diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9e49f71..da62f0f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,44 +1,40 @@ on: [push] jobs: - test: + build: runs-on: ubuntu-latest - - services: - vault: - image: vault:1.2.3 - ports: - - 8200/tcp - env: - VAULT_DEV_ROOT_TOKEN_ID: testtoken - options: --cap-add=IPC_LOCK - steps: - uses: actions/checkout@v1 - name: Use Node.js 10.x uses: actions/setup-node@v1 with: node-version: 10.x + - name: setup npm cache + uses: actions/cache@v1 + with: + path: ~/.npm + key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} + restore-keys: | + ${{ runner.os }}-node- - name: npm install run: npm ci - name: npm build run: npm run build - name: npm run test run: npm run test - env: - CI: true - - name: npm run test:integration - run: npm run test:integration - env: - VAULT_HOST: localhost - VAULT_PORT: ${{ job.services.vault.ports[8200] }} - CI: true - test-ent: + integration: runs-on: ubuntu-latest services: - vault: + vaultBasic: + image: vault:1.2.3 + ports: + - 8200/tcp + env: + VAULT_DEV_ROOT_TOKEN_ID: testtoken + options: --cap-add=IPC_LOCK + vaultEnterprise: image: hashicorp/vault-enterprise:1.3.0_ent ports: - 8200/tcp @@ -52,19 +48,28 @@ jobs: uses: actions/setup-node@v1 with: node-version: 10.x + - name: setup npm cache + uses: actions/cache@v1 + with: + path: ~/.npm + key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} + restore-keys: | + ${{ runner.os }}-node- - name: npm install run: npm ci - name: npm build run: npm run build - - name: npm run test - run: npm run test - env: - CI: true - - name: npm run test:integration-ent - run: npm run test:integration-ent + - name: npm run test:integration:basic + run: npm run test:integration:basic env: VAULT_HOST: localhost - VAULT_PORT: ${{ job.services.vault.ports[8200] }} + VAULT_PORT: ${{ job.services.vaultBasic.ports[8200] }} + CI: true + - name: npm run test:integration:enterprise + run: npm run test:integration:enterprise + env: + VAULT_HOST: localhost + VAULT_PORT: ${{ job.services.vaultEnterprise.ports[8200] }} CI: true e2e: @@ -72,7 +77,7 @@ jobs: services: vault: - image: vault:1.2.3 + image: vault:1.3.0 ports: - 8200/tcp env: @@ -85,12 +90,19 @@ jobs: uses: actions/setup-node@v1 with: node-version: 10.x + - name: setup npm cache + uses: actions/cache@v1 + with: + path: ~/.npm + key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} + restore-keys: | + ${{ runner.os }}-node- - name: npm install run: npm ci - name: npm build run: npm run build - name: setup vault - run: node ./e2e/setup.js + run: node ./integrationTests/e2e/setup.js env: VAULT_HOST: localhost VAULT_PORT: ${{ job.services.vault.ports[8200] }} @@ -108,13 +120,20 @@ jobs: publish: runs-on: ubuntu-latest - needs: [test, e2e] + needs: [build, integration, e2e] steps: - uses: actions/checkout@v1 - name: Use Node.js 10.x uses: actions/setup-node@v1 with: node-version: 10.x + - name: setup npm cache + uses: actions/cache@v1 + with: + path: ~/.npm + key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} + restore-keys: | + ${{ runner.os }}-node- - name: npm install run: npm ci - name: release diff --git a/docker-compose.yml b/docker-compose.yml index 041702d..ef01eca 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,12 +1,17 @@ -# Start vault server locally -# You can run integration tests against server by running -# `VAULT_HOST=localhost VAULT_PORT=8200 CI=true npm run test:integration-ent` +# Start vault server locally for the purposes of integration tests. version: "3.0" services: vault: - image: hashicorp/vault-enterprise:1.3.0_ent + image: vault:1.3.0 environment: VAULT_DEV_ROOT_TOKEN_ID: testtoken ports: - 8200:8200 + privileged: true + vault-enterprise: + image: hashicorp/vault-enterprise:1.3.0_ent + environment: + VAULT_DEV_ROOT_TOKEN_ID: testtoken + ports: + - 8201:8201 privileged: true \ No newline at end of file diff --git a/integration/integration.test.js b/integrationTests/basic/integration.test.js similarity index 76% rename from integration/integration.test.js rename to integrationTests/basic/integration.test.js index eb71c5b..d440a2b 100644 --- a/integration/integration.test.js +++ b/integrationTests/basic/integration.test.js @@ -5,51 +5,52 @@ const core = require('@actions/core'); const got = require('got'); const { when } = require('jest-when'); -const { exportSecrets } = require('../action'); +const { exportSecrets } = require('../../action'); + +const vaultUrl = `http://${process.env.VAULT_HOST || 'localhost'}:${process.env.VAULT_PORT || '8200'}`; describe('integration', () => { - beforeAll(async () => { // Verify Connection - await got(`http://${process.env.VAULT_HOST}:${process.env.VAULT_PORT}/v1/secret/config`, { + await got(`${vaultUrl}/v1/secret/config`, { headers: { 'X-Vault-Token': 'testtoken', }, }); - await got(`http://${process.env.VAULT_HOST}:${process.env.VAULT_PORT}/v1/secret/data/test`, { + await got(`${vaultUrl}/v1/secret/data/test`, { method: 'POST', headers: { 'X-Vault-Token': 'testtoken', }, body: { data: { - secret: "SUPERSECRET", + secret: 'SUPERSECRET', }, }, json: true, }); - await got(`http://${process.env.VAULT_HOST}:${process.env.VAULT_PORT}/v1/secret/data/nested/test`, { + await got(`${vaultUrl}/v1/secret/data/nested/test`, { method: 'POST', headers: { 'X-Vault-Token': 'testtoken', }, body: { data: { - otherSecret: "OTHERSUPERSECRET", + otherSecret: 'OTHERSUPERSECRET', }, }, json: true, }); - }) + }); beforeEach(() => { jest.resetAllMocks(); when(core.getInput) .calledWith('url') - .mockReturnValue(`http://${process.env.VAULT_HOST}:${process.env.VAULT_PORT}`); + .mockReturnValue(`${vaultUrl}`); when(core.getInput) .calledWith('token') @@ -63,7 +64,7 @@ describe('integration', () => { } it('get simple secret', async () => { - mockInput('test secret') + mockInput('test secret'); await exportSecrets(); @@ -71,7 +72,7 @@ describe('integration', () => { }); it('re-map secret', async () => { - mockInput('test secret | TEST_KEY') + mockInput('test secret | TEST_KEY'); await exportSecrets(); @@ -79,7 +80,7 @@ describe('integration', () => { }); it('get nested secret', async () => { - mockInput('nested/test otherSecret') + mockInput('nested/test otherSecret'); await exportSecrets(); @@ -100,4 +101,4 @@ describe('integration', () => { expect(core.exportVariable).toBeCalledWith('NAMED_SECRET', 'SUPERSECRET'); expect(core.exportVariable).toBeCalledWith('OTHERSECRET', 'OTHERSUPERSECRET'); }); -}); \ No newline at end of file +}); diff --git a/e2e/jest.config.js b/integrationTests/basic/jest.config.js similarity index 100% rename from e2e/jest.config.js rename to integrationTests/basic/jest.config.js diff --git a/integrationTests/e2e/README.md b/integrationTests/e2e/README.md new file mode 100644 index 0000000..f7c319c --- /dev/null +++ b/integrationTests/e2e/README.md @@ -0,0 +1,4 @@ +# e2e tests + +This test suite runs `vault-action` as a GitHub Action in the context of a live build, and then verifies that the appropriate environmental variables are set. +These tests are intended to mostly be very simple smoke tests to verify that the action is being compiled and run correctly in context. diff --git a/e2e/e2e.test.js b/integrationTests/e2e/e2e.test.js similarity index 100% rename from e2e/e2e.test.js rename to integrationTests/e2e/e2e.test.js diff --git a/integration-ent/jest.config.js b/integrationTests/e2e/jest.config.js similarity index 100% rename from integration-ent/jest.config.js rename to integrationTests/e2e/jest.config.js diff --git a/e2e/setup.js b/integrationTests/e2e/setup.js similarity index 90% rename from e2e/setup.js rename to integrationTests/e2e/setup.js index 5ca354c..8abe9a3 100644 --- a/e2e/setup.js +++ b/integrationTests/e2e/setup.js @@ -16,7 +16,7 @@ const got = require('got'); }, body: { data: { - secret: "SUPERSECRET", + secret: 'SUPERSECRET', }, }, json: true, @@ -29,7 +29,7 @@ const got = require('got'); }, body: { data: { - otherSecret: "OTHERSUPERSECRET", + otherSecret: 'OTHERSUPERSECRET', }, }, json: true, @@ -38,4 +38,4 @@ const got = require('got'); console.log(error); process.exit(1); } -})(); \ No newline at end of file +})(); diff --git a/integration-ent/integration.test.js b/integrationTests/enterprise/enterprise.test.js similarity index 73% rename from integration-ent/integration.test.js rename to integrationTests/enterprise/enterprise.test.js index ede9c59..a77c95d 100644 --- a/integration-ent/integration.test.js +++ b/integrationTests/enterprise/enterprise.test.js @@ -5,20 +5,21 @@ const core = require('@actions/core'); const got = require('got'); const { when } = require('jest-when'); -const { exportSecrets } = require('../action'); +const { exportSecrets } = require('../../action'); + +const vaultUrl = `http://${process.env.VAULT_HOST || 'localhost'}:${process.env.VAULT_PORT || '8201'}`; describe('integration', () => { - beforeAll(async () => { // Verify Connection - await got(`http://${process.env.VAULT_HOST}:${process.env.VAULT_PORT}/v1/secret/config`, { + await got(`${vaultUrl}/v1/secret/config`, { headers: { 'X-Vault-Token': 'testtoken', }, }); // Create namespace - await got(`http://${process.env.VAULT_HOST}:${process.env.VAULT_PORT}/v1/sys/namespaces/ns1`, { + await got(`${vaultUrl}/v1/sys/namespaces/ns1`, { method: 'POST', headers: { 'X-Vault-Token': 'testtoken', @@ -27,17 +28,17 @@ describe('integration', () => { }); // Enable secret engine - await got(`http://${process.env.VAULT_HOST}:${process.env.VAULT_PORT}/v1/sys/mounts/secret`, { + await got(`${vaultUrl}/v1/sys/mounts/secret`, { method: 'POST', headers: { 'X-Vault-Token': 'testtoken', 'X-Vault-Namespace': 'ns1', }, - body: {"path":"secret","type":"kv","config":{},"options":{"version":2},"generate_signing_key":true}, + body: { path: 'secret', type: 'kv', config: {}, options: { version: 2 }, generate_signing_key: true }, json: true, }); - await got(`http://${process.env.VAULT_HOST}:${process.env.VAULT_PORT}/v1/secret/data/test`, { + await got(`${vaultUrl}/v1/secret/data/test`, { method: 'POST', headers: { 'X-Vault-Token': 'testtoken', @@ -45,13 +46,13 @@ describe('integration', () => { }, body: { data: { - secret: "SUPERSECRET_IN_NAMESPACE", + secret: 'SUPERSECRET_IN_NAMESPACE', }, }, json: true, }); - await got(`http://${process.env.VAULT_HOST}:${process.env.VAULT_PORT}/v1/secret/data/nested/test`, { + await got(`${vaultUrl}/v1/secret/data/nested/test`, { method: 'POST', headers: { 'X-Vault-Token': 'testtoken', @@ -59,21 +60,19 @@ describe('integration', () => { }, body: { data: { - otherSecret: "OTHERSUPERSECRET_IN_NAMESPACE", + otherSecret: 'OTHERSUPERSECRET_IN_NAMESPACE', }, }, json: true, }); + }); - - - }) beforeEach(() => { jest.resetAllMocks(); when(core.getInput) .calledWith('url') - .mockReturnValue(`http://${process.env.VAULT_HOST}:${process.env.VAULT_PORT}`); + .mockReturnValue(`${vaultUrl}`); when(core.getInput) .calledWith('token') @@ -91,7 +90,7 @@ describe('integration', () => { } it('get simple secret', async () => { - mockInput('test secret') + mockInput('test secret'); await exportSecrets(); @@ -99,7 +98,7 @@ describe('integration', () => { }); it('re-map secret', async () => { - mockInput('test secret | TEST_KEY') + mockInput('test secret | TEST_KEY'); await exportSecrets(); @@ -107,7 +106,7 @@ describe('integration', () => { }); it('get nested secret', async () => { - mockInput('nested/test otherSecret') + mockInput('nested/test otherSecret'); await exportSecrets(); @@ -128,4 +127,4 @@ describe('integration', () => { expect(core.exportVariable).toBeCalledWith('NAMED_SECRET', 'SUPERSECRET_IN_NAMESPACE'); expect(core.exportVariable).toBeCalledWith('OTHERSECRET', 'OTHERSUPERSECRET_IN_NAMESPACE'); }); -}); \ No newline at end of file +}); diff --git a/integration/jest.config.js b/integrationTests/enterprise/jest.config.js similarity index 100% rename from integration/jest.config.js rename to integrationTests/enterprise/jest.config.js diff --git a/jest.config.js b/jest.config.js index df9fa1c..7916d69 100644 --- a/jest.config.js +++ b/jest.config.js @@ -1,3 +1,3 @@ module.exports = { - testPathIgnorePatterns: ['/node_modules/', '/integration/', '/e2e/','/integration-ent'], + testPathIgnorePatterns: ['/node_modules/', '/integrationTests/'], }; diff --git a/package.json b/package.json index c294fa6..44514bd 100644 --- a/package.json +++ b/package.json @@ -6,9 +6,9 @@ "scripts": { "build": "ncc build index.js -o dist", "test": "jest", - "test:integration": "jest -c integration/jest.config.js", - "test:integration-ent": "jest -c integration-ent/jest.config.js", - "test:e2e": "jest -c e2e/jest.config.js" + "test:integration:basic": "jest -c integrationTests/basic/jest.config.js", + "test:integration:enterprise": "jest -c integrationTests/enterprise/jest.config.js", + "test:e2e": "jest -c integrationTests/e2e/jest.config.js" }, "release": { "branch": "master",