on: workflow_call: inputs: go-arch: description: The execution architecture (arm, amd64, etc.) required: true type: string extra-tags: description: A comma-separated list of additional build tags. required: false type: string runs-on: description: An expression indicating which kind of runners to use. required: false type: string default: ubuntu-latest enterprise: description: A flag indicating if this workflow is executing for the enterprise repository. required: true type: string go-tags: description: The go tags to include on the go test command. required: false type: string env: total-runners: 16 jobs: test-generate-test-package-list: runs-on: ${{ fromJSON(inputs.runs-on) }} name: Verify Test Package Distribution steps: - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c - id: test working-directory: .github/scripts run: | ENTERPRISE=${{ inputs.enterprise }} ./test-generate-test-package-lists.sh runner-indexes: runs-on: ${{ fromJSON(inputs.runs-on) }} name: Generate runner indexes # # This job generates a JSON Array of integers ranging from 1 to 16. # That array is used in the matrix section of the test-go job below. # outputs: runner-indexes: ${{ steps.generate-index-list.outputs.indexes }} steps: - id: generate-index-list run: | INDEX_LIST=$(seq 1 ${{ env.total-runners }}) INDEX_JSON=$(jq --null-input --compact-output '. |= [inputs]' <<< ${INDEX_LIST}) echo "indexes=${INDEX_JSON}" >> ${GITHUB_OUTPUT} test-go: permissions: id-token: write # Note: this permission is explicitly required for Vault auth contents: read name: ${{ inputs.packages }} needs: - runner-indexes # Use GitHub runners on the OSS Vault repo and self-hosted runners otherwise. runs-on: ${{ fromJSON(inputs.runs-on) }} strategy: fail-fast: false matrix: # # Initialize the runner-index key with the JSON array of integers # generated above. # runner-index: ${{ fromJSON(needs.runner-indexes.outputs.runner-indexes) }} env: GOPRIVATE: github.com/hashicorp/* TIMEOUT_IN_MINUTES: 60 steps: - id: setup-git name: Setup Git configuration run: | git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}@github.com".insteadOf https://github.com - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c - uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613 with: go-version-file: ./.go-version cache: true - name: Authenticate to Vault id: vault-auth if: github.repository == 'hashicorp/vault-enterprise' run: vault-auth - name: Fetch Secrets id: secrets if: github.repository == 'hashicorp/vault-enterprise' uses: hashicorp/vault-action@130d1f5f4fe645bb6c83e4225c04d64cfb62de6e with: url: ${{ steps.vault-auth.outputs.addr }} caCertificate: ${{ steps.vault-auth.outputs.ca_certificate }} token: ${{ steps.vault-auth.outputs.token }} secrets: | kv/data/github/${{ github.repository }}/license license_1 | VAULT_LICENSE_CI; kv/data/github/${{ github.repository }}/license license_2 | VAULT_LICENSE_2; kv/data/github/${{ github.repository }}/hcp-link HCP_API_ADDRESS; kv/data/github/${{ github.repository }}/hcp-link HCP_AUTH_URL; kv/data/github/${{ github.repository }}/hcp-link HCP_CLIENT_ID; kv/data/github/${{ github.repository }}/hcp-link HCP_CLIENT_SECRET; kv/data/github/${{ github.repository }}/hcp-link HCP_RESOURCE_ID; - id: run-go-tests name: Run Go tests timeout-minutes: ${{ fromJSON(env.TIMEOUT_IN_MINUTES) }} run: | set -exo pipefail # # This script creates a Bash array with 16 elements each # containing a space delimited list of package names. The # array element corresponding to this instance's # matrix.runner-index value. # ENTERPRISE=${{ inputs.enterprise }} source .github/scripts/generate-test-package-lists.sh # Build the dynamically generated source files. make prep mkdir -p test-results/go-test # We don't want VAULT_LICENSE set when running Go tests, because that's # not what developers have in their environments and it could break some # tests; it would be like setting VAULT_TOKEN. However some non-Go # CI commands, like the UI tests, shouldn't have to worry about licensing. # So we provide the tests which want an externally supplied license with licenses # via the VAULT_LICENSE_CI and VAULT_LICENSE_2 environment variables, and here we unset it. VAULT_LICENSE= # Assign test licenses to relevant variables if they aren't already if [[ ${{ github.repository }} == 'hashicorp/vault' ]]; then export VAULT_LICENSE_CI=${{ secrets.ci_license }} export VAULT_LICENSE_2=${{ secrets.ci_license_2 }} export HCP_API_ADDRESS=${{ secrets.HCP_API_ADDRESS }} export HCP_AUTH_URL=${{ secrets.HCP_AUTH_URL }} export HCP_CLIENT_ID=${{ secrets.HCP_CLIENT_ID }} export HCP_CLIENT_SECRET=${{ secrets.HCP_CLIENT_SECRET }} export HCP_RESOURCE_ID=${{ secrets.HCP_RESOURCE_ID }} # Temporarily removing this variable to cause HCP Link tests # to be skipped. #export HCP_SCADA_ADDRESS=${{ secrets.HCP_SCADA_ADDRESS }} fi GOARCH=${{ inputs.go-arch }} \ go run gotest.tools/gotestsum --format=short-verbose \ --junitfile test-results/go-test/results.xml \ --jsonfile test-results/go-test/results.json \ -- \ -tags "${{ inputs.go-tags }} ${{ inputs.extra-tags }}" \ -timeout=${{ env.TIMEOUT_IN_MINUTES }}m \ -parallel=20 \ \ ${test_packages[${{ matrix.runner-index }}]} - name: Archive test results uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce with: name: test-results-${{ matrix.runner-index }} path: test-results/ - name: Create a summary of tests uses: test-summary/action@62bc5c68de2a6a0d02039763b8c754569df99e3f with: paths: "test-results/go-test/results.xml" show: "fail" if: always()