AWS E2E Tests (Non-root) - 10848215892 - @rorymalcolm #3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: AWS E2E Tests (Non-root) | |
run-name: AWS E2E Tests (Non-root) - ${{ github.run_id }} - @${{ github.actor }} | |
on: | |
pull_request: | |
merge_group: | |
env: | |
TEST_KUBE: true | |
TEST_AWS_DB: true | |
AWS_REGION: us-west-2 | |
GHA_ASSUME_ROLE: arn:aws:iam::307493967395:role/tf-aws-e2e-gha-role | |
KUBERNETES_SERVICE_ASSUME_ROLE: arn:aws:iam::307493967395:role/tf-eks-discovery-ci-cluster-kubernetes-service-access-role | |
KUBE_DISCOVERY_SERVICE_ASSUME_ROLE: arn:aws:iam::307493967395:role/tf-eks-discovery-ci-cluster-discovery-service-access-role | |
EKS_CLUSTER_NAME: gha-discovery-ci-eks-us-west-2-307493967395 | |
RDS_ACCESS_ROLE: arn:aws:iam::307493967395:role/ci-database-e2e-tests-rds-access | |
RDS_DISCOVERY_ROLE: arn:aws:iam::307493967395:role/ci-database-e2e-tests-rds-discovery | |
RDS_POSTGRES_INSTANCE_NAME: ci-database-e2e-tests-rds-postgres-instance-us-west-2-307493967395 | |
RDS_MYSQL_INSTANCE_NAME: ci-database-e2e-tests-rds-mysql-instance-us-west-2-307493967395 | |
RDS_MARIADB_INSTANCE_NAME: ci-database-e2e-tests-rds-mariadb-instance-us-west-2-307493967395 | |
REDSHIFT_ACCESS_ROLE: arn:aws:iam::307493967395:role/ci-database-e2e-tests-redshift-access | |
REDSHIFT_DISCOVERY_ROLE: arn:aws:iam::307493967395:role/ci-database-e2e-tests-redshift-discovery | |
REDSHIFT_IAM_DB_USER: ci-database-e2e-tests-redshift-user | |
REDSHIFT_CLUSTER_NAME: ci-database-e2e-tests-redshift-cluster-us-west-2-307493967395 | |
REDSHIFT_SERVERLESS_ACCESS_ROLE: arn:aws:iam::307493967395:role/ci-database-e2e-tests-redshift-serverless-access | |
REDSHIFT_SERVERLESS_DISCOVERY_ROLE: arn:aws:iam::307493967395:role/ci-database-e2e-tests-redshift-serverless-discovery | |
REDSHIFT_SERVERLESS_ENDPOINT_NAME: ci-database-e2e-tests-redshift-serverless-workgroup-rss-access-us-west-2-307493967395 | |
REDSHIFT_SERVERLESS_IAM_DB_USER: ci-database-e2e-tests-redshift-serverless-user | |
REDSHIFT_SERVERLESS_WORKGROUP_NAME: ci-database-e2e-tests-redshift-serverless-workgroup-us-west-2-307493967395 | |
DISCOVERY_MATCHER_LABELS: "*=*" | |
jobs: | |
changes: | |
name: Check for relevant changes | |
runs-on: ubuntu-latest | |
permissions: | |
pull-requests: read | |
outputs: | |
changed: ${{ steps.changes.outputs.changed }} | |
steps: | |
- name: Checkout | |
if: ${{ github.event_name == 'merge_group' }} | |
uses: actions/checkout@v4 | |
- uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 | |
id: changes | |
with: | |
base: ${{ github.event.pull_request.base.ref || github.event.merge_group.base_ref }} | |
ref: ${{ github.event.pull_request.head.ref || github.event.merge_group.head_ref }} | |
filters: | | |
changed: | |
- '.github/workflows/aws-e2e-tests-non-root.yaml' | |
- '**.go' | |
- 'go.mod' | |
- 'go.sum' | |
- 'build.assets/Makefile' | |
- 'build.assets/Dockerfile*' | |
- 'Makefile' | |
test: | |
name: AWS E2E Tests (Non-root) | |
needs: changes | |
if: ${{ !startsWith(github.head_ref, 'dependabot/') && needs.changes.outputs.changed == 'true'}} | |
runs-on: ubuntu-22.04-16core | |
permissions: | |
contents: read | |
packages: read | |
id-token: write | |
container: | |
image: ghcr.io/gravitational/teleport-buildbox:teleport17 | |
env: | |
WEBASSETS_SKIP_BUILD: 1 | |
options: --cap-add=SYS_ADMIN --privileged | |
steps: | |
- name: Checkout Teleport | |
uses: actions/checkout@v4 | |
- name: Prepare workspace | |
uses: ./.github/actions/prepare-workspace | |
- name: Chown | |
run: | | |
mkdir -p $(go env GOMODCACHE) | |
mkdir -p $(go env GOCACHE) | |
chown -Rf ci:ci ${GITHUB_WORKSPACE} $(go env GOMODCACHE) $(go env GOCACHE) | |
continue-on-error: true | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 | |
with: | |
aws-region: ${{ env.AWS_REGION }} | |
role-to-assume: ${{ env.GHA_ASSUME_ROLE }} | |
- name: Run tests | |
timeout-minutes: 10 | |
run: | | |
runuser -u ci -g ci make e2e-aws RDPCLIENT_SKIP_BUILD=1 |