From be65164b0a663c9115687dcfd4186dd9c3e9b854 Mon Sep 17 00:00:00 2001 From: Gian Miguel Del Mundo Date: Mon, 24 Mar 2025 16:06:51 +0800 Subject: [PATCH 01/18] Updated branches for branch testing --- .github/workflows/shared-run-e2e-tests.yaml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/shared-run-e2e-tests.yaml b/.github/workflows/shared-run-e2e-tests.yaml index 04d6b3aa..83d9f063 100644 --- a/.github/workflows/shared-run-e2e-tests.yaml +++ b/.github/workflows/shared-run-e2e-tests.yaml @@ -135,7 +135,7 @@ jobs: - name: Checkout uid2-shared-actions repo uses: actions/checkout@v4 with: - ref: v3 + ref: gdm-UID2-5040-e2e repository: IABTechLab/uid2-shared-actions path: uid2-shared-actions @@ -164,7 +164,7 @@ jobs: - name: Prepare GCP metadata id: prepare_gcp_metadata if: ${{ inputs.operator_type == 'gcp' }} - uses: IABTechLab/uid2-shared-actions/actions/prepare_gcp_metadata@v3 + uses: IABTechLab/uid2-shared-actions/actions/prepare_gcp_metadata@gdm-UID2-5040-e2e with: operator_image_version: ${{ inputs.operator_image_version }} target_environment: ${{ inputs.target_environment }} @@ -174,7 +174,7 @@ jobs: - name: Prepare Azure metadata id: prepare_azure_metadata if: ${{ inputs.operator_type == 'azure' }} - uses: IABTechLab/uid2-shared-actions/actions/prepare_azure_metadata@v3 + uses: IABTechLab/uid2-shared-actions/actions/prepare_azure_metadata@gdm-UID2-5040-e2e with: operator_image_version: ${{ inputs.operator_image_version }} target_environment: ${{ inputs.target_environment }} @@ -182,7 +182,7 @@ jobs: - name: Prepare AWS metadata id: prepare_aws_metadata if: ${{ inputs.operator_type == 'aws' }} - uses: IABTechLab/uid2-shared-actions/actions/prepare_aws_metadata@v3 + uses: IABTechLab/uid2-shared-actions/actions/prepare_aws_metadata@gdm-UID2-5040-e2e with: identity_scope: ${{ inputs.identity_scope }} target_environment: ${{ inputs.target_environment }} @@ -191,7 +191,7 @@ jobs: - name: Prepare AKS metadata id: prepare_aks_metadata if: ${{ inputs.operator_type == 'aks' }} - uses: IABTechLab/uid2-shared-actions/actions/prepare_aks_metadata@v3 + uses: IABTechLab/uid2-shared-actions/actions/prepare_aks_metadata@gdm-UID2-5040-e2e with: operator_image_version: ${{ inputs.operator_image_version }} target_environment: ${{ inputs.target_environment }} @@ -217,7 +217,7 @@ jobs: - name: Start GCP private operator id: start_gcp_private_operator if: ${{ inputs.operator_type == 'gcp' }} - uses: IABTechLab/uid2-shared-actions/actions/start_gcp_private_operator@v3 + uses: IABTechLab/uid2-shared-actions/actions/start_gcp_private_operator@gdm-UID2-5040-e2e with: bore_url_core: ${{ steps.bore.outputs.bore_url_core }} bore_url_optout: ${{ steps.bore.outputs.bore_url_optout }} @@ -229,7 +229,7 @@ jobs: - name: Start Azure private operator id: start_azure_private_operator if: ${{ inputs.operator_type == 'azure' }} - uses: IABTechLab/uid2-shared-actions/actions/start_azure_private_operator@v3 + uses: IABTechLab/uid2-shared-actions/actions/start_azure_private_operator@gdm-UID2-5040-e2e with: bore_url_core: ${{ steps.bore.outputs.bore_url_core }} bore_url_optout: ${{ steps.bore.outputs.bore_url_optout }} @@ -241,7 +241,7 @@ jobs: - name: Start AWS private operator id: start_aws_private_operator if: ${{ inputs.operator_type == 'aws' }} - uses: IABTechLab/uid2-shared-actions/actions/start_aws_private_operator@v3 + uses: IABTechLab/uid2-shared-actions/actions/start_aws_private_operator@gdm-UID2-5040-e2e with: bore_url_core: ${{ steps.bore.outputs.bore_url_core }} bore_url_optout: ${{ steps.bore.outputs.bore_url_optout }} @@ -255,7 +255,7 @@ jobs: - name: Start AKS private operator id: start_aks_private_operator if: ${{ inputs.operator_type == 'aks' }} - uses: IABTechLab/uid2-shared-actions/actions/start_aks_private_operator@v3 + uses: IABTechLab/uid2-shared-actions/actions/start_aks_private_operator@gdm-UID2-5040-e2e with: template_file: ${{ steps.prepare_aks_metadata.outputs.template_file }} azure_credentials: ${{ secrets.AZURE_CREDENTIALS }} @@ -279,7 +279,7 @@ jobs: - name: Run E2E tests id: e2e - uses: IABTechLab/uid2-shared-actions/actions/run_e2e_tests@v3 + uses: IABTechLab/uid2-shared-actions/actions/run_e2e_tests@gdm-UID2-5040-e2e with: e2e_network: ${{ steps.decide_env_var.outputs.e2e_network }} e2e_image_version: ${{ inputs.e2e_image_version }} From 757aa2dcd12ea19cdbaafe1429bb959525a69002 Mon Sep 17 00:00:00 2001 From: Gian Miguel Del Mundo Date: Mon, 24 Mar 2025 18:04:40 +0800 Subject: [PATCH 02/18] Updated E2E args and secrets --- .github/workflows/shared-run-e2e-tests.yaml | 27 +++-- actions/run_e2e_tests/action.yaml | 111 +++++++++++------- .../start_aks_private_operator/action.yaml | 4 +- .../start_aws_private_operator/action.yaml | 4 +- .../start_azure_private_operator/action.yaml | 4 +- .../start_gcp_private_operator/action.yaml | 4 +- scripts/aks/start_aks_enclave.sh | 2 +- scripts/aws/start_aws_enclave.sh | 2 +- scripts/azure/start_azure_enclave.sh | 2 +- scripts/decide_e2e_env.sh | 49 +++++--- scripts/gcp/start_gcp_enclave.sh | 2 +- scripts/get_operator_key.sh | 6 +- 12 files changed, 130 insertions(+), 87 deletions(-) diff --git a/.github/workflows/shared-run-e2e-tests.yaml b/.github/workflows/shared-run-e2e-tests.yaml index 83d9f063..43b53e2c 100644 --- a/.github/workflows/shared-run-e2e-tests.yaml +++ b/.github/workflows/shared-run-e2e-tests.yaml @@ -76,6 +76,9 @@ on: env: REGISTRY: ghcr.io + E2E_UID2_INTEG_ARGS_JSON: ${{ secrets.E2E_UID2_INTEG_ARGS_JSON }} + E2E_UID2_INTEG_PRIVATE_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_INTEG_PRIVATE_OPERATOR_API_KEY }} + E2E_UID2_INTEG_GCP_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_INTEG_GCP_OPERATOR_API_KEY }} E2E_UID2_INTEG_AWS_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_INTEG_AWS_OPERATOR_API_KEY }} @@ -265,15 +268,14 @@ jobs: shell: bash env: OPERATOR_TYPE: ${{ inputs.operator_type }} - OPERATOR_URL: ${{ steps.start_gcp_private_operator.outputs.uid2_e2e_pipeline_operator_url }} IDENTITY_SCOPE: ${{ inputs.identity_scope }} TARGET_ENVIRONMENT: ${{ inputs.target_environment }} BORE_URL_CORE: ${{ steps.bore.outputs.bore_url_core }} BORE_URL_OPTOUT: ${{ steps.bore.outputs.bore_url_optout }} - GCP_OPERATOR_URL: ${{ steps.start_gcp_private_operator.outputs.uid2_e2e_pipeline_operator_url }} - AZURE_OPERATOR_URL: ${{ steps.start_azure_private_operator.outputs.uid2_e2e_pipeline_operator_url }} - AWS_OPERATOR_URL: ${{ steps.start_aws_private_operator.outputs.uid2_e2e_pipeline_operator_url }} - AKS_OPERATOR_URL: ${{ steps.start_aks_private_operator.outputs.uid2_e2e_pipeline_operator_url }} + GCP_OPERATOR_URL: ${{ steps.start_gcp_private_operator.outputs.uid2_pipeline_e2e_operator_url }} + AZURE_OPERATOR_URL: ${{ steps.start_azure_private_operator.outputs.uid2_pipeline_e2e_operator_url }} + AWS_OPERATOR_URL: ${{ steps.start_aws_private_operator.outputs.uid2_pipeline_e2e_operator_url }} + AKS_OPERATOR_URL: ${{ steps.start_aks_private_operator.outputs.uid2_pipeline_e2e_operator_url }} run: | bash uid2-shared-actions/scripts/decide_e2e_env.sh @@ -283,13 +285,14 @@ jobs: with: e2e_network: ${{ steps.decide_env_var.outputs.e2e_network }} e2e_image_version: ${{ inputs.e2e_image_version }} - uid2_e2e_identity_scope: ${{ inputs.identity_scope }} - uid2_e2e_pipeline_operator_url: ${{ steps.decide_env_var.outputs.uid2_e2e_pipeline_operator_url }} - uid2_e2e_pipeline_operator_type: ${{ steps.decide_env_var.outputs.uid2_e2e_pipeline_operator_type }} - uid2_e2e_pipeline_operator_cloud_provider: ${{ steps.decide_env_var.outputs.uid2_e2e_pipeline_operator_cloud_provider }} - uid2_e2e_phone_support: ${{ steps.decide_env_var.outputs.uid2_e2e_phone_support }} - uid2_e2e_pipeline_core_url: ${{ steps.decide_env_var.outputs.uid2_e2e_pipeline_core_url }} - uid2_e2e_pipeline_optout_url: ${{ steps.decide_env_var.outputs.uid2_e2e_pipeline_optout_url }} + e2e_identity_scope: ${{ inputs.identity_scope }} + e2e_phone_support: ${{ steps.decide_env_var.outputs.e2e_phone_support }} + uid2_core_e2e_core_url: ${{ steps.decide_env_var.outputs.uid2_core_e2e_core_url }} + uid2_core_e2e_optout_url: ${{ steps.decide_env_var.outputs.uid2_core_e2e_optout_url }} + uid2_pipeline_e2e_core_url: ${{ steps.decide_env_var.outputs.uid2_pipeline_e2e_core_url }} + uid2_pipeline_e2e_operator_url: ${{ steps.decide_env_var.outputs.uid2_pipeline_e2e_operator_url }} + uid2_pipeline_e2e_operator_type: ${{ steps.decide_env_var.outputs.uid2_pipeline_e2e_operator_type }} + uid2_pipeline_e2e_operator_cloud_provider: ${{ steps.decide_env_var.outputs.uid2_pipeline_e2e_operator_cloud_provider }} - name: Stop GCP private operator if: ${{ always() && inputs.operator_shutdown && inputs.operator_type == 'gcp' }} diff --git a/actions/run_e2e_tests/action.yaml b/actions/run_e2e_tests/action.yaml index 3abfa431..60847cbc 100644 --- a/actions/run_e2e_tests/action.yaml +++ b/actions/run_e2e_tests/action.yaml @@ -8,27 +8,39 @@ inputs: e2e_image_version: description: The version of E2E image default: latest - uid2_e2e_identity_scope: + e2e_suites: description: Environment variable to run the E2E test - default: UID2 - uid2_e2e_pipeline_operator_type: + default: E2ECoreTestSuite,E2EPrivateOperatorTestSuite + e2e_env: description: Environment variable to run the E2E test - default: PUBLIC - uid2_e2e_pipeline_operator_url: + default: github-test-pipeline-local + e2e_args_json: description: Environment variable to run the E2E test - default: http://publicoperator:8080 - uid2_e2e_pipeline_operator_cloud_provider: + default: '' + e2e_identity_scope: description: Environment variable to run the E2E test - default: PUBLIC - uid2_e2e_phone_support: + default: UID2 + e2e_phone_support: description: Environment variable to run the E2E test default: 'true' - uid2_e2e_pipeline_core_url: + uid2_core_e2e_core_url: description: Environment variable for Core service - default: 'http://core:8088' - uid2_e2e_pipeline_optout_url: + default: http://core:8088 + uid2_core_e2e_optout_url: description: Environment variable for OptOut service - default: 'http://optout:8081' + default: