on: push: branches: - master pull_request: jobs: build: runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 - uses: actions/setup-node@v1 with: node-version: '' - name: setup npm cache uses: actions/cache@v1 with: path: ~/.npm key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} restore-keys: | ${{ runner.os }}-node- - name: npm install run: npm ci - name: npm build run: npm run build - name: npm run test run: npm run test integration: runs-on: ubuntu-latest services: vaultBasic: image: vault:1.2.3 ports: - 8200/tcp env: VAULT_DEV_ROOT_TOKEN_ID: testtoken options: --cap-add=IPC_LOCK vaultEnterprise: image: hashicorp/vault-enterprise:1.3.0_ent ports: - 8200/tcp env: VAULT_DEV_ROOT_TOKEN_ID: testtoken options: --cap-add=IPC_LOCK steps: - uses: actions/checkout@v1 - uses: actions/setup-node@v1 with: node-version: '' - name: setup npm cache uses: actions/cache@v1 with: path: ~/.npm key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} restore-keys: | ${{ runner.os }}-node- - name: npm install run: npm ci - name: npm build run: npm run build - name: npm run test:integration:basic run: npm run test:integration:basic env: VAULT_HOST: localhost VAULT_PORT: ${{ job.services.vaultBasic.ports[8200] }} CI: true - name: npm run test:integration:enterprise run: npm run test:integration:enterprise env: VAULT_HOST: localhost VAULT_PORT: ${{ job.services.vaultEnterprise.ports[8200] }} CI: true e2e: runs-on: ubuntu-latest services: vault: image: vault:1.3.0 ports: - 8200/tcp env: VAULT_DEV_ROOT_TOKEN_ID: testtoken options: --cap-add=IPC_LOCK steps: - uses: actions/checkout@v1 - uses: actions/setup-node@v1 with: node-version: '' - name: setup npm cache uses: actions/cache@v1 with: path: ~/.npm key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} restore-keys: | ${{ runner.os }}-node- - name: npm install run: npm ci - name: npm build run: npm run build - name: setup vault run: node ./integrationTests/e2e/setup.js env: VAULT_HOST: localhost VAULT_PORT: ${{ job.services.vault.ports[8200] }} - name: use vault action (default K/V version 2) uses: ./ id: kv-secrets with: url: http://localhost:${{ job.services.vault.ports[8200] }} token: testtoken secrets: | test secret ; test secret | NAMED_SECRET ; nested/test otherSecret ; - name: use vault action (custom K/V version 1) uses: ./ with: url: http://localhost:${{ job.services.vault.ports[8200] }} token: testtoken path: my-secret kv-version: 1 secrets: | test altSecret ; test altSecret | NAMED_ALTSECRET ; nested/test otherAltSecret ; - name: use vault action (using cubbyhole engine) uses: ./ with: url: http://localhost:${{ job.services.vault.ports[8200] }} token: testtoken secrets: | /cubbyhole/test foo ; /cubbyhole/test zip | NAMED_CUBBYSECRET ; - name: verify run: npm run test:e2e env: OTHER_SECRET_OUTPUT: ${{ steps.kv-secrets.outputs.otherSecret }} # Removing publish step for now. # publish: # if: github.event_name == 'push' && contains(github.ref, 'master') # runs-on: ubuntu-latest # needs: [build, integration, e2e] # steps: # - uses: actions/checkout@v1 # - uses: actions/setup-node@v1 # with: # node-version: '' # - name: setup npm cache # uses: actions/cache@v1 # with: # path: ~/.npm # key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} # restore-keys: | # ${{ runner.os }}-node- # - name: npm install # run: npm ci # - name: release # if: success() && endsWith(github.ref, 'master') # run: npx semantic-release # env: # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # NPM_TOKEN: ${{ secrets.NPM_TOKEN }}