Skip to content
Run KMS tests

Merge pull request #1020 from secure-systems-lab/dependabot/pip/test-… #805

Sign in to view logs

Merge pull request #1020 from secure-systems-lab/dependabot/pip/test-…

Merge pull request #1020 from secure-systems-lab/dependabot/pip/test-… #805

Workflow file for this run

.github/workflows/test-kms.yml at 9f36b65
name: Run KMS tests
on:
push:
workflow_dispatch:
permissions: {}
jobs:
test-kms:
runs-on: ubuntu-latest
if: github.repository_owner == 'secure-systems-lab' # only run upstream
permissions:
id-token: 'write' # for OIDC auth for GCP authentication
issues: 'write' # for filing an issue on failure
steps:
- name: Checkout securesystemslib
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
with:
persist-credentials: false
- name: Set up Python
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065
with:
python-version: '3.x'
cache: 'pip'
cache-dependency-path: 'requirements*.txt'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install --upgrade tox
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@b7593ed2efd1c1617e1b0254da33b86225adb2a5
with:
token_format: access_token
workload_identity_provider: projects/843741030650/locations/global/workloadIdentityPools/securesystemslib-tests/providers/securesystemslib-tests
service_account: securesystemslib@python-tuf-kms.iam.gserviceaccount.com
- run: tox -e kms
- name: File an issue on failure
if: ${{ failure() }}
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea
with:
script: |
const repo = context.repo.owner + "/" + context.repo.repo
const issues = await github.rest.search.issuesAndPullRequests({
q: "KMS+tests+failed+in:title+state:open+type:issue+repo:" + repo,
})
if (issues.data.total_count > 0) {
console.log("Issue open already, not creating.")
} else {
await github.rest.issues.create({
owner: context.repo.owner,
repo: context.repo.repo,
title: "KMS tests failed",
body: "Hey, it seems KMS tests have failed, please see - [workflow run](" +
"https://github.com/" + repo + "/actions/runs/" + context.runId + ")"
})
console.log("New issue created.")
}