diff --git a/.github/workflows/shared-run-e2e-tests.yaml b/.github/workflows/shared-run-e2e-tests.yaml index 04d6b3aa..02364942 100644 --- a/.github/workflows/shared-run-e2e-tests.yaml +++ b/.github/workflows/shared-run-e2e-tests.yaml @@ -14,7 +14,7 @@ on: description: The target environment [mock, integ, prod] type: string default: mock - operator_shutdown: + delay_operator_shutdown: description: If true, will automatically shut down operators after E2E tests. Defaults to true. type: boolean default: true @@ -64,7 +64,7 @@ on: type: string aws_region: - description: The AWS region [us-east-1, us-west-1, ca-central-1, eu-central-1] + description: The AWS region type: string aws_ami: description: The AWS AMI ID @@ -76,13 +76,22 @@ on: env: REGISTRY: ghcr.io + E2E_UID2_INTEG_GCP_ARGS_JSON: ${{ secrets.E2E_UID2_INTEG_GCP_ARGS_JSON }} + E2E_UID2_INTEG_AWS_ARGS_JSON: ${{ secrets.E2E_UID2_INTEG_AWS_ARGS_JSON }} + E2E_UID2_INTEG_AZURE_ARGS_JSON: ${{ secrets.E2E_UID2_INTEG_AZURE_ARGS_JSON }} E2E_UID2_INTEG_GCP_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_INTEG_GCP_OPERATOR_API_KEY }} E2E_UID2_INTEG_AWS_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_INTEG_AWS_OPERATOR_API_KEY }} + E2E_UID2_PROD_GCP_ARGS_JSON: ${{ secrets.E2E_UID2_PROD_GCP_ARGS_JSON }} + E2E_UID2_PROD_AZURE_ARGS_JSON: ${{ secrets.E2E_UID2_PROD_AZURE_ARGS_JSON }} + E2E_UID2_PROD_AWS_ARGS_JSON: ${{ secrets.E2E_UID2_PROD_AWS_ARGS_JSON }} E2E_UID2_PROD_GCP_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_PROD_GCP_OPERATOR_API_KEY }} E2E_UID2_PROD_AWS_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_PROD_AWS_OPERATOR_API_KEY }} + E2E_EUID_INTEG_AWS_ARGS_JSON: ${{ secrets.E2E_EUID_INTEG_AWS_ARGS_JSON }} E2E_EUID_INTEG_AWS_OPERATOR_API_KEY: ${{ secrets.E2E_EUID_INTEG_AWS_OPERATOR_API_KEY }} + + E2E_EUID_PROD_AWS_ARGS_JSON: ${{ secrets.E2E_EUID_PROD_AWS_ARGS_JSON }} E2E_EUID_PROD_AWS_OPERATOR_API_KEY: ${{ secrets.E2E_EUID_PROD_AWS_OPERATOR_API_KEY }} jobs: @@ -93,6 +102,10 @@ jobs: contents: write packages: read id-token: write + outputs: + gcp_instance_name: ${{ steps.start_gcp_private_operator.outputs.gcp_instance_name }} + azure_container_group_name: ${{ steps.start_azure_private_operator.outputs.azure_container_group_name }} + aws_stack_name: ${{ steps.start_aws_private_operator.outputs.aws_stack_name }} steps: - name: Log in to the Docker container registry uses: docker/login-action@v3 @@ -265,15 +278,14 @@ jobs: shell: bash env: OPERATOR_TYPE: ${{ inputs.operator_type }} - OPERATOR_URL: ${{ steps.start_gcp_private_operator.outputs.uid2_e2e_pipeline_operator_url }} IDENTITY_SCOPE: ${{ inputs.identity_scope }} TARGET_ENVIRONMENT: ${{ inputs.target_environment }} BORE_URL_CORE: ${{ steps.bore.outputs.bore_url_core }} BORE_URL_OPTOUT: ${{ steps.bore.outputs.bore_url_optout }} - GCP_OPERATOR_URL: ${{ steps.start_gcp_private_operator.outputs.uid2_e2e_pipeline_operator_url }} - AZURE_OPERATOR_URL: ${{ steps.start_azure_private_operator.outputs.uid2_e2e_pipeline_operator_url }} - AWS_OPERATOR_URL: ${{ steps.start_aws_private_operator.outputs.uid2_e2e_pipeline_operator_url }} - AKS_OPERATOR_URL: ${{ steps.start_aks_private_operator.outputs.uid2_e2e_pipeline_operator_url }} + GCP_OPERATOR_URL: ${{ steps.start_gcp_private_operator.outputs.uid2_pipeline_e2e_operator_url }} + AZURE_OPERATOR_URL: ${{ steps.start_azure_private_operator.outputs.uid2_pipeline_e2e_operator_url }} + AWS_OPERATOR_URL: ${{ steps.start_aws_private_operator.outputs.uid2_pipeline_e2e_operator_url }} + AKS_OPERATOR_URL: ${{ steps.start_aks_private_operator.outputs.uid2_pipeline_e2e_operator_url }} run: | bash uid2-shared-actions/scripts/decide_e2e_env.sh @@ -283,16 +295,20 @@ jobs: with: e2e_network: ${{ steps.decide_env_var.outputs.e2e_network }} e2e_image_version: ${{ inputs.e2e_image_version }} - uid2_e2e_identity_scope: ${{ inputs.identity_scope }} - uid2_e2e_pipeline_operator_url: ${{ steps.decide_env_var.outputs.uid2_e2e_pipeline_operator_url }} - uid2_e2e_pipeline_operator_type: ${{ steps.decide_env_var.outputs.uid2_e2e_pipeline_operator_type }} - uid2_e2e_pipeline_operator_cloud_provider: ${{ steps.decide_env_var.outputs.uid2_e2e_pipeline_operator_cloud_provider }} - uid2_e2e_phone_support: ${{ steps.decide_env_var.outputs.uid2_e2e_phone_support }} - uid2_e2e_pipeline_core_url: ${{ steps.decide_env_var.outputs.uid2_e2e_pipeline_core_url }} - uid2_e2e_pipeline_optout_url: ${{ steps.decide_env_var.outputs.uid2_e2e_pipeline_optout_url }} + e2e_suites: ${{ steps.decide_env_var.outputs.e2e_suites }} + e2e_args_json: ${{ steps.decide_env_var.outputs.e2e_args_json }} + e2e_env: ${{ steps.decide_env_var.outputs.e2e_env }} + e2e_identity_scope: ${{ inputs.identity_scope }} + e2e_phone_support: ${{ steps.decide_env_var.outputs.e2e_phone_support }} + uid2_core_e2e_core_url: ${{ steps.decide_env_var.outputs.uid2_core_e2e_core_url }} + uid2_core_e2e_optout_url: ${{ steps.decide_env_var.outputs.uid2_core_e2e_optout_url }} + uid2_pipeline_e2e_core_url: ${{ steps.decide_env_var.outputs.uid2_pipeline_e2e_core_url }} + uid2_pipeline_e2e_operator_url: ${{ steps.decide_env_var.outputs.uid2_pipeline_e2e_operator_url }} + uid2_pipeline_e2e_operator_type: ${{ steps.decide_env_var.outputs.uid2_pipeline_e2e_operator_type }} + uid2_pipeline_e2e_operator_cloud_provider: ${{ steps.decide_env_var.outputs.uid2_pipeline_e2e_operator_cloud_provider }} - name: Stop GCP private operator - if: ${{ always() && inputs.operator_shutdown && inputs.operator_type == 'gcp' }} + if: ${{ always() && !inputs.delay_operator_shutdown && inputs.operator_type == 'gcp' }} env: GCP_PROJECT: ${{ inputs.gcp_project }} SERVICE_ACCOUNT: ${{ inputs.gcp_service_account }} @@ -301,14 +317,14 @@ jobs: bash uid2-shared-actions/scripts/gcp/stop_gcp_enclave.sh - name: Stop Azure private operator - if: ${{ always() && inputs.operator_shutdown && inputs.operator_type == 'azure' }} + if: ${{ always() && !inputs.delay_operator_shutdown && inputs.operator_type == 'azure' }} env: AZURE_CONTAINER_GROUP_NAME: ${{ steps.start_azure_private_operator.outputs.azure_container_group_name }} run: | bash uid2-shared-actions/scripts/azure/stop_azure_enclave.sh - name: Stop AWS private operator - if: ${{ always() && inputs.operator_shutdown && inputs.operator_type == 'aws' }} + if: ${{ always() && !inputs.delay_operator_shutdown && inputs.operator_type == 'aws' }} env: AWS_STACK_NAME: ${{ steps.start_aws_private_operator.outputs.aws_stack_name }} AWS_REGION: ${{ inputs.aws_region }} @@ -316,6 +332,53 @@ jobs: bash uid2-shared-actions/scripts/aws/stop_aws_enclave.sh - name: Stop AKS operator - if: ${{ always() && inputs.operator_shutdown && inputs.operator_type == 'aks' }} + if: ${{ always() && !inputs.delay_operator_shutdown && inputs.operator_type == 'aks' }} run: | bash uid2-shared-actions/scripts/aks/stop_aks_enclave.sh + + e2e-test-cleanup: + name: E2E Test Cleanup (Delayed Operator Shutdown) + if: ${{ always() && inputs.delay_operator_shutdown && inputs.operator_type != 'public' }} + needs: [e2e-test] + runs-on: ubuntu-latest + environment: 'e2e-test-cleanup' + permissions: + contents: write + packages: read + id-token: write + steps: + - name: Checkout uid2-shared-actions repo + uses: actions/checkout@v4 + with: + ref: v3 + repository: IABTechLab/uid2-shared-actions + path: uid2-shared-actions + + - name: Stop GCP private operator + if: ${{ inputs.operator_type == 'gcp' }} + uses: IABTechLab/uid2-shared-actions/actions/stop_gcp_private_operator@v3 + with: + gcp_project: ${{ inputs.gcp_project }} + gcp_service_account: ${{ inputs.gcp_service_account }} + gcp_workload_identity_provider_id: ${{ inputs.gcp_workload_identity_provider_id }} + gcp_instance_name: ${{ needs.e2e-test.outputs.gcp_instance_name }} + + - name: Stop Azure private operator + if: ${{ inputs.operator_type == 'azure' }} + uses: IABTechLab/uid2-shared-actions/actions/stop_azure_private_operator@v3 + with: + azure_credentials: ${{ secrets.AZURE_CREDENTIALS }} + azure_container_group_name: ${{ needs.e2e-test.outputs.azure_container_group_name }} + + - name: Stop AWS private operator + if: ${{ inputs.operator_type == 'aws' }} + uses: IABTechLab/uid2-shared-actions/actions/stop_aws_private_operator@v3 + with: + aws_stack_name: ${{ needs.e2e-test.outputs.aws_stack_name }} + aws_region: ${{ inputs.aws_region }} + + - name: Stop AKS operator + if: ${{ inputs.operator_type == 'aks' }} + uses: IABTechLab/uid2-shared-actions/actions/stop_aks_private_operator@v3 + with: + azure_credentials: ${{ secrets.AZURE_CREDENTIALS }} diff --git a/actions/run_e2e_tests/action.yaml b/actions/run_e2e_tests/action.yaml index 3abfa431..49ff8eb6 100644 --- a/actions/run_e2e_tests/action.yaml +++ b/actions/run_e2e_tests/action.yaml @@ -8,61 +8,98 @@ inputs: e2e_image_version: description: The version of E2E image default: latest - uid2_e2e_identity_scope: + e2e_suites: description: Environment variable to run the E2E test - default: UID2 - uid2_e2e_pipeline_operator_type: + default: E2ECoreTestSuite,E2EPublicOperatorTestSuite + e2e_args_json: description: Environment variable to run the E2E test - default: PUBLIC - uid2_e2e_pipeline_operator_url: + default: '' + e2e_env: description: Environment variable to run the E2E test - default: http://publicoperator:8080 - uid2_e2e_pipeline_operator_cloud_provider: + default: github-test-pipeline-local + e2e_identity_scope: description: Environment variable to run the E2E test - default: PUBLIC - uid2_e2e_phone_support: + default: UID2 + e2e_phone_support: description: Environment variable to run the E2E test default: 'true' - uid2_e2e_pipeline_core_url: + uid2_core_e2e_core_url: description: Environment variable for Core service - default: 'http://core:8088' - uid2_e2e_pipeline_optout_url: + default: http://core:8088 + uid2_core_e2e_optout_url: description: Environment variable for OptOut service - default: 'http://optout:8081' + default: http://optout:8081 + uid2_pipeline_e2e_core_url: + description: Environment variable to run the E2E test + default: http://core:8088 + uid2_pipeline_e2e_operator_url: + description: Environment variable to run the E2E test + default: http://publicoperator:8080 + uid2_pipeline_e2e_operator_type: + description: Environment variable to run the E2E test + default: PUBLIC + uid2_pipeline_e2e_operator_cloud_provider: + description: Environment variable to run the E2E test + default: PUBLIC runs: using: "composite" steps: - - name: Run E2E tests + - name: Pull E2E image shell: bash run: | docker pull ghcr.io/iabtechlab/uid2-e2e:${{ inputs.e2e_image_version }} docker images - echo $UID2_E2E_PIPELINE_OPERATOR_TYPE + + - name: Run mock E2E tests + if: ${{ inputs.e2e_env == 'github-test-pipeline-local' }} + shell: bash + run: | + docker run \ + --env E2E_SUITES=${{ inputs.e2e_suites }} \ + --env E2E_ENV=${{ inputs.e2e_env }} \ + --env E2E_IDENTITY_SCOPE='${{ inputs.e2e_identity_scope }}' \ + --env E2E_PHONE_SUPPORT='${{ inputs.e2e_phone_support }}' \ + --env UID2_CORE_E2E_OPERATOR_API_KEY='UID2-O-L-999-dp9Dt0.JVoGpynN4J8nMA7FxmzsavxJa8B9H74y9xdEE=' \ + --env UID2_CORE_E2E_OPTOUT_API_KEY='UID2-O-L-127-pDqphU.6FuXzThQMY8YEsCA8crqvAlzyGrjcF8P6XO84=' \ + --env UID2_CORE_E2E_CORE_URL='${{ inputs.uid2_core_e2e_core_url }}' \ + --env UID2_CORE_E2E_OPTOUT_URL='${{ inputs.uid2_core_e2e_optout_url }}' \ + --env UID2_OPERATOR_E2E_CLIENT_SITE_ID='999' \ + --env