.repository }}
|
||||||
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}"
|
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}"
|
||||||
|
permissions:
|
||||||
|
id-token: write # NOTE: this permission is explicitly required for Vault auth.
|
||||||
|
contents: read
|
||||||
secrets:
|
secrets:
|
||||||
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
||||||
consul-license: ${{secrets.CONSUL_LICENSE}}
|
consul-license: ${{secrets.CONSUL_LICENSE}}
|
||||||
|
datadog-api-key: "${{ !endsWith(github.repository, '-enterprise') && secrets.DATADOG_API_KEY || '' }}"
|
||||||
|
|
||||||
go-test-sdk-1-19:
|
go-test-sdk-1-19:
|
||||||
needs:
|
needs:
|
||||||
|
@ -345,9 +377,13 @@ jobs:
|
||||||
runs-on: ${{ needs.setup.outputs.compute-xl }}
|
runs-on: ${{ needs.setup.outputs.compute-xl }}
|
||||||
repository-name: ${{ github.repository }}
|
repository-name: ${{ github.repository }}
|
||||||
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}"
|
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}"
|
||||||
|
permissions:
|
||||||
|
id-token: write # NOTE: this permission is explicitly required for Vault auth.
|
||||||
|
contents: read
|
||||||
secrets:
|
secrets:
|
||||||
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
||||||
consul-license: ${{secrets.CONSUL_LICENSE}}
|
consul-license: ${{secrets.CONSUL_LICENSE}}
|
||||||
|
datadog-api-key: "${{ !endsWith(github.repository, '-enterprise') && secrets.DATADOG_API_KEY || '' }}"
|
||||||
|
|
||||||
go-test-sdk-1-20:
|
go-test-sdk-1-20:
|
||||||
needs:
|
needs:
|
||||||
|
@ -359,9 +395,13 @@ jobs:
|
||||||
runs-on: ${{ needs.setup.outputs.compute-xl }}
|
runs-on: ${{ needs.setup.outputs.compute-xl }}
|
||||||
repository-name: ${{ github.repository }}
|
repository-name: ${{ github.repository }}
|
||||||
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}"
|
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}"
|
||||||
|
permissions:
|
||||||
|
id-token: write # NOTE: this permission is explicitly required for Vault auth.
|
||||||
|
contents: read
|
||||||
secrets:
|
secrets:
|
||||||
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
||||||
consul-license: ${{secrets.CONSUL_LICENSE}}
|
consul-license: ${{secrets.CONSUL_LICENSE}}
|
||||||
|
datadog-api-key: "${{ !endsWith(github.repository, '-enterprise') && secrets.DATADOG_API_KEY || '' }}"
|
||||||
|
|
||||||
noop:
|
noop:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|
33
.github/workflows/reusable-unit-split.yml
vendored
33
.github/workflows/reusable-unit-split.yml
vendored
|
@ -42,6 +42,8 @@ on:
|
||||||
required: true
|
required: true
|
||||||
consul-license:
|
consul-license:
|
||||||
required: true
|
required: true
|
||||||
|
datadog-api-key:
|
||||||
|
required: true
|
||||||
env:
|
env:
|
||||||
TEST_RESULTS: /tmp/test-results
|
TEST_RESULTS: /tmp/test-results
|
||||||
GOTESTSUM_VERSION: 1.8.2
|
GOTESTSUM_VERSION: 1.8.2
|
||||||
|
@ -49,6 +51,7 @@ env:
|
||||||
TOTAL_RUNNERS: ${{inputs.runner-count}}
|
TOTAL_RUNNERS: ${{inputs.runner-count}}
|
||||||
CONSUL_LICENSE: ${{secrets.consul-license}}
|
CONSUL_LICENSE: ${{secrets.consul-license}}
|
||||||
GOTAGS: ${{ inputs.go-tags}}
|
GOTAGS: ${{ inputs.go-tags}}
|
||||||
|
DATADOG_API_KEY: ${{secrets.datadog-api-key}}
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
set-test-package-matrix:
|
set-test-package-matrix:
|
||||||
|
@ -128,6 +131,36 @@ jobs:
