ci: integration test config with secrets

Author: abose

.github/workflows/build_verify.yml

@@ -1,26 +1,28 @@
-name: Build verification on push to main branch
-
-on:
-  push:
-    branches: [ main ]
-
-jobs:
-  build-tasks:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-      - name: Npm Install
-        run: |
-          npm ci
-      - name: eslint using npm run eslint
-        run: |
-          npm run lint
-      - name: building build
-        run: |
-          npm run build
-      - name: Unit tests with coverage
-        run: |
-          npm run cover:unit
-      - name: Running Integration tests
-        run: |
-          npm run test:integ
+name: Build verification on push to main branch
+
+on:
+  push:
+    branches: [ main ]
+
+jobs:
+  build-tasks:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Npm Install
+        run: |
+          npm ci
+      - name: eslint using npm run eslint
+        run: |
+          npm run lint
+      - name: building build
+        run: |
+          npm run build
+      - name: Unit tests with coverage
+        run: |
+          npm run cover:unit
+      - name: Running Integration tests
+        env:
+          APP_CONFIG_FOR_INTEG_TESTS: ${{ secrets.APP_CONFIG_FOR_INTEG_TESTS || '' }}
+        run: |
+          npm run test:integ

.github/workflows/js/setupRepository.cjs

@@ -1,107 +1,107 @@
-// goto this link for all available GitHub rest api functions. https://octokit.github.io/rest.js/v18#repos-update
-
-console.log("Hello");
-
-let github, context, org, repoName;
-
-async function createIssue(title, body){
-    await github.rest.issues.create({
-        owner: org,
-        repo: repoName,
-        title: title,
-        body: body
-    });
-}
-
-async function setupRepositoryDefaults(){
-    // send a message to code guardian action repo eventually to enable auto setup https://github.com/aicore/Code-Guardian-Actions
-}
-
-function _isValidRepoInitEvent(){
-    if(context.eventName !== 'create'){
-        return false;
-    }
-    if(!context.ref.endsWith(`/${context.payload.master_branch}`)){
-        return false;
-    }
-    return true;
-}
-
-async function initRepo(details){
-    github = details.github;
-    context = details.context;
-    org = details.org;
-    repoName = details.repoName;
-    if(!_isValidRepoInitEvent()){
-        console.log("Not a valid repo creation event. This task is only meant to be executed at repo creation. Exiting!");
-        return;
-    }
-    await createIssue("Update package.json with your app defaults", _getPackageJsonComment());
-    await createIssue("Verify Build actions on pull requests.", _getVerifyBuildActionComment());
-    await createIssue("Enable Github Wikis for API docs", _getEnableWikiComment());
-    await createIssue("Enable Sonar Cloud Code Checks", _getSonarSetupComment());
-    await createIssue("Setup Repository settings", _setupRepoComment());
-}
-
-function _setupRepoComment(){
-    return `
-## Setup repository settings
-Setup your repository default settings. Goto this url https://github.com/${org}/${repoName}/settings
-
-- [ ] In \`Settings> General> Pull Requests\` uncheck/disable \`Allow merge commits \`
-- [ ] In \`Settings> General> Pull Requests\` uncheck/disable \`Allow auto-merge \`. This is to prevent GitHub secrets leak after malicious pull request auto merges.
-- [ ] In \`Settings> General> Pull Requests\` check/enable \`Automatically delete head branches \`
-- [ ] Delete the file \`.github/workflows/setup_repository.yml\ and \`.github/workflows/js/setupRepository.cjs\`
-`;
-}
-
-
-function _getSonarSetupComment(){
-    return `
-## Enable Sonar Cloud Code Scan for this repo
-Sonar cloud does code scanning for core.ai repos. Ensure that sonar cloud is enabled for this repo.
-
-Usually available in this URL: https://sonarcloud.io/project/overview?id=${org}_${repoName}
-![image](https://user-images.githubusercontent.com/5336369/148695840-65585d04-5e59-450b-8794-54ca3c62b9fe.png)
-
-- [ ] Contact an core.ai org administrator to enable sonar scan for this repo.
-- [ ] Verified that soncar scan code checks are available in your pull requests.
-- [ ] Get you sonar cloud ID for the repo. It will usually look like \`${org}_${repoName}\` for ${org} repos.
-- [ ] Update \`readme.md\` with sonar badges by replacing all \`aicore_template-nodejs-ts\` with the id you got above. See this link for a sample pull request : https://github.com/aicore/libcache/pull/13
-- [ ] Update \`readme.md\` build verification badge by replacing this line \`[![<app> build verification](https://github.com/aicore/template-nodejs/actions/workflows/build_verify.yml/badge.svg)](https://github.com/aicore/template-nodejs/actions/workflows/build_verify.yml)\`
-with \`[![<app> build verification](https://github.com/${org}/${repoName}/actions/workflows/build_verify.yml/badge.svg)](https://github.com/${org}/${repoName}/actions/workflows/build_verify.yml)\`
-`;
-}
-
-function _getEnableWikiComment(){
-    return `
-## Enable Github Wikis for API docs
-API Docs are autogenerated with core.ai repos. Got to the below wiki url and create a home page in wiki to start generating API docs.
-https://github.com/${org}/${repoName}/wiki
-- [ ] Created a home wiki page
