Replace Vault logo with Openbao in mfa- and oidc-landing page (#788) #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| merge_group: | |
| pull_request: | |
| # The default types for pull_request are [ opened, synchronize, reopened ]. | |
| # This is insufficient for our needs, since we're skipping stuff on PRs in | |
| # draft mode. By adding the ready_for_review type, when a draft pr is marked | |
| # ready, we run everything, including the stuff we'd have skipped up until now. | |
| types: [opened, synchronize, reopened, ready_for_review] | |
| push: | |
| branches: | |
| - main | |
| - release/** | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.head_ref || github.run_id }}-ci | |
| cancel-in-progress: true | |
| jobs: | |
| setup: | |
| name: Setup | |
| runs-on: ubuntu-latest | |
| outputs: | |
| go-tags: "" | |
| checkout-ref: ${{ steps.checkout-ref-output.outputs.checkout-ref }} | |
| steps: | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - name: Ensure Go modules are cached | |
| uses: ./.github/actions/set-up-go | |
| with: | |
| no-restore: true # don't download them on a cache hit | |
| # control checking out head instead of default ref by a GH label | |
| # if checkout-head label is added to a PR, checkout HEAD otherwise checkout ref | |
| - if: ${{ !contains(github.event.pull_request.labels.*.name, 'checkout-head') }} | |
| run: echo "CHECKOUT_REF=${{ github.ref }}" >> "$GITHUB_ENV" | |
| - if: ${{ contains(github.event.pull_request.labels.*.name, 'checkout-head') }} | |
| run: echo "CHECKOUT_REF=${{ github.event.pull_request.head.sha }}" >> "$GITHUB_ENV" | |
| - id: checkout-ref-output | |
| run: echo "checkout-ref=${{ env.CHECKOUT_REF }}" >> "$GITHUB_OUTPUT" | |
| verify-changes: | |
| name: Verify doc-ui only PRs | |
| uses: ./.github/workflows/verify_changes.yml | |
| test-go: | |
| name: Run Go tests | |
| needs: | |
| - setup | |
| - verify-changes | |
| # Don't run this job for docs/ui only PRs | |
| if: | | |
| needs.verify-changes.outputs.is_docs_change == 'false' && | |
| needs.verify-changes.outputs.is_ui_change == 'false' | |
| uses: ./.github/workflows/test-go.yml | |
| with: | |
| # The regular Go tests use an extra runner to execute the | |
| # binary-dependent tests. We isolate them there so that the | |
| # other tests aren't slowed down waiting for a binary build. | |
| binary-tests: true | |
| total-runners: 16 | |
| go-arch: amd64 | |
| go-tags: "${{ needs.setup.outputs.go-tags }},deadlock" | |
| runs-on: ubuntu-latest | |
| checkout-ref: ${{ needs.setup.outputs.checkout-ref }} | |
| secrets: inherit | |
| test-go-testonly: | |
| name: Run Go tests tagged with testonly | |
| needs: | |
| - setup | |
| - verify-changes | |
| # Don't run this job for docs/ui only PRs | |
| if: | | |
| needs.verify-changes.outputs.is_docs_change == 'false' && | |
| needs.verify-changes.outputs.is_ui_change == 'false' | |
| uses: ./.github/workflows/test-go.yml | |
| with: | |
| testonly: true | |
| total-runners: 2 # test runners cannot be less than 2 | |
| go-arch: amd64 | |
| go-tags: "${{ needs.setup.outputs.go-tags }},deadlock,testonly" | |
| runs-on: ubuntu-latest | |
| name: "testonly" | |
| secrets: inherit | |
| test-go-race: | |
| name: Run Go tests with data race detection | |
| needs: | |
| - setup | |
| - verify-changes | |
| # Don't run this job for docs/ui only PRs | |
| if: | | |
| github.event.pull_request.draft == false && | |
| needs.verify-changes.outputs.is_docs_change == 'false' && | |
| needs.verify-changes.outputs.is_ui_change == 'false' | |
| uses: ./.github/workflows/test-go.yml | |
| with: | |
| total-runners: 16 | |
| env-vars: | | |
| { | |
| "VAULT_CI_GO_TEST_RACE": 1 | |
| } | |
| extra-flags: "-race" | |
| go-arch: amd64 | |
| go-tags: ${{ needs.setup.outputs.go-tags }} | |
| runs-on: ubuntu-latest | |
| name: "race" | |
| checkout-ref: ${{ needs.setup.outputs.checkout-ref }} | |
| secrets: inherit | |
| # test-ui: | |
| # name: Test UI | |
| # # The test-ui job is only run on: | |
| # # - pushes to main and branches starting with "release/" | |
| # # - PRs where the branch starts with "ui/", "backport/ui/", "merge", or when base branch starts with "release/" | |
| # # - PRs with the "ui" label on GitHub | |
| # if: | | |
| # github.ref_name == 'main' || | |
| # startsWith(github.ref_name, 'release/') || | |
| # startsWith(github.head_ref, 'ui/') || | |
| # startsWith(github.head_ref, 'backport/ui/') || | |
| # startsWith(github.head_ref, 'merge') || | |
| # contains(github.event.pull_request.labels.*.name, 'ui') | |
| # needs: | |
| # - setup | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| # - uses: ./.github/actions/set-up-go | |
| # # Setup node.js without caching to allow running npm install -g yarn (next step) | |
| # - uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # v3.7.0 | |
| # with: | |
| # node-version-file: "./ui/package.json" | |
| # - id: install-yarn | |
| # run: | | |
| # npm install -g yarn | |
| # # Setup node.js with caching using the yarn.lock file | |
| # - uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # v3.7.0 | |
| # with: | |
| # node-version-file: "./ui/package.json" | |
| # cache: yarn | |
| # cache-dependency-path: ui/yarn.lock | |
| # - id: install-browser | |
| # uses: browser-actions/setup-chrome@db1b524c26f20a8d1a10f7fc385c92387e2d0477 # v1.7.1 | |
| # - id: ui-dependencies | |
| # name: ui-dependencies | |
| # working-directory: ./ui | |
| # run: | | |
| # yarn install --frozen-lockfile | |
| # npm rebuild node-sass | |
| # - id: build-go-dev | |
| # name: build-go-dev | |
| # run: | | |
| # rm -rf ./pkg | |
| # mkdir ./pkg | |
| # | |
| # make ci-bootstrap dev | |
| # - id: test-ui | |
| # name: test-ui | |
| # run: | | |
| # export PATH="${PWD}/bin:${PATH}" | |
| # | |
| # # Run Ember tests | |
| # cd ui | |
| # mkdir -p test-results/qunit | |
| # yarn test:oss | |
| # - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 | |
| # with: | |
| # name: test-results-ui | |
| # path: ui/test-results | |
| # if: success() || failure() | |
| # - uses: test-summary/action@31493c76ec9e7aa675f1585d3ed6f1da69269a86 # TSCCR: no entry for repository "test-summary/action" | |
| # with: | |
| # paths: "ui/test-results/qunit/results.xml" | |
| # show: "fail" | |
| # if: always() | |
| tests-completed: | |
| needs: | |
| - setup | |
| - test-go | |
| # UI testing is currently disabled. | |
| # - test-ui | |
| if: always() | |
| runs-on: ubuntu-latest | |
| steps: | |
| - run: | | |
| tr -d '\n' <<< '${{ toJSON(needs.*.result) }}' | grep -q -v -E '(failure|cancelled)' |