Skip to content

Commit

Permalink
Add scheduled CI task to validate local job-server setup
Browse files Browse the repository at this point in the history
This required updating the setup scripts to skip the need to have
`SOCIAL_AUTH_*` properly configured.

The local job-server still runs fine w/o it, but it wouldn't be able to
actually log users in from github.
  • Loading branch information
bloodearnest committed Aug 22, 2024
1 parent d4b735a commit 7aae572
Show file tree
Hide file tree
Showing 3 changed files with 52 additions and 7 deletions.
40 changes: 40 additions & 0 deletions .github/workflows/job-server.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
---
name: Local job-server setup CI

on:
# just for testing in draft PRs, will remove
push:
schedule:
# every day at 2:37am
- cron: "37 2 * * *"

jobs:
test-local-job-server:
runs-on: ubuntu-22.04

steps:
- uses: actions/checkout@v4
- uses: "opensafely-core/setup-action@v1"
with:
python-version: "3.11"
install-just: true

- name: "Test local job server setup"
# this should download, configure and successfully launch a local job-server
# we test it to make sure we catch breaking changes in job-server configuration we need to update.
run: |
just _dotenv # we don't need a full devenv
just job-server/configure username
just job-server/create-workspace test-workspace
exit 1 # force fail
- name: "Notify Slack on Failure"
if: failure() #&& github.ref_name == 'main'
uses: zuplo/github-action-slack-notify-build@cf8e7e66a21d76a8125ea9648979c30920195552 # v2
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
with:
channel_id: C069YDR4NCA
status: "Airlock local job-server integration test failure"
color: danger

12 changes: 7 additions & 5 deletions job-server/justfile
Original file line number Diff line number Diff line change
Expand Up @@ -15,11 +15,13 @@ check:
test -f .env.jobserver || error

. .env.jobserver
if test "$SOCIAL_AUTH_GITHUB_KEY" = "test" -o -z "$SOCIAL_AUTH_GITHUB_KEY"; then
error "SOCIAL_AUTH_GITHUB_KEY not set properly"
fi
if test "$SOCIAL_AUTH_GITHUB_SECRET" = "test" -o -z "$SOCIAL_AUTH_GITHUB_SECRET"; then
error "SOCIAL_AUTH_GITHUB_SECRET not set properly"
if test -z "${CI:-}"; then
if test "$SOCIAL_AUTH_GITHUB_KEY" = "test" -o -z "$SOCIAL_AUTH_GITHUB_KEY"; then
error "SOCIAL_AUTH_GITHUB_KEY not set properly"
fi
if test "$SOCIAL_AUTH_GITHUB_SECRET" = "test" -o -z "$SOCIAL_AUTH_GITHUB_SECRET"; then
error "SOCIAL_AUTH_GITHUB_SECRET not set properly"
fi
fi

# enable local airlock config to point to local job-server
Expand Down
7 changes: 5 additions & 2 deletions job-server/local-setup.sh
Original file line number Diff line number Diff line change
Expand Up @@ -36,10 +36,13 @@ fi

# setup github social logins
# this only needs to be done very rarely, and bw client is a faff, so add a check to only if needed
if test "$SOCIAL_AUTH_GITHUB_KEY" = "test" -o -z "$SOCIAL_AUTH_GITHUB_KEY"; then
if test -n "${CI:-}"; then
echo "Skipping job-server SOCIAL_AUTH setup as it is CI"
elif test "$SOCIAL_AUTH_GITHUB_KEY" = "test" -o -z "$SOCIAL_AUTH_GITHUB_KEY"; then
tmp=$(mktemp)
if ! command -v bw > /dev/null; then
echo "bitwarden client bw not found"
echo "bitwarden cli client bw not found"
echo "We need it to automatically setup job-server's SOCIAL_AUTH_GITHUB_KEY as one time thing"
exit 1
fi
if bw status | grep -q unauthenticated; then
Expand Down

0 comments on commit 7aae572

Please sign in to comment.