Skip to content

[157] Refactor of build processes and dependency management using Poetry #29

[157] Refactor of build processes and dependency management using Poetry

[157] Refactor of build processes and dependency management using Poetry #29

name: Tests | Integration
on: [pull_request, workflow_dispatch]
jobs:
integration_tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: build_image
run: |
echo "[INFO] Building image"
make build-image
shell: bash
- name: run_integration_tests
run: |
echo "[INFO] Running integration tests"
make test-int
shell: bash
integration_tests_cli_refarch:
runs-on: ubuntu-latest
strategy:
max-parallel: 1
matrix:
python-version: [3.8.14,3.9.15,3.10.8]
steps:
- name: Checkout base branch
uses: actions/checkout@v3
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v2
with:
python-version: ${{ matrix.python-version }}
- name: Build Leverage CLI
run: |
printf "[INFO] Building Leverage CLI\n"
if ! (which pipenv 2>/dev/null); then printf "Installing pipenv..." && pip install pipenv && pipenv --python $(which python) ; else printf "pipenv is already installed"; fi
printf "Working with python version $(python --version)"
make build
pip install -e .
- name: Create directories
run: |
mkdir -p ../theadamproject
# These are later mounted in the container
mkdir ~/.ssh && touch ~/.gitconfig
- name: Project Init
run: |
printf "[INFO] Project Init\n"
leverage project init
if [[ -f project.yaml ]];
then
printf "[INFO] OK \n"
else
printf "[ERROR] Fail \n"
exit 1
fi
working-directory: ../theadamproject
- name: Set project file and create
run: |
printf "[INFO] Setting Project file\n"
sed 's/<project name>/the-adam-project/' -i project.yaml
sed 's/<short project name>/bb/' -i project.yaml
sed 's/<management email address>/bb@domainmgmt/' -i project.yaml
sed 's/<security email address>/bb@domainsec/' -i project.yaml
sed 's/<shared email address>/bb@domainshared/' -i project.yaml
sed 's/<user.name>/bbuser/' -i project.yaml
printf "[INFO] Creating Project"
leverage project create
printf "[INFO] Checking Project"
for i in config management security shared; do if [[ ! -d $i ]]; then echo '[ERROR] Fail' && exit 1; fi ;done
working-directory: ../theadamproject
- name: Set up credentials
run: |
printf "[INFO] Setting up credentials\n"
mkdir -p ~/.aws/bb
aws configure set aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }} --profile bb-deploymaster
aws configure set aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }} --profile bb-deploymaster
aws configure set region us-east-1 --profile bb-apps-devstg-devops
aws configure set output json --profile bb-apps-devstg-devops
aws configure set role_arn arn:aws:iam::${{ secrets.AWS_DEVSTG_ACCOUNT_ID }}:role/DeployMaster --profile bb-apps-devstg-devops
aws configure set source_profile bb-deploymaster --profile bb-apps-devstg-devops
cat << EOF > ~/.aws/credentials
[bb-deploymaster]
aws_access_key_id = ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_secret_access_key = ${{ secrets.AWS_SECRET_ACCESS_KEY }}
EOF
cp ~/.aws/credentials ~/.aws/bb/
cp ~/.aws/config ~/.aws/bb/
- name: Configure Reference Architecture
run: |
echo "[INFO] Configure Reference Architecture\n"
cat << EOF > ./config/common.tfvars
project = "bb"
project_long = "binbash"
region_primary = "us-east-1"
region_secondary = "us-east-2"
vault_address = "vault_trash"
vault_token = "vault_trash"
sso_region = "us-east-1"
sso_enabled = false
sso_start_url = "sso_trash"
accounts = {
security = {
id = ${{ secrets.AWS_SECURITY_ACCOUNT_ID }}
}
}
EOF
echo "[INFO] Disable MFA\n"
sed -i "s/^\(MFA_ENABLED=\)true/\1false/" build.env
working-directory: ../theadamproject
- name: Test Terraform
env:
LEVERAGE_INTERACTIVE: 0
run: |
printf "[INFO] Testing terraform\n"
printf "[INFO] Initializing layer\n"
leverage tf init --skip-validation
working-directory: ../theadamproject/security/us-east-1/base-tf-backend
- name: Test AWS
run: |
printf "[INFO] Testing AWS\n"
printf "[INFO] Getting identity\n"
ID=$(leverage aws sts get-caller-identity --profile bb-apps-devstg-devops | grep Account | sed -E 's/^.*("Account.+")[0-9]{12}".*$/\1************"/')
if [[ "$ID" == "\"Account\": \"************\"" ]];
then
printf "[INFO] OK \n"
else
printf "[ERROR] Fail \n"
exit 1
fi
working-directory: ../theadamproject/security/us-east-1/base-tf-backend
- name: Clone Testing Reference Architecture repo
run: |
printf "[INFO] Cloning repo...\n"
git clone https://github.com/binbashar/le-tf-infra-aws.git ../theblairwitchproject
- name: Configure Testing Reference Architecture
run: |
echo "[INFO] Configure Reference Architecture\n"
cat << EOF > ./config/common.tfvars
project = "bb"
project_long = "binbash"
region_primary = "us-east-1"
region_secondary = "us-east-2"
vault_address = "vault_trash"
vault_token = "vault_trash"
sso_region = "us-east-1"
sso_enabled = false
sso_start_url = "sso_trash"
accounts = {
security = {
id = ${{ secrets.AWS_SECURITY_ACCOUNT_ID }}
}
}
EOF
echo "[INFO] Disable MFA\n"
sed -i "s/^\(MFA_ENABLED=\)true/\1false/" build.env
sed -E -i 's/^TERRAFORM_IMAGE_TAG=.+$/TERRAFORM_IMAGE_TAG=1.2.7-0.0.5/' build.env;
working-directory: ../theblairwitchproject
- name: Test Testing Reference Architecture
env:
LEVERAGE_INTERACTIVE: 0
run: |
printf "[INFO] Initializing layer\n"
leverage tf init --layers cli-test-layer,base-identities
printf "[INFO] Generating plan\n"
leverage tf plan --layers cli-test-layer
printf "[INFO] Applying changes\n"
leverage tf apply -auto-approve --layers cli-test-layer
printf "[INFO] Checking if all changes were applied\n"
leverage tf plan -detailed-exitcode --layers cli-test-layer
[[ $? -eq 2 ]] && printf "[WARN] There are still remaining changes\n"
[[ $? -eq 0 ]] && printf "[INFO] Apply checks out\n"
printf "[INFO] Destroying all generated created resources\n"
leverage tf destroy -auto-approve --layers cli-test-layer
working-directory: ../theblairwitchproject/apps-devstg/global