Skip to content

Commit

Permalink
test - try add role-session-name, and output-credentials flag, and re…
Browse files Browse the repository at this point in the history 
…move temp creds step
  • Loading branch information
@aaronchung-bitquill
aaronchung-bitquill committed Feb 4, 2025
1 parent 39bdc23 commit 733e5d7
Show file tree
Hide file tree
Showing 8 changed files with 41 additions and 128 deletions.
21 changes: 5 additions & 16 deletions .github/workflows/mysql_advanced_performance.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,29 +26,18 @@ jobs:
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_DEPLOY_ROLE }}
role-session-name: run_adv_perf_test_mysql
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
- name: 'Set up temp AWS credentials'
run: |
creds=($(aws sts get-session-token \
--duration-seconds 21600 \
--query 'Credentials.[AccessKeyId, SecretAccessKey, SessionToken]' \
--output text \
| xargs));
echo "::add-mask::${creds[0]}"
echo "::add-mask::${creds[1]}"
echo "::add-mask::${creds[2]}"
echo "TEMP_AWS_ACCESS_KEY_ID=${creds[0]}" >> $GITHUB_ENV
echo "TEMP_AWS_SECRET_ACCESS_KEY=${creds[1]}" >> $GITHUB_ENV
echo "TEMP_AWS_SESSION_TOKEN=${creds[2]}" >> $GITHUB_ENV
output-credentials: true
- name: 'Run performance tests (OpenJDK)'
run: |
./gradlew --no-parallel --no-daemon test-aurora-mysql-advanced-performance
env:
AURORA_CLUSTER_DOMAIN: ${{ secrets.DB_CONN_SUFFIX }}
RDS_DB_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
AWS_ACCESS_KEY_ID: ${{ env.TEMP_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ env.TEMP_AWS_SECRET_ACCESS_KEY }}
AWS_SESSION_TOKEN: ${{ env.TEMP_AWS_SESSION_TOKEN }}
AWS_ACCESS_KEY_ID: ${{ steps.creds.outputs.aws-access-key-id }}
AWS_SECRET_ACCESS_KEY: ${{ steps.creds.outputs.aws-secret-access-key }}
AWS_SESSION_TOKEN: ${{ steps.creds.outputs.aws-session-token }}
MYSQL_VERSION: "default"
PG_VERSION: "default"
- name: 'Archive Performance Results'
Expand Down
21 changes: 5 additions & 16 deletions .github/workflows/mysql_performance.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,29 +26,18 @@ jobs:
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_DEPLOY_ROLE }}
role-session-name: run_perf_test_mysql
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
- name: 'Set up temp AWS credentials'
run: |
creds=($(aws sts get-session-token \
--duration-seconds 21600 \
--query 'Credentials.[AccessKeyId, SecretAccessKey, SessionToken]' \
--output text \
| xargs));
echo "::add-mask::${creds[0]}"
echo "::add-mask::${creds[1]}"
echo "::add-mask::${creds[2]}"
echo "TEMP_AWS_ACCESS_KEY_ID=${creds[0]}" >> $GITHUB_ENV
echo "TEMP_AWS_SECRET_ACCESS_KEY=${creds[1]}" >> $GITHUB_ENV
echo "TEMP_AWS_SESSION_TOKEN=${creds[2]}" >> $GITHUB_ENV
output-credentials: true
- name: 'Run performance tests (OpenJDK)'
run: |
./gradlew --no-parallel --no-daemon test-aurora-mysql-performance
env:
AURORA_CLUSTER_DOMAIN: ${{ secrets.DB_CONN_SUFFIX }}
RDS_DB_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
AWS_ACCESS_KEY_ID: ${{ env.TEMP_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ env.TEMP_AWS_SECRET_ACCESS_KEY }}
AWS_SESSION_TOKEN: ${{ env.TEMP_AWS_SESSION_TOKEN }}
