Improve nightly functional tests

.github/actions/extract-email/action.yaml

@@ -0,0 +1,40 @@
+name: Extract Email
+description: Extract the emails to notify on failure
+outputs:
+  emails:
+    value: ${{ steps.emails-output.outputs.emails }}
+runs:
+  using: "composite"
+  steps:
+    - run: |
+        $productAlias = $env:Alias
+        $params = $env:TestParams
+        $products = $params.split("|")
+        foreach ($product in $products)
+        {
+          [String]$emails = ""
+          $attributes = $product.split(",")
+          foreach ($attribute in $attributes)
+          {
+            # Split the key from the value
+            $keyAndValue = $attribute.split("=")
+            $key = $keyAndValue[0]
+            $value = $keyAndValue[1]
+            if($key.ToLower() -eq "alias")
+            {
+              $alias = $value
+            }
+            elseif($key.ToLower() -eq "emails")
+            {
+              $emails = $value
+            }
+          }
+          if($alias -eq $productAlias)
+          {
+            # Pass emails to later job for notification.
+            echo emails=$emails >> $env:GITHUB_OUTPUT
+            break
+          }
+        }
+      id: emails-output
+      shell: powershell

.github/actions/get-thumbprint/action.yaml

@@ -0,0 +1,21 @@
+name: Get Thumbprint
+description: Extract the thumbprint from the x509 certificate
+inputs:
+  PfxPassword:
+    required: true
+    description: "The PFX password"
+outputs:
+  thumbprint:
+    value: ${{ steps.thumbprint-output.outputs.thumbprint }}
+runs:
+  using: "composite"
+  steps:
+    - run: |
+        cd repo
+        $x509 = Get-PfxCertificate -FilePath ./key.pfx -Password (ConvertTo-SecureString -String "${{ inputs.PfxPassword }}" -AsPlainText -Force)
+        $Thumbprint = $x509.ThumbPrint
+        # Pass thumbprint to later job.
+        echo thumbprint=$Thumbprint >> $env:GITHUB_OUTPUT
+      id: thumbprint-output
+      # -Password flag requires PS 6+
+      shell: pwsh

.github/actions/import-pfx/action.yaml

@@ -0,0 +1,22 @@
+name: Import PFX
+description: Create and import the PFX certificate
+inputs:
+  PfxBase64:
+    required: true
+    description: "The PFX as base64"
+  PfxPassword:
+    required: true
+    description: "The PFX password"
+runs:
+  using: "composite"
+  steps:
+    - run: |
+        cd repo
+        # Create PFX
+        New-Item -ItemType file -Path ./key.txt
+        Set-Content -Path ./key.txt -Value "${{ inputs.PfxBase64 }}"
+        certutil -decode ./key.txt ./key.pfx
+        # Import PFX
+        # Pipe to Out-Null to hide the thumbprint
+        Import-PfxCertificate -Password (ConvertTo-SecureString -String "${{ inputs.PfxPassword }}" -AsPlainText -Force) -CertStoreLocation Cert:\CurrentUser\My -FilePath ./key.pfx | Out-Null
+      shell: powershell

