Add robot credentials auth flow #76
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Integration test | |
env: | |
MINIO_ROOT_USER: admin | |
MINIO_ROOT_PASSWORD: s3cr3t_p4ssw0rd | |
MINIO_LOCAL_BUCKET_NAME: flame | |
MINIO_REMOTE_BUCKET_NAME: upload | |
# Point these to the new dev instance of the FLAME Hub | |
HUB_CORE_BASE_URL: https://core.privateaim.dev | |
HUB_STORAGE_BASE_URL: https://storage.privateaim.dev | |
HUB_AUTH_BASE_URL: https://auth.privateaim.dev | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
branches: | |
- main | |
jobs: | |
test: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: 3.11 | |
- name: Install Poetry | |
run: python -m pip install poetry | |
- name: Install dependencies | |
run: poetry install | |
- name: Copy environment variables | |
run: cp .env.example .env.test | |
- name: Create local bucket | |
run: poetry run flame-result migrate --no-verify "$MINIO_ROOT_USER" "$MINIO_ROOT_PASSWORD" "$MINIO_LOCAL_BUCKET_NAME" | |
- name: Run tests | |
run: poetry run pytest | |
env: | |
MINIO__ACCESS_KEY: ${{env.MINIO_ROOT_USER}} | |
MINIO__SECRET_KEY: ${{env.MINIO_ROOT_PASSWORD}} | |
MINIO__BUCKET: ${{env.MINIO_LOCAL_BUCKET_NAME}} | |
MINIO__ENDPOINT: localhost:9000 | |
HUB__AUTH_METHOD: robot | |
HUB__ROBOT_AUTH__ID: ${{secrets.HUB_ROBOT_ID}} | |
HUB__ROBOT_AUTH__SECRET: ${{secrets.HUB_ROBOT_SECRET}} | |
# No tests against live infra are run here but these envs are set anyway to future-proof in case | |
# we ever end up testing against live infra. python-dotenv will not override existing envs so the prod | |
# URLs in the .env.example file shouldn't carry over here. | |
HUB__AUTH_BASE_URL: ${{env.HUB_AUTH_BASE_URL}} | |
HUB__CORE_BASE_URL: ${{env.HUB_CORE_BASE_URL}} | |
HUB__STORAGE_BASE_URL: ${{env.HUB_STORAGE_BASE_URL}} | |
services: | |
minio: | |
# not possible to use official minio image since it requires commands to start up | |
# which gh doesn't support :( | |
image: bitnami/minio:2024.1.16 | |
env: | |
MINIO_ROOT_USER: ${{env.MINIO_ROOT_USER}} | |
MINIO_ROOT_PASSWORD: ${{env.MINIO_ROOT_PASSWORD}} | |
ports: | |
- 9000:9000 | |
options: >- | |
--health-cmd "curl -I http://localhost:9000/minio/health/live" | |
--health-interval 2s | |
--health-timeout 5s | |
--health-retries 5 |