-- [ ] Verified that api docs are generated after a push to main branch is done.
-`;
-}
-
-function _getVerifyBuildActionComment(){
-    return `
-## Verify that build actions 
-We use GitHub actions extensively. Verify that Github Actions are being executed with the following url 
-https://github.com/${org}/${repoName}/actions
-- [ ] All Build actions functioning as expected
-`;
-}
-
-function _getPackageJsonComment(){
-    return `
-## Update package.json with your app defaults
-- [ ] update package name to \`@aicore/${repoName}\`
-- [ ] update description
-- [ ] update keywords
-- [ ] update author
-- [ ] update bugs url
-- [ ] update homepage url
-`;
-}
-
-module.exports.initRepo = initRepo;
+// goto this link for all available GitHub rest api functions. https://octokit.github.io/rest.js/v18#repos-update
+
+console.log("Hello");
+
+let github, context, org, repoName;
+
+async function createIssue(title, body){
+    await github.rest.issues.create({
+        owner: org,
+        repo: repoName,
+        title: title,
+        body: body
+    });
+}
+
+async function setupRepositoryDefaults(){
+    // send a message to code guardian action repo eventually to enable auto setup https://github.com/aicore/Code-Guardian-Actions
+}
+
+function _isValidRepoInitEvent(){
+    if(context.eventName !== 'create'){
+        return false;
+    }
+    if(!context.ref.endsWith(`/${context.payload.master_branch}`)){
+        return false;
+    }
+    return true;
+}
+
+async function initRepo(details){
+    github = details.github;
+    context = details.context;
+    org = details.org;
+    repoName = details.repoName;
+    if(!_isValidRepoInitEvent()){
+        console.log("Not a valid repo creation event. This task is only meant to be executed at repo creation. Exiting!");
+        return;
+    }
+    await createIssue("Update package.json with your app defaults", _getPackageJsonComment());
+    await createIssue("Verify Build actions on pull requests.", _getVerifyBuildActionComment());
+    await createIssue("Enable Github Wikis for API docs", _getEnableWikiComment());
+    await createIssue("Enable Sonar Cloud Code Checks", _getSonarSetupComment());
+    await createIssue("Setup Repository settings", _setupRepoComment());
+}
+
+function _setupRepoComment(){
+    return `
+## Setup repository settings
+Setup your repository default settings. Goto this url https://github.com/${org}/${repoName}/settings
+
+- [ ] In \`Settings> General> Pull Requests\` uncheck/disable \`Allow merge commits \`
+- [ ] In \`Settings> General> Pull Requests\` uncheck/disable \`Allow auto-merge \`. This is to prevent GitHub secrets leak after malicious pull request auto merges.
+- [ ] In \`Settings> General> Pull Requests\` check/enable \`Automatically delete head branches \`
+- [ ] Delete the file \`.github/workflows/setup_repository.yml\ and \`.github/workflows/js/setupRepository.cjs\`
+`;
+}
+
+
+function _getSonarSetupComment(){
+    return `
+## Enable Sonar Cloud Code Scan for this repo
+Sonar cloud does code scanning for core.ai repos. Ensure that sonar cloud is enabled for this repo.
+
+Usually available in this URL: https://sonarcloud.io/project/overview?id=${org}_${repoName}
+![image](https://user-images.githubusercontent.com/5336369/148695840-65585d04-5e59-450b-8794-54ca3c62b9fe.png)
+
+- [ ] Contact an core.ai org administrator to enable sonar scan for this repo.
+- [ ] Verified that soncar scan code checks are available in your pull requests.
+- [ ] Get you sonar cloud ID for the repo. It will usually look like \`${org}_${repoName}\` for ${org} repos.
+- [ ] Update \`readme.md\` with sonar badges by replacing all \`aicore_template-nodejs-ts\` with the id you got above. See this link for a sample pull request : https://github.com/aicore/libcache/pull/13
+- [ ] Update \`readme.md\` build verification badge by replacing this line \`[![<app> build verification](https://github.com/aicore/template-nodejs/actions/workflows/build_verify.yml/badge.svg)](https://github.com/aicore/template-nodejs/actions/workflows/build_verify.yml)\`
+with \`[![<app> build verification](https://github.com/${org}/${repoName}/actions/workflows/build_verify.yml/badge.svg)](https://github.com/${org}/${repoName}/actions/workflows/build_verify.yml)\`
+`;
+}
+
+function _getEnableWikiComment(){
+    return `
+## Enable Github Wikis for API docs
+API Docs are autogenerated with core.ai repos. Got to the below wiki url and create a home page in wiki to start generating API docs.
+https://github.com/${org}/${repoName}/wiki
+- [ ] Created a home wiki page
+- [ ] Verified that api docs are generated after a push to main branch is done.
+`;
+}
+
+function _getVerifyBuildActionComment(){
+    return `
+## Verify that build actions 
+We use GitHub actions extensively. Verify that Github Actions are being executed with the following url 
+https://github.com/${org}/${repoName}/actions
+- [ ] All Build actions functioning as expected
+`;
+}
+
+function _getPackageJsonComment(){
+    return `
+## Update package.json with your app defaults
+- [ ] update package name to \`@aicore/${repoName}\`
+- [ ] update description
+- [ ] update keywords
+- [ ] update author
+- [ ] update bugs url
+- [ ] update homepage url
+`;
+}
+
+module.exports.initRepo = initRepo;