.github/actions/test-product/action.yaml

@@ -0,0 +1,94 @@
+name: Test Product
+description: Run the Pester tests for a given product
+inputs:
+  Thumbprint:
+    required: true
+    description: "The certificate thumbprint"
+  Alias:
+    required: true
+    description: "The alias of the product being tested"
+  TestParams:
+    required: true
+    description: "The set of parameters used to defined the test"
+runs:
+  using: "composite"
+  steps:
+    - run: |
+        Import-Module -Name Selenium
+        cd repo
+        # Read thumbprint from previous step.
+        $thumbprint = "${{ inputs.Thumbprint }}"
+        $productAlias = "${{ inputs.Alias }}"
+        $params = "${{ inputs.TestParams }}"
+        # Split into products
+        $products = $params.split("|")
+        foreach ($product in $products)
+        {
+          [String]$alias = ""
+          [String]$domain = ""
+          [String]$display = ""
+          [String]$appid = ""
+          [String]$productname = ""
+          [String]$variant = ""
+          [String]$m365 = ""
+          $paramsAsHashTable = @{}
+          $attributes = $product.split(",")
+          foreach ($attribute in $attributes)
+          {
+            # Split the key from the value
+            $keyAndValue = $attribute.split("=")
+            $key = $keyAndValue[0]
+            $value = $keyAndValue[1]
+            if($key.ToLower() -eq "alias")
+            {
+              $alias = $value
+            }
+            elseif($key.ToLower() -eq "tenantdomain")
+            {
+              $domain = $attribute
+            }
+            elseif($key.ToLower() -eq "tenantdisplayname")
+            {
+              $display = $attribute
+            }
+            elseif($key.ToLower() -eq "appid")
+            {
+              $appid = $attribute
+            }
+            elseif($key.ToLower() -eq "productname")
+            {
+              $productname = $attribute
+            }
+            elseif($key.ToLower() -eq "variant")
+            {
+              $variant = $attribute
+            }
+            elseif($key.ToLower() -eq "m365environment")
+            {
+              $m365 = $attribute
+            }
+          }
+          if($alias -eq $productAlias)
+          {
+            # Split out the key and value for each parameter
+            $domainKeyAndValue = $domain.split("=")
+            $displayKeyAndValue = $display.split("=")
+            $appidKeyAndValue = $appid.split("=")
+            $productnameKeyAndValue = $productname.split("=")
+            $variantKeyAndValue = $variant.split("=")
+            $m365KeyAndValue =$m365.split("=")
+            # Add both to the hash table
+            $paramsAsHashTable.Add($domainKeyAndValue[0], $domainKeyAndValue[1])
+            $paramsAsHashTable.Add($displayKeyAndValue[0], $displayKeyAndValue[1])
+            $paramsAsHashTable.Add($appidKeyAndValue[0], $appidKeyAndValue[1])
+            $paramsAsHashTable.Add($productnameKeyAndValue[0], $productnameKeyAndValue[1])
+            if($variantKeyAndValue[0] -ne "")
+            {
+              $paramsAsHashTable.Add($variantKeyAndValue[0], $variantKeyAndValue[1])
+            }
+            $paramsAsHashTable.Add($m365KeyAndValue[0], $m365KeyAndValue[1])
+            # Test the product
+            ./Testing/Functional/Products/Tests/CallProductTests.ps1 -params $paramsAsHashTable -thumbprint $thumbprint
+          }
+        }
+      shell: powershell

.github/workflows/check_security.yaml

@@ -23,5 +23,7 @@ jobs:
         uses: actions/checkout@v4
       - name: Setup Config File
         run: cp Testing/Linting/MegaLinter/.mega-linter-security.yml .mega-linter.yml
+      - name: Setup Checkov File
+        run: cp Testing/Linting/MegaLinter/.checkov.yml .checkov.yml
       - name: Check Security
         uses: oxsecurity/megalinter/flavors/security@latest

.github/workflows/clear_cache.yaml

@@ -0,0 +1,37 @@
+# Purpose: The purpose of this workflow is to delete all caches for a specific run.
+
+name: Clear Caches
+
+on:
+  workflow_call:
+  workflow_dispatch:
+
+jobs:
+  cleanup:
+    name: Clear Cache
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      id-token: write
+    # Run even if one of the functional tests have failed
+    # We always want to clean up the caches that we create
+    if: always()
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v4
+      - name: Cleanup
+        run: |
+          gh extension install actions/gh-actions-cache
+          cacheKeys=$(gh actions-cache list -R $REPO)
+          set +e
+          for cacheKey in $cacheKeys
+          do
+            if [[ $cacheKey == scubagear-directory-${{ github.run_id }} ]] ||[[ $cacheKey == powershell-directory-${{ github.run_id }} ]] || [[ $cacheKey == opa-directory-${{ github.run_id }} ]]
+            then
+              echo "Deleting" $cacheKey
+              gh actions-cache delete $cacheKey --confirm
+            fi
+          done
+        env:
+          GH_TOKEN: ${{ github.token }}
+          REPO: ${{ github.repository }}