Integration Tests against Staging #51
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Integration Tests against Staging | |
| on: | |
| schedule: | |
| - cron: '00 20 * * *' | |
| workflow_dispatch: | |
| permissions: | |
| id-token: write # This is required for requesting the JWT | |
| contents: read # This is required for actions/checkout | |
| jobs: | |
| test-integration: | |
| name: Run Integration Tests against Staging | |
| environment: staging | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check-out Code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Configure AWS credentials | |
| id: aws-creds | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ vars.AWS_GITHUB_ACTIONS_ROLE }} | |
| role-session-name: GithubWorkflow-Deployment-dev-staging | |
| aws-region: ${{ vars.AWS_PRIMARY_REGION }} | |
| output-credentials: true | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set-up Devcontainer Environment Variables | |
| run: | | |
| echo "PWD=${GITHUB_WORKSPACE}" >> $GITHUB_ENV | |
| cp .devcontainer/.env.ci .devcontainer/.env | |
| echo ".devcontainer/.env:" | |
| cat .devcontainer/.env | |
| - name: Run Code Validation in Devcontainer | |
| uses: devcontainers/[email protected] | |
| with: | |
| cacheFrom: ghcr.io/limorl/monorepo-python-sample-devcontainer | |
| push: never | |
| env: | | |
| AWS_ACCESS_KEY_ID=${{ steps.aws-creds.outputs.aws-access-key-id }} | |
| AWS_SECRET_ACCESS_KEY=${{ steps.aws-creds.outputs.aws-secret-access-key }} | |
| AWS_SESSION_TOKEN=${{ steps.aws-creds.outputs.aws-session-token }} | |
| AWS_REGION=${{ vars.AWS_PRIMARY_REGION }} | |
| AWS_ACCOUNT_ID=${{ vars.AWS_ACCOUNT_ID }} | |
| AWS_PRIMARY_REGION=${{ vars.AWS_PRIMARY_REGION }} | |
| AWS_GITHUB_ACTIONS_ROLE=${{ vars.AWS_GITHUB_ACTIONS_ROLE }} | |
| runCmd: | | |
| set -e | |
| echo $"\nRunning detect-secrets..." | |
| poetry run pre-commit run detect-secrets --all-files | |
| echo $"\nRunning ruff..." | |
| poetry run pre-commit run ruff --all-files --hook-stage push | |
| echo $"\nRunning flake8..." | |
| poetry run pre-commit run flake8 --all-files --hook-stage push | |
| echo $"\nRunning codespell..." | |
| poetry run pre-commit run codespell --all-files --hook-stage push | |
| echo $"\nRunning Unit tests..." | |
| poetry run pytest -m "not integration and not e2e" | |
| echo $"\nVerifying AWS credentials..." | |
| if ! aws sts get-caller-identity; then | |
| echo "AWS authentication failed. Debug info:" | |
| aws sts get-caller-identity --debug | |
| exit 1 | |
| fi | |
| echo "Successfully authenticated with AWS" | |
| echo $"\nRunning Integration tests..." | |
| poetry run pytest -m "integration" | |
| echo "All code validation checks completed!" |