Fix AWS token used in tests #835

Workflow file for this run

.github/workflows/build-pr.yml at c9a8c79

	#
	# Workflow: Build&Test PR for Hazelcast organization members
	# This workflow builds multiple configurations for MacOS, Windows, Ubuntu
	# If all the builds and tests are success, the PR can be merged.
	# It also runs code-coverage and upload the result as an artifact.

	name: Build&Test PR
	on:

	# automatic on every pull request
	pull_request_target:

	# manual (for community PRs that we want to force-run here)
	workflow_dispatch:
	inputs:

	# the PR number eg 712
	pr_number:
	description: Enter guest PR number to run test & coverage on it.
	required: true

	# the PR HEAD commit SHA which MUST have been verified
	pr_commit:
	description: Enter guest PR verified HEAD commit SHA.
	required: true
	env:
	BOOST_VERSION: 1.89.0
	BOOST_ARCHIVE_NAME: 'boost_1_89_0.tar.gz'
	BOOST_FOLDER_NAME: 'boost_1_89_0'
	BOOST_INCLUDE_FOLDER: 'C:\Boost\include\boost-1_89'
	BOOST_URL: 'https://archives.boost.io/release/1.89.0/source/boost_1_89_0.tar.gz'
	THRIFT_VERSION: 0.13.0
	RUN_TESTS: true

	jobs:

	# test hazelcast membership
	test-membership:
	name: Test Hazelcast Membership
	runs-on: ubuntu-latest
	outputs:
	is-hazelcast: ${{ steps.test-membership.outputs.check-result }}

	steps:
	- name: Test
	id: test-membership
	uses: hazelcast/hazelcast-tpm/membership@main
	with:
	organization-name: hazelcast
	member-name: ${{ github.actor }}
	token: ${{ secrets.GH_TOKEN }}

	# ensure PR is trusted
	ensure-membership:
	name: Ensure Membership
	runs-on: ubuntu-latest
	needs: test-membership
	strategy:
	fail-fast: false

	if: ${{ needs.test-membership.outputs.is-hazelcast == 'true' \|\| github.event_name == 'workflow_dispatch' \|\| github.actor == 'dependabot[bot]' }}
	steps:
	- name: Report
	shell: bash
	run: echo "User ${{ github.actor }} is trusted for test execution"


	# get
	get-refs:
	name: Get Refs
	runs-on: ubuntu-latest
	needs: ensure-membership
	outputs:
	ref: ${{ steps.get-refs.outputs.ref }}
	merged-ref: ${{ steps.get-refs.outputs.merged-ref }}
	base-sha: ${{ steps.get-refs.outputs.base-sha }}

	steps:
	- name: Get Refs
	id: get-refs
	shell: bash
	run: \|
	echo "EVENT: ${{ github.event_name }}"
	if [ "${{ github.event_name }}" == "workflow_dispatch" ]; then
	echo "PR_NUMBER: ${{ inputs.pr_number }}"
	echo "PR_COMMIT: ${{ inputs.pr_commit }}"
	echo "ref=refs/pull/${{ inputs.pr_number }}/merge" >> $GITHUB_OUTPUT
	echo "merged-ref=${{ inputs.pr_commit }}" >> $GITHUB_OUTPUT
	echo "base-sha=$(gh api repos/${GITHUB_REPOSITORY}/pulls/${{ inputs.pr_number }} --jq '.base.sha')" >> "$GITHUB_OUTPUT"
	else
	echo "PR_NUMBER: ${{ github.event.pull_request.number }}"
	echo "ref=refs/pull/${{ github.event.pull_request.number }}/merge" >> $GITHUB_OUTPUT
	echo "merged-ref=''" >> $GITHUB_OUTPUT
	echo "base-sha=${{ github.event.pull_request.base.sha }}" >> "$GITHUB_OUTPUT"
	fi
	env:
	GH_TOKEN: ${{ secrets.GH_TOKEN }}

	# run for code-coverage and upload the result as an artifact.
	code-coverage:
	runs-on: ubuntu-latest
	permissions:
	id-token: write
	needs: get-refs

	name: Code Coverage
	steps:
	- name: Checkout code
	uses: actions/checkout@v5
	with:
	ref: ${{ needs.get-refs.outputs.ref }}
	token: ${{ secrets.GH_TOKEN }}