UID2_OPERATOR_E2E_CLIENT_API_KEY='UID2-C-L-999-fCXrMM.fsR3mDqAXELtWWMS+xG1s7RdgRTMqdOH2qaAo=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_SECRET='DzBzbjTJcYL0swDtFs2krRNu+g1Eokm2tBU4dEuD0Wk=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_KEY_BEFORE_OPTOUT_CUTOFF='UID2-C-L-1000-qxpBsF.ibeCDBpD2bq4Zm7inDacGioUk1aaLeNJrabow=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_SECRET_BEFORE_OPTOUT_CUTOFF='VT7+t0G/RVueMuVZAL56I2c3JJFSYQfhbu8yo0V/Tds=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_KEY_SHARING_RECIPIENT='UID2-C-L-1000-qxpBsF.ibeCDBpD2bq4Zm7inDacGioUk1aaLeNJrabow=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_SECRET_SHARING_RECIPIENT='VT7+t0G/RVueMuVZAL56I2c3JJFSYQfhbu8yo0V/Tds=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_KEY_NON_SHARING_RECIPIENT='UID2-C-L-123-t32pCM.5NCX1E94UgOd2f8zhsKmxzCoyhXohHYSSWR8U=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_SECRET_NON_SHARING_RECIPIENT='FsD4bvtjMkeTonx6HvQp6u0EiI1ApGH4pIZzZ5P7UcQ=' \ + --env UID2_OPERATOR_E2E_CSTG_SUBSCRIPTION_ID='LBk2xJsgrS' \ + --env UID2_OPERATOR_E2E_CSTG_SERVER_PUBLIC_KEY='UID2-X-L-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWyCP9O/6ppffj8f5PUWsEhAoMNdTBnpnkiOPZBkVnLkxOyTjPsKzf5J3ApPHzutAGNGgKAzFc6TuCfo+BWsZtQ==' \ + --env UID2_OPERATOR_E2E_CSTG_ORIGIN='https://example.com' \ + --env UID2_OPERATOR_E2E_CSTG_INVALID_ORIGIN='https://example.org' \ + --env UID2_PIPELINE_E2E_CORE_URL='${{ inputs.uid2_pipeline_e2e_core_url }}' \ + --env UID2_PIPELINE_E2E_OPERATOR_URL='${{ inputs.uid2_pipeline_e2e_operator_url }}' \ + --env UID2_PIPELINE_E2E_OPERATOR_TYPE='${{ inputs.uid2_pipeline_e2e_operator_type }}' \ + --env UID2_PIPELINE_E2E_OPERATOR_CLOUD_PROVIDER='${{ inputs.uid2_pipeline_e2e_operator_cloud_provider }}' \ + --network '${{ inputs.e2e_network }}' \ + ghcr.io/iabtechlab/uid2-e2e:${{ inputs.e2e_image_version }} + + - name: Run real E2E tests + if: ${{ inputs.e2e_env == 'github-test-pipeline' }} + shell: bash + run: | docker run \ - --env UID2_E2E_ENV='github-test-pipeline' \ - --env UID2_E2E_API_KEY='UID2-C-L-999-fCXrMM.fsR3mDqAXELtWWMS+xG1s7RdgRTMqdOH2qaAo=' \ - --env UID2_E2E_API_KEY_NON_SHARING_RECIPIENT='UID2-C-L-123-t32pCM.5NCX1E94UgOd2f8zhsKmxzCoyhXohHYSSWR8U=' \ - --env UID2_E2E_API_KEY_OLD='UID2-C-L-1000-qxpBsF.ibeCDBpD2bq4Zm7inDacGioUk1aaLeNJrabow=' \ - --env UID2_E2E_API_KEY_SHARING_RECIPIENT='UID2-C-L-1000-qxpBsF.ibeCDBpD2bq4Zm7inDacGioUk1aaLeNJrabow=' \ - --env UID2_E2E_API_SECRET='DzBzbjTJcYL0swDtFs2krRNu+g1Eokm2tBU4dEuD0Wk=' \ - --env UID2_E2E_API_SECRET_NON_SHARING_RECIPIENT='FsD4bvtjMkeTonx6HvQp6u0EiI1ApGH4pIZzZ5P7UcQ=' \ - --env UID2_E2E_API_SECRET_OLD='VT7+t0G/RVueMuVZAL56I2c3JJFSYQfhbu8yo0V/Tds=' \ - --env UID2_E2E_API_SECRET_SHARING_RECIPIENT='VT7+t0G/RVueMuVZAL56I2c3JJFSYQfhbu8yo0V/Tds=' \ - --env UID2_E2E_SUBSCRIPTION_ID='LBk2xJsgrS' \ - --env UID2_E2E_SERVER_PUBLIC_KEY='UID2-X-L-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWyCP9O/6ppffj8f5PUWsEhAoMNdTBnpnkiOPZBkVnLkxOyTjPsKzf5J3ApPHzutAGNGgKAzFc6TuCfo+BWsZtQ==' \ - --env UID2_E2E_ORIGIN='https://example.com' \ - --env UID2_E2E_INVALID_ORIGIN='https://example.org' \ - --env UID2_E2E_IDENTITY_SCOPE='${{ inputs.uid2_e2e_identity_scope }}' \ - --env UID2_E2E_PHONE_SUPPORT='${{ inputs.uid2_e2e_phone_support }}' \ - --env UID2_E2E_PIPELINE_OPERATOR_CLOUD_PROVIDER='${{ inputs.uid2_e2e_pipeline_operator_cloud_provider }}' \ - --env UID2_E2E_PIPELINE_OPERATOR_TYPE='${{ inputs.uid2_e2e_pipeline_operator_type }}' \ - --env UID2_E2E_PIPELINE_OPERATOR_URL='${{ inputs.uid2_e2e_pipeline_operator_url }}' \ - --env UID2_E2E_SITE_ID='999' \ - --env UID2_E2E_CORE_API_TOKEN='UID2-O-L-999-dp9Dt0.JVoGpynN4J8nMA7FxmzsavxJa8B9H74y9xdEE=' \ - --env UID2_E2E_OPTOUT_TO_CALL_CORE_API_TOKEN='UID2-O-L-127-pDqphU.6FuXzThQMY8YEsCA8crqvAlzyGrjcF8P6XO84=' \ - --env UID2_E2E_CORE_URL='${{ inputs.uid2_e2e_pipeline_core_url }}' \ - --env UID2_E2E_OPTOUT_URL='${{ inputs.uid2_e2e_pipeline_optout_url }}' \ + --env E2E_SUITES='${{ inputs.e2e_suites }}' \ + --env E2E_ARGS_JSON='${{ inputs.e2e_args_json }}' \ + --env E2E_ENV='${{ inputs.e2e_env }}' \ + --env