AWS_ACCESS_KEY_ID: ${{ steps.creds.outputs.aws-access-key-id }}
AWS_SECRET_ACCESS_KEY: ${{ steps.creds.outputs.aws-secret-access-key }}
AWS_SESSION_TOKEN: ${{ steps.creds.outputs.aws-session-token }}
MYSQL_VERSION: "default"
PG_VERSION: "default"
- name: 'Archive Performance Results'
Expand Down
21 changes: 5 additions & 16 deletions .github/workflows/pg_advanced_performance.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,29 +26,18 @@ jobs:
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_DEPLOY_ROLE }}
role-session-name: run_adv_perf_test_pgsql
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
- name: 'Set up temp AWS credentials'
run: |
creds=($(aws sts get-session-token \
--duration-seconds 21600 \
--query 'Credentials.[AccessKeyId, SecretAccessKey, SessionToken]' \
--output text \
| xargs));
echo "::add-mask::${creds[0]}"
echo "::add-mask::${creds[1]}"
echo "::add-mask::${creds[2]}"
echo "TEMP_AWS_ACCESS_KEY_ID=${creds[0]}" >> $GITHUB_ENV
echo "TEMP_AWS_SECRET_ACCESS_KEY=${creds[1]}" >> $GITHUB_ENV
echo "TEMP_AWS_SESSION_TOKEN=${creds[2]}" >> $GITHUB_ENV
output-credentials: true
- name: 'Run performance tests (OpenJDK)'
run: |
./gradlew --no-parallel --no-daemon test-aurora-pg-advanced-performance
env:
AURORA_CLUSTER_DOMAIN: ${{ secrets.DB_CONN_SUFFIX }}
RDS_DB_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
AWS_ACCESS_KEY_ID: ${{ env.TEMP_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ env.TEMP_AWS_SECRET_ACCESS_KEY }}
AWS_SESSION_TOKEN: ${{ env.TEMP_AWS_SESSION_TOKEN }}
AWS_ACCESS_KEY_ID: ${{ steps.creds.outputs.aws-access-key-id }}
AWS_SECRET_ACCESS_KEY: ${{ steps.creds.outputs.aws-secret-access-key }}
AWS_SESSION_TOKEN: ${{ steps.creds.outputs.aws-session-token }}
MYSQL_VERSION: "default"
PG_VERSION: "default"
- name: 'Archive Performance Results'
Expand Down
21 changes: 5 additions & 16 deletions .github/workflows/pg_performance.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,29 +26,18 @@ jobs:
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_DEPLOY_ROLE }}
role-session-name: run_perf_test_pgsql
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
- name: 'Set up temp AWS credentials'
run: |
creds=($(aws sts get-session-token \
--duration-seconds 21600 \
--query 'Credentials.[AccessKeyId, SecretAccessKey, SessionToken]' \
--output text \
| xargs));
echo "::add-mask::${creds[0]}"
echo "::add-mask::${creds[1]}"
echo "::add-mask::${creds[2]}"
echo "TEMP_AWS_ACCESS_KEY_ID=${creds[0]}" >> $GITHUB_ENV
echo "TEMP_AWS_SECRET_ACCESS_KEY=${creds[1]}" >> $GITHUB_ENV
echo "TEMP_AWS_SESSION_TOKEN=${creds[2]}" >> $GITHUB_ENV
output-credentials: true
- name: 'Run performance tests (OpenJDK)'
run: |
./gradlew --no-parallel --no-daemon test-aurora-pg-performance
env:
AURORA_CLUSTER_DOMAIN: ${{ secrets.DB_CONN_SUFFIX }}
RDS_DB_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
AWS_ACCESS_KEY_ID: ${{ env.TEMP_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ env.TEMP_AWS_SECRET_ACCESS_KEY }}
AWS_SESSION_TOKEN: ${{ env.TEMP_AWS_SESSION_TOKEN }}
AWS_ACCESS_KEY_ID: ${{ steps.creds.outputs.aws-access-key-id }}
AWS_SECRET_ACCESS_KEY: ${{ steps.creds.outputs.aws-secret-access-key }}
