Sync End-to-End tests #38
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Sync-End-to-End tests | |
| on: | |
| workflow_dispatch: | |
| # schedule: | |
| # - cron: '0 5 * * *' # run at 5 AM UTC | |
| jobs: | |
| sync-end-to-end-tests: | |
| name: Sync End to end Tests | |
| runs-on: macos-14-xlarge | |
| timeout-minutes: 60 | |
| steps: | |
| - name: Check out the code | |
| uses: actions/checkout@v3 | |
| with: | |
| submodules: recursive | |
| - name: Set cache key hash | |
| run: | | |
| has_only_tags=$(jq '[ .pins[].state | has("version") ] | all' DuckDuckGo.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved) | |
| if [[ "$has_only_tags" == "true" ]]; then | |
| echo "cache_key_hash=${{ hashFiles('DuckDuckGo.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved') }}" >> $GITHUB_ENV | |
| else | |
| echo "Package.resolved contains dependencies specified by branch or commit, skipping cache." | |
| fi | |
| - name: Cache SPM | |
| if: env.cache_key_hash | |
| uses: actions/cache@v3 | |
| with: | |
| path: DerivedData/SourcePackages | |
| key: ${{ runner.os }}-spm-${{ env.cache_key_hash }} | |
| restore-keys: | | |
| ${{ runner.os }}-spm- | |
| - name: Install Apple Developer ID Application certificate | |
| uses: ./.github/actions/install-certs-and-profiles | |
| with: | |
| BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }} | |
| P12_PASSWORD: ${{ secrets.P12_PASSWORD }} | |
| KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
| REVIEW_PROVISION_PROFILE_BASE64: ${{ secrets.REVIEW_PROVISION_PROFILE_BASE64 }} | |
| RELEASE_PROVISION_PROFILE_BASE64: ${{ secrets.RELEASE_PROVISION_PROFILE_BASE64 }} | |
| DBP_AGENT_RELEASE_PROVISION_PROFILE_BASE64: ${{ secrets.DBP_AGENT_RELEASE_PROVISION_PROFILE_BASE64 }} | |
| DBP_AGENT_REVIEW_PROVISION_PROFILE_BASE64: ${{ secrets.DBP_AGENT_REVIEW_PROVISION_PROFILE_BASE64 }} | |
| NETP_SYSEX_RELEASE_PROVISION_PROFILE_BASE64: ${{ secrets.NETP_SYSEX_RELEASE_PROVISION_PROFILE_BASE64_V2 }} | |
| NETP_SYSEX_REVIEW_PROVISION_PROFILE_BASE64: ${{ secrets.NETP_SYSEX_REVIEW_PROVISION_PROFILE_BASE64_V2 }} | |
| NETP_AGENT_RELEASE_PROVISION_PROFILE_BASE64: ${{ secrets.NETP_AGENT_RELEASE_PROVISION_PROFILE_BASE64_V2 }} | |
| NETP_AGENT_REVIEW_PROVISION_PROFILE_BASE64: ${{ secrets.NETP_AGENT_REVIEW_PROVISION_PROFILE_BASE64_V2 }} | |
| NETP_NOTIFICATIONS_RELEASE_PROVISION_PROFILE_BASE64: ${{ secrets.NETP_NOTIFICATIONS_RELEASE_PROVISION_PROFILE_BASE64 }} | |
| NETP_NOTIFICATIONS_REVIEW_PROVISION_PROFILE_BASE64: ${{ secrets.NETP_NOTIFICATIONS_REVIEW_PROVISION_PROFILE_BASE64 }} | |
| - name: Select Xcode | |
| run: sudo xcode-select -s /Applications/Xcode_$(<.xcode-version).app/Contents/Developer | |
| - name: Set up keychain | |
| env: | |
| KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
| run: | | |
| security create-keychain -p "$KEYCHAIN_PASSWORD" ui-tests.keychain | |
| security default-keychain -s ui-tests.keychain | |
| security unlock-keychain -p "$KEYCHAIN_PASSWORD" ui-tests.keychain | |
| - name: Create test account for Sync and return the recovery code | |
| uses: duckduckgo/sync_crypto/action@main | |
| id: sync-recovery-code | |
| with: | |
| debug: true | |
| - name: Build and run Sync e2e tests | |
| env: | |
| CODE: ${{ steps.sync-recovery-code.outputs.recovery-code }} | |
| run: | | |
