-
Notifications
You must be signed in to change notification settings - Fork 241
138 lines (120 loc) · 5.19 KB
/
Copy pathrun-integration-test.yml
File metadata and controls
138 lines (120 loc) · 5.19 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
# this workflow deploys a Lambda function that uses aws-lambda-java-log4j2,
# invokes it, and verifies that logs arrive in CloudWatch.
name: Run integration tests
permissions:
id-token: write
contents: read
on:
workflow_dispatch:
push:
branches: [ main ]
paths:
- 'aws-lambda-java-log4j2/**'
- 'aws-lambda-java-core/**'
- 'lambda-integration-tests/**'
jobs:
load-matrix:
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.set.outputs.matrix }}
steps:
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
- name: Load test matrix
id: set
run: |
MATRIX=$(jq -c '.' .github/test-matrix.json)
echo "matrix=${MATRIX}" >> "$GITHUB_OUTPUT"
run-integration-tests:
needs: load-matrix
# Only run on the main repo, not forks
if: ${{ github.repository_owner == 'aws' }}
runs-on: ${{ matrix.arch.runner }}
strategy:
fail-fast: false
matrix: ${{ fromJson(needs.load-matrix.outputs.matrix) }}
name: "integration-test (${{ matrix.arch.label }})"
concurrency:
group: integration-test-${{ matrix.arch.label }}
cancel-in-progress: false
steps:
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
- name: Set up JDK
uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5.4.0
with:
java-version: |
8
21
distribution: corretto
cache: maven
- name: Install SAM CLI
uses: aws-actions/setup-sam@f84ec7d548307efafe33230528756de3c5841a17 # v2
with:
use-installer: true
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@8df5847569e6427dd6c4fb1cf565c83acfa8afa7 # v6.0.0
with:
role-to-assume: ${{ secrets.AWS_ROLE_LOG4J2_INTEG_TEST }}
role-session-name: GitHubActionsLog4j2IntegTest
aws-region: ${{ secrets.AWS_REGION_LOG4J2_INTEG_TEST }}
- name: Install core with Maven
run: |
export JAVA_HOME=$JAVA_HOME_8_${{ matrix.arch.java_suffix }}
mvn -B install --file aws-lambda-java-core/pom.xml
- name: Install log4j2 with Maven
run: |
export JAVA_HOME=$JAVA_HOME_8_${{ matrix.arch.java_suffix }}
mvn -B install --file aws-lambda-java-log4j2/pom.xml
- name: Build SAM stack
run: |
export JAVA_HOME=$JAVA_HOME_21_${{ matrix.arch.java_suffix }}
cd lambda-integration-tests && sam build
- name: Validate SAM stack
run: cd lambda-integration-tests && sam validate --lint
- name: Deploy stack
id: deploy_stack
env:
AWS_REGION: ${{ secrets.AWS_REGION_LOG4J2_INTEG_TEST }}
run: |
cd lambda-integration-tests
stackName="aws-lambda-java-log4j2-integ-test-${{ matrix.arch.label }}-$GITHUB_RUN_ID"
echo "STACK_NAME=$stackName" >> "$GITHUB_OUTPUT"
echo "Stack name = $stackName"
sam deploy \
--stack-name "${stackName}" \
--parameter-overrides "ParameterKey=LambdaRole,ParameterValue=${{ secrets.AWS_LAMBDA_ROLE_LOG4J2_INTEG_TEST }} ParameterKey=Architecture,ParameterValue=${{ matrix.arch.sam_arch }}" \
--no-confirm-changeset \
--no-progressbar \
--s3-bucket "${{ secrets.S3_BUCKET_LOG4J2_INTEG_TEST }}" \
--capabilities CAPABILITY_IAM \
2>&1 | tee /tmp/sam-deploy.log | tail -n 20
# Verify stack is in a healthy state
STACK_STATUS=$(aws cloudformation describe-stacks \
--stack-name "${stackName}" \
--region "${AWS_REGION}" \
--query 'Stacks[0].StackStatus' \
--output text 2>&1)
echo "Stack status: $STACK_STATUS"
if [ "$STACK_STATUS" != "CREATE_COMPLETE" ] && [ "$STACK_STATUS" != "UPDATE_COMPLETE" ]; then
echo "FAIL: Stack is not in a healthy state (status: $STACK_STATUS)"
aws cloudformation describe-stack-events \
--stack-name "${stackName}" \
--region "${AWS_REGION}" \
--query 'StackEvents[?ResourceStatus==`CREATE_FAILED` || ResourceStatus==`UPDATE_FAILED`].[LogicalResourceId,ResourceStatusReason]' \
--output table 2>&1 || true
exit 1
fi
LOG4J2_TEST_FUNCTION=$(sam list stack-outputs --stack-name "${stackName}" --output json | jq -r '.[] | select(.OutputKey=="Log4j2TestFunction") | .OutputValue')
echo "LOG4J2_TEST_FUNCTION=$LOG4J2_TEST_FUNCTION" >> "$GITHUB_OUTPUT"
echo "Function name: $LOG4J2_TEST_FUNCTION"
- name: Run integration test
env:
LOG4J2_TEST_FUNCTION: ${{ steps.deploy_stack.outputs.LOG4J2_TEST_FUNCTION }}
AWS_REGION: ${{ secrets.AWS_REGION_LOG4J2_INTEG_TEST }}
run: ./lambda-integration-tests/run-tests.sh
- name: Cleanup
if: always() && steps.deploy_stack.outputs.STACK_NAME
env:
AWS_REGION: ${{ secrets.AWS_REGION_LOG4J2_INTEG_TEST }}
STACK_NAME: ${{ steps.deploy_stack.outputs.STACK_NAME }}
run: |
sam delete --stack-name "${STACK_NAME}" --no-prompts --region "${AWS_REGION}"