helm: add GCP CCM permissions for internal LBs #6871
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Unit Tests | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- main | |
- "release/**" | |
paths: | |
- "**.go" | |
- "**/go.mod" | |
- "**/go.sum" | |
- "**/testdata/**" | |
- ".github/workflows/test-unittest.yml" | |
pull_request: | |
paths: | |
- "cli/internal/helm/**" | |
- "**.go" | |
- "**/go.mod" | |
- "**/go.sum" | |
- "**/testdata/**" | |
- ".github/workflows/test-unittest.yml" | |
jobs: | |
test-unittest: | |
runs-on: [self-hosted, bazel-cached] | |
permissions: | |
id-token: write | |
contents: read | |
pull-requests: write | |
steps: | |
- name: Checkout | |
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
with: | |
# ref is unset here intentionally to ensure we test against a merge of PR and main branch | |
fetch-depth: 0 | |
- name: Install AWS cli | |
run: | | |
curl -fsSL "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" | |
unzip awscliv2.zip | |
sudo ./aws/install | |
rm -rf awscliv2.zip aws | |
- name: Login to AWS (IAM role) | |
uses: aws-actions/configure-aws-credentials@5fd3084fc36e372ff1fff382a39b10d03659f355 # v2.2.0 | |
with: | |
role-to-assume: arn:aws:iam::795746500882:role/GithubActionGocoverage | |
aws-region: eu-central-1 | |
- name: Setup bazel | |
uses: ./.github/actions/setup_bazel_nix | |
with: | |
useCache: "true" | |
buildBuddyApiKey: ${{ secrets.BUILDBUDDY_ORG_API_KEY }} | |
- name: Unit Tests | |
env: | |
TMPDIR: ${{ runner.temp }} | |
run: bazel test //... --test_output=errors --config=nostamp | |
- name: Coverage | |
id: coverage | |
run: | | |
bazel run //bazel/ci:gocoverage_diff | |
lines=$(wc -l < coverage_diff.md) | |
uploadable=$([[ ${lines} -gt 3 ]] && echo "true" || echo "false") | |
echo "uploadable=$uploadable" | tee -a "$GITHUB_OUTPUT" | |
- name: Comment coverage | |
if: steps.coverage.outputs.uploadable == 'true' && github.event_name == 'pull_request' | |
uses: marocchino/sticky-pull-request-comment@efaaab3fd41a9c3de579aba759d2552635e590fd # v2.8.0 | |
with: | |
header: coverage | |
path: coverage_diff.md | |
recreate: true | |
- name: Upload coverage | |
if: github.ref_name == 'main' | |
run: | | |
cat coverage_result.json | |
aws s3 cp coverage_result.json s3://constellation-ci/gocoverage/coverage_main.json | |
echo "coverage uploaded to s3://constellation-ci/gocoverage/coverage_main.json" |