	- uses: ./.github/actions/coverage-report
	with:
	GH_TOKEN: ${{ secrets.GH_TOKEN }}
	BOOST_VERSION: ${{ env.BOOST_VERSION }}
	THRIFT_VERSION: ${{ env.THRIFT_VERSION }}
	RUN_TESTS: ${{ env.RUN_TESTS }}
	HAZELCAST_ENTERPRISE_KEY: ${{ secrets.HAZELCAST_ENTERPRISE_KEY }}
	AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_HAZELCAST_OIDC_GITHUB_ACTIONS_ROLE_ARN }}
	HZ_TEST_AWS_INSTANCE_PRIVATE_IP: ${{ secrets.HZ_TEST_AWS_INSTANCE_PRIVATE_IP }}

	shared-matrix:
	uses: ./.github/workflows/get-shared-matrix.yml

	Ubuntu-x86_64:
	needs:
	- get-refs
	- shared-matrix
	strategy:
	fail-fast: false
	matrix:
	build_type: ${{ fromJSON(needs.shared-matrix.outputs.build-type) }}
	shared_libs: ${{ fromJSON(needs.shared-matrix.outputs.shared-libs) }}
	with_openssl: ${{ fromJSON(needs.shared-matrix.outputs.openssl) }}

	runs-on: ubuntu-latest
	permissions:
	id-token: write

	name: ubuntu-x64-(${{ matrix.build_type }}, ${{ matrix.shared_libs.name }}, ${{ matrix.with_openssl.name }})
	steps:

	- uses: actions/checkout@v5
	with:
	ref: ${{ needs.get-refs.outputs.ref }}
	token: ${{ secrets.GH_TOKEN }}

	- uses: ./.github/actions/build-test/ubuntu-x86_64
	with:
	GH_TOKEN: ${{ secrets.GH_TOKEN }}
	BOOST_VERSION: ${{ env.BOOST_VERSION }}
	THRIFT_VERSION: ${{ env.THRIFT_VERSION }}
	BUILD_TYPE: ${{ matrix.build_type }}
	SHARED_LIBS_TOGGLE: ${{ matrix.shared_libs.toggle }}
	OPENSSL_TOGGLE: ${{ matrix.with_openssl.toggle }}
	RUN_TESTS: ${{ env.RUN_TESTS }}
	HAZELCAST_ENTERPRISE_KEY: ${{ secrets.HAZELCAST_ENTERPRISE_KEY }}
	AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_HAZELCAST_OIDC_GITHUB_ACTIONS_ROLE_ARN }}
	HZ_TEST_AWS_INSTANCE_PRIVATE_IP: ${{ secrets.HZ_TEST_AWS_INSTANCE_PRIVATE_IP }}

	Windows:
	needs:
	- get-refs
	- shared-matrix
	strategy:
	fail-fast: false
	matrix:
	options: ${{ fromJSON(needs.shared-matrix.outputs.windows-options) }}
	build_type: ${{ fromJSON(needs.shared-matrix.outputs.build-type) }}
	shared_libs: ${{ fromJSON(needs.shared-matrix.outputs.shared-libs) }}
	with_openssl: ${{ fromJSON(needs.shared-matrix.outputs.openssl) }}

	runs-on: 'windows-latest'
	permissions:
	id-token: write
	name: windows-${{ matrix.options.address_model }}-(${{ matrix.build_type }}, ${{ matrix.shared_libs.name }}, ${{ matrix.with_openssl.name }})
	steps:
	- uses: actions/checkout@v5
	with:
	ref: ${{ needs.get-refs.outputs.ref }}
	token: ${{ secrets.GH_TOKEN }}

