bartvdbraak/keyweave
1
0
Fork 0
mirror of https://github.com/bartvdbraak/keyweave.git synced 2025-04-28 07:11:21 +00:00
Code Issues Projects Releases Packages Wiki Activity

feat: use build and shortened creds

Browse source
This commit is contained in:
Bart van der Braak 2023-11-21 14:42:04 +01:00
parent 84832c5ead
commit 4acd2a2e36
1 changed files with 44 additions and 43 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

87
.github/workflows/e2e.yml vendored
View file

@ -4,6 +4,9 @@ permissions:
id-token: write id-token: write
contents: read contents: read
env:
VAULT_NAME: bvdbkeyweavetweukvt1
on: on:
push: push:
branches: [ main ] branches: [ main ]
@ -13,6 +16,19 @@ on:
paths: [ 'bicep/**', 'src/**', 'Cargo.toml', 'Cargo.lock', '.github/workflows/e2e.yml' ] paths: [ 'bicep/**', 'src/**', 'Cargo.toml', 'Cargo.lock', '.github/workflows/e2e.yml' ]
jobs: jobs:
build:
name: Build Keyweave
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
- name: Build project
run: cargo build --all --release
- name: Archive binary artifact
uses: actions/upload-artifact@v3.1.3
with:
path: target/release/keyweave
bicep: bicep:
name: Deploy Azure resources name: Deploy Azure resources
environment: bicep environment: bicep
@ -24,9 +40,7 @@ jobs:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- uses: azure/login@v1 - uses: azure/login@v1
with: with:
client-id: ${{ secrets.AZURE_CLIENT_ID }} creds: ${{ secrets.AZURE_CREDENTIALS }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Deploy Bicep template - name: Deploy Bicep template
uses: azure/arm-deploy@v1 uses: azure/arm-deploy@v1
with: with:
@ -35,67 +49,54 @@ jobs:
template: bicep/main.bicep template: bicep/main.bicep
parameters: bicep/main.params.json parameters: bicep/main.params.json
deploymentName: ${{ env.DEPLOYMENT_NAME }} deploymentName: ${{ env.DEPLOYMENT_NAME }}
none-test: none-test:
name: Tests without access name: Tests without access
needs: bicep needs: [build, bicep]
runs-on: ubuntu-latest runs-on: ubuntu-latest
environment: 1-none environment: none
steps: steps:
- uses: actions/checkout@v4 - uses: actions/download-artifact@v3.0.2
- name: Log into Azure - uses: azure/login@v1
uses: azure/login@v1
with: with:
client-id: ${{ secrets.AZURE_CLIENT_ID }} creds: ${{ secrets.AZURE_CREDENTIALS }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- uses: dtolnay/rust-toolchain@stable
- name: Use Keyweave with No Access Policies - name: Use Keyweave with No Access Policies
run: cargo run -- --vault-name bvdbkeyweavetweukvt1 run: ./keyweave --vault-name ${{ env.VAULT_NAME}}
get-test: get-test:
name: Tests with Get access name: Tests with Get access
needs: bicep needs: [build, bicep]
runs-on: ubuntu-latest runs-on: ubuntu-latest
environment: 2-get environment: get
steps: steps:
- uses: actions/checkout@v4 - uses: actions/download-artifact@v3.0.2
- name: Log into Azure - uses: azure/login@v1
uses: azure/login@v1
with: with:
client-id: ${{ secrets.AZURE_CLIENT_ID }} creds: ${{ secrets.AZURE_CREDENTIALS }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- uses: dtolnay/rust-toolchain@stable
- name: Use Keyweave with Only Get Access Policy - name: Use Keyweave with Only Get Access Policy
run: cargo run -- --vault-name bvdbkeyweavetweukvt1 run: ./keyweave --vault-name ${{ env.VAULT_NAME}}
list-test: list-test:
name: Tests with List access name: Tests with List access
needs: bicep needs: [build, bicep]
runs-on: ubuntu-latest runs-on: ubuntu-latest
environment: 3-list environment: list
steps: steps:
- uses: actions/checkout@v4 - uses: actions/download-artifact@v3.0.2
- name: Log into Azure - uses: azure/login@v1
uses: azure/login@v1
with: with:
client-id: ${{ secrets.AZURE_CLIENT_ID }} creds: ${{ secrets.AZURE_CREDENTIALS }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- uses: dtolnay/rust-toolchain@stable
- name: Use Keyweave with Only List Access Policy - name: Use Keyweave with Only List Access Policy
run: cargo run -- --vault-name bvdbkeyweavetweukvt1 run: ./keyweave --vault-name ${{ env.VAULT_NAME}}
get-list-test: get-list-test:
name: Tests with Get and List access name: Tests with Get and List access
needs: bicep needs: [build, bicep]
runs-on: ubuntu-latest runs-on: ubuntu-latest
environment: 4-get-list environment: getlist
steps: steps:
- uses: actions/checkout@v4 - uses: actions/download-artifact@v3.0.2
- name: Log into Azure - uses: azure/login@v1
uses: azure/login@v1
with: with:
client-id: ${{ secrets.AZURE_CLIENT_ID }} creds: ${{ secrets.AZURE_CREDENTIALS }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- uses: dtolnay/rust-toolchain@stable
- name: Use Keyweave with both Get and List Access Policies - name: Use Keyweave with both Get and List Access Policies
run: cargo run -- --vault-name bvdbkeyweavetweukvt1 run: ./keyweave --vault-name ${{ env.VAULT_NAME}}