ci: add integration test workflow for user-defined-web, freeform, drupal-core for #71 (Phase 4) #16
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Staging Push Validation | |
| # Pushes all templates to staging-coder.ddev.com with --activate=false to | |
| # verify the Coder provider accepts the HCL before any workspace is affected. | |
| # | |
| # One-time setup on the test Coder instance: | |
| # coder users create --email ci@staging-coder.ddev.com --username ci-bot --login-type none | |
| # coder users edit-roles ci-bot --roles template-admin --yes | |
| # coder tokens create --user ci-bot --lifetime 8760h | |
| # Store the token in 1Password at op://test-secrets/TEST_CODER_SESSION_TOKEN/credential | |
| # | |
| # Requires: | |
| # Repository variable: TEST_CODER_URL - https://staging-coder.ddev.com | |
| # Repository secret: OP_SERVICE_ACCOUNT_TOKEN - 1Password service account with read access | |
| # 1Password item: op://test-secrets/TEST_CODER_SESSION_TOKEN/credential | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| workflow_dispatch: | |
| inputs: | |
| debug_enabled: | |
| description: 'Run the build with tmate set "debug_enabled"' | |
| type: boolean | |
| required: false | |
| default: false | |
| jobs: | |
| push-staging: | |
| name: Push to staging (${{ matrix.template }}) | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| include: | |
| - template: user-defined-web | |
| extra_vars: "" | |
| - template: drupal-core | |
| # cache_path required until #99 (remove seed cache) lands; | |
| # non-existent path is fine — only checked at workspace create time | |
| extra_vars: "--variable cache_path=/tmp/ci-no-cache" | |
| - template: freeform | |
| extra_vars: "" | |
| fail-fast: false | |
| env: | |
| VERSION_NAME: ci-${{ github.run_id }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Load 1Password secrets | |
| uses: 1password/load-secrets-action@v4 | |
| if: ${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.owner.login == github.repository_owner }} | |
| with: | |
| export-env: true | |
| env: | |
| OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} | |
| TEST_CODER_SESSION_TOKEN: "op://test-secrets/TEST_CODER_SESSION_TOKEN/credential" | |
| - name: Setup tmate session | |
| uses: mxschmitt/action-tmate@v3 | |
| with: | |
| limit-access-to-actor: true | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| if: ${{ github.event_name == 'workflow_dispatch' && inputs.debug_enabled }} | |
| - uses: coder/setup-action@v1 | |
| with: | |
| access_url: ${{ vars.TEST_CODER_URL }} | |
| coder_session_token: ${{ env.TEST_CODER_SESSION_TOKEN }} | |
| - name: Copy VERSION into template directory | |
| run: cp VERSION ${{ matrix.template }}/VERSION | |
| - name: Push template (inactive) | |
| run: | | |
| coder templates push ${{ matrix.template }} \ | |
| --directory ${{ matrix.template }} \ | |
| --activate=false \ | |
| --name ${{ env.VERSION_NAME }} \ | |
| --yes \ | |
| --variable workspace_image_registry=index.docker.io/ddev/coder-ddev \ | |
| ${{ matrix.extra_vars }} | |
| - name: Verify version exists | |
| run: coder templates versions list ${{ matrix.template }} | grep ${{ env.VERSION_NAME }} | |
| - name: Archive CI version | |
| if: always() | |
| run: coder templates versions archive ${{ matrix.template }} ${{ env.VERSION_NAME }} --yes || true |