From b920e88324f9acbc89a681ecea3089e9204f7fa6 Mon Sep 17 00:00:00 2001 From: "Marcel S. Henselin" Date: Wed, 11 Mar 2026 13:40:48 +0100 Subject: [PATCH] test: fix pr merge conflict [skip ci] --- .github/workflows/ci.yaml | 238 +++++++++++------------- .github/workflows/ci_new.yaml | 328 ++++++++++++++++++++++++++++++++++ 2 files changed, 428 insertions(+), 138 deletions(-) create mode 100644 .github/workflows/ci_new.yaml diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 224a5a47..6a3a8eb0 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -15,8 +15,6 @@ on: branches: - '!main' - '!alpha' - paths: - - '!.github' env: GO_VERSION: "1.25" @@ -24,104 +22,19 @@ env: CODE_COVERAGE_ARTIFACT_NAME: "code-coverage" jobs: - config: - if: ${{ github.event_name != 'schedule' }} - name: Check GoReleaser config - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v6 - - - name: Check GoReleaser - uses: goreleaser/goreleaser-action@v7 - with: - args: check - - prepare: - name: Prepare GO cache - runs-on: ubuntu-latest - permissions: - actions: read # Required to identify workflow run. - checks: write # Required to add status summary. - contents: read # Required to checkout repository. - pull-requests: write # Required to add PR comment. - steps: - - name: Checkout - uses: actions/checkout@v6 - - - name: Install Go ${{ inputs.go-version }} - id: go-install - uses: actions/setup-go@v6 - with: - # go-version: ${{ inputs.go-version }} - check-latest: true - go-version-file: 'go.mod' - - - name: Determine GOMODCACHE - shell: bash - id: goenv - run: | - set -e - # echo "::set-output name=gomodcache::$(go env GOMODCACHE)" - echo "gomodcache=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT" - - - name: Restore cached GO pkg - id: cache-gopkg - uses: actions/cache/restore@v5 - with: - path: "${{ steps.goenv.outputs.gomodcache }}" - key: ${{ runner.os }}-gopkg - - - name: Install go tools - if: steps.cache-gopkg.outputs.cache-hit != 'true' - run: | - go install golang.org/x/tools/cmd/goimports@latest - go install github.com/hashicorp/terraform-plugin-codegen-framework/cmd/tfplugingen-framework@latest - go install github.com/hashicorp/terraform-plugin-codegen-openapi/cmd/tfplugingen-openapi@latest - - - name: Get all go packages - if: steps.cache-gopkg.outputs.cache-hit != 'true' - shell: bash - run: | - set -e - go get ./... - - - name: Save Cache - if: steps.cache-gopkg.outputs.cache-hit != 'true' - id: cache-gopkg-save - uses: actions/cache/save@v5 - with: - path: | - ${{ steps.goenv.outputs.gomodcache }} - key: ${{ runner.os }}-gopkg - - - publish_test: - name: "Test readiness for publishing provider" - needs: - - config - - prepare - runs-on: ubuntu-latest - permissions: - actions: read # Required to identify workflow run. - checks: write # Required to add status summary. - contents: read # Required to checkout repository. - pull-requests: write # Required to add PR comment. + runner_test: + name: "Test STACKIT runner" + runs-on: stackit-docker steps: - name: Install needed tools run: | apt-get -y -qq update - apt-get -y -qq install jq python3 python3-pip python-is-python3 s3cmd git make wget unzip bc - - - name: Checkout - uses: actions/checkout@v6 + apt-get -y -qq install jq python3 python3-pip python-is-python3 s3cmd git make wget - name: Setup Go uses: actions/setup-go@v6 with: - # go-version: ${{ env.GO_VERSION }} - check-latest: true - go-version-file: 'go.mod' + go-version: ${{ env.GO_VERSION }} - name: Install go tools run: | @@ -135,9 +48,51 @@ jobs: distribution: 'temurin' # See 'Supported distributions' for available options java-version: '21' -# - name: Run build pkg directory -# run: | -# go run generator/main.go build + - name: Checkout + uses: actions/checkout@v6 + + - name: Run build pkg directory + run: | + go run cmd/main.go build + + publish_test: + name: "Test readiness for publishing provider" + needs: config + runs-on: ubuntu-latest + permissions: + actions: read # Required to identify workflow run. + checks: write # Required to add status summary. + contents: read # Required to checkout repository. + pull-requests: write # Required to add PR comment. + steps: + - name: Install needed tools + run: | + apt-get -y -qq update + apt-get -y -qq install jq python3 python3-pip python-is-python3 s3cmd git make wget + + - name: Setup Go + uses: actions/setup-go@v6 + with: + go-version: ${{ env.GO_VERSION }} + + - name: Install go tools + run: | + go install golang.org/x/tools/cmd/goimports@latest + go install github.com/hashicorp/terraform-plugin-codegen-framework/cmd/tfplugingen-framework@latest + go install github.com/hashicorp/terraform-plugin-codegen-openapi/cmd/tfplugingen-openapi@latest + + - name: Setup JAVA + uses: actions/setup-java@v5 + with: + distribution: 'temurin' # See 'Supported distributions' for available options + java-version: '21' + + - name: Checkout + uses: actions/checkout@v6 + + - name: Run build pkg directory + run: | + go run cmd/main.go build - name: Set up s3cfg run: | @@ -161,7 +116,7 @@ jobs: env: GITHUB_TOKEN: ${{ env.FORGEJO_TOKEN }} GPG_FINGERPRINT: ${{ secrets.GPG_FINGERPRINT }} - uses: goreleaser/goreleaser-action@v7 + uses: goreleaser/goreleaser-action@v6 with: args: release --skip publish --clean --snapshot @@ -172,7 +127,7 @@ jobs: - name: Prepare provider directory structure run: | VERSION=$(jq -r .version < dist/metadata.json) - go run generator/main.go \ + go run cmd/main.go \ publish \ --namespace=mhenselin \ --providerName=stackitprivatepreview \ @@ -185,12 +140,9 @@ jobs: testing: name: CI run tests runs-on: ubuntu-latest - needs: - - config - - prepare + needs: config env: TF_ACC_PROJECT_ID: ${{ vars.TF_ACC_PROJECT_ID }} - TF_ACC_ORGANIZATION_ID: ${{ vars.TF_ACC_ORGANIZATION_ID }} TF_ACC_REGION: ${{ vars.TF_ACC_REGION }} TF_ACC_TEST_PROJECT_SERVICE_ACCOUNT_EMAIL: ${{ vars.TF_ACC_TEST_PROJECT_SERVICE_ACCOUNT_EMAIL }} TF_ACC_SERVICE_ACCOUNT_FILE: "~/service_account.json" @@ -211,26 +163,20 @@ jobs: - name: Create service account json file if: ${{ github.event_name == 'pull_request' }} run: | - echo "${{ secrets.TF_ACC_SERVICE_ACCOUNT_JSON }}" >~/.service_account.json + echo "${{ secrets.TF_ACC_SERVICE_ACCOUNT_JSON }}" >~/service_account.json - name: Run go mod tidy if: ${{ github.event_name == 'pull_request' }} run: go mod tidy - name: Testing - run: | - TF_ACC_SERVICE_ACCOUNT_FILE=~/.service_account.json - export TF_ACC_SERVICE_ACCOUNT_FILE - make test + run: make test - name: Acceptance Testing env: TF_ACC: "1" if: ${{ github.event_name == 'pull_request' }} - run: | - TF_ACC_SERVICE_ACCOUNT_FILE=~/.service_account.json - export TF_ACC_SERVICE_ACCOUNT_FILE - make test-acceptance-tf + run: make test-acceptance-tf - name: Check coverage threshold shell: bash @@ -253,28 +199,16 @@ jobs: if: ${{ github.event_name != 'schedule' }} name: CI run build and linting runs-on: ubuntu-latest - needs: - - config - - prepare + needs: config steps: - name: Checkout uses: actions/checkout@v6 - -# - uses: actions/cache@v5 -# id: cache -# with: -# path: path/to/dependencies -# key: ${{ runner.os }}-${{ hashFiles('**/lockfiles') }} - -# - name: Install Dependencies -# if: steps.cache.outputs.cache-hit != 'true' -# run: /install.sh - name: Build uses: ./.github/actions/build with: go-version: ${{ env.GO_VERSION }} - + - name: Setup Terraform uses: hashicorp/setup-terraform@v2 with: @@ -292,33 +226,61 @@ jobs: - name: golangci-lint uses: golangci/golangci-lint-action@v9 with: - version: v2.10 - args: --config=.golang-ci.yaml --allow-parallel-runners --timeout=5m + version: v2.9 + args: --config=golang-ci.yaml --allow-parallel-runners --timeout=5m continue-on-error: true - - name: Linting terraform files - run: make lint-tf + - name: Linting + run: make lint continue-on-error: true + # - name: Testing + # run: make test + # + # - name: Acceptance Testing + # if: ${{ github.event_name == 'pull_request' }} + # run: make test-acceptance-tf + # + # - name: Check coverage threshold + # shell: bash + # run: | + # make coverage + # COVERAGE=$(go tool cover -func=coverage.out | grep total | awk '{print $3}' | sed 's/%//') + # echo "Coverage: $COVERAGE%" + # if (( $(echo "$COVERAGE < 80" | bc -l) )); then + # echo "Coverage is below 80%" + # # exit 1 + # fi + + # - name: Archive code coverage results + # uses: actions/upload-artifact@v4 + # with: + # name: ${{ env.CODE_COVERAGE_ARTIFACT_NAME }} + # path: "stackit/${{ env.CODE_COVERAGE_FILE_NAME }}" + + config: + if: ${{ github.event_name != 'schedule' }} + name: Check GoReleaser config + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v6 + + - name: Check GoReleaser + uses: goreleaser/goreleaser-action@v6 + with: + args: check + code_coverage: name: "Code coverage report" if: github.event_name == 'pull_request' # Do not run when workflow is triggered by push to main branch runs-on: ubuntu-latest - needs: - - main - - prepare + needs: main permissions: contents: read actions: read # to download code coverage results from "main" job pull-requests: write # write permission needed to comment on PR steps: - - name: Install needed tools - shell: bash - run: | - set -e - apt-get -y -qq update - apt-get -y -qq install sudo - - name: Check new code coverage uses: fgrosse/go-coverage-report@v1.2.0 continue-on-error: true # Add this line to prevent pipeline failures in forks diff --git a/.github/workflows/ci_new.yaml b/.github/workflows/ci_new.yaml new file mode 100644 index 00000000..224a5a47 --- /dev/null +++ b/.github/workflows/ci_new.yaml @@ -0,0 +1,328 @@ +name: CI Workflow + +on: + pull_request: + branches: + - alpha + - main + workflow_dispatch: + schedule: + # every sunday at 00:00 + # - cron: '0 0 * * 0' + # every day at 00:00 + - cron: '0 0 * * *' + push: + branches: + - '!main' + - '!alpha' + paths: + - '!.github' + +env: + GO_VERSION: "1.25" + CODE_COVERAGE_FILE_NAME: "coverage.out" # must be the same as in Makefile + CODE_COVERAGE_ARTIFACT_NAME: "code-coverage" + +jobs: + config: + if: ${{ github.event_name != 'schedule' }} + name: Check GoReleaser config + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v6 + + - name: Check GoReleaser + uses: goreleaser/goreleaser-action@v7 + with: + args: check + + prepare: + name: Prepare GO cache + runs-on: ubuntu-latest + permissions: + actions: read # Required to identify workflow run. + checks: write # Required to add status summary. + contents: read # Required to checkout repository. + pull-requests: write # Required to add PR comment. + steps: + - name: Checkout + uses: actions/checkout@v6 + + - name: Install Go ${{ inputs.go-version }} + id: go-install + uses: actions/setup-go@v6 + with: + # go-version: ${{ inputs.go-version }} + check-latest: true + go-version-file: 'go.mod' + + - name: Determine GOMODCACHE + shell: bash + id: goenv + run: | + set -e + # echo "::set-output name=gomodcache::$(go env