Skip to content
.github/workflows/run-e2e-tests.yml

Resolved outstanding Sonar issues #36

Sign in to view logs

Resolved outstanding Sonar issues

Resolved outstanding Sonar issues #36

Workflow file for this run

.github/workflows/run-e2e-tests.yml at 81f12f5
name: Run e2e Tests

Check failure on line 1 in .github/workflows/run-e2e-tests.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/run-e2e-tests.yml

Invalid workflow file 

(Line: 63, Col: 5): Unexpected value 'contents', (Line: 63, Col: 5): There's not enough info to determine what you meant. Add one of these properties: cancel-timeout-minutes, container, continue-on-error, defaults, env, environment, outputs, runs-on, secrets, services, snapshot, steps, timeout-minutes, uses, with
on:
workflow_call:
inputs:
apigee_environment:
required: true
type: string
environment:
required: true
type: string
sub_environment:
required: true
type: string
secrets:
APIGEE_PASSWORD:
required: true
APIGEE_BASIC_AUTH_TOKEN:
required: true
APIGEE_OTP_KEY:
required: true
STATUS_API_KEY:
required: true
workflow_dispatch:
inputs:
apigee_environment:
type: choice
description: Select the Apigee proxy environment
options:
- internal-dev
- internal-dev-sandbox
- sandbox
- internal-qa
- int
- ref
- prod
environment:
type: string
description: Select the backend environment
options:
- dev
- preprod
- prod
sub_environment:
type: string
description: Set the sub environment name e.g. pr-xxx, or green/blue in higher environments
env:
APIGEE_ENVIRONMENT: ${{ inputs.apigee_environment }}
ENVIRONMENT: ${{ inputs.environment }}
SUB_ENVIRONMENT: ${{ inputs.sub_environment }}
SERVICE_BASE_PATH: ${{ startsWith(inputs.sub_environment, 'pr-') && format('immunisation-fhir-api/FHIR/R4-{0}', inputs.sub_environment) || 'immunisation-fhir-api/FHIR/R4' }}
PROXY_NAME: ${{ startsWith(inputs.sub_environment, 'pr-') && format('immunisation-fhir-api-{0}', inputs.sub_environment) || format('immunisation-fhir-api-{0}', inputs.apigee_environment) }}
STATUS_API_KEY: ${{ secrets.STATUS_API_KEY }}
SOURCE_COMMIT_ID: ${{ github.sha }}
permissions:
id-token: write
contents: read
jobs:
permissions:
contents: read
wait-for-deployment:
runs-on: ubuntu-latest
environment: ${{ inputs.apigee_environment }}
outputs:
# Workaround for environment-level variables being unavailable in `jobs.<job-id>.if`.
RUN_BATCH_E2E_TESTS: ${{ vars.RUN_BATCH_E2E_TESTS }}
steps:
- name: Wait for API to be available
run: |
endpoint=""
if [[ ${APIGEE_ENVIRONMENT} =~ "prod" ]]; then
endpoint="https://api.service.nhs.uk/${SERVICE_BASE_PATH}/_status"
else
endpoint="https://${APIGEE_ENVIRONMENT}.api.service.nhs.uk/${SERVICE_BASE_PATH}/_status"
fi
counter=0
while [[ ${counter} -lt 31 ]]; do
response=$(curl -H "apikey: ${STATUS_API_KEY}" -s "${endpoint}")
response_code=$(jq -r '.checks.healthcheck.responseCode' <<< "${response}")
response_body=$(jq -r '.checks.healthcheck.outcome' <<< "${response}")
status=$(jq -r '.status' <<< "${response}")
commitId=$(jq -r '.commitId' <<< "${response}")
if [[ "${response_code}" -eq 200 ]] && [[ "${response_body}" == "OK" ]] && [[ "${status}" == "pass" ]]; then
echo "Status test successful"
if [[ "${commitId}" == "${SOURCE_COMMIT_ID}" ]]; then
echo "Commit hash test successful"
break
else
echo "Waiting for ${endpoint} to return the correct commit hash..."
fi
else
echo "Waiting for ${endpoint} to return a 200 response with 'OK' body..."
fi
((counter=counter+1)) # Increment counter by 1
echo "Attempt ${counter}"
sleep 30
done
if [[ ${counter} -eq 31 ]]; then
echo "Status test failed: Maximum number of attempts reached"
echo "Last response received:"
echo "${response}"
exit 1
fi
e2e-tests:
permissions:
id-token: write
contents: read
runs-on: ubuntu-latest
needs: [wait-for-deployment]
environment: ${{ inputs.apigee_environment }}
env:
APIGEE_USERNAME: ${{ vars.APIGEE_USERNAME }}
TF_OUTPUTS_REQUIRED: ${{ vars.RUN_FULL_E2E_TESTS == 'true' || vars.RUN_PROXY_E2E_TESTS == 'true' }}
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
