mirror of
https://github.com/kemko/nomad.git
synced 2026-01-01 16:05:42 +03:00
0e22fc1a0b
Allows for multiple `identity{}` blocks for tasks along with user-specified audiences. This is a building block to allow workload identities to be used with Consul, Vault and 3rd party JWT based auth methods.
Expiration is still unimplemented and is necessary for JWTs to be used securely, so that's up next.
---------
Co-authored-by: Tim Gross <tgross@hashicorp.com>
CI (unit testing)
This README describes how the Core CI Tests Github Actions works, which provides Nomad with continuous integration unit testing.
Steps
-
When a branch is pushed, GHA triggers
.github/workflows/test-core.yaml. -
The first job is
modswhich creates a pre-cache of Go modules.
- Only useful for the followup jobs on Linux runners
- Is keyed on
hash(go.sum), so a cache is re-used until deps are modified.
- The
checks,test-api,test-*jobs are started.
- The checks job runs
make check - The test job runs groups of tests, see below
3i. The check step also runs make missing
- Invokes
tools/missingto scanci/test-cores.json&& nomad source. - Fails the build if any packages in Nomad are not covered.
4a. The test-* jobs are run.
- Configured as a matrix of "groups"; each group is a set of packages.
- The GHA invokes
test-nomadwith $GOTEST_GROUP for each group. - The makefile uses
tools/missingto translate the group into packages - Package groups are configured in
ci/test-core.json
4b. The test-api job is run.
- Because
apiis a submodule, invokation of test command is special. - The GHA invokes
test-nomad-modulewith the name of the submodule.
- The
compilejobs are run
- Waits on checks to complete first
- Runs on each of
linux,macos,windows