chore(deps): update module github.com/cloudflare/circl to v1.6.3 [sec… #6002
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: acceptance tests | |
| on: | |
| pull_request: {} | |
| push: | |
| branches: | |
| - main | |
| # These permissions are needed to assume roles from Github's OIDC. | |
| permissions: | |
| contents: read | |
| jobs: | |
| # Tests that Terraform can actually install and use the provider | |
| # Ex: https://github.com/grafana/terraform-provider-grafana/issues/1372 | |
| integration: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| persist-credentials: false | |
| - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 | |
| with: | |
| go-version-file: go.mod | |
| - uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2 | |
| - run: make integration-test | |
| cloudinstance: | |
| concurrency: | |
| group: cloud-instance | |
| cancel-in-progress: false | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| persist-credentials: false | |
| - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 | |
| with: | |
| go-version-file: go.mod | |
| - uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2 | |
| - name: Get Secrets | |
| uses: grafana/shared-workflows/actions/get-vault-secrets@f619a637e489e8e7749cf4966ee2776e4178a303 | |
| with: | |
| repo_secrets: | | |
| GRAFANA_AUTH=cloud-instance-tests:auth | |
| GRAFANA_STACK_ID=cloud-instance-k6-tests:stack-id | |
| GRAFANA_ONCALL_ACCESS_TOKEN=cloud-instance-tests:oncall-token | |
| GRAFANA_SM_ACCESS_TOKEN=cloud-instance-tests:sm-token | |
| GRAFANA_K6_ACCESS_TOKEN=cloud-instance-k6-tests:k6-token | |
| GRAFANA_SM_URL=cloud-instance-tests:sm-url | |
| GRAFANA_URL=cloud-instance-tests:url | |
| GRAFANA_CLOUD_PROVIDER_URL=cloudprovider-tests:url | |
| GRAFANA_CLOUD_PROVIDER_TEST_AWS_ACCOUNT_RESOURCE_ID=cloudprovider-tests:test-aws-account-resource-id | |
| GRAFANA_CLOUD_PROVIDER_ACCESS_TOKEN=cloudprovider-tests:access-token | |
| GRAFANA_CLOUD_PROVIDER_AWS_ROLE_ARN=cloudprovider-tests:aws-role-arn | |
| GRAFANA_CLOUD_PROVIDER_TEST_STACK_ID=cloudprovider-tests:test-stack-id | |
| GRAFANA_FLEET_MANAGEMENT_AUTH=cloud-instance-tests:fleet-management-auth | |
| GRAFANA_FLEET_MANAGEMENT_URL=cloud-instance-tests:fleet-management-url | |
| GRAFANA_ASSERTS_CLOUD_ACCESS_POLICY_TOKEN=GRAFANA_ASSERTS_CLOUD_ACCESS_POLICY_TOKEN:asserts-cap-token | |
| - uses: iFaxity/wait-on-action@a7d13170ec542bdca4ef8ac4b15e9c6aa00a6866 # v1.2.1 | |
| with: | |
| resource: ${{ env.GRAFANA_URL }} | |
| interval: 2000 # 2s | |
| timeout: 30000 # 30s | |
| - uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2 | |
| with: | |
| timeout_minutes: 30 | |
| max_attempts: 3 # Try 3 times to make sure we don't report failures on flaky tests | |
| command: make testacc-cloud-instance | |
| local: | |
| strategy: | |
| fail-fast: false # Let all versions run, even if one fails | |
| matrix: | |
| # OSS tests, run on all supported versions (see https://endoflife.date/grafana) | |
| version: ['12.4.1', '12.3.5', '12.2.7', '12.1.9', '11.6.13'] | |
| type: ['oss'] | |
| subset: ['basic', 'other', 'long'] | |
| include: | |
| # Run Git Sync only on Grafana main so we can cover provisioning APIs that | |
| # are not released yet without pulling the entire OSS "other" suite onto | |
| # an unreleased Grafana build. | |
| - version: 'main' | |
| type: 'oss' | |
| subset: 'provisioning' | |
| # Run the generic app platform resource tests on Grafana main for the same reason. | |
| - version: 'main' | |
| type: 'oss' | |
| subset: 'generic' | |
| - version: '12.4.1' | |
| type: 'oss' | |
| subset: examples | |
| - version: '11.6.13' | |
| type: 'oss' | |
| subset: examples | |
