jimfuqian/BB2-3239-fix-CI-check-selenium-tests (#1271)

* supply the ENV var needed by selenium test case: USE_NEW_PERM_SCREEN

* try headless on CI

* use webdriver local.

* fix linting

* unify the webdriver path on local and CI run context

* make CI selenium tests testing again.

* add docker platform spec., correct artifacts names.

* add step to trouble shoot, step sh hanging...

* add step to trouble shoot, step sh hanging...

* trouble shoot: sh in step is hanging.

* replace make with pip install etc.

* install newrelic 8.8.0

* remove test step...

* satisfy deps that conflict...

* satisfy deps that conflict...

* CI docker: install python 3.11.9 on top of chromium base.

* install sqlite3 on CI docker.

* fix the sqlite issue.

* continue add missing native libs...

* create python link to accomodate some scripts

* adjust logging integration tests setup on CI node.

* adjust details in steps...

* use selenium headless on CI

* fix linting.

* fix logging integration tests schemas (selenium related)

* quote out logit tests to trouble shoot

* new screen env var needed for app and user mgmt tests

* add pytest -s to see stdout...

* increase headless window height.

* create ui change to trouble shoot.

* cleanup...

* cleanup...

* start selenium hub in pipeline

* start selenium-server-standalone hub in pipeline...

* locate the selenium jar

* verify hub is at localhost.

* temp change hub url to localhost.

* customize selenium grid host name for CI context.

* set chromium location.

* add tracing for trouble shoot

* replace selenium docker image that is archived with new one.

* try DinD in pipeline.

* install dependencies in CI ECR image

* comment out python packages install - since it is installed in the ECR CI image - save time?.

* revert CI ECR image to p311

* set pipeline selenium chromedriver location.

* refactor

* fix driver ver check step

* trouble shoot rendering timeout at hicn field...

* trouble shoot..

* fix add_argu syntax...

* size...

* rearrange form fields of mock login...

* try slsx since all env vars needed are set at the top of the pipeline.

* local script cleanup, use mock login on CI

* use mock and fix var syntax

* dump bb2 log for diagnose info...

* diagnose...

* diagnose...

* diagnose...

* diagnose...

* start mslsx needed by MSLSX mode...

* subshell mslsx start and moving on...

* fix url for mslsx calls

* fix url for medicare callback

* trigger CI check

* added missed user info mslsx ENV var in pipeline

* fix proto method in user info url

* clean up and finalize files naming...

* fix pipeline ecr reference etc.

Author: JFU-NAVA-PBC

Dockerfile

@@ -8,7 +8,5 @@ WORKDIR /code
 RUN python -m venv /tmp/venv
 RUN . /tmp/venv/bin/activate
 ENV PATH="/tmp/venv/bin:${PATH}"
-RUN pip install --upgrade pip
-RUN pip install --upgrade pip-tools
-RUN pip install --upgrade setuptools
-RUN pip install -r requirements/requirements.dev.txt --no-index --find-links ./vendor/
+RUN pip install --upgrade pip pip-tools setuptools
+RUN pip install -r requirements/requirements.dev.txt --no-index --find-links ./vendor/

Dockerfile.selenium

@@ -1,17 +1,18 @@
-FROM seleniarm/standalone-chromium
+FROM selenium/standalone-chromium
 
-ENV PYTHONUNBUFFERED 1
 USER root
-#RUN apt-get update ; apt-get install -yq git curl libpq-dev libffi-dev
+
 RUN apt-get update ; apt-get install -yq python3 python3-venv
 RUN ln -s /usr/bin/python3 /usr/local/bin/python
-RUN useradd -m -s /bin/bash DEV
-USER DEV
+
+# switch to existing seluser from selenium docker
+USER seluser
+
 ADD . /code
 WORKDIR /code
 RUN python -m venv /tmp/venv
 RUN . /tmp/venv/bin/activate
 ENV PATH="/tmp/venv/bin:${PATH}"
+
 RUN pip3 install --upgrade pip
 RUN pip3 install selenium pytest debugpy jsonschema python-dateutil
-

Dockerfiles/Dockerfile.selenium-jenkins-python311-plus-chromedriver

@@ -99,7 +99,7 @@ pipeline {
        steps{
         sh """
           . venv/bin/activate
-          pytest ./apps/integration_tests/logging_tests.py::TestLoggings::test_auth_fhir_flows_logging
+          USE_NEW_PERM_SCREEN=true pytest ./apps/integration_tests/logging_tests.py::TestLoggings::test_auth_fhir_flows_logging
         """
        }
     }
@@ -134,7 +134,7 @@ pipeline {
         sh 'echo "RUN selenium tests - testclient based authorization flow tests and data flow tests"'
         sh """
           . venv/bin/activate
-          pytest ./apps/integration_tests/selenium_tests.py
+          USE_NEW_PERM_SCREEN=true pytest ./apps/integration_tests/selenium_tests.py
         """
        }
     }

Jenkinsfiles/Jenkinsfile.cbc-run-multi-pr-checks-w-selenium

@@ -0,0 +1,151 @@
+pipeline {
+  agent {
+    kubernetes {
+      defaultContainer "bb2-cbc-build-selenium-python311-chromium"
+      yamlFile "Jenkinsfiles/cbc-pod-deployment-config-w-selenium-p311-chromium.yaml"
+    }
+  }
+
+  environment {
+    DJANGO_LOG_JSON_FORMAT_PRETTY = true
+    DJANGO_SETTINGS_MODULE = "hhs_oauth_server.settings.logging_it"
+    OAUTHLIB_INSECURE_TRANSPORT = true
+    DJANGO_SECURE_SESSION = false
+    DJANGO_FHIR_CERTSTORE = "./certstore"
+    // use mock login - safer, faster
+    USE_MSLSX = true
+    DJANGO_MEDICARE_SLSX_REDIRECT_URI = "http://localhost:8000/mymedicare/sls-callback"
+    DJANGO_MEDICARE_SLSX_LOGIN_URI = "http://localhost:8080/sso/authorize?client_id=bb2api"
+    DJANGO_SLSX_HEALTH_CHECK_ENDPOINT = "http://localhost:8080/health"
+    DJANGO_SLSX_TOKEN_ENDPOINT = "http://localhost:8080/sso/session"
+    DJANGO_SLSX_SIGNOUT_ENDPOINT = "http://localhost:8080/sso/signout"
+    DJANGO_SLSX_USERINFO_ENDPOINT="http://localhost:8080/v1/users"
+    DJANGO_SLSX_CLIENT_ID = credentials("bb2-selenium-tests-slsx-client-id")
+    DJANGO_SLSX_CLIENT_SECRET = credentials("bb2-selenium-tests-slsx-client-secret")
+    DJANGO_USER_ID_ITERATIONS = credentials("bb2-integration-tests-bfd-iterations")
+    DJANGO_USER_ID_SALT = credentials("bb2-integration-tests-bfd-salt")
+    FHIR_CERT = credentials("bb2-integration-tests-bfd-cert")
+    FHIR_KEY = credentials("bb2-integration-tests-bfd-key")
+    FHIR_URL = "${params.FHIR_URL}"
+    HOSTNAME_URL = "http://localhost:8000"
+  }
+
+  parameters {
+    string(
+      name: 'FHIR_URL',
+      defaultValue: "https://prod-sbx.bfd.cms.gov",
+      description: 'The default FHIR URL for the back end BFD service.'
+    )
+    booleanParam(
+        name: 'RUN_SELENIUM_TESTS', 
+        defaultValue: false, 
+        description: 'Set to true, selenium tests will be run as part of integration tests'
+    )
+  }
+
+  stages {
+    stage("SETUP FHIR cert and key") {
+      steps {
+        writeFile(file: "${env.DJANGO_FHIR_CERTSTORE}/certstore/ca.cert.pem", text: readFile(env.FHIR_CERT))
+        writeFile(file: "${env.DJANGO_FHIR_CERTSTORE}/certstore/ca.key.nocrypt.pem", text: readFile(env.FHIR_KEY))
+      }
+    }
+
+    stage("INSTALL Python Packages") {
+      steps {
+        sh """
+          pip3 install --upgrade pip setuptools wheel
+          pip3 install -r requirements/requirements.dev.txt --no-index --find-links ./vendor/
+        """
+      }
+    }
+
+    stage("CHECK Flake8 Python Lint/Style") {
