Skip to content

Commit f7a94ca

Browse files
erezrokaherezrokah
authored
chore(ci): Enable policy tests (#12333)
 #### Summary Fixes #11970. Only needed to update the CLI version to `3.10.1` in the CI <!--
1 parent 33d39cf commit f7a94ca

5 files changed

Lines changed: 182 additions & 187 deletions

File tree

.github/workflows/source_aws.yml

Lines changed: 45 additions & 46 deletions
Original file line numberDiff line numberDiff line change
@@ -106,51 +106,50 @@ jobs:
106106
run: goreleaser release --timeout 50m --snapshot --clean --skip-validate --skip-publish --skip-sign -f ./plugins/source/aws/.goreleaser.yaml
107107
env:
108108
GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}
109-
# test-policies:
110-
# timeout-minutes: 30
111-
# needs: [resolve-runner]
112-
# runs-on: ${{ needs.resolve-runner.outputs.runner }}
113-
# defaults:
114-
# run:
115-
# working-directory: ./plugins/source/aws
116-
# services:
117-
# postgres:
118-
# image: postgres:11
119-
# env:
120-
# POSTGRES_PASSWORD: pass
121-
# POSTGRES_USER: postgres
122-
# POSTGRES_DB: postgres
123-
# ports:
124-
# - 5432:5432
125-
# # Set health checks to wait until postgres has started
126-
# options: >-
127-
# --health-cmd pg_isready
128-
# --health-interval 10s
129-
# --health-timeout 5s
130-
# --health-retries 5
131-
# steps:
132-
# - name: Checkout
133-
# uses: actions/checkout@v3
134-
# - name: Set up Go 1.x
135-
# uses: erezrokah/setup-go@feat/add_cache_prefix
136-
# with:
137-
# go-version-file: plugins/source/aws/go.mod
138-
# cache: true
139-
# cache-dependency-path: plugins/source/aws/go.sum
140-
# cache-key-prefix: policies-cache-
141-
# - name: Build
142-
# run: go build .
143-
# - name: Setup CloudQuery
144-
# uses: cloudquery/setup-cloudquery@v3
145-
# with:
146-
# version: 'v3.5.0'
147-
# - name: Migrate DB
148-
# run: cloudquery migrate test/policy_cq_config.yml
149-
# env:
150-
# CQ_DSN: postgresql://postgres:pass@localhost:5432/postgres
151-
# - name: Run all policies
152-
# run: cd policies && psql -h localhost -p 5432 -U postgres -d postgres -w -f ./policy.sql
153-
# env:
154-
# PGPASSWORD: pass
109+
test-policies:
110+
timeout-minutes: 30
111+
runs-on: large-ubuntu-monorepo
112+
defaults:
113+
run:
114+
working-directory: ./plugins/source/aws
115+
services:
116+
postgres:
117+
image: postgres:11
118+
env:
119+
POSTGRES_PASSWORD: pass
120+
POSTGRES_USER: postgres
121+
POSTGRES_DB: postgres
122+
ports:
123+
- 5432:5432
124+
# Set health checks to wait until postgres has started
125+
options: >-
126+
--health-cmd pg_isready
127+
--health-interval 10s
128+
--health-timeout 5s
129+
--health-retries 5
130+
steps:
131+
- name: Checkout
132+
uses: actions/checkout@v3
133+
- name: Set up Go 1.x
134+
uses: erezrokah/setup-go@feat/add_cache_prefix
135+
with:
136+
go-version-file: plugins/source/aws/go.mod
137+
cache: true
138+
cache-dependency-path: plugins/source/aws/go.sum
139+
cache-key-prefix: policies-cache-
140+
- name: Build
141+
run: go build .
142+
- name: Setup CloudQuery
143+
uses: cloudquery/setup-cloudquery@v3
144+
with:
145+
version: 'v3.10.1'
146+
- name: Migrate DB
147+
run: cloudquery migrate test/policy_cq_config.yml
148+
env:
149+
CQ_DSN: postgresql://postgres:pass@localhost:5432/postgres
150+
- name: Run all policies
151+
run: cd policies && psql -h localhost -p 5432 -U postgres -d postgres -w -f ./policy.sql
152+
env:
153+
PGPASSWORD: pass
155154

