diff --git a/.github/workflows/cli.yml b/.github/workflows/cli.yml new file mode 100644 index 000000000..f97dfa743 --- /dev/null +++ b/.github/workflows/cli.yml @@ -0,0 +1,72 @@ +name: CLI + +on: + push: + branches: [develop] + pull_request: + branches: [develop] + +jobs: + build: + name: Build ${{ matrix.os }} + runs-on: ubuntu-latest + strategy: + matrix: + os: [linux, darwin, windows] + steps: + - name: Install dependencies + run: sudo apt-get update && sudo apt-get install git -y + - name: Set up Go 1.13 + uses: actions/setup-go@v2 + with: + go-version: 1.13 + id: go + - name: Check out code into the Go module directory + uses: actions/checkout@v2 + - uses: actions/cache@v2 + with: + path: ~/go/pkg/mod + key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} + restore-keys: | + ${{ runner.os }}-go- + - name: Build + run: GOOS=${{ matrix.os }} go build -o sops-${{ matrix.os }}-${{ github.sha }} -v go.mozilla.org/sops/cmd/sops + - name: Upload artifact + uses: actions/upload-artifact@v2 + with: + name: sops-${{ matrix.os }}-${{ github.sha }} + path: sops-${{ matrix.os }}-${{ github.sha }} + test: + name: Test + runs-on: ubuntu-latest + needs: [build] + env: + VAULT_VERSION: "1.1.3" + VAULT_TOKEN: "root" + VAULT_ADDR: "http://127.0.0.1:8200" + steps: + - name: rust-toolchain + uses: actions-rs/toolchain@v1 + with: + toolchain: "1.47.0" + override: true + - name: Check out code + uses: actions/checkout@v2 + - uses: actions/download-artifact@v2 + with: + name: sops-linux-${{ github.sha }} + - name: Move SOPS binary + run: mv sops-linux-${{ github.sha }} ./functional-tests/sops + - name: Make SOPS binary executable + run: chmod +x ./functional-tests/sops + - name: Download Vault + run: curl -O "https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_linux_amd64.zip" && sudo unzip vault_${VAULT_VERSION}_linux_amd64.zip -d /usr/local/bin/ + - name: Start Vault server + run: vault server -dev -dev-root-token-id="$VAULT_TOKEN" & + - name: Enable Vault KV + run: vault secrets enable -version=1 kv + - name: Import test GPG keys + run: for i in 1 2 3 4 5; do gpg --import pgp/sops_functional_tests_key.asc && break || sleep 15; done + - name: Run tests + run: cargo test + working-directory: ./functional-tests diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index dd5307efe..000000000 --- a/.travis.yml +++ /dev/null @@ -1,55 +0,0 @@ -language: go -go: 1.13 -go_import_path: go.mozilla.org/sops/ - -env: - - VAULT_VERSION=1.1.3 VAULT_TOKEN=root VAULT_ADDR='http://127.0.0.1:8200' - -addons: - apt: - packages: - - rpm - - ruby - - python3 - - unzip - -before_install: - - gem install fpm || sudo gem install fpm - - curl https://sh.rustup.rs -sSf | sh -s -- -y - - source ~/.cargo/env - - curl -O "https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_linux_amd64.zip" && sudo unzip vault_${VAULT_VERSION}_linux_amd64.zip -d /usr/local/bin/ - -before_script: - - vault server -dev -dev-root-token-id="$VAULT_TOKEN" & - - sleep 5 - - vault secrets enable -version=1 kv - -script: - - 'if [ "$TRAVIS_PULL_REQUEST" != "false" ]; then make; fi' - - 'if [ "$TRAVIS_PULL_REQUEST" = "false" ]; then make origin-build; fi' - - bash <(curl -s https://codecov.io/bash) - -before_deploy: - - mkdir dist - - make deb-pkg rpm-pkg - - mv *.deb *.rpm dist/ - - GOOS=darwin CGO_ENABLED=0 GO111MODULE=on go build -mod vendor -o dist/sops-${TRAVIS_TAG}.darwin go.mozilla.org/sops/v3/cmd/sops - - GOOS=windows CGO_ENABLED=0 GO111MODULE=on go build -mod vendor -o dist/sops-${TRAVIS_TAG}.exe go.mozilla.org/sops/v3/cmd/sops - - GOOS=linux CGO_ENABLED=0 GO111MODULE=on go build -mod vendor -o dist/sops-${TRAVIS_TAG}.linux go.mozilla.org/sops/v3/cmd/sops - - | - if [ ! -z "$TRAVIS_TAG" ]; then - version="v$(grep '^const Version' version/version.go |cut -d '"' -f 2)" - if [ "$version" != "$TRAVIS_TAG" ]; then - echo "Git tag $TRAVIS_TAG does not match version $version, update the source!" - exit 1 - fi - fi - -deploy: - provider: releases - api_key: "${GITHUB_OAUTH_TOKEN}" - file_glob: true - file: dist/* - skip_cleanup: true - on: - tags: true