Add E2E test

Azure · Sep 18, 2024 · 4724139 · 4724139
1 parent 61ef043
commit 4724139
Show file tree

Hide file tree

Showing 3 changed files with 66 additions and 7 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -41,19 +41,35 @@ jobs:
         run: npm run test
 
   test-action:
-    if: false # disabled until we're ready to add live e2e testing
     name: GitHub Actions Test
-    runs-on: ubuntu-latest
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os:
+          - windows-latest
+          - ubuntu-latest
+          - macos-latest
 
     steps:
       - name: Checkout
         id: checkout
         uses: actions/checkout@v4
 
+      - uses: azure/login@v1
+        with:
+          client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+
       - name: Test Local Action
         id: test-action
         uses: ./
-
-      - name: Print Output
-        id: output
-        run: echo "${{ steps.test-action.outputs.time }}"
+        with:
+          type: deployment
+          operation: create
+          name: azure-deploy-ci-${{ matrix.os }}
+          scope: resourcegroup
+          subscriptionId: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          resourceGroupName: azure-deploy-ci
+          parametersFile: test/files/basic/main.bicepparam
diff --git a/scripts/initial_setup.sh b/scripts/initial_setup.sh
@@ -0,0 +1,43 @@
+#!/bin/bash
+set -e
+
+# This script creates the necessary registry infrastructure and configures GitHub OpenID Connect for this repo
+usage="Usage: ./initial_setup.sh <tenantId> <subscriptionId>"
+tenantId=${1:?"Missing tenantId. ${usage}"}
+subId=${2:?"Missing subscriptionId. ${usage}"}
+
+repoOwner="Azure"
+repoName="deploy"
+rgName="azure-deploy-ci"
+rgLocation="East US 2"
+
+az account set -n "$subId"
+az group create \
+  --location "$rgLocation" \
+  --name "$rgName" >/dev/null
+
+appCreate=$(az ad app create --display-name $rgName)
+appId=$(echo $appCreate | jq -r '.appId')
+
+if [[ -z $(az ad sp show --id $appId 2>/dev/null) ]]; then
+  az ad sp create --id $appId >/dev/null
+fi
+
+spId=$(az ad sp show --id $appId --query id --output tsv)
+az role assignment create \
+  --role owner \
+  --subscription $subId \
+  --assignee-object-id $spId \
+  --assignee-principal-type ServicePrincipal \
+  --scope /subscriptions/$subId/resourceGroups/$rgName >/dev/null
+
+repoSubject="repo:$repoOwner/$repoName:ref:refs/heads/main"
+if [[ -z $(az ad app federated-credential show --id $appId --federated-credential-id $repoName 2>/dev/null) ]]; then
+  az ad app federated-credential create \
+    --id $appId \
+    --parameters '{"name":"'$repoName'","issuer":"https://token.actions.githubusercontent.com","subject":"'$repoSubject'","description":"GitHub OIDC Connection","audiences":["api://AzureADTokenExchange"]}' >/dev/null
+fi
+
+gh -R $repoOwner/$repoName secret set AZURE_CLIENT_ID --body $appId
+gh -R $repoOwner/$repoName secret set AZURE_SUBSCRIPTION_ID --body $subId
+gh -R $repoOwner/$repoName secret set AZURE_TENANT_ID --body $tenantId
diff --git a/script/release.sh → scripts/release.sh b/script/release.sh → scripts/release.sh
@@ -27,7 +27,7 @@ set -e
 #
 # Usage:
 #
-# script/release.sh
+# scripts/release.sh
 
 # Variables
 semver_tag_regex='v[0-9]+\.[0-9]+\.[0-9]+$'