mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-10-01 01:36:09 -04:00
ci: use iam created Azure resource group in e2e upgrade
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
This commit is contained in:
parent
d2967fff6b
commit
677ed052a4
35
.github/workflows/e2e-upgrade.yml
vendored
35
.github/workflows/e2e-upgrade.yml
vendored
@ -105,28 +105,12 @@ jobs:
|
|||||||
with:
|
with:
|
||||||
go-version: "1.20.3"
|
go-version: "1.20.3"
|
||||||
|
|
||||||
- name: Login to Azure
|
|
||||||
if: inputs.cloudProvider == 'azure'
|
|
||||||
uses: ./.github/actions/login_azure
|
|
||||||
with:
|
|
||||||
azure_credentials: ${{ secrets.AZURE_E2E_CREDENTIALS }}
|
|
||||||
|
|
||||||
- name: Login to AWS
|
- name: Login to AWS
|
||||||
uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 # v1.7.0
|
uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 # v1.7.0
|
||||||
with:
|
with:
|
||||||
role-to-assume: arn:aws:iam::795746500882:role/GithubConstellationVersionsAPIRead
|
role-to-assume: arn:aws:iam::795746500882:role/GithubConstellationVersionsAPIRead
|
||||||
aws-region: eu-central-1
|
aws-region: eu-central-1
|
||||||
|
|
||||||
- name: Create Azure resource group
|
|
||||||
if: inputs.cloudProvider == 'azure'
|
|
||||||
id: az_resource_group_gen
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
uuid=$(cat /proc/sys/kernel/random/uuid)
|
|
||||||
name=e2e-test-${uuid%%-*}
|
|
||||||
az group create --location northeurope --name "$name" --tags e2e
|
|
||||||
echo "res_group_name=$name" >> "$GITHUB_OUTPUT"
|
|
||||||
|
|
||||||
- name: Find latest nightly image
|
- name: Find latest nightly image
|
||||||
id: find-image
|
id: find-image
|
||||||
if: inputs.toImage == ''
|
if: inputs.toImage == ''
|
||||||
@ -144,8 +128,8 @@ jobs:
|
|||||||
controlNodesCount: ${{ inputs.controlNodesCount }}
|
controlNodesCount: ${{ inputs.controlNodesCount }}
|
||||||
cloudProvider: ${{ inputs.cloudProvider }}
|
cloudProvider: ${{ inputs.cloudProvider }}
|
||||||
osImage: ${{ inputs.fromVersion }}
|
osImage: ${{ inputs.fromVersion }}
|
||||||
cliVersion: ${{ inputs.fromVersion }}
|
|
||||||
isDebugImage: "false"
|
isDebugImage: "false"
|
||||||
|
cliVersion: ${{ inputs.fromVersion }}
|
||||||
gcpProject: ${{ secrets.GCP_E2E_PROJECT }}
|
gcpProject: ${{ secrets.GCP_E2E_PROJECT }}
|
||||||
gcpClusterCreateServiceAccount: "constellation-e2e-cluster@constellation-331613.iam.gserviceaccount.com"
|
gcpClusterCreateServiceAccount: "constellation-e2e-cluster@constellation-331613.iam.gserviceaccount.com"
|
||||||
gcpIAMCreateServiceAccount: "constellation-iam-e2e@constellation-331613.iam.gserviceaccount.com"
|
gcpIAMCreateServiceAccount: "constellation-iam-e2e@constellation-331613.iam.gserviceaccount.com"
|
||||||
@ -203,16 +187,13 @@ jobs:
|
|||||||
with:
|
with:
|
||||||
kubeconfig: ${{ steps.e2e_test.outputs.kubeconfig }}
|
kubeconfig: ${{ steps.e2e_test.outputs.kubeconfig }}
|
||||||
|
|
||||||
- name: Always destroy Azure resource group
|
- name: Always delete IAM configuration
|
||||||
if: always() && inputs.cloudProvider == 'azure'
|
if: always()
|
||||||
shell: bash
|
uses: ./.github/actions/constellation_iam_destroy
|
||||||
run: |
|
with:
|
||||||
az group delete \
|
cloudProvider: ${{ inputs.cloudProvider }}
|
||||||
--name ${{ steps.az_resource_group_gen.outputs.res_group_name }} \
|
azureCredentials: ${{ secrets.AZURE_E2E_IAM_CREDENTIALS }}
|
||||||
--force-deletion-types Microsoft.Compute/virtualMachineScaleSets \
|
gcpServiceAccount: "constellation-iam-e2e@constellation-331613.iam.gserviceaccount.com"
|
||||||
--force-deletion-types Microsoft.Compute/virtualMachines \
|
|
||||||
--no-wait \
|
|
||||||
--yes
|
|
||||||
|
|
||||||
- name: Notify about failure
|
- name: Notify about failure
|
||||||
if: failure() && github.ref == 'refs/heads/main'
|
if: failure() && github.ref == 'refs/heads/main'
|
||||||
|
Loading…
Reference in New Issue
Block a user