|
||||||
-tags="${{env.GOTAGS}}" -p 2 \
|
-tags="${{env.GOTAGS}}" -p 2 \
|
||||||
${GO_TEST_FLAGS-} \
|
${GO_TEST_FLAGS-} \
|
||||||
-cover -coverprofile=coverage.txt
|
-cover -coverprofile=coverage.txt
|
||||||
|
|
||||||
|
# NOTE: ENT specific step as we store secrets in Vault.
|
||||||
|
- name: Authenticate to Vault
|
||||||
|
if: ${{ endsWith(github.repository, '-enterprise') }}
|
||||||
|
id: vault-auth
|
||||||
|
run: vault-auth
|
||||||
|
|
||||||
|
# NOTE: ENT specific step as we store secrets in Vault.
|
||||||
|
- name: Fetch Secrets
|
||||||
|
if: ${{ endsWith(github.repository, '-enterprise') }}
|
||||||
|
id: secrets
|
||||||
|
uses: hashicorp/vault-action@v2.5.0
|
||||||
|
with:
|
||||||
|
url: ${{ steps.vault-auth.outputs.addr }}
|
||||||
|
caCertificate: ${{ steps.vault-auth.outputs.ca_certificate }}
|
||||||
|
token: ${{ steps.vault-auth.outputs.token }}
|
||||||
|
secrets: |
|
||||||
|
kv/data/github/${{ github.repository }}/datadog apikey | DATADOG_API_KEY;
|
||||||
|
|
||||||
|
- name: prepare datadog-ci
|
||||||
|
if: ${{ !endsWith(github.repository, '-enterprise') }}
|
||||||
|
run: |
|
||||||
|
curl -L --fail "https://github.com/DataDog/datadog-ci/releases/latest/download/datadog-ci_linux-x64" --output "/usr/local/bin/datadog-ci"
|
||||||
|
chmod +x /usr/local/bin/datadog-ci
|
||||||
|
|
||||||
|
- name: upload coverage
|
||||||
|
env:
|
||||||
|
DD_ENV: ci
|
||||||
|
run: datadog-ci junit upload --service "$GITHUB_REPOSITORY" ${{env.TEST_RESULTS}}/gotestsum-report.xml
|
||||||
|
|
||||||
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # pin@v3.1.2
|
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # pin@v3.1.2
|
||||||
with:
|
with:
|
||||||
name: test-results
|
name: test-results
|
||||||
|
|
33
.github/workflows/reusable-unit.yml
vendored
33
.github/workflows/reusable-unit.yml
vendored
|
@ -38,12 +38,15 @@ on:
|
||||||
required: true
|
required: true
|
||||||
consul-license:
|
consul-license:
|
||||||
required: true
|
required: true
|
||||||
|
datadog-api-key:
|
||||||
|
required: true
|
||||||
env:
|
env:
|
||||||
TEST_RESULTS: /tmp/test-results
|
TEST_RESULTS: /tmp/test-results
|
||||||
GOTESTSUM_VERSION: 1.8.2
|
GOTESTSUM_VERSION: 1.8.2
|
||||||
GOARCH: ${{inputs.go-arch}}
|
GOARCH: ${{inputs.go-arch}}
|
||||||
CONSUL_LICENSE: ${{secrets.consul-license}}
|
CONSUL_LICENSE: ${{secrets.consul-license}}
|
||||||
GOTAGS: ${{ inputs.go-tags}}
|
GOTAGS: ${{ inputs.go-tags}}
|
||||||
|
DATADOG_API_KEY: ${{secrets.datadog-api-key}}
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
go-test:
|
go-test:
|
||||||
|
@ -96,6 +99,36 @@ jobs:
