CNIL : guide sécurité des données #3360
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Startup Tests | |
on: | |
pull_request: | |
workflow_dispatch: | |
env: | |
GITHUB_WORKFLOW: github_actions | |
backend-directory: ./backend | |
frontend-directory: ./frontend | |
enterprise-backend-directory: ./enterprise/backend | |
enterprise-frontend-directory: ./enterprise/frontend | |
enterprise-frontend-build-directory: ./enterprise/frontend/.build/frontend | |
enterprise-backend-settings-module: enterprise_core.settings | |
jobs: | |
startup-functional-test: | |
runs-on: ubuntu-20.04 | |
services: | |
postgres: | |
image: postgres:14.12 | |
env: | |
POSTGRES_USER: postgres | |
POSTGRES_PASSWORD: postgres | |
POSTGRES_DB: postgres | |
ports: ["5432:5432"] | |
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 | |
strategy: | |
max-parallel: 4 | |
matrix: | |
python-version: ["3.11"] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up python ${{ matrix.python-version }} | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.python-version }} | |
cache: "pip" | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: lts/* | |
- name: Install Poetry | |
uses: snok/install-poetry@v1 | |
with: | |
virtualenvs-create: false | |
installer-parallel: true | |
- name: Install backend requirements | |
working-directory: ${{ env.backend-directory }} | |
run: poetry install | |
- name: Install frontend dependencies | |
working-directory: ${{ env.frontend-directory }} | |
run: | | |
npm install -g pnpm | |
pnpm i --frozen-lockfile | |
- name: Install Playwright Browsers | |
working-directory: ${{ env.frontend-directory }} | |
run: pnpm exec playwright install | |
- name: Create frontend environment variables file | |
working-directory: ${{ env.frontend-directory }} | |
run: | | |
touch .env | |
echo PUBLIC_BACKEND_API_URL=http://localhost:8000/api >> .env | |
- name: Create backend environment variables file | |
working-directory: ${{ env.backend-directory }} | |
run: | | |
touch .env | |
echo LOG_LEVEL=DEBUG >> .env | |
echo LOG_OUTFILE=ciso-assistant.log >> .env | |
echo DJANGO_DEBUG=True >> .env | |
echo [email protected] >> .env | |
echo DJANGO_SUPERUSER_PASSWORD=1234 >> .env | |
echo POSTGRES_NAME=postgres >> .env | |
echo POSTGRES_USER=postgres >> .env | |
echo POSTGRES_PASSWORD=postgres >> .env | |
echo DB_HOST=localhost >> .env | |
echo CISO_ASSISTANT_SUPERUSER_EMAIL='' >> .env | |
echo CISO_ASSISTANT_URL=http://localhost:4173 >> .env | |
- name: Run migrations | |
working-directory: ${{ env.backend-directory }} | |
run: | | |
export $(grep -v '^#' .env | xargs) | |
poetry run python manage.py migrate | |
- name: Start test server | |
working-directory: ${{ env.backend-directory }} | |
run: | | |
export $(grep -v '^#' .env | xargs) | |
poetry run python manage.py createsuperuser --noinput | |
nohup poetry run python manage.py runserver & | |
- name: Build frontend | |
working-directory: ${{ env.frontend-directory }} | |
run: pnpm run build | |
- name: Run tests | |
working-directory: ${{ env.frontend-directory }} | |
run: pnpm exec playwright test tests/functional/startup.test.ts | |
- uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: startup-functional-test-report | |
path: | | |
${{ env.backend-directory }}/*.log | |
${{ env.frontend-directory }}/tests/reports/ | |
retention-days: 5 | |
startup-docker-compose-test: | |
runs-on: ubuntu-20.04 | |
env: | |
COMPOSE_TEST: True | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: latest | |
- name: Install frontend dependencies | |
working-directory: ${{ env.frontend-directory }} | |
run: | | |
npm install -g pnpm | |
pnpm i --frozen-lockfile | |
- name: Install Playwright Browsers | |
working-directory: ${{ env.frontend-directory }} | |
run: pnpm exec playwright install | |
- name: Build the Docker app | |
run: docker compose -f docker-compose-build.yml up -d | |
- name: Create backend environment variables file | |
working-directory: ${{ env.backend-directory }} | |
run: | | |
touch .env | |
export $(grep -v '^#' .env | xargs) | |
- name: Config the Docker app | |
run: | | |
sleep 120 # give the migrations time to finish (included in the up on the previous step) | |
docker compose -f docker-compose-build.yml exec backend /bin/bash -c "[email protected] DJANGO_SUPERUSER_PASSWORD=1234 poetry run python manage.py createsuperuser --noinput && exit 0" | |
- name: Run tests | |
working-directory: ${{ env.frontend-directory }} | |
run: | | |
response=$(curl -d "[email protected]&password=1234" -H "Origin: https://localhost:8443" https://localhost:8443/login\?/login -k) | |
server_reponse='{"type":"redirect","status":302,"location":"/"}' | |
echo "[SERVER_RESPONSE] $response" | |
echo "[EXPECTED_RESPONSE] $server_reponse" | |
if [[ "$response" == "$server_reponse" ]]; then | |
echo "Success" | |
exit 0 | |
else | |
