From 49eea066f2cc25caa4212c065b42fbf24152aa59 Mon Sep 17 00:00:00 2001 From: Stuart Ferguson Date: Sat, 25 Apr 2026 09:18:58 +0100 Subject: [PATCH] Enable UI test jobs, update artifact paths, run as root Refactor GitHub Actions workflows to activate Chrome and Edge UI integration test jobs, update artifact upload paths to /home/runner/trace/, and add automatic issue creation on failures. Also, remove USER app from Dockerfile to run containers as root. --- .github/workflows/createrelease.yml | 7 +- .github/workflows/nightlybuild.yml | 258 ++++++++++++++-------------- .github/workflows/pullrequest.yml | 184 ++++++++++---------- SecurityService/Dockerfile | 1 - 4 files changed, 218 insertions(+), 232 deletions(-) diff --git a/.github/workflows/createrelease.yml b/.github/workflows/createrelease.yml index fa6544b6..1a4c5d2e 100644 --- a/.github/workflows/createrelease.yml +++ b/.github/workflows/createrelease.yml @@ -23,12 +23,7 @@ jobs: run: dotnet restore SecurityService.slnx --source ${{ secrets.PUBLICFEEDURL }} --source ${{ secrets.PRIVATEFEED_URL }} - name: Build Code - run: dotnet build SecurityService.slnx --configuration Release - - - name: Run Unit Tests - run: | - echo "ASPNETCORE_ENVIRONMENT are > ${ASPNETCORE_ENVIRONMENT}" - dotnet test "SecurityService.UnitTests\SecurityService.UnitTests.csproj" + run: dotnet build SecurityService.slnx --configuration Release - name: Publish Images to Docker Hub - Pre Release if: ${{ github.event.release.prerelease == true }} diff --git a/.github/workflows/nightlybuild.yml b/.github/workflows/nightlybuild.yml index 885bb6c0..06937878 100644 --- a/.github/workflows/nightlybuild.yml +++ b/.github/workflows/nightlybuild.yml @@ -63,10 +63,9 @@ jobs: dotnet test "SecurityService.IntegrationTests\SecurityService.IntegrationTests.csproj" --filter Category=PRTest - uses: actions/upload-artifact@v4.4.0 - if: ${{ failure() }} with: name: nonuilogs - path: /home/txnproc/trace/ + path: /home/runner/trace/ - name: Create Issue on Failed workflow if: ${{ failure() }} @@ -131,10 +130,9 @@ jobs: dotnet test "SecurityService.OpenIdConnect.IntegrationTests\SecurityService.OpenIdConnect.IntegrationTests.csproj" --filter Category=PRTest - uses: actions/upload-artifact@v4.4.0 - if: ${{ failure() }} with: name: firefoxlogs - path: /home/txnproc/trace/ + path: /home/runner/trace/ - uses: dacbd/create-issue-action@main if: ${{ failure() }} @@ -145,145 +143,143 @@ jobs: labels: nightlybuild body: Url is ${{env.action_url}} - # buildchromeui: - # name: "Nightly Build - Chrome UI" - # env: - # ASPNETCORE_ENVIRONMENT: "Production" + buildchromeui: + name: "Nightly Build - Chrome UI" + env: + ASPNETCORE_ENVIRONMENT: "Production" - # runs-on: ubuntu-latest + runs-on: ubuntu-latest - # steps: - # - uses: actions/checkout@v2.3.4 + steps: + - uses: actions/checkout@v2.3.4 - # - name: Set Up Variables - # run: echo "action_url=$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" >> $GITHUB_ENV + - name: Set Up Variables + run: echo "action_url=$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" >> $GITHUB_ENV - # - name: Trust Root Certificate - # run: | - # certPath="$GITHUB_WORKSPACE/Certificates/aspnetapp-root-cert.pfx" - # password="password" - - # openssl pkcs12 -in "$certPath" -out temp.pem -nodes -password "pass:$password" - # sudo cp temp.pem /usr/local/share/ca-certificates/aspnetapp-root-cert.crt - # sudo update-ca-certificates - - # - name: Trust Certificate - # run: | - # certPath="$GITHUB_WORKSPACE/Certificates/aspnetapp-web-api.pfx" - # password="password" - - # openssl pkcs12 -in "$certPath" -out temp.pem -nodes -password "pass:$password" - # sudo cp temp.pem /usr/local/share/ca-certificates/aspnetapp-web-api.crt - # sudo update-ca-certificates + - name: Trust Root Certificate + run: | + certPath="$GITHUB_WORKSPACE/Certificates/aspnetapp-root-cert.pfx" + password="password" + + openssl pkcs12 -in "$certPath" -out temp.pem -nodes -password "pass:$password" + sudo cp temp.pem /usr/local/share/ca-certificates/aspnetapp-root-cert.crt + sudo update-ca-certificates + + - name: Trust Certificate + run: | + certPath="$GITHUB_WORKSPACE/Certificates/aspnetapp-web-api.pfx" + password="password" + + openssl pkcs12 -in "$certPath" -out temp.pem -nodes -password "pass:$password" + sudo cp temp.pem /usr/local/share/ca-certificates/aspnetapp-web-api.crt + sudo update-ca-certificates - # - name: Install NET 9 - # uses: actions/setup-dotnet@v4.0.1 - # with: - # dotnet-version: '9.0.x' + - name: Install NET 9 + uses: actions/setup-dotnet@v4.0.1 + with: + dotnet-version: '9.0.x' - # - name: Restore Nuget Packages - # run: dotnet restore SecurityService.sln --source ${{ secrets.PUBLICFEEDURL }} --source ${{ secrets.PRIVATEFEED_URL }} + - name: Restore Nuget Packages + run: dotnet restore SecurityService.sln --source ${{ secrets.PUBLICFEEDURL }} --source ${{ secrets.PRIVATEFEED_URL }} - # - name: Build Code - # run: dotnet build SecurityService.sln --configuration Release + - name: Build Code + run: dotnet build SecurityService.sln --configuration Release - # - name: Run Unit Tests - # run: | - # echo "ASPNETCORE_ENVIRONMENT are > ${ASPNETCORE_ENVIRONMENT}" - # dotnet test "SecurityService.UnitTests\SecurityService.UnitTests.csproj" /p:ExcludeByFile="\SecurityService\Views\**\*.cshtml" /p:CollectCoverage=true /p:Exclude="[xunit*]*" /p:ExcludeByAttribute="Obsolete" /p:ExcludeByAttribute="GeneratedCodeAttribute" /p:ExcludeByAttribute="CompilerGeneratedAttribute" /p:ExcludeByAttribute="ExcludeFromCodeCoverageAttribute" /p:CoverletOutput="../lcov1.info" /maxcpucount:1 /p:CoverletOutputFormat="lcov" + - name: Run Unit Tests + run: | + echo "ASPNETCORE_ENVIRONMENT are > ${ASPNETCORE_ENVIRONMENT}" + dotnet test "SecurityService.UnitTests\SecurityService.UnitTests.csproj" /p:ExcludeByFile="\SecurityService\Views\**\*.cshtml" /p:CollectCoverage=true /p:Exclude="[xunit*]*" /p:ExcludeByAttribute="Obsolete" /p:ExcludeByAttribute="GeneratedCodeAttribute" /p:ExcludeByAttribute="CompilerGeneratedAttribute" /p:ExcludeByAttribute="ExcludeFromCodeCoverageAttribute" /p:CoverletOutput="../lcov1.info" /maxcpucount:1 /p:CoverletOutputFormat="lcov" - # - name: Build Docker Images - # run: | - # docker build . --file SecurityService/Dockerfile --tag securityservice:latest - # docker build . --file SecurityServiceTestUI/Dockerfile --tag securityservicetestui:latest - - # - name: Run Integration Tests (UI Chrome) - # env: - # Browser: Chrome - # run: | - # dotnet test "SecurityService.OpenIdConnect.IntegrationTests\SecurityService.OpenIdConnect.IntegrationTests.csproj" --filter Category=PRTest - - # - uses: actions/upload-artifact@v4.4.0 - # if: ${{ failure() }} - # with: - # name: chromelogs - # path: /home/txnproc/trace/ + - name: Build Docker Images + run: | + docker build . --file SecurityService/Dockerfile --tag securityservice:latest + docker build . --file SecurityServiceTestUI/Dockerfile --tag