Skip to content

refactor CryptoSigner (WIP) #211

refactor CryptoSigner (WIP)

refactor CryptoSigner (WIP) #211

Workflow file for this run

name: Run KMS tests
on:
push:
workflow_dispatch:
permissions: {}
jobs:
test-kms:
runs-on: ubuntu-latest
if: github.repository_owner == 'secure-systems-lab' # only run upstream
permissions:
id-token: 'write' # for OIDC auth for GCP authentication
issues: 'write' # for filing an issue on failure
steps:
- name: Checkout securesystemslib
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- name: Set up Python
uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236
with:
python-version: '3.x'
cache: 'pip'
cache-dependency-path: 'requirements*.txt'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install --upgrade tox
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@35b0e87d162680511bf346c299f71c9c5c379033
with:
token_format: access_token
workload_identity_provider: projects/843741030650/locations/global/workloadIdentityPools/securesystemslib-tests/providers/securesystemslib-tests
service_account: [email protected]
- run: tox -e kms
- name: File an issue on failure
if: ${{ failure() }}
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410
with:
script: |
const repo = context.repo.owner + "/" + context.repo.repo
const issues = await github.rest.search.issuesAndPullRequests({
q: "KMS+tests+failed+in:title+state:open+type:issue+repo:" + repo,
})
if (issues.data.total_count > 0) {
console.log("Issue open already, not creating.")
} else {
await github.rest.issues.create({
owner: context.repo.owner,
repo: context.repo.repo,
title: "KMS tests failed",
body: "Hey, it seems KMS tests have failed, please see - [workflow run](" +
"https://github.com/" + repo + "/actions/runs/" + context.runId + ")"
})
console.log("New issue created.")
}