.github/workflows/test.yaml

# Copyright 2024 Defense Unicorns
# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial

name: Test

on:
  # This workflow is triggered on pull requests to the main branch.
  pull_request:
    # milestoned is added here as a workaround for release-please not triggering PR workflows (PRs should be added to a milestone to trigger the workflow).
    types: [milestoned, opened, reopened, synchronize]
    paths-ignore:
      - "**.md"
      - "**.jpg"
      - "**.png"
      - "**.gif"
      - "**.svg"
      - adr/**
      - docs/**
      - .gitignore
      - renovate.json
      - .release-please-config.json
      - release-please-config.json
      - CODEOWNERS
      - LICENSE
      - CONTRIBUTING.md
      - SECURITY.md

# Permissions for the GITHUB_TOKEN used by the workflow.
permissions:
  contents: read # Allows reading the content of the repository.
  packages: read # Allows reading the content of the repository's packages.
  id-token: write

# Abort prior jobs in the same workflow / PR
concurrency:
  group: test-${{ github.ref }}
  cancel-in-progress: true

jobs:
  run:
    runs-on: uds-swf-ubuntu-big-boy-16-core
    timeout-minutes: 40
    strategy:
      fail-fast: true
      matrix:
        bundle: [k3d-demo, dev]
        type: [install, upgrade]

    steps:
      - name: Checkout repository
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          fetch-depth: 0

      - name: Install UDS CLI
        uses: defenseunicorns/setup-uds@ab842abcad1f7a3305c2538e3dd1950d0daacfa5 # v1.0.1
        with:
          # renovate: datasource=github-tags depName=defenseunicorns/uds-cli versioning=semver
          version: v0.20.0

      - name: Environment setup
        run: |
            uds run actions:setup-environment \
            --set REGISTRY1_USERNAME="${{ secrets.IRON_BANK_ROBOT_USERNAME }}" \
            --set REGISTRY1_PASSWORD="${{ secrets.IRON_BANK_ROBOT_PASSWORD }}" \
            --set GH_TOKEN="${{ secrets.GITHUB_TOKEN }}" \
            --set CHAINGUARD_IDENTITY="${{ secrets.CHAINGUARD_IDENTITY }}"
        shell: bash

      - name: Test
        run: uds run actions:test-deploy --set TYPE="${{ matrix.type }}" --set BUNDLE_PATH="bundles/${{ matrix.bundle }}"
        shell: bash

      - name: Debug Output
        if: ${{ always() }}
        run: uds run actions:debug-output
        shell: bash

      - name: Save logs
        if: ${{ always() }}
        run: uds run actions:save-logs
        shell: bash

      - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
        if: ${{ always() }}
        with:
          name: debug-log-${{ matrix.type }}-${{ matrix.bundle }}-${{ github.run_id }}-${{ github.run_attempt }}-${{ runner.arch }}
          path: |
            /tmp/zarf-*.log
            /tmp/uds-*.log
            /tmp/maru-*.log
            /tmp/debug-*.log
            /tmp/uds-containerd-logs
            /tmp/k3d-uds-*.log