[SELC-6294] feat: Added action for newman (#631)

Author: giampieroferrara

.github/workflows/call_integration_test.yml

@@ -0,0 +1,36 @@
+on:
+  workflow_call:
+    inputs:
+      environment:
+        type: string
+        required: true
+
+jobs:
+  integration-test:
+    environment: ${{ inputs.environment }}-ci
+    name: "Run Postman collection on ${{ inputs.environment }}"
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        name: Checkout
+      - name: "Download postman environment"
+        env:
+          INTEGRATION_ENVIRONMENT: ${{ secrets.INTEGRATION_ENVIRONMENT }}
+        run: 'echo "$INTEGRATION_ENVIRONMENT" | base64 --decode > Selfcare-external-Integration.postman_environment.json'
+        shell: bash
+      - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af
+        with:
+          node-version: "16.x"
+      - name: Install newman
+        shell: bash
+        run: npm install -g newman
+      - name: Run newman
+        shell: bash
+        run: newman run ./integration-test/newman/Selfcare-external-Integration.postman_collection.json -e ./infra/integration-test/Selfcare-external-Integration.postman_environment.json --reporters cli,json --reporter-json-export ./integration-test/integration-test-result.json
+      - name: Send newman report
+        shell: bash
+        run: node ./integration-test/convert.js
+      - name: "Send message on Slack"
+        shell: bash
+        run: >
+          curl -X POST ${{ secrets.SLACK_WEBHOOK_URL }} -H 'Content-type: application/json' -d @integration-test/stats.json

.github/workflows/integration_test.yml

@@ -0,0 +1,34 @@
+name: Integration test
+
+on:
+  push:
+    branches:
+      - main
+      - releases/*
+
+  workflow_dispatch:
+    inputs:
+      env:
+        type: choice
+        description: Environment
+        default: dev
+        options:
+          - dev
+          - uat
+
+jobs:
+  test_dev:
+    uses: ./.github/workflows/call_integration_test.yml
+    name: "[DEV] Integration test"
+    if: ${{ (startsWith(github.ref_name, 'releases/') != true && inputs.env == null) || inputs.env == 'dev' }}
+    secrets: inherit
+    with:
+      environment: dev
+
+  test_uat:
+    uses: ./.github/workflows/call_integration_test.yml
+    name: "[UAT] Integration test"
+    if: ${{ (startsWith(github.ref_name, 'releases/') != true && inputs.env == null) || inputs.env == 'uat' }}
+    secrets: inherit
+    with:
+      environment: uat

.gitignore

@@ -54,4 +54,7 @@ app/.DS_Store
 override.tf
 override.tf.json
 *_override.tf
-*_override.tf.json
+*_override.tf.json
+
+### NODE
+**/node_modules/*

infra/container_apps/locals.tf

@@ -4,4 +4,4 @@ locals {
 
   container_app_environment_name = "${local.project}${local.pnpg_suffix}-${var.cae_name}"
   ca_resource_group_name         = "${local.project}-container-app${var.suffix_increment}-rg"
-}
+}

infra/integration-test/.terraform.lock.hcl

@@ -0,0 +1,39 @@
+{
+  "id": "12505d2b-8642-4ff6-8a13-d7eba9922973",
+  "name": "Selfcare-Integration",
+  "values": [
+    {
+      "key": "apiBaseUrl",
+      "value": "https://api${env}.selfcare.pagopa.it",
+      "type": "default",
+      "enabled": true
+    },
+    {
+      "key": "productId",
+      "value": "prod-pn",
+      "type": "default",
+      "enabled": true
+    },
+    {
+      "key": "apimKeyPN",
+      "value": "${apimKeyPN}",
+      "type": "default",
+      "enabled": true
+    },
+    {
+      "key": "institutionId",
+      "value": "a634f83b-e8e4-49c9-86cc-307f6aa31bbb",
+      "type": "default",
+      "enabled": true
+    },
+    {
+      "key": "userId",
+      "value": "6a33a28c-8415-4741-86ad-229ac274932e",
+      "type": "default",
+      "enabled": true
+    }
+  ],
+  "_postman_variable_scope": "environment",
+  "_postman_exported_at": "2024-11-11T16:36:58.194Z",
+  "_postman_exported_using": "Postman/11.19.0"
+}

infra/integration-test/Selfcare-external-Integration.postman_environment.json

@@ -0,0 +1,17 @@
+data "azurerm_resource_group" "rg_vnet" {
+  name = format("%s-vnet-rg", local.project)
+}
+
+data "azurerm_resource_group" "rg_monitor" {
+  name = local.monitor_rg_name
+}
+
+data "azurerm_application_insights" "application_insights" {
+  name                = local.monitor_appinsights_name
+  resource_group_name = data.azurerm_resource_group.rg_monitor.name
+}
+
+data "azurerm_virtual_network" "vnet" {
+  name                = format("%s-vnet", local.project)
+  resource_group_name = data.azurerm_resource_group.rg_vnet.name
+}

infra/integration-test/data.tf

@@ -0,0 +1 @@
+subscription=DEV-SelfCare

infra/integration-test/env/dev/backend.ini

@@ -0,0 +1,4 @@
+resource_group_name  = "terraform-state-rg"
+storage_account_name = "tfappdevselfcare"
+container_name       = "terraform-state"
+key                  = "selfcare-external-api-backend.integration-test.tfstate"

