Pull credentials from Azure vault #38
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright (c) Microsoft Corporation | |
| # SPDX-License-Identifier: MIT | |
| # Main YML file for the CICD pipeline | |
| name: CI/CD | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| pull_request: | |
| branches: [ "main" ] | |
| # Run on a daily schedule to perform the full set of tests. | |
| schedule: | |
| - cron: '00 21 * * *' | |
| permissions: | |
| id-token: write | |
| contents: read | |
| packages: write | |
| concurrency: | |
| # Cancel any CI/CD workflow currently in progress for the same PR. | |
| # Allow running concurrently with any other commits. | |
| group: cicd-${{ github.event.pull_request.number || github.sha }} | |
| cancel-in-progress: true | |
| jobs: | |
| build_and_test: | |
| strategy: | |
| matrix: | |
| configuration: [ 'Release', 'Debug' ] | |
| platform: [ 'ubuntu-22.04', 'windows-2019', 'windows-2022' ] | |
| option: [ none, sanitizer, coverage, jit ] | |
| exclude: | |
| - platform: windows-2019 | |
| option: sanitizer | |
| - platform: windows-2019 | |
| option: coverage | |
| - platform: windows-2022 | |
| option: sanitizer | |
| - platform: windows-2022 | |
| option: coverage | |
| - platform: ubuntu-22.04 | |
| option: jit | |
| uses: ./.github/workflows/Build.yml | |
| with: | |
| platform: ${{ matrix.platform }} | |
| configuration: ${{ matrix.configuration }} | |
| option: ${{ matrix.option }} | |
| finish: | |
| needs: | |
| - build_and_test | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Coveralls Finished | |
| uses: coverallsapp/github-action@v2.2.1 | |
| with: | |
| github-token: ${{ secrets.github_token }} | |
| parallel-finished: true | |
| # Note: This can't be in a workflow_call as the login action doesn't work. | |
| upload_results: | |
| needs: | |
| - build_and_test | |
| strategy: | |
| matrix: | |
| platform: [ 'ubuntu-22.04', 'windows-2019', 'windows-2022' ] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Download performance result artifacts | |
| uses: actions/download-artifact@v2 | |
| with: | |
| name: results-Release-${{matrix.platform}}-none | |
| path: results | |
| - name: Post-process results | |
| run: | | |
| python3 scripts/process_results.py --csv-directory ${{github.workspace}}/results --sql-script-file ${{github.workspace}}/results/upload.sql --commit_id "$(cat ${{github.workspace}}/results/commit_sha.txt)" --platform ${{matrix.platform}} --repository ${{github.repository}} | |
| - name: Log into Azure | |
| uses: azure/login@v1 | |
| with: | |
| client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
| tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
| subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| - name: Fetch secrets | |
| run: | | |
| az keyvault secret show --vault-name bpfperformacesecrets --name PGDATABASE --query value | sed 's/"//g' > ${{github.workspace}}/PGDATABASE | |
| az keyvault secret show --vault-name bpfperformacesecrets --name PGHOST --query value | sed 's/"//g' >> ${{github.workspace}}/PGHOST | |
| az keyvault secret show --vault-name bpfperformacesecrets --name PGUSER --query value | sed 's/"//g' >> ${{github.workspace}}/PGUSER | |
| az keyvault secret show --vault-name bpfperformacesecrets --name PGPASSWORD --query value | sed 's/"//g' >> ${{github.workspace}}/PGPASSWORD | |
| az keyvault secret show --vault-name bpfperformacesecrets --name PGPORT --query value | sed 's/"//g' >> ${{github.workspace}}/PGPORT | |
| - name: Upload results to POSTGRES | |
| run: | | |
| export PGPASSWORD=$(cat ${{github.workspace}}/PGPASSWORD) | |
| export PGHOST=$(cat ${{github.workspace}}/PGHOST) | |
| export PGUSER=$(cat ${{github.workspace}}/PGUSER) | |
| export PGPORT=$(cat ${{github.workspace}}/PGPORT) | |
| export PGDATABASE=$(cat ${{github.workspace}}/PGDATABASE) | |
| psql -f ${{github.workspace}}/results/upload.sql |