From 1c5523a8e08f634cf72bf53f86becf8041ee25c7 Mon Sep 17 00:00:00 2001 From: Paul Abel Date: Fri, 19 Jan 2024 11:40:48 +0000 Subject: [PATCH] pass GCR secrets to smoke test action --- .github/actions/smoke-tests/action.yaml | 11 +++++++++-- .github/workflows/ci.yml | 2 ++ 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/.github/actions/smoke-tests/action.yaml b/.github/actions/smoke-tests/action.yaml index cd3ce235c8..cf813ceeaa 100644 --- a/.github/actions/smoke-tests/action.yaml +++ b/.github/actions/smoke-tests/action.yaml @@ -35,6 +35,12 @@ inputs: rhel-license: description: RHEL license for UBI builds required: false + gcr-workload-identity-secret: + description: Google Workflow Identity secret + required: false + gcr-service-account-secret: + description: Google Service Account secret + required: false outputs: test-results-name: @@ -104,8 +110,8 @@ runs: uses: google-github-actions/auth@v2 with: token_format: access_token - workload_identity_provider: ${{ secrets.GCR_WORKLOAD_IDENTITY }} - service_account: ${{ secrets.GCR_SERVICE_ACCOUNT }} + workload_identity_provider: ${{ inputs.gcr-workload-identity-secret }} + service_account: ${{ inputs.gcr-service-account-secret }} - name: Login to GCR uses: docker/login-action@v3 @@ -118,6 +124,7 @@ runs: id: check-image run: | docker inspect ${{ inputs.test-image }} + shell: bash continue-on-error: true - name: Build Test-Runner Container diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 802acce835..ed22bf4961 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -359,6 +359,8 @@ jobs: nginx-crt: ${{ contains(matrix.images.image, 'nap') && secrets.NGINX_AP_CRT || secrets.NGINX_CRT }} nginx-key: ${{ contains(matrix.images.image, 'nap') && secrets.NGINX_AP_KEY || secrets.NGINX_KEY }} azure-ad-secret: ${{ secrets.AZURE_AD_AUTOMATION }} + gcr-workload-identity-secret: ${{ secrets.GCR_WORKLOAD_IDENTITY }} + gcr-service-account-secret: ${{ secrets.GCR_SERVICE_ACCOUNT }} rhel-license: ${{ contains(matrix.images.image, 'ubi') && secrets.RHEL_LICENSE || '' }} go-md5: ${{ needs.checks.outputs.go_code_md5 }} test-image: "gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/test-runner:${{ hashFiles('./tests/requirements.txt') || 'latest' }}"