From e16a5a7a49c9b60581a229c64f7260f8620d1590 Mon Sep 17 00:00:00 2001 From: Daniel Haus Date: Thu, 18 Apr 2024 18:47:33 +0200 Subject: [PATCH 1/2] chore: use roxctl-installer-action --- .github/workflows/e2e.yml | 15 ++++++++------- README.md | 11 +++++++++-- 2 files changed, 17 insertions(+), 9 deletions(-) diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index f8a1559..d0ee962 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -2,8 +2,9 @@ name: E2E on: push: - branches: - - main + # TODO(dhaus): Temporarily disable this to test the workflow in PR. + #branches: + # - main schedule: - cron: '0 5 * * 0' @@ -101,9 +102,9 @@ jobs: endpoint: https://localhost:8000 skip-tls-verify: true - - name: Fetch roxctl and run roxctl central whoami + - name: Install roxctl + uses: stackrox/roxctl-installer-action@v1 + + - name: Check the current user with roxctl run: | - curl -k -u admin:${ROX_PASSWORD} https://localhost:8000/api/cli/download/roxctl-linux --output ./roxctl - chmod +x ./roxctl - echo $ROX_ENDPOINT - ./roxctl central whoami + roxctl central whoami diff --git a/README.md b/README.md index 0a79baa..e639d53 100644 --- a/README.md +++ b/README.md @@ -47,8 +47,9 @@ permissions: Before being able to exchange tokens, the ACS Central instance needs to be configured to allow exchanging tokens originating from GitHub Action workflow runs. -At the current time, this only works via API, see the sample configuration below: +For more information on how to configure this, follow the [RHACS documentation](https://docs.openshift.com/acs/4.4/operating/manage-user-access/configure-short-lived-access.html). +Below is a sample configuration via API you can use: ```bash curl \ https:///v1/auth/m2m \ @@ -97,11 +98,17 @@ After the central login step has succeeded, the following environment variables For verifying everything works correctly, the example below can be used: ```yaml - - name: Central Login + - name: Login to Central uses: stackrox/central-login@v1 with: endpoint: https://:443 + - name: Install roxctl from Central + uses: stackrox/roxctl-installer-action@v1 + with: + central-endpoint: https://${{ env.ROX_ENDPOINT }} + central-token: ${{ env.ROX_API_TOKEN }} + - name: roxctl central whoami run: | roxctl central whoami From f71476b7885fcfdbb1cbff77b8394f81edafef40 Mon Sep 17 00:00:00 2001 From: Daniel Haus Date: Thu, 18 Apr 2024 20:36:30 +0200 Subject: [PATCH 2/2] Undo workflow commenting --- .github/workflows/e2e.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index d0ee962..f6c4548 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -2,9 +2,8 @@ name: E2E on: push: - # TODO(dhaus): Temporarily disable this to test the workflow in PR. - #branches: - # - main + branches: + - main schedule: - cron: '0 5 * * 0'