Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-09-20 00:06:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

ci: use iam created Azure resource group in e2e upgrade

Browse Source 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
This commit is contained in:
Paul Meyer 2023-04-13 10:49:45 +02:00
parent d2967fff6b
commit 677ed052a4
1 changed files with 8 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
.github/workflows/e2e-upgrade.yml vendored
View File

@ -105,28 +105,12 @@ jobs:
with: with:
go-version: "1.20.3" go-version: "1.20.3"
- name: Login to Azure
if: inputs.cloudProvider == 'azure'
uses: ./.github/actions/login_azure
with:
azure_credentials: ${{ secrets.AZURE_E2E_CREDENTIALS }}
- name: Login to AWS - name: Login to AWS
uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 # v1.7.0 uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 # v1.7.0
with: with:
role-to-assume: arn:aws:iam::795746500882:role/GithubConstellationVersionsAPIRead role-to-assume: arn:aws:iam::795746500882:role/GithubConstellationVersionsAPIRead
aws-region: eu-central-1 aws-region: eu-central-1
- name: Create Azure resource group
if: inputs.cloudProvider == 'azure'
id: az_resource_group_gen
shell: bash
run: |
uuid=$(cat /proc/sys/kernel/random/uuid)
name=e2e-test-${uuid%%-*}
az group create --location northeurope --name "$name" --tags e2e
echo "res_group_name=$name" >> "$GITHUB_OUTPUT"
- name: Find latest nightly image - name: Find latest nightly image
id: find-image id: find-image
if: inputs.toImage == '' if: inputs.toImage == ''
@ -144,8 +128,8 @@ jobs:
controlNodesCount: ${{ inputs.controlNodesCount }} controlNodesCount: ${{ inputs.controlNodesCount }}
cloudProvider: ${{ inputs.cloudProvider }} cloudProvider: ${{ inputs.cloudProvider }}
osImage: ${{ inputs.fromVersion }} osImage: ${{ inputs.fromVersion }}
cliVersion: ${{ inputs.fromVersion }}
isDebugImage: "false" isDebugImage: "false"
cliVersion: ${{ inputs.fromVersion }}
gcpProject: ${{ secrets.GCP_E2E_PROJECT }} gcpProject: ${{ secrets.GCP_E2E_PROJECT }}
gcpClusterCreateServiceAccount: "constellation-e2e-cluster@constellation-331613.iam.gserviceaccount.com" gcpClusterCreateServiceAccount: "constellation-e2e-cluster@constellation-331613.iam.gserviceaccount.com"
gcpIAMCreateServiceAccount: "constellation-iam-e2e@constellation-331613.iam.gserviceaccount.com" gcpIAMCreateServiceAccount: "constellation-iam-e2e@constellation-331613.iam.gserviceaccount.com"
@ -203,16 +187,13 @@ jobs:
with: with:
kubeconfig: ${{ steps.e2e_test.outputs.kubeconfig }} kubeconfig: ${{ steps.e2e_test.outputs.kubeconfig }}
- name: Always destroy Azure resource group - name: Always delete IAM configuration
if: always() && inputs.cloudProvider == 'azure' if: always()
shell: bash uses: ./.github/actions/constellation_iam_destroy
run: | with:
az group delete \ cloudProvider: ${{ inputs.cloudProvider }}
--name ${{ steps.az_resource_group_gen.outputs.res_group_name }} \ azureCredentials: ${{ secrets.AZURE_E2E_IAM_CREDENTIALS }}
--force-deletion-types Microsoft.Compute/virtualMachineScaleSets \ gcpServiceAccount: "constellation-iam-e2e@constellation-331613.iam.gserviceaccount.com"
--force-deletion-types Microsoft.Compute/virtualMachines \
--no-wait \
--yes
- name: Notify about failure - name: Notify about failure
if: failure() && github.ref == 'refs/heads/main' if: failure() && github.ref == 'refs/heads/main'