E2E_IDENTITY_SCOPE='${{ inputs.e2e_identity_scope }}' \ + --env E2E_PHONE_SUPPORT='${{ inputs.e2e_phone_support }}' \ + --env UID2_CORE_E2E_CORE_URL='${{ inputs.uid2_core_e2e_core_url }}' \ + --env UID2_CORE_E2E_OPTOUT_URL='${{ inputs.uid2_core_e2e_optout_url }}' \ + --env UID2_PIPELINE_E2E_CORE_URL='${{ inputs.uid2_pipeline_e2e_core_url }}' \ + --env UID2_PIPELINE_E2E_OPERATOR_URL='${{ inputs.uid2_pipeline_e2e_operator_url }}' \ + --env UID2_PIPELINE_E2E_OPERATOR_TYPE='${{ inputs.uid2_pipeline_e2e_operator_type }}' \ + --env UID2_PIPELINE_E2E_OPERATOR_CLOUD_PROVIDER='${{ inputs.uid2_pipeline_e2e_operator_cloud_provider }}' \ --network '${{ inputs.e2e_network }}' \ ghcr.io/iabtechlab/uid2-e2e:${{ inputs.e2e_image_version }} diff --git a/actions/start_aks_private_operator/action.yaml b/actions/start_aks_private_operator/action.yaml index dfa1bedd..10b122ae 100644 --- a/actions/start_aks_private_operator/action.yaml +++ b/actions/start_aks_private_operator/action.yaml @@ -10,9 +10,9 @@ inputs: required: true outputs: - uid2_e2e_pipeline_operator_url: + uid2_pipeline_e2e_operator_url: description: The AKS operator URL - value: ${{ steps.start_aks.outputs.uid2_e2e_pipeline_operator_url }} + value: ${{ steps.start_aks.outputs.uid2_pipeline_e2e_operator_url }} runs: using: "composite" diff --git a/actions/start_aws_private_operator/action.yaml b/actions/start_aws_private_operator/action.yaml index 70b147ac..0ba3d324 100644 --- a/actions/start_aws_private_operator/action.yaml +++ b/actions/start_aws_private_operator/action.yaml @@ -31,9 +31,9 @@ outputs: aws_stack_name: description: The AWS instance name value: ${{ steps.start_aws.outputs.AWS_STACK_NAME }} - uid2_e2e_pipeline_operator_url: + uid2_pipeline_e2e_operator_url: description: The AWS operator URL - value: ${{ steps.start_aws.outputs.uid2_e2e_pipeline_operator_url }} + value: ${{ steps.start_aws.outputs.uid2_pipeline_e2e_operator_url }} runs: using: "composite" diff --git a/actions/start_azure_private_operator/action.yaml b/actions/start_azure_private_operator/action.yaml index fea4245f..d1fbd6f1 100644 --- a/actions/start_azure_private_operator/action.yaml +++ b/actions/start_azure_private_operator/action.yaml @@ -25,9 +25,9 @@ outputs: azure_container_group_name: description: The Azure instance name value: ${{ steps.start_azure.outputs.azure_container_group_name }} - uid2_e2e_pipeline_operator_url: + uid2_pipeline_e2e_operator_url: description: The Azure operator URL - value: ${{ steps.start_azure.outputs.uid2_e2e_pipeline_operator_url }} + value: ${{ steps.start_azure.outputs.uid2_pipeline_e2e_operator_url }} runs: using: "composite" diff --git a/actions/start_gcp_private_operator/action.yaml b/actions/start_gcp_private_operator/action.yaml index ecc61235..3873a175 100644 --- a/actions/start_gcp_private_operator/action.yaml +++ b/actions/start_gcp_private_operator/action.yaml @@ -25,9 +25,9 @@ outputs: gcp_instance_name: description: The GCP instance name value: ${{ steps.start_gcp.outputs.GCP_INSTANCE_NAME }} - uid2_e2e_pipeline_operator_url: + uid2_pipeline_e2e_operator_url: description: The GCP operator URL - value: ${{ steps.start_gcp.outputs.uid2_e2e_pipeline_operator_url }} + value: ${{ steps.start_gcp.outputs.uid2_pipeline_e2e_operator_url }} runs: using: "composite" diff --git a/actions/stop_aks_private_operator/action.yaml b/actions/stop_aks_private_operator/action.yaml new file mode 100644 index 00000000..a41dcaae --- /dev/null +++ b/actions/stop_aks_private_operator/action.yaml @@ -0,0 +1,22 @@ +name: Stop AKS Private Operator +description: Spins down an AKS private operator + +inputs: + azure_credentials: + description: The Azure credentials + required: true + +runs: + using: "composite" + + steps: + - name: Log in to Azure + uses: azure/login@v2 + with: + creds: ${{ inputs.azure_credentials }} + enable-AzPSSession: true + + - name: Stop AKS private operator + shell: bash + run: | + bash uid2-shared-actions/scripts/aks/stop_aks_enclave.sh diff --git a/actions/stop_aws_private_operator/action.yaml b/actions/stop_aws_private_operator/action.yaml new file mode 100644 index 00000000..e2ebf29d --- /dev/null +++ b/actions/stop_aws_private_operator/action.yaml @@ -0,0 +1,30 @@ +name: Stop AWS Private Operator +description: Spins down an AWS private operator + +inputs: + aws_stack_name: + description: The AWS instance name + required: true + aws_region: + description: The AWS region + required: true + +runs: + using: "composite" + + steps: + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-region: us-east-2 + role-to-assume: arn:aws:iam::072245134533:role/github-runner-for-uid2-operator + - run: aws sts get-caller-identity + shell: bash + + - name: Stop AWS private operator + shell: bash + env: + AWS_STACK_NAME: ${{ inputs.aws_stack_name }} + AWS_REGION: ${{ inputs.aws_region }} + run: | + bash uid2-shared-actions/scripts/aws/stop_aws_enclave.sh diff --git a/actions/stop_azure_private_operator/action.yaml b/actions/stop_azure_private_operator/action.yaml new file mode 100644 index 00000000..14f8c071 --- /dev/null +++ b/actions/stop_azure_private_operator/action.yaml @@ -0,0 +1,27 @@ +name: Stop Azure Private Operator +description: Spins down an Azure private operator + +inputs: + azure_credentials: + description: The Azure credentials + required: true + azure_container_group_name: + description: The Azure instance name + required: true + +runs: + using: "composite" + + steps: + - name: Log in to Azure + uses: azure/login@v2 + with: + creds: ${{ inputs.azure_credentials }} + enable-AzPSSession: true + + - name: Stop Azure private operator + shell: bash + env: + AZURE_CONTAINER_GROUP_NAME: ${{ inputs.azure_container_group_name }} + run: | + bash uid2-shared-actions/scripts/azure/stop_azure_enclave.sh diff --git a/actions/stop_gcp_private_operator/action.yaml b/actions/stop_gcp_private_operator/action.yaml new file mode 100644 index 00000000..b75bbe17 --- /dev/null +++ b/actions/stop_gcp_private_operator/action.yaml @@ -0,0 +1,51 @@ +name: Stop GCP Private Operator +description: Spins down a GCP private operator + +inputs: + gcp_project: + description: The name of the GCP project + required: true + gcp_service_account: + description: The GCP service account + required: true + gcp_workload_identity_provider_id: + description: The GCP workload identity provider id + required: true + gcp_instance_name: + description: The GCP instance name + required: true + gcp_registry: + description: The GCP docker registry + default: us-docker.pkg.dev + +runs: + using: "composite" + + steps: + - name: Authenticate with Google Cloud + id: gcp_auth + uses: google-github-actions/auth@v2 + with: + token_format: access_token + workload_identity_provider: ${{ inputs.gcp_workload_identity_provider_id }} + service_account: ${{ inputs.gcp_service_account }} + access_token_lifetime: 1200s + + - name: Set up Cloud SDK + uses: google-github-actions/setup-gcloud@v2 + + - name: Log in to the GCP Registry + uses: docker/login-action@v3 + with: + registry: ${{ inputs.gcp_registry }} + username: oauth2accesstoken + password: ${{ steps.gcp_auth.outputs.access_token }} + + - name: Stop GCP private operator + shell: bash + env: + GCP_PROJECT: ${{ inputs.gcp_project }} + SERVICE_ACCOUNT: ${{ inputs.gcp_service_account }} + GCP_INSTANCE_NAME: ${{ inputs.gcp_instance_name }} + run: | + bash uid2-shared-actions/scripts/gcp/stop_gcp_enclave.sh diff --git a/scripts/aks/start_aks_enclave.sh b/scripts/aks/start_aks_enclave.sh index 6f68ffd8..2834891f 100644 --- a/scripts/aks/start_aks_enclave.sh +++ b/scripts/aks/start_aks_enclave.sh @@ -37,7 +37,7 @@ fi IP=$(az network public-ip list --resource-group ${AKS_NODE_RESOURCE_GROUP} --query "[?starts_with(name, 