+      steps{
+        sh """
+          flake8
+        """
+      }
+    }
+
+    stage("START BB2 server in background") {
+       when {
+        expression { params.RUN_SELENIUM_TESTS == true }
+       }
+       steps{
+        sh """
+          mkdir ./docker-compose/tmp/
+          (python3 ./dev-local/app.py&) && 
+          python3 manage.py migrate &&
+          python3 manage.py create_admin_groups &&
+          python3 manage.py loaddata scopes.json &&
+          python3 manage.py create_blue_button_scopes &&
+          python3 manage.py create_test_user_and_application &&
+          python3 manage.py create_user_identification_label_selection &&
+          python3 manage.py create_test_feature_switches &&
+          (if [ ! -d 'bluebutton-css' ] ; then git clone https://github.com/CMSgov/bluebutton-css.git ; else echo 'CSS already installed.' ; fi) &&
+          echo 'starting bb2...' &&
+          (export DJANGO_SETTINGS_MODULE=hhs_oauth_server.settings.logging_it && python3 manage.py runserver 0.0.0.0:8000 > ./docker-compose/tmp/bb2_email_to_stdout.log 2>&1 &)
+        """
+       }
+    }
+
+    stage("RUN logging integration tests") {
+       when {
+        expression { params.RUN_SELENIUM_TESTS == true }
+       }
+       steps{
+        catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') {
+          sh """
+            USE_NEW_PERM_SCREEN=true ON_REMOTE_CI=true pytest -s ./apps/integration_tests/logging_tests.py::TestLoggings::test_auth_fhir_flows_logging
+          """
+        }
+        sh """
+          echo '======================'
+          cat ./docker-compose/tmp/bb2_email_to_stdout.log
+          echo '======================'
+        """
+       }
+    }
+
+    stage("RUN selenium user and apps management tests") {
+       when {
+        expression { params.RUN_SELENIUM_TESTS == true }
+       }
+       steps{
+        sh 'echo "RUN selenium tests - user account and app management tests"'
+        sh """
+          USE_NEW_PERM_SCREEN=true ON_REMOTE_CI=true pytest -s ./apps/integration_tests/selenium_accounts_tests.py::TestUserAndAppMgmt::testAccountAndAppMgmt
+        """
+       }
+    }
+
+    stage("RUN integration tests") {
+      steps{
+        sh """
+          python3 runtests.py --integration apps.integration_tests.integration_test_fhir_resources.IntegrationTestFhirApiResources
+        """
+      }
+    }
+
+    stage("RUN Django Unit Tests") {
+      steps{
+        sh """
+          python3 runtests.py
+        """
+      }
+    }
+
+    stage("RUN selenium tests") {
+       when {
+        expression { params.RUN_SELENIUM_TESTS == true }
+       }
+       steps{
+        sh 'echo "RUN selenium tests - testclient based authorization flow tests and data flow tests"'
+        sh """
+          USE_NEW_PERM_SCREEN=true ON_REMOTE_CI=true pytest -s ./apps/integration_tests/selenium_tests.py
+        """
+       }
+    }
+  }
+}

Jenkinsfiles/Jenkinsfile.cbc-run-multi-pr-checks-w-selenium-chromium

@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Pod
+spec:
+  containers:
+    - name: bb2-cbc-build-selenium-python311-chromium
+      image: "public.ecr.aws/f5g8o1y9/bb2-cbc-build-selenium-python311-chromium:latest"
+      tty: true
+      command: ["tail", "-f"]
+      imagePullPolicy: Always
+  nodeSelector:
+      Agents: true

