on: push: branches: - master pull_request: jobs: build: runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 - name: Use Node.js 10.x uses: actions/setup-node@v1 with: node-version: 10.x - name: setup npm cache uses: actions/cache@v1 with: path: ~/.npm key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} restore-keys: | ${{ runner.os }}-node- - name: npm install run: npm ci - name: npm build run: npm run build - name: npm run test run: npm run test integration: runs-on: ubuntu-latest services: vaultBasic: image: vault:1.2.3 ports: - 8200/tcp env: VAULT_DEV_ROOT_TOKEN_ID: testtoken options: --cap-add=IPC_LOCK vaultEnterprise: image: hashicorp/vault-enterprise:1.3.0_ent ports: - 8200/tcp env: VAULT_DEV_ROOT_TOKEN_ID: testtoken options: --cap-add=IPC_LOCK steps: - uses: actions/checkout@v1 - name: Use Node.js 10.x uses: actions/setup-node@v1 with: node-version: 10.x - name: setup npm cache uses: actions/cache@v1 with: path: ~/.npm key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} restore-keys: | ${{ runner.os }}-node- - name: npm install run: npm ci - name: npm build run: npm run build - name: npm run test:integration:basic run: npm run test:integration:basic env: VAULT_HOST: localhost VAULT_PORT: ${{ job.services.vaultBasic.ports[8200] }} CI: true - name: npm run test:integration:enterprise run: npm run test:integration:enterprise env: VAULT_HOST: localhost VAULT_PORT: ${{ job.services.vaultEnterprise.ports[8200] }} CI: true e2e: runs-on: ubuntu-latest services: vault: image: vault:1.3.0 ports: - 8200/tcp env: VAULT_DEV_ROOT_TOKEN_ID: testtoken options: --cap-add=IPC_LOCK steps: - uses: actions/checkout@v1 - name: Use Node.js 10.x uses: actions/setup-node@v1 with: node-version: 10.x - name: setup npm cache uses: actions/cache@v1 with: path: ~/.npm key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} restore-keys: | ${{ runner.os }}-node- - name: npm install run: npm ci - name: npm build run: npm run build - name: setup vault run: node ./integrationTests/e2e/setup.js env: VAULT_HOST: localhost VAULT_PORT: ${{ job.services.vault.ports[8200] }} - name: use vault action (default K/V version 2) uses: ./ id: kv-secrets with: url: http://localhost:${{ job.services.vault.ports[8200] }} token: testtoken secrets: | test secret ; test secret | NAMED_SECRET ; nested/test otherSecret ; - name: use vault action (custom K/V version 1) uses: ./ with: url: http://localhost:${{ job.services.vault.ports[8200] }} token: testtoken path: my-secret kv-version: 1 secrets: | test altSecret ; test altSecret | NAMED_ALTSECRET ; nested/test otherAltSecret ; - name: use vault action (using cubbyhole engine) uses: ./ with: url: http://localhost:${{ job.services.vault.ports[8200] }} token: testtoken secrets: | /cubbyhole/test foo ; /cubbyhole/test zip | NAMED_CUBBYSECRET ; - name: verify run: npm run test:e2e env: OTHER_SECRET_OUTPUT: ${{ steps.kv-secrets.outputs.otherSecret }} publish: if: github.event_name == 'push' && contains(github.ref, 'master') runs-on: ubuntu-latest needs: [build, integration, e2e] steps: - uses: actions/checkout@v1 - name: Use Node.js 10.x uses: actions/setup-node@v1 with: node-version: 10.x - name: setup npm cache uses: actions/cache@v1 with: path: ~/.npm key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} restore-keys: | ${{ runner.os }}-node- - name: npm install run: npm ci - name: release if: success() && endsWith(github.ref, 'master') run: npx semantic-release env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} NPM_TOKEN: ${{ secrets.NPM_TOKEN }}