156155

.github/workflows/source_azure.yml

Lines changed: 45 additions & 46 deletions
Original file line numberDiff line numberDiff line change
@@ -88,50 +88,49 @@ jobs:
8888
run: goreleaser release --snapshot --clean --skip-validate --skip-publish --skip-sign -f ./plugins/source/azure/.goreleaser.yaml
8989
env:
9090
GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}
91-
# test-policies:
92-
# timeout-minutes: 30
93-
# needs: [ resolve-runner ]
94-
# runs-on: ${{ needs.resolve-runner.outputs.runner }}
95-
# defaults:
96-
# run:
97-
# working-directory: ./plugins/source/azure
98-
# services:
99-
# postgres:
100-
# image: postgres:11
101-
# env:
102-
# POSTGRES_PASSWORD: pass
103-
# POSTGRES_USER: postgres
104-
# POSTGRES_DB: postgres
105-
# ports:
106-
# - 5432:5432
107-
# # Set health checks to wait until postgres has started
108-
# options: >-
109-
# --health-cmd pg_isready
110-
# --health-interval 10s
111-
# --health-timeout 5s
112-
# --health-retries 5
113-
# steps:
114-
# - name: Checkout
115-
# uses: actions/checkout@v3
116-
# - name: Set up Go 1.x
117-
# uses: erezrokah/setup-go@feat/add_cache_prefix
118-
# with:
119-
# go-version-file: plugins/source/azure/go.mod
120-
# cache: true
121-
# cache-dependency-path: plugins/source/azure/go.sum
122-
# cache-key-prefix: policies-cache-
123-
# - name: Build
124-
# run: go build .
125-
# - name: Setup CloudQuery
126-
# uses: cloudquery/setup-cloudquery@v3
127-
# with:
128-
# version: 'v3.5.0'
129-
# - name: Migrate DB
130-
# run: cloudquery migrate test/policy_cq_config.yml
131-
# env:
132-
# CQ_DSN: postgresql://postgres:pass@localhost:5432/postgres
133-
# - name: Run all policies
134-
# run: cd policies && psql -h localhost -p 5432 -U postgres -d postgres -w -f ./policy.sql
135-
# env:
136-
# PGPASSWORD: pass
91+
test-policies:
92+
timeout-minutes: 30
93+
runs-on: large-ubuntu-monorepo
94+
defaults:
95+
run:
96+
working-directory: ./plugins/source/azure
97+
services:
98+
postgres:
99+
image: postgres:11
100+
env:
101+
POSTGRES_PASSWORD: pass
102+
POSTGRES_USER: postgres
103+
POSTGRES_DB: postgres
104+
ports:
105+
- 5432:5432
106+
# Set health checks to wait until postgres has started
107+
options: >-
108+
--health-cmd pg_isready
109+
--health-interval 10s
110+
--health-timeout 5s
111+
--health-retries 5
112+
steps:
113+
- name: Checkout
114+
uses: actions/checkout@v3
115+
- name: Set up Go 1.x
116+
uses: erezrokah/setup-go@feat/add_cache_prefix
117+
with:
118+
go-version-file: plugins/source/azure/go.mod
119+
cache: true
120+
cache-dependency-path: plugins/source/azure/go.sum
121+
cache-key-prefix: policies-cache-
122+
- name: Build
123+
run: go build .
124+
- name: Setup CloudQuery
125+
uses: cloudquery/setup-cloudquery@v3
126+
with:
127+
version: 'v3.10.1'
128+
- name: Migrate DB
129+
run: cloudquery migrate test/policy_cq_config.yml
130+
env:
131+
CQ_DSN: postgresql://postgres:pass@localhost:5432/postgres
132+
- name: Run all policies
133+
run: cd policies && psql -h localhost -p 5432 -U postgres -d postgres -w -f ./policy.sql
134+
env:
135+
PGPASSWORD: pass
137136

