K8s Auth non-default mount points #301
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Go | |
on: | |
push: | |
branches: [ 'main' ] | |
pull_request: | |
branches: [ '**' ] | |
jobs: | |
build: | |
name: Build | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Set up Go 1.x | |
uses: actions/setup-go@v2 | |
with: | |
go-version: ^1.18 | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v2 | |
- name: Get dependencies | |
run: | | |
go get -v -t -d ./... | |
if [ -f Gopkg.toml ]; then | |
curl https://raw.githubusercontent.com/golang/dep/master/install.sh | sh | |
dep ensure | |
fi | |
- name: Start Vault container | |
run: docker-compose -f scripts/docker-compose.yml up -d | |
env: | |
VAULT_TOKEN: my-root-token | |
VAULT_VOLUME: /tmp/vault/data/vault-volume | |
- name: Build | |
run: go build -v -ldflags="-X 'github.com/jonasvinther/medusa/cmd.Version=$GITHUB_REF_NAME'" . | |
- name: Test | |
run: go test -v ./... | |
- name: Debug | |
run: docker ps -a | |
- name: Run Medusa import | |
run: ./medusa import secret ./test/data/import-example-1.yaml -a="http://0.0.0.0:8201" -t="my-root-token" --insecure | |
- name: Run Medusa export yaml | |
run: ./medusa export secret/A -a="http://0.0.0.0:8201" -t="my-root-token" --insecure | |
- name: Run Medusa export json | |
run: ./medusa export secret/A -a="http://0.0.0.0:8201" -t="my-root-token" --format="json" --insecure | |
- name: Generate certificates | |
run: openssl genrsa -out private-key.pem 2048 && openssl rsa -in private-key.pem -pubout -out public-key.pem | |
- name: Export and encrypt | |
run: ./medusa export secret/A -a="http://0.0.0.0:8201" -t="my-root-token" --insecure --encrypt true --public-key="./public-key.pem" --output encrypted-export.txt | |
- name: Decrypt and import | |
run: ./medusa import secret/decrypted encrypted-export.txt -a="http://0.0.0.0:8201" -t="my-root-token" --insecure --decrypt true --private-key private-key.pem | |
- name: Print version | |
run: ./medusa version | |
- name: Get secret | |
run: "curl -H 'X-Vault-Token: my-root-token' -X GET http://0.0.0.0:8201/v1/secret/data/A/B/C/D/Db" | |
- name: Get secret from decrypted | |
run: "curl -H 'X-Vault-Token: my-root-token' -X GET http://0.0.0.0:8201/v1/secret/data/decrypted/A/B/C/D/Db" | |
- name: Go Report update | |
if: ${{ github.repository == 'jonasvinther/medusa' }} | |
run: "curl -X POST -F \"repo=github.com/$GITHUB_REPOSITORY\" https://goreportcard.com/checks" | |
- name: Run codecov | |
run: go test -race -covermode=atomic -v ./... -coverprofile=coverage.txt | |
- name: Upload coverage to Codecov | |
if: success() && ${{ github.repository == 'jonasvinther/medusa' }} | |
uses: codecov/codecov-action@v1 | |
with: | |
file: ./coverage.txt | |
token: ${{secrets.CODECOV}} | |
fail_ci_if_error: true |