Multiple cookie secrets #87
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: E2E Tests | |
| on: | |
| pull_request | |
| jobs: | |
| extract_metadata: | |
| runs-on: ubuntu-latest | |
| name: Extract supported_features | |
| outputs: | |
| supported-features: ${{ steps.supported-features.outputs.value }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20.x' | |
| - name: extract supported features | |
| id: supported-features | |
| run: echo "value=$(node -p -e "require('./px_metadata.json').supported_features?.join(' or ') || ''")" >> "$GITHUB_OUTPUT" | |
| CI: | |
| name: "E2E tests" | |
| env: | |
| MOCK_COLLECTOR_IMAGE_TAG: 1.3.5 | |
| SAMPLE_SITE_IMAGE_TAG: 1.0.0 | |
| ENFORCER_SPEC_TESTS_IMAGE_TAG: 1.8.1 | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 60 | |
| needs: | |
| - extract_metadata | |
| steps: | |
| - name: Checkout Repo | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build local cluster | |
| run: ./ci_files/build_cluster.sh | |
| - name: Build Enforcer Docker image | |
| run: | | |
| docker build . -t localhost:5001/java-enforcer-sample-site:$SAMPLE_SITE_IMAGE_TAG && \ | |
| docker push localhost:5001/java-enforcer-sample-site:$SAMPLE_SITE_IMAGE_TAG | |
| - uses: azure/setup-helm@v3 | |
| with: | |
| version: '3.14.1' | |
| - name: Clone helm charts repo - mock-collector | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: PerimeterX/connect-helm-charts | |
| token: ${{ secrets.CONNECT_PULL_TOKEN }} | |
| ref: mock-collector-0.1.1 | |
| path: ./deploy_charts/mock-collector | |
| - name: Clone helm charts repo - enforcer-tests | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: PerimeterX/connect-helm-charts | |
| token: ${{ secrets.CONNECT_PULL_TOKEN }} | |
| ref: enforcer-spec-tests-0.7.1 | |
| path: ./deploy_charts/enforcer-spec-tests | |
| - name: Clone helm charts repo - sample-site | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: PerimeterX/connect-helm-charts | |
| token: ${{ secrets.CONNECT_PULL_TOKEN }} | |
| ref: sample-site-0.5.0 | |
| path: ./deploy_charts/sample-site | |
| - name: Set up Google Cloud SDK | |
| id: 'auth' | |
| uses: 'google-github-actions/auth@v2' | |
| with: | |
| credentials_json: '${{ secrets.GCR_SA_KEY }}' | |
| - name: Configure Docker credentials | |
| run: | | |
| gcloud auth configure-docker gcr.io | |
| - name: pull mock collector image | |
| run: | | |
| docker pull gcr.io/px-docker-repo/connecteam/mock-collector:$MOCK_COLLECTOR_IMAGE_TAG && \ | |
| docker tag gcr.io/px-docker-repo/connecteam/mock-collector:$MOCK_COLLECTOR_IMAGE_TAG localhost:5001/mock-collector:$MOCK_COLLECTOR_IMAGE_TAG && \ | |
| docker push localhost:5001/mock-collector:$MOCK_COLLECTOR_IMAGE_TAG | |
| - name: deploy mock collector | |
| run: | | |
| helm install mock-collector ./deploy_charts/mock-collector/charts/mock-collector \ | |
| --set image.repository=localhost:5001/mock-collector \ | |
| --set image.tag=$MOCK_COLLECTOR_IMAGE_TAG \ | |
| --set imagePullPolicy=Always --wait | |
| - name: set secrets in enforcer config | |
| run: | | |
| cat ./ci_files/enforcer-config.json |\ | |
| jq '.px_app_id="${{ secrets.PX_APP_ID }}"' |\ | |
| jq '.px_cookie_secret="${{ secrets.TEST_COOKIE_SECRET }}"' |\ | |
| jq '.px_auth_token="${{ secrets.PX_AUTH_TOKEN }}"' > /tmp/enforcer-config.json | |
| - name: log enforcer config | |
| run: cat /tmp/enforcer-config.json | |
| - name: deploy java enforcer | |
| run: | | |
| helm install java-enforcer ./deploy_charts/sample-site/charts/sample-site \ | |
| -f ./ci_files/enforcer-values.yaml \ | |
| --set image.name=localhost:5001/java-enforcer-sample-site \ | |
| --set image.tag=$SAMPLE_SITE_IMAGE_TAG \ | |
| --set-file enforcerConfig.content=/tmp/enforcer-config.json \ | |
| --wait | |
| - name: pull enforcer tests image | |
| run: | | |
| docker pull gcr.io/px-docker-repo/connecteam/enforcer-specs-tests:$ENFORCER_SPEC_TESTS_IMAGE_TAG && \ | |
| docker tag gcr.io/px-docker-repo/connecteam/enforcer-specs-tests:$ENFORCER_SPEC_TESTS_IMAGE_TAG localhost:5001/enforcer-spec-tests:$ENFORCER_SPEC_TESTS_IMAGE_TAG && \ | |
| docker push localhost:5001/enforcer-spec-tests:$ENFORCER_SPEC_TESTS_IMAGE_TAG | |
| - name: run enforcer tests | |
| run: | | |
| helm install enforcer-spec-tests ./deploy_charts/enforcer-spec-tests/charts/enforcer-spec-tests \ | |
| --set image.tag=$ENFORCER_SPEC_TESTS_IMAGE_TAG \ | |
| --set cookieSecret=${{ secrets.TEST_COOKIE_SECRET }} \ | |
| --set supportedFeatures="${{ needs.extract_metadata.outputs.supported-features }}" \ | |
| --set authToken="${{ secrets.PX_AUTH_TOKEN }}" \ | |
| --set appId=${{ secrets.PX_APP_ID }} \ | |
| --set-file enforcerMetadataContent=./px_metadata.json \ | |
| -f ./ci_files/spec-tests-values.yaml \ | |
| --wait \ | |
| --timeout 60m0s \ | |
| --wait-for-jobs | |
| - name: get tests results | |
| if: ${{ always() }} | |
| run: kubectl logs job/enforcer-spec-tests |