From 43980439727ee76e204443a89c5f21953010740d Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Tue, 18 Apr 2023 21:58:05 +0200 Subject: [PATCH] Check REGIO.cloud RegionA (#263) Signed-off-by: Christian Berendt --- .../openstack/clouds.yaml | 8 ++++ .github/workflows/check-regio-a-v2.yml | 23 ++++++++++ ...ance-check-with-application-credential.yml | 43 +++++++++++++++++++ README.md | 1 + 4 files changed, 75 insertions(+) create mode 100644 .github/workflows/check-regio-a-v2.yml create mode 100644 .github/workflows/scs-compliance-check-with-application-credential.yml diff --git a/.github/scs-compliance-check/openstack/clouds.yaml b/.github/scs-compliance-check/openstack/clouds.yaml index a8d2eeb1b..7cdc7a3b8 100644 --- a/.github/scs-compliance-check/openstack/clouds.yaml +++ b/.github/scs-compliance-check/openstack/clouds.yaml @@ -39,3 +39,11 @@ clouds: region_name: "MUC5" interface: "public" identity_api_version: 3 + regio-a: + auth: + auth_url: https://keystone.services.a.regiocloud.tech + application_credential_id: "459b392c348d430f91c658f0f61cbb8e" + region_name: "RegionA" + interface: "public" + identity_api_version: 3 + auth_type: "v3applicationcredential" diff --git a/.github/workflows/check-regio-a-v2.yml b/.github/workflows/check-regio-a-v2.yml new file mode 100644 index 000000000..26e867eae --- /dev/null +++ b/.github/workflows/check-regio-a-v2.yml @@ -0,0 +1,23 @@ +name: "Compliance of regio-a" + +on: + # Trigger compliance check every day at 4:30 UTC + schedule: + - cron: '30 4 * * *' + # Trigger compliance check after Docker image has been built + workflow_run: + workflows: [Build and publish scs-compliance-check Docker image] + types: + - completed + # Allows you to run this workflow manually from the Actions tab + workflow_dispatch: + +jobs: + check-regio-a: + uses: ./.github/workflows/scs-compliance-check-with-application-credential.yml + with: + version: v2 + layer: iaas + cloud: "regio-a" + secret_name: "OS_PASSWORD_REGIO_A" + secrets: inherit diff --git a/.github/workflows/scs-compliance-check-with-application-credential.yml b/.github/workflows/scs-compliance-check-with-application-credential.yml new file mode 100644 index 000000000..bcaa83334 --- /dev/null +++ b/.github/workflows/scs-compliance-check-with-application-credential.yml @@ -0,0 +1,43 @@ +name: Check compliance of SCS cloud + +on: + workflow_call: + inputs: + version: + required: true + type: string + layer: + required: true + type: string + cloud: + required: true + type: string + secret_name: + required: true + type: string + +jobs: + scs-compliance-check: + runs-on: ubuntu-latest + container: + image: ghcr.io/sovereigncloudstack/scs-compliance-check:main + steps: + - name: "Get clouds.yaml" + run: "mkdir /etc/openstack && wget -P /etc/openstack https://raw.githubusercontent.com/sovereigncloudstack/standards/main/.github/scs-compliance-check/openstack/clouds.yaml" + - name: "Create secure.yaml" + run: | + cat << EOF > /etc/openstack/secure.yaml + clouds: + ${{ inputs.cloud }}: + auth: + application_credential_secret: ${{ secrets[inputs.secret_name] }} + EOF + - name: "Run scs-compliance-check" + run: "cd /scs-compliance && ./scs-compliance-check.py scs-compatible.yaml --version ${{ inputs.version }} ${{ inputs.layer }} -o result.yaml" + env: + OS_CLOUD: ${{ inputs.cloud }} + - name: "Upload results" + uses: actions/upload-artifact@v3 + with: + name: result + path: /scs-compliance/result.yaml diff --git a/README.md b/README.md index 53236c652..3eee8584a 100644 --- a/README.md +++ b/README.md @@ -11,6 +11,7 @@ This is a list of clouds that we test on a nightly basis against our `scs-compat | [gx-scs](https://github.com/SovereignCloudStack/docs/blob/main/community/cloud-resources/plusserver-gx-scs.md) | Dev environment provided for SCS & GAIA-X context | PlusServer GmbH | ![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/SovereignCloudStack/standards/check-gx-scs-v1.yml?label=v1%20Compliance) | ![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/SovereignCloudStack/standards/check-gx-scs-v2.yml?label=v2%20Compliance) | | [pluscloud open](https://www.plusserver.com/en/products/pluscloud-open) | Public cloud for customers | PlusServer GmbH | ![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/SovereignCloudStack/standards/check-pco-prod1-v1.yml?label=v1%20Compliance) ![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/SovereignCloudStack/standards/check-pco-prod2-v1.yml?label=v1%20Compliance) | ![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/SovereignCloudStack/standards/check-pco-prod1-v2.yml?label=v2%20Compliance) ![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/SovereignCloudStack/standards/check-pco-prod2-v2.yml?label=v2%20Compliance) | | [Wavestack](https://www.noris.de/wavestack-cloud/) | Public cloud for customers | noris network AG/Wavecon GmbH | ![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/SovereignCloudStack/standards/check-wavestack-v1.yml?label=v1%20Compliance) | ![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/SovereignCloudStack/standards/check-wavestack-v2.yml?label=v2%20Compliance) | +| [REGIO.cloud](https://regio.digital) | Public cloud for customers | OSISM GmbH | | ![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/SovereignCloudStack/standards/check-regio-a-v2.yml?label=v2%20Compliance) | ## SCS standards overview