.github/workflows/pull-request-verify.yml

@@ -1,28 +1,28 @@
-name: Build verification on pull request
-
-on:
-  pull_request:
-    branches: [ main ]
-
-jobs:
-  build-tasks:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-      - name: Npm Install
-        run: |
-          npm ci
-      - name: eslint using npm run eslint
-        run: |
-          npm run lint
-      - name: building build
-        run: |
-          npm run build
-      - name: Unit tests with coverage
-        run: |
-          npm run cover:unit
-      - name: Running Integration tests
-        # SECURITY WARNING: Remove integration test run (this step) on pull request if any secret access is required to run integration tests.
-        # https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
-        run: |
-          npm run test:integ
+name: Build verification on pull request
+
+on:
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  build-tasks:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Npm Install
+        run: |
+          npm ci
+      - name: eslint using npm run eslint
+        run: |
+          npm run lint
+      - name: building build
+        run: |
+          npm run build
+      - name: Unit tests with coverage
+        run: |
+          npm run cover:unit
+      - name: Running Integration tests
+        # SECURITY WARNING: Remove integration test run (this step) on pull request if any secret access is required to run integration tests.
+        # https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
+        run: |
+          npm run test:integ

.gitignore

@@ -9,6 +9,7 @@ lerna-debug.log*
 # config files
 src/.app.json
 src/app.json
+src/testConfig.json
 
 # IDE exclusions
 .idea

README.md

@@ -11,8 +11,9 @@ export APP_CONFIG=./src/.app.json
 npm install
 npm run serve 
 
-# To hit end point
-curl -X GET 'http://127.0.0.1:5000/hello?name=rambo'  -H 'authorization: Basic 123' -H 'Content-Type: application/json' -v 
+# To hit end point, go to browser url http://127.0.0.1:5000/hello?name=rambo
+# or to hit the authenticated url, do the curl command below 
+curl -X GET 'http://127.0.0.1:5000/helloAuth?name=rambo'  -H 'authorization: Basic 123' -H 'Content-Type: application/json' -v 
 
 ```
 
@@ -79,7 +80,27 @@ To Automatically fix lint errors:
 
 ## Testing
 
-To run all tests:
+### Run unit tests
+```shell
+> npm run test:unit
+```
+
+### Running integration tests locally
+
+```shell
+> npm run test:integ
+```
+You can edit `src/testConfig.json` to change app config for tests after running the above command.
+
+### Running integration tests in GitHub actions
+You have to set a repository secret `APP_CONFIG_FOR_INTEG_TESTS` with
+content of the text config.
+* Goto your repository settings https://github.com/<your org>/<your repo>/settings/secrets/actions
+* Create a new `Repository secret` with name `APP_CONFIG_FOR_INTEG_TESTS` and the secret as the config file contents.
+* The build verify action should now be able to use the secret.
+* Note that pull requests cannot read repository secrets and subsequently cannot run integration tests.
+
+### To run all tests:
 
 ```shell
 > npm run test

package.json

@@ -21,7 +21,8 @@
     "prepare": "test -d node_modules/husky && husky install || echo \"husky is not installed\"",
     "test": "npm run test:unit && npm run test:integ",
     "test:unit": "APP_CONFIG=./test/unit/utils/.app.json mocha test/unit/*.spec.js test/unit/**/*.spec.js  test/unit/**/*.spec.js  test/unit/**/**/*.spec.js --timeout=3000",
-    "test:integ": "APP_CONFIG=./test/integration/.app.json mocha test/integration/*.spec.js test/integration/**/*.spec.js --timeout=3000",
+    "setupIntegTestConfig": "node ./test/integration/setupTestConfig.js",
+    "test:integ": "npm run setupIntegTestConfig && APP_CONFIG=./src/testConfig.json mocha test/integration/*.spec.js test/integration/**/*.spec.js --timeout=3000",
     "printReportsLink": "echo Detailed unit test coverage report: file:///$(pwd)/coverage-unit/index.html && echo Detailed integration test coverage report: file:///$(pwd)/coverage-integration/index.html",
     "cover": "npm run cover:unit",
     "cover:unit": "c8 -c .nycrc.unit.json npm run test:unit && npm run --silent printReportsLink",