-
Notifications
You must be signed in to change notification settings - Fork 2
209 lines (194 loc) · 9.31 KB
/
xtest.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
name: X-Test
on:
pull_request:
workflow_dispatch:
inputs:
platform-ref:
required: false
type: string
default: main
description: "The branch or commit to use for the platform"
otdfctl-ref:
required: false
type: string
default: main
description: "The branch or commit to use for otdfctl"
js-ref:
required: false
type: string
default: main
description: "The branch or commit to use for the web-sdk"
java-ref:
required: false
type: string
default: main
description: "The branch or commit to use for the java-sdk"
workflow_call:
inputs:
platform-ref:
required: false
type: string
default: main
otdfctl-ref:
required: false
type: string
default: main
js-ref:
required: false
type: string
default: main
java-ref:
required: false
type: string
default: main
schedule:
- cron: "30 6 * * *"
jobs:
cross-client-test:
timeout-minutes: 60
runs-on: ubuntu-latest
permissions:
contents: read
packages: read
env:
PLATFORM_REF: "${{ inputs.platform-ref || 'main' }}"
JS_REF: "${{ inputs.js-ref || 'main' }}"
OTDFCTL_REF: "${{ inputs.otdfctl-ref || 'main' }}"
JAVA_REF: "${{ inputs.java-ref || 'main' }}"
steps:
######## SPIN UP PLATFORM BACKEND #############
- name: Check out and start up platform with deps/containers
id: run-platform
uses: opentdf/platform/test/start-up-with-containers@main
with:
platform-ref: ${{ env.PLATFORM_REF }}
extra-keys: >-
[{
"kid": "golden-r1",
"alg": "rsa:2048",
"privateKey": "-----BEGIN PRIVATE KEY-----\nMIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDxAXgP2SjRPhKe\nO1OdLco7zsU+uMnvQFnTrc0W8eQ/vUGjP8HNABA3kKUeJZUGb4lyE5u62sBqD+Va\nOWh0tIRCIEPRC/tF3hTE5TeDJLJiY9N3R5P9OjWuFewnQFXIfTPqmrny1pYowfkd\nnbxBSzb/xTpk6K+yzkyrZdW1JvYdW/1CBGpo7qtfxflR3Cy13V15YDuVTD2rHUSj\nM2eYUU+b4HLoHvKZ87y18nwaOMOMMqbvp4xFoxckoE/XkuaHyH1UWI9HqCyFBrh+\nf24OPMP0N3qMCseXJc2CTBGSX4jKdB0WGqOpZdBxKWlKxLGlKAe9Ko1eYzUHdhhN\npBRmU4HzAgMBAAECggEAHRHhSoAWJU8Ibd+YEVBxoU8qiYs+iEZJz3eaUlcxAeMx\nJKDPHowQaLNgx0cfN5yChqkI0rwKE4EBWCWujM0tWtCLfY6la2MDPFCtpnrprWZ/\nHlca6aN40BvC1WU0M6+ucHDjVwA9MoNbKhBZocKRyr4ecgeDEd1CcDYjVetyKk4v\nTKIa7mvoNfRMT5dsmvUdRgtkvIaomLYoCVc7nK2d7C0WP/RaUWpJUUpZE+8lP3ze\no44HMMpeq+yyeXJhq6+PIErJfOChYJVjwOWCVJ99NRJ2RFU4kNu4gY2YcL6IRCV5\n6rfwsJwdKlLxTKVEZPCWVEa0TS+G4yQV8gu1LtvAwQKBgQD6Z5Hxw2R+bTFFyeOx\nMlDno8PvBlw4B3QrrWppk3f+m4261eSFdCMkZTZw81QjdGCJ/BTtMASaNWIWVyc1\nkslSg+ARPF5XEBEGpUmINRUotV9B7Wtq5Nid9xTlUoUPiuVVVU+eEvwTw8F/tgOu\nITwUM/uOYJdI16XfL4qtGxab0wKBgQD2ZCIbXK4BO5+8YC23YWymspTK/YShfoYA\nM8Ktxdp+xHGZoNzbx+mSd6vvvtWPhiayje2ppc82OsB+q6BYQOYTRowwdidWBETd\nM7/Q/QKg9Zn3kM+WA71KDtK3VIQBqZfYjevpTEqGjG9XN1apWZh