.github/workflows/integrationtest.yaml

name: OCM Integration Tests
# trigger manually
run-name: OCM CLI Integration Tests
on:
  workflow_dispatch:
    inputs:
      use-release:
        type: boolean
        description: use latest pre-built release instead of building from HEAD
        default: false
      pr_number:
        type: number
        description: "Number of PR to test (without #, e.g.: 517)"
        required: false
  schedule:
    - cron: '0 6 * * *'  # 6 AM UTC everyday for default branch
  repository_dispatch:
    types: [ocm_pr]
env:
  REF: main
permissions:
  contents: write
jobs:
  test-ocm:
    runs-on: ubuntu-latest
    steps:
    - name: checkout inttest
      uses: actions/checkout@v3
    - name: get-pr
      if: ${{ github.event.client_payload }}
      run: |
        echo "PR was triggered with payload: pr: ${{ github.event.client_payload.pr }}, ref: ${{ github.event.client_payload.ref }}, sha: ${{ github.event.client_payload.sha }}"
        echo "PR_NUMBER=${{ github.event.client_payload.pr }}" >> $GITHUB_ENV
        echo "SHA=${{ github.event.client_payload.sha }}" >> $GITHUB_ENV
        echo "REF=${{ github.event.client_payload.ref }}" >> $GITHUB_ENV
    - name: get-pr
      if:  ${{ inputs.pr_number!= '' }} 
      run: | 
        echo "get-pr"
        echo "Input was: ${{ inputs.pr_number }}"
        REF="refs/pull/${{ inputs.pr_number }}/head"
        echo "Building OCM from a pull request: ${REF}"
        echo "REF=${REF}" >> $GITHUB_ENV
    - name: debug env
      run: |
        echo "PR_NUMBER=${{ env.PR_NUMBER }}"
        echo "SHA=${{ env.SHA }}"
        echo "REF=${{ env.REF }}"
    - name: checkout ocm
      uses: actions/checkout@v3
      if: ${{ ! inputs.use-release }}
      with:
        repository: open-component-model/ocm
        ref: ${{ env.REF }}
        path: ocm
    - name: get ocm commit
      if: ${{ ! inputs.github.event.client_payload }}
      run: |
        SHA=`git -C ./ocm log -1 --format='%H'`
        echo "Checked out ocm from commit: ${SHA}"
        echo "SHA=${SHA}" >> $GITHUB_ENV
    - name: setup OCM
      uses: open-component-model/ocm-setup-action@main
      if: ${{ inputs.use-release }}
    - name: Set up Go
      uses: actions/setup-go@v4
      with:
        go-version: 1.21.5
    - name: create-cert
      run: |
        FDQN_NAME=`hostname --fqdn`
        HNAME=`hostname`
        echo "working dir is: $PWD"
        echo "home-dir: $HOME"
        echo "fqdn hostame is: $FDQN_NAME"
        if [ "$FDQN_NAME" = "$HNAME" ]; then
          echo "Failed to get fully qualified hostname: $FQDN_NAME , falling back to hostname.local"
          FDQN_NAME=`hostname`.local
        fi
        sudo rm -rf certs
        mkdir -p certs
        openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/ociregistry.key -addext "subjectAltName = DNS:${FDQN_NAME}" -x509 -days 365 -out certs/ociregistry.crt -subj "/C=DE/ST=Baden-Wuertemberg/L=Walldorf/O=SAP/OU=ocm/CN=${HNAME}"
        openssl x509 -noout -text -in certs/ociregistry.crt
        sudo cp certs/ociregistry.crt /usr/local/share/ca-certificates
        sudo update-ca-certificates
        echo "FDQN_NAME=${FDQN_NAME}" >> $GITHUB_ENV
    - name: create user and credentials
      run: |
        mkdir -p auth
        # generate a random password
        PASSWD=`head /dev/urandom | tr -dc 'A-Za-z0-9!#-$%&=+-' | head -c12`
        USER_NAME=ocmuser
        htpasswd -Bbn ocmuser ${PASSWD} > auth/htpasswd
        htpasswd -b -v auth/htpasswd ${USER_NAME} ${PASSWD}
        echo "PASSWD=${PASSWD}" >> $GITHUB_ENV
        echo "USER_NAME=${USER_NAME}" >> $GITHUB_ENV
    - name: start OCI registry (docker)
      run: |
        docker run -d -p 443:443  --name registry \
          -v ${{ github.workspace}}/certs:/certs \
          -v ${{ github.workspace}}/auth:/auth \
          -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
          -e REGISTRY_AUTH=htpasswd \
          -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \
          -e REGISTRY_HTTP_ADDR=:443 \
          -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/ociregistry.crt \
          -e REGISTRY_HTTP_TLS_KEY=/certs/ociregistry.key \
          registry:2.8.1
    - name: Install Crane
      uses: imjasonh/setup-crane@v0.1
    - name: Build OCM
      if: ${{ ! inputs.use-release }}
      run: |
        cd ocm
        make install