|
||||||
-tags="${{env.GOTAGS}}" \
|
-tags="${{env.GOTAGS}}" \
|
||||||
${GO_TEST_FLAGS-} \
|
${GO_TEST_FLAGS-} \
|
||||||
-cover -coverprofile=coverage.txt
|
-cover -coverprofile=coverage.txt
|
||||||
|
|
||||||
|
# NOTE: ENT specific step as we store secrets in Vault.
|
||||||
|
- name: Authenticate to Vault
|
||||||
|
if: ${{ endsWith(github.repository, '-enterprise') }}
|
||||||
|
id: vault-auth
|
||||||
|
run: vault-auth
|
||||||
|
|
||||||
|
# NOTE: ENT specific step as we store secrets in Vault.
|
||||||
|
- name: Fetch Secrets
|
||||||
|
if: ${{ endsWith(github.repository, '-enterprise') }}
|
||||||
|
id: secrets
|
||||||
|
uses: hashicorp/vault-action@v2.5.0
|
||||||
|
with:
|
||||||
|
url: ${{ steps.vault-auth.outputs.addr }}
|
||||||
|
caCertificate: ${{ steps.vault-auth.outputs.ca_certificate }}
|
||||||
|
token: ${{ steps.vault-auth.outputs.token }}
|
||||||
|
secrets: |
|
||||||
|
kv/data/github/${{ github.repository }}/datadog apikey | DATADOG_API_KEY;
|
||||||
|
|
||||||
|
- name: prepare datadog-ci
|
||||||
|
if: ${{ !endsWith(github.repository, '-enterprise') }}
|
||||||
|
run: |
|
||||||
|
curl -L --fail "https://github.com/DataDog/datadog-ci/releases/latest/download/datadog-ci_linux-x64" --output "/usr/local/bin/datadog-ci"
|
||||||
|
chmod +x /usr/local/bin/datadog-ci
|
||||||
|
|
||||||
|
- name: upload coverage
|
||||||
|
env:
|
||||||
|
DD_ENV: ci
|
||||||
|
run: datadog-ci junit upload --service "$GITHUB_REPOSITORY" ${{env.TEST_RESULTS}}/gotestsum-report.xml
|
||||||
|
|
||||||
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # pin@v3.1.2
|
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # pin@v3.1.2
|
||||||
with:
|
with:
|
||||||
name: test-results
|
name: test-results
|
||||||
|
|
146
.github/workflows/test-integrations.yml
vendored
146
.github/workflows/test-integrations.yml
vendored
|
@ -54,6 +54,9 @@ jobs:
|
||||||
needs:
|
needs:
|
||||||
- setup
|
- setup
|
||||||
- dev-build
|
- dev-build
|
||||||
|
permissions:
|
||||||
|
id-token: write # NOTE: this permission is explicitly required for Vault auth.
|
||||||
|
contents: read
|
||||||
strategy:
|
strategy:
|
||||||
matrix:
|
matrix:
|
||||||
nomad-version: ['v1.3.3', 'v1.2.10', 'v1.1.16']
|
nomad-version: ['v1.3.3', 'v1.2.10', 'v1.1.16']
|
||||||
|
@ -92,12 +95,45 @@ jobs:
