-
Notifications
You must be signed in to change notification settings - Fork 10
147 lines (120 loc) · 5.15 KB
/
ci_e2e.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
name: E2E Tests
on:
pull_request
jobs:
extract_metadata:
runs-on: ubuntu-latest
name: Extract supported_features
outputs:
supported-features: ${{ steps.supported-features.outputs.value }}
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '20.x'
- name: extract supported features
id: supported-features
run: echo "value=$(node -p -e "require('./px_metadata.json').supported_features?.join(' or ') || ''")" >> "$GITHUB_OUTPUT"
CI:
name: "E2E tests"
env:
MOCK_COLLECTOR_IMAGE_TAG: 1.3.5
SAMPLE_SITE_IMAGE_TAG: 1.0.0
ENFORCER_SPEC_TESTS_IMAGE_TAG: 1.8.1
runs-on: ubuntu-latest
timeout-minutes: 60
needs:
- extract_metadata
steps:
- name: Checkout Repo
uses: actions/checkout@v4
- name: Set up Docker
uses: docker/setup-buildx-action@v3
- name: Build local cluster
run: ./ci_files/build_cluster.sh
- name: Build Enforcer Docker image
run: |
docker build . -t localhost:5001/java-enforcer-sample-site:$SAMPLE_SITE_IMAGE_TAG && \
docker push localhost:5001/java-enforcer-sample-site:$SAMPLE_SITE_IMAGE_TAG
- uses: azure/setup-helm@v3
with:
version: '3.14.1'
- name: Clone helm charts repo - mock-collector
uses: actions/checkout@v4
with:
repository: PerimeterX/connect-helm-charts
token: ${{ secrets.CONNECT_PULL_TOKEN }}
ref: mock-collector-0.1.1
path: ./deploy_charts/mock-collector
- name: Clone helm charts repo - enforcer-tests
uses: actions/checkout@v4
with:
repository: PerimeterX/connect-helm-charts
token: ${{ secrets.CONNECT_PULL_TOKEN }}
ref: enforcer-spec-tests-0.7.1
path: ./deploy_charts/enforcer-spec-tests
- name: Clone helm charts repo - sample-site
uses: actions/checkout@v4
with:
repository: PerimeterX/connect-helm-charts
token: ${{ secrets.CONNECT_PULL_TOKEN }}
ref: sample-site-0.5.0
path: ./deploy_charts/sample-site
- name: Set up Google Cloud SDK
id: 'auth'
uses: 'google-github-actions/auth@v2'
with:
credentials_json: '${{ secrets.GCR_SA_KEY }}'
- name: Configure Docker credentials
run: |
gcloud auth configure-docker gcr.io
- name: pull mock collector image
run: |
docker pull gcr.io/px-docker-repo/connecteam/mock-collector:$MOCK_COLLECTOR_IMAGE_TAG && \
docker tag gcr.io/px-docker-repo/connecteam/mock-collector:$MOCK_COLLECTOR_IMAGE_TAG localhost:5001/mock-collector:$MOCK_COLLECTOR_IMAGE_TAG && \
docker push localhost:5001/mock-collector:$MOCK_COLLECTOR_IMAGE_TAG
- name: deploy mock collector
run: |
helm install mock-collector ./deploy_charts/mock-collector/charts/mock-collector \
--set image.repository=localhost:5001/mock-collector \
--set image.tag=$MOCK_COLLECTOR_IMAGE_TAG \
--set imagePullPolicy=Always --wait
- name: set secrets in enforcer config
run: |
cat ./ci_files/enforcer-config.json |\
jq '.px_app_id="${{ secrets.PX_APP_ID }}"' |\
jq '.px_cookie_secret="${{ secrets.TEST_COOKIE_SECRET }}"' |\
jq '.px_auth_token="${{ secrets.PX_AUTH_TOKEN }}"' > /tmp/enforcer-config.json
- name: log enforcer config
run: cat /tmp/enforcer-config.json
- name: deploy java enforcer
run: |
helm install java-enforcer ./deploy_charts/sample-site/charts/sample-site \
-f ./ci_files/enforcer-values.yaml \
--set image.name=localhost:5001/java-enforcer-sample-site \
--set image.tag=$SAMPLE_SITE_IMAGE_TAG \
--set-file enforcerConfig.content=/tmp/enforcer-config.json \
--wait
- name: pull enforcer tests image
run: |
docker pull gcr.io/px-docker-repo/connecteam/enforcer-specs-tests:$ENFORCER_SPEC_TESTS_IMAGE_TAG && \
docker tag gcr.io/px-docker-repo/connecteam/enforcer-specs-tests:$ENFORCER_SPEC_TESTS_IMAGE_TAG localhost:5001/enforcer-spec-tests:$ENFORCER_SPEC_TESTS_IMAGE_TAG && \
docker push localhost:5001/enforcer-spec-tests:$ENFORCER_SPEC_TESTS_IMAGE_TAG
- name: run enforcer tests
run: |
helm install enforcer-spec-tests ./deploy_charts/enforcer-spec-tests/charts/enforcer-spec-tests \
--set image.tag=$ENFORCER_SPEC_TESTS_IMAGE_TAG \
--set cookieSecret=${{ secrets.TEST_COOKIE_SECRET }} \
--set supportedFeatures="${{ needs.extract_metadata.outputs.supported-features }}" \
--set authToken="${{ secrets.PX_AUTH_TOKEN }}" \
--set appId=${{ secrets.PX_APP_ID }} \
--set-file enforcerMetadataContent=./px_metadata.json \
-f ./ci_files/spec-tests-values.yaml \
--wait \
--timeout 60m0s \
--wait-for-jobs
- name: get tests results
if: ${{ always() }}
run: kubectl logs job/enforcer-spec-tests