'kubernetes')].ipAddress" --output tsv) echo "Instance IP: ${IP}" -echo "uid2_e2e_pipeline_operator_url=http://${IP}" >> ${GITHUB_OUTPUT} +echo "uid2_pipeline_e2e_operator_url=http://${IP}" >> ${GITHUB_OUTPUT} HEALTHCHECK_URL="http://${IP}/ops/healthcheck" diff --git a/scripts/aws/start_aws_enclave.sh b/scripts/aws/start_aws_enclave.sh index 2573acdc..08b36a6d 100644 --- a/scripts/aws/start_aws_enclave.sh +++ b/scripts/aws/start_aws_enclave.sh @@ -89,7 +89,7 @@ AWS_INSTANCE_URL=$(python ${ROOT}/aws/get_instance_url.py \ --stack "${AWS_STACK_NAME}") echo "Instance URL: ${AWS_INSTANCE_URL}" -echo "uid2_e2e_pipeline_operator_url=${AWS_INSTANCE_URL}" >> ${GITHUB_OUTPUT} +echo "uid2_pipeline_e2e_operator_url=${AWS_INSTANCE_URL}" >> ${GITHUB_OUTPUT} HEALTHCHECK_URL="${AWS_INSTANCE_URL}/ops/healthcheck" diff --git a/scripts/azure/start_azure_enclave.sh b/scripts/azure/start_azure_enclave.sh index 0b02ad48..c6064818 100644 --- a/scripts/azure/start_azure_enclave.sh +++ b/scripts/azure/start_azure_enclave.sh @@ -85,7 +85,7 @@ IP=$(az deployment group show \ --query properties.outputs.containerIPv4Address.value | tr -d '"') echo "Instance IP: ${IP}" -echo "uid2_e2e_pipeline_operator_url=http://${IP}:8080" >> ${GITHUB_OUTPUT} +echo "uid2_pipeline_e2e_operator_url=http://${IP}:8080" >> ${GITHUB_OUTPUT} HEALTHCHECK_URL="http://${IP}:8080/ops/healthcheck" diff --git a/scripts/decide_e2e_env.sh b/scripts/decide_e2e_env.sh index 9c22e831..1d05c21e 100644 --- a/scripts/decide_e2e_env.sh +++ b/scripts/decide_e2e_env.sh @@ -27,34 +27,76 @@ else fi if [ "${OPERATOR_TYPE}" == "public" ]; then - echo "uid2_e2e_pipeline_operator_type=PUBLIC" >> ${GITHUB_OUTPUT} - echo "uid2_e2e_pipeline_operator_url=http://publicoperator:8080" >> ${GITHUB_OUTPUT} - echo "uid2_e2e_pipeline_operator_cloud_provider=PUBLIC" >> ${GITHUB_OUTPUT} - echo "uid2_e2e_pipeline_core_url=http://core:8088" >> ${GITHUB_OUTPUT} - echo "uid2_e2e_pipeline_optout_url=http://optout:8081" >> ${GITHUB_OUTPUT} + echo "e2e_suites=E2ECoreTestSuite,E2EPublicOperatorTestSuite" >> ${GITHUB_OUTPUT} + echo "e2e_env=github-test-pipeline-local" >> ${GITHUB_OUTPUT} + echo "uid2_core_e2e_core_url=http://core:8088" >> ${GITHUB_OUTPUT} + echo "uid2_core_e2e_optout_url=http://optout:8081" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_core_url=http://core:8088" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_url=http://publicoperator:8080" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_type=PUBLIC" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_cloud_provider=PUBLIC" >> ${GITHUB_OUTPUT} else - echo "uid2_e2e_pipeline_operator_type=PRIVATE" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_type=PRIVATE" >> ${GITHUB_OUTPUT} + + if [ "${TARGET_ENVIRONMENT}" == "mock" ]; then + echo "e2e_suites=E2ECoreTestSuite,E2EPrivateOperatorTestSuite" >> ${GITHUB_OUTPUT} + echo "e2e_env=github-test-pipeline-local" >> ${GITHUB_OUTPUT} + echo "uid2_core_e2e_core_url=${BORE_URL_CORE}" >> ${GITHUB_OUTPUT} + echo "uid2_core_e2e_optout_url=${BORE_URL_OPTOUT}" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_core_url=${BORE_URL_CORE}" >> ${GITHUB_OUTPUT} + else + echo "e2e_suites=E2EPrivateOperatorTestSuite" >> ${GITHUB_OUTPUT} + echo "e2e_env=github-test-pipeline" >> ${GITHUB_OUTPUT} + + if [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${OPERATOR_TYPE}" == "gcp" ]; then + echo "e2e_args_json=${E2E_UID2_INTEG_GCP_ARGS_JSON}" >> ${GITHUB_OUTPUT} + elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${OPERATOR_TYPE}" == "azure" ]; then + echo "e2e_args_json=${E2E_UID2_INTEG_AZURE_ARGS_JSON}" >> ${GITHUB_OUTPUT} + elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${OPERATOR_TYPE}" == "aws" ]; then + echo "e2e_args_json=${E2E_UID2_INTEG_AWS_ARGS_JSON}" >> ${GITHUB_OUTPUT} + elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${OPERATOR_TYPE}" == "aks" ]; then + echo "e2e_args_json=${E2E_UID2_INTEG_AZURE_ARGS_JSON}" >> ${GITHUB_OUTPUT} + elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${OPERATOR_TYPE}" == "gcp" ]; then + echo "e2e_args_json=${E2E_UID2_PROD_GCP_ARGS_JSON}" >> ${GITHUB_OUTPUT} + elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${OPERATOR_TYPE}" == "azure" ]; then + echo "e2e_args_json=${E2E_UID2_PROD_AZURE_ARGS_JSON}" >> ${GITHUB_OUTPUT} + elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${OPERATOR_TYPE}" == "aws" ]; then + echo "e2e_args_json=${E2E_UID2_PROD_AWS_ARGS_JSON}" >> ${GITHUB_OUTPUT} + elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${OPERATOR_TYPE}" == "aks" ]; then + echo "e2e_args_json=${E2E_UID2_PROD_AZURE_ARGS_JSON}" >> ${GITHUB_OUTPUT} + elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${OPERATOR_TYPE}" == "aws" ]; then + echo "e2e_args_json=${E2E_EUID_INTEG_AWS_ARGS_JSON}" >> ${GITHUB_OUTPUT} + elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${OPERATOR_TYPE}" == "aws" ]; then + echo "e2e_args_json=${E2E_EUID_PROD_AWS_ARGS_JSON}" >> ${GITHUB_OUTPUT} + else + echo "Arguments not supported: IDENTITY_SCOPE=${IDENTITY_SCOPE}, TARGET_ENVIRONMENT=${TARGET_ENVIRONMENT}, OPERATOR_TYPE=${OPERATOR_TYPE}" + exit 1 + fi + fi if [ "${OPERATOR_TYPE}" == "gcp" ]; then - echo "uid2_e2e_pipeline_operator_cloud_provider=GCP" >> ${GITHUB_OUTPUT} - echo "uid2_e2e_pipeline_operator_url=${GCP_OPERATOR_URL}" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_url=${GCP_OPERATOR_URL}" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_cloud_provider=GCP" >> ${GITHUB_OUTPUT} elif [ "${OPERATOR_TYPE}" == "azure" ]; then - echo "uid2_e2e_pipeline_operator_cloud_provider=AZURE" >> ${GITHUB_OUTPUT} - echo "uid2_e2e_pipeline_operator_url=${AZURE_OPERATOR_URL}" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_url=${AZURE_OPERATOR_URL}" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_cloud_provider=AZURE" >> ${GITHUB_OUTPUT} elif [ "${OPERATOR_TYPE}" == "aws" ]; then - echo "uid2_e2e_pipeline_operator_cloud_provider=AWS" >> ${GITHUB_OUTPUT} - echo "uid2_e2e_pipeline_operator_url=${AWS_OPERATOR_URL}" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_url=${AWS_OPERATOR_URL}" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_cloud_provider=AWS" >> ${GITHUB_OUTPUT} elif [ "${OPERATOR_TYPE}" == "aks" ]; then - echo "uid2_e2e_pipeline_operator_cloud_provider=AZURE" >> ${GITHUB_OUTPUT} - echo "uid2_e2e_pipeline_operator_url=${AKS_OPERATOR_URL}" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_url=${AKS_OPERATOR_URL}" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_cloud_provider=AZURE" >> ${GITHUB_OUTPUT} + else + echo "Arguments not supported: OPERATOR_TYPE=${OPERATOR_TYPE}" + exit 1 fi - - echo "uid2_e2e_pipeline_core_url=${BORE_URL_CORE}" >> ${GITHUB_OUTPUT} - echo "uid2_e2e_pipeline_optout_url=${BORE_URL_OPTOUT}" >> ${GITHUB_OUTPUT} fi if [ "${IDENTITY_SCOPE}" == "UID2" ]; then - echo "uid2_e2e_phone_support=true" >> ${GITHUB_OUTPUT} + echo "e2e_phone_support=true" >> ${GITHUB_OUTPUT} elif [ "${IDENTITY_SCOPE}" == "EUID" ]; then - echo "uid2_e2e_phone_support=false" >> ${GITHUB_OUTPUT} + echo "e2e_phone_support=false" >> ${GITHUB_OUTPUT} +else + echo "Arguments not supported: IDENTITY_SCOPE=${IDENTITY_SCOPE}" + exit 1 fi diff --git a/scripts/gcp/start_gcp_enclave.sh b/scripts/gcp/start_gcp_enclave.sh index 385b393c..7c56db8c 100644 --- a/scripts/gcp/start_gcp_enclave.sh +++ b/scripts/gcp/start_gcp_enclave.sh @@ -72,7 +72,7 @@ IP=$(gcloud compute instances describe ${GCP_INSTANCE_NAME} \ --format='get(networkInterfaces[0].accessConfigs[0].natIP)') echo "Instance IP: ${IP}" -echo "uid2_e2e_pipeline_operator_url=http://${IP}:8080" >> ${GITHUB_OUTPUT} +echo "uid2_pipeline_e2e_operator_url=http://${IP}:8080" >> ${GITHUB_OUTPUT} HEALTHCHECK_URL="http://${IP}:8080/ops/healthcheck"