GOMODCACHE)" + echo "gomodcache=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT" + + - name: Restore cached GO pkg + id: cache-gopkg + uses: actions/cache/restore@v5 + with: + path: "${{ steps.goenv.outputs.gomodcache }}" + key: ${{ runner.os }}-gopkg + + - name: Install go tools + if: steps.cache-gopkg.outputs.cache-hit != 'true' + run: | + go install golang.org/x/tools/cmd/goimports@latest + go install github.com/hashicorp/terraform-plugin-codegen-framework/cmd/tfplugingen-framework@latest + go install github.com/hashicorp/terraform-plugin-codegen-openapi/cmd/tfplugingen-openapi@latest + + - name: Get all go packages + if: steps.cache-gopkg.outputs.cache-hit != 'true' + shell: bash + run: | + set -e + go get ./... + + - name: Save Cache + if: steps.cache-gopkg.outputs.cache-hit != 'true' + id: cache-gopkg-save + uses: actions/cache/save@v5 + with: + path: | + ${{ steps.goenv.outputs.gomodcache }} + key: ${{ runner.os }}-gopkg + + + publish_test: + name: "Test readiness for publishing provider" + needs: + - config + - prepare + runs-on: ubuntu-latest + permissions: + actions: read # Required to identify workflow run. + checks: write # Required to add status summary. + contents: read # Required to checkout repository. + pull-requests: write # Required to add PR comment. + steps: + - name: Install needed tools + run: | + apt-get -y -qq update + apt-get -y -qq install jq python3 python3-pip python-is-python3 s3cmd git make wget unzip bc + + - name: Checkout + uses: actions/checkout@v6 + + - name: Setup Go + uses: actions/setup-go@v6 + with: + # go-version: ${{ env.GO_VERSION }} + check-latest: true + go-version-file: 'go.mod' + + - name: Install go tools + run: | + go install golang.org/x/tools/cmd/goimports@latest + go install github.com/hashicorp/terraform-plugin-codegen-framework/cmd/tfplugingen-framework@latest + go install github.com/hashicorp/terraform-plugin-codegen-openapi/cmd/tfplugingen-openapi@latest + + - name: Setup JAVA + uses: actions/setup-java@v5 + with: + distribution: 'temurin' # See 'Supported distributions' for available options + java-version: '21' + +# - name: Run build pkg directory +# run: | +# go run generator/main.go build + + - name: Set up s3cfg + run: | + cat <<'EOF' >> ~/.s3cfg + [default] + host_base = https://object.storage.eu01.onstackit.cloud + host_bucket = https://%(bucket).object.storage.eu01.onstackit.cloud + check_ssl_certificate = False + access_key = ${{ secrets.S3_ACCESS_KEY }} + secret_key = ${{ secrets.S3_SECRET_KEY }} + EOF + + - name: Import GPG key + run: | + echo "${{ secrets.PRIVATE_KEY_PEM }}" > ~/private.key.pem + gpg --import ~/private.key.pem + rm ~/private.key.pem + + - name: Run GoReleaser with SNAPSHOT + id: goreleaser + env: + GITHUB_TOKEN: ${{ env.FORGEJO_TOKEN }} + GPG_FINGERPRINT: ${{ secrets.GPG_FINGERPRINT }} + uses: goreleaser/goreleaser-action@v7 + with: + args: release --skip publish --clean --snapshot + + - name: Prepare key file + run: | + echo "${{ secrets.PUBLIC_KEY_PEM }}" >public_key.pem + + - name: Prepare provider directory structure + run: | + VERSION=$(jq -r .version < dist/metadata.json) + go run generator/main.go \ + publish \ + --namespace=mhenselin \ + --providerName=stackitprivatepreview \ + --repoName=terraform-provider-stackitprivatepreview \ + --domain=tfregistry.sysops.stackit.rocks \ + --gpgFingerprint="${{ secrets.GPG_FINGERPRINT }}" \ + --gpgPubKeyFile=public_key.pem \ + --version=${VERSION} + + testing: + name: CI run tests + runs-on: ubuntu-latest + needs: + - config + - prepare + env: + TF_ACC_PROJECT_ID: ${{ vars.TF_ACC_PROJECT_ID }} + TF_ACC_ORGANIZATION_ID: ${{ vars.TF_ACC_ORGANIZATION_ID }} + TF_ACC_REGION: ${{ vars.TF_ACC_REGION }} + TF_ACC_TEST_PROJECT_SERVICE_ACCOUNT_EMAIL: ${{ vars.TF_ACC_TEST_PROJECT_SERVICE_ACCOUNT_EMAIL }} + TF_ACC_SERVICE_ACCOUNT_FILE: "~/service_account.json" + steps: + - name: Checkout + uses: actions/checkout@v6 + + - name: Build + uses: ./.github/actions/build + with: + go-version: ${{ env.GO_VERSION }} + + - name: Setup Terraform + uses: hashicorp/setup-terraform@v2 + with: + terraform_wrapper: false + + - name: Create service account json file + if: ${{ github.event_name == 'pull_request' }} + run: | + echo "${{ secrets.TF_ACC_SERVICE_ACCOUNT_JSON }}" >~/.service_account.json + + - name: Run go mod tidy + if: ${{ github.event_name == 'pull_request' }} + run: go mod tidy + + - name: Testing + run: | + TF_ACC_SERVICE_ACCOUNT_FILE=~/.service_account.json + export TF_ACC_SERVICE_ACCOUNT_FILE + make test + + - name: Acceptance Testing + env: + TF_ACC: "1" + if: ${{ github.event_name == 'pull_request' }} + run: | + TF_ACC_SERVICE_ACCOUNT_FILE=~/.service_account.json + export TF_ACC_SERVICE_ACCOUNT_FILE + make test-acceptance-tf + + - name: Check coverage threshold + shell: bash + run: | + make coverage + COVERAGE=$(go tool cover -func=coverage.out | grep total | awk '{print $3}' | sed 's/%//') + echo "Coverage: $COVERAGE%" + if (( $(echo "$COVERAGE < 80" | bc -l) )); then + echo "Coverage is below 80%" + # exit 1 + fi + + - name: Archive code coverage results + uses: actions/upload-artifact@v4 + with: + name: ${{ env.CODE_COVERAGE_ARTIFACT_NAME }} + path: "stackit/${{ env.CODE_COVERAGE_FILE_NAME }}" + + main: + if: ${{ github.event_name != 'schedule' }} + name: CI run build and linting + runs-on: ubuntu-latest + needs: + - config + - prepare + steps: + - name: Checkout + uses: actions/checkout@v6 + +# - uses: actions/cache@v5 +# id: cache +# with: +# path: path/to/dependencies +# key: ${{ runner.os }}-${{ hashFiles('**/lockfiles') }} + +# - name: Install Dependencies +# if: steps.cache.outputs.cache-hit != 'true' +# run: /install.sh + + - name: Build + uses: ./.github/actions/build + with: + go-version: ${{ env.GO_VERSION }} + + - name: Setup Terraform + uses: hashicorp/setup-terraform@v2 + with: + terraform_wrapper: false + + - name: "Ensure docs are up-to-date" + if: ${{ github.event_name == 'pull_request' }} + run: ./scripts/check-docs.sh + continue-on-error: true + + - name: "Run go mod tidy" + if: ${{ github.event_name == 'pull_request' }} + run: go mod tidy + + - name: golangci-lint + uses: golangci/golangci-lint-action@v9 + with: + version: v2.10 + args: --config=.golang-ci.yaml --allow-parallel-runners --timeout=5m + continue-on-error: true + + - name: Linting terraform files + run: make lint-tf + continue-on-error: true + + code_coverage: + name: "Code coverage report" + if: github.event_name == 'pull_request' # Do not run when workflow is triggered by push to main branch + runs-on: ubuntu-latest + needs: + - main + - prepare + permissions: + contents: read + actions: read # to download code coverage results from "main" job + pull-requests: write # write permission needed to comment on PR + steps: + - name: Install needed tools + shell: bash + run: | + set -e + apt-get -y -qq update + apt-get -y -qq install sudo + + - name: Check new code coverage + uses: fgrosse/go-coverage-report@v1.2.0 + continue-on-error: true # Add this line to prevent pipeline failures in forks + with: + coverage-artifact-name: ${{ env.CODE_COVERAGE_ARTIFACT_NAME }} + coverage-file-name: ${{ env.CODE_COVERAGE_FILE_NAME }} + root-package: 'github.com/stackitcloud/terraform-provider-stackit'