80YeU3uhBuaSZ\nKns62AxNYQKBgAj8jpBOotymro4CoNlLJPwrNGzvnX+lRNYMczU2xaetjXiXFIx1\njo1P1JRZJzvegVhyY43fm0qtf8eteQrDKdZ8RR5ZPEmDmhjS9cCdpxS+7ZxAGQrN\nC7kflPBl9cCJC5H0bdcOd11+OQOMVLV7G9zdwLlrXgKPOrS30BJGVplhAoGAU+YM\n5xxL9AeFgPOPHZ6DDNBKckSZYRRgNLlrVRjGKdxiglmQWxZbppAxb9Wfitu3WZ2S\ni+31/RVMbtWqJ+MRdQbUvbu98UBK4re4XUWKG50F7JLW3NIxJoKdpeeVe6twFUFe\nT3a2+dHgJ+akD85+aiI+9KZil97K+YzJoWPn7IECgYB9O3ZiTlT3N3iuML+CCrv/\nEttS+1sWf1fdwq1Roosw3JWxuXC45KNn/lUsk0jvVJkMM/XDxG19E3NyltMWr2de\nj0o4TgFsOvXh6k1k7ftMwauFooAdIgkn9HPU7zwv7eAwWfOOxz57RvVnKKvcUq9F\nrELh+ivyqdpAYiJ1z4+0LA==\n-----END PRIVATE KEY-----\n",
"cert": "-----BEGIN CERTIFICATE-----\nMIIC/TCCAeWgAwIBAgIUDiCm76cjcg4Wd862cEzTzLqSzFswDQYJKoZIhvcNAQEL\nBQAwDjEMMAoGA1UEAwwDa2FzMB4XDTI0MTIxODIwMzUxNFoXDTI1MTIxODIwMzUx\nNFowDjEMMAoGA1UEAwwDa2FzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC\nAQEA8QF4D9ko0T4SnjtTnS3KO87FPrjJ70BZ063NFvHkP71Boz/BzQAQN5ClHiWV\nBm+JchObutrAag/lWjlodLSEQiBD0Qv7Rd4UxOU3gySyYmPTd0eT/To1rhXsJ0BV\nyH0z6pq58taWKMH5HZ28QUs2/8U6ZOivss5Mq2XVtSb2HVv9QgRqaO6rX8X5Udws\ntd1deWA7lUw9qx1EozNnmFFPm+By6B7ymfO8tfJ8GjjDjDKm76eMRaMXJKBP15Lm\nh8h9VFiPR6gshQa4fn9uDjzD9Dd6jArHlyXNgkwRkl+IynQdFhqjqWXQcSlpSsSx\npSgHvSqNXmM1B3YYTaQUZlOB8wIDAQABo1MwUTAdBgNVHQ4EFgQUVl6EWRsZE5kf\nXR6EC9LDStsR1howHwYDVR0jBBgwFoAUVl6EWRsZE5kfXR6EC9LDStsR1howDwYD\nVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAJysUw1bQkm+UdIWubPVo\nh/h1YoSHMEmwtphLflMDiJvm1GIjFM5zVgnpmkiI9DVCAs8vyhHe+UVCgiCAMqU9\nuu1jYxXY54v8nx+Ps3X1snylIs82JHKXT1AJaXECSi0DwIuF3hIyPUJpK9AJ/PqC\nOvhq3sMX5p0D3bmk8518rRwkSZ2a7jn5qvLa6P0g4Ph32j5UdRmgvsgh/jJk7PkK\nHuf86yZ4KbkgU6kMs4rTOLNIBmMJlm7R9xrGMVwK8X/NPZWV4fBNQZPIJw7svNzo\npe60OK4cT0G0/LHEOGxCLpmxjq2+xedKkrmq6PrRZquL386RyjkCZh6F5AWJCqB9\n4g==\n-----END CERTIFICATE-----\n"
}]
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
repository: opentdf/tests
path: otdftests # use different name bc other repos might have tests directories
- name: Set up Python 3.10
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b
with:
python-version: "3.10"
- uses: bufbuild/buf-setup-action@2211e06e8cf26d628cda2eea15c95f8c42b080b3
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Set up JDK
uses: actions/setup-java@5896cecc08fd8a1fbdfaf517e29b571164b031f7
with:
java-version: "11"
distribution: "adopt"
server-id: github
######## CHECKOUT WEB SDK #############
- name: Check out web-sdk
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
repository: opentdf/web-sdk
path: web-sdk
ref: ${{ env.JS_REF }}
- name: Set up Node 22
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af
with:
node-version: "22.x"
cache-dependency-path: web-sdk/lib/package-lock.json web-sdk/cli/package-lock.json
######## SETUP THE JS CLI #############
