WIP: oidc-auth against testmachinery

Author: ccwienk

.github/workflows/run-integrationtests.yaml

@@ -0,0 +1,55 @@
+name: Integration-Tests
+description: |
+  Runs Integrationtests using TestMachinery
+
+on:
+  push:
+  workflow_dispatch:
+
+jobs:
+  run-tests:
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+    steps:
+      - uses: actions/checkout@v4
+      - uses: azure/setup-kubectl@v4
+      - name: trigger-test
+        run: |
+          set -eu
+
+          gh_token="${ACTIONS_ID_TOKEN_REQUEST_TOKEN}"
+          auth_token=$(curl -sLS \
+            -H "Authorization: Bearer ${gh_token}" \
+            "${ACTIONS_ID_TOKEN_REQUEST_URL}&audience=https%3A%2F%2Fgithub.com%2Fgardener \
+             | jq .value
+            )
+
+          if [ -z "${auth_token}" ]; then
+            echo "failed to retrieve an auth-token"
+            exit 1
+          else
+            echo "successfully retrieved an auth-token"
+          fi
+
+          # hack: generate kubectl (let us refactor after successful test)
+          cat <<EOF > kubeconfig
+          apiVersion: v1
+          clusters:
+          - cluster:
+              certificate-authority-data: TODO
+              server: https://kube-apiserver-address # TODO
+            name: cluster
+          contexts:
+          - context:
+              cluster: cluster
+              user: gha
+            name: gha
+          current-context: gha
+          kind: Config
+          preferences: {}
+          users:
+          - name: gha
+            user:
+              token: ${auth_token}
+          EOF