fix: package.json & yarn.lock to reduce vulnerabilities #83
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Integration test | |
on: | |
push: | |
branches: | |
- '**' | |
jobs: | |
manifest_check: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/[email protected] | |
- uses: cachix/install-nix-action@v13 | |
with: | |
nix_path: nixpkgs=https://github.com/NixOS/nixpkgs/archive/8e4fe32876ca15e3d5eb3ecd3ca0b224417f5f17.tar.gz | |
- name: Install dependencies in environment | |
run: nix-env -if integration_test/default.nix | |
- name: Validate integration test manifest | |
run: kustomize build integration_test | kubeconform -strict -kubernetes-version 1.21.5 | |
integration_test: | |
timeout-minutes: 45 | |
needs: manifest_check | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: cachix/install-nix-action@v13 | |
with: | |
nix_path: nixpkgs=https://github.com/NixOS/nixpkgs/archive/8e4fe32876ca15e3d5eb3ecd3ca0b224417f5f17.tar.gz | |
- name: Install dependencies | |
run: nix-env -if integration_test/default.nix | |
- name: Install helm | |
run: sudo snap install helm --classic | |
- name: Start cluster | |
run: minikube start --driver=docker --kubernetes-version=v1.21.5 | |
- name: Install Mojaloop Charts | |
run: helm repo add mojaloop-charts http://docs.mojaloop.io/charts/repo | |
- name: Install BizOps Backend | |
run: helm upgrade --install backend mojaloop-charts/backend --devel -f integration_test/chart_values/backend.yaml | |
- name: Install BizOps Services | |
run: helm upgrade --install bof mojaloop-charts/bof --devel -f integration_test/chart_values/bof.yaml | |
- name: Deploy | |
run: skaffold run -p integration-test | |
- name: Wait for kube api server to process and create all resources | |
# This is because the wait step that follows this one does this: | |
# 1. retrieve list of pods | |
# 2. wait for list of pods | |
# Unfortunately, the list of pods might not be complete at step (1), as all pods may not yet | |
# be created, meaning the list of pods waited on in step (2) is not complete. We therefore | |
# wait some time here to allow that to finish before we retrieve the list of pods to wait on. | |
# 30s should be more than enough. | |
run: sleep 30s | |
- name: Wait for deployment readiness | |
# Skaffold is supposed to do this, but for whatever reason, does not. At the time of writing, | |
# investigating this was not a priority. | |
run: timeout 1500 kubectl wait --for=condition=Ready pod --all --timeout=1200s | |
- name: Migrate Keto | |
run: kubectl exec --namespace default $(kubectl get pod -l app.kubernetes.io/name=keto -o jsonpath="{.items[0].metadata.name}") -- sh -c "keto migrate up -y --all-namespaces --config /etc/config/keto.yaml" | |
- name: Port-forward the portal frontend ingress | |
run: kubectl port-forward -n ingress-nginx --address 0.0.0.0 svc/ingress-nginx-controller 3000:80 & | |
- name: Install test dependencies | |
working-directory: integration_test/tests | |
run: |- | |
npm ci | |
- name: Run tests | |
working-directory: integration_test/tests | |
run: |- | |
ROLE_MICROFRONTEND_ENDPOINT="http://localhost:3000" npm run test:headless | |
- name: Archive test report | |
if: ${{ always() }} | |
uses: actions/upload-artifact@v2 | |
with: | |
name: test-report | |
path: integration_test/tests/report.html | |
- name: Print docker containers to check any issues with the cluster | |
if: ${{ failure() }} | |
run: docker ps | |
- name: Print voodoo doll logs | |
if: ${{ always() }} | |
run: kubectl logs voodoo-doll | |
- name: Print resources | |
if: ${{ always() }} | |
run: kubectl get svc,deploy,sts,pv,pvc,configmap,job,pod -A | |
- name: Describe resources | |
if: ${{ always() }} | |
run: kubectl describe svc,deploy,sts,pv,pvc,configmap,job,pod -A | |
- name: Print secret values | |
if: ${{ always() }} | |
run: |- | |
kubectl get secrets -o json | jq -r '.items[] | { name: .metadata.name, data: .data | map_values(@base64d) }' |