AWS_SESSION_TOKEN: ${{ steps.creds.outputs.aws-session-token }}
MYSQL_VERSION: "default"
PG_VERSION: "default"
- name: 'Archive Performance Results'
Expand Down
21 changes: 5 additions & 16 deletions .github/workflows/run-autoscaling-tests.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,29 +29,18 @@ jobs:
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_DEPLOY_ROLE }}
role-session-name: run_autoscale_test
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
- name: 'Set up temp AWS credentials'
run: |
creds=($(aws sts get-session-token \
--duration-seconds 21600 \
--query 'Credentials.[AccessKeyId, SecretAccessKey, SessionToken]' \
--output text \
| xargs));
echo "::add-mask::${creds[0]}"
echo "::add-mask::${creds[1]}"
echo "::add-mask::${creds[2]}"
echo "TEMP_AWS_ACCESS_KEY_ID=${creds[0]}" >> $GITHUB_ENV
echo "TEMP_AWS_SECRET_ACCESS_KEY=${creds[1]}" >> $GITHUB_ENV
echo "TEMP_AWS_SESSION_TOKEN=${creds[2]}" >> $GITHUB_ENV
output-credentials: true
- name: Run integration tests
run: |
./gradlew --no-parallel --no-daemon test-autoscaling-only
env:
AURORA_CLUSTER_DOMAIN: ${{ secrets.DB_CONN_SUFFIX }}
AURORA_DB_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
AWS_ACCESS_KEY_ID: ${{ env.TEMP_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ env.TEMP_AWS_SECRET_ACCESS_KEY }}
AWS_SESSION_TOKEN: ${{ env.TEMP_AWS_SESSION_TOKEN }}
AWS_ACCESS_KEY_ID: ${{ steps.creds.outputs.aws-access-key-id }}
AWS_SECRET_ACCESS_KEY: ${{ steps.creds.outputs.aws-secret-access-key }}
AWS_SESSION_TOKEN: ${{ steps.creds.outputs.aws-session-token }}
MYSQL_VERSION: "default"
PG_VERSION: "default"
- name: Mask data
Expand Down
21 changes: 5 additions & 16 deletions .github/workflows/run-integration-tests-codebuild.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,29 +33,18 @@ jobs:
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_DEPLOY_ROLE }}
role-session-name: run_integration_test_codebuild
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
- name: 'Set up temp AWS credentials'
run: |
creds=($(aws sts get-session-token \
--duration-seconds 21600 \
--query 'Credentials.[AccessKeyId, SecretAccessKey, SessionToken]' \
--output text \
| xargs));
echo "::add-mask::${creds[0]}"
echo "::add-mask::${creds[1]}"
echo "::add-mask::${creds[2]}"
echo "TEMP_AWS_ACCESS_KEY_ID=${creds[0]}" >> $GITHUB_ENV
echo "TEMP_AWS_SECRET_ACCESS_KEY=${creds[1]}" >> $GITHUB_ENV
echo "TEMP_AWS_SESSION_TOKEN=${creds[2]}" >> $GITHUB_ENV
output-credentials: true
- name: Run integration tests
run: |
./gradlew --no-parallel --no-daemon test-all-${{ matrix.environment }}-aurora
env:
AURORA_CLUSTER_DOMAIN: ${{ secrets.DB_CONN_SUFFIX }}
RDS_DB_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
AWS_ACCESS_KEY_ID: ${{ env.TEMP_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ env.TEMP_AWS_SECRET_ACCESS_KEY }}
AWS_SESSION_TOKEN: ${{ env.TEMP_AWS_SESSION_TOKEN }}
AWS_ACCESS_KEY_ID: ${{ steps.creds.outputs.aws-access-key-id }}
AWS_SECRET_ACCESS_KEY: ${{ steps.creds.outputs.aws-secret-access-key }}
AWS_SESSION_TOKEN: ${{ steps.creds.outputs.aws-session-token }}
RDS_ENDPOINT: ${{ secrets.RDS_ENDPOINT }}
MYSQL_VERSION: "latest"
PG_VERSION: "latest"
