fluxcd-flux2/.github/workflows/e2e-azure.yaml

name: e2e-azure

on:
  workflow_dispatch:
  schedule:
    - cron: '0 6 * * *'
  push:
    branches:
      - main
    paths:
      - 'tests/**'
      - '.github/workflows/e2e-azure.yaml'
  pull_request:
    branches:
      - main
    paths:
      - 'tests/**'
      - '.github/workflows/e2e-azure.yaml'

permissions:
  contents: read

jobs:
  e2e-amd64-aks:
    runs-on: ubuntu-22.04
    defaults:
      run:
        working-directory: ./tests/azure
    # This job is currently disabled. Remove the false check when Azure subscription is enabled.
    if: false && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) && github.actor != 'dependabot[bot]'
    steps:
      - name: Checkout
        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
      - name: Setup Go
        uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
        with:
          go-version: 1.20.x
          cache-dependency-path: tests/azure/go.sum
      - name: Setup Flux CLI
        run: |
          make build
          mkdir -p $HOME/.local/bin
          mv ./bin/flux $HOME/.local/bin          
        working-directory: ./
      - name: Setup SOPS
        run: |
          mkdir -p $HOME/.local/bin
          wget https://github.com/mozilla/sops/releases/download/v3.7.1/sops-v3.7.1.linux -O $HOME/.local/bin/sops
          chmod +x $HOME/.local/bin/sops          
      - name: Setup Terraform
        uses: hashicorp/setup-terraform@633666f66e0061ca3b725c73b2ec20cd13a8fdd1 # v2
        with:
          terraform_version: 1.2.8
          terraform_wrapper: false
      - name: Setup Azure CLI
        run: |
          curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash          
      - name: Run Azure e2e tests
        env:
          ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
          ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
          ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
          ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
        run: |
          ls $HOME/.local/bin
          az login --service-principal -u ${ARM_CLIENT_ID} -p ${ARM_CLIENT_SECRET} -t ${ARM_TENANT_ID}
          go test -v -coverprofile cover.out -timeout 60m .          

  refactored-e2e-amd64-aks:
    runs-on: ubuntu-22.04
    defaults:
      run:
        working-directory: ./tests/integration
    if: (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) && github.actor != 'dependabot[bot]'
    steps:
      - name: CheckoutD
        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
      - name: Setup Go
        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
        with:
          go-version: 1.20.x
          cache-dependency-path: tests/integration/go.sum
      - name: Setup Flux CLI
        run: make build
        working-directory: ./
      - name: Setup SOPS
        run: |
          mkdir -p $HOME/.local/bin
          wget -O $HOME/.local/bin/sops https://github.com/mozilla/sops/releases/download/v$SOPS_VER/sops-v$SOPS_VER.linux
          chmod +x $HOME/.local/bin/sops          
        env:
          SOPS_VER: 3.7.1
      - name: Authenticate to Azure
        uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
        with:
          creds: '{"clientId":"${{ secrets.AZ_ARM_CLIENT_ID }}","clientSecret":"${{ secrets.AZ_ARM_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZ_ARM_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZ_ARM_TENANT_ID }}"}'
      - name: Set dynamic variables in .env
        run: |
          cat > .env <<EOF
          export TF_VAR_tags='{ "environment"="github", "ci"="true", "repo"="image-reflector-controller", "createdat"="$(date -u +x%Y-%m-%d_%Hh%Mm%Ss)" }'
          EOF          
      - name: Print .env for dynamic tag value reference
        run: cat .env
      - name: Run Azure e2e tests
        env:
          ARM_CLIENT_ID: ${{ secrets.AZ_ARM_CLIENT_ID }}
          ARM_CLIENT_SECRET: ${{ secrets.AZ_ARM_CLIENT_SECRET }}
          ARM_SUBSCRIPTION_ID: ${{ secrets.AZ_ARM_SUBSCRIPTION_ID }}
          ARM_TENANT_ID: ${{ secrets.AZ_ARM_TENANT_ID }}
          TF_VAR_azuredevops_org: ${{ secrets.TF_VAR_azuredevops_org }}
          TF_VAR_azuredevops_pat: ${{ secrets.TF_VAR_azuredevops_pat }}
          TF_VAR_location: ${{ vars.TF_VAR_azure_location }}
          GITREPO_SSH_CONTENTS: ${{ secrets.GITREPO_SSH_CONTENTS }}
          GITREPO_SSH_PUB_CONTENTS: ${{ secrets.GITREPO_SSH_PUB_CONTENTS }}
        run: |
          source .env
          mkdir -p ./build/ssh
          touch ./build/ssh/key
          echo $GITREPO_SSH_CONTENTS | base64 -d > build/ssh/key
          export GITREPO_SSH_PATH=build/ssh/key
          touch ./build/ssh/key.pub
          echo $GITREPO_SSH_PUB_CONTENTS | base64 -d > ./build/ssh/key.pub
          export GITREPO_SSH_PUB_PATH=build/ssh/key.pub
          make test-azure