Add infrastructure tests #50
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| pull_request: | |
| workflow_dispatch: | |
| jobs: | |
| fmt: | |
| defaults: | |
| run: | |
| working-directory: core/tofu | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install OpenTofu | |
| uses: opentofu/setup-opentofu@v1 | |
| - name: Check configuration format | |
| run: tofu fmt -check -write=false -diff | |
| continue-on-error: false | |
| test: | |
| defaults: | |
| run: | |
| working-directory: core/tofu | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: 1.24.5 | |
| cache-dependency-path: core/tofu/test/go.sum | |
| - name: Install OpenTofu | |
| uses: opentofu/setup-opentofu@v1 | |
| with: | |
| tofu_version: 1.10.5 | |
| - name: Cache Go modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.cache/go-build | |
| ~/go/pkg/mod | |
| key: ${{ runner.os }}-go${{ hashFiles('**go.sum') }} | |
| restore-keys: ${{ runner.os }}-go- | |
| - name: Install dependencies | |
| working-directory: core/tofu/test | |
| run: go mod download | |
| - name: Run Validation test | |
| working-directory: core/tofu/test | |
| run: go test -v -timeout 5m -run TestTofuValidation | |
| - name: Run Full Lab Tests | |
| working-directory: core/tofu/test | |
| run: go test -v -timeout 30m -parallel 2 | |
| - name: Upload Test Results | |
| if: always() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: test-results-go${{ matrix.go-version }}-tf${{ matrix.tofu-version }} | |
| path: test/test-results.json | |
| security: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Run Tofu Security Scan | |
| uses: aquasecurity/tfsec-action@v1.0.0 | |
| with: | |
| soft_fail: true | |
| - name: Run Go Security Scan | |
| uses: securego/gosec@master | |
| with: | |
| args: "-fmt sarif -out results.sarif ./core/tofu/test/" | |
| - name: Upload Scan Results | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: results.sarif |