mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-12-27 08:29:33 -05:00
ci: make sure permissions to terminate cluster are always set for e2e upgrade (#2298)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
This commit is contained in:
parent
75ce11af14
commit
a4d6016ae5
8
.github/workflows/e2e-upgrade.yml
vendored
8
.github/workflows/e2e-upgrade.yml
vendored
@ -206,22 +206,24 @@ jobs:
|
|||||||
uses: ./.github/actions/login_azure
|
uses: ./.github/actions/login_azure
|
||||||
with:
|
with:
|
||||||
azure_credentials: ${{ secrets.AZURE_E2E_IAM_CREDENTIALS }}
|
azure_credentials: ${{ secrets.AZURE_E2E_IAM_CREDENTIALS }}
|
||||||
|
|
||||||
- name: Migrate config
|
- name: Migrate config
|
||||||
id: constellation-config-migrate
|
id: constellation-config-migrate
|
||||||
run: |
|
run: |
|
||||||
./build/constellation config migrate --debug
|
./build/constellation config migrate --debug
|
||||||
|
|
||||||
- name: Upgrade IAM configuration
|
- name: Upgrade IAM configuration
|
||||||
id: constellation-iam-upgrade
|
id: constellation-iam-upgrade
|
||||||
uses: ./.github/actions/constellation_iam_upgrade
|
uses: ./.github/actions/constellation_iam_upgrade
|
||||||
|
|
||||||
- name: Login to GCP (Cluster service account)
|
- name: Login to GCP (Cluster service account)
|
||||||
if: inputs.cloudProvider == 'gcp'
|
if: always() && inputs.cloudProvider == 'gcp'
|
||||||
uses: ./.github/actions/login_gcp
|
uses: ./.github/actions/login_gcp
|
||||||
with:
|
with:
|
||||||
service_account: "constellation-e2e-cluster@constellation-331613.iam.gserviceaccount.com"
|
service_account: "constellation-e2e-cluster@constellation-331613.iam.gserviceaccount.com"
|
||||||
|
|
||||||
- name: Login to AWS (Cluster role)
|
- name: Login to AWS (Cluster role)
|
||||||
if: inputs.cloudProvider == 'aws'
|
if: always() && inputs.cloudProvider == 'aws'
|
||||||
uses: aws-actions/configure-aws-credentials@5fd3084fc36e372ff1fff382a39b10d03659f355 # v2.2.0
|
uses: aws-actions/configure-aws-credentials@5fd3084fc36e372ff1fff382a39b10d03659f355 # v2.2.0
|
||||||
with:
|
with:
|
||||||
role-to-assume: arn:aws:iam::795746500882:role/GithubActionsE2ECluster
|
role-to-assume: arn:aws:iam::795746500882:role/GithubActionsE2ECluster
|
||||||
@ -230,7 +232,7 @@ jobs:
|
|||||||
role-duration-seconds: 21600
|
role-duration-seconds: 21600
|
||||||
|
|
||||||
- name: Login to Azure (Cluster service principal)
|
- name: Login to Azure (Cluster service principal)
|
||||||
if: inputs.cloudProvider == 'azure'
|
if: always() && inputs.cloudProvider == 'azure'
|
||||||
uses: ./.github/actions/login_azure
|
uses: ./.github/actions/login_azure
|
||||||
with:
|
with:
|
||||||
azure_credentials: ${{ secrets.AZURE_E2E_CLUSTER_CREDENTIALS }}
|
azure_credentials: ${{ secrets.AZURE_E2E_CLUSTER_CREDENTIALS }}
|
||||||
|
Loading…
Reference in New Issue
Block a user