Skip to content
E2E Tests

E2E Tests #949

Sign in to view logs

E2E Tests

E2E Tests #949

Workflow file for this run

.github/workflows/e2e.yaml at 4e56944
name: E2E Tests
on:
schedule:
- cron: "0 5 * * *"
workflow_dispatch:
inputs:
debug_enabled:
type: boolean
description: "Run the build with tmate debugging enabled (https://github.com/marketplace/actions/debugging-with-tmate)"
required: false
default: false
target_ref:
type: string
description: "Target ref to run the tests against"
required: false
pull_request_target:
types:
- opened
- reopened
- synchronize
paths:
- "**.go"
- ".github/workflows/**"
- "test/testdata/**"
jobs:
e2e-tests:
# Run on schedule, unconditional workflow_dispatch,
# or pull_request_target if the actor has write/admin permissions.
if: >
github.event_name == 'schedule' ||
github.event_name == 'workflow_dispatch' ||
github.event_name == 'pull_request_target'
concurrency:
group: ${{ github.workflow }}-${{ matrix.provider }}-${{ github.event.pull_request.number || github.ref_name }}
cancel-in-progress: true
name: e2e tests
runs-on: ubuntu-latest
strategy:
matrix:
provider: [providers, gitea_others]
env:
KO_DOCKER_REPO: localhost:5000
CONTROLLER_DOMAIN_URL: controller.paac-127-0-0-1.nip.io
TEST_GITHUB_REPO_OWNER_GITHUBAPP: openshift-pipelines/pipelines-as-code-e2e-tests
KUBECONFIG: /home/runner/.kube/config.kind
TEST_BITBUCKET_CLOUD_API_URL: https://api.bitbucket.org/2.0
TEST_BITBUCKET_CLOUD_E2E_REPOSITORY: cboudjna/pac-e2e-tests
TEST_BITBUCKET_CLOUD_USER: cboudjna
TEST_EL_URL: http://controller.paac-127-0-0-1.nip.io
TEST_GITEA_API_URL: http://localhost:3000
TEST_GITEA_USERNAME: pac
TEST_GITEA_PASSWORD: pac
TEST_GITEA_REPO_OWNER: pac/pac
TEST_GITHUB_API_URL: api.github.com
TEST_GITHUB_REPO_OWNER_WEBHOOK: openshift-pipelines/pipelines-as-code-e2e-tests-webhook
TEST_GITHUB_PRIVATE_TASK_URL: https://github.com/openshift-pipelines/pipelines-as-code-e2e-tests-private/blob/main/remote_task.yaml
TEST_GITHUB_PRIVATE_TASK_NAME: task-remote
TEST_GITHUB_SECOND_API_URL: ghe.pipelinesascode.com
TEST_GITHUB_SECOND_EL_URL: http://ghe.paac-127-0-0-1.nip.io
TEST_GITHUB_SECOND_REPO_OWNER_GITHUBAPP: pipelines-as-code/e2e
TEST_GITHUB_SECOND_REPO_INSTALLATION_ID: 1
TEST_GITLAB_API_URL: https://gitlab.com
TEST_GITLAB_PROJECT_ID: ${{ vars.TEST_GITLAB_PROJECT_ID }}
TEST_BITBUCKET_SERVER_USER: pipelines
TEST_BITBUCKET_SERVER_E2E_REPOSITORY: PAC/pac-e2e-tests
steps:
- uses: actions/checkout@v5
with:
ref: ${{ inputs.target_ref || github.event.pull_request.head.sha || github.sha }}
# Step to check PR author's org membership and repo permissions.
# This step will fail the job if checks do not pass, skipping subsequent steps.
- name: Check user permissions on PRs
if: github.event_name == 'pull_request_target'
uses: actions/github-script@v8
with:
script: |
const actor = context.payload.pull_request.user.login;
const org = context.repo.owner;
// Allow a specific list of trusted bots to bypass the permission check.
const trustedBots = ['dependabot[bot]']; // Add any other trusted bot accounts here
if (trustedBots.includes(actor)) {
core.info(`User @${actor} is a trusted bot, allowing.`);
return;
}
try {
// Directly check the user's permission level on the repository.
// This covers both org members and external collaborators with sufficient access.
const response = await github.rest.repos.getCollaboratorPermissionLevel({
owner: org,
repo: context.repo.repo,
username: actor,
});
const permission = response.data.permission;
if (permission !== 'admin' && permission !== 'write') {
core.setFailed(`❌ User @${actor} has only '${permission}' repository permission. 'write' or 'admin' is required.`);
} else {
core.info(`✅ User @${actor} has '${permission}' repository permission. Proceeding.`);
}
} catch (error) {
core.setFailed(`Permission check failed for @${actor}. They are likely not a collaborator on the repository. Error: ${error.message}`);
}
- uses: actions/setup-go@v6
with:
go-version-file: "go.mod"
- uses: ko-build/setup-ko@v0.9
- name: Install gosmee