Jenkinsfiles/cbc-pod-deployment-config-w-selenium-p311-chromium.yaml

@@ -46,7 +46,7 @@
         "auth_client_id": {"type": "string"},
         "auth_app_id": {"type": "string"},
         "auth_app_name": {"pattern": "TestApp"},
-        "auth_app_data_access_type": {"pattern": "RESEARCH_STUDY"},
+        "auth_app_data_access_type": {"pattern": "THIRTEEN_MONTH"},
         "auth_share_demographic_scopes": {"pattern": "^True$"},
         "auth_require_demographic_scopes": {"pattern": "^True$"},
     },
@@ -94,7 +94,7 @@
         "auth_client_id": {"type": "string"},
         "auth_app_id": {"type": "string"},
         "auth_app_name": {"pattern": "TestApp"},
-        "auth_app_data_access_type": {"pattern": "RESEARCH_STUDY"},
+        "auth_app_data_access_type": {"pattern": "THIRTEEN_MONTH"},
         "auth_require_demographic_scopes": {"pattern": "^True$"},
         "req_qparam_client_id": {"type": "string"},
         "req_qparam_lang": {"type": "string"},
@@ -129,7 +129,7 @@
         "auth_client_id": {"type": "string"},
         "auth_app_id": {"type": "string"},
         "auth_app_name": {"pattern": "TestApp"},
-        "auth_app_data_access_type": {"pattern": "RESEARCH_STUDY"},
+        "auth_app_data_access_type": {"pattern": "THIRTEEN_MONTH"},
         "auth_require_demographic_scopes": {"pattern": "^True$"},
         "path": {"pattern": "/mymedicare/login"},
         "request_method": {"pattern": "GET"},
@@ -158,7 +158,7 @@
         "auth_client_id": {"type": "string"},
         "auth_app_id": {"type": "string"},
         "auth_app_name": {"pattern": "TestApp"},
-        "auth_app_data_access_type": {"pattern": "RESEARCH_STUDY"},
+        "auth_app_data_access_type": {"pattern": "THIRTEEN_MONTH"},
         "auth_crosswalk_action": {"enum": ["R", "C"]},
         "auth_require_demographic_scopes": {"pattern": "^True$"},
         "req_user_id": {"type": "number"},
@@ -195,7 +195,7 @@
         "auth_client_id": {"type": "string"},
         "auth_app_id": {"type": "string"},
         "auth_app_name": {"pattern": "TestApp"},
-        "auth_app_data_access_type": {"pattern": "RESEARCH_STUDY"},
+        "auth_app_data_access_type": {"pattern": "THIRTEEN_MONTH"},
         "auth_crosswalk_action": {"enum": ["R", "C"]},
         "auth_require_demographic_scopes": {"pattern": "^True$"},
         "req_qparam_client_id": {"type": "string"},
@@ -235,13 +235,13 @@
         "auth_client_id": {"type": "string"},
         "auth_app_id": {"type": "string"},
         "auth_app_name": {"pattern": "TestApp"},
-        "auth_app_data_access_type": {"pattern": "RESEARCH_STUDY"},
+        "auth_app_data_access_type": {"pattern": "THIRTEEN_MONTH"},
         "auth_crosswalk_action": {"enum": ["R", "C"]},
         "auth_require_demographic_scopes": {"pattern": "^True$"},
         "req_redirect_uri": {"type": "string"},
         "req_scope": {"type": "string"},
         "req_share_demographic_scopes": {"pattern": "^True$"},
-        "req_allow": {"pattern": "Allow"},
+        "req_allow": {"pattern": "Connect"},
         "req_user_id": {"type": "integer"},
         "req_user_username": {"type": "string"},
         "req_fhir_id": {"type": "string"},