|
||||||
--packages="./command/agent/consul" \
|
--packages="./command/agent/consul" \
|
||||||
--junitfile $TEST_RESULTS_DIR/results.xml -- \
|
--junitfile $TEST_RESULTS_DIR/results.xml -- \
|
||||||
-run TestConsul
|
-run TestConsul
|
||||||
|
|
||||||
|
# NOTE: ENT specific step as we store secrets in Vault.
|
||||||
|
- name: Authenticate to Vault
|
||||||
|
if: ${{ endsWith(github.repository, '-enterprise') }}
|
||||||
|
id: vault-auth
|
||||||
|
run: vault-auth
|
||||||
|
|
||||||
|
# NOTE: ENT specific step as we store secrets in Vault.
|
||||||
|
- name: Fetch Secrets
|
||||||
|
if: ${{ endsWith(github.repository, '-enterprise') }}
|
||||||
|
id: secrets
|
||||||
|
uses: hashicorp/vault-action@v2.5.0
|
||||||
|
with:
|
||||||
|
url: ${{ steps.vault-auth.outputs.addr }}
|
||||||
|
caCertificate: ${{ steps.vault-auth.outputs.ca_certificate }}
|
||||||
|
token: ${{ steps.vault-auth.outputs.token }}
|
||||||
|
secrets: |
|
||||||
|
kv/data/github/${{ github.repository }}/datadog apikey | DATADOG_API_KEY;
|
||||||
|
|
||||||
|
- name: prepare datadog-ci
|
||||||
|
if: ${{ !endsWith(github.repository, '-enterprise') }}
|
||||||
|
run: |
|
||||||
|
curl -L --fail "https://github.com/DataDog/datadog-ci/releases/latest/download/datadog-ci_linux-x64" --output "/usr/local/bin/datadog-ci"
|
||||||
|
chmod +x /usr/local/bin/datadog-ci
|
||||||
|
|
||||||
|
- name: upload coverage
|
||||||
|
env:
|
||||||
|
DATADOG_API_KEY: "${{ endsWith(github.repository, '-enterprise') && env.DATADOG_API_KEY || secrets.DATADOG_API_KEY }}"
|
||||||
|
DD_ENV: ci
|
||||||
|
run: datadog-ci junit upload --service "$GITHUB_REPOSITORY" $TEST_RESULTS_DIR/results.xml
|
||||||
|
|
||||||
vault-integration-test:
|
vault-integration-test:
|
||||||
runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }}
|
runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }}
|
||||||
needs:
|
needs:
|
||||||
- setup
|
- setup
|
||||||
- dev-build
|
- dev-build
|
||||||
|
permissions:
|
||||||
|
id-token: write # NOTE: this permission is explicitly required for Vault auth.
|
||||||
|
contents: read
|
||||||
strategy:
|
strategy:
|
||||||
matrix:
|
matrix:
|
||||||
vault-version: ["1.13.1", "1.12.5", "1.11.9", "1.10.11"]
|
vault-version: ["1.13.1", "1.12.5", "1.11.9", "1.10.11"]
|
||||||
|
@ -139,6 +175,48 @@ jobs:
|
||||||
--junitfile "${{ env.TEST_RESULTS_DIR }}/gotestsum-report-agent.xml" \
|
--junitfile "${{ env.TEST_RESULTS_DIR }}/gotestsum-report-agent.xml" \
|
||||||
-- -tags "${{ env.GOTAGS }}" -cover -coverprofile=coverage-agent.txt -run Vault ./agent
|
-- -tags "${{ env.GOTAGS }}" -cover -coverprofile=coverage-agent.txt -run Vault ./agent
|
||||||
|
|
||||||
|
# NOTE: ENT specific step as we store secrets in Vault.
|
||||||
|
- name: Authenticate to Vault
|
||||||
|
if: ${{ endsWith(github.repository, '-enterprise') }}
|
||||||
|
id: vault-auth
|
||||||
|
run: vault-auth
