-
-
Notifications
You must be signed in to change notification settings - Fork 17
/
Taskfile.yml
192 lines (160 loc) · 5.44 KB
/
Taskfile.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
version: '3'
tasks:
#
# Build and docs
#
build-cross:
cmds:
- task: build-cross-linux
- task: build-cross-macos
build-cross-linux:
cmds:
- cross build --target x86_64-unknown-linux-musl --target-dir target/cross/x86_64-unknown-linux-musl
- cross build --target aarch64-unknown-linux-musl --target-dir target/cross/aarch64-unknown-linux-musl
build-cross-macos:
cmds:
- cross build --target x86_64-apple-darwin --target-dir target/cross/x86_64-apple-darwin
- cross build --target aarch64-apple-darwin --target-dir target/cross/aarch64-apple-darwin
build-nix:
desc: "Build using Nix"
cmds:
- nix build -o build/nix
doc:
desc: Build documentation
cmds:
- mdbook build ./docs/
- cargo run -- schema > docs/schema/config-schema.json
# Replace mdbook schema.html file by auto-generated schema file
# Original JSON file is included by default, but this is to ensure ".novops.yml schema" appear in main TOC
- generate-schema-doc --config footer_show_time=false --config link_to_reused_ref=false --config expand_buttons=true docs/schema/config-schema.json docs/book/config/schema.html
doc-serve:
desc: Serve documentation
cmds:
- (cd docs/ && mdbook serve -o)
#
# Tests
#
test-all:
cmds:
- task: test-integ
- task: test-doc
- task: test-clippy
- task: test-cli
- task: test-install
# Integration test requires setup with containers and infrastructure
test-integ:
cmds:
- task: test-setup
- task: test-integ-run
- task: test-teardown
test-setup:
cmds:
- pnpm i --prefix tests/setup/pulumi
- task: test-setup-containers
- task: test-setup-k8s
- task: test-setup-vault
- task: test-setup-azure
- task: test-setup-gcp
- task: test-setup-aws
test-setup-containers:
cmd: docker compose -f "tests/setup/docker-compose.yml" up -d
test-setup-k8s:
cmds:
- |-
if ! kind get clusters | grep -q 'novops-auth-test'; then
kind create cluster -n novops-auth-test
docker network connect novops-test novops-auth-test-control-plane
else
echo "Kind cluster already exists, skipping."
fi
- kind get kubeconfig --name novops-auth-test > "tests/setup/k8s/kubeconfig"
- kind get kubeconfig --name novops-auth-test | yq '.clusters[0].cluster["certificate-authority-data"]' -r | base64 -d > "tests/setup/k8s/ca.pem"
#
# Pulumi setup tasks
#
# Vault and AWS use local containers: use local filesystem backend
# Azure and GCP use real Cloud: use locally configured backend
# `select -c` creates stack if it does not exists
#
test-setup-vault:
env:
PULUMI_BACKEND_URL: file://{{ .PWD }}/tests/setup/pulumi/.local-backend
PULUMI_CONFIG_PASSPHRASE: ""
cmds:
- pulumi -C "tests/setup/pulumi/vault" -s test stack select -c
- pulumi -C "tests/setup/pulumi/vault" -s test up -yfr
test-setup-aws:
env:
PULUMI_BACKEND_URL: file://{{ .PWD }}/tests/setup/pulumi/.local-backend
PULUMI_CONFIG_PASSPHRASE: ""
cmds:
- pulumi -C "tests/setup/pulumi/aws" -s test stack select -c
- pulumi -C "tests/setup/pulumi/aws" -s test up -yfr
test-setup-azure:
cmds:
- pulumi -C "tests/setup/pulumi/azure" -s test stack select -c
- pulumi -C "tests/setup/pulumi/azure" -s test up -yfr
test-setup-gcp:
cmds:
- pulumi -C "tests/setup/pulumi/gcp" -s test stack select -c
- pulumi -C "tests/setup/pulumi/gcp" -s test up -yfr
# Cleanup all containers and Pulumi stacks
test-teardown:
- kind delete cluster -n novops-auth-test
- docker compose -f "tests/setup/docker-compose.yml" down -v
- task: test-teardown-vault
- task: test-teardown-aws
- task: test-teardown-azure
- task: test-teardown-gcp
# Can be deleted directly: local-only in ephemeral containers
test-teardown-vault:
env:
PULUMI_BACKEND_URL: file://{{ .PWD }}/tests/setup/pulumi/.local-backend
PULUMI_CONFIG_PASSPHRASE: ""
cmds:
- pulumi -C "tests/setup/pulumi/vault" -s test stack rm -yf || true
# Can be deleted directly: local-only in ephemeral containers
test-teardown-aws:
env:
PULUMI_BACKEND_URL: file://{{ .PWD }}/tests/setup/pulumi/.local-backend
PULUMI_CONFIG_PASSPHRASE: ""
cmds:
- pulumi -C "tests/setup/pulumi/aws" -s test stack rm -yf || true
# MUST be deleted properly: manages real Cloud resources
test-teardown-azure:
cmds:
- pulumi -C "tests/setup/pulumi/azure" -s test down -yrf
# MUST be deleted properly: manages real Cloud resources
test-teardown-gcp:
cmds:
- pulumi -C "tests/setup/pulumi/gcp" -s test down -yrf
#
# Tests run
#
# Integration tests for AWS, Azure, GCP, Vault, SOPS and Files/environments variables.
test-integ-run:
cmd: cargo test
# Check various CLI flags
test-cli:
cmds:
- tests/cli/test-usage.sh
# Run Cargo clippy
test-clippy:
cmds:
- cargo clippy -- -D warnings
# Generate doc and ensure it's been commited properly
test-doc:
cmds:
- task: doc
- git diff --exit-code docs/schema/config-schema.json
# Test the installation script
test-install:
cmds:
- tests/install/test-install.sh
#
# Release
#
release-pr:
desc: Create a release PR
cmds:
- npx release-please release-pr --repo-url https://github.com/PierreBeucher/novops --token=${GITHUB_TOKEN}