actions/vault-action
2
0
Fork 0
mirror of https://github.com/hashicorp/vault-action.git synced 2026-05-19 07:35:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Upgrade Node.js to 24 and update dependencies (#604)
Some checks failed
/ build (push) Waiting to run
Details
/ integrationOSS (push) Waiting to run
Details
/ integrationEnterprise (push) Waiting to run
Details
/ e2e (push) Waiting to run
Details
/ e2e-tls (push) Waiting to run
Details
Lint GitHub Actions Workflows / actionlint (push) Has been cancelled
Details

Browse source 
* chore: upgrade Node.js to 24 and update dependencies

- Upgrade Node.js from 20 to 24.15.0 across all CI jobs and workflows
- Run npm audit fix to resolve CVEs in dependencies
- Generate TLS certs dynamically via scripts/gen-tls-certs.sh instead of using static certs
- Add Makefile targets for running each integration test suite locally

* add GOPATH/bin to PATH before running gen-tls-certs.sh

* Add changelog entry

* refactor makefile

* Refine e2e-enterprise pipeline and scripts
This commit is contained in:
Srikrishna Iyer 2026-05-12 10:21:00 +05:30 committed by GitHub
parent 79632e33d6
commit 7e48e563b6
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
17 changed files with 589 additions and 709 deletions
Download patch file Download diff file Expand all files Collapse all files

43
docker-compose.yml
View file

@ -5,32 +5,59 @@
version: "3.0"
services:
vault:
image: hashicorp/vault:latest
image: hashicorp/vault:2.0.0
environment:
VAULT_DEV_ROOT_TOKEN_ID: testtoken
SKIP_SETCAP: "true"
VAULT_LOCAL_CONFIG: '{"disable_mlock": true}'
ports:
- 8200:8200
privileged: true
healthcheck:
test: ["CMD-SHELL", "VAULT_ADDR=http://127.0.0.1:8200 vault status"]
interval: 1s
timeout: 5s
retries: 5
vault-enterprise:
image: hashicorp/vault-enterprise:latest
image: hashicorp/vault-enterprise:2.0-ent
environment:
VAULT_DEV_ROOT_TOKEN_ID: testtoken
VAULT_LICENSE: ${VAULT_LICENSE_CI}
SKIP_SETCAP: "true"
VAULT_LOCAL_CONFIG: '{"disable_mlock": true}'
ports:
- 8200:8200
privileged: true
healthcheck:
test: ["CMD-SHELL", "VAULT_ADDR=http://127.0.0.1:8200 vault status"]
interval: 1s
timeout: 5s
retries: 30
vault-tls:
image: hashicorp/vault:latest
image: hashicorp/vault:2.0.0
hostname: vault-tls
environment:
# Used by the vault CLI in the healthcheck to trust the CA
VAULT_CAPATH: /etc/vault/ca.crt
SKIP_SETCAP: "true"
VAULT_LOCAL_CONFIG: '{"disable_mlock": true}'
ports:
- 8200:8200
privileged: true
healthcheck:
# Exit 2 means sealed-but-running, which is acceptable during startup
test:
- CMD-SHELL
- |
export VAULT_ADDR=https://127.0.0.1:8200 VAULT_CACERT=/etc/vault/ca.crt VAULT_CLIENT_CERT=/etc/vault/client.crt VAULT_CLIENT_KEY=/etc/vault/client.key
vault status; s=$$?; [ $$s -eq 0 ] || [ $$s -eq 2 ]
interval: 1s
timeout: 5s
retries: 30
volumes:
- ${PWD}/integrationTests/e2e-tls/configs:/etc/vault
- vault-data:/var/lib/vault:rw
# Certs generated by scripts/gen-tls-certs.sh into .build/certs/
- ${PWD}/.build/certs:/etc/vault
# tmpfs gives the non-root vault user write access without chown tricks;
# ephemeral storage is fine since tests always reinitialize vault from scratch
tmpfs: /var/lib/vault
entrypoint: vault server -config=/etc/vault/config.hcl
volumes:
vault-data: