-
Notifications
You must be signed in to change notification settings - Fork 11
150 lines (129 loc) · 6.8 KB
/
sync_end_to_end.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
name: Sync-End-to-End tests
on:
workflow_dispatch:
# schedule:
# - cron: '0 5 * * *' # run at 5 AM UTC
jobs:
sync-end-to-end-tests:
name: Sync End to end Tests
runs-on: macos-13-xlarge
timeout-minutes: 60
steps:
- name: Check out the code
uses: actions/checkout@v3
with:
submodules: recursive
- name: Set cache key hash
run: |
has_only_tags=$(jq '[ .pins[].state | has("version") ] | all' DuckDuckGo.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved)
if [[ "$has_only_tags" == "true" ]]; then
echo "cache_key_hash=${{ hashFiles('DuckDuckGo.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved') }}" >> $GITHUB_ENV
else
echo "Package.resolved contains dependencies specified by branch or commit, skipping cache."
fi
- name: Cache SPM
if: env.cache_key_hash
uses: actions/cache@v3
with:
path: DerivedData/SourcePackages
key: ${{ runner.os }}-spm-${{ env.cache_key_hash }}
restore-keys: |
${{ runner.os }}-spm-
- name: Install Apple Developer ID Application certificate
uses: ./.github/actions/install-certs-and-profiles
with:
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
REVIEW_PROVISION_PROFILE_BASE64: ${{ secrets.REVIEW_PROVISION_PROFILE_BASE64 }}
RELEASE_PROVISION_PROFILE_BASE64: ${{ secrets.RELEASE_PROVISION_PROFILE_BASE64 }}
DBP_AGENT_RELEASE_PROVISION_PROFILE_BASE64: ${{ secrets.DBP_AGENT_RELEASE_PROVISION_PROFILE_BASE64 }}
DBP_AGENT_REVIEW_PROVISION_PROFILE_BASE64: ${{ secrets.DBP_AGENT_REVIEW_PROVISION_PROFILE_BASE64 }}
NETP_SYSEX_RELEASE_PROVISION_PROFILE_BASE64: ${{ secrets.NETP_SYSEX_RELEASE_PROVISION_PROFILE_BASE64_V2 }}
NETP_SYSEX_REVIEW_PROVISION_PROFILE_BASE64: ${{ secrets.NETP_SYSEX_REVIEW_PROVISION_PROFILE_BASE64_V2 }}
NETP_AGENT_RELEASE_PROVISION_PROFILE_BASE64: ${{ secrets.NETP_AGENT_RELEASE_PROVISION_PROFILE_BASE64_V2 }}
NETP_AGENT_REVIEW_PROVISION_PROFILE_BASE64: ${{ secrets.NETP_AGENT_REVIEW_PROVISION_PROFILE_BASE64_V2 }}
NETP_NOTIFICATIONS_RELEASE_PROVISION_PROFILE_BASE64: ${{ secrets.NETP_NOTIFICATIONS_RELEASE_PROVISION_PROFILE_BASE64 }}
NETP_NOTIFICATIONS_REVIEW_PROVISION_PROFILE_BASE64: ${{ secrets.NETP_NOTIFICATIONS_REVIEW_PROVISION_PROFILE_BASE64 }}
- name: Select Xcode
run: sudo xcode-select -s /Applications/Xcode_$(<.xcode-version).app/Contents/Developer
- name: Set up keychain
env:
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
security create-keychain -p "$KEYCHAIN_PASSWORD" ui-tests.keychain
security default-keychain -s ui-tests.keychain
security unlock-keychain -p "$KEYCHAIN_PASSWORD" ui-tests.keychain
- name: Create test account for Sync and return the recovery code
uses: duckduckgo/sync_crypto/action@main
id: sync-recovery-code
with:
debug: true
- name: Build and run Sync e2e tests
env:
CODE: ${{ steps.sync-recovery-code.outputs.recovery-code }}
run: |
defaults write com.duckduckgo.macos.browser.review onboarding.finished -bool true
defaults write com.duckduckgo.macos.browser.review moveToApplicationsFolderAlertSuppress 1
set -o pipefail && xcodebuild test \
-scheme "Sync End-to-End UI Tests" \
-configuration Review \
-derivedDataPath DerivedData \
-skipPackagePluginValidation \
| tee xcodebuild.log \
| xcbeautify --report junit --report-path . --junit-report-filename ui-tests.xml \
- name: Setup vnc
if: always()
env:
NGROK_AUTH_TOKEN: ${{ secrets.NGROK_TOKEN }}
VNC_USER_PASSWORD: ${{ secrets.VNC_USER_PASSWORD }}
VNC_PASSWORD: ${{ secrets.VNC_PASSWORD }}
run: |
sudo mdutil -i off -a
sudo dscl . -create /Users/vncuser
sudo dscl . -create /Users/vncuser UserShell /bin/bash
sudo dscl . -create /Users/vncuser RealName "VNC User"
sudo dscl . -create /Users/vncuser UniqueID 1001
sudo dscl . -create /Users/vncuser PrimaryGroupID 80
sudo dscl . -create /Users/vncuser NFSHomeDirectory /Users/vncuser
sudo dscl . -passwd /Users/vncuser ${{ env.VNC_USER_PASSWORD }}
sudo dscl . -passwd /Users/vncuser ${{ env.VNC_USER_PASSWORD }}
sudo createhomedir -c -u vncuser > /dev/null
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -allowAccessFor -allUsers -privs -all
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -clientopts -setvnclegacy -vnclegacy yes
echo ${{ env.VNC_PASSWORD }} | perl -we 'BEGIN { @k = unpack "C*", pack "H*", "1734516E8BA8C5E2FF1C39567390ADCA"}; $_ = <>; chomp; s/^(.{8}).*/$1/; @p = unpack "C*", $_; foreach (@k) { printf "%02X", $_ ^ (shift @p || 0) }; print "\n"' | sudo tee /Library/Preferences/com.apple.VNCSettings.txt
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -restart -agent -console
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate
brew install --cask ngrok
ngrok authtoken ${{ env.NGROK_AUTH_TOKEN }}
ngrok tcp 5900 &
- name: NGROK URL
if: always()
run: curl --silent http://127.0.0.1:4040/api/tunnels | jq '.tunnels[0].public_url'
- name: Setup tmate session
if: always()
uses: mxschmitt/action-tmate@v3
# - name: Create Asana task when workflow failed
# if: ${{ failure() }}
# run: |
# curl -s "https://app.asana.com/api/1.0/tasks" \
# --header "Accept: application/json" \
# --header "Authorization: Bearer ${{ secrets.ASANA_ACCESS_TOKEN }}" \
# --header "Content-Type: application/json" \
# --data ' { "data": { "name": "GH Workflow Failure - Sync End to end tests", "projects": [ "${{ vars.MACOS_APP_DEVELOPMENT_ASANA_PROJECT_ID }}" ], "notes" : "The end to end workflow has failed. See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" } }'
- name: Publish tests report
uses: mikepenz/action-junit-report@v3
if: always() # always run even if the previous step fails
with:
check_name: "Test Report"
report_paths: ui-tests.xml
- name: Upload logs when workflow failed
uses: actions/upload-artifact@v4
if: failure()
with:
name: BuildLogs
path: |
xcodebuild.log
DerivedData/Logs/Test/*.xcresult
~/Library/Logs/DiagnosticReports/*
retention-days: 7