Skip to content

Commit

Permalink
Approach 4: pre-test
Browse files Browse the repository at this point in the history
  • Loading branch information
Mykhailo committed Sep 19, 2024
1 parent b3a9657 commit d6ecda9
Showing 1 changed file with 85 additions and 85 deletions.
170 changes: 85 additions & 85 deletions .github/workflows/auto-test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,32 +45,32 @@ permissions:

# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# deploy_common_resources:
# name: Deploy common
# runs-on: ubuntu-22.04
# strategy:
# fail-fast: false
# matrix:
# compliance: ["green", "red"]
# env:
# COMPLINCE: ${{ matrix.compliance }}
# RESOURCE: common_resources
# steps:
# - name: Git clone the repository
# uses: actions/checkout@v4
deploy_common_resources:
name: Deploy common
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:
compliance: ["green", "red"]
env:
COMPLINCE: ${{ matrix.compliance }}
RESOURCE: common_resources
steps:
- name: Git clone the repository
uses: actions/checkout@v4

# - name: Checkout ecc-actions
# run: git clone -b $ACTIONS_REPO_BRANCH "https://git:[email protected]/epmc-sec/cloudlab/cloud_custodian/ecc-actions.git" ecc-actions
# env:
# PROJECT_TOKEN: ${{ secrets.ECC_CHANGELOG_ACTION }}
# ACTIONS_REPO_BRANCH: ${{ env.ACTIONS_REPO_BRANCH }}
- name: Checkout ecc-actions
run: git clone -b $ACTIONS_REPO_BRANCH "https://git:[email protected]/epmc-sec/cloudlab/cloud_custodian/ecc-actions.git" ecc-actions
env:
PROJECT_TOKEN: ${{ secrets.ECC_CHANGELOG_ACTION }}
ACTIONS_REPO_BRANCH: ${{ env.ACTIONS_REPO_BRANCH }}

# - name: Deploy common
# uses: ./ecc-actions/auto-test-actions/deploy-common-resources
# with:
# CI_ASSUME_ROLE: ${{ secrets.CI_ASSUME_ROLE }}
# AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
# COMPLIANCE: ${{ matrix.compliance }}
- name: Deploy common
uses: ./ecc-actions/auto-test-actions/deploy-common-resources
with:
CI_ASSUME_ROLE: ${{ secrets.CI_ASSUME_ROLE }}
AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
COMPLIANCE: ${{ matrix.compliance }}

# create_readonly_role_for_scans:
# name: Create readonly role for scans
Expand Down Expand Up @@ -104,7 +104,7 @@ jobs:
prepare_resource_matrix:
name: Prepare resource matrix
runs-on: ubuntu-22.04
# needs: deploy_common_resources
needs: deploy_common_resources
outputs:
parallel_resources_list: ${{ steps.prepare-resource-matrix.outputs.parallel_resources_to_scan }}
not_parallel_resources_list: ${{ steps.prepare-resource-matrix.outputs.not_parallel_resources_to_scan }}
Expand All @@ -124,77 +124,77 @@ jobs:
id: prepare-resource-matrix
uses: ./ecc-actions/auto-test-actions/prepare-resource-matrix

# deploy_and_scan_parallel_resources:
# name: Scan P
# runs-on: ubuntu-22.04
# needs: [ deploy_common_resources, prepare_resource_matrix ]
# if: ${{ needs.prepare_resource_matrix.outputs.parallel_resources_list != '[]' }}
# strategy:
# max-parallel: 10
# fail-fast: false
# matrix:
# compliance: ['green', 'red']
# resource: ${{fromJson(needs.prepare_resource_matrix.outputs.parallel_resources_list)}}
# env:
# COMPLINCE: ${{ matrix.compliance }}
# RESOURCE: ${{ matrix.resource }}
deploy_and_scan_parallel_resources:
name: Scan P
runs-on: ubuntu-22.04
needs: [ deploy_common_resources, prepare_resource_matrix ]
if: ${{ needs.prepare_resource_matrix.outputs.parallel_resources_list != '[]' }}
strategy:
max-parallel: 10
fail-fast: false
matrix:
compliance: ['green', 'red']
resource: ${{fromJson(needs.prepare_resource_matrix.outputs.parallel_resources_list)}}
env:
COMPLINCE: ${{ matrix.compliance }}
RESOURCE: ${{ matrix.resource }}

# steps:
# - name: Git clone the repository
# uses: actions/checkout@v4
steps:
- name: Git clone the repository
uses: actions/checkout@v4

# - name: Checkout ecc-actions
# run: git clone -b $ACTIONS_REPO_BRANCH "https://git:[email protected]/epmc-sec/cloudlab/cloud_custodian/ecc-actions.git" ecc-actions
# env:
# PROJECT_TOKEN: ${{ secrets.ECC_CHANGELOG_ACTION }}
# ACTIONS_REPO_BRANCH: ${{ env.ACTIONS_REPO_BRANCH }}
- name: Checkout ecc-actions
run: git clone -b $ACTIONS_REPO_BRANCH "https://git:[email protected]/epmc-sec/cloudlab/cloud_custodian/ecc-actions.git" ecc-actions
env:
PROJECT_TOKEN: ${{ secrets.ECC_CHANGELOG_ACTION }}
ACTIONS_REPO_BRANCH: ${{ env.ACTIONS_REPO_BRANCH }}

