-
Notifications
You must be signed in to change notification settings - Fork 44
ci: enable Go contract test gate (#562 3/4) #573
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: feature/562-pr2-detector-wrapper
Are you sure you want to change the base?
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,36 @@ | ||
| --- | ||
| name: Go Tests | ||
|
|
||
| on: | ||
| workflow_call: | ||
|
|
||
| permissions: {} | ||
|
|
||
| jobs: | ||
| go-tests: | ||
| name: Go Static Contract Tests | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: read | ||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | ||
|
Contributor
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. nit: The checkout step omits - name: Checkout repository
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false |
||
|
|
||
| - name: Set up Go | ||
| uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 | ||
| with: | ||
| go-version-file: blueprints/full-single-node-cluster/tests/go.mod | ||
| cache-dependency-path: blueprints/full-single-node-cluster/tests/go.sum | ||
|
|
||
| - name: Install terraform-docs | ||
| shell: bash | ||
| run: ./scripts/install-terraform-docs.sh | ||
|
|
||
| - name: Install Azure CLI and Bicep | ||
| shell: bash | ||
| run: | | ||
|
Comment on lines
+28
to
+31
Contributor
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The Azure CLI install step uses The codebase already has the correct pattern in - name: Install Azure CLI and Bicep
shell: bash
run: |
set -euo pipefail
AZ_CLI_INSTALL_VER="${AZ_CLI_VER:-2.67.0}"
sudo apt-get update
sudo apt-get install -y ca-certificates curl apt-transport-https lsb-release gnupg
sudo mkdir -p /etc/apt/keyrings
curl -sLS https://packages.microsoft.com/keys/microsoft.asc \
| gpg --dearmor \
| sudo tee /etc/apt/keyrings/microsoft.gpg >/dev/null
sudo chmod go+r /etc/apt/keyrings/microsoft.gpg
AZ_REPO="$(lsb_release -cs)"
echo "deb [arch=amd64 signed-by=/etc/apt/keyrings/microsoft.gpg] https://packages.microsoft.com/repos/azure-cli/ ${AZ_REPO} main" \
| sudo tee /etc/apt/sources.list.d/azure-cli.list >/dev/null
sudo apt-get update
sudo apt-get install -y "azure-cli=${AZ_CLI_INSTALL_VER}-1~${AZ_REPO}"
az bicep install |
||
| curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash | ||
| az bicep install | ||
|
|
||
| - name: Run Go static contract tests | ||
| run: npm run go-test | ||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: The job uses
runs-on: ubuntu-latest. The siblingrust-tests.ymlpins toubuntu-24.04to keep the apt package set stable and reproducible across runs. Once the Azure CLI install is switched to the apt keyring pattern, a future runner image upgrade could silently breaklsb_release -csresolution. Pinning makes that failure explicit rather than silent.