mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-04-02 12:22:26 +02:00
Code Issues Projects Releases Wiki Activity
vault/.github/workflows/test-ui.yml
Vault Automation f666016862
actions: update actions to the latest versions (#13056) (#13143) 
- actions/cache => v5.0.4
  Dep updates

- actions/download-artifact => v8.0.1
  Support for CJK characters

- dorny/paths-filter => v4.0.1
  Node 24, support for merge queues

- hashicorp/action-setup-enos => v1.52
  Security release for downstream vuln

- pnpm/action-setup => v5.0.0
  Node 24, support for native caching

- slackapi/slack-github-action => v3.0.1
  Node 24, lots of internal dep updates, ability to run Slack commands

Signed-off-by: Ryan Cragun <me@ryan.ec>
Co-authored-by: Ryan Cragun <me@ryan.ec>
2026-03-19 15:51:50 +00:00

231 lines
8.9 KiB
YAML
Raw Blame History

on:
workflow_call:
inputs:
checkout-ref:
description: The ref to use for checkout.
required: false
default: ${{ github.ref }}
type: string
runs-on:
description: An expression indicating which kind of runners to use Go testing jobs.
required: false
type: string
default: '"ubuntu-latest"'
runs-on-small:
description: An expression indicating which kind of runners to use for small computing jobs.
required: false
type: string
default: '"ubuntu-latest"'
is-ent-repo:
description: A boolean indicating whether the repository is an enterprise repository.
required: false
type: string
default: 'false'
is-ent-branch:
description: A boolean indicating whether the repository is an enterprise branch.
required: false
type: string
default: 'false'
jobs:
test-ui-build-go:
name: Build Vault Binary for UI Tests
permissions:
id-token: write
contents: read
runs-on: ${{ fromJSON(inputs.runs-on) }}
outputs:
ui-go-binary-artifact-id: ${{ steps.upload.outputs.artifact-id }}
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
name: status
with:
ref: ${{ inputs.checkout-ref }}
- uses: ./.github/actions/set-up-go
with:
github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
- if: inputs.is-ent-repo == 'true'
id: vault-auth
name: Authenticate to Vault
run: vault-auth
- if: inputs.is-ent-repo == 'true'
id: secrets
name: Fetch secrets
uses: hashicorp/vault-action@4c06c5ccf5c0761b6029f56cfb1dcf5565918a3b # v3.4.0
with:
url: ${{ steps.vault-auth.outputs.addr }}
caCertificate: ${{ steps.vault-auth.outputs.ca_certificate }}
token: ${{ steps.vault-auth.outputs.token }}
secrets: |
kv/data/github/hashicorp/vault-enterprise/github-token username-and-token | PRIVATE_REPO_GITHUB_TOKEN;
- if: inputs.is-ent-repo == 'true'
name: Set up Git
run: git config --global url."https://${{ steps.secrets.outputs.PRIVATE_REPO_GITHUB_TOKEN }}@github.com".insteadOf https://github.com
- uses: ./.github/actions/install-tools
- name: build-go-dev
run: |
rm -rf ./pkg
mkdir ./pkg
make prep dev
- name: Upload Vault Binary for UI Tests
id: upload
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
path: ./bin/vault
name: vault-ui-test-binary
retention-days: 1
test-ui-build-js:
name: Build JS for UI Tests
permissions:
id-token: write
contents: read
runs-on: ${{ fromJSON(inputs.runs-on-small) }}
outputs:
ui-js-bundle-artifact-id: ${{ steps.upload.outputs.artifact-id }}
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
name: status
with:
ref: ${{ inputs.checkout-ref }}
- name: Setup pnpm
uses: ./.github/actions/setup-pnpm
- name: Build Ember Test Bundle
working-directory: ./ui
run: pnpm build:jsondiffpatch && pnpm exec ember build --environment=test --output-path=dist
- name: Upload Ember Test Bundle
id: upload
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
path: ./ui/dist
name: vault-ui-test-bundle
retention-days: 1
test-ui:
name: Run UI Tests
needs: [test-ui-build-go, test-ui-build-js]
permissions:
id-token: write
contents: read
runs-on: ${{ fromJSON(inputs.runs-on-small) }}
strategy:
fail-fast: false
matrix:
ci-index: [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14]
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
