X-Test #3421
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: X-Test | |
| on: | |
| pull_request: | |
| workflow_dispatch: | |
| inputs: | |
| platform-ref: | |
| required: false | |
| type: string | |
| default: main | |
| description: "The branch or commit to use for the platform" | |
| otdfctl-ref: | |
| required: false | |
| type: string | |
| default: main | |
| description: "The branch or commit to use for otdfctl" | |
| js-ref: | |
| required: false | |
| type: string | |
| default: main | |
| description: "The branch or commit to use for the web-sdk" | |
| java-ref: | |
| required: false | |
| type: string | |
| default: main | |
| description: "The branch or commit to use for the java-sdk" | |
| workflow_call: | |
| inputs: | |
| platform-ref: | |
| required: false | |
| type: string | |
| default: main | |
| otdfctl-ref: | |
| required: false | |
| type: string | |
| default: main | |
| js-ref: | |
| required: false | |
| type: string | |
| default: main | |
| java-ref: | |
| required: false | |
| type: string | |
| default: main | |
| schedule: | |
| - cron: "30 6 * * *" | |
| jobs: | |
| cross-client-test: | |
| timeout-minutes: 60 | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: read | |
| env: | |
| PLATFORM_REF: "${{ inputs.platform-ref || 'main' }}" | |
| JS_REF: "${{ inputs.js-ref || 'main' }}" | |
| OTDFCTL_REF: "${{ inputs.otdfctl-ref || 'main' }}" | |
| JAVA_REF: "${{ inputs.java-ref || 'main' }}" | |
| steps: | |
| ######## SPIN UP PLATFORM BACKEND ############# | |
| - name: Check out and start up platform with deps/containers | |
| id: run-platform | |
| uses: opentdf/platform/test/start-up-with-containers@main | |
| with: | |
| platform-ref: ${{ env.PLATFORM_REF }} | |
| extra-keys: >- | |
| [{ | |
| "kid": "golden-r1", | |
| "alg": "rsa:2048", | |
| "privateKey": "-----BEGIN PRIVATE KEY-----\nMIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDxAXgP2SjRPhKe\nO1OdLco7zsU+uMnvQFnTrc0W8eQ/vUGjP8HNABA3kKUeJZUGb4lyE5u62sBqD+Va\nOWh0tIRCIEPRC/tF3hTE5TeDJLJiY9N3R5P9OjWuFewnQFXIfTPqmrny1pYowfkd\nnbxBSzb/xTpk6K+yzkyrZdW1JvYdW/1CBGpo7qtfxflR3Cy13V15YDuVTD2rHUSj\nM2eYUU+b4HLoHvKZ87y18nwaOMOMMqbvp4xFoxckoE/XkuaHyH1UWI9HqCyFBrh+\nf24OPMP0N3qMCseXJc2CTBGSX4jKdB0WGqOpZdBxKWlKxLGlKAe9Ko1eYzUHdhhN\npBRmU4HzAgMBAAECggEAHRHhSoAWJU8Ibd+YEVBxoU8qiYs+iEZJz3eaUlcxAeMx\nJKDPHowQaLNgx0cfN5yChqkI0rwKE4EBWCWujM0tWtCLfY6la2MDPFCtpnrprWZ/\nHlca6aN40BvC1WU0M6+ucHDjVwA9MoNbKhBZocKRyr4ecgeDEd1CcDYjVetyKk4v\nTKIa7mvoNfRMT5dsmvUdRgtkvIaomLYoCVc7nK2d7C0WP/RaUWpJUUpZE+8lP3ze\no44HMMpeq+yyeXJhq6+PIErJfOChYJVjwOWCVJ99NRJ2RFU4kNu4gY2YcL6IRCV5\n6rfwsJwdKlLxTKVEZPCWVEa0TS+G4yQV8gu1LtvAwQKBgQD6Z5Hxw2R+bTFFyeOx\nMlDno8PvBlw4B3QrrWppk3f+m4261eSFdCMkZTZw81QjdGCJ/BTtMASaNWIWVyc1\nkslSg+ARPF5XEBEGpUmINRUotV9B7Wtq5Nid9xTlUoUPiuVVVU+eEvwTw8F/tgOu\nITwUM/uOYJdI16XfL4qtGxab0wKBgQD2ZCIbXK4BO5+8YC23YWymspTK/YShfoYA\nM8Ktxdp+xHGZoNzbx+mSd6vvvtWPhiayje2ppc82OsB+q6BYQOYTRowwdidWBETd\nM7/Q/QKg9Zn3kM+WA71KDtK3VIQBqZfYjevpTEqGjG9XN1apWZh80YeU3uhBuaSZ\nKns62AxNYQKBgAj8jpBOotymro4CoNlLJPwrNGzvnX+lRNYMczU2xaetjXiXFIx1\njo1P1JRZJzvegVhyY43fm0qtf8eteQrDKdZ8RR5ZPEmDmhjS9cCdpxS+7ZxAGQrN\nC7kflPBl9cCJC5H0bdcOd11+OQOMVLV7G9zdwLlrXgKPOrS30BJGVplhAoGAU+YM\n5xxL9AeFgPOPHZ6DDNBKckSZYRRgNLlrVRjGKdxiglmQWxZbppAxb9Wfitu3WZ2S\ni+31/RVMbtWqJ+MRdQbUvbu98UBK4re4XUWKG50F7JLW3NIxJoKdpeeVe6twFUFe\nT3a2+dHgJ+akD85+aiI+9KZil97K+YzJoWPn7IECgYB9O3ZiTlT3N3iuML+CCrv/\nEttS+1sWf1fdwq1Roosw3JWxuXC45KNn/lUsk0jvVJkMM/XDxG19E3NyltMWr2de\nj0o4TgFsOvXh6k1k7ftMwauFooAdIgkn9HPU7zwv7eAwWfOOxz57RvVnKKvcUq9F\nrELh+ivyqdpAYiJ1z4+0LA==\n-----END PRIVATE KEY-----\n", | |
| "cert": "-----BEGIN CERTIFICATE-----\nMIIC/TCCAeWgAwIBAgIUDiCm76cjcg4Wd862cEzTzLqSzFswDQYJKoZIhvcNAQEL\nBQAwDjEMMAoGA1UEAwwDa2FzMB4XDTI0MTIxODIwMzUxNFoXDTI1MTIxODIwMzUx\nNFowDjEMMAoGA1UEAwwDa2FzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC\nAQEA8QF4D9ko0T4SnjtTnS3KO87FPrjJ70BZ063NFvHkP71Boz/BzQAQN5ClHiWV\nBm+JchObutrAag/lWjlodLSEQiBD0Qv7Rd4UxOU3gySyYmPTd0eT/To1rhXsJ0BV\nyH0z6pq58taWKMH5HZ28QUs2/8U6ZOivss5Mq2XVtSb2HVv9QgRqaO6rX8X5Udws\ntd1deWA7lUw9qx1EozNnmFFPm+By6B7ymfO8tfJ8GjjDjDKm76eMRaMXJKBP15Lm\nh8h9VFiPR6gshQa4fn9uDjzD9Dd6jArHlyXNgkwRkl+IynQdFhqjqWXQcSlpSsSx\npSgHvSqNXmM1B3YYTaQUZlOB8wIDAQABo1MwUTAdBgNVHQ4EFgQUVl6EWRsZE5kf\nXR6EC9LDStsR1howHwYDVR0jBBgwFoAUVl6EWRsZE5kfXR6EC9LDStsR1howDwYD\nVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAJysUw1bQkm+UdIWubPVo\nh/h1YoSHMEmwtphLflMDiJvm1GIjFM5zVgnpmkiI9DVCAs8vyhHe+UVCgiCAMqU9\nuu1jYxXY54v8nx+Ps3X1snylIs82JHKXT1AJaXECSi0DwIuF3hIyPUJpK9AJ/PqC\nOvhq3sMX5p0D3bmk8518rRwkSZ2a7jn5qvLa6P0g4Ph32j5UdRmgvsgh/jJk7PkK\nHuf86yZ4KbkgU6kMs4rTOLNIBmMJlm7R9xrGMVwK8X/NPZWV4fBNQZPIJw7svNzo\npe60OK4cT0G0/LHEOGxCLpmxjq2+xedKkrmq6PrRZquL386RyjkCZh6F5AWJCqB9\n4g==\n-----END CERTIFICATE-----\n" | |
| }] | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
| with: | |
| repository: opentdf/tests | |
| path: otdftests # use different name bc other repos might have tests directories | |
| - name: Set up Python 3.10 | |
| uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b | |
| with: | |
| python-version: "3.10" | |
| - uses: bufbuild/buf-setup-action@2211e06e8cf26d628cda2eea15c95f8c42b080b3 | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up JDK | |
| uses: actions/setup-java@5896cecc08fd8a1fbdfaf517e29b571164b031f7 | |
| with: | |
| java-version: "11" | |
| distribution: "adopt" | |
| server-id: github | |
| ######## CHECKOUT WEB SDK ############# | |
| - name: Check out web-sdk | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
| with: | |
| repository: opentdf/web-sdk | |
| path: web-sdk | |
| ref: ${{ env.JS_REF }} | |
| - name: Set up Node 22 | |
| uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af | |
| with: | |
| node-version: "22.x" | |
| cache-dependency-path: web-sdk/lib/package-lock.json web-sdk/cli/package-lock.json | |
| ######## SETUP THE JS CLI ############# | |
| - name: build and setup the web-sdk cli | |
| id: build-web-sdk | |
| run: | | |
| make js | |
| env: | |
| JS_DIR: ../../../web-sdk | |
| working-directory: otdftests/xtest/sdk | |
| ######## CHECKOUT GO CLI ############# | |
