-
Notifications
You must be signed in to change notification settings - Fork 428
145 lines (131 loc) · 6.85 KB
/
tests.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
# Run secret-dependent integration tests only after /ok-to-test approval
on:
repository_dispatch:
types: [ok-to-test-command]
pull_request:
name: tests
jobs:
all-tests:
env:
TEST_SF_TF_TEST_OBJECT_SUFFIX: ${{ (github.event_name == 'repository_dispatch' && github.event.client_payload.pull_request.head.sha) || (github.event_name == 'pull_request' && github.event.pull_request.head.sha) }}
name: all-tests
runs-on: ubuntu-latest
if: (github.event_name == 'repository_dispatch') || (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository)
steps:
- id: verify_sha_input
if: github.event_name == 'repository_dispatch'
run: |
echo \"${{ github.event.client_payload.pull_request.head.sha }}\"
echo \"${{ github.event.client_payload.slash_command.args.named.sha }}\"
SHAINPUT=$(echo ${{github.event.client_payload.slash_command.args.named.sha}} | cut -c1-7)
if [ ${#SHAINPUT} -le 6 ]; then echo "error::input sha not at least 7 characters long" ; exit 1
else echo "done"
fi
SHAHEAD=$(echo ${{github.event.client_payload.pull_request.head.sha}} | cut -c1-7)
echo ${#SHAINPUT}
echo ${#SHAHEAD}
if [ "${SHAHEAD}" != "${SHAINPUT}" ]; then echo "sha input from slash command does not equal the head sha" ; exit 1
else echo "shas are equal"
fi
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version-file: ./go.mod
cache: false
- name: Apply masking
run: |
while IFS= read -r line || [[ -n $line ]]; do
echo "::add-mask::$line"
done < <(printf '%s' "$SF_TF_GH_MASKING")
env:
SF_TF_GH_MASKING: ${{ secrets.SF_TF_GH_MASKING }}
- name: Install dependencies
run: make dev-setup
- name: Create and populate .snowflake/config file
id: create_config
run: mkdir -p $HOME/.snowflake && echo "${{ secrets.SNOWFLAKE_CONFIG_FILE }}" > $HOME/.snowflake/config
- name: Create and populate .snowflake/config_v097_compatible file
id: create_config_v097_compatible
run: mkdir -p $HOME/.snowflake && echo "${{ secrets.SNOWFLAKE_CONFIG_FILE_V097_COMPATIBLE }}" > $HOME/.snowflake/config_v097_compatible
- run: make test
if: ${{ !cancelled() && steps.create_config.conclusion == 'success' }}
env:
SNOWFLAKE_BUSINESS_CRITICAL_ACCOUNT: ${{ secrets.SNOWFLAKE_BUSINESS_CRITICAL_ACCOUNT }}
TEST_SF_TF_AWS_EXTERNAL_BUCKET_URL: ${{ secrets.TEST_SF_TF_AWS_EXTERNAL_BUCKET_URL }}
TEST_SF_TF_AWS_EXTERNAL_KEY_ID: ${{ secrets.TEST_SF_TF_AWS_EXTERNAL_KEY_ID }}
TEST_SF_TF_AWS_EXTERNAL_ROLE_ARN: ${{ secrets.TEST_SF_TF_AWS_EXTERNAL_ROLE_ARN }}
TEST_SF_TF_AWS_EXTERNAL_SECRET_KEY: ${{ secrets.TEST_SF_TF_AWS_EXTERNAL_SECRET_KEY }}
TEST_SF_TF_AZURE_EXTERNAL_BUCKET_URL: ${{ secrets.TEST_SF_TF_AZURE_EXTERNAL_BUCKET_URL }}
TEST_SF_TF_AZURE_EXTERNAL_SAS_TOKEN: ${{ secrets.TEST_SF_TF_AZURE_EXTERNAL_SAS_TOKEN }}
TEST_SF_TF_AZURE_EXTERNAL_TENANT_ID: ${{ secrets.TEST_SF_TF_AZURE_EXTERNAL_TENANT_ID }}
TEST_SF_TF_GCS_EXTERNAL_BUCKET_URL: ${{ secrets.TEST_SF_TF_GCS_EXTERNAL_BUCKET_URL }}