|
||||||
|
|
||||||
|
# NOTE: ENT specific step as we store secrets in Vault.
|
||||||
|
- name: Fetch Secrets
|
||||||
|
if: ${{ endsWith(github.repository, '-enterprise') }}
|
||||||
|
id: secrets
|
||||||
|
uses: hashicorp/vault-action@v2.5.0
|
||||||
|
with:
|
||||||
|
url: ${{ steps.vault-auth.outputs.addr }}
|
||||||
|
caCertificate: ${{ steps.vault-auth.outputs.ca_certificate }}
|
||||||
|
token: ${{ steps.vault-auth.outputs.token }}
|
||||||
|
secrets: |
|
||||||
|
kv/data/github/${{ github.repository }}/datadog apikey | DATADOG_API_KEY;
|
||||||
|
|
||||||
|
- name: prepare datadog-ci
|
||||||
|
if: ${{ !endsWith(github.repository, '-enterprise') }}
|
||||||
|
run: |
|
||||||
|
curl -L --fail "https://github.com/DataDog/datadog-ci/releases/latest/download/datadog-ci_linux-x64" --output "/usr/local/bin/datadog-ci"
|
||||||
|
chmod +x /usr/local/bin/datadog-ci
|
||||||
|
|
||||||
|
- name: upload coverage
|
||||||
|
env:
|
||||||
|
DATADOG_API_KEY: "${{ endsWith(github.repository, '-enterprise') && env.DATADOG_API_KEY || secrets.DATADOG_API_KEY }}"
|
||||||
|
DD_ENV: ci
|
||||||
|
run: datadog-ci junit upload --service "$GITHUB_REPOSITORY" "${{ env.TEST_RESULTS_DIR }}/gotestsum-report.xml"
|
||||||
|
|
||||||
|
- name: upload leader coverage
|
||||||
|
env:
|
||||||
|
DATADOG_API_KEY: "${{ endsWith(github.repository, '-enterprise') && env.DATADOG_API_KEY || secrets.DATADOG_API_KEY }}"
|
||||||
|
DD_ENV: ci
|
||||||
|
run: datadog-ci junit upload --service "$GITHUB_REPOSITORY" "${{ env.TEST_RESULTS_DIR }}/gotestsum-report-leader.xml"
|
||||||
|
|
||||||
|
- name: upload agent coverage
|
||||||
|
env:
|
||||||
|
DATADOG_API_KEY: "${{ endsWith(github.repository, '-enterprise') && env.DATADOG_API_KEY || secrets.DATADOG_API_KEY }}"
|
||||||
|
DD_ENV: ci
|
||||||
|
run: datadog-ci junit upload --service "$GITHUB_REPOSITORY" "${{ env.TEST_RESULTS_DIR }}/gotestsum-report-agent.xml"
|
||||||
|
|
||||||
generate-envoy-job-matrices:
|
generate-envoy-job-matrices:
|
||||||
needs: [setup]
|
needs: [setup]
|
||||||
runs-on: ${{ fromJSON(needs.setup.outputs.compute-small) }}
|
runs-on: ${{ fromJSON(needs.setup.outputs.compute-small) }}
|
||||||
|
@ -181,6 +259,9 @@ jobs:
|
||||||
- setup
|
- setup
|
||||||
- generate-envoy-job-matrices
|
- generate-envoy-job-matrices
|
||||||
- dev-build
|
- dev-build
|
||||||
|
permissions:
|
||||||
|
id-token: write # NOTE: this permission is explicitly required for Vault auth.
|
||||||
|
contents: read
|
||||||
strategy:
|
strategy:
|
||||||
fail-fast: false
|
fail-fast: false
|
||||||
matrix:
|
matrix:
|
||||||
|
@ -232,10 +313,35 @@ jobs:
|
||||||
--packages=./test/integration/connect/envoy \
|
--packages=./test/integration/connect/envoy \
|
||||||
-- -timeout=30m -tags integration -run="TestEnvoy/(${{ matrix.test-cases }})"
|
-- -timeout=30m -tags integration -run="TestEnvoy/(${{ matrix.test-cases }})"