- name: build and setup the web-sdk cli
id: build-web-sdk
run: |
make js
env:
JS_DIR: ../../../web-sdk
working-directory: otdftests/xtest/sdk
######## CHECKOUT GO CLI #############
- name: Check out otdfctl
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
repository: opentdf/otdfctl
path: otdfctl
ref: ${{ env.OTDFCTL_REF }}
######## SETUP THE GO CLI #############
- name: Prepare go cli
run: |-
make go
env:
OTDFCTL_DIR: ../../../otdfctl
PLATFORM_DIR: ../../../${{ steps.run-platform.outputs.platform-working-dir }}
working-directory: otdftests/xtest/sdk
####### CHECKOUT JAVA SDK ##############
- name: Check out java-sdk
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
repository: opentdf/java-sdk
path: java-sdk
ref: ${{ env.JAVA_REF }}
####### SETUP JAVA CLI ##############
- name: Prepare java cli
run: |
make java
env:
JAVA_DIR: ../../../java-sdk
BUF_INPUT_HTTPS_USERNAME: opentdf-bot
BUF_INPUT_HTTPS_PASSWORD: ${{ secrets.PERSONAL_ACCESS_TOKEN_OPENTDF }}
working-directory: otdftests/xtest/sdk
######## RUN THE TESTS #############
- name: Install test dependencies
run: |-
pip install -r requirements.txt
working-directory: otdftests/xtest
# When the schema gets merged into the spec repo, we can just rely on that as a source of truth
- name: Get manifest schema from platform repo
run: |-
curl -L -o manifest.schema.json https://raw.githubusercontent.com/opentdf/platform/main/sdk/schema/manifest.schema.json
working-directory: otdftests/xtest
- name: Validate xtests
if: ${{ !inputs }}
run: |-
pytest test_nano.py test_self.py
working-directory: otdftests/xtest
- name: Run legacy decryption tests
run: |-
pytest -v test_legacy.py
working-directory: otdftests/xtest
env:
PLATFORM_DIR: '../../${{ steps.run-platform.outputs.platform-working-dir }}'
- name: Run xtests
run: |-
pytest -v test_tdfs.py
working-directory: otdftests/xtest
env:
PLATFORM_DIR: '../../${{ steps.run-platform.outputs.platform-working-dir }}'
SCHEMA_FILE: 'manifest.schema.json'
######## ATTRIBUTE BASED CONFIGURATION #############
- name: Start additional kas
uses: opentdf/platform/test/start-additional-kas@main
with:
kas-port: 8181
kas-name: alpha
- name: Start additional kas
uses: opentdf/platform/test/start-additional-kas@main
with:
kas-port: 8282
kas-name: beta
- name: Start additional kas
uses: opentdf/platform/test/start-additional-kas@main
with:
kas-port: 8383
kas-name: gamma
- name: Start additional kas
uses: opentdf/platform/test/start-additional-kas@main
with:
kas-port: 8484
kas-name: delta
- name: Run attribute based configuration tests
run: |-
pytest test_abac.py
working-directory: otdftests/xtest
env:
PLATFORM_DIR: '../../${{ steps.run-platform.outputs.platform-working-dir }}'