securityservicetestui:latest + + - name: Run Integration Tests (UI Chrome) + env: + Browser: Chrome + run: | + dotnet test "SecurityService.OpenIdConnect.IntegrationTests\SecurityService.OpenIdConnect.IntegrationTests.csproj" --filter Category=PRTest + + - uses: actions/upload-artifact@v4.4.0 + with: + name: chromelogs + path: /home/runner/trace/ - # - uses: dacbd/create-issue-action@main - # if: ${{ failure() }} - # name: Create an issue on build failure - # with: - # title: Investigate Nightly Build Failure - Chrome UI - # token: ${{secrets.GITHUB_TOKEN}} - # labels: nightlybuild - # body: Url is ${{env.action_url}} - - # buildedgeui: - # name: "Nightly Build - Edge UI" - # env: - # ASPNETCORE_ENVIRONMENT: "Production" - - # runs-on: ubuntu-latest - - # steps: - # - uses: actions/checkout@v2.3.4 - - # - name: Set Up Variables - # run: echo "action_url=$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" >> $GITHUB_ENV + - uses: dacbd/create-issue-action@main + if: ${{ failure() }} + name: Create an issue on build failure + with: + title: Investigate Nightly Build Failure - Chrome UI + token: ${{secrets.GITHUB_TOKEN}} + labels: nightlybuild + body: Url is ${{env.action_url}} + + buildedgeui: + name: "Nightly Build - Edge UI" + env: + ASPNETCORE_ENVIRONMENT: "Production" + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2.3.4 + + - name: Set Up Variables + run: echo "action_url=$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" >> $GITHUB_ENV - # - name: Trust Root Certificate - # run: | - # certPath="$GITHUB_WORKSPACE/Certificates/aspnetapp-root-cert.pfx" - # password="password" - - # openssl pkcs12 -in "$certPath" -out temp.pem -nodes -password "pass:$password" - # sudo cp temp.pem /usr/local/share/ca-certificates/aspnetapp-root-cert.crt - # sudo update-ca-certificates - - # - name: Trust Certificate - # run: | - # certPath="$GITHUB_WORKSPACE/Certificates/aspnetapp-web-api.pfx" - # password="password" - - # openssl pkcs12 -in "$certPath" -out temp.pem -nodes -password "pass:$password" - # sudo cp temp.pem /usr/local/share/ca-certificates/aspnetapp-web-api.crt - # sudo update-ca-certificates + - name: Trust Root Certificate + run: | + certPath="$GITHUB_WORKSPACE/Certificates/aspnetapp-root-cert.pfx" + password="password" + + openssl pkcs12 -in "$certPath" -out temp.pem -nodes -password "pass:$password" + sudo cp temp.pem /usr/local/share/ca-certificates/aspnetapp-root-cert.crt + sudo update-ca-certificates + + - name: Trust Certificate + run: | + certPath="$GITHUB_WORKSPACE/Certificates/aspnetapp-web-api.pfx" + password="password" + + openssl pkcs12 -in "$certPath" -out temp.pem -nodes -password "pass:$password" + sudo cp temp.pem /usr/local/share/ca-certificates/aspnetapp-web-api.crt + sudo update-ca-certificates - # - name: Install NET 9 - # uses: actions/setup-dotnet@v4.0.1 - # with: - # dotnet-version: '9.0.x' + - name: Install NET 9 + uses: actions/setup-dotnet@v4.0.1 + with: + dotnet-version: '9.0.x' - # - name: Restore Nuget Packages - # run: dotnet restore SecurityService.sln --source ${{ secrets.PUBLICFEEDURL }} --source ${{ secrets.PRIVATEFEED_URL }} + - name: Restore Nuget Packages + run: dotnet restore SecurityService.sln --source ${{ secrets.PUBLICFEEDURL }} --source ${{ secrets.PRIVATEFEED_URL }} - # - name: Build Code - # run: dotnet build SecurityService.sln --configuration Release + - name: Build Code + run: dotnet build SecurityService.sln --configuration Release - # - name: Build