.github/workflows/source_gcp.yml

Lines changed: 45 additions & 46 deletions
Original file line numberDiff line numberDiff line change
@@ -88,49 +88,48 @@ jobs:
8888
run: goreleaser release --snapshot --clean --skip-validate --skip-publish --skip-sign -f ./plugins/source/gcp/.goreleaser.yaml
8989
env:
9090
GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}
91-
# test-policies:
92-
# timeout-minutes: 30
93-
# needs: [resolve-runner]
94-
# runs-on: ${{ needs.resolve-runner.outputs.runner }}
95-
# defaults:
96-
# run:
97-
# working-directory: ./plugins/source/gcp
98-
# services:
99-
# postgres:
100-
# image: postgres:11
101-
# env:
102-
# POSTGRES_PASSWORD: pass
103-
# POSTGRES_USER: postgres
104-
# POSTGRES_DB: postgres
105-
# ports:
106-
# - 5432:5432
107-
# # Set health checks to wait until postgres has started
108-
# options: >-
109-
# --health-cmd pg_isready
110-
# --health-interval 10s
111-
# --health-timeout 5s
112-
# --health-retries 5
113-
# steps:
114-
# - name: Checkout
115-
# uses: actions/checkout@v3
116-
# - name: Set up Go 1.x
117-
# uses: erezrokah/setup-go@feat/add_cache_prefix
118-
# with:
119-
# go-version-file: plugins/source/gcp/go.mod
120-
# cache: true
121-
# cache-dependency-path: plugins/source/gcp/go.sum
122-
# cache-key-prefix: policies-cache-
123-
# - name: Build
124-
# run: go build .
125-
# - name: Setup CloudQuery
126-
# uses: cloudquery/setup-cloudquery@v3
127-
# with:
128-
# version: 'v3.5.0'
129-
# - name: Migrate DB
130-
# run: cloudquery migrate test/policy_cq_config.yml
131-
# env:
132-
# CQ_DSN: postgresql://postgres:pass@localhost:5432/postgres
133-
# - name: Run all policies
134-
# run: cd policies && psql -h localhost -p 5432 -U postgres -d postgres -w -f ./policy.sql
135-
# env:
136-
# PGPASSWORD: pass
91+
test-policies:
92+
timeout-minutes: 30
93+
runs-on: large-ubuntu-monorepo
94+
defaults:
95+
run:
96+
working-directory: ./plugins/source/gcp
97+
services:
98+
postgres:
99+
image: postgres:11
100+
env:
101+
POSTGRES_PASSWORD: pass
102+
POSTGRES_USER: postgres
103+
POSTGRES_DB: postgres
104+
ports:
105+
- 5432:5432
106+
# Set health checks to wait until postgres has started
107+
options: >-
108+
--health-cmd pg_isready
109+
--health-interval 10s
110+
--health-timeout 5s
111+
--health-retries 5
112+
steps:
113+
- name: Checkout
114+
uses: actions/checkout@v3
115+
- name: Set up Go 1.x
116+
uses: erezrokah/setup-go@feat/add_cache_prefix
117+
with:
118+
go-version-file: plugins/source/gcp/go.mod
119+
cache: true
120+
cache-dependency-path: plugins/source/gcp/go.sum
121+
cache-key-prefix: policies-cache-
122+
- name: Build
123+
run: go build .
124+
- name: Setup CloudQuery
125+
uses: cloudquery/setup-cloudquery@v3
126+
with:
127+
version: 'v3.10.1'
128+
- name: Migrate DB
129+
run: cloudquery migrate test/policy_cq_config.yml
130+
env:
131+
CQ_DSN: postgresql://postgres:pass@localhost:5432/postgres
132+
- name: Run all policies
133+
run: cd policies && psql -h localhost -p 5432 -U postgres -d postgres -w -f ./policy.sql
134+
env:
135+
PGPASSWORD: pass

