Adding way for Security Baseline checks to easily detect on which OS … #203
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: E2E | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - src/** | |
| workflow_dispatch: | |
| jobs: | |
| hub: | |
| name: Create IoT Hub | |
| runs-on: ubuntu-latest | |
| outputs: | |
| name: ${{ steps.terraform.outputs.iothub_name }} | |
| connection_string: ${{ steps.terraform.outputs.connection_string }} | |
| resource_group_name: ${{ steps.terraform.outputs.resource_group_name }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: hashicorp/setup-terraform@v3 | |
| with: | |
| terraform_version: latest | |
| terraform_wrapper: false | |
| - name: Provision Iot Hub | |
| id: terraform | |
| working-directory: devops/e2e/terraform/iothub | |
| env: | |
| TF_VAR_client_id: ${{ secrets.CLIENT_ID }} | |
| TF_VAR_client_secret: ${{ secrets.CLIENT_SECRET }} | |
| TF_VAR_subscription_id: ${{ secrets.SUBSCRIPTION_ID }} | |
| TF_VAR_tenant_id: ${{ secrets.TENANT_ID }} | |
| TF_VAR_name: e2e-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} | |
| run: | | |
| terraform init | |
| terraform apply -auto-approve | |
| echo iothub_name=$(terraform output -raw iothub_name) >> $GITHUB_OUTPUT | |
| echo connection_string=$(terraform output -raw connection_string | base64 -w 0) >> $GITHUB_OUTPUT | |
| test: | |
| name: Test | |
| uses: ./.github/workflows/e2e-run.yml | |
| needs: hub | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| target: | |
| [ | |
| { os: ubuntu, version: 20.04, package-type: DEB }, | |
| { os: ubuntu, version: 22.04, package-type: DEB }, | |
| { os: debian, version: 10, package-type: DEB }, | |
| { os: debian, version: 11, package-type: DEB }, | |
| ] | |
| arch: [amd64] | |
| secrets: | |
| client_id: ${{ secrets.CLIENT_ID }} | |
| client_secret: ${{ secrets.CLIENT_SECRET }} | |
| tenant_id: ${{ secrets.TENANT_ID }} | |
| iothub: ${{ needs.hub.outputs.name }} | |
| iothub_connection_string: ${{ needs.hub.outputs.connection_string }} | |
| with: | |
| target: ${{ matrix.target.os }}-${{ matrix.target.version }} | |
| arch: ${{ matrix.arch }} | |
| package-type: ${{ matrix.target.package-type }} | |
| cleanup: | |
| name: Delete IoT Hub | |
| runs-on: ubuntu-latest | |
| needs: [hub, test] | |
| if: always() | |
| steps: | |
| - name: Delete IoT Hub | |
| run: | | |
| az login --service-principal \ | |
| --username ${{ secrets.CLIENT_ID }} \ | |
| --password ${{ secrets.CLIENT_SECRET }} \ | |
| --tenant ${{ secrets.TENANT_ID }} | |
| az extension add --name azure-iot | |
| az iot hub delete \ | |
| --name ${{ needs.hub.outputs.name }} \ | |
| --resource-group e2e |