http://optout:8081 + uid2_pipeline_e2e_core_url: + description: Environment variable to run the E2E test + default: http://core:8088 + uid2_pipeline_e2e_operator_url: + description: Environment variable to run the E2E test + default: http://publicoperator:8080 + uid2_pipeline_e2e_operator_type: + description: Environment variable to run the E2E test + default: PUBLIC + uid2_pipeline_e2e_operator_cloud_provider: + description: Environment variable to run the E2E test + default: PUBLIC runs: using: "composite" @@ -39,30 +51,49 @@ runs: run: | docker pull ghcr.io/iabtechlab/uid2-e2e:${{ inputs.e2e_image_version }} docker images - echo $UID2_E2E_PIPELINE_OPERATOR_TYPE - docker run \ - --env UID2_E2E_ENV='github-test-pipeline' \ - --env UID2_E2E_API_KEY='UID2-C-L-999-fCXrMM.fsR3mDqAXELtWWMS+xG1s7RdgRTMqdOH2qaAo=' \ - --env UID2_E2E_API_KEY_NON_SHARING_RECIPIENT='UID2-C-L-123-t32pCM.5NCX1E94UgOd2f8zhsKmxzCoyhXohHYSSWR8U=' \ - --env UID2_E2E_API_KEY_OLD='UID2-C-L-1000-qxpBsF.ibeCDBpD2bq4Zm7inDacGioUk1aaLeNJrabow=' \ - --env UID2_E2E_API_KEY_SHARING_RECIPIENT='UID2-C-L-1000-qxpBsF.ibeCDBpD2bq4Zm7inDacGioUk1aaLeNJrabow=' \ - --env UID2_E2E_API_SECRET='DzBzbjTJcYL0swDtFs2krRNu+g1Eokm2tBU4dEuD0Wk=' \ - --env UID2_E2E_API_SECRET_NON_SHARING_RECIPIENT='FsD4bvtjMkeTonx6HvQp6u0EiI1ApGH4pIZzZ5P7UcQ=' \ - --env UID2_E2E_API_SECRET_OLD='VT7+t0G/RVueMuVZAL56I2c3JJFSYQfhbu8yo0V/Tds=' \ - --env UID2_E2E_API_SECRET_SHARING_RECIPIENT='VT7+t0G/RVueMuVZAL56I2c3JJFSYQfhbu8yo0V/Tds=' \ - --env UID2_E2E_SUBSCRIPTION_ID='LBk2xJsgrS' \ - --env UID2_E2E_SERVER_PUBLIC_KEY='UID2-X-L-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWyCP9O/6ppffj8f5PUWsEhAoMNdTBnpnkiOPZBkVnLkxOyTjPsKzf5J3ApPHzutAGNGgKAzFc6TuCfo+BWsZtQ==' \ - --env UID2_E2E_ORIGIN='https://example.com' \ - --env UID2_E2E_INVALID_ORIGIN='https://example.org' \ - --env UID2_E2E_IDENTITY_SCOPE='${{ inputs.uid2_e2e_identity_scope }}' \ - --env UID2_E2E_PHONE_SUPPORT='${{ inputs.uid2_e2e_phone_support }}' \ - --env UID2_E2E_PIPELINE_OPERATOR_CLOUD_PROVIDER='${{ inputs.uid2_e2e_pipeline_operator_cloud_provider }}' \ - --env UID2_E2E_PIPELINE_OPERATOR_TYPE='${{ inputs.uid2_e2e_pipeline_operator_type }}' \ - --env UID2_E2E_PIPELINE_OPERATOR_URL='${{ inputs.uid2_e2e_pipeline_operator_url }}' \ - --env UID2_E2E_SITE_ID='999' \ - --env UID2_E2E_CORE_API_TOKEN='UID2-O-L-999-dp9Dt0.JVoGpynN4J8nMA7FxmzsavxJa8B9H74y9xdEE=' \ - --env UID2_E2E_OPTOUT_TO_CALL_CORE_API_TOKEN='UID2-O-L-127-pDqphU.6FuXzThQMY8YEsCA8crqvAlzyGrjcF8P6XO84=' \ - --env UID2_E2E_CORE_URL='${{ inputs.uid2_e2e_pipeline_core_url }}' \ - --env UID2_E2E_OPTOUT_URL='${{ inputs.uid2_e2e_pipeline_optout_url }}' \ - --network '${{ inputs.e2e_network }}' \ - ghcr.io/iabtechlab/uid2-e2e:${{ inputs.e2e_image_version }} + + if [ "${E2E_ENV}" == "github-test-pipeline-local" ]; then + docker run \ + --env E2E_SUITES=${{ inputs.e2e_suites }} \ + --env E2E_ENV=${{ inputs.e2e_env }} \ + --env E2E_IDENTITY_SCOPE='${{ inputs.e2e_identity_scope }}' \ + --env E2E_PHONE_SUPPORT='${{ inputs.e2e_phone_support }}' \ + --env UID2_CORE_E2E_OPERATOR_API_KEY='UID2-O-L-999-dp9Dt0.JVoGpynN4J8nMA7FxmzsavxJa8B9H74y9xdEE=' \ + --env UID2_CORE_E2E_OPTOUT_API_KEY='UID2-O-L-127-pDqphU.6FuXzThQMY8YEsCA8crqvAlzyGrjcF8P6XO84=' \ + --env UID2_CORE_E2E_CORE_URL='${{ inputs.uid2_core_e2e_core_url }}' \ + --env UID2_CORE_E2E_OPTOUT_URL='${{ inputs.uid2_core_e2e_optout_url }}' \ + --env UID2_OPERATOR_E2E_CLIENT_SITE_ID='999' \ + --env UID2_OPERATOR_E2E_CLIENT_API_KEY='UID2-C-L-999-fCXrMM.fsR3mDqAXELtWWMS+xG1s7RdgRTMqdOH2qaAo=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_SECRET='DzBzbjTJcYL0swDtFs2krRNu+g1Eokm2tBU4dEuD0Wk=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_KEY_BEFORE_OPTOUT_CUTOFF='UID2-C-L-1000-qxpBsF.ibeCDBpD2bq4Zm7inDacGioUk1aaLeNJrabow=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_SECRET_BEFORE_OPTOUT_CUTOFF='VT7+t0G/RVueMuVZAL56I2c3JJFSYQfhbu8yo0V/Tds=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_KEY_SHARING_RECIPIENT='UID2-C-L-1000-qxpBsF.ibeCDBpD2bq4Zm7inDacGioUk1aaLeNJrabow=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_SECRET_SHARING_RECIPIENT='VT7+t0G/RVueMuVZAL56I2c3JJFSYQfhbu8yo0V/Tds=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_KEY_SHARING_NON_RECIPIENT='UID2-C-L-123-t32pCM.5NCX1E94UgOd2f8zhsKmxzCoyhXohHYSSWR8U=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_SECRET_NON_SHARING_RECIPIENT='FsD4bvtjMkeTonx6HvQp6u0EiI1ApGH4pIZzZ5P7UcQ=' \ + --env UID2_OPERATOR_E2E_CSTG_SUBSCRIPTION_ID='LBk2xJsgrS' \ + --env UID2_OPERATOR_E2E_CSTG_SERVER_PUBLIC_KEY='UID2-X-L-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWyCP9O/6ppffj8f5PUWsEhAoMNdTBnpnkiOPZBkVnLkxOyTjPsKzf5J3ApPHzutAGNGgKAzFc6TuCfo+BWsZtQ==' \ + --env UID2_OPERATOR_E2E_CSTG_ORIGIN='https://example.com' \ + --env UID2_OPERATOR_E2E_CSTG_INVALID_ORIGIN='https://example.org' \ + --env UID2_PIPELINE_E2E_CORE_URL='${{ inputs.uid2_pipeline_e2e_core_url }}' \ + --env UID2_PIPELINE_E2E_OPERATOR_URL='${{ inputs.uid2_pipeline_e2e_operator_url }}' \ + --env UID2_PIPELINE_E2E_OPERATOR_TYPE='${{ inputs.uid2_pipeline_e2e_operator_type }}' \ + --env UID2_PIPELINE_E2E_OPERATOR_CLOUD_PROVIDER='${{ inputs.uid2_pipeline_e2e_operator_cloud_provider }}' \ + --network '${{ inputs.e2e_network }}' \ + ghcr.io/iabtechlab/uid2-e2e:${{ inputs.e2e_image_version }} + else + docker run \ + --env E2E_SUITES='${{ inputs.e2e_suites }}' \ + --env E2E_ARGS_JSON='${{ inputs.e2e_args_json }}' \ + --env E2E_ENV='${{ inputs.e2e_env }}' \ + --env E2E_IDENTITY_SCOPE='${{ inputs.e2e_identity_scope }}' \ + --env E2E_PHONE_SUPPORT='${{ inputs.e2e_phone_support }}' \ + --env UID2_CORE_E2E_CORE_URL='${{ inputs.uid2_core_e2e_core_url }}' \ + --env UID2_CORE_E2E_OPTOUT_URL='${{ inputs.uid2_core_e2e_optout_url }}' \ + --env UID2_PIPELINE_E2E_CORE_URL='${{ inputs.uid2_pipeline_e2e_core_url }}' \ + --env UID2_PIPELINE_E2E_OPERATOR_URL='${{ inputs.uid2_pipeline_e2e_operator_url }}' \ + --env UID2_PIPELINE_E2E_OPERATOR_TYPE='${{ inputs.uid2_pipeline_e2e_operator_type }}' \ + --env UID2_PIPELINE_E2E_OPERATOR_CLOUD_PROVIDER='${{ inputs.uid2_pipeline_e2e_operator_cloud_provider }}' \ + --network '${{ inputs.e2e_network }}' \ + ghcr.io/iabtechlab/uid2-e2e:${{ inputs.e2e_image_version }} + fi diff --git a/actions/start_aks_private_operator/action.yaml b/actions/start_aks_private_operator/action.yaml index dfa1bedd..10b122ae 100644 --- a/actions/start_aks_private_operator/action.yaml +++ b/actions/start_aks_private_operator/action.yaml @@ -10,9 +10,9 @@ inputs: required: true outputs: - uid2_e2e_pipeline_operator_url: + uid2_pipeline_e2e_operator_url: description: The AKS operator URL - value: ${{ steps.start_aks.outputs.uid2_e2e_pipeline_operator_url }} + value: ${{ steps.start_aks.outputs.uid2_pipeline_e2e_operator_url }} runs: using: "composite" diff --git a/actions/start_aws_private_operator/action.yaml b/actions/start_aws_private_operator/action.yaml index 70b147ac..0ba3d324 100644 --- a/actions/start_aws_private_operator/action.yaml +++ b/actions/start_aws_private_operator/action.yaml @@ -31,9 +31,9 @@ outputs: aws_stack_name: description: The AWS instance name value: ${{ steps.start_aws.outputs.AWS_STACK_NAME }} - uid2_e2e_pipeline_operator_url: + uid2_pipeline_e2e_operator_url: description: The AWS operator URL - value: ${{ steps.start_aws.outputs.uid2_e2e_pipeline_operator_url }} + value: ${{ steps.start_aws.outputs.uid2_pipeline_e2e_operator_url }} runs: using: "composite" diff --git a/actions/start_azure_private_operator/action.yaml b/actions/start_azure_private_operator/action.yaml index fea4245f..d1fbd6f1 100644 --- a/actions/start_azure_private_operator/action.yaml +++ b/actions/start_azure_private_operator/action.yaml @@ -25,9 +25,9 @@ outputs: azure_container_group_name: description: The Azure instance name value: ${{ steps.start_azure.outputs.azure_container_group_name }} - uid2_e2e_pipeline_operator_url: + uid2_pipeline_e2e_operator_url: description: The Azure operator URL - value: ${{ steps.start_azure.outputs.uid2_e2e_pipeline_operator_url }} + value: ${{ steps.start_azure.outputs.uid2_pipeline_e2e_operator_url }} runs: using: "composite" diff --git a/actions/start_gcp_private_operator/action.yaml b/actions/start_gcp_private_operator/action.yaml index ecc61235..3873a175 100644 --- a/actions/start_gcp_private_operator/action.yaml +++ b/actions/start_gcp_private_operator/action.yaml @@ -25,9 +25,9 @@ outputs: gcp_instance_name: description: The GCP instance name value: ${{ steps.start_gcp.outputs.GCP_INSTANCE_NAME }} - uid2_e2e_pipeline_operator_url: + uid2_pipeline_e2e_operator_url: description: The GCP operator URL - value: ${{ steps.start_gcp.outputs.uid2_e2e_pipeline_operator_url }} + value: ${{ steps.start_gcp.outputs.uid2_pipeline_e2e_operator_url }} runs: using: "composite" diff --git a/scripts/aks/start_aks_enclave.sh b/scripts/aks/start_aks_enclave.sh index 6f68ffd8..2834891f 100644 --- a/scripts/aks/start_aks_enclave.sh +++ b/scripts/aks/start_aks_enclave.sh @@ -37,7 +37,7 @@ fi IP=$(az network public-ip list --resource-group ${AKS_NODE_RESOURCE_GROUP} --query "[?starts_with(name, 'kubernetes')].ipAddress" --output tsv) echo "Instance IP: ${IP}" -echo "uid2_e2e_pipeline_operator_url=http://${IP}" >> ${GITHUB_OUTPUT} +echo "uid2_pipeline_e2e_operator_url=http://${IP}" >> ${GITHUB_OUTPUT} HEALTHCHECK_URL="http://${IP}/ops/healthcheck" diff --git a/scripts/aws/start_aws_enclave.sh b/scripts/aws/start_aws_enclave.sh index 2573acdc..08b36a6d 100644 --- a/scripts/aws/start_aws_enclave.sh +++ b/scripts/aws/start_aws_enclave.sh @@ -89,7 +89,7 @@ AWS_INSTANCE_URL=$(python ${ROOT}/aws/get_instance_url.py \ --stack "${AWS_STACK_NAME}") echo "Instance URL: ${AWS_INSTANCE_URL}" -echo "uid2_e2e_pipeline_operator_url=${AWS_INSTANCE_URL}" >> ${GITHUB_OUTPUT} +echo "uid2_pipeline_e2e_operator_url=${AWS_INSTANCE_URL}" >> ${GITHUB_OUTPUT} HEALTHCHECK_URL="${AWS_INSTANCE_URL}/ops/healthcheck" diff --git a/scripts/azure/start_azure_enclave.sh b/scripts/azure/start_azure_enclave.sh index 0b02ad48..c6064818 100644 --- a/scripts/azure/start_azure_enclave.sh +++ b/scripts/azure/start_azure_enclave.sh @@ -85,7 +85,7 @@ IP=$(az deployment group show \ --query properties.outputs.containerIPv4Address.value | tr -d '"') echo "Instance IP: ${IP}" -echo "uid2_e2e_pipeline_operator_url=http://${IP}:8080" >> ${GITHUB_OUTPUT} +echo "uid2_pipeline_e2e_operator_url=http://${IP}:8080" >> ${GITHUB_OUTPUT} HEALTHCHECK_URL="http://${IP}:8080/ops/healthcheck" diff --git a/scripts/decide_e2e_env.sh b/scripts/decide_e2e_env.sh index 9c22e831..3ea9bd81 100644 --- a/scripts/decide_e2e_env.sh +++ b/scripts/decide_e2e_env.sh @@ -27,34 +27,45 @@ else fi if [ "${OPERATOR_TYPE}" == "public" ]; then - echo "uid2_e2e_pipeline_operator_type=PUBLIC" >> ${GITHUB_OUTPUT} - echo "uid2_e2e_pipeline_operator_url=http://publicoperator:8080" >> ${GITHUB_OUTPUT} - echo "uid2_e2e_pipeline_operator_cloud_provider=PUBLIC" >> ${GITHUB_OUTPUT} - echo "uid2_e2e_pipeline_core_url=http://core:8088" >> ${GITHUB_OUTPUT} - echo "uid2_e2e_pipeline_optout_url=http://optout:8081" >> ${GITHUB_OUTPUT} + echo "e2e_suites=E2ECoreTestSuite,E2EPublicOperatorTestSuite" >> ${GITHUB_OUTPUT} + echo "e2e_env=github-test-pipeline-local" >> ${GITHUB_OUTPUT} + echo "uid2_core_e2e_core_url=http://core:8088" >> ${GITHUB_OUTPUT} + echo "uid2_core_e2e_optout_url=http://optout:8081" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_core_url=http://core:8088" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_url=http://publicoperator:8080" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_type=PUBLIC" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_cloud_provider=PUBLIC" >> ${GITHUB_OUTPUT} else - echo "uid2_e2e_pipeline_operator_type=PRIVATE" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_type=PRIVATE" >> ${GITHUB_OUTPUT} + + if [ "${TARGET_ENVIRONMENT}" == "mock" ]; then + echo "e2e_suites=E2ECoreTestSuite,E2EPrivateOperatorTestSuite" >> ${GITHUB_OUTPUT} + echo "e2e_env=github-test-pipeline-local" >> ${GITHUB_OUTPUT} + echo "uid2_core_e2e_core_url=${BORE_URL_CORE}" >> ${GITHUB_OUTPUT} + echo "uid2_core_e2e_optout_url=${BORE_URL_OPTOUT}" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_core_url=${BORE_URL_CORE}" >> ${GITHUB_OUTPUT} + else + echo "e2e_suites=E2EPrivateOperatorTestSuite" >> ${GITHUB_OUTPUT} + echo "e2e_env=github-test-pipeline" >> ${GITHUB_OUTPUT} + fi if [ "${OPERATOR_TYPE}" == "gcp" ]; then - echo "uid2_e2e_pipeline_operator_cloud_provider=GCP" >> ${GITHUB_OUTPUT} - echo "uid2_e2e_pipeline_operator_url=${GCP_OPERATOR_URL}" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_url=${GCP_OPERATOR_URL}" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_cloud_provider=GCP" >> ${GITHUB_OUTPUT} elif [ "${OPERATOR_TYPE}" == "azure" ]; then - echo "uid2_e2e_pipeline_operator_cloud_provider=AZURE" >> ${GITHUB_OUTPUT} - echo "uid2_e2e_pipeline_operator_url=${AZURE_OPERATOR_URL}" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_url=${AZURE_OPERATOR_URL}" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_cloud_provider=AZURE" >> ${GITHUB_OUTPUT} elif [ "${OPERATOR_TYPE}" == "aws" ]; then - echo "uid2_e2e_pipeline_operator_cloud_provider=AWS" >> ${GITHUB_OUTPUT} - echo "uid2_e2e_pipeline_operator_url=${AWS_OPERATOR_URL}" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_url=${AWS_OPERATOR_URL}" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_cloud_provider=AWS" >> ${GITHUB_OUTPUT} elif [ "${OPERATOR_TYPE}" == "aks" ]; then - echo "uid2_e2e_pipeline_operator_cloud_provider=AZURE" >> ${GITHUB_OUTPUT} - echo "uid2_e2e_pipeline_operator_url=${AKS_OPERATOR_URL}" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_url=${AKS_OPERATOR_URL}" >> ${GITHUB_OUTPUT} + echo "uid2_pipeline_e2e_operator_cloud_provider=AZURE" >> ${GITHUB_OUTPUT} fi - - echo "uid2_e2e_pipeline_core_url=${BORE_URL_CORE}" >> ${GITHUB_OUTPUT} - echo "uid2_e2e_pipeline_optout_url=${BORE_URL_OPTOUT}" >> ${GITHUB_OUTPUT} fi if [ "${IDENTITY_SCOPE}" == "UID2" ]; then - echo "uid2_e2e_phone_support=true" >> ${GITHUB_OUTPUT} + echo "e2e_phone_support=true" >> ${GITHUB_OUTPUT} elif [ "${IDENTITY_SCOPE}" == "EUID" ]; then - echo "uid2_e2e_phone_support=false" >> ${GITHUB_OUTPUT} + echo "e2e_phone_support=false" >> ${GITHUB_OUTPUT} fi diff --git a/scripts/gcp/start_gcp_enclave.sh b/scripts/gcp/start_gcp_enclave.sh index 385b393c..7c56db8c 100644 --- a/scripts/gcp/start_gcp_enclave.sh +++ b/scripts/gcp/start_gcp_enclave.sh @@ -72,7 +72,7 @@ IP=$(gcloud compute instances describe ${GCP_INSTANCE_NAME} \ --format='get(networkInterfaces[0].accessConfigs[0].natIP)') echo "Instance IP: ${IP}" -echo "uid2_e2e_pipeline_operator_url=http://${IP}:8080" >> ${GITHUB_OUTPUT} +echo "uid2_pipeline_e2e_operator_url=http://${IP}:8080" >> ${GITHUB_OUTPUT} HEALTHCHECK_URL="http://${IP}:8080/ops/healthcheck" diff --git a/scripts/get_operator_key.sh b/scripts/get_operator_key.sh index e27aa2e2..910f739d 100644 --- a/scripts/get_operator_key.sh +++ b/scripts/get_operator_key.sh @@ -22,10 +22,8 @@ if [ "${TARGET_ENVIRONMENT}" == "mock" ]; then OPERATOR_FILE="${ROOT}/operators/operators.json" OPERATOR_KEY=$(jq -r '.[] | select(.protocol=="'${ENCLAVE_PROTOCOL}'") | .key' ${OPERATOR_FILE}) -elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${ENCLAVE_PROTOCOL}" == "gcp-oidc" ]; then - OPERATOR_KEY=${E2E_UID2_INTEG_GCP_OPERATOR_API_KEY} -elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${ENCLAVE_PROTOCOL}" == "aws-nitro" ]; then - OPERATOR_KEY=${E2E_UID2_INTEG_AWS_OPERATOR_API_KEY} +elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ]; then + OPERATOR_KEY=${E2E_UID2_INTEG_PRIVATE_OPERATOR_API_KEY} elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${ENCLAVE_PROTOCOL}" == "gcp-oidc" ]; then OPERATOR_KEY=${E2E_UID2_PROD_GCP_OPERATOR_API_KEY} elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${ENCLAVE_PROTOCOL}" == "aws-nitro" ]; then From a2bce0664e867044fe7f0ba6bf0dac308e475129 Mon Sep 17 00:00:00 2001 From: Gian Miguel Del Mundo Date: Mon, 24 Mar 2025 18:50:00 +0800 Subject: [PATCH 03/18] Updated E2E run command --- .github/workflows/shared-run-e2e-tests.yaml | 11 ++- actions/run_e2e_tests/action.yaml | 98 +++++++++++---------- scripts/decide_e2e_env.sh | 16 ++++ 3 files changed, 77 insertions(+), 48 deletions(-) diff --git a/.github/workflows/shared-run-e2e-tests.yaml b/.github/workflows/shared-run-e2e-tests.yaml index 43b53e2c..51d9be28 100644 --- a/.github/workflows/shared-run-e2e-tests.yaml +++ b/.github/workflows/shared-run-e2e-tests.yaml @@ -79,12 +79,19 @@ env: E2E_UID2_INTEG_ARGS_JSON: ${{ secrets.E2E_UID2_INTEG_ARGS_JSON }} E2E_UID2_INTEG_PRIVATE_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_INTEG_PRIVATE_OPERATOR_API_KEY }} + E2E_UID2_PROD_ARGS_JSON: ${{ secrets.E2E_UID2_PROD_ARGS_JSON }} + E2E_UID2_PROD_PRIVATE_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_PROD_PRIVATE_OPERATOR_API_KEY }} + + E2E_EUID_INTEG_ARGS_JSON: ${{ secrets.E2E_EUID_INTEG_ARGS_JSON }} + E2E_EUID_INTEG_PRIVATE_OPERATOR_API_KEY: ${{ secrets.E2E_EUID_INTEG_PRIVATE_OPERATOR_API_KEY }} + + E2E_EUID_PROD_ARGS_JSON: ${{ secrets.E2E_EUID_PROD_ARGS_JSON }} + E2E_EUID_PROD_PRIVATE_OPERATOR_API_KEY: ${{ secrets.E2E_EUID_PROD_PRIVATE_OPERATOR_API_KEY }} + E2E_UID2_INTEG_GCP_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_INTEG_GCP_OPERATOR_API_KEY }} E2E_UID2_INTEG_AWS_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_INTEG_AWS_OPERATOR_API_KEY }} - E2E_UID2_PROD_GCP_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_PROD_GCP_OPERATOR_API_KEY }} E2E_UID2_PROD_AWS_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_PROD_AWS_OPERATOR_API_KEY }} - E2E_EUID_INTEG_AWS_OPERATOR_API_KEY: ${{ secrets.E2E_EUID_INTEG_AWS_OPERATOR_API_KEY }} E2E_EUID_PROD_AWS_OPERATOR_API_KEY: ${{ secrets.E2E_EUID_PROD_AWS_OPERATOR_API_KEY }} diff --git a/actions/run_e2e_tests/action.yaml b/actions/run_e2e_tests/action.yaml index 60847cbc..659aa8d8 100644 --- a/actions/run_e2e_tests/action.yaml +++ b/actions/run_e2e_tests/action.yaml @@ -46,54 +46,60 @@ runs: using: "composite" steps: - - name: Run E2E tests + - name: Pull E2E image shell: bash run: | docker pull ghcr.io/iabtechlab/uid2-e2e:${{ inputs.e2e_image_version }} docker images - if [ "${E2E_ENV}" == "github-test-pipeline-local" ]; then - docker run \ - --env E2E_SUITES=${{ inputs.e2e_suites }} \ - --env E2E_ENV=${{ inputs.e2e_env }} \ - --env E2E_IDENTITY_SCOPE='${{ inputs.e2e_identity_scope }}' \ - --env E2E_PHONE_SUPPORT='${{ inputs.e2e_phone_support }}' \ - --env UID2_CORE_E2E_OPERATOR_API_KEY='UID2-O-L-999-dp9Dt0.JVoGpynN4J8nMA7FxmzsavxJa8B9H74y9xdEE=' \ - --env UID2_CORE_E2E_OPTOUT_API_KEY='UID2-O-L-127-pDqphU.6FuXzThQMY8YEsCA8crqvAlzyGrjcF8P6XO84=' \ - --env UID2_CORE_E2E_CORE_URL='${{ inputs.uid2_core_e2e_core_url }}' \ - --env UID2_CORE_E2E_OPTOUT_URL='${{ inputs.uid2_core_e2e_optout_url }}' \ - --env UID2_OPERATOR_E2E_CLIENT_SITE_ID='999' \ - --env UID2_OPERATOR_E2E_CLIENT_API_KEY='UID2-C-L-999-fCXrMM.fsR3mDqAXELtWWMS+xG1s7RdgRTMqdOH2qaAo=' \ - --env UID2_OPERATOR_E2E_CLIENT_API_SECRET='DzBzbjTJcYL0swDtFs2krRNu+g1Eokm2tBU4dEuD0Wk=' \ - --env UID2_OPERATOR_E2E_CLIENT_API_KEY_BEFORE_OPTOUT_CUTOFF='UID2-C-L-1000-qxpBsF.ibeCDBpD2bq4Zm7inDacGioUk1aaLeNJrabow=' \ - --env UID2_OPERATOR_E2E_CLIENT_API_SECRET_BEFORE_OPTOUT_CUTOFF='VT7+t0G/RVueMuVZAL56I2c3JJFSYQfhbu8yo0V/Tds=' \ - --env UID2_OPERATOR_E2E_CLIENT_API_KEY_SHARING_RECIPIENT='UID2-C-L-1000-qxpBsF.ibeCDBpD2bq4Zm7inDacGioUk1aaLeNJrabow=' \ - --env UID2_OPERATOR_E2E_CLIENT_API_SECRET_SHARING_RECIPIENT='VT7+t0G/RVueMuVZAL56I2c3JJFSYQfhbu8yo0V/Tds=' \ - --env UID2_OPERATOR_E2E_CLIENT_API_KEY_SHARING_NON_RECIPIENT='UID2-C-L-123-t32pCM.5NCX1E94UgOd2f8zhsKmxzCoyhXohHYSSWR8U=' \ - --env UID2_OPERATOR_E2E_CLIENT_API_SECRET_NON_SHARING_RECIPIENT='FsD4bvtjMkeTonx6HvQp6u0EiI1ApGH4pIZzZ5P7UcQ=' \ - --env UID2_OPERATOR_E2E_CSTG_SUBSCRIPTION_ID='LBk2xJsgrS' \ - --env UID2_OPERATOR_E2E_CSTG_SERVER_PUBLIC_KEY='UID2-X-L-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWyCP9O/6ppffj8f5PUWsEhAoMNdTBnpnkiOPZBkVnLkxOyTjPsKzf5J3ApPHzutAGNGgKAzFc6TuCfo+BWsZtQ==' \ - --env