echo "Failure" | |
echo "Check if migrations are not too long" | |
exit 1 | |
fi | |
enterprise-startup-functional-test: | |
runs-on: ubuntu-20.04 | |
services: | |
postgres: | |
image: postgres:14.12 | |
env: | |
POSTGRES_USER: postgres | |
POSTGRES_PASSWORD: postgres | |
POSTGRES_DB: postgres | |
ports: ["5432:5432"] | |
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 | |
strategy: | |
max-parallel: 4 | |
matrix: | |
python-version: ["3.11"] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up python ${{ matrix.python-version }} | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.python-version }} | |
cache: "pip" | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: lts/* | |
- name: Install Poetry | |
uses: snok/install-poetry@v1 | |
with: | |
virtualenvs-create: false | |
installer-parallel: true | |
- name: Install backend requirements | |
working-directory: ${{ env.backend-directory }} | |
run: poetry install | |
- name: Install enterprise backend | |
working-directory: ${{ env.enterprise-backend-directory }} | |
run: poetry install | |
- name: Build enterprise frontend | |
working-directory: ${{ env.enterprise-frontend-directory }} | |
run: make | |
- name: Install Playwright Browsers | |
working-directory: ${{ env.enterprise-frontend-build-directory }} | |
run: pnpm exec playwright install | |
- name: Create frontend environment variables file | |
working-directory: ${{ env.enterprise-frontend-build-directory }} | |
run: | | |
touch .env | |
echo PUBLIC_BACKEND_API_URL=http://localhost:8000/api >> .env | |
- name: Create backend environment variables file | |
working-directory: ${{ env.backend-directory }} | |
run: | | |
touch .env | |
echo LOG_LEVEL=DEBUG >> .env | |
echo LOG_OUTFILE=ciso-assistant.log >> .env | |
echo DJANGO_DEBUG=True >> .env | |
echo [email protected] >> .env | |
echo DJANGO_SUPERUSER_PASSWORD=1234 >> .env | |
echo POSTGRES_NAME=postgres >> .env | |
echo POSTGRES_USER=postgres >> .env | |
echo POSTGRES_PASSWORD=postgres >> .env | |
echo DB_HOST=localhost >> .env | |
echo CISO_ASSISTANT_SUPERUSER_EMAIL='' >> .env | |
echo CISO_ASSISTANT_URL=http://localhost:4173 >> .env | |
echo DJANGO_SETTINGS_MODULE=enterprise_core.settings >> .env | |
- name: Run migrations | |
working-directory: ${{ env.backend-directory }} | |
run: | | |
export $(grep -v '^#' .env | xargs) | |
poetry run python manage.py migrate --settings=${{ env.enterprise-backend-settings-module }} | |
- name: Start test server | |
working-directory: ${{ env.backend-directory }} | |
run: | | |
export $(grep -v '^#' .env | xargs) | |
poetry run python manage.py createsuperuser --noinput --settings=${{ env.enterprise-backend-settings-module }} | |
nohup poetry run python manage.py runserver --settings=${{ env.enterprise-backend-settings-module }} & | |
- name: Run tests | |
working-directory: ${{ env.enterprise-frontend-build-directory }} | |
run: pnpm exec playwright test tests/functional/startup.test.ts | |
- uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: enterprise-startup-functional-test-report | |
path: | | |
${{ env.backend-directory }}/*.log | |
${{ env.enterprise-frontend-build-directory }}/tests/reports/ | |
retention-days: 5 | |
enterprise-startup-docker-compose-test: | |
runs-on: ubuntu-20.04 | |
env: | |
COMPOSE_TEST: True | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: latest | |
- name: Install frontend dependencies | |
working-directory: ${{ env.enterprise-frontend-directory }} | |
run: make pre-build | |
- name: Install Playwright Browsers | |
working-directory: ${{ env.enterprise-frontend-build-directory }} | |
run: pnpm exec playwright install | |
- name: Build the Docker app | |
run: docker compose -f enterprise/docker-compose-build.yml up -d | |
- name: Create backend environment variables file | |
working-directory: ${{ env.backend-directory }} | |
run: | | |
touch .env | |
export $(grep -v '^#' .env | xargs) | |
- name: Config the Docker app | |
run: | | |
sleep 120 # give the migrations time to finish (included in the up on the previous step) | |
docker compose -f enterprise/docker-compose-build.yml exec backend /bin/bash -c "[email protected] DJANGO_SUPERUSER_PASSWORD=1234 poetry run python manage.py createsuperuser --noinput --settings=${{ env.enterprise-backend-settings-module }} && exit 0" | |
- name: Run tests | |
working-directory: ${{ env.frontend-directory }} | |
run: | | |
response=$(curl -d "[email protected]&password=1234" -H "Origin: https://localhost:8443" https://localhost:8443/login\?/login -k) | |
server_reponse='{"type":"redirect","status":302,"location":"/"}' | |
echo "[SERVER_RESPONSE] $response" | |
echo "[EXPECTED_RESPONSE] $server_reponse" | |
if [[ "$response" == "$server_reponse" ]]; then | |
echo "Success" | |
exit 0 | |
else | |
echo "Failure" | |
echo "Check if migrations are not too long" | |
exit 1 | |
fi |