From 17caec674d55f65875701fa7862ca430865f8df3 Mon Sep 17 00:00:00 2001 From: Colin Hutchinson Date: Fri, 20 Oct 2023 09:31:21 -0400 Subject: [PATCH] chore: setup ci for the integration tests --- .github/workflows/tests-integration.yaml | 98 ++++++++++++++++++++++++ .github/workflows/tests-unit.yaml | 26 +++++++ Makefile | 11 +++ integration/tests/forwarder.tftest.hcl | 4 +- 4 files changed, 137 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/tests-integration.yaml create mode 100644 .github/workflows/tests-unit.yaml diff --git a/.github/workflows/tests-integration.yaml b/.github/workflows/tests-integration.yaml new file mode 100644 index 00000000..dfcf6ec7 --- /dev/null +++ b/.github/workflows/tests-integration.yaml @@ -0,0 +1,98 @@ +name: Run IAC Integration Tests + +on: + push: + branches: + - joao/tftest + +jobs: + permission_check: + runs-on: ubuntu-latest + outputs: + can-write: ${{ steps.check.outputs.can-write }} + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + steps: + - id: check + run: | + # If the AWS_ACCESS_KEY_ID secret is MIA we can't run tests + if [[ -z "$AWS_ACCESS_KEY_ID" ]]; then + echo "can-write=false" >> $GITHUB_OUTPUT + else + echo "can-write=true" >> $GITHUB_OUTPUT + fi + + test-integration: + runs-on: ubuntu-latest + needs: [permission_check] + if: needs.permission_check.outputs.can-write == 'true' + steps: + - name: Install DCE CLI + run: | + # Download dce-cli + wget -q https://github.com/Optum/dce-cli/releases/download/v0.5.0/dce_linux_amd64.zip + + # Validate checksum + expected_sha="cb140c743373e28a6c1bd4ba3fe1b81a7431dd538e1ad430fede3c1aff4508db" + test $(shasum -a256 ./dce_linux_amd64.zip | awk '{print $1}') == "${expected_sha}" + + unzip ./dce_linux_amd64.zip -d ./ + mv dce /usr/local/bin/ + + - name: Create DCE Configuration + run: | + mkdir ~/.dce + echo "api:" >> ~/.dce/config.yaml + echo " host: playground.observe-blunderdome.com" >> ~/.dce/config.yaml + echo " basepath: /" >> ~/.dce/config.yaml + echo "region: us-west-2" >> ~/.dce/config.yaml + + - name: Setup AWS credentials + uses: aws-actions/configure-aws-credentials@v4.0.1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: us-west-2 + + - name: AWS Info + run: aws sts get-caller-identity + + - name: Set Principal ID + run: | + echo "PRINCIPAL_ID=gha-${GITHUB_RUN_ID}" >> $GITHUB_ENV + + - name: Check for Existing DCE Lease + run: | + lease_id=$(dce leases list --status Active --principal-id $PRINCIPAL_ID | jq -r '.[0].id') + echo "LEASE_ID=$lease_id" >> $GITHUB_ENV + + - name: If lease not found, create a new DCE Lease + if: env.LEASE_ID == 'null' + run: | + dce leases create --budget-amount 100.0 --budget-currency USD --email colin.hutchinson+gha@observeinc.com --principal-id $PRINCIPAL_ID + lease_id=$(dce leases list --status Active --principal-id $PRINCIPAL_ID | jq -r '.[0].id') + echo "LEASE_ID=$lease_id" >> $GITHUB_ENV + + - name: checkout + uses: actions/checkout@v4 + + - name: Integration tests + run: | + eval $(dce leases login --print-creds $LEASE_ID) + aws sts get-caller-identity + make integration-test + env: + APP: forwarder + + - name: Cleanup DCE Lease + if: always() + run: | + # Logic to cleanup DCE Lease + if [[ ! -z "$LEASE_ID" && "$LEASE_ID" != "null" ]]; then + account_id=$(dce leases list --principal-id $PRINCIPAL_ID | jq -r ".[] | select(.id == \"$LEASE_ID\") | .accountId") + if [[ ! -z "$account_id" ]]; then + dce leases end \ + -p $PRINCIPAL_ID \ + -a $account_id + fi + fi diff --git a/.github/workflows/tests-unit.yaml b/.github/workflows/tests-unit.yaml new file mode 100644 index 00000000..c0df156a --- /dev/null +++ b/.github/workflows/tests-unit.yaml @@ -0,0 +1,26 @@ +name: Run Go tests + +on: + push: + tags: + - v* + branches: + - main + pull_request: + +jobs: + test: + strategy: + matrix: + go: [ 1.21.x ] + platform: [ ubuntu-latest ] + runs-on: ${{ matrix.platform }} + steps: + - name: Install Go + uses: actions/setup-go@v4 + with: + go-version: ${{ matrix.go }} + - name: Checkout code + uses: actions/checkout@v4 + - name: Test + run: make go-test diff --git a/Makefile b/Makefile index 06bb8a3d..a040be53 100644 --- a/Makefile +++ b/Makefile @@ -11,6 +11,8 @@ SAM_BUILD_DIR ?= .aws-sam/build SAM_CONFIG_FILE ?= $(shell pwd)/samconfig.yaml SAM_CONFIG_ENV ?= default +DEBUG_TESTS ?= 0 + define check_var @if [ -z "$($1)" ]; then echo >&2 "Please set the $1 variable"; @@ -42,6 +44,15 @@ go-test: go build ./... go test -v -race ./... +.PHONY: integration-test +integration-test: sam-package + cd integration && terraform init && \ + if [ "$(DEBUG)" = "1" ]; then \ + CHECK_DEBUG_FILE=debug.sh terraform test -filter=tests/forwarder.tftest.hcl -verbose; \ + else \ + terraform test -filter=tests/forwarder.tftest.hcl; \ + fi + ## sam-validate: validate cloudformation templates sam-validate: $(call check_var,APP) diff --git a/integration/tests/forwarder.tftest.hcl b/integration/tests/forwarder.tftest.hcl index 67e9abb8..32140eaf 100644 --- a/integration/tests/forwarder.tftest.hcl +++ b/integration/tests/forwarder.tftest.hcl @@ -34,7 +34,7 @@ run "check_file_not_copied" { } assert { - condition = output.result.error == "failed to read file from destination" + condition = output.error == "failed to read file from destination" error_message = "Unexpected error" } } @@ -64,7 +64,7 @@ run "check_copy_succeeds" { } assert { - condition = output.result.error == "" + condition = output.error == "" error_message = "Failed to copy object" } }