Docker Images - # run: | - # docker build . --file SecurityService/Dockerfile --tag securityservice:latest - # docker build . --file SecurityServiceTestUI/Dockerfile --tag securityservicetestui:latest - - # - name: Run Integration Tests (UI Edge) - # env: - # Browser: Edge - # DriverPath: C:\\SeleniumWebDrivers\\EdgeDriver\\ - # DriverExe: msedgedriver.exe - # run: | - # dotnet test "SecurityService.OpenIdConnect.IntegrationTests\SecurityService.OpenIdConnect.IntegrationTests.csproj" --filter Category=PRTest - - # - uses: actions/upload-artifact@v4.4.0 - # if: ${{ failure() }} - # with: - # name: edgelogs - # path: /home/txnproc/trace/ - - # - uses: dacbd/create-issue-action@main - # if: ${{ failure() }} - # name: Create an issue on build failure - # with: - # title: Investigate Nightly Build Failure - Edge UI - # token: ${{secrets.GITHUB_TOKEN}} - # labels: nightlybuild - # body: Url is ${{env.action_url}} + - name: Build Docker Images + run: | + docker build . --file SecurityService/Dockerfile --tag securityservice:latest + docker build . --file SecurityServiceTestUI/Dockerfile --tag securityservicetestui:latest + + - name: Run Integration Tests (UI Edge) + env: + Browser: Edge + DriverPath: C:\\SeleniumWebDrivers\\EdgeDriver\\ + DriverExe: msedgedriver.exe + run: | + dotnet test "SecurityService.OpenIdConnect.IntegrationTests\SecurityService.OpenIdConnect.IntegrationTests.csproj" --filter Category=PRTest + + - uses: actions/upload-artifact@v4.4.0 + with: + name: edgelogs + path: /home/runner/trace/ + + - uses: dacbd/create-issue-action@main + if: ${{ failure() }} + name: Create an issue on build failure + with: + title: Investigate Nightly Build Failure - Edge UI + token: ${{secrets.GITHUB_TOKEN}} + labels: nightlybuild + body: Url is ${{env.action_url}} diff --git a/.github/workflows/pullrequest.yml b/.github/workflows/pullrequest.yml index 622de2b9..a6aeecec 100644 --- a/.github/workflows/pullrequest.yml +++ b/.github/workflows/pullrequest.yml @@ -55,10 +55,9 @@ jobs: dotnet test "SecurityService.IntegrationTests\SecurityService.IntegrationTests.csproj" --filter Category=PRTest --configuration Release --no-build --verbosity normal --logger "trx;LogFileName=nonui-test-results.trx" - uses: actions/upload-artifact@v4 - if: ${{ failure() }} with: name: nonuilogs - path: /home/txnproc/trace/ + path: /home/runner/trace/ - name: Publish test results uses: dorny/test-reporter@v1 @@ -123,10 +122,9 @@ jobs: dotnet test "SecurityService.OpenIdConnect.IntegrationTests\SecurityService.OpenIdConnect.IntegrationTests.csproj" --filter Category=PRTest --configuration Release --no-build --verbosity normal --logger "trx;LogFileName=firefoxui-test-results.trx" - uses: actions/upload-artifact@v4 - if: ${{ failure() }} with: name: firefoxlogs - path: /home/txnproc/trace/ + path: /home/runner/trace/ - name: Publish test results uses: dorny/test-reporter@v1 @@ -145,117 +143,115 @@ jobs: path: '**/TestResults/*.trx' retention-days: 30 - # buildchromeui: - # name: "Build and Unit Test Pull Requests - Chrome UI" - # env: - # ASPNETCORE_ENVIRONMENT: "Production" + buildchromeui: + name: "Build and Unit Test Pull Requests - Chrome UI" + env: + ASPNETCORE_ENVIRONMENT: "Production" - # runs-on: ubuntu-latest + runs-on: ubuntu-latest - # steps: - # - uses: actions/checkout@v2.3.4 + steps: + - uses: actions/checkout@v2.3.4 - # - name: Trust Root Certificate - # run: | - # certPath="$GITHUB_WORKSPACE/Certificates/aspnetapp-root-cert.pfx" - # password="password" + - name: Trust Root Certificate + run: | + certPath="$GITHUB_WORKSPACE/Certificates/aspnetapp-root-cert.pfx" + password="password" - # openssl pkcs12 -in "$certPath" -out temp.pem -nodes -password "pass:$password" - # sudo cp temp.pem /usr/local/share/ca-certificates/aspnetapp-root-cert.crt - # sudo update-ca-certificates + openssl pkcs12 -in "$certPath" -out temp.pem -nodes -password "pass:$password" + sudo cp temp.pem /usr/local/share/ca-certificates/aspnetapp-root-cert.crt + sudo update-ca-certificates - # - name: Trust Certificate - # run: | - # certPath="$GITHUB_WORKSPACE/Certificates/aspnetapp-web-api.pfx" - # password="password" + - name: Trust Certificate + run: | + certPath="$GITHUB_WORKSPACE/Certificates/aspnetapp-web-api.pfx" + password="password" - # openssl pkcs12 -in "$certPath" -out temp.pem -nodes -password "pass:$password" - # sudo cp temp.pem /usr/local/share/ca-certificates/aspnetapp-web-api.crt - # sudo update-ca-certificates + openssl pkcs12 -in "$certPath" -out temp.pem -nodes -password "pass:$password" + sudo cp temp.pem /usr/local/share/ca-certificates/aspnetapp-web-api.crt + sudo update-ca-certificates - # - name: Install NET 9 - # uses: actions/setup-dotnet@v4.0.1 - # with: - # dotnet-version: '9.0.x' + - name: Install NET 9 + uses: actions/setup-dotnet@v4.0.1 + with: + dotnet-version: '9.0.x' - # - name: Restore Nuget Packages - # run: dotnet restore SecurityService.sln --source ${{ secrets.PUBLICFEEDURL }} --source ${{ secrets.PRIVATEFEED_URL }} + - name: Restore Nuget Packages + run: dotnet restore SecurityService.sln --source ${{ secrets.PUBLICFEEDURL }} --source ${{ secrets.PRIVATEFEED_URL }} - # - name: Build Code - # run: dotnet build SecurityService.sln --configuration Release + - name: Build Code + run: dotnet build SecurityService.sln --configuration Release - # - name: Build Docker Images - # run: | - # docker build . --file SecurityService/Dockerfile --tag securityservice:latest - # docker build . --file SecurityServiceTestUI/Dockerfile --tag securityservicetestui:latest + - name: Build Docker Images + run: | + docker build . --file SecurityService/Dockerfile --tag securityservice:latest + docker build . --file SecurityServiceTestUI/Dockerfile --tag securityservicetestui:latest - # - name: Run Integration Tests (UI Chrome) - # env: - # Browser: Chrome - # run: | - # dotnet test "SecurityService.OpenIdConnect.IntegrationTests\SecurityService.OpenIdConnect.IntegrationTests.csproj" --filter Category=PRTest + - name: Run Integration Tests (UI Chrome) + env: + Browser: Chrome + run: | + dotnet test "SecurityService.OpenIdConnect.IntegrationTests\SecurityService.OpenIdConnect.IntegrationTests.csproj" --filter Category=PRTest - # - uses: actions/upload-artifact@v4 - # if: ${{ failure() }} - # with: - # name: chromelogs - # path: /home/txnproc/trace/ + - uses: actions/upload-artifact@v4 + with: + name: chromelogs + path: /home/runner/trace/ - # buildedgeui: - # name: "Build and Unit Test Pull Requests - Edge UI" - # env: - # ASPNETCORE_ENVIRONMENT: "Production" + buildedgeui: + name: "Build and Unit Test Pull Requests - Edge UI" + env: + ASPNETCORE_ENVIRONMENT: "Production" - # runs-on: ubuntu-latest + runs-on: ubuntu-latest - # steps: - # - uses: actions/checkout@v2.3.4 + steps: + - uses: actions/checkout@v2.3.4 - # - name: Trust Root Certificate - # run: | - # certPath="$GITHUB_WORKSPACE/Certificates/aspnetapp-root-cert.pfx" - # password="password" + - name: Trust Root Certificate + run: | + certPath="$GITHUB_WORKSPACE/Certificates/aspnetapp-root-cert.pfx" + password="password" - # openssl pkcs12 -in "$certPath" -out temp.pem -nodes -password "pass:$password" - # sudo cp temp.pem /usr/local/share/ca-certificates/aspnetapp-root-cert.crt - # sudo update-ca-certificates + openssl pkcs12 -in "$certPath" -out temp.pem -nodes -password "pass:$password" + sudo cp temp.pem /usr/local/share/ca-certificates/aspnetapp-root-cert.crt + sudo update-ca-certificates - # - name: Trust Certificate - # run: | - # certPath="$GITHUB_WORKSPACE/Certificates/aspnetapp-web-api.pfx" - # password="password" + - name: Trust Certificate + run: | + certPath="$GITHUB_WORKSPACE/Certificates/aspnetapp-web-api.pfx" + password="password" - # openssl pkcs12 -in "$certPath" -out temp.pem -nodes -password "pass:$password" - # sudo cp temp.pem /usr/local/share/ca-certificates/aspnetapp-web-api.crt - # sudo update-ca-certificates + openssl pkcs12 -in "$certPath" -out temp.pem -nodes -password "pass:$password" + sudo cp temp.pem /usr/local/share/ca-certificates/aspnetapp-web-api.crt + sudo update-ca-certificates - # - name: Install NET 9 - # uses: actions/setup-dotnet@v4.0.1 - # with: - # dotnet-version: '9.0.x' + - name: Install NET 9 + uses: actions/setup-dotnet@v4.0.1 + with: + dotnet-version: '9.0.x' - # - name: Restore Nuget Packages - # run: dotnet restore SecurityService.sln --source ${{ secrets.PUBLICFEEDURL }} --source ${{ secrets.PRIVATEFEED_URL }} + - name: Restore Nuget Packages + run: dotnet restore SecurityService.sln --source ${{ secrets.PUBLICFEEDURL }} --source ${{ secrets.PRIVATEFEED_URL }} - # - name: Build Code - # run: dotnet build SecurityService.sln --configuration Release + - name: Build Code + run: dotnet build SecurityService.sln --configuration Release - # - name: Build Docker Images - # run: | - # docker build . --file SecurityService/Dockerfile --tag securityservice:latest - # docker build . --file SecurityServiceTestUI/Dockerfile --tag securityservicetestui:latest - - # - name: Run Integration Tests (UI Edge) - # env: - # Browser: Edge - # DriverPath: C:\\SeleniumWebDrivers\\EdgeDriver\\ - # DriverExe: msedgedriver.exe - # run: | - # dotnet test "SecurityService.OpenIdConnect.IntegrationTests\SecurityService.OpenIdConnect.IntegrationTests.csproj" --filter Category=PRTest - - # - uses: actions/upload-artifact@v4 - # if: ${{ failure() }} - # with: - # name: edgelogs - # path: /home/txnproc/trace/ + - name: Build Docker Images + run: | + docker build . --file SecurityService/Dockerfile --tag securityservice:latest + docker build . --file SecurityServiceTestUI/Dockerfile --tag securityservicetestui:latest + + - name: Run Integration Tests (UI Edge) + env: + Browser: Edge + DriverPath: C:\\SeleniumWebDrivers\\EdgeDriver\\ + DriverExe: msedgedriver.exe + run: | + dotnet test "SecurityService.OpenIdConnect.IntegrationTests\SecurityService.OpenIdConnect.IntegrationTests.csproj" --filter Category=PRTest + + - uses: actions/upload-artifact@v4 + with: + name: edgelogs + path: /home/runner/trace/ diff --git a/SecurityService/Dockerfile b/SecurityService/Dockerfile index 8a7b4345..b8a823ed 100644 --- a/SecurityService/Dockerfile +++ b/SecurityService/Dockerfile @@ -33,5 +33,4 @@ RUN dotnet publish "SecurityService.csproj" -c Release -o /app FROM base AS final WORKDIR /app COPY --from=publish /app . -USER app ENTRYPOINT ["dotnet", "SecurityService.dll"]