    - name: Build go Test Binaries
      run: |
        env GOOS=linux GOARCH=arm64 GO111MODULE=on go build -o local/hello.arm64 -ldflags '-extldflags "-static"' main.go
        env GOOS=linux GOARCH=amd64 GO111MODULE=on go build -o local/hello.amd64 -ldflags '-extldflags "-static"' main.go
    - name: Wait for OCI registry to become ready
      timeout-minutes: 1
      run: |
        while ! curl https://${{ env.FDQN_NAME }}/v2
        do
          echo "Waiting for container to become ready... still trying"
          sleep 1
        done
        echo "$Registy container is ready"
    - name: Python add CA
      run: |
        location=`python3 -c "import certifi; print(certifi.where());"`
        cat ${{ github.workspace}}/certs/ociregistry.crt >> location
        python -c "import urllib.request; urllib.request.urlopen('https://${{ env.FDQN_NAME }}')"
    - name: Install Python Libs
      run: |
        python -m pip install --upgrade pip
        pip install -r requirements.txt
    - name: Test with pytest
      run: |
        if [ -e ${HOME}/.ocmconfig ]; then
          rm ${HOME}/.ocmconfig
        fi
        ocm_ver=$(ocm --version)
        echo "OCM-Version: ${ocm_ver}"
        pytest ./tests
        res=$?
        now=$(date +"%Y-%m-%d %H:%M:%S%z")
        echo "TEST_RUN_TS=${now}" >> $GITHUB_ENV
        echo "TEST_RESULT=${res}" >> $GITHUB_ENV
        echo "OCM_VERSION=${ocm_ver}" >> $GITHUB_ENV
        mv docs/report.html  docs/report-${{ env.SHA }}.html
        if [ ${res} -eq  0 ]; then
          echo "Tests run successfully."
          echo "TEST_RESULT_STR=Success &#9989;" >> $GITHUB_ENV
          echo "$now | ${ocm_ver} | &#9989; (passed)" >> README.md
        else
          echo "Tests failed."
          echo "TEST_RESULT_STR=Failure &#10060;" >> $GITHUB_ENV
          echo "$now | ${ocm_ver} | &#10060; (failed)" >> README.md
        fi
        exit ${res}
    - name: stop docker registry
      if: always()
      run: |
        docker container stop registry
        docker container rm -v registry
    - name: push
      uses: github-actions-x/commit@v2.9
      if: always() # push result also on failure
      with:
        github-token: ${{ secrets.GITHUB_TOKEN }}
        commit-message: 'add test report'
        files: README.md docs/
        name: github-ation
        email: noreply@github.com
    - name: Generate token
      id: generate_token
      if: ${{ github.event.client_payload }}
      uses: tibdex/github-app-token@v1
      with:
        app_id: ${{ secrets.OCMBOT_APP_ID }}
        private_key: ${{ secrets.OCMBOT_PRIV_KEY }}
    - name: send test result as PR comment
      if: ${{ github.event.client_payload }}
      uses: actions/github-script@v6
      with:
        github-token: ${{ steps.generate_token.outputs.token }}
        script: |
          github.rest.issues.createComment({
            owner: 'open-component-model',
            repo: 'ocm',
            issue_number: ${{ env.PR_NUMBER }},
            body: 'Integration Tests for ${{ env.SHA }} run with result: ${{ env.TEST_RESULT_STR }}!'
            })
    - name: Post to a Slack channel
      id: slack
      uses: slackapi/slack-github-action@v1.24.0
      if: ${{ github.ref_name  == 'main' && github.event_name == 'schedule' && always()}}
      with:
        # Slack channel id, channel name, or user id to post message.
        # See also: https://api.slack.com/methods/chat.postMessage#channels
        # You can pass in multiple channels to post to by providing a comma-delimited list of channel IDs.
        # Test-channel-id: 'C057KU48M7Y'
        channel-id: 'C03NF7KH128'
        payload: |
          {
            "text" : "OCM Integration Test Report, Status: ${{ job.status }}",
            "blocks": [
              {
                "type": "section",
                "text":
                  {
                    "type": "mrkdwn",
                    "text": "Integration Test for OCM CLI ${{ job.status == 'success' && ':white_check_mark:' || ':x:' }}  <https://open-component-model.github.io/ocm-integrationtest/report-${{ env.SHA }}.html|TestReport>  <https://github.com/open-component-model/ocm-integrationtest/actions/runs/${{ github.run_id }}|Github Action>"
                  }
              }
            ]
          }
      env:
        SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}