This repository has been archived by the owner on Nov 21, 2024. It is now read-only.
Fix threat (#781) #24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Run Integration Tests | |
# How to decrypt a file | |
# 1. Download the file from the artifacts | |
# 2. Unzip: unzip encrypted-artifacts.zip | |
# 3. Decrypt: gpg --decrypt --passphrase='***' archive.tar.gz.gpg > decrypted_archive.tar.gz && tar -zxvf decrypted_archive.tar.gz | |
# 4. One-liner: unzip encrypted-artifacts.zip && gpg --decrypt --passphrase='***' archive.tar.gz.gpg > decrypted_archive.tar.gz && tar -zxvf decrypted_archive.tar.gz | |
on: | |
push: | |
branches: | |
- dev | |
permissions: read-all | |
# This ensures only one job runs at a time across all workflows | |
concurrency: | |
group: integration_tests | |
cancel-in-progress: false | |
jobs: | |
integration_tests: | |
runs-on: ubuntu-latest | |
environment: integration | |
env: | |
PASSPHRASE: ${{ secrets.VMANAGE_PASSWORD }} | |
VMANAGE_URL: ${{ secrets.VMANAGE_URL }} | |
VMANAGE_USERNAME: ${{ secrets.VMANAGE_USERNAME }} | |
VMANAGE_PASSWORD: ${{ secrets.VMANAGE_PASSWORD }} | |
VMANAGE_PORT: ${{ secrets.VMANAGE_PORT }} | |
CATALYSTWAN_DEVEL: true | |
defaults: | |
run: | |
shell: bash | |
steps: | |
- name: Check if in allowed time window | |
run: | | |
hour=$(TZ='America/Los_Angeles' date +%H) | |
if [ $hour -ge 22 ] || [ $hour -lt 7 ]; then | |
echo "Current time is within the allowed window (10 PM - 7 AM PDT)." | |
else | |
echo "Error: Current time is outside the allowed window (10 PM - 7 AM PDT)." | |
exit 1 | |
fi | |
- uses: actions/checkout@v4 | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.11' | |
- name: Set Up Poetry | |
uses: abatilo/actions-poetry@v2 | |
with: | |
poetry-version: 1.3.1 | |
- name: Install dependencies | |
run: poetry install --sync -v | |
- name: Run Tests | |
run: poetry run pytest catalystwan/integration_tests | |
- name: Encrypt artifacts | |
if: always() | |
run: | | |
mv catalystwan.log artifacts/catalystwan.log | |
tar -czf archive.tar.gz artifacts | |
gpg --batch --yes --passphrase="$PASSPHRASE" -c archive.tar.gz | |
- name: Store encrypted artifacts | |
if: always() | |
uses: actions/upload-artifact@v3 | |
with: | |
name: encrypted-artifacts | |
path: archive.tar.gz.gpg | |
retention-days: 1 |