Skip to content

(ITHELP-98367) - Fix AiTM attacks vulnerability #250

(ITHELP-98367) - Fix AiTM attacks vulnerability

(ITHELP-98367) - Fix AiTM attacks vulnerability #250

---
name: Install test rhel-9
on:
pull_request:
paths:
- .github/workflows/**/*
- spec/**/*
- lib/**/*
- tasks/**/*
- functions/**/*
- types/**/*
- plans/**/*
- hiera/**/*
- manifests/**/*
- templates/**/*
- files/**/*
- metadata.json
- Rakefile
- Gemfile
- provision.yaml
- .rspec
- .rubocop.yml
- .puppet-lint.rc
- .fixtures.yml
branches: [main]
workflow_dispatch: {}
jobs:
test-install:
name: PE ${{ matrix.version }} ${{ matrix.architecture }} on ${{ matrix.image }}
runs-on: ubuntu-20.04
env:
BOLT_GEM: true
BOLT_DISABLE_ANALYTICS: true
LANG: en_US.UTF-8
strategy:
fail-fast: false
matrix:
architecture: [standard-with-dr, large, extra-large-with-dr]
version: [2021.7.9, 2023.8.0]
image: [rhel-9]
steps:
- name: Checkout Source
uses: actions/checkout@v4
- name: Activate Ruby 2.7
uses: ruby/setup-ruby@v1
with:
ruby-version: '2.7'
bundler-cache: true
- name: Print bundle environment
if: ${{ github.repository_owner == 'puppetlabs' }}
run: |
echo ::group::info:bundler
bundle env
echo ::endgroup::
- name: Provision test cluster
timeout-minutes: 15
run: |
echo ::group::prepare
mkdir -p $HOME/.ssh
echo 'Host *' > $HOME/.ssh/config
echo ' ServerAliveInterval 150' >> $HOME/.ssh/config
echo ' ServerAliveCountMax 2' >> $HOME/.ssh/config
bundle exec rake spec_prep
echo ::endgroup::
echo ::group::provision
bundle exec bolt plan run peadm_spec::provision_test_cluster \
--modulepath spec/fixtures/modules \
provider=provision_service \
image=${{ matrix.image }} \
architecture=${{ matrix.architecture }} \
--log-level trace
echo ::endgroup::
echo ::group::info:request
cat request.json || true; echo
echo ::endgroup::
echo ::group::info:inventory
sed -e 's/password: .*/password: "[redacted]"/' < spec/fixtures/litmus_inventory.yaml || true
echo ::endgroup::
- name: Install PE on test cluster
timeout-minutes: 120
run: |
bundle exec bolt plan run peadm_spec::install_test_cluster \
--inventoryfile spec/fixtures/litmus_inventory.yaml \
--modulepath spec/fixtures/modules \
architecture=${{ matrix.architecture }} \
version=${{ matrix.version }} \
console_password=${{ secrets.CONSOLE_PASSWORD }}
- name: Tear down test cluster
if: ${{ always() }}
continue-on-error: true
run: |-
if [ -f spec/fixtures/litmus_inventory.yaml ]; then
echo ::group::tear_down
bundle exec rake 'litmus:tear_down'
echo ::endgroup::
echo ::group::info:request
cat request.json || true; echo
echo ::endgroup::
fi