github.com/mendersoftware/integration-test-runner
By default all repositories from the configured GitHub organization are synced with GitLab. To select a subset of repositories to sync, set SYNC_REPOS_LIST env variable with a comma separated list of repositories.
For all repositories in the organization, a pr_XXX branch will be created in GitLab for every pull/XXX PR from GitHub.
Currently the following GitHub events are processed:
pull_request: enabled by default, DISABLE_PR_EVENTS_PROCESSING disables the processingpush: enabled by default, DISABLE_PUSH_EVENTS_PROCESSING disables the processingissue_comment: enabled by default, DISABLE_COMMENT_EVENTS_PROCESSING disables the processingIt's currently hosted on company-websites GKE Kubernetes cluster.
github/org/project-x issues a Github Webhook (configured to call the website k8s cluster)mender-test-runner configured on the K8s cluster (currently three deployments: test-runner-mender-io, repos-sync-cfengine-com, repos-sync-northerntechhq-com)mender-test-runner container get the Org from the webhook and run a sync github/org/project-x -> gitlab/northern.tech/group/project-x // Mapping https://github.com/<org> -> https://gitlab.com/Northern.tech/<group>
var gitHubOrganizationToGitLabGroup = map[string]string{
"mendersoftware": "Mender",
"cfengine": "CFEngine",
"NorthernTechHQ": "NorthernTechHQ",
}
https://repos-sync.northern.tech/)application/x-www-form-urlencodedGITHUB_SECRET on the K8s secret for the pod
which is usually stored on Mystiko alongmender/saas/k8s/gke which contains:
GITHUB_TOKEN: the mender-test-bot user PAT for GithubGITHUB_SECRET: the secret from the Webhook, like aboveGITLAB_TOKEN: the mender-test-bot user PAT for Gitlabid_rsa and id_rsa.pub: SSH keys for the mender-test-bot user - host: repos-sync.northern.tech
http:
paths:
- backend:
service:
name: repos-sync-northerntechhq-com
port:
number: 8086
pathType: ImplementationSpecific
Commits to the master branch trigger a sync with the sre-tools repository, committing the new Docker image's SHA256 to the file kubernetes/mender-test-runner/test-runner-deployment.yaml. This, in turn, triggers a new application of the Kubernetes manifest files to the cluster.
Kubernetes Engine Developer, Kubernetes Engine Service Agent and Viewerbase64 /path/to/saved-key.json | tr -d \\nGCLOUD_SERVICE_KEY variable where value is the hashApply secret from mystico:
$ pass mender/saas/k8s/gke/secret-test-runner-mender-io.yaml | kubectl apply -f -
From the sre-tools repository:
$ kubectl apply -Rf kubernetes/mender-test-runner/
We have a set of acceptance tests that run with recorded payloads from GitHub webhooks and check
the exact output of the integration-test-runner. The intention for changes in our CI infra
(namely, integration repository) do not go unnoticed.
The expected output of the tool is saved as golden files using a Pytest plugin for it. When changes are made that need update, you can automatically update the files with:
make acceptance-testing-build
make acceptance-testing-up
make acceptance-testing-update-golden-files
After that review the changes, commit, and submit them into a PR.
Also note that GITHUB_TOKEN and GITLAB_TOKEN env variables are required to run these tests.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s Threat Research Team has uncovered 60 npm packages using post-install scripts to silently exfiltrate hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled endpoint.
Security News
TypeScript Native Previews offers a 10x faster Go-based compiler, now available on npm for public testing with early editor and language support.
Research
Security News
Malicious npm packages targeting React, Vue, Vite, Node.js, and Quill remained undetected for two years while deploying destructive payloads.