Test (Trusted) #88
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Terraform Provider testing workflow. | |
| name: Test (Trusted) | |
| # This GitHub action runs your tests for each pull request and push. | |
| # Optionally, you can turn it on using a schedule for regular testing. | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths-ignore: | |
| - 'CHANGELOG.md' | |
| - 'README.md' | |
| workflow_run: | |
| workflows: ["Test (Untrusted)"] | |
| types: [completed] | |
| workflow_dispatch: | |
| inputs: | |
| branch: | |
| description: 'Branch to run tests against' | |
| required: true | |
| default: 'main' | |
| type: string | |
| env: | |
| LC_APPLICATION_ID: terraform-provider-sonatyperepo | |
| NEXUS_SECURITY_RANDOMPASSWORD: "false" | |
| INSTALL4J_ADD_VM_PARAMS: "-Dnexus.licenseFile=${{ github.workspace }}/license.lic" | |
| # Testing only needs permissions to read the repository contents. | |
| permissions: | |
| contents: read | |
| jobs: | |
| sonatype: | |
| if: ${{ github.event_name == 'push' || github.event_name == 'workflow_dispatch' || (github.event.workflow_run.conclusion == 'success' && github.ref_name != 'main' && github.event.workflow_run.head_repository.full_name == github.repository) }} | |
| name: Sonatype Scan | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v5 | |
| with: | |
| ref: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.branch || github.ref }} | |
| - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| cache: true | |
| - name: Generate go.list | |
| run: | |
| go list -f '{{define "M"}}{{.Path}} {{.Version}}{{end}}{{with .Module}}{{if not .Main}}{{if .Replace}}{{template "M" .Replace}}{{else}}{{template "M" .}}{{end}}{{end}}{{end}}' -compiled -deps| sort -u > go.list | |
| - name: Sonatype Lifecycle Evaluation | |
| id: evaluate | |
| uses: sonatype/actions/evaluate@v1 | |
| with: | |
| iq-server-url: ${{ vars.SONATYPE_PLATFORM_URL }} | |
| username: ${{ secrets.SONATYPE_LIFECYCLE_USERNAME }} | |
| password: ${{ secrets.SONATYPE_LIFECYCLE_PASSWORD }} | |
| application-id: ${{ env.LC_APPLICATION_ID }} | |
| scan-targets: 'go.list' | |
| stage: build | |
| # Run acceptance tests in a matrix with Terraform CLI versions | |
| test-parallel: | |
| if: ${{ github.event_name == 'push' || github.event_name == 'workflow_dispatch' || (github.event.workflow_run.conclusion == 'success' && github.ref_name != 'main' && github.event.workflow_run.head_repository.full_name == github.repository) }} | |
| name: Acc. Tests (NXRM ${{ matrix.nxrm }} + TF ${{ matrix.terraform }}) | |
| needs: | |
| - sonatype | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| nxrm: | |
| - '3.79.1-04' # FIRST WITH BUNDLED JRE | |
| #- '3.80.0-06' | |
| # - '3.81.1-01' | |
| - '3.82.0-08' | |
| - '3.83.2-01' | |
| - '3.84.1-01' | |
| - '3.85.0-03' # LATEST | |
| # list whatever Terraform versions here you would like to support | |
| terraform: | |
| - '1.0.*' # Minimum | |
| # - '1.1.*' | |
| # - '1.2.*' | |
| # - '1.3.*' | |
| # - '1.4.*' | |
| # - '1.5.*' | |
| # - '1.6.*' | |
| # - '1.7.*' | |
| # - '1.8.*' | |
| # - '1.9.*' | |
| # - '1.10.*' | |
| # - '1.11.*' | |
| # - '1.12.*' | |
| - '1.13.*' # Latest | |
| # - '1.14.*' | |
| steps: | |
| - name: Set Clean TF Version | |
| run: | | |
| ORIG="${{ matrix.terraform }}" | |
| TF_SAFE_VERSION="${ORIG//\*/}" | |
| echo "TF_SAFE_VERSION=$TF_SAFE_VERSION" >> "$GITHUB_ENV" | |
| - name: Checkout Source | |
| uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v5 | |
| with: | |
| ref: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.branch || github.ref }} | |
| - name: Download & Unpack Sonatype Nexus Repository Manager | |
| run: | | |
| echo "${{ secrets.NXRM_LICENSE }}" | base64 -d > ${{ github.workspace }}/license.lic | |
| wget https://download.sonatype.com/nexus/3/nexus-${{ matrix.nxrm }}-linux-x86_64.tar.gz | |
| tar xvz --keep-directory-symlink -f nexus-${{ matrix.nxrm }}-linux-x86_64.tar.gz | |
| sed -i '1s/^.*$/#!\/bin\/bash/' ${{ github.workspace }}/nexus-${{ matrix.nxrm }}/bin/nexus | |
| head -5 ${{ github.workspace }}/nexus-${{ matrix.nxrm }}/bin/nexus | |
| - name: Start Sonatype Nexus Repository Manager | |
| run: ./nexus start | |
| working-directory: "${{ github.workspace }}/nexus-${{ matrix.nxrm }}/bin" | |
| - name: Wait for Sonatype Nexus Repository Manager to be ready | |
| run: | | |
| set +e | |
| sleep 20 | |
| while true; do | |
| STATUS=$(curl -s -o /dev/null -w "%{http_code}" "http://localhost:8081/service/rest/v1/status") | |
| CURL_EXIT=$? | |
| echo "CURL Exit Code: $CURL_EXIT" | |
| if [ "$CURL_EXIT" -eq 0 ]; then | |
| if [ "$STATUS" -eq 200 ]; then | |
| echo "✅ Received 200 OK from http://localhost:8081/service/rest/v1/status" | |
| break | |
| else | |
| echo "⏳ Waiting for 200 OK... Current status: $STATUS for http://localhost:8081/service/rest/v1/status" | |
| sleep 5 | |
| fi | |
| else | |
| echo "⚠️ curl returned unexpected exit code $CURL_EXIT. Retrying..." | |
| sleep 5 | |
| fi | |
| done | |
| - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| cache: true | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2 | |
| with: | |
| terraform_version: ${{ matrix.terraform }} | |
| terraform_wrapper: false | |
| - run: go mod download | |
| - env: | |
| NXRM_SERVER_URL: "http://localhost:8081" | |
| NXRM_SERVER_USERNAME: "admin" | |
| NXRM_SERVER_PASSWORD: "admin123" | |
| NXRM_VERSION: "${{ matrix.nxrm }}" | |
| TF_ACC: '1' | |
| TF_ACC_SINGLE_HIT: '1' | |
| run: go test -v -cover ./... | |
| timeout-minutes: 10 | |
| - name: Store nexus.log | |
| if: success() || failure() | |
| uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 | |
| with: | |
| name: "nexus.log-nxrm-${{ matrix.nxrm }}-terraform-${{ env.TF_SAFE_VERSION }}" | |
| path: "${{ github.workspace }}/sonatype-work/nexus3/log/nexus.log" |