[DPE-5511] postgresql.conf hardening #3039
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright 2022 Canonical Ltd. | |
| # See LICENSE file for licensing details. | |
| name: Tests | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| on: | |
| pull_request: | |
| paths-ignore: | |
| - '.gitignore' | |
| - '.jujuignore' | |
| - 'LICENSE' | |
| - '**.md' | |
| - .github/renovate.json5 | |
| - '.github/workflows/sync_docs.yaml' | |
| schedule: | |
| - cron: '53 0 * * *' # Daily at 00:53 UTC | |
| # Triggered on push to branch "main" by .github/workflows/release.yaml | |
| workflow_call: | |
| jobs: | |
| lint: | |
| name: Lint | |
| uses: canonical/data-platform-workflows/.github/workflows/lint.yaml@v21.0.1 | |
| unit-test: | |
| name: Unit test charm | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install tox & poetry | |
| run: | | |
| pipx install tox | |
| pipx install poetry | |
| - name: Run tests | |
| run: tox run -e unit | |
| - name: Upload Coverage to Codecov | |
| uses: codecov/codecov-action@v4 | |
| env: | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| build: | |
| name: Build charm | |
| uses: canonical/data-platform-workflows/.github/workflows/build_charm.yaml@v21.0.1 | |
| with: | |
| cache: true | |
| integration-test: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| juju: | |
| - agent: 2.9.50 # renovate: juju-agent-pin-minor | |
| libjuju: ==2.9.49.0 # renovate: latest libjuju 2 | |
| allure_on_amd64: false | |
| - agent: 3.4.5 # renovate: juju-agent-pin-minor | |
| allure_on_amd64: true | |
| architecture: | |
| - amd64 | |
| include: | |
| - juju: | |
| agent: 3.4.5 # renovate: juju-agent-pin-minor | |
| allure_on_amd64: true | |
| architecture: arm64 | |
| name: Integration | ${{ matrix.juju.agent }} | ${{ matrix.architecture }} | |
| needs: | |
| - lint | |
| - unit-test | |
| - build | |
| uses: canonical/data-platform-workflows/.github/workflows/integration_test_charm.yaml@v21.0.1 | |
| with: | |
| artifact-prefix: ${{ needs.build.outputs.artifact-prefix }} | |
| architecture: ${{ matrix.architecture }} | |
| cloud: microk8s | |
| microk8s-snap-channel: 1.31-strict/stable # renovate: latest microk8s | |
| juju-agent-version: ${{ matrix.juju.agent }} | |
| libjuju-version-constraint: ${{ matrix.juju.libjuju }} | |
| _beta_allure_report: ${{ matrix.juju.allure_on_amd64 && matrix.architecture == 'amd64' }} | |
| secrets: | |
| integration-test: | | |
| { | |
| "AWS_ACCESS_KEY": "${{ secrets.AWS_ACCESS_KEY }}", | |
| "AWS_SECRET_KEY": "${{ secrets.AWS_SECRET_KEY }}", | |
| "GCP_ACCESS_KEY": "${{ secrets.GCP_ACCESS_KEY }}", | |
| "GCP_SECRET_KEY": "${{ secrets.GCP_SECRET_KEY }}", | |
| } | |
| permissions: | |
| contents: write # Needed for Allure Report beta |