# - name: Deploy and scan parallel resources
# uses: ./ecc-actions/auto-test-actions/deploy-and-scan-resources
# with:
# CI_ASSUME_ROLE: ${{ secrets.CI_ASSUME_ROLE }}
# AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
# COMPLIANCE: ${{ matrix.compliance }}
# PROJECT_TOKEN: ${{ secrets.CLOUDCUSTODIAN_CORE }}
- name: Deploy and scan parallel resources
uses: ./ecc-actions/auto-test-actions/deploy-and-scan-resources
with:
CI_ASSUME_ROLE: ${{ secrets.CI_ASSUME_ROLE }}
AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
COMPLIANCE: ${{ matrix.compliance }}
PROJECT_TOKEN: ${{ secrets.CLOUDCUSTODIAN_CORE }}


# deploy_and_scan_not_parallel_resources:
# name: Scan N/P
# runs-on: ubuntu-22.04
# needs: [ deploy_common_resources, prepare_resource_matrix]
# if: ${{ needs.prepare_resource_matrix.outputs.not_parallel_resources_list != '[]' }}
# strategy:
# max-parallel: 1
# fail-fast: false
# matrix:
# compliance: ['green', 'red']
# resource: ${{fromJson(needs.prepare_resource_matrix.outputs.not_parallel_resources_list)}}
# env:
# COMPLINCE: ${{ matrix.compliance }}
# RESOURCE: ${{ matrix.resource }}
deploy_and_scan_not_parallel_resources:
name: Scan N/P
runs-on: ubuntu-22.04
needs: [ deploy_common_resources, prepare_resource_matrix]
if: ${{ needs.prepare_resource_matrix.outputs.not_parallel_resources_list != '[]' }}
strategy:
max-parallel: 1
fail-fast: false
matrix:
compliance: ['green', 'red']
resource: ${{fromJson(needs.prepare_resource_matrix.outputs.not_parallel_resources_list)}}
env:
COMPLINCE: ${{ matrix.compliance }}
RESOURCE: ${{ matrix.resource }}

# steps:
# - name: Git clone the repository
# uses: actions/checkout@v4
steps:
- name: Git clone the repository
uses: actions/checkout@v4

# - name: Checkout ecc-actions
# run: git clone -b $ACTIONS_REPO_BRANCH "https://git:[email protected]/epmc-sec/cloudlab/cloud_custodian/ecc-actions.git" ecc-actions
# env:
# PROJECT_TOKEN: ${{ secrets.ECC_CHANGELOG_ACTION }}
# ACTIONS_REPO_BRANCH: ${{ env.ACTIONS_REPO_BRANCH }}
- name: Checkout ecc-actions
run: git clone -b $ACTIONS_REPO_BRANCH "https://git:[email protected]/epmc-sec/cloudlab/cloud_custodian/ecc-actions.git" ecc-actions
env:
PROJECT_TOKEN: ${{ secrets.ECC_CHANGELOG_ACTION }}
ACTIONS_REPO_BRANCH: ${{ env.ACTIONS_REPO_BRANCH }}

# - name: Deploy and scan non parallel resources
# uses: ./ecc-actions/auto-test-actions/deploy-and-scan-resources
# with:
# CI_ASSUME_ROLE: ${{ secrets.CI_ASSUME_ROLE }}
# AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
# COMPLIANCE: ${{ matrix.compliance }}
# PROJECT_TOKEN: ${{ secrets.CLOUDCUSTODIAN_CORE }}
- name: Deploy and scan non parallel resources
uses: ./ecc-actions/auto-test-actions/deploy-and-scan-resources
with:
CI_ASSUME_ROLE: ${{ secrets.CI_ASSUME_ROLE }}
AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
COMPLIANCE: ${{ matrix.compliance }}
PROJECT_TOKEN: ${{ secrets.CLOUDCUSTODIAN_CORE }}

deploy_and_scan_sequential_resources:
name: Scan S
runs-on: ubuntu-22.04
needs: [ prepare_resource_matrix] #deploy_common_resources,
needs: [deploy_common_resources, prepare_resource_matrix]
if: ${{ needs.prepare_resource_matrix.outputs.sequential_resources_list != '[]' }}
strategy:
fail-fast: false
Expand Down Expand Up @@ -279,7 +279,7 @@ jobs:
destroy_common_resources:
name: Destroy common
runs-on: ubuntu-22.04
needs: [ deploy_and_scan_sequential_resources] #deploy_and_scan_not_parallel_resources, deploy_and_scan_parallel_resources,
needs: [deploy_and_scan_not_parallel_resources, deploy_and_scan_parallel_resources, deploy_and_scan_sequential_resources]
if: ${{ always() }}
strategy:
max-parallel: 10
Expand Down

0 comments on commit d6ecda9

Please sign in to comment.