Expand Down
22 changes: 6 additions & 16 deletions .github/workflows/run-integration-tests-default.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,32 +29,22 @@ jobs:
distribution: 'corretto'
java-version: 8
- name: 'Configure AWS credentials'
id: creds
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_DEPLOY_ROLE }}
role-session-name: run_integration_test_default
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
- name: 'Set up temp AWS credentials'
run: |
creds=($(aws sts get-session-token \
--duration-seconds 21600 \
--query 'Credentials.[AccessKeyId, SecretAccessKey, SessionToken]' \
--output text \
| xargs));
echo "::add-mask::${creds[0]}"
echo "::add-mask::${creds[1]}"
echo "::add-mask::${creds[2]}"
echo "TEMP_AWS_ACCESS_KEY_ID=${creds[0]}" >> $GITHUB_ENV
echo "TEMP_AWS_SECRET_ACCESS_KEY=${creds[1]}" >> $GITHUB_ENV
echo "TEMP_AWS_SESSION_TOKEN=${creds[2]}" >> $GITHUB_ENV
output-credentials: true
- name: Run integration tests
run: |
./gradlew --no-parallel --no-daemon test-all-${{ matrix.dbEngine }}
env:
AURORA_CLUSTER_DOMAIN: ${{ secrets.DB_CONN_SUFFIX }}
RDS_DB_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
AWS_ACCESS_KEY_ID: ${{ env.TEMP_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ env.TEMP_AWS_SECRET_ACCESS_KEY }}
AWS_SESSION_TOKEN: ${{ env.TEMP_AWS_SESSION_TOKEN }}
AWS_ACCESS_KEY_ID: ${{ steps.creds.outputs.aws-access-key-id }}
AWS_SECRET_ACCESS_KEY: ${{ steps.creds.outputs.aws-secret-access-key }}
AWS_SESSION_TOKEN: ${{ steps.creds.outputs.aws-session-token }}
MYSQL_VERSION: "default"
PG_VERSION: "default"
- name: Mask data
Expand Down
21 changes: 5 additions & 16 deletions .github/workflows/run-integration-tests-latest.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,29 +32,18 @@ jobs:
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_DEPLOY_ROLE }}
role-session-name: run_integration_test_latest
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
- name: 'Set up temp AWS credentials'
run: |
creds=($(aws sts get-session-token \
--duration-seconds 21600 \
--query 'Credentials.[AccessKeyId, SecretAccessKey, SessionToken]' \
--output text \
| xargs));
echo "::add-mask::${creds[0]}"
echo "::add-mask::${creds[1]}"
echo "::add-mask::${creds[2]}"
echo "TEMP_AWS_ACCESS_KEY_ID=${creds[0]}" >> $GITHUB_ENV
echo "TEMP_AWS_SECRET_ACCESS_KEY=${creds[1]}" >> $GITHUB_ENV
echo "TEMP_AWS_SESSION_TOKEN=${creds[2]}" >> $GITHUB_ENV
output-credentials: true
- name: Run integration tests
run: |
./gradlew --no-parallel --no-daemon test-all-${{ matrix.dbEngine }}
env:
AURORA_CLUSTER_DOMAIN: ${{ secrets.DB_CONN_SUFFIX }}
RDS_DB_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
AWS_ACCESS_KEY_ID: ${{ env.TEMP_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ env.TEMP_AWS_SECRET_ACCESS_KEY }}
AWS_SESSION_TOKEN: ${{ env.TEMP_AWS_SESSION_TOKEN }}
AWS_ACCESS_KEY_ID: ${{ steps.creds.outputs.aws-access-key-id }}
AWS_SECRET_ACCESS_KEY: ${{ steps.creds.outputs.aws-secret-access-key }}
AWS_SESSION_TOKEN: ${{ steps.creds.outputs.aws-session-token }}
MYSQL_VERSION: "latest"
PG_VERSION: "latest"
- name: Mask data
Expand Down

0 comments on commit 733e5d7

Please sign in to comment.