on: workflow_call: inputs: go-arch: description: The execution architecture (arm, amd64, etc.) required: true type: string enterprise: description: A flag indicating if this workflow is executing for the enterprise repository. required: true type: string total-runners: description: Number of runners to use for executing the tests on. required: true type: string env-vars: description: A map of environment variables as JSON. required: false type: string default: '{}' extra-flags: description: A space-separated list of additional build flags. required: false type: string go-build-tags: description: A comma-separated list of additional build tags to consider satisfied during the build. required: false type: string matrix-job-name: description: A suffix to be added to the matrix job names. required: false type: string runs-on: description: An expression indicating which kind of runners to use. required: false type: string default: ubuntu-latest env: ${{ fromJSON(inputs.env-vars) }} jobs: test-generate-test-package-list: runs-on: ${{ fromJSON(inputs.runs-on) }} name: Verify Test Package Distribution steps: - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c - id: test working-directory: .github/scripts run: | ENTERPRISE=${{ inputs.enterprise }} ./test-generate-test-package-lists.sh runner-indexes: runs-on: ${{ fromJSON(inputs.runs-on) }} name: Generate runner indexes # # This job generates a JSON Array of integers ranging from 1 to 16. # That array is used in the matrix section of the test-go job below. # outputs: runner-indexes: ${{ steps.generate-index-list.outputs.indexes }} steps: - id: generate-index-list run: | INDEX_LIST="$(seq 1 ${{ inputs.total-runners }})" INDEX_JSON="$(jq --null-input --compact-output '. |= [inputs]' <<< "${INDEX_LIST}")" echo "indexes=${INDEX_JSON}" >> "${GITHUB_OUTPUT}" test-go: permissions: id-token: write # Note: this permission is explicitly required for Vault auth contents: read name: "${{ matrix.runner-index }} ${{ inputs.matrix-job-name }}" needs: - runner-indexes runs-on: ${{ fromJSON(inputs.runs-on) }} strategy: fail-fast: false matrix: # # Initialize the runner-index key with the JSON array of integers # generated above. # runner-index: ${{ fromJSON(needs.runner-indexes.outputs.runner-indexes) }} env: GOPRIVATE: github.com/hashicorp/* TIMEOUT_IN_MINUTES: 60 steps: - id: setup-git name: Setup Git configuration run: | git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}@github.com".insteadOf https://github.com - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c - uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613 with: go-version-file: ./.go-version cache: true - name: Authenticate to Vault id: vault-auth if: github.repository == 'hashicorp/vault-enterprise' run: vault-auth - name: Fetch Secrets id: secrets if: github.repository == 'hashicorp/vault-enterprise' uses: hashicorp/vault-action@130d1f5f4fe645bb6c83e4225c04d64cfb62de6e with: url: ${{ steps.vault-auth.outputs.addr }} caCertificate: ${{ steps.vault-auth.outputs.ca_certificate }} token: ${{ steps.vault-auth.outputs.token }} secrets: | kv/data/github/${{ github.repository }}/license license_1 | VAULT_LICENSE_CI; kv/data/github/${{ github.repository }}/license license_2 | VAULT_LICENSE_2; kv/data/github/${{ github.repository }}/hcp-link HCP_API_ADDRESS; kv/data/github/${{ github.repository }}/hcp-link HCP_AUTH_URL; kv/data/github/${{ github.repository }}/hcp-link HCP_CLIENT_ID; kv/data/github/${{ github.repository }}/hcp-link HCP_CLIENT_SECRET; kv/data/github/${{ github.repository }}/hcp-link HCP_RESOURCE_ID; - id: run-go-tests name: Run Go tests timeout-minutes: ${{ fromJSON(env.TIMEOUT_IN_MINUTES) }} run: | set -exo pipefail # # This script creates a Bash array with 16 elements each # containing a space delimited list of package names. The # array element corresponding to this instance's # matrix.runner-index value. # ENTERPRISE=${{ inputs.enterprise }} source .github/scripts/generate-test-package-lists.sh # Build the dynamically generated source files. make prep mkdir -p test-results/go-test # We don't want VAULT_LICENSE set when running Go tests, because that's # not what developers have in their environments and it could break some # tests; it would be like setting VAULT_TOKEN. However some non-Go # CI commands, like the UI tests, shouldn't have to worry about licensing. # So we provide the tests which want an externally supplied license with licenses # via the VAULT_LICENSE_CI and VAULT_LICENSE_2 environment variables, and here we unset it. # shellcheck disable=SC2034 VAULT_LICENSE= # Assign test licenses to relevant variables if they aren't already if [[ ${{ github.repository }} == 'hashicorp/vault' ]]; then export VAULT_LICENSE_CI=${{ secrets.ci_license }} export VAULT_LICENSE_2=${{ secrets.ci_license_2 }} export HCP_API_ADDRESS=${{ secrets.HCP_API_ADDRESS }} export HCP_AUTH_URL=${{ secrets.HCP_AUTH_URL }} export HCP_CLIENT_ID=${{ secrets.HCP_CLIENT_ID }} export HCP_CLIENT_SECRET=${{ secrets.HCP_CLIENT_SECRET }} export HCP_RESOURCE_ID=${{ secrets.HCP_RESOURCE_ID }} # Temporarily removing this variable to cause HCP Link tests # to be skipped. #export HCP_SCADA_ADDRESS=${{ secrets.HCP_SCADA_ADDRESS }} fi # shellcheck disable=SC2086 # can't quote package list GOARCH=${{ inputs.go-arch }} \ go run gotest.tools/gotestsum --format=short-verbose \ --junitfile test-results/go-test/results.xml \ --jsonfile test-results/go-test/results.json \ -- \ -tags "${{ inputs.go-build-tags }}" \ -timeout=${{ env.TIMEOUT_IN_MINUTES }}m \ -parallel=20 \ ${{ inputs.extra-flags }} \ \ ${test_packages[${{ matrix.runner-index }}]} - name: Archive test results uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce with: name: test-results-${{ matrix.runner-index }} path: test-results/ if: always() - name: Create a summary of tests uses: test-summary/action@62bc5c68de2a6a0d02039763b8c754569df99e3f with: paths: "test-results/go-test/results.xml" show: "fail" if: always()