-
Notifications
You must be signed in to change notification settings - Fork 23
44 lines (42 loc) · 1.55 KB
/
scs-compliance-check-with-application-credential.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
name: Check compliance of SCS cloud
on:
workflow_call:
inputs:
version:
required: true
type: string
layer:
required: true
type: string
cloud:
required: true
type: string
secret_name:
required: true
type: string
jobs:
scs-compliance-check:
runs-on: ubuntu-latest
container:
image: ghcr.io/sovereigncloudstack/scs-compliance-check:main
steps:
- name: "Get clouds.yaml"
run: "mkdir /etc/openstack && wget -P /etc/openstack https://raw.githubusercontent.com/sovereigncloudstack/standards/main/.github/scs-compliance-check/openstack/clouds.yaml"
- name: "Create secure.yaml"
run: |
cat << EOF > /etc/openstack/secure.yaml
clouds:
${{ inputs.cloud }}:
auth:
application_credential_secret: ${{ secrets[inputs.secret_name] }}
EOF
- name: "Clean up any lingering resources from previous run"
if: ${{ inputs.layer == 'iaas' && inputs.version == 'v4' }}
run: "cd /scs-compliance && ./cleanup.py -c ${{ inputs.cloud }} --prefix _scs- --ipaddr 10.1.0. --debug"
- name: "Run scs-compliance-check"
run: "cd /scs-compliance && ./scs-compliance-check.py scs-compatible-${{ inputs.layer }}.yaml --version ${{ inputs.version }} -o result.yaml -s ${{ inputs.cloud }} -a os_cloud=${{ inputs.cloud }}"
- name: "Upload results"
uses: actions/upload-artifact@v4
with:
name: result
path: /scs-compliance/result.yaml