| defaults write com.duckduckgo.macos.browser.review onboarding.finished -bool true | |
| defaults write com.duckduckgo.macos.browser.review moveToApplicationsFolderAlertSuppress 1 | |
| set -o pipefail && xcodebuild test \ | |
| -scheme "Sync End-to-End UI Tests" \ | |
| -configuration Review \ | |
| -derivedDataPath DerivedData \ | |
| -skipPackagePluginValidation \ | |
| | tee xcodebuild.log \ | |
| | xcbeautify --report junit --report-path . --junit-report-filename ui-tests.xml \ | |
| - name: Setup vnc | |
| if: always() | |
| env: | |
| NGROK_AUTH_TOKEN: ${{ secrets.NGROK_TOKEN }} | |
| VNC_USER_PASSWORD: ${{ secrets.VNC_USER_PASSWORD }} | |
| VNC_PASSWORD: ${{ secrets.VNC_PASSWORD }} | |
| run: | | |
| sudo mdutil -i off -a | |
| sudo dscl . -create /Users/vncuser | |
| sudo dscl . -create /Users/vncuser UserShell /bin/bash | |
| sudo dscl . -create /Users/vncuser RealName "VNC User" | |
| sudo dscl . -create /Users/vncuser UniqueID 1001 | |
| sudo dscl . -create /Users/vncuser PrimaryGroupID 80 | |
| sudo dscl . -create /Users/vncuser NFSHomeDirectory /Users/vncuser | |
| sudo dscl . -passwd /Users/vncuser ${{ env.VNC_USER_PASSWORD }} | |
| sudo dscl . -passwd /Users/vncuser ${{ env.VNC_USER_PASSWORD }} | |
| sudo createhomedir -c -u vncuser > /dev/null | |
| sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -allowAccessFor -allUsers -privs -all | |
| sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -clientopts -setvnclegacy -vnclegacy yes | |
| echo ${{ env.VNC_PASSWORD }} | perl -we 'BEGIN { @k = unpack "C*", pack "H*", "1734516E8BA8C5E2FF1C39567390ADCA"}; $_ = <>; chomp; s/^(.{8}).*/$1/; @p = unpack "C*", $_; foreach (@k) { printf "%02X", $_ ^ (shift @p || 0) }; print "\n"' | sudo tee /Library/Preferences/com.apple.VNCSettings.txt | |
| sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -restart -agent -console | |
| sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate | |
| brew install --cask ngrok | |
| ngrok authtoken ${{ env.NGROK_AUTH_TOKEN }} | |
| ngrok tcp 5900 & | |
| - name: NGROK URL | |
| if: always() | |
| run: curl --silent http://127.0.0.1:4040/api/tunnels | jq '.tunnels[0].public_url' | |
| - name: Setup tmate session | |
| if: always() | |
| uses: mxschmitt/action-tmate@v3 | |
| # - name: Create Asana task when workflow failed | |
| # if: ${{ failure() }} | |
| # run: | | |
| # curl -s "https://app.asana.com/api/1.0/tasks" \ | |
| # --header "Accept: application/json" \ | |
| # --header "Authorization: Bearer ${{ secrets.ASANA_ACCESS_TOKEN }}" \ | |
| # --header "Content-Type: application/json" \ | |
| # --data ' { "data": { "name": "GH Workflow Failure - Sync End to end tests", "projects": [ "${{ vars.MACOS_APP_DEVELOPMENT_ASANA_PROJECT_ID }}" ], "notes" : "The end to end workflow has failed. See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" } }' | |
| - name: Publish tests report | |
| uses: mikepenz/action-junit-report@v3 | |
| if: always() # always run even if the previous step fails | |
| with: | |
| check_name: "Test Report" | |
| report_paths: ui-tests.xml | |
| - name: Upload logs when workflow failed | |
| uses: actions/upload-artifact@v4 | |
| if: failure() | |
| with: | |
| name: BuildLogs | |
| path: | | |
| xcodebuild.log | |
| DerivedData/Logs/Test/*.xcresult | |
| ~/Library/Logs/DiagnosticReports/* | |
| retention-days: 7 |