Skip to content

test

test #3706

Workflow file for this run

name: Test FIPS E2E
on:
workflow_dispatch:
inputs:
agent-image:
description: "Agent image to use"
required: false
type: string
agent-image-fips:
description: "FIPS Agent image to use"
required: false
type: string
target:
description: "Target to test"
required: false
type: string
pull_request:
paths:
- datadog_checks_base/datadog_checks/**
- datadog_checks_base/pyproject.toml
schedule:
- cron: '0 0,8,16 * * *'
defaults:
run:
shell: bash
jobs:
run:
name: "Test FIPS"
runs-on: ["ubuntu-22.04"]
env:
FORCE_COLOR: "1"
PYTHON_VERSION: "3.13"
# Test results for later processing
TEST_RESULTS_BASE_DIR: "test-results"
# Tracing to monitor our test suite
DD_ENV: "ci"
DD_SERVICE: "ddev-integrations-core"
DD_TAGS: "team:agent-integrations"
DD_TRACE_ANALYTICS_ENABLED: "true"
permissions:
# needed for dd-sts and codecov in test-target.yml, allows the action to get a JWT signed by Github
id-token: write
# needed for compute-matrix in test-target.yml
contents: read
steps:
- name: Set environment variables with sanitized paths
run: |
JOB_NAME="test-fips-e2e"
echo "TEST_RESULTS_DIR=$TEST_RESULTS_BASE_DIR/$JOB_NAME" >> $GITHUB_ENV
echo "TRACE_CAPTURE_FILE=$TRACE_CAPTURE_BASE_DIR/$JOB_NAME" >> $GITHUB_ENV
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Set up Python ${{ env.PYTHON_VERSION }}
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
with:
python-version: "${{ env.PYTHON_VERSION }}"
- name: Install uv
uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7.6.0
with:
enable-cache: false
- name: Restore cache
uses: actions/cache/restore@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
with:
path: |
~/.cache/uv
~/.cache/pip
key: >-
${{ format(
'v02-uv-{0}-{1}-{2}-{3}',
env.pythonLocation,
hashFiles('datadog_checks_base/pyproject.toml'),
hashFiles('datadog_checks_dev/pyproject.toml'),
hashFiles('ddev/pyproject.toml')
)}}
restore-keys: |-
v02-uv-${{ env.pythonLocation }}
- name: Get Datadog credentials
id: dd-sts
uses: DataDog/dd-sts-action@2e8187910199bd93129520183c093e19aa585c75 # v1.0.0
with:
policy: integrations-core-api-key
- name: Install ddev from local folder
run: |-
uv pip install --system -e ./datadog_checks_dev[cli] -e ./ddev
- name: Configure ddev
run: |-
ddev config set upgrade_check false
ddev config set repos.core .
ddev config set repo core
- name: Prepare for testing
env:
PYTHONUNBUFFERED: "1"
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_ACCESS_TOKEN: ${{ secrets.DOCKER_ACCESS_TOKEN }}
ORACLE_DOCKER_USERNAME: ${{ secrets.ORACLE_DOCKER_USERNAME }}
ORACLE_DOCKER_PASSWORD: ${{ secrets.ORACLE_DOCKER_PASSWORD }}
DD_GITHUB_USER: ${{ github.actor }}
DD_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: ddev ci setup ${{ inputs.target || 'tls' }}
- name: Run E2E tests with FIPS disabled
env:
DDEV_E2E_AGENT: "${{ inputs.agent-image || 'registry.datadoghq.com/agent-dev:master-py3' }}"
DD_API_KEY: "${{ steps.dd-sts.outputs.api_key }}"
run: |
ddev env test --base --new-env --junit ${{ inputs.target || 'tls' }} -- all -m "fips_off"
- name: Run E2E tests with FIPS enabled
env:
DDEV_E2E_AGENT: "${{ inputs.agent-image-fips || 'registry.datadoghq.com/agent-dev:master-fips' }}"
DD_API_KEY: "${{ steps.dd-sts.outputs.api_key }}"
run: |
ddev env test --base --new-env --junit ${{ inputs.target || 'tls' }} -- all -k "fips_on"
- name: Finalize test results
if: always()
run: |-
mkdir -p "${{ env.TEST_RESULTS_DIR }}"
if [[ -d ${{ inputs.target || 'tls' }}/junit ]]; then
mv ${{ inputs.target || 'tls' }}/junit/*.xml "${{ env.TEST_RESULTS_DIR }}"
fi
- name: Upload test results
if: always()
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: "test-results-${{ inputs.target || 'tls' }}"
path: "${{ env.TEST_RESULTS_BASE_DIR }}"
- name: Upload coverage data
if: >
!github.event.repository.private &&
always()
uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de
with:
use_oidc: true
files: "${{ inputs.target || 'tls' }}/coverage.xml"
flags: "${{ inputs.target || 'tls' }}"
- name: Upload coverage to Datadog
if: >
!github.event.repository.private &&
always()
continue-on-error: true
uses: DataDog/coverage-upload-github-action@9bbbf86d16f7db1b14c5b885e61cf0d96053686a # v1.0.0
with:
api_key: ${{ secrets.DD_API_KEY }}
files: "${{ inputs.target || 'tls' }}/coverage.xml"
format: cobertura
flags: "${{ inputs.target || 'tls' }}"