UID2_OPERATOR_E2E_CSTG_ORIGIN='https://example.com' \ - --env UID2_OPERATOR_E2E_CSTG_INVALID_ORIGIN='https://example.org' \ - --env UID2_PIPELINE_E2E_CORE_URL='${{ inputs.uid2_pipeline_e2e_core_url }}' \ - --env UID2_PIPELINE_E2E_OPERATOR_URL='${{ inputs.uid2_pipeline_e2e_operator_url }}' \ - --env UID2_PIPELINE_E2E_OPERATOR_TYPE='${{ inputs.uid2_pipeline_e2e_operator_type }}' \ - --env UID2_PIPELINE_E2E_OPERATOR_CLOUD_PROVIDER='${{ inputs.uid2_pipeline_e2e_operator_cloud_provider }}' \ - --network '${{ inputs.e2e_network }}' \ - ghcr.io/iabtechlab/uid2-e2e:${{ inputs.e2e_image_version }} - else - docker run \ - --env E2E_SUITES='${{ inputs.e2e_suites }}' \ - --env E2E_ARGS_JSON='${{ inputs.e2e_args_json }}' \ - --env E2E_ENV='${{ inputs.e2e_env }}' \ - --env E2E_IDENTITY_SCOPE='${{ inputs.e2e_identity_scope }}' \ - --env E2E_PHONE_SUPPORT='${{ inputs.e2e_phone_support }}' \ - --env UID2_CORE_E2E_CORE_URL='${{ inputs.uid2_core_e2e_core_url }}' \ - --env UID2_CORE_E2E_OPTOUT_URL='${{ inputs.uid2_core_e2e_optout_url }}' \ - --env UID2_PIPELINE_E2E_CORE_URL='${{ inputs.uid2_pipeline_e2e_core_url }}' \ - --env UID2_PIPELINE_E2E_OPERATOR_URL='${{ inputs.uid2_pipeline_e2e_operator_url }}' \ - --env UID2_PIPELINE_E2E_OPERATOR_TYPE='${{ inputs.uid2_pipeline_e2e_operator_type }}' \ - --env UID2_PIPELINE_E2E_OPERATOR_CLOUD_PROVIDER='${{ inputs.uid2_pipeline_e2e_operator_cloud_provider }}' \ - --network '${{ inputs.e2e_network }}' \ - ghcr.io/iabtechlab/uid2-e2e:${{ inputs.e2e_image_version }} - fi + - name: Run mock E2E tests + if: ${{ inputs.e2e_env == 'github-test-pipeline-local' }} + shell: bash + run: | + docker run \ + --env E2E_SUITES=${{ inputs.e2e_suites }} \ + --env E2E_ENV=${{ inputs.e2e_env }} \ + --env E2E_IDENTITY_SCOPE='${{ inputs.e2e_identity_scope }}' \ + --env E2E_PHONE_SUPPORT='${{ inputs.e2e_phone_support }}' \ + --env UID2_CORE_E2E_OPERATOR_API_KEY='UID2-O-L-999-dp9Dt0.JVoGpynN4J8nMA7FxmzsavxJa8B9H74y9xdEE=' \ + --env UID2_CORE_E2E_OPTOUT_API_KEY='UID2-O-L-127-pDqphU.6FuXzThQMY8YEsCA8crqvAlzyGrjcF8P6XO84=' \ + --env UID2_CORE_E2E_CORE_URL='${{ inputs.uid2_core_e2e_core_url }}' \ + --env UID2_CORE_E2E_OPTOUT_URL='${{ inputs.uid2_core_e2e_optout_url }}' \ + --env UID2_OPERATOR_E2E_CLIENT_SITE_ID='999' \ + --env UID2_OPERATOR_E2E_CLIENT_API_KEY='UID2-C-L-999-fCXrMM.fsR3mDqAXELtWWMS+xG1s7RdgRTMqdOH2qaAo=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_SECRET='DzBzbjTJcYL0swDtFs2krRNu+g1Eokm2tBU4dEuD0Wk=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_KEY_BEFORE_OPTOUT_CUTOFF='UID2-C-L-1000-qxpBsF.ibeCDBpD2bq4Zm7inDacGioUk1aaLeNJrabow=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_SECRET_BEFORE_OPTOUT_CUTOFF='VT7+t0G/RVueMuVZAL56I2c3JJFSYQfhbu8yo0V/Tds=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_KEY_SHARING_RECIPIENT='UID2-C-L-1000-qxpBsF.ibeCDBpD2bq4Zm7inDacGioUk1aaLeNJrabow=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_SECRET_SHARING_RECIPIENT='VT7+t0G/RVueMuVZAL56I2c3JJFSYQfhbu8yo0V/Tds=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_KEY_SHARING_NON_RECIPIENT='UID2-C-L-123-t32pCM.5NCX1E94UgOd2f8zhsKmxzCoyhXohHYSSWR8U=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_SECRET_NON_SHARING_RECIPIENT='FsD4bvtjMkeTonx6HvQp6u0EiI1ApGH4pIZzZ5P7UcQ=' \ + --env UID2_OPERATOR_E2E_CSTG_SUBSCRIPTION_ID='LBk2xJsgrS' \ + --env UID2_OPERATOR_E2E_CSTG_SERVER_PUBLIC_KEY='UID2-X-L-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWyCP9O/6ppffj8f5PUWsEhAoMNdTBnpnkiOPZBkVnLkxOyTjPsKzf5J3ApPHzutAGNGgKAzFc6TuCfo+BWsZtQ==' \ + --env UID2_OPERATOR_E2E_CSTG_ORIGIN='https://example.com' \ + --env UID2_OPERATOR_E2E_CSTG_INVALID_ORIGIN='https://example.org' \ + --env UID2_PIPELINE_E2E_CORE_URL='${{ inputs.uid2_pipeline_e2e_core_url }}' \ + --env UID2_PIPELINE_E2E_OPERATOR_URL='${{ inputs.uid2_pipeline_e2e_operator_url }}' \ + --env UID2_PIPELINE_E2E_OPERATOR_TYPE='${{ inputs.uid2_pipeline_e2e_operator_type }}' \ + --env UID2_PIPELINE_E2E_OPERATOR_CLOUD_PROVIDER='${{ inputs.uid2_pipeline_e2e_operator_cloud_provider }}' \ + --network '${{ inputs.e2e_network }}' \ + ghcr.io/iabtechlab/uid2-e2e:${{ inputs.e2e_image_version }} + + - name: Run real E2E tests + if: ${{ inputs.e2e_env == 'github-test-pipeline' }} + shell: bash + run: | + docker run \ + --env E2E_SUITES='${{ inputs.e2e_suites }}' \ + --env E2E_ARGS_JSON='${{ inputs.e2e_args_json }}' \ + --env E2E_ENV='${{ inputs.e2e_env }}' \ + --env E2E_IDENTITY_SCOPE='${{ inputs.e2e_identity_scope }}' \ + --env E2E_PHONE_SUPPORT='${{ inputs.e2e_phone_support }}' \ + --env UID2_CORE_E2E_CORE_URL='${{ inputs.uid2_core_e2e_core_url }}' \ + --env UID2_CORE_E2E_OPTOUT_URL='${{ inputs.uid2_core_e2e_optout_url }}' \ + --env UID2_PIPELINE_E2E_CORE_URL='${{ inputs.uid2_pipeline_e2e_core_url }}' \ + --env UID2_PIPELINE_E2E_OPERATOR_URL='${{ inputs.uid2_pipeline_e2e_operator_url }}' \ + --env UID2_PIPELINE_E2E_OPERATOR_TYPE='${{ inputs.uid2_pipeline_e2e_operator_type }}' \ + --env UID2_PIPELINE_E2E_OPERATOR_CLOUD_PROVIDER='${{ inputs.uid2_pipeline_e2e_operator_cloud_provider }}' \ + --network '${{ inputs.e2e_network }}' \ + ghcr.io/iabtechlab/uid2-e2e:${{ inputs.e2e_image_version }} diff --git a/scripts/decide_e2e_env.sh b/scripts/decide_e2e_env.sh index 3ea9bd81..1b1070ec 100644 --- a/scripts/decide_e2e_env.sh +++ b/scripts/decide_e2e_env.sh @@ -47,6 +47,19 @@ else else echo "e2e_suites=E2EPrivateOperatorTestSuite" >> ${GITHUB_OUTPUT} echo "e2e_env=github-test-pipeline" >> ${GITHUB_OUTPUT} + + if [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ]; then + echo "e2e_args_json=${E2E_UID2_INTEG_ARGS_JSON}" >> ${GITHUB_OUTPUT} + elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ]; then + echo "e2e_args_json=${E2E_UID2_PROD_ARGS_JSON}" >> ${GITHUB_OUTPUT} + elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ]; then + echo "e2e_args_json=${E2E_EUID_INTEG_ARGS_JSON}" >> ${GITHUB_OUTPUT} + elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ]; then + echo "e2e_args_json=${E2E_EUID_PROD_ARGS_JSON}" >> ${GITHUB_OUTPUT} + else + echo "Arguments not supported: IDENTITY_SCOPE=${IDENTITY_SCOPE}, TARGET_ENVIRONMENT=${TARGET_ENVIRONMENT}" + exit 1 + fi fi if [ "${OPERATOR_TYPE}" == "gcp" ]; then @@ -68,4 +81,7 @@ if [ "${IDENTITY_SCOPE}" == "UID2" ]; then echo "e2e_phone_support=true" >> ${GITHUB_OUTPUT} elif [ "${IDENTITY_SCOPE}" == "EUID" ]; then echo "e2e_phone_support=false" >> ${GITHUB_OUTPUT} +else + echo "Arguments not supported: IDENTITY_SCOPE=${IDENTITY_SCOPE}" + exit 1 fi From 65bd2f24645167ea7552de52c275d2f2de29c90e Mon Sep 17 00:00:00 2001 From: Gian Miguel Del Mundo Date: Mon, 24 Mar 2025 18:55:27 +0800 Subject: [PATCH 04/18] Fixed arg name --- actions/run_e2e_tests/action.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/run_e2e_tests/action.yaml b/actions/run_e2e_tests/action.yaml index 659aa8d8..62922e63 100644 --- a/actions/run_e2e_tests/action.yaml +++ b/actions/run_e2e_tests/action.yaml @@ -72,7 +72,7 @@ runs: --env UID2_OPERATOR_E2E_CLIENT_API_SECRET_BEFORE_OPTOUT_CUTOFF='VT7+t0G/RVueMuVZAL56I2c3JJFSYQfhbu8yo0V/Tds=' \ --env UID2_OPERATOR_E2E_CLIENT_API_KEY_SHARING_RECIPIENT='UID2-C-L-1000-qxpBsF.ibeCDBpD2bq4Zm7inDacGioUk1aaLeNJrabow=' \ --env UID2_OPERATOR_E2E_CLIENT_API_SECRET_SHARING_RECIPIENT='VT7+t0G/RVueMuVZAL56I2c3JJFSYQfhbu8yo0V/Tds=' \ - --env UID2_OPERATOR_E2E_CLIENT_API_KEY_SHARING_NON_RECIPIENT='UID2-C-L-123-t32pCM.5NCX1E94UgOd2f8zhsKmxzCoyhXohHYSSWR8U=' \ + --env UID2_OPERATOR_E2E_CLIENT_API_KEY_NON_SHARING_RECIPIENT='UID2-C-L-123-t32pCM.5NCX1E94UgOd2f8zhsKmxzCoyhXohHYSSWR8U=' \ --env UID2_OPERATOR_E2E_CLIENT_API_SECRET_NON_SHARING_RECIPIENT='FsD4bvtjMkeTonx6HvQp6u0EiI1ApGH4pIZzZ5P7UcQ=' \ --env UID2_OPERATOR_E2E_CSTG_SUBSCRIPTION_ID='LBk2xJsgrS' \ --env UID2_OPERATOR_E2E_CSTG_SERVER_PUBLIC_KEY='UID2-X-L-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWyCP9O/6ppffj8f5PUWsEhAoMNdTBnpnkiOPZBkVnLkxOyTjPsKzf5J3ApPHzutAGNGgKAzFc6TuCfo+BWsZtQ==' \ From 9aea400435f62f14adaa2a5e945a6de0e3b83b72 Mon Sep 17 00:00:00 2001 From: Gian Miguel Del Mundo Date: Mon, 24 Mar 2025 19:07:40 +0800 Subject: [PATCH 05/18] Fixed run E2E tests input --- .github/workflows/shared-run-e2e-tests.yaml | 3 +++ actions/run_e2e_tests/action.yaml | 8 ++++---- scripts/decide_e2e_env.sh | 3 +++ 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/.github/workflows/shared-run-e2e-tests.yaml b/.github/workflows/shared-run-e2e-tests.yaml index 51d9be28..2a077f93 100644 --- a/.github/workflows/shared-run-e2e-tests.yaml +++ b/.github/workflows/shared-run-e2e-tests.yaml @@ -292,6 +292,9 @@ jobs: with: e2e_network: ${{ steps.decide_env_var.outputs.e2e_network }} e2e_image_version: ${{ inputs.e2e_image_version }} + e2e_suites: ${{ steps.decide_env_var.outputs.e2e_suites }} + e2e_args_json: ${{ steps.decide_env_var.outputs.e2e_args_json }} + e2e_env: ${{ steps.decide_env_var.outputs.e2e_env }} e2e_identity_scope: ${{ inputs.identity_scope }} e2e_phone_support: ${{ steps.decide_env_var.outputs.e2e_phone_support }} uid2_core_e2e_core_url: ${{ steps.decide_env_var.outputs.uid2_core_e2e_core_url }} diff --git a/actions/run_e2e_tests/action.yaml b/actions/run_e2e_tests/action.yaml index 62922e63..49ff8eb6 100644 --- a/actions/run_e2e_tests/action.yaml +++ b/actions/run_e2e_tests/action.yaml @@ -10,13 +10,13 @@ inputs: default: latest e2e_suites: description: Environment variable to run the E2E test - default: E2ECoreTestSuite,E2EPrivateOperatorTestSuite - e2e_env: - description: Environment variable to run the E2E test - default: github-test-pipeline-local + default: E2ECoreTestSuite,E2EPublicOperatorTestSuite e2e_args_json: description: Environment variable to run the E2E test default: '' + e2e_env: + description: Environment variable to run the E2E test + default: github-test-pipeline-local e2e_identity_scope: description: Environment variable to run the E2E test default: UID2 diff --git a/scripts/decide_e2e_env.sh b/scripts/decide_e2e_env.sh index 1b1070ec..e11a657c 100644 --- a/scripts/decide_e2e_env.sh +++ b/scripts/decide_e2e_env.sh @@ -74,6 +74,9 @@ else elif [ "${OPERATOR_TYPE}" == "aks" ]; then echo "uid2_pipeline_e2e_operator_url=${AKS_OPERATOR_URL}" >> ${GITHUB_OUTPUT} echo "uid2_pipeline_e2e_operator_cloud_provider=AZURE" >> ${GITHUB_OUTPUT} + else + echo "Arguments not supported: OPERATOR_TYPE=${OPERATOR_TYPE}" + exit 1 fi fi From 3517f823bc87b248f764ed02903db260af5604f1 Mon Sep 17 00:00:00 2001 From: Gian Miguel Del Mundo Date: Mon, 24 Mar 2025 20:02:46 +0800 Subject: [PATCH 06/18] Fixed operator key retrieval --- .github/workflows/shared-run-e2e-tests.yaml | 7 ------- scripts/get_operator_key.sh | 16 +++++++--------- 2 files changed, 7 insertions(+), 16 deletions(-) diff --git a/.github/workflows/shared-run-e2e-tests.yaml b/.github/workflows/shared-run-e2e-tests.yaml index 2a077f93..7c211591 100644 --- a/.github/workflows/shared-run-e2e-tests.yaml +++ b/.github/workflows/shared-run-e2e-tests.yaml @@ -88,13 +88,6 @@ env: E2E_EUID_PROD_ARGS_JSON: ${{ secrets.E2E_EUID_PROD_ARGS_JSON }} E2E_EUID_PROD_PRIVATE_OPERATOR_API_KEY: ${{ secrets.E2E_EUID_PROD_PRIVATE_OPERATOR_API_KEY }} - E2E_UID2_INTEG_GCP_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_INTEG_GCP_OPERATOR_API_KEY }} - E2E_UID2_INTEG_AWS_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_INTEG_AWS_OPERATOR_API_KEY }} - E2E_UID2_PROD_GCP_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_PROD_GCP_OPERATOR_API_KEY }} - E2E_UID2_PROD_AWS_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_PROD_AWS_OPERATOR_API_KEY }} - E2E_EUID_INTEG_AWS_OPERATOR_API_KEY: ${{ secrets.E2E_EUID_INTEG_AWS_OPERATOR_API_KEY }} - E2E_EUID_PROD_AWS_OPERATOR_API_KEY: ${{ secrets.E2E_EUID_PROD_AWS_OPERATOR_API_KEY }} - jobs: e2e-test: name: E2E Test diff --git a/scripts/get_operator_key.sh b/scripts/get_operator_key.sh index 910f739d..cc490ea6 100644 --- a/scripts/get_operator_key.sh +++ b/scripts/get_operator_key.sh @@ -24,16 +24,14 @@ if [ "${TARGET_ENVIRONMENT}" == "mock" ]; then OPERATOR_KEY=$(jq -r '.[] | select(.protocol=="'${ENCLAVE_PROTOCOL}'") | .key' ${OPERATOR_FILE}) elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ]; then OPERATOR_KEY=${E2E_UID2_INTEG_PRIVATE_OPERATOR_API_KEY} -elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${ENCLAVE_PROTOCOL}" == "gcp-oidc" ]; then - OPERATOR_KEY=${E2E_UID2_PROD_GCP_OPERATOR_API_KEY} -elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${ENCLAVE_PROTOCOL}" == "aws-nitro" ]; then - OPERATOR_KEY=${E2E_UID2_PROD_AWS_OPERATOR_API_KEY} -elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${ENCLAVE_PROTOCOL}" == "aws-nitro" ]; then - OPERATOR_KEY=${E2E_EUID_INTEG_AWS_OPERATOR_API_KEY} -elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${ENCLAVE_PROTOCOL}" == "aws-nitro" ]; then - OPERATOR_KEY=${E2E_EUID_PROD_AWS_OPERATOR_API_KEY} +elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ]; then + OPERATOR_KEY=${E2E_UID2_PROD_PRIVATE_OPERATOR_API_KEY} +elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ]; then + OPERATOR_KEY=${E2E_EUID_INTEG_PRIVATE_OPERATOR_API_KEY} +elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ]; then + OPERATOR_KEY=${E2E_EUID_PROD_PRIVATE_OPERATOR_API_KEY} else - echo "Arguments not supported: IDENTITY_SCOPE=${IDENTITY_SCOPE}, TARGET_ENVIRONMENT=${TARGET_ENVIRONMENT}, ENCLAVE_PROTOCOL=${ENCLAVE_PROTOCOL}" + echo "Arguments not supported: IDENTITY_SCOPE=${IDENTITY_SCOPE}, TARGET_ENVIRONMENT=${TARGET_ENVIRONMENT}" exit 1 fi From 5a99d458d058d63e7bb9b238d1b9d080e035a633 Mon Sep 17 00:00:00 2001 From: Gian Miguel Del Mundo Date: Tue, 25 Mar 2025 11:12:14 +0800 Subject: [PATCH 07/18] Updated env vars --- .github/workflows/shared-run-e2e-tests.yaml | 20 ++++++++++------- scripts/decide_e2e_env.sh | 24 ++++++++++++--------- scripts/get_operator_key.sh | 22 +++++++++++-------- 3 files changed, 39 insertions(+), 27 deletions(-) diff --git a/.github/workflows/shared-run-e2e-tests.yaml b/.github/workflows/shared-run-e2e-tests.yaml index 7c211591..b5a77816 100644 --- a/.github/workflows/shared-run-e2e-tests.yaml +++ b/.github/workflows/shared-run-e2e-tests.yaml @@ -76,17 +76,21 @@ on: env: REGISTRY: ghcr.io - E2E_UID2_INTEG_ARGS_JSON: ${{ secrets.E2E_UID2_INTEG_ARGS_JSON }} - E2E_UID2_INTEG_PRIVATE_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_INTEG_PRIVATE_OPERATOR_API_KEY }} + E2E_UID2_INTEG_GCP_ARGS_JSON: ${{ secrets.E2E_UID2_INTEG_GCP_ARGS_JSON }} + E2E_UID2_INTEG_AWS_ARGS_JSON: ${{ secrets.E2E_UID2_INTEG_AWS_ARGS_JSON }} + E2E_UID2_INTEG_GCP_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_INTEG_GCP_OPERATOR_API_KEY }} + E2E_UID2_INTEG_AWS_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_INTEG_AWS_OPERATOR_API_KEY }} - E2E_UID2_PROD_ARGS_JSON: ${{ secrets.E2E_UID2_PROD_ARGS_JSON }} - E2E_UID2_PROD_PRIVATE_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_PROD_PRIVATE_OPERATOR_API_KEY }} + E2E_UID2_PROD_GCP_ARGS_JSON: ${{ secrets.E2E_UID2_PROD_GCP_ARGS_JSON }} + E2E_UID2_PROD_AWS_ARGS_JSON: ${{ secrets.E2E_UID2_PROD_AWS_ARGS_JSON }} + E2E_UID2_PROD_GCP_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_PROD_GCP_OPERATOR_API_KEY }} + E2E_UID2_PROD_AWS_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_PROD_AWS_OPERATOR_API_KEY }} - E2E_EUID_INTEG_ARGS_JSON: ${{ secrets.E2E_EUID_INTEG_ARGS_JSON }} - E2E_EUID_INTEG_PRIVATE_OPERATOR_API_KEY: ${{ secrets.E2E_EUID_INTEG_PRIVATE_OPERATOR_API_KEY }} + E2E_EUID_INTEG_AWS_ARGS_JSON: ${{ secrets.E2E_EUID_INTEG_AWS_ARGS_JSON }} + E2E_EUID_INTEG_AWS_OPERATOR_API_KEY: ${{ secrets.E2E_EUID_INTEG_AWS_OPERATOR_API_KEY }} - E2E_EUID_PROD_ARGS_JSON: ${{ secrets.E2E_EUID_PROD_ARGS_JSON }} - E2E_EUID_PROD_PRIVATE_OPERATOR_API_KEY: ${{ secrets.E2E_EUID_PROD_PRIVATE_OPERATOR_API_KEY }} + E2E_EUID_PROD_AWS_ARGS_JSON: ${{ secrets.E2E_EUID_PROD_AWS_ARGS_JSON }} + E2E_EUID_PROD_AWS_OPERATOR_API_KEY: ${{ secrets.E2E_EUID_PROD_AWS_OPERATOR_API_KEY }} jobs: e2e-test: diff --git a/scripts/decide_e2e_env.sh b/scripts/decide_e2e_env.sh index e11a657c..109146ed 100644 --- a/scripts/decide_e2e_env.sh +++ b/scripts/decide_e2e_env.sh @@ -48,17 +48,21 @@ else echo "e2e_suites=E2EPrivateOperatorTestSuite" >> ${GITHUB_OUTPUT} echo "e2e_env=github-test-pipeline" >> ${GITHUB_OUTPUT} - if [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ]; then - echo "e2e_args_json=${E2E_UID2_INTEG_ARGS_JSON}" >> ${GITHUB_OUTPUT} - elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ]; then - echo "e2e_args_json=${E2E_UID2_PROD_ARGS_JSON}" >> ${GITHUB_OUTPUT} - elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ]; then - echo "e2e_args_json=${E2E_EUID_INTEG_ARGS_JSON}" >> ${GITHUB_OUTPUT} - elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ]; then - echo "e2e_args_json=${E2E_EUID_PROD_ARGS_JSON}" >> ${GITHUB_OUTPUT} + if [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${ENCLAVE_PROTOCOL}" == "gcp-oidc" ]; then + echo "e2e_args_json=${E2E_UID2_INTEG_GCP_ARGS_JSON}" >> ${GITHUB_OUTPUT} + elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${ENCLAVE_PROTOCOL}" == "aws-nitro" ]; then + echo "e2e_args_json=${E2E_UID2_INTEG_AWS_ARGS_JSON}" >> ${GITHUB_OUTPUT} + elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${ENCLAVE_PROTOCOL}" == "gcp-oidc" ]; then + echo "e2e_args_json=${E2E_UID2_PROD_GCP_ARGS_JSON}" >> ${GITHUB_OUTPUT} + elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${ENCLAVE_PROTOCOL}" == "aws-nitro" ]; then + echo "e2e_args_json=${E2E_UID2_PROD_AWS_ARGS_JSON}" >> ${GITHUB_OUTPUT} + elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${ENCLAVE_PROTOCOL}" == "aws-nitro" ]; then + echo "e2e_args_json=${E2E_EUID_INTEG_AWS_ARGS_JSON}" >> ${GITHUB_OUTPUT} + elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${ENCLAVE_PROTOCOL}" == "aws-nitro" ]; then + echo "e2e_args_json=${E2E_EUID_PROD_AWS_ARGS_JSON}" >> ${GITHUB_OUTPUT} else - echo "Arguments not supported: IDENTITY_SCOPE=${IDENTITY_SCOPE}, TARGET_ENVIRONMENT=${TARGET_ENVIRONMENT}" - exit 1 + echo "Arguments not supported: IDENTITY_SCOPE=${IDENTITY_SCOPE}, TARGET_ENVIRONMENT=${TARGET_ENVIRONMENT}, ENCLAVE_PROTOCOL=${ENCLAVE_PROTOCOL}" + exit 1 fi fi diff --git a/scripts/get_operator_key.sh b/scripts/get_operator_key.sh index cc490ea6..e27aa2e2 100644 --- a/scripts/get_operator_key.sh +++ b/scripts/get_operator_key.sh @@ -22,16 +22,20 @@ if [ "${TARGET_ENVIRONMENT}" == "mock" ]; then OPERATOR_FILE="${ROOT}/operators/operators.json" OPERATOR_KEY=$(jq -r '.[] | select(.protocol=="'${ENCLAVE_PROTOCOL}'") | .key' ${OPERATOR_FILE}) -elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ]; then - OPERATOR_KEY=${E2E_UID2_INTEG_PRIVATE_OPERATOR_API_KEY} -elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ]; then - OPERATOR_KEY=${E2E_UID2_PROD_PRIVATE_OPERATOR_API_KEY} -elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ]; then - OPERATOR_KEY=${E2E_EUID_INTEG_PRIVATE_OPERATOR_API_KEY} -elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ]; then - OPERATOR_KEY=${E2E_EUID_PROD_PRIVATE_OPERATOR_API_KEY} +elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${ENCLAVE_PROTOCOL}" == "gcp-oidc" ]; then + OPERATOR_KEY=${E2E_UID2_INTEG_GCP_OPERATOR_API_KEY} +elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${ENCLAVE_PROTOCOL}" == "aws-nitro" ]; then + OPERATOR_KEY=${E2E_UID2_INTEG_AWS_OPERATOR_API_KEY} +elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${ENCLAVE_PROTOCOL}" == "gcp-oidc" ]; then + OPERATOR_KEY=${E2E_UID2_PROD_GCP_OPERATOR_API_KEY} +elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${ENCLAVE_PROTOCOL}" == "aws-nitro" ]; then + OPERATOR_KEY=${E2E_UID2_PROD_AWS_OPERATOR_API_KEY} +elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${ENCLAVE_PROTOCOL}" == "aws-nitro" ]; then + OPERATOR_KEY=${E2E_EUID_INTEG_AWS_OPERATOR_API_KEY} +elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${ENCLAVE_PROTOCOL}" == "aws-nitro" ]; then + OPERATOR_KEY=${E2E_EUID_PROD_AWS_OPERATOR_API_KEY} else - echo "Arguments not supported: IDENTITY_SCOPE=${IDENTITY_SCOPE}, TARGET_ENVIRONMENT=${TARGET_ENVIRONMENT}" + echo "Arguments not supported: IDENTITY_SCOPE=${IDENTITY_SCOPE}, TARGET_ENVIRONMENT=${TARGET_ENVIRONMENT}, ENCLAVE_PROTOCOL=${ENCLAVE_PROTOCOL}" exit 1 fi From 54818620a55e1d96a12689726e0e68fc3c6cbfff