Add GitHub workflow for integration tests

Signed-off-by: Mihaela Balutoiu <mbalutoiu@cloudbasesolutions.com>
2023-07-26 19:41:21 +03:00 · 2023-07-26 19:41:21 +03:00 · 6f69f942cf
commit 6f69f942cf
parent d373b1cfa3
4 changed files with 1230 additions and 0 deletions
--- a/.github/workflows/integration-tests.yml
+++ b/.github/workflows/integration-tests.yml
@ -0,0 +1,51 @@
+name: Integration Tests
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  integration-tests:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup Golang
+        uses: actions/setup-go@v3
+        with:
+          go-version-file: go.mod
+
+      - name: Setup LXD
+        uses: canonical/setup-lxd@v0.1.1
+
+      - name: Build GARM
+        run: make build
+
+      - name: Setup GARM
+        run: sudo --preserve-env ./test/integration/scripts/setup-garm.sh
+        env:
+          GH_OAUTH_TOKEN: ${{ secrets.GH_OAUTH_TOKEN }}
+          CREDENTIALS_NAME: test-garm-creds
+
+      - name: Run integration tests
+        run: go run ./test/integration/e2e.go
+        env:
+          GARM_BASE_URL: http://127.0.0.1:9997
+          GARM_USERNAME: admin
+          GARM_PASSWORD: ${{ secrets.GARM_ADMIN_PASSWORD }}
+          GARM_FULLNAME: Local GARM Admin
+          GARM_EMAIL: admin@example.com
+          GARM_NAME: local_garm
+          CREDENTIALS_NAME: test-garm-creds
+          REPO_WEBHOOK_SECRET: ${{ secrets.REPO_WEBHOOK_SECRET }}
+          ORG_WEBHOOK_SECRET: ${{ secrets.ORG_WEBHOOK_SECRET }}
+
+      - name: Show GARM logs
+        if: always()
+        run: |
+          sudo systemctl status garm
+          sudo journalctl -u garm --no-pager
--- a/test/integration/config/config.toml
+++ b/test/integration/config/config.toml
@ -0,0 +1,59 @@
+[default]
+callback_url = "http://${GARM_METADATA_IP}:9997/api/v1/callbacks/status"
+metadata_url = "http://${GARM_METADATA_IP}:9997/api/v1/metadata"
+
+[metrics]
+enable = true
+disable_auth = false
+
+[jwt_auth]
+secret = "${JWT_AUTH_SECRET}"
+time_to_live = "8760h"
+
+[apiserver]
+bind = "0.0.0.0"
+port = 9997
+use_tls = false
+
+[database]
+backend = "sqlite3"
+passphrase = "${DB_PASSPHRASE}"
+[database.sqlite3]
+  db_file = "/etc/garm/garm.db"
+
+[[provider]]
+name = "lxd_local"
+provider_type = "lxd"
+description = "Local LXD installation"
+[provider.lxd]
+  unix_socket_path = "/var/snap/lxd/common/lxd/unix.socket"
+  include_default_profile = false
+  instance_type = "container"
+  secure_boot = false
+  project_name = "default"
+  [provider.lxd.image_remotes]
+    [provider.lxd.image_remotes.ubuntu]
+        addr = "https://cloud-images.ubuntu.com/releases"
+        public = true
+        protocol = "simplestreams"
+        skip_verify = false
+    [provider.lxd.image_remotes.ubuntu_daily]
+        addr = "https://cloud-images.ubuntu.com/daily"
+        public = true
+        protocol = "simplestreams"
+        skip_verify = false
+    [provider.lxd.image_remotes.images]
+        addr = "https://images.linuxcontainers.org"
+        public = true
+        protocol = "simplestreams"
+        skip_verify = false
+
+[[github]]
+name = "${CREDENTIALS_NAME}"
+description = "GARM GitHub OAuth token"
+oauth2_token = "${GH_OAUTH_TOKEN}"
+
+[[github]]
+name = "${CREDENTIALS_NAME}-clone"
+description = "GARM GitHub OAuth token - clone"
+oauth2_token = "${GH_OAUTH_TOKEN}"
--- a/test/integration/e2e.go
+++ b/test/integration/e2e.go
--- a/test/integration/scripts/setup-garm.sh
+++ b/test/integration/scripts/setup-garm.sh
@ -0,0 +1,64 @@
+#!/usr/bin/env bash
+set -o errexit
+
+if [[ $EUID -ne 0 ]]; then
+    echo "ERROR: Please run $0 script as root"
+    exit 1
+fi
+
+DIR="$(dirname $0)"
+BINARIES_DIR="$DIR/../../../bin"
+CONTRIB_DIR="$DIR/../../../contrib"
+CONFIG_DIR="$DIR/../config"
+
+if [[ ! -f $BINARIES_DIR/garm ]] || [[ ! -f $BINARIES_DIR/garm-cli ]]; then
+    echo "ERROR: Please build GARM binaries first"
+    exit 1
+fi
+
+if [[ -z $GH_OAUTH_TOKEN ]]; then echo "ERROR: The env variable GH_OAUTH_TOKEN is not set"; exit 1; fi
+if [[ -z $CREDENTIALS_NAME ]]; then echo "ERROR: The env variable CREDENTIALS_NAME is not set"; exit 1; fi
+
+# Generate a random 32-char secret for JWT_AUTH_SECRET and DB_PASSPHRASE.
+function generate_secret() {
+    (tr -dc 'a-zA-Z0-9!@#$%^&*()_+?><~\`;' < /dev/urandom | head -c 32) 2>/dev/null
+}
+
+# Wait for a port to open at a given address.
+function wait_open_port() {
+    local ADDRESS="$1"
+    local PORT="$2"
+    local TIMEOUT=30
+    SECONDS=0
+    while true; do
+        if [[ $SECONDS -gt $TIMEOUT ]]; then
+            echo "ERROR: Port $PORT didn't open at $ADDRESS within $TIMEOUT seconds"
+            return 1
+        fi
+        nc -v -w 5 -z "$ADDRESS" "$PORT" &>/dev/null && break || sleep 1
+    done
+    echo "Port $PORT at address $ADDRESS is open"
+}
+
+# Use the LXD bridge IP address as the GARM metadata address.
+export GARM_METADATA_IP=$(lxc network ls -f json 2>/dev/null | jq -r '.[] | select(.name=="lxdbr0") | .config."ipv4.address"' | cut -d '/' -f1)
+
+export JWT_AUTH_SECRET="$(generate_secret)"
+export DB_PASSPHRASE="$(generate_secret)"
+
+# Group "adm" is the LXD daemon group as set by the "canonical/setup-lxd" GitHub action.
+useradd --shell /usr/bin/false --system --groups adm --no-create-home garm
+
+mkdir -p /etc/garm
+cat $CONFIG_DIR/config.toml | envsubst > /etc/garm/config.toml
+chown -R garm:garm /etc/garm
+
+mv $BINARIES_DIR/* /usr/local/bin/
+cp $CONTRIB_DIR/garm.service /etc/systemd/system/garm.service
+
+systemctl daemon-reload
+systemctl start garm
+
+wait_open_port 127.0.0.1 9997
+
+echo "GARM is up and running"