| - name: Check out otdfctl | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
| with: | |
| repository: opentdf/otdfctl | |
| path: otdfctl | |
| ref: ${{ env.OTDFCTL_REF }} | |
| ######## SETUP THE GO CLI ############# | |
| - name: Prepare go cli | |
| run: |- | |
| make go | |
| env: | |
| OTDFCTL_DIR: ../../../otdfctl | |
| PLATFORM_DIR: ../../../${{ steps.run-platform.outputs.platform-working-dir }} | |
| working-directory: otdftests/xtest/sdk | |
| ####### CHECKOUT JAVA SDK ############## | |
| - name: Check out java-sdk | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
| with: | |
| repository: opentdf/java-sdk | |
| path: java-sdk | |
| ref: ${{ env.JAVA_REF }} | |
| ####### SETUP JAVA CLI ############## | |
| - name: Prepare java cli | |
| run: | | |
| make java | |
| env: | |
| JAVA_DIR: ../../../java-sdk | |
| BUF_INPUT_HTTPS_USERNAME: opentdf-bot | |
| BUF_INPUT_HTTPS_PASSWORD: ${{ secrets.PERSONAL_ACCESS_TOKEN_OPENTDF }} | |
| working-directory: otdftests/xtest/sdk | |
| ######## RUN THE TESTS ############# | |
| - name: Install test dependencies | |
| run: |- | |
| pip install -r requirements.txt | |
| working-directory: otdftests/xtest | |
| # When the schema gets merged into the spec repo, we can just rely on that as a source of truth | |
| - name: Get manifest schema from platform repo | |
| run: |- | |
| curl -L -o manifest.schema.json https://raw.githubusercontent.com/opentdf/platform/main/sdk/schema/manifest.schema.json | |
| working-directory: otdftests/xtest | |
| - name: Validate xtests | |
| if: ${{ !inputs }} | |
| run: |- | |
| pytest test_nano.py test_self.py | |
| working-directory: otdftests/xtest | |
| - name: Run legacy decryption tests | |
| run: |- | |
| pytest -v test_legacy.py | |
| working-directory: otdftests/xtest | |
| env: | |
| PLATFORM_DIR: '../../${{ steps.run-platform.outputs.platform-working-dir }}' | |
| - name: Run xtests | |
| run: |- | |
| pytest -v test_tdfs.py | |
| working-directory: otdftests/xtest | |
| env: | |
| PLATFORM_DIR: '../../${{ steps.run-platform.outputs.platform-working-dir }}' | |
| SCHEMA_FILE: 'manifest.schema.json' | |
| ######## ATTRIBUTE BASED CONFIGURATION ############# | |
| - name: Start additional kas | |
| uses: opentdf/platform/test/start-additional-kas@main | |
| with: | |
| kas-port: 8181 | |
| kas-name: alpha | |
| - name: Start additional kas | |
| uses: opentdf/platform/test/start-additional-kas@main | |
| with: | |
| kas-port: 8282 | |
| kas-name: beta | |
| - name: Start additional kas | |
| uses: opentdf/platform/test/start-additional-kas@main | |
| with: | |
| kas-port: 8383 | |
| kas-name: gamma | |
| - name: Start additional kas | |
| uses: opentdf/platform/test/start-additional-kas@main | |
| with: | |
| kas-port: 8484 | |
| kas-name: delta | |
| - name: Run attribute based configuration tests | |
| run: |- | |
| pytest test_abac.py | |
| working-directory: otdftests/xtest | |
| env: | |
| PLATFORM_DIR: '../../${{ steps.run-platform.outputs.platform-working-dir }}' |