mvdan.cc / cue
this repo has no description
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

internal/ci: add gcloud auth to the e2e tests

And un-skip the test script, now that it's set up to run in CI.

Signed-off-by: Daniel Martí <mvdan@mvdan.cc>
Change-Id: I7000939a0c8200426d6d8d174c564fa72246461a
Reviewed-on: https://review.gerrithub.io/c/cue-lang/cue/+/1171938
Reviewed-by: Roger Peppe <rogpeppe@gmail.com>
TryBot-Result: CUEcueckoo <cueckoo@cuelang.org>

Daniel Martí 95a88a54 d947a69c

+51 -19
+15 -2
.github/workflows/trybot.yml
··· 182 182 run: go test -race ./... 183 183 env: 184 184 GORACE: atexit_sleep_ms=10 185 + - name: gcloud auth for end-to-end tests 186 + id: auth 187 + if: |- 188 + github.repository == 'cue-lang/cue' && ((github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/release-branch.')) && (! (contains(github.event.head_commit.message, ' 189 + Dispatch-Trailer: {"type":"')))) && (matrix.go-version == '1.21.x' && matrix.runner == 'ubuntu-22.04') 190 + uses: google-github-actions/auth@v1 191 + with: 192 + credentials_json: ${{ secrets.E2E_GCLOUD_KEY }} 193 + - if: |- 194 + github.repository == 'cue-lang/cue' && ((github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/release-branch.')) && (! (contains(github.event.head_commit.message, ' 195 + Dispatch-Trailer: {"type":"')))) && (matrix.go-version == '1.21.x' && matrix.runner == 'ubuntu-22.04') 196 + name: gcloud setup for end-to-end tests 197 + uses: google-github-actions/setup-gcloud@v1 185 198 - if: |- 186 199 github.repository == 'cue-lang/cue' && ((github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/release-branch.')) && (! (contains(github.event.head_commit.message, ' 187 200 Dispatch-Trailer: {"type":"')))) && (matrix.go-version == '1.21.x' && matrix.runner == 'ubuntu-22.04') 188 201 name: End-to-end test 202 + env: 203 + GITHUB_TOKEN: ${{ secrets.E2E_GITHUB_TOKEN }} 189 204 run: |- 190 205 cd internal/e2e 191 206 go test 192 - env: 193 - GITHUB_TOKEN: ${{ secrets.E2E_GITHUB_TOKEN }} 194 207 - if: (matrix.go-version == '1.21.x' && matrix.runner == 'ubuntu-22.04') 195 208 name: Check 196 209 run: |-
+6
.gitignore
··· 10 10 # We use test module paths like mod.test or externalmod.test. 11 11 # Don't exclude those as if they were test binaries. 12 12 !**/*mod.test 13 + 14 + # Ignore generated credentials from google-github-actions/auth, 15 + # a GitHub Actions step used in CI for the tests in internal/e2e. 16 + # Note that CI requires a clean git repo when it finishes, 17 + # so we don't want it to think the credentials file is untracked. 18 + gha-creds-*.json
+30 -15
internal/ci/github/trybot.cue
··· 75 75 _goTestRace & { 76 76 if: _isLatestLinux 77 77 }, 78 - _e2eTest, 78 + for v in _e2eTestSteps {v}, 79 79 _goCheck, 80 80 _repo.checkGitClean, 81 81 ] ··· 115 115 run: "go test ./..." 116 116 } 117 117 118 - _e2eTest: json.#step & { 119 - name: "End-to-end test" 118 + _e2eTestSteps: [... json.#step & { 120 119 // The end-to-end tests require a github token secret and are a bit slow, 121 120 // so we only run them on pushes to protected branches and on one 122 121 // environment in the source repo. 123 122 if: "github.repository == '\(_repo.githubRepositoryPath)' && \(_repo.isProtectedBranch) && \(_isLatestLinux)" 124 - 125 - // The secret is the fine-grained access token "cue-lang/cue ci e2e for modules-testing" 126 - // owned by the porcuepine bot account with read+write access to repo administration and code 127 - // on the entire cue-labs-modules-testing org. Note that porcuepine is also an org admin, 128 - // since otherwise the repo admin access to create and delete repos does not work. 129 - env: GITHUB_TOKEN: "${{ secrets.E2E_GITHUB_TOKEN }}" 130 - 131 - run: """ 132 - cd internal/e2e 133 - go test 134 - """ 135 - } 123 + }] & [ 124 + // Two setup steps per the upstream docs: 125 + // https://github.com/google-github-actions/setup-gcloud#service-account-key-json 126 + { 127 + name: "gcloud auth for end-to-end tests" 128 + id: "auth" 129 + uses: "google-github-actions/auth@v1" 130 + // E2E_GCLOUD_KEY is a key for the service account cue-e2e-ci, 131 + // which has the Artifact Registry Repository Administrator role. 132 + with: credentials_json: "${{ secrets.E2E_GCLOUD_KEY }}" 133 + }, 134 + { 135 + name: "gcloud setup for end-to-end tests" 136 + uses: "google-github-actions/setup-gcloud@v1" 137 + }, 138 + { 139 + name: "End-to-end test" 140 + // The secret is the fine-grained access token "cue-lang/cue ci e2e for modules-testing" 141 + // owned by the porcuepine bot account with read+write access to repo administration and code 142 + // on the entire cue-labs-modules-testing org. Note that porcuepine is also an org admin, 143 + // since otherwise the repo admin access to create and delete repos does not work. 144 + env: GITHUB_TOKEN: "${{ secrets.E2E_GITHUB_TOKEN }}" 145 + run: """ 146 + cd internal/e2e 147 + go test 148 + """ 149 + }, 150 + ] 136 151 137 152 _goCheck: json.#step & { 138 153 // These checks can vary between platforms, as different code can be built
-2
internal/e2e/testdata/script/gcloud_upload.txtar
··· 2 2 # to an off-the-shelf OCI registry which requires authentication. 3 3 # Then fetch that module as a dependency via cmd/cue. 4 4 5 - skip 'TODO(mvdan): set up a service account key on GitHub Actions' 6 - 7 5 gcloud-auth-docker # sets: MODULE, CUE_REGISTRY, CUE_REGISTRY_HOST, CLOUDSDK_CONFIG 8 6 env DOCKER_CONFIG=$WORK/docker-config 9 7 env-fill docker-config/config.json