diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index f2e4398b..26d56b13 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -104,43 +104,81 @@ jobs: token: ${{ secrets.CLONE_REPO_TOKEN }} path: './pdp-tester' - # Setup Python environment - - name: Setup Python - uses: actions/setup-python@v5 + # Start k3d cluster for Kubernetes-based pdp-tester + - name: Start k3d cluster + uses: AbsaOSS/k3d-action@v2.4.0 with: - python-version: "3.12" + cluster-name: pdp-tester + args: --k3s-arg "--disable=traefik@server:0" + + # Import PDP image into k3d with 'next' tag (locally built) + - name: Import PDP image into k3d + run: k3d image import permitio/pdp-v2:next -c pdp-tester - # Install dependencies for pdp-tester - - name: Install pdp-tester dependencies + # Build pdp-tester image and import into k3d + - name: Build and import pdp-tester image working-directory: ./pdp-tester run: | - pip install -r requirements.txt + docker build -t pdp-tester:ci . + k3d image import pdp-tester:ci -c pdp-tester - # Run pdp-tester - - name: Run pdp-tester - working-directory: ./pdp-tester + # Create namespace and secrets + - name: Create secrets env: - TOKEN: ${{ secrets.PDP_TESTER_API_KEY }} - LOCAL_TAGS: '["next"]' - INCLUDE_TAGS: '[]' - AUTO_REMOVE: "False" - SKIP_GENERATE: "True" - ENABLE_APM: "False" + PERMIT_TOKEN: ${{ secrets.PDP_TESTER_API_KEY }} + run: | + kubectl create namespace pdp-tester || true + kubectl create secret generic pdp-tester-credentials \ + -n pdp-tester \ + --from-literal=token="${PERMIT_TOKEN}" \ + --dry-run=client -o yaml | kubectl apply -f - + + # Deploy pdp-tester via Helm with the "next" PDP image + - name: Deploy pdp-tester via Helm + working-directory: ./pdp-tester + run: | + helm install pdp-tester ./deploy/helm/pdp-tester \ + --set mode=job \ + --set permit.existingSecret=pdp-tester-credentials \ + --set permit.apiUrl=https://permitio.api.stg.permit.io \ + --set image.repository=pdp-tester \ + --set image.tag=ci \ + --set image.pullPolicy=Never \ + --set pdp.image=permitio/pdp-v2 \ + --set 'pdp.localTags[0]=next' \ + --set 'pdp.includeTags=' \ + --set tests.skipGenerate=true \ + --set tests.startTimeout=180 \ + --set namespace.create=false \ + --set logJson=false + + - name: Wait for Job completion run: | - python -m pdp_tester.main + kubectl wait --for=condition=complete job/pdp-tester \ + -n pdp-tester --timeout=600s - - name: Print Docker container logs + - name: Check test results + run: | + LOGS=$(kubectl logs job/pdp-tester -n pdp-tester) + echo "$LOGS" | tail -30 + if echo "$LOGS" | grep -q "test cases failed"; then + echo "::error::Some test cases failed!" + exit 1 + fi + + - name: Print tester logs if: always() run: | - echo "Fetching logs for all Docker containers..." - for container in $(docker ps -aq); do - echo "========================================" - echo "Logs for container: $container" - echo "----------------------------------------" - docker logs "$container" || true - echo "========================================" - echo "" - done + echo "=== PDP Tester logs ===" + kubectl logs job/pdp-tester -n pdp-tester --tail=200 || true + echo "" + echo "=== PDP Pod logs ===" + kubectl logs -l pdp-tester.permit.io/managed-by=pdp-tester \ + -n pdp-tester --tail=50 || true + + - name: Teardown k3d cluster + if: always() + run: k3d cluster delete pdp-tester || true docker-scout: runs-on: ubuntu-latest