Skip to content

AWS E2E Tests (Non-root) - 10850089243 - @rorymalcolm #4

AWS E2E Tests (Non-root) - 10850089243 - @rorymalcolm

AWS E2E Tests (Non-root) - 10850089243 - @rorymalcolm #4

name: AWS E2E Tests (Non-root)
run-name: AWS E2E Tests (Non-root) - ${{ github.run_id }} - @${{ github.actor }}
on:
pull_request:
merge_group:
env:
TEST_KUBE: true
TEST_AWS_DB: true
AWS_REGION: us-west-2
GHA_ASSUME_ROLE: arn:aws:iam::307493967395:role/tf-aws-e2e-gha-role
KUBERNETES_SERVICE_ASSUME_ROLE: arn:aws:iam::307493967395:role/tf-eks-discovery-ci-cluster-kubernetes-service-access-role
KUBE_DISCOVERY_SERVICE_ASSUME_ROLE: arn:aws:iam::307493967395:role/tf-eks-discovery-ci-cluster-discovery-service-access-role
EKS_CLUSTER_NAME: gha-discovery-ci-eks-us-west-2-307493967395
RDS_ACCESS_ROLE: arn:aws:iam::307493967395:role/ci-database-e2e-tests-rds-access
RDS_DISCOVERY_ROLE: arn:aws:iam::307493967395:role/ci-database-e2e-tests-rds-discovery
RDS_POSTGRES_INSTANCE_NAME: ci-database-e2e-tests-rds-postgres-instance-us-west-2-307493967395
RDS_MYSQL_INSTANCE_NAME: ci-database-e2e-tests-rds-mysql-instance-us-west-2-307493967395
RDS_MARIADB_INSTANCE_NAME: ci-database-e2e-tests-rds-mariadb-instance-us-west-2-307493967395
REDSHIFT_ACCESS_ROLE: arn:aws:iam::307493967395:role/ci-database-e2e-tests-redshift-access
REDSHIFT_DISCOVERY_ROLE: arn:aws:iam::307493967395:role/ci-database-e2e-tests-redshift-discovery
REDSHIFT_IAM_DB_USER: ci-database-e2e-tests-redshift-user
REDSHIFT_CLUSTER_NAME: ci-database-e2e-tests-redshift-cluster-us-west-2-307493967395
REDSHIFT_SERVERLESS_ACCESS_ROLE: arn:aws:iam::307493967395:role/ci-database-e2e-tests-redshift-serverless-access
REDSHIFT_SERVERLESS_DISCOVERY_ROLE: arn:aws:iam::307493967395:role/ci-database-e2e-tests-redshift-serverless-discovery
REDSHIFT_SERVERLESS_ENDPOINT_NAME: ci-database-e2e-tests-redshift-serverless-workgroup-rss-access-us-west-2-307493967395
REDSHIFT_SERVERLESS_IAM_DB_USER: ci-database-e2e-tests-redshift-serverless-user
REDSHIFT_SERVERLESS_WORKGROUP_NAME: ci-database-e2e-tests-redshift-serverless-workgroup-us-west-2-307493967395
DISCOVERY_MATCHER_LABELS: "*=*"
jobs:
changes:
name: Check for relevant changes
runs-on: ubuntu-latest
permissions:
pull-requests: read
outputs:
changed: ${{ steps.changes.outputs.changed }}
steps:
- name: Checkout
if: ${{ github.event_name == 'merge_group' }}
uses: actions/checkout@v4
- uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
id: changes
with:
base: ${{ github.event.pull_request.base.ref || github.event.merge_group.base_ref }}
ref: ${{ github.event.pull_request.head.ref || github.event.merge_group.head_ref }}
filters: |
changed:
- '.github/workflows/aws-e2e-tests-non-root.yaml'
- '**.go'
- 'go.mod'
- 'go.sum'
- 'build.assets/Makefile'
- 'build.assets/Dockerfile*'
- 'Makefile'
test:
name: AWS E2E Tests (Non-root)
needs: changes
if: ${{ !startsWith(github.head_ref, 'dependabot/') && needs.changes.outputs.changed == 'true'}}
runs-on: ubuntu-22.04-16core
permissions:
contents: read
packages: read
id-token: write
container:
image: ghcr.io/gravitational/teleport-buildbox:teleport17
env:
WEBASSETS_SKIP_BUILD: 1
options: --cap-add=SYS_ADMIN --privileged
steps:
- name: Checkout Teleport
uses: actions/checkout@v4
- name: Prepare workspace
uses: ./.github/actions/prepare-workspace
- name: Chown
run: |
mkdir -p $(go env GOMODCACHE)
mkdir -p $(go env GOCACHE)
chown -Rf ci:ci ${GITHUB_WORKSPACE} $(go env GOMODCACHE) $(go env GOCACHE)
continue-on-error: true
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
with:
aws-region: ${{ env.AWS_REGION }}
role-to-assume: ${{ env.GHA_ASSUME_ROLE }}
- name: Run tests
timeout-minutes: 10
run: |
runuser -u ci -g ci make e2e-aws RDPCLIENT_SKIP_BUILD=1