Add support for the VenafiConnection CRD so that users can start using the Workload Identity Federation authentication ("secretless") #1033
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # if changing this name, also update promotion.yaml | |
| name: test | |
| on: | |
| push: | |
| branches-ignore: | |
| - master | |
| pull_request: | |
| branches: | |
| - "*" | |
| env: | |
| GOPRIVATE: github.com/jetstack/venafi-connection-lib | |
| jobs: | |
| vet: | |
| name: vet | |
| runs-on: ubuntu-22.04 | |
| container: golang:1.22 | |
| steps: | |
| - name: Configure jetstack/venafi-connection-lib repo pull access | |
| run: | | |
| mkdir ~/.ssh | |
| chmod 700 ~/.ssh | |
| echo "${{ secrets.DEPLOY_KEY_READ_VENAFI_CONNECTION_LIB }}" > ~/.ssh/venafi_connection_lib_id | |
| chmod 600 ~/.ssh/venafi_connection_lib_id | |
| cat <<EOT >> ~/.ssh/config | |
| Host venafi-connection-lib.github.com | |
| HostName github.com | |
| IdentityFile ~/.ssh/venafi_connection_lib_id | |
| IdentitiesOnly yes | |
| EOT | |
| cat <<EOT >> ~/.gitconfig | |
| [url "[email protected]:jetstack/venafi-connection-lib"] | |
| insteadOf = https://github.com/jetstack/venafi-connection-lib | |
| EOT | |
| - uses: actions/checkout@v4 | |
| - run: make vet | |
| shell: bash | |
| test: | |
| name: go test | |
| runs-on: ubuntu-22.04 | |
| container: golang:1.22 | |
| steps: | |
| - name: Configure jetstack/venafi-connection-lib repo pull access | |
| run: | | |
| mkdir ~/.ssh | |
| chmod 700 ~/.ssh | |
| echo "${{ secrets.DEPLOY_KEY_READ_VENAFI_CONNECTION_LIB }}" > ~/.ssh/venafi_connection_lib_id | |
| chmod 600 ~/.ssh/venafi_connection_lib_id | |
| cat <<EOT >> ~/.ssh/config | |
| Host venafi-connection-lib.github.com | |
| HostName github.com | |
| IdentityFile ~/.ssh/venafi_connection_lib_id | |
| IdentitiesOnly yes | |
| EOT | |
| cat <<EOT >> ~/.gitconfig | |
| [url "[email protected]:jetstack/venafi-connection-lib"] | |
| insteadOf = https://github.com/jetstack/venafi-connection-lib | |
| EOT | |
| - uses: actions/checkout@v4 | |
| - run: make test | |
| docker_build: | |
| name: docker_build | |
| runs-on: ubuntu-22.04 | |
| container: | |
| image: docker:23 | |
| options: -t | |
| # Setting up dind service container | |
| services: | |
| docker: | |
| image: docker:23-dind | |
| env: | |
| DOCKER_DRIVER: overlay | |
| DOCKER_HOST: tcp://localhost:2375 | |
| steps: | |
| - name: Configure jetstack/venafi-connection-lib repo pull access | |
| run: | | |
| mkdir ~/.ssh | |
| chmod 700 ~/.ssh | |
| echo "${{ secrets.DEPLOY_KEY_READ_VENAFI_CONNECTION_LIB }}" > ~/.ssh/venafi_connection_lib_id | |
| chmod 600 ~/.ssh/venafi_connection_lib_id | |
| cat <<EOT >> ~/.ssh/config | |
| Host venafi-connection-lib.github.com | |
| HostName github.com | |
| IdentityFile ~/.ssh/venafi_connection_lib_id | |
| IdentitiesOnly yes | |
| EOT | |
| cat <<EOT >> ~/.gitconfig | |
| [url "[email protected]:jetstack/venafi-connection-lib"] | |
| insteadOf = https://github.com/jetstack/venafi-connection-lib | |
| EOT | |
| - name: Install Tools | |
| run: apk add --update make git jq rsync curl | |
| - name: Adding github workspace as safe directory | |
| # See issue https://github.com/actions/checkout/issues/760 | |
| run: git config --global --add safe.directory $GITHUB_WORKSPACE | |
| - uses: actions/checkout@v4 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| driver-opts: image=moby/buildkit:master | |
| - name: Build images | |
| run: make build-docker-image |