Mon Sep 17 00:00:00 2001 From: Gian Miguel Del Mundo Date: Tue, 25 Mar 2025 11:26:06 +0800 Subject: [PATCH 08/18] Fixed fetching ARGS_JSON --- scripts/decide_e2e_env.sh | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/scripts/decide_e2e_env.sh b/scripts/decide_e2e_env.sh index 109146ed..af7d6db4 100644 --- a/scripts/decide_e2e_env.sh +++ b/scripts/decide_e2e_env.sh @@ -48,20 +48,20 @@ else echo "e2e_suites=E2EPrivateOperatorTestSuite" >> ${GITHUB_OUTPUT} echo "e2e_env=github-test-pipeline" >> ${GITHUB_OUTPUT} - if [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${ENCLAVE_PROTOCOL}" == "gcp-oidc" ]; then + if [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${OPERATOR_TYPE}" == "gcp" ]; then echo "e2e_args_json=${E2E_UID2_INTEG_GCP_ARGS_JSON}" >> ${GITHUB_OUTPUT} - elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${ENCLAVE_PROTOCOL}" == "aws-nitro" ]; then + elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${OPERATOR_TYPE}" == "aws" ]; then echo "e2e_args_json=${E2E_UID2_INTEG_AWS_ARGS_JSON}" >> ${GITHUB_OUTPUT} - elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${ENCLAVE_PROTOCOL}" == "gcp-oidc" ]; then + elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${OPERATOR_TYPE}" == "gcp" ]; then echo "e2e_args_json=${E2E_UID2_PROD_GCP_ARGS_JSON}" >> ${GITHUB_OUTPUT} - elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${ENCLAVE_PROTOCOL}" == "aws-nitro" ]; then + elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${OPERATOR_TYPE}" == "aws" ]; then echo "e2e_args_json=${E2E_UID2_PROD_AWS_ARGS_JSON}" >> ${GITHUB_OUTPUT} - elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${ENCLAVE_PROTOCOL}" == "aws-nitro" ]; then + elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${OPERATOR_TYPE}" == "aws" ]; then echo "e2e_args_json=${E2E_EUID_INTEG_AWS_ARGS_JSON}" >> ${GITHUB_OUTPUT} - elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${ENCLAVE_PROTOCOL}" == "aws-nitro" ]; then + elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${OPERATOR_TYPE}" == "aws" ]; then echo "e2e_args_json=${E2E_EUID_PROD_AWS_ARGS_JSON}" >> ${GITHUB_OUTPUT} else - echo "Arguments not supported: IDENTITY_SCOPE=${IDENTITY_SCOPE}, TARGET_ENVIRONMENT=${TARGET_ENVIRONMENT}, ENCLAVE_PROTOCOL=${ENCLAVE_PROTOCOL}" + echo "Arguments not supported: IDENTITY_SCOPE=${IDENTITY_SCOPE}, TARGET_ENVIRONMENT=${TARGET_ENVIRONMENT}, OPERATOR_TYPE=${OPERATOR_TYPE}" exit 1 fi fi From d2cdb5747e527e2859ffc6afe9193f51495b84c9 Mon Sep 17 00:00:00 2001 From: Gian Miguel Del Mundo Date: Tue, 25 Mar 2025 12:04:42 +0800 Subject: [PATCH 09/18] Added manual operator shutdown step --- .github/workflows/shared-run-e2e-tests.yaml | 40 +++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/.github/workflows/shared-run-e2e-tests.yaml b/.github/workflows/shared-run-e2e-tests.yaml index b5a77816..939f4a7c 100644 --- a/.github/workflows/shared-run-e2e-tests.yaml +++ b/.github/workflows/shared-run-e2e-tests.yaml @@ -100,6 +100,10 @@ jobs: contents: write packages: read id-token: write + outputs: + gcp_instance_name: ${{ steps.start_gcp_private_operator.outputs.gcp_instance_name }} + azure_container_group_name: ${{ steps.start_azure_private_operator.outputs.azure_container_group_name }} + aws_stack_name: ${{ steps.start_aws_private_operator.outputs.aws_stack_name }} steps: - name: Log in to the Docker container registry uses: docker/login-action@v3 @@ -329,3 +333,39 @@ jobs: if: ${{ always() && inputs.operator_shutdown && inputs.operator_type == 'aks' }} run: | bash uid2-shared-actions/scripts/aks/stop_aks_enclave.sh + + e2e-test-cleanup: + name: E2E Test Cleanup + if: ${{ always() && !inputs.operator_shutdown && inputs.operator_type != 'public' }} + needs: [e2e-test] + runs-on: ubuntu-latest + environment: 'e2e-test-cleanup' + steps: + - name: Stop GCP private operator + if: ${{ inputs.operator_type == 'gcp' }} + env: + GCP_PROJECT: ${{ inputs.gcp_project }} + SERVICE_ACCOUNT: ${{ inputs.gcp_service_account }} + GCP_INSTANCE_NAME: ${{ needs.e2e-test.outputs.gcp_instance_name }} + run: | + bash uid2-shared-actions/scripts/gcp/stop_gcp_enclave.sh + + - name: Stop Azure private operator + if: ${{ inputs.operator_type == 'azure' }} + env: + AZURE_CONTAINER_GROUP_NAME: ${{ needs.e2e-test.outputs.azure_container_group_name }} + run: | + bash uid2-shared-actions/scripts/azure/stop_azure_enclave.sh + + - name: Stop AWS private operator + if: ${{ inputs.operator_type == 'aws' }} + env: + AWS_STACK_NAME: ${{ needs.e2e-test.outputs.aws_stack_name }} + AWS_REGION: ${{ inputs.aws_region }} + run: | + bash uid2-shared-actions/scripts/aws/stop_aws_enclave.sh + + - name: Stop AKS operator + if: ${{ inputs.operator_type == 'aks' }} + run: | + bash uid2-shared-actions/scripts/aks/stop_aks_enclave.sh From ca791d95b9758efc737800ac79b2b4549904497e Mon Sep 17 00:00:00 2001 From: Gian Miguel Del Mundo Date: Tue, 25 Mar 2025 14:16:56 +0800 Subject: [PATCH 10/18] Fixed missing files in e2e-test-cleanup job --- .github/workflows/shared-run-e2e-tests.yaml | 63 ++++++++++++--------- 1 file changed, 35 insertions(+), 28 deletions(-) diff --git a/.github/workflows/shared-run-e2e-tests.yaml b/.github/workflows/shared-run-e2e-tests.yaml index 939f4a7c..fa7aae69 100644 --- a/.github/workflows/shared-run-e2e-tests.yaml +++ b/.github/workflows/shared-run-e2e-tests.yaml @@ -341,31 +341,38 @@ jobs: runs-on: ubuntu-latest environment: 'e2e-test-cleanup' steps: - - name: Stop GCP private operator - if: ${{ inputs.operator_type == 'gcp' }} - env: - GCP_PROJECT: ${{ inputs.gcp_project }} - SERVICE_ACCOUNT: ${{ inputs.gcp_service_account }} - GCP_INSTANCE_NAME: ${{ needs.e2e-test.outputs.gcp_instance_name }} - run: | - bash uid2-shared-actions/scripts/gcp/stop_gcp_enclave.sh - - - name: Stop Azure private operator - if: ${{ inputs.operator_type == 'azure' }} - env: - AZURE_CONTAINER_GROUP_NAME: ${{ needs.e2e-test.outputs.azure_container_group_name }} - run: | - bash uid2-shared-actions/scripts/azure/stop_azure_enclave.sh - - - name: Stop AWS private operator - if: ${{ inputs.operator_type == 'aws' }} - env: - AWS_STACK_NAME: ${{ needs.e2e-test.outputs.aws_stack_name }} - AWS_REGION: ${{ inputs.aws_region }} - run: | - bash uid2-shared-actions/scripts/aws/stop_aws_enclave.sh - - - name: Stop AKS operator - if: ${{ inputs.operator_type == 'aks' }} - run: | - bash uid2-shared-actions/scripts/aks/stop_aks_enclave.sh + - name: Checkout uid2-shared-actions repo + uses: actions/checkout@v4 + with: + ref: gdm-UID2-5040-e2e + repository: IABTechLab/uid2-shared-actions + path: uid2-shared-actions + + - name: Stop GCP private operator + if: ${{ inputs.operator_type == 'gcp' }} + env: + GCP_PROJECT: ${{ inputs.gcp_project }} + SERVICE_ACCOUNT: ${{ inputs.gcp_service_account }} + GCP_INSTANCE_NAME: ${{ needs.e2e-test.outputs.gcp_instance_name }} + run: | + bash uid2-shared-actions/scripts/gcp/stop_gcp_enclave.sh + + - name: Stop Azure private operator + if: ${{ inputs.operator_type == 'azure' }} + env: + AZURE_CONTAINER_GROUP_NAME: ${{ needs.e2e-test.outputs.azure_container_group_name }} + run: | + bash uid2-shared-actions/scripts/azure/stop_azure_enclave.sh + + - name: Stop AWS private operator + if: ${{ inputs.operator_type == 'aws' }} + env: + AWS_STACK_NAME: ${{ needs.e2e-test.outputs.aws_stack_name }} + AWS_REGION: ${{ inputs.aws_region }} + run: | + bash uid2-shared-actions/scripts/aws/stop_aws_enclave.sh + + - name: Stop AKS operator + if: ${{ inputs.operator_type == 'aks' }} + run: | + bash uid2-shared-actions/scripts/aks/stop_aks_enclave.sh From 467ce645d5a34834e1bb08e7a040b7e227fbc070 Mon Sep 17 00:00:00 2001 From: Gian Miguel Del Mundo Date: Tue, 25 Mar 2025 16:00:07 +0800 Subject: [PATCH 11/18] Fixed stop AWS and GCP actions for delayed shutdown --- .github/workflows/shared-run-e2e-tests.yaml | 23 ++++----- actions/stop_aws_private_operator/action.yaml | 30 +++++++++++ actions/stop_gcp_private_operator/action.yaml | 51 +++++++++++++++++++ 3 files changed, 92 insertions(+), 12 deletions(-) create mode 100644 actions/stop_aws_private_operator/action.yaml create mode 100644 actions/stop_gcp_private_operator/action.yaml diff --git a/.github/workflows/shared-run-e2e-tests.yaml b/.github/workflows/shared-run-e2e-tests.yaml index fa7aae69..ccca31ec 100644 --- a/.github/workflows/shared-run-e2e-tests.yaml +++ b/.github/workflows/shared-run-e2e-tests.yaml @@ -64,7 +64,7 @@ on: type: string aws_region: - description: The AWS region [us-east-1, us-west-1, ca-central-1, eu-central-1] + description: The AWS region type: string aws_ami: description: The AWS AMI ID @@ -350,12 +350,12 @@ jobs: - name: Stop GCP private operator if: ${{ inputs.operator_type == 'gcp' }} - env: - GCP_PROJECT: ${{ inputs.gcp_project }} - SERVICE_ACCOUNT: ${{ inputs.gcp_service_account }} - GCP_INSTANCE_NAME: ${{ needs.e2e-test.outputs.gcp_instance_name }} - run: | - bash uid2-shared-actions/scripts/gcp/stop_gcp_enclave.sh + uses: IABTechLab/uid2-shared-actions/actions/stop_gcp_private_operator@gdm-UID2-5040-e2e + with: + gcp_project: ${{ inputs.gcp_project }} + gcp_service_account: ${{ inputs.gcp_service_account }} + gcp_workload_identity_provider_id: ${{ inputs.gcp_workload_identity_provider_id }} + gcp_instance_name: ${{ needs.e2e-test.outputs.gcp_instance_name }} - name: Stop Azure private operator if: ${{ inputs.operator_type == 'azure' }} @@ -366,11 +366,10 @@ jobs: - name: Stop AWS private operator if: ${{ inputs.operator_type == 'aws' }} - env: - AWS_STACK_NAME: ${{ needs.e2e-test.outputs.aws_stack_name }} - AWS_REGION: ${{ inputs.aws_region }} - run: | - bash uid2-shared-actions/scripts/aws/stop_aws_enclave.sh + uses: IABTechLab/uid2-shared-actions/actions/stop_aws_private_operator@gdm-UID2-5040-e2e + with: + aws_stack_name: ${{ needs.e2e-test.outputs.aws_stack_name }} + aws_region: ${{ inputs.aws_region }} - name: Stop AKS operator if: ${{ inputs.operator_type == 'aks' }} diff --git a/actions/stop_aws_private_operator/action.yaml b/actions/stop_aws_private_operator/action.yaml new file mode 100644 index 00000000..49d2b9be --- /dev/null +++ b/actions/stop_aws_private_operator/action.yaml @@ -0,0 +1,30 @@ +name: Stop AWS Private Operator +description: Spins down a AWS private operator + +inputs: + aws_stack_name: + description: The AWS instance name + required: true + aws_region: + description: The AWS region + required: true + +runs: + using: "composite" + + steps: + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-region: us-east-2 + role-to-assume: arn:aws:iam::072245134533:role/github-runner-for-uid2-operator + - run: aws sts get-caller-identity + shell: bash + + - name: Stop AWS private operator + shell: bash + env: + AWS_STACK_NAME: ${{ inputs.aws_stack_name }} + AWS_REGION: ${{ inputs.aws_region }} + run: | + bash uid2-shared-actions/scripts/aws/stop_aws_enclave.sh diff --git a/actions/stop_gcp_private_operator/action.yaml b/actions/stop_gcp_private_operator/action.yaml new file mode 100644 index 00000000..b75bbe17 --- /dev/null +++ b/actions/stop_gcp_private_operator/action.yaml @@ -0,0 +1,51 @@ +name: Stop GCP Private Operator +description: Spins down a GCP private operator + +inputs: + gcp_project: + description: The name of the GCP project + required: true + gcp_service_account: + description: The GCP service account + required: true + gcp_workload_identity_provider_id: + description: The GCP workload identity provider id + required: true + gcp_instance_name: + description: The GCP instance name + required: true + gcp_registry: + description: The GCP docker registry + default: us-docker.pkg.dev + +runs: + using: "composite" + + steps: + - name: Authenticate with Google Cloud + id: gcp_auth + uses: google-github-actions/auth@v2 + with: + token_format: access_token + workload_identity_provider: ${{ inputs.gcp_workload_identity_provider_id }} + service_account: ${{ inputs.gcp_service_account }} + access_token_lifetime: 1200s + + - name: Set up Cloud SDK + uses: google-github-actions/setup-gcloud@v2 + + - name: Log in to the GCP Registry + uses: docker/login-action@v3 + with: + registry: ${{ inputs.gcp_registry }} + username: oauth2accesstoken + password: ${{ steps.gcp_auth.outputs.access_token }} + + - name: Stop GCP private operator + shell: bash + env: + GCP_PROJECT: ${{ inputs.gcp_project }} + SERVICE_ACCOUNT: ${{ inputs.gcp_service_account }} + GCP_INSTANCE_NAME: ${{ inputs.gcp_instance_name }} + run: | + bash uid2-shared-actions/scripts/gcp/stop_gcp_enclave.sh From c044afb7bbe8900b5d4d2bcca45ce562af0eabcc Mon Sep 17 00:00:00 2001 From: Gian Miguel Del Mundo Date: Tue, 25 Mar 2025 16:02:56 +0800 Subject: [PATCH 12/18] Changed delay operator shutdown input --- .github/workflows/shared-run-e2e-tests.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/shared-run-e2e-tests.yaml b/.github/workflows/shared-run-e2e-tests.yaml index ccca31ec..bc98e9e9 100644 --- a/.github/workflows/shared-run-e2e-tests.yaml +++ b/.github/workflows/shared-run-e2e-tests.yaml @@ -14,7 +14,7 @@ on: description: The target environment [mock, integ, prod] type: string default: mock - operator_shutdown: + delay_operator_shutdown: description: If true, will automatically shut down operators after E2E tests. Defaults to true. type: boolean default: true @@ -306,7 +306,7 @@ jobs: uid2_pipeline_e2e_operator_cloud_provider: ${{ steps.decide_env_var.outputs.uid2_pipeline_e2e_operator_cloud_provider }} - name: Stop GCP private operator - if: ${{ always() && inputs.operator_shutdown && inputs.operator_type == 'gcp' }} + if: ${{ always() && !inputs.delay_operator_shutdown && inputs.operator_type == 'gcp' }} env: GCP_PROJECT: ${{ inputs.gcp_project }} SERVICE_ACCOUNT: ${{ inputs.gcp_service_account }} @@ -315,14 +315,14 @@ jobs: bash uid2-shared-actions/scripts/gcp/stop_gcp_enclave.sh - name: Stop Azure private operator - if: ${{ always() && inputs.operator_shutdown && inputs.operator_type == 'azure' }} + if: ${{ always() && !inputs.delay_operator_shutdown && inputs.operator_type == 'azure' }} env: AZURE_CONTAINER_GROUP_NAME: ${{ steps.start_azure_private_operator.outputs.azure_container_group_name }} run: | bash uid2-shared-actions/scripts/azure/stop_azure_enclave.sh - name: Stop AWS private operator - if: ${{ always() && inputs.operator_shutdown && inputs.operator_type == 'aws' }} + if: ${{ always() && !inputs.delay_operator_shutdown && inputs.operator_type == 'aws' }} env: AWS_STACK_NAME: ${{ steps.start_aws_private_operator.outputs.aws_stack_name }} AWS_REGION: ${{ inputs.aws_region }} @@ -330,13 +330,13 @@ jobs: bash uid2-shared-actions/scripts/aws/stop_aws_enclave.sh - name: Stop AKS operator - if: ${{ always() && inputs.operator_shutdown && inputs.operator_type == 'aks' }} + if: ${{ always() && !inputs.delay_operator_shutdown && inputs.operator_type == 'aks' }} run: | bash uid2-shared-actions/scripts/aks/stop_aks_enclave.sh e2e-test-cleanup: name: E2E Test Cleanup - if: ${{ always() && !inputs.operator_shutdown && inputs.operator_type != 'public' }} + if: ${{ always() && inputs.delay_operator_shutdown && inputs.operator_type != 'public' }} needs: [e2e-test] runs-on: ubuntu-latest environment: 'e2e-test-cleanup' From 9056fdc674e22b2ab4abfa5bfb11bba4bb1300da Mon Sep 17 00:00:00 2001 From: Gian Miguel Del Mundo Date: Tue, 25 Mar 2025 17:00:46 +0800 Subject: [PATCH 13/18] Updated job permissions --- .github/workflows/shared-run-e2e-tests.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/shared-run-e2e-tests.yaml b/.github/workflows/shared-run-e2e-tests.yaml index bc98e9e9..8d97bad2 100644 --- a/.github/workflows/shared-run-e2e-tests.yaml +++ b/.github/workflows/shared-run-e2e-tests.yaml @@ -340,6 +340,10 @@ jobs: needs: [e2e-test] runs-on: ubuntu-latest environment: 'e2e-test-cleanup' + permissions: + contents: write + packages: read + id-token: write steps: - name: Checkout uid2-shared-actions repo uses: actions/checkout@v4 From d46ec61f679047d45dc9bf97a511989a74c51452 Mon Sep 17 00:00:00 2001 From: Gian Miguel Del Mundo Date: Tue, 25 Mar 2025 17:19:06 +0800 Subject: [PATCH 14/18] Fixed stop Azure actions for delayed shutdown --- .github/workflows/shared-run-e2e-tests.yaml | 8 +++--- actions/stop_aws_private_operator/action.yaml | 2 +- .../stop_azure_private_operator/action.yaml | 27 +++++++++++++++++++ 3 files changed, 32 insertions(+), 5 deletions(-) create mode 100644 actions/stop_azure_private_operator/action.yaml diff --git a/.github/workflows/shared-run-e2e-tests.yaml b/.github/workflows/shared-run-e2e-tests.yaml index 8d97bad2..85c671c6 100644 --- a/.github/workflows/shared-run-e2e-tests.yaml +++ b/.github/workflows/shared-run-e2e-tests.yaml @@ -363,10 +363,10 @@ jobs: - name: Stop Azure private operator if: ${{ inputs.operator_type == 'azure' }} - env: - AZURE_CONTAINER_GROUP_NAME: ${{ needs.e2e-test.outputs.azure_container_group_name }} - run: | - bash uid2-shared-actions/scripts/azure/stop_azure_enclave.sh + uses: IABTechLab/uid2-shared-actions/actions/stop_azure_private_operator@gdm-UID2-5040-e2e + with: + azure_credentials: ${{ secrets.AZURE_CREDENTIALS }} + azure_container_group_name: ${{ needs.e2e-test.outputs.azure_container_group_name }} - name: Stop AWS private operator if: ${{ inputs.operator_type == 'aws' }} diff --git a/actions/stop_aws_private_operator/action.yaml b/actions/stop_aws_private_operator/action.yaml index 49d2b9be..e2ebf29d 100644 --- a/actions/stop_aws_private_operator/action.yaml +++ b/actions/stop_aws_private_operator/action.yaml @@ -1,5 +1,5 @@ name: Stop AWS Private Operator -description: Spins down a AWS private operator +description: Spins down an AWS private operator inputs: aws_stack_name: diff --git a/actions/stop_azure_private_operator/action.yaml b/actions/stop_azure_private_operator/action.yaml new file mode 100644 index 00000000..14f8c071 --- /dev/null +++ b/actions/stop_azure_private_operator/action.yaml @@ -0,0 +1,27 @@ +name: Stop Azure Private Operator +description: Spins down an Azure private operator + +inputs: + azure_credentials: + description: The Azure credentials + required: true + azure_container_group_name: + description: The Azure instance name + required: true + +runs: + using: "composite" + + steps: + - name: Log in to Azure + uses: azure/login@v2 + with: + creds: ${{ inputs.azure_credentials }} + enable-AzPSSession: true + + - name: Stop Azure private operator + shell: bash + env: + AZURE_CONTAINER_GROUP_NAME: ${{ inputs.azure_container_group_name }} + run: | + bash uid2-shared-actions/scripts/azure/stop_azure_enclave.sh From a42e083b3d2cc4801f4818a03b1261402b0f5088 Mon Sep 17 00:00:00 2001 From: Gian Miguel Del Mundo Date: Tue, 25 Mar 2025 17:21:01 +0800 Subject: [PATCH 15/18] Updated e2e-test-cleanup job name --- .github/workflows/shared-run-e2e-tests.