| # TLS proxy tests, run only on latest version | |
| - version: '12.4.1' | |
| type: 'tls' | |
| subset: 'basic' | |
| # Sub-path tests. Runs tests on localhost:3000/grafana/ | |
| - version: '12.4.1' | |
| type: 'subpath' | |
| subset: 'basic' | |
| - version: '12.4.1' | |
| type: 'subpath' | |
| subset: 'other' | |
| # Enterprise tests | |
| - version: '12.4.1' | |
| type: 'enterprise' | |
| subset: 'enterprise' | |
| - version: '11.6.13' | |
| type: 'enterprise' | |
| subset: 'enterprise' | |
| # Generate tests | |
| - version: '12.4.1' | |
| type: 'enterprise' | |
| subset: 'generate' | |
| - version: '11.6.13' | |
| type: 'enterprise' | |
| subset: 'generate' | |
| name: ${{ matrix.version }} - ${{ matrix.type }} - ${{ matrix.subset }} | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - name: Check if fork | |
| if: github.event_name == 'pull_request' | |
| env: | |
| REPO_FULL_NAME: ${{ github.repository }} | |
| PR_REPO_FULL_NAME: ${{ github.event.pull_request.head.repo.full_name }} | |
| MATRIX_TYPE: ${{ matrix.type }} | |
| run: | | |
| if [ "$MATRIX_TYPE" = "enterprise" ] && [ "$PR_REPO_FULL_NAME" != "$REPO_FULL_NAME" ]; then | |
| echo "IS_FORK=true" >> $GITHUB_ENV | |
| else | |
| echo "IS_FORK=false" >> $GITHUB_ENV | |
| fi | |
| - name: Skip job if fork | |
| if: github.event_name == 'pull_request' && env.IS_FORK == 'true' | |
| run: | | |
| echo "Skipping job because PR is from a fork" | |
| exit 0 | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| persist-credentials: false | |
| - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 | |
| with: | |
| go-version-file: go.mod | |
| - uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2 | |
| - name: Get Enterprise License | |
| uses: grafana/shared-workflows/actions/get-vault-secrets@f619a637e489e8e7749cf4966ee2776e4178a303 | |
| if: matrix.type == 'enterprise' | |
| with: | |
| repo_secrets: | | |
| GF_ENTERPRISE_LICENSE_TEXT=enterprise:license | |
| - name: Cache Docker image | |
| uses: ScribeMD/docker-cache@fb28c93772363301b8d0a6072ce850224b73f74e # v0.5.0 | |
| with: | |
| key: docker-${{ runner.os }}-${{ matrix.type == 'enterprise' && 'enterprise' || 'oss' }}-${{ matrix.version }} | |
| - uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2 | |
| with: | |
| timeout_minutes: 30 | |
| max_attempts: 3 # Try 3 times to make sure we don't report failures on flaky tests | |
| command: make testacc-${{ matrix.type }}-docker | |
| env: | |
| GRAFANA_VERSION: ${{ matrix.version }} | |
| GF_FEATURE_TOGGLES_ENABLE: ${{ matrix.subset == 'provisioning' && 'nestedFolders,ssoSettingsApi,ssoSettingsSAML,ssoSettingsLDAP,grafanaManagedRecordingRulesDatasources,enableSCIM,alertEnrichmentMultiStep,alertEnrichmentConditional,alertingEnrichmentAssistantInvestigations,provisioning,secretsManagementAppPlatform,secretsManagementAppPlatformUI,grafanaAPIServerWithExperimentalAPIs,secretsManagementAppPlatformAwsKeeper' || '' }} | |
| TESTARGS: >- | |
| ${{ matrix.subset == 'enterprise' && '-skip="TestAccGenerate" -parallel 2' || '' }} | |
| ${{ matrix.subset == 'basic' && '-run=".*_basic" -short -parallel 2' || '' }} | |
| ${{ matrix.subset == 'other' && '-skip=".*_basic" -short -parallel 2' || '' }} | |
| ${{ matrix.subset == 'long' && '-run=".*longtest" -parallel 1' || '' }} | |
| ${{ matrix.subset == 'examples' && '-run=".*Examples" -parallel 1' || '' }} | |
| ${{ matrix.subset == 'generate' && '-run="TestAccGenerate" -parallel 1' || '' }} | |
| ${{ matrix.subset == 'provisioning' && '-run="TestAccProvisioning" -parallel 1' || '' }} | |
| ${{ matrix.subset == 'generic' && '-run="TestAccGenericResource_" -parallel 1' || '' }} |