|
||||||
|
|
||||||
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
# NOTE: ENT specific step as we store secrets in Vault.
|
||||||
|
- name: Authenticate to Vault
|
||||||
|
if: ${{ endsWith(github.repository, '-enterprise') }}
|
||||||
|
id: vault-auth
|
||||||
|
run: vault-auth
|
||||||
|
|
||||||
|
# NOTE: ENT specific step as we store secrets in Vault.
|
||||||
|
- name: Fetch Secrets
|
||||||
|
if: ${{ endsWith(github.repository, '-enterprise') }}
|
||||||
|
id: secrets
|
||||||
|
uses: hashicorp/vault-action@v2.5.0
|
||||||
with:
|
with:
|
||||||
name: ${{ env.TEST_RESULTS_ARTIFACT_NAME }}
|
url: ${{ steps.vault-auth.outputs.addr }}
|
||||||
path: ${{ env.TEST_RESULTS_DIR }}
|
caCertificate: ${{ steps.vault-auth.outputs.ca_certificate }}
|
||||||
|
token: ${{ steps.vault-auth.outputs.token }}
|
||||||
|
secrets: |
|
||||||
|
kv/data/github/${{ github.repository }}/datadog apikey | DATADOG_API_KEY;
|
||||||
|
|
||||||
|
- name: prepare datadog-ci
|
||||||
|
if: ${{ !endsWith(github.repository, '-enterprise') }}
|
||||||
|
run: |
|
||||||
|
curl -L --fail "https://github.com/DataDog/datadog-ci/releases/latest/download/datadog-ci_linux-x64" --output "/usr/local/bin/datadog-ci"
|
||||||
|
chmod +x /usr/local/bin/datadog-ci
|
||||||
|
|
||||||
|
- name: upload coverage
|
||||||
|
env:
|
||||||
|
DATADOG_API_KEY: "${{ endsWith(github.repository, '-enterprise') && env.DATADOG_API_KEY || secrets.DATADOG_API_KEY }}"
|
||||||
|
DD_ENV: ci
|
||||||
|
run: datadog-ci junit upload --service "$GITHUB_REPOSITORY" $TEST_RESULTS_DIR/results.xml
|
||||||
|
|
||||||
generate-compatibility-job-matrices:
|
generate-compatibility-job-matrices:
|
||||||
needs: [setup]
|
needs: [setup]
|
||||||
|
@ -274,6 +380,9 @@ jobs:
|
||||||
- setup
|
- setup
|
||||||
- dev-build
|
- dev-build
|
||||||
- generate-compatibility-job-matrices
|
- generate-compatibility-job-matrices
|
||||||
|
permissions:
|
||||||
|
id-token: write # NOTE: this permission is explicitly required for Vault auth.
|
||||||
|
contents: read
|
||||||
strategy:
|
strategy:
|
||||||
fail-fast: false
|
fail-fast: false
|
||||||
matrix:
|
matrix:
|
||||||
|
@ -335,10 +444,35 @@ jobs:
|
||||||
# tput complains if this isn't set to something.
|
# tput complains if this isn't set to something.
|
||||||
TERM: ansi
|
TERM: ansi
|
||||||
|
|
||||||
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
# NOTE: ENT specific step as we store secrets in Vault.
|
||||||
|
- name: Authenticate to Vault
|
||||||
|
if: ${{ endsWith(github.repository, '-enterprise') }}
|
||||||
|
id: vault-auth
|
||||||
|
run: vault-auth
|
||||||
|
|
||||||
|
# NOTE: ENT specific step as we store secrets in Vault.
|
||||||
|
- name: Fetch Secrets
|
||||||
|
if: ${{ endsWith(github.repository, '-enterprise') }}
|
||||||
|
id: secrets
|
||||||
|
uses: hashicorp/vault-action@v2.5.0
|
||||||
with:
|
with:
|
||||||
name: ${{ env.TEST_RESULTS_ARTIFACT_NAME }}
|
url: ${{ steps.vault-auth.outputs.addr }}
|
||||||
path: ${{ env.TEST_RESULTS_DIR }}
|
caCertificate: ${{ steps.vault-auth.outputs.ca_certificate }}
|
||||||
|
token: ${{ steps.vault-auth.outputs.token }}
|
||||||
|
secrets: |
|
||||||
|
kv/data/github/${{ github.repository }}/datadog apikey | DATADOG_API_KEY;
|
||||||
|
|
||||||
|
- name: prepare datadog-ci
|
||||||
|
if: ${{ !endsWith(github.repository, '-enterprise') }}
|
||||||
|
run: |
|
||||||
|
curl -L --fail "https://github.com/DataDog/datadog-ci/releases/latest/download/datadog-ci_linux-x64" --output "/usr/local/bin/datadog-ci"
|
||||||
|
chmod +x /usr/local/bin/datadog-ci
|
||||||
|
|
||||||
|
- name: upload coverage
|
||||||
|
env:
|
||||||
|
DATADOG_API_KEY: "${{ endsWith(github.repository, '-enterprise') && env.DATADOG_API_KEY || secrets.DATADOG_API_KEY }}"
|
||||||
|
DD_ENV: ci
|
||||||
|
run: datadog-ci junit upload --service "$GITHUB_REPOSITORY" $TEST_RESULTS_DIR/results.xml
|
||||||
|
|
||||||
generate-upgrade-job-matrices:
|
generate-upgrade-job-matrices:
|
||||||
needs: [setup]
|
needs: [setup]
|
||||||
|
|
Loading…
Reference in a new issue