name: Test on: push: branches: - main pull_request: branches: - main jobs: tests: strategy: matrix: arch: ['linux-amd64', 'linux-arm64', 'darwin-amd64', 'windows-amd64'] runs-on: ${{ matrix.arch }} steps: - name: Checkout uses: actions/checkout@v4 - name: Setup go uses: actions/setup-go@v5 with: go-version-file: 'go.mod' - name: Install Hashicorp Vault (on Linux) if: matrix.arch != 'darwin-amd64' && matrix.arch != 'windows-amd64' run: | ./script/vault-install.sh - name: Install Hashicorp Vault (on Windows) if: matrix.arch == 'windows-amd64' run: | & ".\scripts\vault-install.ps1" shell: pwsh - name: Start Vault in background (on Unix) id: start-vault if: matrix.arch != 'windows-amd64' env: VAULT_ADDR: "https://127.0.0.1:8200" VAULT_SKIP_VERIFY: "true" run: | ./script/vault-start.sh - name: Start Vault in background (on Windows) id: start-vault-windows if: matrix.arch == 'windows-amd64' shell: pwsh env: VAULT_ADDR: "https://127.0.0.1:8200" VAULT_SKIP_VERIFY: "true" run: | & ".\scripts\vault-start.ps1" - name: Setup Vault test data (on Unix) if: matrix.arch != 'windows-amd64' env: TEST_VAULT_KEY: ${{ vars.TEST_VAULT_KEY }} TEST_VAULT_VALUE: ${{ vars.TEST_VAULT_VALUE }} VAULT_ADDR: "https://127.0.0.1:8200" VAULT_TOKEN: root VAULT_SKIP_VERIFY: "true" run: | ./script/vault-setup.sh - name: Setup Vault test data (on Windows) if: matrix.arch == 'windows-amd64' env: VAULT_ADDR: "https://127.0.0.1:8200" VAULT_TOKEN: root VAULT_SKIP_VERIFY: "true" shell: pwsh run: | & ".\scripts\vault-setup.ps1" - name: Vet run: go vet -v ./... - name: Test env: TEST_VAULT_KEY: ${{ vars.TEST_VAULT_KEY }} TEST_VAULT_VALUE: ${{ vars.TEST_VAULT_VALUE }} VAULT_ADDR: "https://127.0.0.1:8200" VAULT_TOKEN: root VAULT_SKIP_VERIFY: "true" run: | go test -v ./... - name: Stop Vault (on Unix) if: always() && matrix.arch != 'windows-amd64' run: | if [ -f vault.pid ]; then kill $(cat vault.pid) 2>/dev/null || true rm -f vault.pid fi - name: Stop Vault (on Windows) if: always() && matrix.arch == 'windows-amd64' shell: pwsh run: | # Function to display logs function Show-VaultLogs { Write-Output "=== VAULT SERVER STDOUT (last 50 lines) ===" Get-Content "vault-logs/stdout.log" -ErrorAction SilentlyContinue | Select-Object -Last 50 Write-Output "=== VAULT SERVER STDERR (last 50 lines) ===" Get-Content "vault-logs/stderr.log" -ErrorAction SilentlyContinue | Select-Object -Last 50 } # Read PID from file (Gitea alternative to env vars) $vaultPid = $null if (Test-Path "vault-pid.txt") { $vaultPid = Get-Content "vault-pid.txt" -Raw Write-Output "Found Vault PID: $vaultPid" } # Check if previous steps failed $previousStepFailed = $false if ("${{ steps.start-vault.outcome }}" -eq "failure") { $previousStepFailed = $true Write-Output "Vault startup step failed" } # Stop the Vault process if we have a PID if ($vaultPid -and ($vaultPid -ne '')) { if ($previousStepFailed) { Write-Output "Previous step failed, showing Vault logs:" Show-VaultLogs } # Stop the Vault process try { Stop-Process -Id $vaultPid -Force -ErrorAction Stop Write-Output "Stopped Vault process $vaultPid" } catch { Write-Warning "Failed to stop process $vaultPid: $($_.Exception.Message)" } } # Clean up any remaining Vault processes $vaultProcesses = Get-Process -Name "vault" -ErrorAction SilentlyContinue if ($vaultProcesses) { Write-Output "Found additional Vault processes, stopping them..." $vaultProcesses | Stop-Process -Force -ErrorAction SilentlyContinue } # Always show logs if we're in a failure state if ($previousStepFailed -or "${{ job.status }}" -eq "failure") { Write-Output "Job failed, showing final Vault logs:" Show-VaultLogs } # Cleanup PID file if (Test-Path "vault-pid.txt") { Remove-Item "vault-pid.txt" -Force }