infra/integration-test/env/dev/backend.tfvars

@@ -0,0 +1,19 @@
+env_short        = "d"
+suffix_increment = "-002"
+cae_name         = "cae-002"
+prefix           = "selc"
+env              = "dev"
+location         = "westeurope"
+
+tags = {
+  CreatedBy   = "Terraform"
+  Environment = "Dev"
+  Owner       = "SelfCare"
+  Source      = "https://github.com/pagopa/selfcare-external-api-backend"
+  CostCenter  = "TS310 - PAGAMENTI & SERVIZI"
+}
+
+key_vault = {
+  resource_group_name = "selc-d-sec-rg"
+  name                = "selc-d-kv"
+}

infra/integration-test/env/dev/terraform.tfvars

@@ -0,0 +1,29 @@
+data "azurerm_key_vault" "key_vault" {
+  resource_group_name = var.key_vault.resource_group_name
+  name                = var.key_vault.name
+}
+
+data "azurerm_key_vault_secret" "apim_product_pn_sk" {
+  name         = "apim-product-pn-sk"
+  key_vault_id = data.azurerm_key_vault.key_vault.id
+}
+
+data "github_repository" "repo" {
+  full_name = "pagopa/selfcare-external-api-backend"
+}
+
+resource "github_repository_environment" "repo_environment" {
+  repository  = data.github_repository.repo.name
+  environment = "dev-ci"
+}
+
+resource "github_actions_environment_secret" "integration_environment" {
+  repository  = data.github_repository.repo.name
+  environment = github_repository_environment.repo_environment.environment
+  secret_name = "integration_environment"
+  plaintext_value = base64encode(templatefile("Selfcare-external-Integration.postman_environment.json",
+    {
+      env       = local.env_url
+      apimKeyPN = data.azurerm_key_vault_secret.apim_product_pn_sk.value
+  }))
+}

infra/integration-test/integration_test.tf

@@ -0,0 +1,10 @@
+locals {
+  pnpg_suffix = var.is_pnpg == true ? "-pnpg" : ""
+  project     = "selc-${var.env_short}"
+  env_url     = var.env_short == "p" ? "" : ".${var.env}"
+
+  container_app_environment_name = "${local.project}${local.pnpg_suffix}-${var.cae_name}"
+  ca_resource_group_name         = "${local.project}-container-app${var.suffix_increment}-rg"
+  monitor_rg_name                = "${local.project}-monitor-rg"
+  monitor_appinsights_name       = "${local.project}-appinsights"
+}

infra/integration-test/locals.tf

@@ -0,0 +1,33 @@
+terraform {
+  required_version = ">=1.6.0"
+
+  required_providers {
+    azuread = {
+      source  = "hashicorp/azuread"
+      version = "2.30.0"
+    }
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "<= 3.86.0"
+    }
+    github = {
+      source  = "integrations/github"
+      version = "5.18.3"
+    }
+  }
+
+  backend "azurerm" {}
+}
+
+provider "azurerm" {
+  features {}
+  skip_provider_registration = true
+}
+
+provider "github" {
+  owner = "pagopa"
+}
+
+data "azurerm_subscription" "current" {}
+
+data "azurerm_client_config" "current" {}

infra/integration-test/main.tf

@@ -0,0 +1,68 @@
+#!/bin/bash
+
+set -e
+
+action=$1
+env=$2
+shift 2
+other=$@
+# must be subscription in lower case
+subscription=""
+BACKEND_CONFIG_PATH="./env/${ENV}/backend.tfvars"
+
+if [ -z "$action" ]; then
+  echo "Missed action: init, apply, plan"
+  exit 0
+fi
+
+if [ -z "$env" ]; then
+  echo "env should be: dev, uat or prod."
+  exit 0
+fi
+
+source "./env/$env/backend.ini"
+
+az account set -s "${subscription}"
+
+# if using cygwin, we have to transcode the WORKDIR
+if [[ $WORKDIR == /cygdrive/* ]]; then
+  WORKDIR=$(cygpath -w $WORKDIR)
+fi
+
+if [ "$action" = "force-unlock" ]; then
+  echo "🧭 terraform INIT in env: ${env}"
+  terraform init -reconfigure -backend-config="./env/$env/backend.tfvars" $other
+  warn_message="You are about to unlock Terraform's remote state. 
+  This is a dangerous task you want to be aware of before going on.
+  This operation won't affect your infrastructure directly.
+  However, please note that you may lose pieces of information about partially-applied configurations.
+  Please refer to the official Terraform documentation about the command:
+  https://developer.hashicorp.com/terraform/cli/commands/force-unlock"
+  printf "\n\e[33m%s\e[0m\n\n" "$warn_message"
+
+  read -r -p "Please enter the LOCK ID: " lock_id
+  terraform force-unlock "$lock_id"
+
+  exit 0 # this line prevents the script to go on
+fi
+
+if echo "init plan apply refresh import output state taint destroy" | grep -w "$action" > /dev/null; then
+  if [ "$action" = "init" ]; then
+    echo "🧭 terraform INIT in env: ${env}"
+    terraform "$action" -reconfigure -backend-config="./env/$env/backend.tfvars" $other
+  elif [ "$action" = "output" ] || [ "$action" = "state" ] || [ "$action" = "taint" ]; then
+    # init terraform backend
+    echo "🧭 terraform (output|state|taint) launched with action: ${action} in env: ${env}"
+    terraform init -reconfigure -backend-config="./env/$env/backend.tfvars"
+    terraform "$action" $other
+  else
+    # init terraform backend
+    echo "🧭 terraform launched with action: ${action} in env: ${env}"
+
+    terraform init -reconfigure -backend-config="./env/$env/backend.tfvars"
+    terraform "$action" -var-file="./env/$env/terraform.tfvars" $other
+  fi
+else
+    echo "Action not allowed."
+    exit 1
+fi