open graph #4
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Server Integration Tests | |
| on: | |
| push: | |
| branches: [ edge, stable ] | |
| pull_request: | |
| branches: [ edge, stable ] | |
| jobs: | |
| server-integration-tests: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Install mkcert | |
| run: | | |
| # Install mkcert for certificate generation | |
| curl -JLO "https://dl.filippo.io/mkcert/latest?for=linux/amd64" | |
| chmod +x mkcert-v*-linux-amd64 | |
| sudo cp mkcert-v*-linux-amd64 /usr/local/bin/mkcert | |
| # Install CA in system trust store | |
| mkcert -install | |
| - name: Generate certificates | |
| run: | | |
| # Create certificate directory in workspace (not home directory) | |
| mkdir -p ./.simulacrum/certs | |
| cd ./.simulacrum/certs | |
| # Generate certificates for all required hostnames | |
| mkcert -cert-file localhost.pem -key-file localhost-key.pem \ | |
| localhost 127.0.0.1 ::1 oidc-simulator host.docker.internal | |
| # Copy mkcert root CA to the certs directory for Docker containers | |
| cp "$(mkcert -CAROOT)/rootCA.pem" ./rootCA.pem | |
| # List generated files for debugging | |
| echo "Generated certificates:" | |
| ls -la | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Create test.env with CI-specific paths | |
| run: | | |
| # Update AUTH_CERTS_PATH to use workspace-relative path | |
| sed -i 's|AUTH_CERTS_PATH=.*|AUTH_CERTS_PATH=./.simulacrum/certs|' test.env | |
| # Update JWKS_URI to use localhost for OIDC simulator | |
| sed -i 's|JWKS_URI=.*|JWKS_URI=https://localhost:3000/.well-known/jwks.json|' test.env | |
| # Copy test.env to .env for docker-compose variable interpolation | |
| cp test.env .env | |
| # Also copy test.env to server directory for the test environment | |
| cp test.env server/.env | |
| # Show relevant env vars for debugging | |
| echo "Environment variables:" | |
| grep -E "AUTH_|CERT|DATABASE_URL|POSTGRES_|JWT_|JWKS_URI" test.env || true | |
| - name: Build Docker images | |
| run: | | |
| # Build all services except server (tests run on host) | |
| docker compose -f docker-compose.test.yml --env-file test.env build \ | |
| math postgres file-server maildev oidc-simulator | |
| - name: Start services | |
| run: | | |
| # Start only required services in detached mode (exclude server) | |
| docker compose -f docker-compose.test.yml --env-file test.env up -d \ | |
| math postgres file-server maildev oidc-simulator | |
| # Wait for services to be ready | |
| echo "Waiting for services to start..." | |
| sleep 30 | |
| # Show running containers | |
| docker compose -f docker-compose.test.yml ps | |
| - name: Check service health | |
| run: | | |
| # Check if key services are responding | |
| echo "Checking postgres..." | |
| docker compose -f docker-compose.test.yml exec -T postgres pg_isready -U postgres || true | |
| echo "Checking oidc-simulator..." | |
| curl -k -f https://localhost:3000/.well-known/jwks.json || true | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '22' | |
| cache: 'npm' | |
| cache-dependency-path: server/package-lock.json | |
| - name: Install server dependencies | |
| run: | | |
| cd server | |
| npm ci | |
| - name: Run server integration tests | |
| run: | | |
| cd server | |
| # Set environment variables for tests | |
| export NODE_EXTRA_CA_CERTS=$(pwd)/../.simulacrum/certs/rootCA.pem | |
| export CI=true | |
| export NODE_ENV=test | |
| # Override service URLs to use localhost instead of Docker service names | |
| export DATABASE_URL=postgres://postgres:PdwPNS2mDN73Vfbc@localhost:5432/polis-test | |
| export MAILDEV_HOST=localhost | |
| export STATIC_FILES_HOST=localhost | |
| # Run the tests on the host machine | |
| npm test -- --ci --coverage --maxWorkers=2 | |
| - name: Upload test coverage | |
| if: always() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: coverage-report | |
| path: server/coverage | |
| if-no-files-found: ignore | |
| - name: Show service logs | |
| if: failure() | |
| run: | | |
| # Show logs from critical services for debugging | |
| echo "=== OIDC Simulator logs ===" | |
| docker compose -f docker-compose.test.yml logs oidc-simulator | tail -100 | |
| echo "=== Postgres logs ===" | |
| docker compose -f docker-compose.test.yml logs postgres | tail -100 | |
| echo "=== Math logs ===" | |
| docker compose -f docker-compose.test.yml logs math | tail -50 | |
| - name: Clean up | |
| if: always() | |
| run: | | |
| docker compose -f docker-compose.test.yml down -v |