- name: Setup Terraform
if: ${{ !cancelled() && steps.create_config.conclusion == 'success' }}
uses: hashicorp/setup-terraform@v3
id: setup_terraform
with:
terraform_version: 1.7.4
terraform_wrapper: false
- run: make test-acceptance
if: ${{ !cancelled() && steps.setup_terraform.conclusion == 'success' }}
env:
SNOWFLAKE_BUSINESS_CRITICAL_ACCOUNT: ${{ secrets.SNOWFLAKE_BUSINESS_CRITICAL_ACCOUNT }}
TEST_SF_TF_AWS_EXTERNAL_BUCKET_URL: ${{ secrets.TEST_SF_TF_AWS_EXTERNAL_BUCKET_URL }}
TEST_SF_TF_AWS_EXTERNAL_KEY_ID: ${{ secrets.TEST_SF_TF_AWS_EXTERNAL_KEY_ID }}
TEST_SF_TF_AWS_EXTERNAL_ROLE_ARN: ${{ secrets.TEST_SF_TF_AWS_EXTERNAL_ROLE_ARN }}
TEST_SF_TF_AWS_EXTERNAL_SECRET_KEY: ${{ secrets.TEST_SF_TF_AWS_EXTERNAL_SECRET_KEY }}
TEST_SF_TF_AZURE_EXTERNAL_BUCKET_URL: ${{ secrets.TEST_SF_TF_AZURE_EXTERNAL_BUCKET_URL }}
TEST_SF_TF_AZURE_EXTERNAL_SAS_TOKEN: ${{ secrets.TEST_SF_TF_AZURE_EXTERNAL_SAS_TOKEN }}
TEST_SF_TF_AZURE_EXTERNAL_TENANT_ID: ${{ secrets.TEST_SF_TF_AZURE_EXTERNAL_TENANT_ID }}
TEST_SF_TF_GCS_EXTERNAL_BUCKET_URL: ${{ secrets.TEST_SF_TF_GCS_EXTERNAL_BUCKET_URL }}
- name: sweepers cleanup
if: ${{ always() }}
run: echo y | make sweep
- name: find comment
if: ${{ always() }}
uses: peter-evans/find-comment@v2
id: fc
with:
issue-number: ${{ github.event.pull_request.number || github.event.client_payload.pull_request.number }}
comment-author: 'github-actions[bot]'
body-includes: Integration tests ran for
- name: create or update comment
if: ${{ always() }}
uses: peter-evans/create-or-update-comment@v2
with:
issue-number: ${{ github.event.pull_request.number || github.event.client_payload.pull_request.number }}
comment-id: ${{ steps.fc.outputs.comment-id }}
body: |
Integration tests ${{ job.status }} for [${{ github.event.client_payload.slash_command.args.named.sha || github.event.pull_request.head.sha }}](https://github.com/Snowflake-Labs/terraform-provider-snowflake/actions/runs/${{ github.run_id }})
- name: set fork job status
uses: actions/github-script@v6
if: ${{ always() }}
id: update_check_run
env:
number: ${{ github.event.client_payload.pull_request.number }}
job: ${{ github.job }}
# Conveniently, job.status maps to https://developer.github.com/v3/checks/runs/#update-a-check-run
conclusion: ${{ job.status }}
sha: ${{ github.event.client_payload.slash_command.args.named.sha }}
event_name: ${{ github.event_name }}
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
if (process.env.event_name !== 'repository_dispatch') {
console.log("Not repository_dispatch... nothing to do!");
return process.env.event_name;
}
const ref = process.env.sha;
const { data: checks } = await github.rest.checks.listForRef({
...context.repo,
ref
});
const check = checks.check_runs.filter(c => c.name === process.env.job);
console.log(check);
const { data: result } = await github.rest.checks.update({
...context.repo,
check_run_id: check[0].id,
status: 'completed',
conclusion: process.env.conclusion
});
return result;