- name: Connect to AWS
if: ${{ env.TF_OUTPUTS_REQUIRED == 'true' }}
uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708
with:
aws-region: eu-west-2
role-to-assume: arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/auto-ops
role-session-name: github-actions
- uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd
if: ${{ env.TF_OUTPUTS_REQUIRED == 'true' }}
with:
terraform_version: "1.12.2"
- name: Terraform Init
if: ${{ env.TF_OUTPUTS_REQUIRED == 'true' }}
working-directory: infrastructure/instance
run: make init
- name: Set Terraform workspace
if: ${{ env.TF_OUTPUTS_REQUIRED == 'true' }}
working-directory: infrastructure/instance
run: make workspace
- name: Read Terraform outputs
if: ${{ env.TF_OUTPUTS_REQUIRED == 'true' }}
working-directory: infrastructure/instance
run: |
echo "IMMS_DELTA_TABLE_NAME=$(make -s output name=imms_delta_table_name)" >> $GITHUB_ENV
echo "AWS_DOMAIN_NAME=$(make -s output name=service_domain_name)" >> $GITHUB_ENV
echo "DYNAMODB_TABLE_NAME=$(make -s output name=dynamodb_table_name)" >> $GITHUB_ENV
echo "AWS_SQS_QUEUE_NAME=$(make -s output name=aws_sqs_queue_name)" >> $GITHUB_ENV
echo "AWS_SNS_TOPIC_NAME=$(make -s output name=aws_sns_topic_name)" >> $GITHUB_ENV
- name: Install poetry
run: pip install poetry==2.1.4
- uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548
with:
python-version: 3.11
cache: "poetry"
cache-dependency-path: tests/e2e/poetry.lock
- name: Install e2e test dependencies
working-directory: tests/e2e
run: poetry install --no-root
- name: Get Apigee access token
if: ${{ vars.RUN_FULL_E2E_TESTS == 'true' }}
working-directory: tests/e2e
env:
APIGEE_PASSWORD: ${{ secrets.APIGEE_PASSWORD }}
APIGEE_BASIC_AUTH_TOKEN: ${{ secrets.APIGEE_BASIC_AUTH_TOKEN }}
APIGEE_OTP_KEY: ${{ secrets.APIGEE_OTP_KEY }}
run: |
CODE=$(poetry run python utils/compute_totp_code.py "$APIGEE_OTP_KEY")
echo "::add-mask::$CODE"
echo "Requesting access token from Apigee..."
response=$(curl -s -X POST "https://login.apigee.com/oauth/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-H "Accept: application/json;charset=utf-8" \
-H "Authorization: Basic $APIGEE_BASIC_AUTH_TOKEN" \
-d "username=$APIGEE_USERNAME&password=$APIGEE_PASSWORD&mfa_token=$CODE&grant_type=password")
token=$(jq -e -r '.access_token' <<< "$response")
echo "::add-mask::$token"
echo "APIGEE_ACCESS_TOKEN=$token" >> $GITHUB_ENV
- name: Run proxy e2e test suite
if: ${{ vars.RUN_PROXY_E2E_TESTS == 'true' }}
working-directory: tests/e2e
run: poetry run python -m unittest test_proxy
- name: Run sandbox e2e test suite
if: ${{ vars.RUN_SANDBOX_E2E_TESTS == 'true' }}
working-directory: tests/e2e
run: poetry run python -m unittest test_proxy.TestProxyHealthcheck
- name: Run full e2e test suite
if: ${{ vars.RUN_FULL_E2E_TESTS == 'true' }}
working-directory: tests/e2e
run: poetry run python -m unittest
batch-e2e-tests:
permissions:
id-token: write
contents: read
needs: [wait-for-deployment, e2e-tests]
# Only actually depend on wait-for-deployment, but run after e2e-tests
if: ${{ !cancelled() && needs.wait-for-deployment.result == 'success' && needs.wait-for-deployment.outputs.RUN_BATCH_E2E_TESTS == 'true' }}
runs-on: ubuntu-latest
environment: ${{ inputs.apigee_environment }}
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
- name: Connect to AWS
uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708
with:
aws-region: eu-west-2
role-to-assume: arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/auto-ops
role-session-name: github-actions
- name: Install poetry
run: pip install poetry==2.1.4
- uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548
with:
python-version: 3.11
cache: "poetry"
cache-dependency-path: tests/e2e_batch/poetry.lock
- name: Install e2e test dependencies
working-directory: tests/e2e_batch
run: poetry install --no-root
- name: Run batch e2e test suite
working-directory: tests/e2e_batch
env:
ENVIRONMENT: ${{ inputs.sub_environment }}
run: poetry run python -m unittest -c -v