From 606b124912cf5d3d469d5fe373f0cb622e063476 Mon Sep 17 00:00:00 2001 From: Carlo Costino Date: Tue, 18 Mar 2025 23:24:49 -0400 Subject: [PATCH] Fix existing end-to-end tests This changeset re-enables our existing end-to-end tests and gets them working again after responding to a security incident. Signed-off-by: Carlo Costino --- .ds.baseline | 61 +++-------------- .github/workflows/checks.yml | 125 +++++++++++++++++------------------ 2 files changed, 72 insertions(+), 114 deletions(-) diff --git a/.ds.baseline b/.ds.baseline index c1cf02954..2cdf590d7 100644 --- a/.ds.baseline +++ b/.ds.baseline @@ -127,6 +127,15 @@ } ], "results": { + ".github/workflows/checks.yml": [ + { + "type": "Secret Keyword", + "filename": ".github/workflows/checks.yml", + "hashed_secret": "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8", + "is_verified": false, + "line_number": 68 + } + ], "app/assets/js/uswds.min.js": [ { "type": "Secret Keyword", @@ -389,26 +398,6 @@ "is_secret": false } ], - "app/templates/new/components/head.html": [ - { - "type": "Base64 High Entropy String", - "filename": "app/templates/new/components/head.html", - "hashed_secret": "ee5048791fc7ff45a1545e24f85bec3317371327", - "is_verified": false, - "line_number": 33, - "is_secret": false - } - ], - "app/templates/old/admin_template.html": [ - { - "type": "Base64 High Entropy String", - "filename": "app/templates/old/admin_template.html", - "hashed_secret": "ee5048791fc7ff45a1545e24f85bec3317371327", - "is_verified": false, - "line_number": 18, - "is_secret": false - } - ], "deploy-config/sandbox.yml": [ { "type": "Secret Keyword", @@ -642,37 +631,7 @@ "line_number": 3266, "is_secret": false } - ], - "tests/notifications_utils/clients/antivirus/test_antivirus_client.py": [ - { - "type": "Secret Keyword", - "filename": "tests/notifications_utils/clients/antivirus/test_antivirus_client.py", - "hashed_secret": "932b25270abe1301c22c709a19082dff07d469ff", - "is_verified": false, - "line_number": 16, - "is_secret": false - } - ], - "tests/notifications_utils/clients/encryption/test_encryption_client.py": [ - { - "type": "Secret Keyword", - "filename": "tests/notifications_utils/clients/encryption/test_encryption_client.py", - "hashed_secret": "f1e923a9667de11be6a210849a8651c1bfd81605", - "is_verified": false, - "line_number": 13, - "is_secret": false - } - ], - "tests/notifications_utils/clients/zendesk/test_zendesk_client.py": [ - { - "type": "Secret Keyword", - "filename": "tests/notifications_utils/clients/zendesk/test_zendesk_client.py", - "hashed_secret": "913a73b565c8e2c8ed94497580f619397709b8b6", - "is_verified": false, - "line_number": 16, - "is_secret": false - } ] }, - "generated_at": "2025-03-17T23:26:44Z" + "generated_at": "2025-03-19T03:23:37Z" } diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index a1b27435c..2034321a6 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -51,74 +51,73 @@ jobs: - name: Check coverage threshold run: poetry run coverage report --fail-under=90 - # TODO FIX THIS! - # end-to-end-tests: - # if: ${{ github.actor != 'dependabot[bot]' }} + end-to-end-tests: + if: ${{ github.actor != 'dependabot[bot]' }} - # permissions: - # checks: write - # pull-requests: write - # contents: write - # runs-on: ubuntu-latest - # environment: staging - # services: - # postgres: - # image: postgres - # env: - # POSTGRES_USER: user - # POSTGRES_PASSWORD: password - # POSTGRES_DB: test_notification_api - # options: >- - # --health-cmd pg_isready - # --health-interval 10s - # --health-timeout 5s - # --health-retries 5 - # ports: - # # Maps tcp port 5432 on service container to the host - # - 5432:5432 - # redis: - # image: redis - # options: >- - # --health-cmd "redis-cli ping" - # --health-interval 10s - # --health-timeout 5s - # --health-retries 5 - # ports: - # # Maps tcp port 6379 on service container to the host - # - 6379:6379 + permissions: + checks: write + pull-requests: write + contents: write + runs-on: ubuntu-latest + environment: staging + services: + postgres: + image: postgres + env: + POSTGRES_USER: user + POSTGRES_PASSWORD: password + POSTGRES_DB: test_notification_api + options: >- + --health-cmd pg_isready + --health-interval 10s + --health-timeout 5s + --health-retries 5 + ports: + # Maps tcp port 5432 on service container to the host + - 5432:5432 + redis: + image: redis + options: >- + --health-cmd "redis-cli ping" + --health-interval 10s + --health-timeout 5s + --health-retries 5 + ports: + # Maps tcp port 6379 on service container to the host + - 6379:6379 - # steps: - # - uses: actions/checkout@v4 - # - uses: ./.github/actions/setup-project - # - uses: jwalton/gh-find-current-pr@v1 - # id: findPr - # - name: Check API Server availability - # run: | - # curl --fail -v https://notify-api-staging.app.cloud.gov || exit 1 - # - name: Run Admin server - # # If we want to log stuff and see what's broken, - # # insert this line: - # # tail -f admin-server.log & - # # above make e2e-test + steps: + - uses: actions/checkout@v4 + - uses: ./.github/actions/setup-project + - uses: jwalton/gh-find-current-pr@v1 + id: findPr + - name: Check API Server availability + run: | + curl --fail -v https://notify-api-staging.app.cloud.gov || exit 1 + - name: Run Admin server + # If we want to log stuff and see what's broken, + # insert this line: + # tail -f admin-server.log & + # above make e2e-test - # run: | - # make run-flask > admin-server.log 2>&1 & - # tail -f admin-server.log & - # make e2e-test + run: | + make run-flask > admin-server.log 2>&1 & + tail -f admin-server.log & + make e2e-test - # env: - # API_HOST_NAME: https://notify-api-staging.app.cloud.gov/ - # SECRET_KEY: ${{ secrets.SECRET_KEY }} - # DANGEROUS_SALT: ${{ secrets.DANGEROUS_SALT }} - # ADMIN_CLIENT_SECRET: ${{ secrets.ADMIN_CLIENT_SECRET }} - # ADMIN_CLIENT_USERNAME: notify-admin - # NOTIFY_ENVIRONMENT: e2etest - # NOTIFY_E2E_AUTH_STATE_PATH: ${{ secrets.NOTIFY_E2E_AUTH_STATE_PATH }} - # NOTIFY_E2E_TEST_EMAIL: ${{ secrets.NOTIFY_E2E_TEST_EMAIL }} - # NOTIFY_E2E_TEST_PASSWORD: ${{ secrets.NOTIFY_E2E_TEST_PASSWORD }} - # NOTIFY_E2E_TEST_URI: http://localhost:6012/ - # VCAP_SERVICES: ${{ secrets.VCAP_SERVICES }} + env: + API_HOST_NAME: https://notify-api-staging.app.cloud.gov/ + SECRET_KEY: ${{ secrets.SECRET_KEY }} + DANGEROUS_SALT: ${{ secrets.DANGEROUS_SALT }} + ADMIN_CLIENT_SECRET: ${{ secrets.ADMIN_CLIENT_SECRET }} + ADMIN_CLIENT_USERNAME: notify-admin + NOTIFY_ENVIRONMENT: e2etest + NOTIFY_E2E_AUTH_STATE_PATH: ${{ secrets.NOTIFY_E2E_AUTH_STATE_PATH }} + NOTIFY_E2E_TEST_EMAIL: ${{ secrets.NOTIFY_E2E_TEST_EMAIL }} + NOTIFY_E2E_TEST_PASSWORD: ${{ secrets.NOTIFY_E2E_TEST_PASSWORD }} + NOTIFY_E2E_TEST_URI: http://localhost:6012/ + VCAP_SERVICES: ${{ secrets.VCAP_SERVICES }} validate-new-relic-config: runs-on: ubuntu-latest