.github/workflows/source_k8s.yml

Lines changed: 45 additions & 46 deletions
Original file line numberDiff line numberDiff line change
@@ -88,49 +88,48 @@ jobs:
8888
run: goreleaser release --snapshot --clean --skip-validate --skip-publish --skip-sign -f ./plugins/source/k8s/.goreleaser.yaml
8989
env:
9090
GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}
91-
# test-policies:
92-
# timeout-minutes: 30
93-
# needs: [resolve-runner]
94-
# runs-on: ${{ needs.resolve-runner.outputs.runner }}
95-
# defaults:
96-
# run:
97-
# working-directory: ./plugins/source/k8s
98-
# services:
99-
# postgres:
100-
# image: postgres:11
101-
# env:
102-
# POSTGRES_PASSWORD: pass
103-
# POSTGRES_USER: postgres
104-
# POSTGRES_DB: postgres
105-
# ports:
106-
# - 5432:5432
107-
# # Set health checks to wait until postgres has started
108-
# options: >-
109-
# --health-cmd pg_isready
110-
# --health-interval 10s
111-
# --health-timeout 5s
112-
# --health-retries 5
113-
# steps:
114-
# - name: Checkout
115-
# uses: actions/checkout@v3
116-
# - name: Set up Go 1.x
117-
# uses: erezrokah/setup-go@feat/add_cache_prefix
118-
# with:
119-
# go-version-file: plugins/source/k8s/go.mod
120-
# cache: true
121-
# cache-dependency-path: plugins/source/k8s/go.sum
122-
# cache-key-prefix: policies-cache-
123-
# - name: Build
124-
# run: go build .
125-
# - name: Setup CloudQuery
126-
# uses: cloudquery/setup-cloudquery@v3
127-
# with:
128-
# version: 'v3.5.0'
129-
# - name: Migrate DB
130-
# run: cloudquery migrate test/policy_cq_config.yml
131-
# env:
132-
# CQ_DSN: postgresql://postgres:pass@localhost:5432/postgres
133-
# - name: Run all policies
134-
# run: cd policies && psql -h localhost -p 5432 -U postgres -d postgres -w -f ./policy.sql
135-
# env:
136-
# PGPASSWORD: pass
91+
test-policies:
92+
timeout-minutes: 30
93+
runs-on: large-ubuntu-monorepo
94+
defaults:
95+
run:
96+
working-directory: ./plugins/source/k8s
97+
services:
98+
postgres:
99+
image: postgres:11
100+
env:
101+
POSTGRES_PASSWORD: pass
102+
POSTGRES_USER: postgres
103+
POSTGRES_DB: postgres
104+
ports:
105+
- 5432:5432
106+
# Set health checks to wait until postgres has started
107+
options: >-
108+
--health-cmd pg_isready
109+
--health-interval 10s
110+
--health-timeout 5s
111+
--health-retries 5
112+
steps:
113+
- name: Checkout
114+
uses: actions/checkout@v3
115+
- name: Set up Go 1.x
116+
uses: erezrokah/setup-go@feat/add_cache_prefix
117+
with:
118+
go-version-file: plugins/source/k8s/go.mod
119+
cache: true
120+
cache-dependency-path: plugins/source/k8s/go.sum
121+
cache-key-prefix: policies-cache-
122+
- name: Build
123+
run: go build .
124+
- name: Setup CloudQuery
125+
uses: cloudquery/setup-cloudquery@v3
126+
with:
127+
version: 'v3.10.1'
128+
- name: Migrate DB
129+
run: cloudquery migrate test/policy_cq_config.yml
130+
env:
131+
CQ_DSN: postgresql://postgres:pass@localhost:5432/postgres
132+
- name: Run all policies
133+
run: cd policies && psql -h localhost -p 5432 -U postgres -d postgres -w -f ./policy.sql
134+
env:
135+
PGPASSWORD: pass

scripts/workflows/wait_for_required_workflows.js

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -44,9 +44,8 @@ module.exports = async ({github, context}) => {
4444
actions = ["cli (large-ubuntu-monorepo)", "cli (large-windows-monorepo)", "cli (macos-latest-xl)", ...actions]
4545
}
4646

47-
// Enforce policy tests for AWS,Azure and K8s plugins
48-
// TODO: Add k8s and gcp, azure back
49-
const pluginsWithPolicyTests = []
47+
// Enforce policy tests for AWS, Azure, GCP and K8s plugins
48+
const pluginsWithPolicyTests = ['plugins/source/aws', 'plugins/source/azure', 'plugins/source/gcp', 'plugins/source/k8s']
5049
for (const plugin of pluginsWithPolicyTests) {
5150
if (actions.includes(plugin)) {
5251
actions = [...actions, 'test-policies']

0 commit comments

Comments
 (0)