name: status
with:
ref: ${{ inputs.checkout-ref }}
- if: inputs.is-ent-repo == 'true'
id: vault-auth
name: Authenticate to Vault
run: vault-auth
- if: inputs.is-ent-repo == 'true'
id: secrets
name: Fetch secrets
uses: hashicorp/vault-action@4c06c5ccf5c0761b6029f56cfb1dcf5565918a3b # v3.4.0
with:
url: ${{ steps.vault-auth.outputs.addr }}
caCertificate: ${{ steps.vault-auth.outputs.ca_certificate }}
token: ${{ steps.vault-auth.outputs.token }}
secrets: |
kv/data/github/hashicorp/vault-enterprise/github-token username-and-token | PRIVATE_REPO_GITHUB_TOKEN;
kv/data/github/hashicorp/vault-enterprise/license license_1 | VAULT_LICENSE;
kv/data/github/${{ github.repository }}/datadog-ci DATADOG_API_KEY;
- name: Install Chrome
uses: browser-actions/setup-chrome@4f8e94349a351df0f048634f25fec36c3c91eded # v2.1.1
with:
chrome-version: stable
- name: Setup pnpm
uses: ./.github/actions/setup-pnpm
- name: Download Ember Test Bundle
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
path: ./ui/dist
artifact-ids: ${{ needs.test-ui-build-js.outputs.ui-js-bundle-artifact-id }}
- name: Download Vault Binary
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
path: ./bin
artifact-ids: ${{ needs.test-ui-build-go.outputs.ui-go-binary-artifact-id }}
- name: Make Vault Binary Executable
run: chmod +x ./bin/vault
- name: Set Parallel Count
# hardcoding this to 1 for now because multiple parallelism in UI tests with a vault server casuses test failures due to the shared backend
run: echo "PARALLEL_COUNT=1" >> "$GITHUB_ENV"
- name: Create test-results directory
run: mkdir -p ui/test-results/qunit
- name: Run UI Lint Checks
if: strategy.job-index == 0
working-directory: ./ui
run: pnpm lint
- name: Run UI Tests
if: strategy.job-index != 0
env:
VAULT_LICENSE: ${{ steps.secrets.outputs.VAULT_LICENSE }}
working-directory: ./ui
# NOTE: We subtract 1 from the total number of jobs because job-index 0 is the lint job
run: |
pnpm test${{ inputs.is-ent-branch == 'false' && ':oss' || '' }} \
--load-balance \
--split=$((${{ strategy.job-total }} - 1)) \
--partition=${{ strategy.job-index }} \
--parallel="$PARALLEL_COUNT" \
--path=dist
- if: always() && strategy.job-index != 0
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: test-results-ui-${{ strategy.job-index }}
path: ui/test-results
- name: Prepare datadog-ci
if: always() && startsWith(github.repository, 'hashicorp/vault') && strategy.job-index != 0
continue-on-error: true
run: |
if type datadog-ci > /dev/null 2>&1; then
exit 0
fi
# Curl does not always exit 1 if things go wrong. To determine if this is successful
# we'll silence all non-error output and check the results to determine success.
if ! out="$(curl -sSL --fail https://github.com/DataDog/datadog-ci/releases/latest/download/datadog-ci_linux-x64 --output /usr/local/bin/datadog-ci 2>&1)"; then
printf "failed to download datadog-ci: %s" "$out"
fi
if [[ -n "$out" ]]; then
printf "failed to download datadog-ci: %s" "$out"
fi
chmod +x /usr/local/bin/datadog-ci
- name: Upload test results to DataDog
if: (success() || failure()) && strategy.job-index != 0
continue-on-error: true
env:
DD_ENV: ci
run: |
if [[ ${{ github.repository }} == 'hashicorp/vault' ]]; then
export DATADOG_API_KEY=${{ secrets.DATADOG_API_KEY }}
fi
datadog-ci junit upload --service "$GITHUB_REPOSITORY" 'ui/test-results/qunit/results.xml'
- if: always() && strategy.job-index != 0
uses: test-summary/action@31493c76ec9e7aa675f1585d3ed6f1da69269a86 # v2.4
with:
paths: "ui/test-results/qunit/results.xml"
show: "fail"
test-ui-complete:
runs-on: ${{ fromJSON(inputs.runs-on-small) }}
needs: [test-ui-build-go, test-ui-build-js, test-ui]
steps:
- id: status
name: Determine status
run: |
results=$(tr -d '\n' <<< '${{ toJSON(needs.*.result) }}')
if ! grep -q -v -E '(failure|cancelled)' <<< "$results"; then
result="failed"
else
result="success"
fi
{
echo "result=${result}"
echo "results=${results}"
} | tee -a "$GITHUB_OUTPUT"
Reference in New Issue View Git Blame Copy Permalink