From 56177290c5f355b0bd1e4bb8b4f80af5b8bf376d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9my=20Auricoste?= Date: Thu, 21 Dec 2023 11:43:41 +0100 Subject: [PATCH] fix: modification de l'action cypress pour lire les variables du vault (#947) * fix: modification de l'action cypress pour lire les variables du vault * fix: ajout command avec redirection des logs --- .bin/commands.sh | 4 ++++ .bin/scripts/set-cypress-env.sh | 28 ++++++++++++++++++++++++++++ .github/workflows/cypress.yml | 20 +++++++++++++++++++- .github/workflows/deploy_preview.yml | 2 ++ .github/workflows/release.yml | 2 ++ .talismanrc | 8 +++++++- 6 files changed, 62 insertions(+), 2 deletions(-) create mode 100755 .bin/scripts/set-cypress-env.sh diff --git a/.bin/commands.sh b/.bin/commands.sh index c6089277c7..c15c016996 100644 --- a/.bin/commands.sh +++ b/.bin/commands.sh @@ -19,6 +19,7 @@ function Help() { echo " seed:es Seed Elasticsearch with data" echo " deploy:log:encrypt Encrypt Github ansible logs" echo " deploy:log:dencrypt Decrypt Github ansible logs" + echo " cypress:set-env Create Cypress env file" echo echo } @@ -84,3 +85,6 @@ function deploy:log:decrypt() { "${SCRIPT_DIR}/deploy-log-decrypt.sh" "$@" } +function cypress:set-env() { + "${SCRIPT_DIR}/set-cypress-env.sh" "$@" +} diff --git a/.bin/scripts/set-cypress-env.sh b/.bin/scripts/set-cypress-env.sh new file mode 100755 index 0000000000..4bd053d469 --- /dev/null +++ b/.bin/scripts/set-cypress-env.sh @@ -0,0 +1,28 @@ +#!/usr/bin/env bash + +set -euo pipefail + +if [ -z "${1:-}" ]; then + read -p "Veuillez renseigner le type de plateforme (recette|preview): " PLATFORM +else + readonly PLATFORM="$1" + shift +fi + +if [[ -z "${ANSIBLE_VAULT_PASSWORD_FILE:-}" ]]; then + ansible_extra_opts+=("--vault-password-file" "${SCRIPT_DIR}/get-vault-password-client.sh") +else + echo "Récupération de la passphrase depuis l'environnement variable ANSIBLE_VAULT_PASSWORD_FILE" +fi + +readonly VAULT_FILE="${ROOT_DIR}/.infra/vault/vault.yml" +CYPRESS_ENV_FILE="${ROOT_DIR}/cypress.${PLATFORM}.env" + +function setCypressEnv() { + echo "writing Cypress env variables to $CYPRESS_ENV_FILE" + echo "" > $CYPRESS_ENV_FILE + ansible-vault view "${ansible_extra_opts[@]}" "$VAULT_FILE" | yq -o=shell '.vault' | grep -E "^CYPRESS_" >> $CYPRESS_ENV_FILE + ansible-vault view "${ansible_extra_opts[@]}" "$VAULT_FILE" | yq -o=shell ".vault.$PLATFORM" | grep -E "^CYPRESS_" >> $CYPRESS_ENV_FILE +} + +setCypressEnv 2> /tmp/setCypressEnv.log diff --git a/.github/workflows/cypress.yml b/.github/workflows/cypress.yml index c01a9db21c..d878eebd55 100644 --- a/.github/workflows/cypress.yml +++ b/.github/workflows/cypress.yml @@ -21,6 +21,10 @@ on: description: host name of the mailpit type: string required: true + environment: + description: platform type. Values are 'recette'|'preview' + type: string + required: true secrets: CODECOV_TOKEN: description: Code coverrage token @@ -28,6 +32,10 @@ on: SLACK_WEBHOOK: description: Webhook slack required: true + VAULT_PWD: + description: vault password + required: true + jobs: cypress: concurrency: @@ -63,8 +71,18 @@ jobs: - name: Install dependencies run: yarn install + - name: Create vault pwd file + run: echo ${{ secrets.VAULT_PWD }} > .infra/.vault_pwd.txt + + - name: Prepare env variables for cypress + run: .bin/mna-lba cypress:set-env ${{ inputs.environment }} + env: + ANSIBLE_VAULT_PASSWORD_FILE: .infra/.vault_pwd.txt + - name: Run cypress e2e tests - run: yarn e2e:headless --env ui=${{inputs.cypress_host}},server=${{inputs.cypress_host}},smtp=${{inputs.smtp_host}} + run: | + source cypress.${{ inputs.environment }}.env + yarn e2e:headless --env ui=${{inputs.cypress_host}},server=${{inputs.cypress_host}},smtp=${{inputs.smtp_host}} - name: Notify failure on Slack uses: ravsamhq/notify-slack-action@v2 diff --git a/.github/workflows/deploy_preview.yml b/.github/workflows/deploy_preview.yml index b5f5618077..577c36515c 100644 --- a/.github/workflows/deploy_preview.yml +++ b/.github/workflows/deploy_preview.yml @@ -166,6 +166,8 @@ jobs: with: cypress_host: "https://${{ github.event.issue.number }}.labonnealternance-preview.apprentissage.beta.gouv.fr" smtp_host: "https://smtp.labonnealternance-preview.apprentissage.beta.gouv.fr" + environment: preview secrets: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + VAULT_PWD: ${{ secrets.VAULT_PWD }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 018c1eb6ba..a7af09314b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -149,6 +149,8 @@ jobs: with: cypress_host: "https://labonnealternance-recette.apprentissage.beta.gouv.fr" smtp_host: "https://labonnealternance-recette.apprentissage.beta.gouv.fr/smtp" + environment: recette secrets: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + VAULT_PWD: ${{ secrets.VAULT_PWD }} diff --git a/.talismanrc b/.talismanrc index fe60acf841..84dcf6e0cd 100644 --- a/.talismanrc +++ b/.talismanrc @@ -3,10 +3,16 @@ fileignoreconfig: checksum: 49afe4f96fa13b38cf799d931085437d540b4c62eb05b2f15bc12cd3fb43268b - filename: .bin/scripts/seed-update.sh checksum: 707139e7844412ee81d2796abfb2dac00dd90a9a65eb3b5f2cdede7571e96ef2 +- filename: .bin/scripts/set-cypress-env.sh + checksum: 4463ed7c1d5b82a8b152248b953778f37771bfba72865ee0e8af3b61cf3c38da - filename: .bin/scripts/setup-local-env.sh checksum: 47323f5183f73a794449666a816d5b797c7a5ed4c7ad219c3c885a57e2fcf1e9 +- filename: .github/workflows/cypress.yml + checksum: 39f98fb68fdebf6a36959706adb43a8219a4b7781ac35329f957dc1cfa8b6de0 +- filename: .github/workflows/deploy_preview.yml + checksum: f54398af24ac144eafc27e69d18c78b1844e0a23b317bd79748ac6d3412ba0ef - filename: .github/workflows/release.yml - checksum: 872bbf42d5b8bd22f900fff9eb6e907abbbeec5ee70f988563c4b6bb315e3f3d + checksum: ffd104ff02d60abf3183694209c5191a0bb7479ce37d8243778275351b4d2228 - filename: .infra/env.ini checksum: 60d461050d64c0b87831d6918a8696a8dd2f69cd86b4e6d94b40c3b7b285c320 - filename: .infra/files/configs/mongodb/mongod.conf