	- uses: ./.github/actions/build-test/windows
	with:
	GH_TOKEN: ${{ secrets.GH_TOKEN }}
	BOOST_VERSION: ${{ env.BOOST_VERSION }}
	THRIFT_VERSION: ${{ env.THRIFT_VERSION }}
	BUILD_TYPE: ${{ matrix.build_type }}
	SHARED_LIBS_TOGGLE: ${{ matrix.shared_libs.toggle }}
	OPENSSL_TOGGLE: ${{ matrix.with_openssl.toggle }}
	ARCH_CHOCO_OPTIONS: ${{ matrix.options.choco_options }}
	ARCH_ADDRESS_MODEL: ${{ matrix.options.address_model }}
	ARCH_CMAKE: ${{ matrix.options.cmake }}
	INSTALL_BOOST: true
	BOOST_URL: ${{ env.BOOST_URL }}
	BOOST_ARCHIVE_NAME: ${{ env.BOOST_ARCHIVE_NAME }}
	BOOST_FOLDER_NAME: ${{ env.BOOST_FOLDER_NAME }}
	BOOST_INCLUDE_FOLDER: ${{ env.BOOST_INCLUDE_FOLDER }}
	INSTALL_THRIFT: true
	RUN_TESTS: ${{ env.RUN_TESTS }}
	HAZELCAST_ENTERPRISE_KEY: ${{ secrets.HAZELCAST_ENTERPRISE_KEY }}
	AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_HAZELCAST_OIDC_GITHUB_ACTIONS_ROLE_ARN }}
	HZ_TEST_AWS_INSTANCE_PRIVATE_IP: ${{ secrets.HZ_TEST_AWS_INSTANCE_PRIVATE_IP }}

	macOS-x86_64:
	needs:
	- get-refs
	- shared-matrix
	strategy:
	fail-fast: false
	matrix:
	build_type: ${{ fromJSON(needs.shared-matrix.outputs.build-type) }}
	shared_libs: ${{ fromJSON(needs.shared-matrix.outputs.shared-libs) }}
	with_openssl: ${{ fromJSON(needs.shared-matrix.outputs.openssl) }}

	runs-on: macos-latest
	permissions:
	id-token: write

	name: macOS-(${{ matrix.build_type }}, ${{ matrix.shared_libs.name }}, ${{ matrix.with_openssl.name }})
	env:
	OPENSSL_ROOT_DIR: /usr/local/opt/openssl/

	steps:
	- uses: actions/checkout@v5
	with:
	ref: ${{ needs.get-refs.outputs.ref }}
	token: ${{ secrets.GH_TOKEN }}

	- uses: ./.github/actions/build-test/macos-x86_64
	with:
	GH_TOKEN: ${{ secrets.GH_TOKEN }}
	BOOST_VERSION: ${{ env.BOOST_VERSION }}
	BUILD_TYPE: ${{ matrix.build_type }}
	SHARED_LIBS_TOGGLE: ${{ matrix.shared_libs.toggle }}
	OPENSSL_TOGGLE: ${{ matrix.with_openssl.toggle }}
	RUN_TESTS: ${{ env.RUN_TESTS }}
	HAZELCAST_ENTERPRISE_KEY: ${{ secrets.HAZELCAST_ENTERPRISE_KEY }}
	AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_HAZELCAST_OIDC_GITHUB_ACTIONS_ROLE_ARN }}
	HZ_TEST_AWS_INSTANCE_PRIVATE_IP: ${{ secrets.HZ_TEST_AWS_INSTANCE_PRIVATE_IP }}

	enforce-code-formatting:
	runs-on: ubuntu-latest
	needs: get-refs

	steps:
	- name: Install Necessary Packages
	run: \|
	sudo apt-get update
	sudo apt-get install -y clang-format

	- uses: actions/checkout@v5
	with:
	ref: ${{ needs.get-refs.outputs.ref }}
	token: ${{ secrets.GH_TOKEN }}
	fetch-depth: 0

	- name: Check formatting
	run: \|
	source /dev/stdin <<< "$(curl --silent https://raw.githubusercontent.com/hazelcast/github-actions-common-scripts/main/logging.functions.sh)"

	git-clang-format \
	${{ needs.get-refs.outputs.base-sha }} \
	-- \
	hazelcast

	if ! git --no-pager diff; then
	echoerr "Code not formatted as expected"
	exit 1
	fi

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix AWS token used in tests #835

Workflow file

Fix AWS token used in tests #835

Uh oh!

Workflow file for this run