The previous PR which added these was accidentally performing the download
in the root directory. For the api, and sdk directories it should be in done
in the same directory that will be used to run tests. Otherwise the
wrong dependencies will be downloaded which may add unnecessary time to
the CI run.
Run 'go mod download' first so that dependencies are pulled in a
separate step. This makes the test splitting and test output easier
to scroll through.
Remove test splitting from the api/sdk test runs. These jobs do not
use parallelism, so there is no test timing data injected into the
job. They can't be split.
Remove the dependencies from the go-test job, so that we can start
the slowest test job earlier in the workflow.
To reduce the chance of some tests not being run because it does not
match the regex passed to '-run'.
Also document why some tests are allowed to be skipped on CI.
37897bfc27 made it possible to use
the -m flag with cherry-pick, even when the target is not a merge commit.
This commit changes the image used to run the cherry-pick job to alpine so that we get
a more recent version of git.
The alpine image will also download much faster when the CI node does not have the image cached.
This change assumes that it is always safe to use the first commit
parent as the mainline. I believe this assumption is safe with a
github merge workflow.
Using golangci-lint has a number of advantages:
- adding new linters becomes much easier, its a couple lines of yaml config
instead of more bash scripting
- it enables whitelisting of issues using inline comments or regex
- when running multiple linters less work is done. The parsed source can be reused
by multiple linters
- linters are run in parallel to reduce CI runtime.
- You can no longer cross submodule boundaries with ./... in go
subcommands like `go list` or `go test`. The makefile and CI scripts
were updated accordingly.
- Also of note: `go mod vendor` now omits things build ignored.
* add 1.12.2
* add envoy 1.13.0
* Introduce -envoy-version to get 1.10.0 passing.
* update old version and fix consul-exec case
* add envoy_version and fix check
* Update Envoy CLI tests to account for the 1.13 compatibility changes.
Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>
* ui: Make API integration tests aware of CONSUL_NSPACES_ENABLED
* ui: Allow passing CONSUL_NSPACES_ENABLED in via the cli in ember
* ui: Add more makefile targets/package scripts to switch NSPACEs on/off
* ui: Ensure all acceptance tests continue to pass with NSPACEs on/off
This required a little tweaking of the dictionary, at some point
page-navigation and some of these little tweaks will no longer be
required
* ui: Try running CI frontend tests in two parellel runs oss/ent
* ui: Use correct make target, use different names for the reports
* ui: Move CI to use the Makefile for testing (+ tmporary removal of exam)
* ui: make a specific test-ci target as we are using --path dist
--path dist looks for a previous build to test against, in CI this
exists as we run a build first, but locally potentially this dist folder
doesn't
* vault-ca-provider: add make target and CI test-integration job for /agent/connect/ca/ Vault Provider tests
* load env vars in the vault-ca-provider ci job
* add checkout task, see if we need to attach workspace or not
* ci: remove vault dependency from go-test job to ensure we only run the vault-provider tests in their job
* ci: fix from RB and Alvin code review, add mod cache after checkout
* ci: add CI context to make target and store test results
* ci: fix whitespace
* ci: create test results directory before we try to write to it
* ACL Authorizer overhaul
To account for upcoming features every Authorization function can now take an extra *acl.EnterpriseAuthorizerContext. These are unused in OSS and will always be nil.
Additionally the acl package has received some thorough refactoring to enable all of the extra Consul Enterprise specific authorizations including moving sentinel enforcement into the stubbed structs. The Authorizer funcs now return an acl.EnforcementDecision instead of a boolean. This improves the overall interface as it makes multiple Authorizers easily chainable as they now indicate whether they had an authoritative decision or should use some other defaults. A ChainedAuthorizer was added to handle this Authorizer enforcement chain and will never itself return a non-authoritative decision.
* Include stub for extra enterprise rules in the global management policy
* Allow for an upgrade of the global-management policy