apps/integration_tests/log_event_schemas.py

@@ -576,16 +576,17 @@ class Action(Enum):
             "params": [20, By.ID, AUTH_SCREEN_ID_LANG, AUTH_SCREEN_EN_TXT]
         },
         # now check the expiration info section
-        {
-            "display": "Check for authorization screen expire info in English",
-            "action": Action.CONTAIN_TEXT,
-            "params": [20, By.ID, AUTH_SCREEN_ID_EXPIRE_INFO, AUTH_SCREEN_EN_EXPIRE_INFO_TXT]
-        },
-        {
-            "display": "Check en_US date format and validate",
-            "action": Action.CHECK_DATE_FORMAT,
-            "params": [20, By.ID, AUTH_SCREEN_ID_END_DATE, AUTH_SCREEN_EN_DATE_FORMAT, EN_US]
-        },
+        # comment out due to PROD TestApp now is RESEARCH_STUDY which does not have expire info
+        # {
+        #     "display": "Check for authorization screen expire info in English",
+        #     "action": Action.CONTAIN_TEXT,
+        #     "params": [20, By.ID, AUTH_SCREEN_ID_EXPIRE_INFO, AUTH_SCREEN_EN_EXPIRE_INFO_TXT]
+        # },
+        # {
+        #     "display": "Check en_US date format and validate",
+        #     "action": Action.CHECK_DATE_FORMAT,
+        #     "params": [20, By.ID, AUTH_SCREEN_ID_END_DATE, AUTH_SCREEN_EN_DATE_FORMAT, EN_US]
+        # },
         # the 'approve' and 'deny' button click not using locale based text
         # so it is lang agnostic
         CLICK_AGREE_ACCESS
@@ -644,16 +645,17 @@ class Action(Enum):
             "params": [20, By.ID, AUTH_SCREEN_ID_LANG, AUTH_SCREEN_ES_TXT]
         },
         # now check the expiration info section
-        {
-            "display": "Check for authorization screen expire info in Spanish",
-            "action": Action.CONTAIN_TEXT,
-            "params": [20, By.ID, AUTH_SCREEN_ID_EXPIRE_INFO, AUTH_SCREEN_ES_EXPIRE_INFO_TXT]
-        },
-        {
-            "display": "Check Spanish date format and validate",
-            "action": Action.CHECK_DATE_FORMAT,
-            "params": [20, By.ID, AUTH_SCREEN_ID_END_DATE, AUTH_SCREEN_ES_DATE_FORMAT, ES_ES]
-        },
+        # comment out due to on PROD TestApp is RESEARCH_STUDY which does not have expire info
+        # {
+        #     "display": "Check for authorization screen expire info in Spanish",
+        #     "action": Action.CONTAIN_TEXT,
+        #     "params": [20, By.ID, AUTH_SCREEN_ID_EXPIRE_INFO, AUTH_SCREEN_ES_EXPIRE_INFO_TXT]
+        # },
+        # {
+        #     "display": "Check Spanish date format and validate",
+        #     "action": Action.CHECK_DATE_FORMAT,
+        #     "params": [20, By.ID, AUTH_SCREEN_ID_END_DATE, AUTH_SCREEN_ES_DATE_FORMAT, ES_ES]
+        # },
         # the 'approve' and 'deny' button click not using locale based text
         # so it is lang agnostic
         CLICK_AGREE_ACCESS
@@ -672,16 +674,16 @@ class Action(Enum):
             "params": [20, By.ID, AUTH_SCREEN_ID_LANG, AUTH_SCREEN_ES_TXT]
         },
         # now check the expiration info section
-        {
-            "display": "Check for authorization screen expire info in Spanish",
-            "action": Action.CONTAIN_TEXT,
-            "params": [20, By.ID, AUTH_SCREEN_ID_EXPIRE_INFO, AUTH_SCREEN_ES_EXPIRE_INFO_TXT]
-        },
-        {
-            "display": "Check Spanish date format and validate",
-            "action": Action.CHECK_DATE_FORMAT,
-            "params": [20, By.ID, AUTH_SCREEN_ID_END_DATE, AUTH_SCREEN_ES_DATE_FORMAT, ES_ES]
-        },
+        # {
+        #     "display": "Check for authorization screen expire info in Spanish",
+        #     "action": Action.CONTAIN_TEXT,
+        #     "params": [20, By.ID, AUTH_SCREEN_ID_EXPIRE_INFO, AUTH_SCREEN_ES_EXPIRE_INFO_TXT]
+        # },
+        # {
+        #     "display": "Check Spanish date format and validate",
+        #     "action": Action.CHECK_DATE_FORMAT,
+        #     "params": [20, By.ID, AUTH_SCREEN_ID_END_DATE, AUTH_SCREEN_ES_DATE_FORMAT, ES_ES]
+        # },
         # the 'approve' and 'deny' button click not using locale based text
         # so it is lang agnostic
         CLICK_AGREE_ACCESS