diff --git a/.github/workflows/cucumber-integration-test-DIL.yaml b/.github/workflows/cucumber-integration-test-DIL.yaml index b3469503b0..53a8375ab4 100644 --- a/.github/workflows/cucumber-integration-test-DIL.yaml +++ b/.github/workflows/cucumber-integration-test-DIL.yaml @@ -9,7 +9,32 @@ concurrency: cancel-in-progress: true jobs: + + check-config: + runs-on: ubuntu-latest + steps: + - name: Check if DIL_REGULAR_USER_API_KEY is defined + run: | + if [[ -z "${{ secrets.DIL_REGULAR_USER_API_KEY }}" ]]; then + echo "Error: Missing secret: Please configure DIL_REGULAR_USER_API_KEY." + exit 1 + fi + - name: Check if DIL_ADMIN_USER_API_KEY is defined + run: | + if [[ -z "${{ secrets.DIL_ADMIN_USER_API_KEY }}" ]]; then + echo "Error: Missing secret: Please configure DIL_ADMIN_USER_API_KEY." + exit 1 + fi + - name: Check if IRS_CUCUMBER_PUBLISH_TOKEN is defined + run: | + if [[ -z "${{ secrets.IRS_CUCUMBER_PUBLISH_TOKEN }}" ]]; then + echo "Error: Missing secret: Please configure IRS_CUCUMBER_PUBLISH_TOKEN." + exit 1 + fi + shell: bash + trigger-integration-test: + needs: check-config uses: ./.github/workflows/cucumber-integration-test.yaml secrets: regularUserApiKey: ${{ secrets.DIL_REGULAR_USER_API_KEY }} diff --git a/.github/workflows/cucumber-integration-test-INT.yaml b/.github/workflows/cucumber-integration-test-INT.yaml index 4e0ead9325..85ac6f3e04 100644 --- a/.github/workflows/cucumber-integration-test-INT.yaml +++ b/.github/workflows/cucumber-integration-test-INT.yaml @@ -9,7 +9,32 @@ concurrency: cancel-in-progress: true jobs: + + check-config: + runs-on: ubuntu-latest + steps: + - name: Check if INT_REGULAR_USER_API_KEY is defined + run: | + if [[ -z "${{ secrets.INT_REGULAR_USER_API_KEY }}" ]]; then + echo "Error: Missing secret: Please configure INT_REGULAR_USER_API_KEY." + exit 1 + fi + - name: Check if INT_ADMIN_USER_API_KEY is defined + run: | + if [[ -z "${{ secrets.INT_ADMIN_USER_API_KEY }}" ]]; then + echo "Error: Missing secret: Please configure INT_ADMIN_USER_API_KEY." + exit 1 + fi + - name: Check if IRS_CUCUMBER_PUBLISH_TOKEN is defined + run: | + if [[ -z "${{ secrets.IRS_CUCUMBER_PUBLISH_TOKEN }}" ]]; then + echo "Error: Missing secret: Please configure IRS_CUCUMBER_PUBLISH_TOKEN." + exit 1 + fi + shell: bash + trigger-integration-test: + needs: check-config uses: ./.github/workflows/cucumber-integration-test.yaml secrets: regularUserApiKey: ${{ secrets.INT_REGULAR_USER_API_KEY }} diff --git a/.github/workflows/cucumber-integration-test.yaml b/.github/workflows/cucumber-integration-test.yaml index 6e417a74fe..07c7953ea1 100644 --- a/.github/workflows/cucumber-integration-test.yaml +++ b/.github/workflows/cucumber-integration-test.yaml @@ -15,6 +15,7 @@ on: type: string jobs: + build: runs-on: ubuntu-latest @@ -40,9 +41,16 @@ jobs: ADMIN_USER_API_KEY: ${{ secrets.adminUserApiKey }} ISSUE_FILTER: ${{ inputs.executionFilter }} CUCUMBER_PUBLISH_TOKEN: ${{ secrets.cucumberPublishToken }} - # workaround replacement since injecting the token via environment variable does not work run: | - sed -i "s/CUCUMBER_TOKEN_IRS_PLACEHOLDER/${CUCUMBER_PUBLISH_TOKEN}/g" irs-cucumber-tests/src/test/java/org/eclipse/tractusx/irs/cucumber/RunCucumberTest.java + if [ -z "${{ secrets.cucumberPublishToken }}" ]; then + echo "Publish cucumber report disabled" + sed -i "s/PUBLISH_ENABLED_FLAG/false/g" irs-cucumber-tests/src/test/java/org/eclipse/tractusx/irs/cucumber/RunCucumberTest.java + else + echo "Publish cucumber report enabled" + sed -i "s/PUBLISH_ENABLED_FLAG/true/g" irs-cucumber-tests/src/test/java/org/eclipse/tractusx/irs/cucumber/RunCucumberTest.java + # workaround replacement since injecting the token via environment variable does not work + sed -i "s/CUCUMBER_TOKEN_IRS_PLACEHOLDER/${CUCUMBER_PUBLISH_TOKEN}/g" irs-cucumber-tests/src/test/java/org/eclipse/tractusx/irs/cucumber/RunCucumberTest.java + fi mvn clean verify -P cucumber -Dgroups="$ISSUE_FILTER" -pl irs-cucumber-tests -am --batch-mode 2> irs-cucumber-tests/report-banner.txt diff --git a/.github/workflows/int-setup-testdata.yml b/.github/workflows/int-setup-testdata.yml deleted file mode 100644 index c97771b16d..0000000000 --- a/.github/workflows/int-setup-testdata.yml +++ /dev/null @@ -1,84 +0,0 @@ -name: Integration testdata setup - -on: - workflow_dispatch: - inputs: - testfilePath: - description: 'Path to Testdata file on GitHub' - required: true - type: string - submodelUrls: - description: 'Space-separated list of Submodel server URLs' - required: true - type: string - aasUrl: - description: 'Digital twin registry URL' - required: true - type: string - edcUrls: - description: 'Space-separated list of Provider control plane URLs' - required: true - type: string - edcApiKey: - description: 'API-Key for the provider control plane' - required: true - type: string - esrUrl: - description: 'ESR endpoint Url' - required: false - type: string - -jobs: - build: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - - name: setup python - uses: actions/setup-python@v5 - with: - python-version: 3.8 #install the python needed - cache: 'pip' - - run: pip install -r local/testing/testdata/requirements.txt - - - name: Delete existing and setup new test data on provider EDC and Registry - if: ${{ github.event.inputs.esrUrl == '' }} - env: - TESTFILE_PATH: ${{ github.event.inputs.testfilePath }} - SUBMODEL_URLs: ${{ github.event.inputs.submodelUrls }} - AAS_URL: ${{ github.event.inputs.aasUrl }} - EDC_URLs: ${{ github.event.inputs.edcUrls }} - EDC_API_KEY: ${{ github.event.inputs.edcApiKey }} - run: | - python local/testing/testdata/reset-env.py \ - -a $AAS_URL \ - -edc $EDC_URLs \ - -k $EDC_API_KEY - python local/testing/testdata/transform-and-upload.py \ - -f $TESTFILE_PATH \ - -s $SUBMODEL_URLs \ - -a $AAS_URL \ - -edc $EDC_URLs \ - -k $EDC_API_KEY - - - name: Delete existing and setup new test data on provider EDC and Registry - if: ${{ github.event.inputs.esrUrl != '' }} - env: - TESTFILE_PATH: ${{ github.event.inputs.testfilePath }} - SUBMODEL_URLs: ${{ github.event.inputs.submodelUrls }} - AAS_URL: ${{ github.event.inputs.aasUrl }} - EDC_URLs: ${{ github.event.inputs.edcUrls }} - EDC_API_KEY: ${{ github.event.inputs.edcApiKey }} - ESR_URL: ${{ github.event.inputs.esrUrl }} - run: | - python local/testing/testdata/reset-env.py \ - -a $AAS_URL \ - -edc $EDC_URLs \ - -k $EDC_API_KEY - python local/testing/testdata/transform-and-upload.py \ - -f $TESTFILE_PATH \ - -s $SUBMODEL_URLs \ - -a $AAS_URL \ - -edc $EDC_URLs \ - -k $EDC_API_KEY - -e $ESR_URL diff --git a/.github/workflows/integration-test-DEV.yaml b/.github/workflows/integration-test-DEV.yaml index d2498bb84d..f314ec76b1 100644 --- a/.github/workflows/integration-test-DEV.yaml +++ b/.github/workflows/integration-test-DEV.yaml @@ -2,6 +2,11 @@ name: IRS DEV Cucumber Integration test execution on: workflow_dispatch: # Trigger manually + inputs: + executionFilter: + description: 'Execution filter' + required: false + default: '!Ignore & !INACTIVE & INTEGRATION_TEST & DEV' push: branches: - 'main' @@ -19,12 +24,40 @@ concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true + + + jobs: + + check-config: + runs-on: ubuntu-latest + steps: + - name: Check if DEV_REGULAR_USER_API_KEY is defined + run: | + if [[ -z "${{ secrets.DEV_REGULAR_USER_API_KEY }}" ]]; then + echo "Error: Missing secret: Please configure DEV_REGULAR_USER_API_KEY." + exit 1 + fi + - name: Check if DEV_ADMIN_USER_API_KEY is defined + run: | + if [[ -z "${{ secrets.DEV_ADMIN_USER_API_KEY }}" ]]; then + echo "Error: Missing secret: Please configure DEV_ADMIN_USER_API_KEY." + exit 1 + fi + - name: Check if IRS_CUCUMBER_PUBLISH_TOKEN is defined + run: | + if [[ -z "${{ secrets.IRS_CUCUMBER_PUBLISH_TOKEN }}" ]]; then + echo "Error: Missing secret: Please configure IRS_CUCUMBER_PUBLISH_TOKEN." + exit 1 + fi + shell: bash + trigger-integration-test: + needs: check-config uses: ./.github/workflows/cucumber-integration-test.yaml secrets: regularUserApiKey: ${{ secrets.DEV_REGULAR_USER_API_KEY }} adminUserApiKey: ${{ secrets.DEV_ADMIN_USER_API_KEY }} cucumberPublishToken: ${{ secrets.IRS_CUCUMBER_PUBLISH_TOKEN }} with: - executionFilter: "!Ignore & !INACTIVE & INTEGRATION_TEST & DEV" + executionFilter: ${{ github.event.inputs.executionFilter || '!Ignore & !INACTIVE & INTEGRATION_TEST & DEV' }} diff --git a/.github/workflows/irs-build.yml b/.github/workflows/irs-build.yml index 21cdfb8d3b..c726df7446 100644 --- a/.github/workflows/irs-build.yml +++ b/.github/workflows/irs-build.yml @@ -18,8 +18,20 @@ on: tags: - '**' - jobs: + init: + runs-on: ubuntu-latest + outputs: + image_namespace: tractusx + image_name: irs-api + docker_hub_user: ${{ secrets.DOCKER_HUB_USER }} + # In order to skip sonar if not configured + sonar_configured: ${{ secrets.SONAR_TOKEN != '' && secrets.SONAR_PROJECT_KEY != '' && secrets.SONAR_ORGANIZATION != '' }} + steps: + - run: | + echo "Preparing variables" + echo "sonar_configured: ${{ secrets.SONAR_TOKEN != '' && secrets.SONAR_PROJECT_KEY != '' && secrets.SONAR_ORGANIZATION != '' }}" + build: runs-on: ubuntu-latest steps: @@ -44,10 +56,12 @@ jobs: mvn clean verify --batch-mode analyze_with_Sonar: + needs: [init] # No need to run if we cannot use the sonar token if: >- - (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) && - github.actor != 'dependabot[bot]' + needs.init.outputs.sonar_configured == 'true' + && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) + && github.actor != 'dependabot[bot]' runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 @@ -85,6 +99,7 @@ jobs: -Dcheckstyle.skip -Dpmd.skip=true build_images: + needs: [init] strategy: matrix: image: @@ -115,66 +130,30 @@ jobs: echo VERSION=$VERSION echo "::set-output name=image_tag::$VERSION" - - name: Log in to registry - env: - DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }} - if: >- - env.DOCKER_HUB_USER == '' && - (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) && - github.actor != 'dependabot[bot]' - # This is where you will update the PAT to GITHUB_TOKEN - run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin - - - name: Push image (GHCR) - env: - DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }} - if: >- - env.DOCKER_HUB_USER == '' && - (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) && - github.actor != 'dependabot[bot]' - run: | - IMAGE_ID=ghcr.io/${{ github.repository_owner }}/${{ matrix.image }} - # Change all uppercase to lowercase - IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]') - echo IMAGE_ID=$IMAGE_ID - - docker tag ${{ matrix.image }} $IMAGE_ID:${{ steps.version.outputs.image_tag }} - docker push $IMAGE_ID:${{ steps.version.outputs.image_tag }} - - docker tag ${{ matrix.image }} $IMAGE_ID:$GITHUB_SHA - docker push $IMAGE_ID:$GITHUB_SHA - - name: Login to Docker Hub - env: - DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }} - if: env.DOCKER_HUB_USER != '' + if: needs.init.outputs.docker_hub_user != '' uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_HUB_USER }} password: ${{ secrets.DOCKER_HUB_TOKEN }} - name: Push image (DockerHub) - env: - DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }} - IMAGE_NAMESPACE: tractusx - IMAGE_NAME: irs-api - if: env.DOCKER_HUB_USER != '' + if: needs.init.outputs.docker_hub_user != '' && github.event_name != 'pull_request' run: | - docker tag ${{ matrix.image }} ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.image_tag }} - docker push ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.image_tag }} + docker tag ${{ matrix.image }} ${{ needs.init.outputs.image_namespace }}/${{ needs.init.outputs.image_name }}:${{ steps.version.outputs.image_tag }} + docker push ${{ needs.init.outputs.image_namespace }}/${{ needs.init.outputs.image_name }}:${{ steps.version.outputs.image_tag }} + + docker tag ${{ matrix.image }} $IMAGE_ID:$GITHUB_SHA + docker push $IMAGE_ID:$GITHUB_SHA # https://github.com/peter-evans/dockerhub-description - name: Update Docker Hub description - env: - DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }} - IMAGE_NAMESPACE: tractusx - IMAGE_NAME: irs-api - if: env.DOCKER_HUB_USER != '' && github.event_name != 'pull_request' + if: needs.init.outputs.docker_hub_user != '' && github.event_name != 'pull_request' uses: peter-evans/dockerhub-description@v4 with: username: ${{ secrets.DOCKER_HUB_USER }} password: ${{ secrets.DOCKER_HUB_TOKEN }} - repository: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} + repository: ${{ needs.init.outputs.image_namespace }}/${{ needs.init.outputs.image_name }} readme-filepath: ./DOCKER_NOTICE.md trigger-trivy-image-scan: @@ -183,3 +162,4 @@ jobs: needs: - build_images uses: ./.github/workflows/trivy-docker-hub-scan.yml + diff --git a/.github/workflows/irs-load-test.yaml b/.github/workflows/irs-load-test.yaml index 25fa75c633..8c3166c594 100644 --- a/.github/workflows/irs-load-test.yaml +++ b/.github/workflows/irs-load-test.yaml @@ -19,7 +19,32 @@ on: required: false jobs: + + check-config: + runs-on: ubuntu-latest + steps: + - name: Check if OAUTH2_CLIENT_TOKEN_URI is defined + run: | + if [[ -z "${{ secrets.OAUTH2_CLIENT_TOKEN_URI }}" ]]; then + echo "Error: Missing secret: Please configure OAUTH2_CLIENT_TOKEN_URI." + exit 1 + fi + - name: Check if OAUTH2_CLIENT_SECRET is defined + run: | + if [[ -z "${{ secrets.OAUTH2_CLIENT_SECRET }}" ]]; then + echo "Error: Missing secret: Please configure OAUTH2_CLIENT_SECRET." + exit 1 + fi + - name: Check if OAUTH2_CLIENT_ID is defined + run: | + if [[ -z "${{ secrets.OAUTH2_CLIENT_ID }}" ]]; then + echo "Error: Missing secret: Please configure OAUTH2_CLIENT_ID." + exit 1 + fi + shell: bash + gatling-test: + needs: check-config runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/owasp.yml b/.github/workflows/owasp.yml index 7fc31acbcf..6fb83925ab 100644 --- a/.github/workflows/owasp.yml +++ b/.github/workflows/owasp.yml @@ -1,6 +1,8 @@ name: "OWASP dependency scanner" on: + workflow_dispatch: # Additionally allow to trigger manually + push: branches: main paths-ignore: diff --git a/.github/workflows/int-test-automation.yml b/.github/workflows/smoketest.yml similarity index 97% rename from .github/workflows/int-test-automation.yml rename to .github/workflows/smoketest.yml index d9ac02bdff..e648281acb 100644 --- a/.github/workflows/int-test-automation.yml +++ b/.github/workflows/smoketest.yml @@ -1,4 +1,4 @@ -name: IRS integration tests +name: IRS smoke tests on: workflow_dispatch: diff --git a/TESTS.md b/TESTS.md index b7e9059acd..e19b86d9bc 100644 --- a/TESTS.md +++ b/TESTS.md @@ -47,7 +47,7 @@ Wiremock Tests and their corresponding utilities are marked by the suffix `Wirem ### Smoke Tests - The smoke test can be found under `irs-integration-tests/src/test/java/org/eclipse/tractusx/irs/smoketest/ItemGraphSmokeTest.java`. -- It is executed via the GitHub workflow [IRS integration tests](.github/workflows/int-test-automation.yml). +- It is executed via the GitHub workflow [IRS integration tests](.github/workflows/smoketest.yml). ### Regression Tests