forked from nebari-dev/nebari
-
Notifications
You must be signed in to change notification settings - Fork 0
87 lines (78 loc) · 2.77 KB
/
test_aws_integration.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
name: AWS Deployment
on:
schedule:
- cron: "0 0 * * MON"
workflow_dispatch:
inputs:
branch:
description: 'Nebari branch to deploy, test, destroy'
required: true
default: develop
type: string
image-tag:
description: 'Nebari image tag created by the nebari-docker-images repo'
required: true
default: main
type: string
tf-log-level:
description: 'Change Terraform log levels'
required: false
default: info
type: choice
options:
- info
- warn
- debug
- trace
- error
env:
AWS_DEFAULT_REGION: "us-west-2"
NEBARI_GH_BRANCH: ${{ github.event.inputs.branch || 'develop' }}
NEBARI_IMAGE_TAG: ${{ github.event.inputs.image-tag || 'main' }}
TF_LOG: ${{ github.event.inputs.tf-log-level || 'info' }}∏
jobs:
# Must have action variable NO_PROVIDER_CREDENTIALS_AWS set up in the repo as a binary boolean.
test-aws-integration:
runs-on: ubuntu-latest
if: ${{ vars.NO_PROVIDER_CREDENTIALS_AWS == 'false' }}
permissions:
id-token: write
contents: read
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: ${{ env.NEBARI_GH_BRANCH }}
fetch-depth: 0
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: 3.11
- name: Install Nebari
run: |
pip install .[dev]
playwright install
- name: Retrieve secret from Vault
uses: hashicorp/[email protected]
with:
method: jwt
url: "https://quansight-vault-public-vault-b2379fa7.d415e30e.z1.hashicorp.cloud:8200"
namespace: "admin/quansight"
role: "repository-nebari-dev-nebari-role"
secrets: |
kv/data/repository/nebari-dev/nebari/amazon_web_services/nebari-dev-ci role_name | AWS_ROLE_ARN;
kv/data/repository/nebari-dev/nebari/cloudflare/[email protected]/nebari-dev-ci token | CLOUDFLARE_TOKEN;
- name: Authenticate to AWS
uses: aws-actions/configure-aws-credentials@v1
with:
role-to-assume: ${{ env.AWS_ROLE_ARN }}
role-session-name: github-action
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Integration Tests
run: |
pytest --version
pytest tests/tests_integration/ -vvv -s --cloud aws
env:
NEBARI_SECRET__default_images__jupyterhub: "quay.io/nebari/nebari-jupyterhub:${{ env.NEBARI_IMAGE_TAG }}"
NEBARI_SECRET__default_images__jupyterlab: "quay.io/nebari/nebari-jupyterlab:${{ env.NEBARI_IMAGE_TAG }}"
NEBARI_SECRET__default_images__dask_worker: "quay.io/nebari/nebari-dask-worker:${{ env.NEBARI_IMAGE_TAG }}"