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/shared-run-e2e-tests.yaml b/.github/workflows/shared-run-e2e-tests.yaml index 85c671c6..b4ee98ed 100644 --- a/.github/workflows/shared-run-e2e-tests.yaml +++ b/.github/workflows/shared-run-e2e-tests.yaml @@ -335,7 +335,7 @@ jobs: bash uid2-shared-actions/scripts/aks/stop_aks_enclave.sh e2e-test-cleanup: - name: E2E Test Cleanup + name: E2E Test Cleanup (Delayed Operator Shutdown) if: ${{ always() && inputs.delay_operator_shutdown && inputs.operator_type != 'public' }} needs: [e2e-test] runs-on: ubuntu-latest From 6970cefd04964b5966721b4fd81b35e6d77d79d1 Mon Sep 17 00:00:00 2001 From: Gian Miguel Del Mundo Date: Tue, 25 Mar 2025 17:36:26 +0800 Subject: [PATCH 16/18] Added Azure E2E args --- .github/workflows/shared-run-e2e-tests.yaml | 2 ++ scripts/decide_e2e_env.sh | 8 ++++++++ 2 files changed, 10 insertions(+) diff --git a/.github/workflows/shared-run-e2e-tests.yaml b/.github/workflows/shared-run-e2e-tests.yaml index b4ee98ed..2d5d264e 100644 --- a/.github/workflows/shared-run-e2e-tests.yaml +++ b/.github/workflows/shared-run-e2e-tests.yaml @@ -78,10 +78,12 @@ env: E2E_UID2_INTEG_GCP_ARGS_JSON: ${{ secrets.E2E_UID2_INTEG_GCP_ARGS_JSON }} E2E_UID2_INTEG_AWS_ARGS_JSON: ${{ secrets.E2E_UID2_INTEG_AWS_ARGS_JSON }} + E2E_UID2_INTEG_AZURE_ARGS_JSON: ${{ secrets.E2E_UID2_INTEG_AZURE_ARGS_JSON }} E2E_UID2_INTEG_GCP_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_INTEG_GCP_OPERATOR_API_KEY }} E2E_UID2_INTEG_AWS_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_INTEG_AWS_OPERATOR_API_KEY }} E2E_UID2_PROD_GCP_ARGS_JSON: ${{ secrets.E2E_UID2_PROD_GCP_ARGS_JSON }} + E2E_UID2_PROD_AZURE_ARGS_JSON: ${{ secrets.E2E_UID2_PROD_AZURE_ARGS_JSON }} E2E_UID2_PROD_AWS_ARGS_JSON: ${{ secrets.E2E_UID2_PROD_AWS_ARGS_JSON }} E2E_UID2_PROD_GCP_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_PROD_GCP_OPERATOR_API_KEY }} E2E_UID2_PROD_AWS_OPERATOR_API_KEY: ${{ secrets.E2E_UID2_PROD_AWS_OPERATOR_API_KEY }} diff --git a/scripts/decide_e2e_env.sh b/scripts/decide_e2e_env.sh index af7d6db4..1d05c21e 100644 --- a/scripts/decide_e2e_env.sh +++ b/scripts/decide_e2e_env.sh @@ -50,12 +50,20 @@ else if [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${OPERATOR_TYPE}" == "gcp" ]; then echo "e2e_args_json=${E2E_UID2_INTEG_GCP_ARGS_JSON}" >> ${GITHUB_OUTPUT} + elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${OPERATOR_TYPE}" == "azure" ]; then + echo "e2e_args_json=${E2E_UID2_INTEG_AZURE_ARGS_JSON}" >> ${GITHUB_OUTPUT} elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${OPERATOR_TYPE}" == "aws" ]; then echo "e2e_args_json=${E2E_UID2_INTEG_AWS_ARGS_JSON}" >> ${GITHUB_OUTPUT} + elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${OPERATOR_TYPE}" == "aks" ]; then + echo "e2e_args_json=${E2E_UID2_INTEG_AZURE_ARGS_JSON}" >> ${GITHUB_OUTPUT} elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${OPERATOR_TYPE}" == "gcp" ]; then echo "e2e_args_json=${E2E_UID2_PROD_GCP_ARGS_JSON}" >> ${GITHUB_OUTPUT} + elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${OPERATOR_TYPE}" == "azure" ]; then + echo "e2e_args_json=${E2E_UID2_PROD_AZURE_ARGS_JSON}" >> ${GITHUB_OUTPUT} elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${OPERATOR_TYPE}" == "aws" ]; then echo "e2e_args_json=${E2E_UID2_PROD_AWS_ARGS_JSON}" >> ${GITHUB_OUTPUT} + elif [ "${IDENTITY_SCOPE}" == "UID2" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${OPERATOR_TYPE}" == "aks" ]; then + echo "e2e_args_json=${E2E_UID2_PROD_AZURE_ARGS_JSON}" >> ${GITHUB_OUTPUT} elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "integ" ] && [ "${OPERATOR_TYPE}" == "aws" ]; then echo "e2e_args_json=${E2E_EUID_INTEG_AWS_ARGS_JSON}" >> ${GITHUB_OUTPUT} elif [ "${IDENTITY_SCOPE}" == "EUID" ] && [ "${TARGET_ENVIRONMENT}" == "prod" ] && [ "${OPERATOR_TYPE}" == "aws" ]; then From e90000aa9d6c00230c61e5c729cac143b862d996 Mon Sep 17 00:00:00 2001 From: Gian Miguel Del Mundo Date: Tue, 25 Mar 2025 17:39:33 +0800 Subject: [PATCH 17/18] Fixed stop AKS actions for delayed shutdown --- .github/workflows/shared-run-e2e-tests.yaml | 5 +++-- actions/stop_aks_private_operator/action.yaml | 22 +++++++++++++++++++ 2 files changed, 25 insertions(+), 2 deletions(-) create mode 100644 actions/stop_aks_private_operator/action.yaml diff --git a/.github/workflows/shared-run-e2e-tests.yaml b/.github/workflows/shared-run-e2e-tests.yaml index 2d5d264e..82905d6c 100644 --- a/.github/workflows/shared-run-e2e-tests.yaml +++ b/.github/workflows/shared-run-e2e-tests.yaml @@ -379,5 +379,6 @@ jobs: - name: Stop AKS operator if: ${{ inputs.operator_type == 'aks' }} - run: | - bash uid2-shared-actions/scripts/aks/stop_aks_enclave.sh + uses: IABTechLab/uid2-shared-actions/actions/stop_aks_private_operator@gdm-UID2-5040-e2e + with: + azure_credentials: ${{ secrets.AZURE_CREDENTIALS }} diff --git a/actions/stop_aks_private_operator/action.yaml b/actions/stop_aks_private_operator/action.yaml new file mode 100644 index 00000000..a41dcaae --- /dev/null +++ b/actions/stop_aks_private_operator/action.yaml @@ -0,0 +1,22 @@ +name: Stop AKS Private Operator +description: Spins down an AKS private operator + +inputs: + azure_credentials: + description: The Azure credentials + required: true + +runs: + using: "composite" + + steps: + - name: Log in to Azure + uses: azure/login@v2 + with: + creds: ${{ inputs.azure_credentials }} + enable-AzPSSession: true + + - name: Stop AKS private operator + shell: bash + run: | + bash uid2-shared-actions/scripts/aks/stop_aks_enclave.sh From f72088e31f5a4494b744f20c79ee3c56e32e8072 Mon Sep 17 00:00:00 2001 From: Gian Miguel Del Mundo Date: Tue, 25 Mar 2025 18:22:35 +0800 Subject: [PATCH 18/18] Reverted branch release version --- .github/workflows/shared-run-e2e-tests.yaml | 30 ++++++++++----------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/shared-run-e2e-tests.yaml b/.github/workflows/shared-run-e2e-tests.yaml index 82905d6c..02364942 100644 --- a/.github/workflows/shared-run-e2e-tests.yaml +++ b/.github/workflows/shared-run-e2e-tests.yaml @@ -148,7 +148,7 @@ jobs: - name: Checkout uid2-shared-actions repo uses: actions/checkout@v4 with: - ref: gdm-UID2-5040-e2e + ref: v3 repository: IABTechLab/uid2-shared-actions path: uid2-shared-actions @@ -177,7 +177,7 @@ jobs: - name: Prepare GCP metadata id: prepare_gcp_metadata if: ${{ inputs.operator_type == 'gcp' }} - uses: IABTechLab/uid2-shared-actions/actions/prepare_gcp_metadata@gdm-UID2-5040-e2e + uses: IABTechLab/uid2-shared-actions/actions/prepare_gcp_metadata@v3 with: operator_image_version: ${{ inputs.operator_image_version }} target_environment: ${{ inputs.target_environment }} @@ -187,7 +187,7 @@ jobs: - name: Prepare Azure metadata id: prepare_azure_metadata if: ${{ inputs.operator_type == 'azure' }} - uses: IABTechLab/uid2-shared-actions/actions/prepare_azure_metadata@gdm-UID2-5040-e2e + uses: IABTechLab/uid2-shared-actions/actions/prepare_azure_metadata@v3 with: operator_image_version: ${{ inputs.operator_image_version }} target_environment: ${{ inputs.target_environment }} @@ -195,7 +195,7 @@ jobs: - name: Prepare AWS metadata id: prepare_aws_metadata if: ${{ inputs.operator_type == 'aws' }} - uses: IABTechLab/uid2-shared-actions/actions/prepare_aws_metadata@gdm-UID2-5040-e2e + uses: IABTechLab/uid2-shared-actions/actions/prepare_aws_metadata@v3 with: identity_scope: ${{ inputs.identity_scope }} target_environment: ${{ inputs.target_environment }} @@ -204,7 +204,7 @@ jobs: - name: Prepare AKS metadata id: prepare_aks_metadata if: ${{ inputs.operator_type == 'aks' }} - uses: IABTechLab/uid2-shared-actions/actions/prepare_aks_metadata@gdm-UID2-5040-e2e + uses: IABTechLab/uid2-shared-actions/actions/prepare_aks_metadata@v3 with: operator_image_version: ${{ inputs.operator_image_version }} target_environment: ${{ inputs.target_environment }} @@ -230,7 +230,7 @@ jobs: - name: Start GCP private operator id: start_gcp_private_operator if: ${{ inputs.operator_type == 'gcp' }} - uses: IABTechLab/uid2-shared-actions/actions/start_gcp_private_operator@gdm-UID2-5040-e2e + uses: IABTechLab/uid2-shared-actions/actions/start_gcp_private_operator@v3 with: bore_url_core: ${{ steps.bore.outputs.bore_url_core }} bore_url_optout: ${{ steps.bore.outputs.bore_url_optout }} @@ -242,7 +242,7 @@ jobs: - name: Start Azure private operator id: start_azure_private_operator if: ${{ inputs.operator_type == 'azure' }} - uses: IABTechLab/uid2-shared-actions/actions/start_azure_private_operator@gdm-UID2-5040-e2e + uses: IABTechLab/uid2-shared-actions/actions/start_azure_private_operator@v3 with: bore_url_core: ${{ steps.bore.outputs.bore_url_core }} bore_url_optout: ${{ steps.bore.outputs.bore_url_optout }} @@ -254,7 +254,7 @@ jobs: - name: Start AWS private operator id: start_aws_private_operator if: ${{ inputs.operator_type == 'aws' }} - uses: IABTechLab/uid2-shared-actions/actions/start_aws_private_operator@gdm-UID2-5040-e2e + uses: IABTechLab/uid2-shared-actions/actions/start_aws_private_operator@v3 with: bore_url_core: ${{ steps.bore.outputs.bore_url_core }} bore_url_optout: ${{ steps.bore.outputs.bore_url_optout }} @@ -268,7 +268,7 @@ jobs: - name: Start AKS private operator id: start_aks_private_operator if: ${{ inputs.operator_type == 'aks' }} - uses: IABTechLab/uid2-shared-actions/actions/start_aks_private_operator@gdm-UID2-5040-e2e + uses: IABTechLab/uid2-shared-actions/actions/start_aks_private_operator@v3 with: template_file: ${{ steps.prepare_aks_metadata.outputs.template_file }} azure_credentials: ${{ secrets.AZURE_CREDENTIALS }} @@ -291,7 +291,7 @@ jobs: - name: Run E2E tests id: e2e - uses: IABTechLab/uid2-shared-actions/actions/run_e2e_tests@gdm-UID2-5040-e2e + uses: IABTechLab/uid2-shared-actions/actions/run_e2e_tests@v3 with: e2e_network: ${{ steps.decide_env_var.outputs.e2e_network }} e2e_image_version: ${{ inputs.e2e_image_version }} @@ -350,13 +350,13 @@ jobs: - name: Checkout uid2-shared-actions repo uses: actions/checkout@v4 with: - ref: gdm-UID2-5040-e2e + ref: v3 repository: IABTechLab/uid2-shared-actions path: uid2-shared-actions - name: Stop GCP private operator if: ${{ inputs.operator_type == 'gcp' }} - uses: IABTechLab/uid2-shared-actions/actions/stop_gcp_private_operator@gdm-UID2-5040-e2e + uses: IABTechLab/uid2-shared-actions/actions/stop_gcp_private_operator@v3 with: gcp_project: ${{ inputs.gcp_project }} gcp_service_account: ${{ inputs.gcp_service_account }} @@ -365,20 +365,20 @@ jobs: - name: Stop Azure private operator if: ${{ inputs.operator_type == 'azure' }} - uses: IABTechLab/uid2-shared-actions/actions/stop_azure_private_operator@gdm-UID2-5040-e2e + uses: IABTechLab/uid2-shared-actions/actions/stop_azure_private_operator@v3 with: azure_credentials: ${{ secrets.AZURE_CREDENTIALS }} azure_container_group_name: ${{ needs.e2e-test.outputs.azure_container_group_name }} - name: Stop AWS private operator if: ${{ inputs.operator_type == 'aws' }} - uses: IABTechLab/uid2-shared-actions/actions/stop_aws_private_operator@gdm-UID2-5040-e2e + uses: IABTechLab/uid2-shared-actions/actions/stop_aws_private_operator@v3 with: aws_stack_name: ${{ needs.e2e-test.outputs.aws_stack_name }} aws_region: ${{ inputs.aws_region }} - name: Stop AKS operator if: ${{ inputs.operator_type == 'aks' }} - uses: IABTechLab/uid2-shared-actions/actions/stop_aks_private_operator@gdm-UID2-5040-e2e + uses: IABTechLab/uid2-shared-actions/actions/stop_aks_private_operator@v3 with: azure_credentials: ${{ secrets.AZURE_CREDENTIALS }}