Add HTTPS/certificate authentication support to file transfer service #3070
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: integration-tests | |
on: | |
# Use a manual approval process before PR's are given access to | |
# the secrets which are required to run the integration tests. | |
# The PR code should be manually approved to see if it can be trusted. | |
# When in doubt, do not approve the test run. | |
# Reference: https://dev.to/petrsvihlik/using-environment-protection-rules-to-secure-secrets-when-building-external-forks-with-pullrequesttarget-hci | |
pull_request_target: | |
branches: [ main ] | |
push: | |
branches: [ main ] | |
workflow_dispatch: | |
inputs: | |
environment: | |
description: Test Environment | |
type: string | |
required: false | |
default: Test Pull Request | |
include: | |
description: Only run tests matching tests with the given tags | |
type: string | |
required: false | |
default: "" | |
processes: | |
description: Number of processes to run tests | |
type: string | |
required: false | |
default: "10" | |
skip_build: | |
description: Don't build thin-edge.io binaries | |
type: boolean | |
required: false | |
default: false | |
workflow_call: | |
inputs: | |
environment: | |
description: Test Environment | |
type: string | |
required: false | |
default: Test Pull Request | |
include: | |
description: Only run tests matching tests with the given tags | |
type: string | |
required: false | |
default: "" | |
processes: | |
description: Number of processes to run tests | |
type: string | |
required: false | |
default: "10" | |
skip_build: | |
description: Don't build thin-edge.io binaries | |
type: boolean | |
required: false | |
default: false | |
jobs: | |
build: | |
name: Build ${{ matrix.job.arch }} | |
if: ${{ !inputs.skip_build }} | |
runs-on: ubuntu-20.04 | |
strategy: | |
matrix: | |
job: | |
- { arch: x86_64, target: x86_64-unknown-linux-musl, output: target/packages } | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} # Check out the code of the PR. Only after the manual approval process | |
fetch-depth: 0 | |
# Install nfpm used to for linux packaging | |
- uses: actions/setup-go@v4 | |
with: | |
go-version: 'stable' | |
cache: false | |
- run: go install github.com/goreleaser/nfpm/v2/cmd/nfpm@latest | |
- name: Retrieve MSRV from workspace Cargo.toml | |
id: rust_version | |
uses: SebRollen/toml-action@v1.0.2 | |
with: | |
file: Cargo.toml | |
field: "workspace.package.rust-version" | |
- name: Enable toolchain via github action | |
uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: ${{ steps.rust_version.outputs.value }} | |
targets: ${{ matrix.job.target }} | |
- name: Enable cache | |
# https://github.com/marketplace/actions/rust-cache | |
uses: Swatinem/rust-cache@v2 | |
- name: Build packages for ${{ matrix.job.arch }} | |
run: | | |
bash -x ./ci/build_scripts/build.sh "${{ matrix.job.target }}" | |
cp "target/${{ matrix.job.target }}/packages/"*.deb tests/images/debian-systemd/files/packages/ | |
- name: Upload artifacts as zip | |
# https://github.com/marketplace/actions/upload-a-build-artifact | |
uses: actions/upload-artifact@v3 | |
with: | |
name: packages-${{ matrix.job.target }} | |
path: target/${{ matrix.job.target }}/packages/*.deb | |
test: | |
name: Test ${{ matrix.job.arch }} | |
needs: [build] | |
environment: | |
# For security reasons, all pull requests need to be approved first before granting access to secrets | |
# So the environment should be set to have a reviewer/s inspect it before approving it | |
name: ${{ inputs.environment || 'Test Pull Request' }} | |
runs-on: ubuntu-20.04 | |
strategy: | |
matrix: | |
job: | |
- { arch: x86_64, target: x86_64-unknown-linux-musl, output: target/packages } | |
steps: | |
# Checkout either the PR or the branch | |
- name: Checkout PR | |
if: ${{ github.event.pull_request.head.sha || '' }} | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} # Check out the code of the PR. Only after the manual approval process | |
fetch-depth: 0 | |
- name: Checkout | |
if: ${{ !github.event.pull_request.head.sha }} | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Download release artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
name: packages-${{ matrix.job.target }} | |
path: tests/images/debian-systemd/files/packages/ | |
- name: create .env file | |
working-directory: tests/RobotFramework | |
run: | | |
touch .env | |
echo 'C8Y_BASEURL="${{ secrets.C8Y_BASEURL }}"' >> .env | |
echo 'C8Y_TENANT="${{ secrets.C8Y_TENANT }}"' >> .env | |
echo 'C8Y_USER="${{ secrets.C8Y_USER }}"' >> .env | |
echo 'C8Y_PASSWORD="${{ secrets.C8Y_PASSWORD }}"' >> .env | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: '3.9' | |
cache: 'pip' | |
cache-dependency-path: | | |
**/requirements/requirements*.txt | |
- name: Install dependencies | |
run: | | |
./bin/setup.sh | |
working-directory: tests/RobotFramework | |
- name: Build images | |
working-directory: tests/RobotFramework | |
run: | | |
source .venv/bin/activate | |
invoke build | |
- name: Run tests | |
working-directory: tests/RobotFramework | |
run: | | |
source .venv/bin/activate | |
invoke test \ | |
--processes "${{ inputs.processes || '' }}" \ | |
--include "${{ inputs.include || '' }}" \ | |
--exclude "test:on_demand OR theme:benchmarks" \ | |
--outputdir output | |
- name: Upload test results | |
uses: actions/upload-artifact@v3 | |
if: always() | |
with: | |
name: reports | |
path: tests/RobotFramework/output | |
generate_report: | |
name: Publish report | |
if: always() | |
needs: [test] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Download reports | |
uses: actions/download-artifact@v3 | |
with: | |
name: reports | |
path: reports | |
- name: Create summary | |
uses: joonvena/robotframework-reporter-action@v2.3 | |
with: | |
gh_access_token: ${{ secrets.GITHUB_TOKEN }} | |
show_passed_tests: 'false' |