diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e4d6eee..637514a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,7 +9,9 @@ concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true -# permissions: +env: + LOCK_NAME: ci.yml-integration # {workflow}-{job}, maybe a default? + S3_BUCKET: aws-s3-lock-ci jobs: build: @@ -24,50 +26,55 @@ jobs: - run: yarn build - run: yarn test --passWithNoTests - # integration: - # runs-on: ubuntu-latest - # steps: - # - uses: actions/checkout@v4 - # - uses: aws-actions/configure-aws-credentials@v4 - # with: - # aws-region: ${{ vars.AWS_REGION }} - # role-to-assume: ${{ secrets.AWS_ROLE }} + integration: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - uses: actions/checkout@v4 + - uses: aws-actions/configure-aws-credentials@v4 + with: + aws-region: ${{ vars.AWS_REGION }} + role-to-assume: ${{ secrets.AWS_ROLE }} - # - id: lock-1 - # name: Acquire for 10s - # uses: ./ - # with: - # name: workflows-ci-integration - # expires: 10s + - id: lock-1 + name: Acquire for 10s + uses: ./ + with: + name: ${{ env.LOCK_NAME }} + s3-bucket: ${{ env.S3_BUCKET }} + expires: 5s - # - id: lock-2 - # name: Wait on lock-1 then acquire - # uses: ./ - # with: - # name: workflows-ci-integration - # timeout: 15s - # expires: 5s + - id: lock-2 + name: Wait on lock-1 then acquire + uses: ./ + with: + name: ${{ env.LOCK_NAME }} + s3-bucket: ${{ env.S3_BUCKET }} + timeout: 10s - # - name: Verify locks - # run: | - # cat <<'EOM' - # lock-1 acquired ${{ lock-1.outputs.acquired-at }} - # lock-1 released ${{ lock-1.outputs.released-at }} - # lock-2 acquired ${{ lock-2.outputs.acquired-at }} - # lock-2 released ${{ lock-2.outputs.released-at }} - # EOM + - name: Verify locks + run: | + [[ -n '${{ lock-1.outputs.acquired-at }}' ]] # lock-1 + [[ -n '${{ lock-2.outputs.acquired-at }}' ]] # lock-2 + # lock-2 acquired at should be +5s - # integration-post: - # needs: integration - # runs-on: ubuntu-latest - # steps: - # - uses: actions/checkout@v4 - # - uses: aws-actions/configure-aws-credentials@v4 - # with: - # aws-region: ${{ vars.AWS_REGION }} - # role-to-assume: ${{ secrets.AWS_ROLE }} - # - name: Assert lock was released - # uses: ./ - # with: - # name: workflows-ci-integration - # timeout: 0s + integration-post: + needs: integration + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - uses: actions/checkout@v4 + - uses: aws-actions/configure-aws-credentials@v4 + with: + aws-region: ${{ vars.AWS_REGION }} + role-to-assume: ${{ secrets.AWS_ROLE }} + - name: Assert lock was released + uses: ./ + with: + name: ${{ env.LOCK_NAME }} + s3-bucket: ${{ env.S3_BUCKET }} + timeout: 0s