uses: jaxxstorm/action-install-gh-release@v2.1.0
with:
repo: chmouel/gosmee
- name: Install Snazy
uses: jaxxstorm/action-install-gh-release@v2.1.0
with:
repo: chmouel/snazy
- name: Run gosmee
run: |
nohup gosmee client --saveDir /tmp/gosmee-replay ${{ secrets.PYSMEE_URL }} "http://${CONTROLLER_DOMAIN_URL}" &
- name: Setup tmate session
uses: mxschmitt/action-tmate@v3
if: ${{ github.event_name == 'workflow_dispatch' && inputs.debug_enabled }}
with:
detached: true
limit-access-to-actor: true
- name: Start installing cluster
run: |
export PAC_DIR=${PWD}
export TEST_GITEA_SMEEURL="${{ secrets.TEST_GITEA_SMEEURL }}"
bash -x ./hack/dev/kind/install.sh
- name: Create PAC github-app-secret
env:
PAC_GITHUB_PRIVATE_KEY: ${{ secrets.APP_PRIVATE_KEY }}
PAC_GITHUB_APPLICATION_ID: ${{ vars.APPLICATION_ID }}
PAC_WEBHOOK_SECRET: ${{ secrets.WEBHOOK_SECRET }}
run: |
./hack/gh-workflow-ci.sh create_pac_github_app_secret
- name: Create second Github APP Controller on GHE
env:
TEST_GITHUB_SECOND_SMEE_URL: ${{ secrets.TEST_GITHUB_SECOND_SMEE_URL }}
TEST_GITHUB_SECOND_PRIVATE_KEY: ${{ secrets.TEST_GITHUB_SECOND_PRIVATE_KEY }}
TEST_GITHUB_SECOND_WEBHOOK_SECRET: ${{ secrets.TEST_GITHUB_SECOND_WEBHOOK_SECRET }}
run: |
./hack/gh-workflow-ci.sh create_second_github_app_controller_on_ghe
# Adjusted step-level conditions based on the new job-level logic
- name: Run E2E Tests
# This step runs for schedule, PR target (if job started), or workflow_dispatch (if job started)
# Remove the old label check which is no longer relevant for triggering.
if: ${{ github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' || github.event_name == 'pull_request_target' }}
env:
TEST_PROVIDER: ${{ matrix.provider }}
TEST_BITBUCKET_CLOUD_TOKEN: ${{ secrets.BITBUCKET_CLOUD_TOKEN }}
TEST_EL_WEBHOOK_SECRET: ${{ secrets.WEBHOOK_SECRET }}
TEST_GITEA_SMEEURL: ${{ secrets.TEST_GITEA_SMEEURL }}
TEST_GITHUB_REPO_INSTALLATION_ID: ${{ vars.INSTALLATION_ID }}
TEST_GITHUB_TOKEN: ${{ secrets.GH_APPS_TOKEN }}
TEST_GITHUB_SECOND_TOKEN: ${{ secrets.TEST_GITHUB_SECOND_TOKEN }}
TEST_GITLAB_TOKEN: ${{ secrets.GITLAB_TOKEN }}
TEST_BITBUCKET_SERVER_TOKEN: ${{ secrets.BITBUCKET_SERVER_TOKEN }}
TEST_BITBUCKET_SERVER_API_URL: ${{ secrets.BITBUCKET_SERVER_API_URL }}
TEST_BITBUCKET_SERVER_WEBHOOK_SECRET: ${{ secrets.BITBUCKET_SERVER_WEBHOOK_SECRET }}
run: |
./hack/gh-workflow-ci.sh run_e2e_tests
- name: Run E2E Tests on nightly
# This step still runs specifically for schedule or workflow_dispatch
if: ${{ github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' }}
env:
NIGHTLY_E2E_TEST: "true"
TEST_PROVIDER: ${{ matrix.provider }}
TEST_BITBUCKET_CLOUD_TOKEN: ${{ secrets.BITBUCKET_CLOUD_TOKEN }}
TEST_EL_WEBHOOK_SECRET: ${{ secrets.WEBHOOK_SECRET }}
TEST_GITEA_SMEEURL: ${{ secrets.TEST_GITEA_SMEEURL }}
TEST_GITHUB_REPO_INSTALLATION_ID: ${{ vars.INSTALLATION_ID }}
TEST_GITHUB_TOKEN: ${{ secrets.GH_APPS_TOKEN }}
TEST_GITHUB_SECOND_TOKEN: ${{ secrets.TEST_GITHUB_SECOND_TOKEN }}
TEST_GITLAB_TOKEN: ${{ secrets.GITLAB_TOKEN }}
TEST_BITBUCKET_SERVER_TOKEN: ${{ secrets.BITBUCKET_SERVER_TOKEN }}
TEST_BITBUCKET_SERVER_API_URL: ${{ secrets.BITBUCKET_SERVER_API_URL }}
TEST_BITBUCKET_SERVER_WEBHOOK_SECRET: ${{ secrets.BITBUCKET_SERVER_WEBHOOK_SECRET }}
run: |
./hack/gh-workflow-ci.sh run_e2e_tests
- name: Collect logs
if: ${{ always() }}
env:
TEST_GITEA_SMEEURL: ${{ secrets.TEST_GITEA_SMEEURL }}
TEST_GITHUB_SECOND_SMEE_URL: ${{ secrets.TEST_GITHUB_SECOND_SMEE_URL }}
run: |
./hack/gh-workflow-ci.sh collect_logs
- name: Show controllers/watcher logs with Snazy
if: ${{ always() }}
run: |
./hack/gh-workflow-ci.sh output_logs
- name: Upload artifacts
if: ${{ always() }}
uses: actions/upload-artifact@v4
with:
name: logs-e2e-tests-${{ matrix.provider }}
path: /tmp/logs
- name: Report Status
if: ${{ always() && github.ref_name == 'main' && github.event_name == 'schedule' }}
uses: ravsamhq/notify-slack-action@v2
with:
status: ${{ job.status }}
notify_when: "failure"
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}