StackExchange/dnscontrol
1
1
Fork 0
mirror of https://github.com/StackExchange/dnscontrol.git synced 2025-01-13 02:50:27 +08:00
Code Issues Projects Releases Packages Wiki Activity
dnscontrol/.github/workflows/build.yml
Jauder Ho ed568706b2
Add Dependabot and CodeQL scanning (#1172) 
* Create codeql-analysis.yml

* Create dependabot.yml

* Bump actions/checkout from 2 to 2.3.4

Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 2.3.4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v2.3.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
2021-06-30 08:37:24 -04:00

158 lines
5.3 KiB
YAML
Raw Blame History

---
name: build
on:
pull_request:
branches: [ master ]
push:
branches: [ master ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v2.3.4
with:
fetch-depth: 0
- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: ^1.15
- name: Cache
uses: actions/cache@v2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Build binaries
run: go run build/build.go
- name: Run unit tests
run: go test ./...
integration-tests:
runs-on: ubuntu-latest
needs: build
strategy:
fail-fast: false
matrix:
provider:
# Providers that don't require secrets: (alphabetical)
- BIND
- HEXONET
# Providers designated "officially supported": (alphabetical)
- AZURE_DNS
- CLOUDFLAREAPI
- GCLOUD
- NAMEDOTCOM
- ROUTE53
# All others: (alphabetical)
- CLOUDNS
- DIGITALOCEAN
- GANDI_V5
- HEDNS
- INWX
- POWERDNS
# Bring-Your-Own-Secrets:
# To reduce the risk of secrets being logged by third-parties, secrets
# come from the account of the fork. For example, the PR submitted by
# a member of the project has access to the secrets in
# github.com/StackExchange/dnscontrol. However a PR submitted by a
# third-party receives secrets from the account of their fork.
#
# If a test requires no secrets: List any parameters here in
# plaintext. (see BIND and HEXONET as examples).
# However secrets are needed for most tests. In that case, create a secret called
# ${PROVIDER}_DOMAIN and other env variables listed in
# integrationTest/providers.json for that provider. the test will only run on systems
# with access to those secrets (specifically, the ${PROVIDER}_DOMAIN secret).
# This way the main project can maintain its tests and secrets
# securely, plus forks can run their own tests.
#
# See https://stackexchange.github.io/dnscontrol/byo-secrets
#
# (Sort order: groups in the same order as the matrix; _DOMAIN first; sort the others alphabetically.)
env:
BIND_DOMAIN: example.com
#
HEXONET_DOMAIN: a-b-c-movies.com
HEXONET_ENTITY: OTE
HEXONET_PW: test.passw0rd
HEXONET_UID: test.user
#
AZURE_DNS_DOMAIN: ${{ secrets.AZURE_DNS_DOMAIN }}
AZURE_DNS_CLIENT_ID: ${{ secrets.AZURE_DNS_CLIENT_ID }}
AZURE_DNS_CLIENT_SECRET: ${{ secrets.AZURE_DNS_CLIENT_SECRET }}
AZURE_DNS_RESOURCE_GROUP: DNSControl
AZURE_DNS_SUBSCRIPTION_ID: ${{ secrets.AZURE_DNS_SUBSCRIPTION_ID }}
AZURE_DNS_TENANT_ID: ${{ secrets.AZURE_DNS_TENANT_ID }}
#
CLOUDFLAREAPI_DOMAIN: ${{ secrets.CLOUDFLAREAPI_DOMAIN }}
CLOUDFLAREAPI_KEY: ${{ secrets.CLOUDFLAREAPI_KEY }}
CLOUDFLAREAPI_TOKEN: ${{ secrets.CLOUDFLAREAPI_TOKEN }}
CLOUDFLAREAPI_USER: ${{ secrets.CLOUDFLAREAPI_USER }}
#
CLOUDNS_DOMAIN: ${{ secrets.CLOUDNS_DOMAIN }}
CLOUDNS_AUTH_ID: ${{ secrets.CLOUDNS_AUTH_ID }}
CLOUDNS_AUTH_PASSWORD: ${{ secrets.CLOUDNS_AUTH_PASSWORD }}
CLOUDNS_SUB_AUTH_ID: ${{ secrets.CLOUDNS_SUB_AUTH_ID }}
#
GCLOUD_DOMAIN: ${{ secrets.GCLOUD_DOMAIN }}
GCLOUD_EMAIL: dnscontrol@dnscontrol-dev.iam.gserviceaccount.com
GCLOUD_PRIVATEKEY: ${{ secrets.GCLOUD_PRIVATEKEY }}
GCLOUD_PROJECT: dnscontrol-dev
GCLOUD_TYPE: service_account
#
NAMEDOTCOM_DOMAIN: ${{ secrets.NAMEDOTCOM_DOMAIN }}
NAMEDOTCOM_KEY: ${{ secrets.NAMEDOTCOM_KEY }}
NAMEDOTCOM_URL: api.name.com
NAMEDOTCOM_USER: dnscontroltest
#
ROUTE53_DOMAIN: ${{ secrets.ROUTE53_DOMAIN }}
ROUTE53_KEY: ${{ secrets.ROUTE53_KEY }}
ROUTE53_KEY_ID: ${{ secrets.ROUTE53_KEY_ID }}
#
DIGITALOCEAN_DOMAIN: ${{ secrets.DIGITALOCEAN_DOMAIN }}
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
#
GANDI_V5_DOMAIN: ${{ secrets.GANDI_V5_DOMAIN }}
GANDI_V5_APIKEY: ${{ secrets.GANDI_V5_APIKEY }}
#
HEDNS_DOMAIN: ${{ secrets.HEDNS_DOMAIN }}
HEDNS_USERNAME: ${{ secrets.HEDNS_USERNAME }}
HEDNS_PASSWORD: ${{ secrets.HEDNS_PASSWORD }}
HEDNS_TOTP_SECRET: ${{ secrets.HEDNS_TOTP_SECRET }}
#
INWX_DOMAIN: ${{ secrets.INWX_DOMAIN }}
INWX_PASSWORD: ${{ secrets.INWX_PASSWORD }}
INWX_USER: ${{ secrets.INWX_USER }}
#
POWERDNS_DOMAIN: ${{ secrets.POWERDNS_DOMAIN }}
POWERDNS_APIURL: ${{ secrets.POWERDNS_APIURL }}
POWERDNS_APIKEY: ${{ secrets.POWERDNS_APIKEY }}
POWERDNS_SERVERNAME: ${{ secrets.POWERDNS_SERVERNAME }}
steps:
- name: Checkout repo
uses: actions/checkout@v2.3.4
with:
fetch-depth: 0
- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: ^1.15
- name: Cache
uses: actions/cache@v2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Determining test viability for ${{ matrix.provider }} provider
run: if [ -n "$${{ matrix.provider }}_DOMAIN" ] ; then echo "CAN_CONTINUE=yes" >> "$GITHUB_ENV" ; fi
- name: Run integration tests for ${{ matrix.provider }} provider
if: env.CAN_CONTINUE == 'yes'
working-directory: integrationTest
run: go test -timeout 20m -v -verbose -provider ${{ matrix.provider }}
...
Reference in a new issue View git blame Copy permalink