[PAGOPA-959] fix: Update integration CI

pagopa · Aug 21, 2023 · 632063b · 632063b
1 parent 9c13531
commit 632063b
Show file tree

Hide file tree

Showing 5 changed files with 85 additions and 132 deletions.
diff --git a/.github/workflows/integration_test.yml b/.github/workflows/integration_test.yml
@@ -35,24 +35,13 @@ jobs:
         id: checkout
         uses: actions/checkout@1f9a0c22da41e6ebfa534300ef656657ea2c6707
 
-      - name: Login
-        id: login
-        # from https://github.com/Azure/login/commits/master
-        uses: azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2
-        with:
-          client-id: ${{ secrets.CLIENT_ID }}
-          tenant-id: ${{ secrets.TENANT_ID }}
-          subscription-id: ${{ secrets.SUBSCRIPTION_ID }}
-
       - name: Run Integration Tests
         shell: bash
         run: |
           export CANARY=${{ inputs.canary }}
           
           cd ./integration-test
           chmod +x ./run_integration_test.sh
-          
-          export REPORTING_BATCH_CONNECTION_STRING=${{ secrets.SA_CONNECTION_STRING }}
           ./run_integration_test.sh ${{( github.event.inputs == null && 'uat') || inputs.environment }} ${{ secrets.API_SUBSCRIPTION_KEY }}
 
   notify:
@@ -73,37 +62,3 @@ jobs:
           footer: 'Linked to Repo <{repo_url}|{repo}>'
         env:
           SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
-
-  delete_github_deployments:
-    runs-on: ubuntu-latest
-    needs: integration_test
-    if: ${{ always() }}
-    steps:
-      - name: Delete Previous deployments
-        uses: actions/github-script@v6
-        env:
-          SHA_HEAD: ${{ (github.event_name == 'pull_request' && github.event.pull_request.head.sha) || github.sha}}
-        with:
-          script: |
-            const { SHA_HEAD } = process.env
-
-            const deployments = await github.rest.repos.listDeployments({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              sha: SHA_HEAD
-            });
-            await Promise.all(
-              deployments.data.map(async (deployment) => {
-                await github.rest.repos.createDeploymentStatus({
-                  owner: context.repo.owner,
-                  repo: context.repo.repo,
-                  deployment_id: deployment.id,
-                  state: 'inactive'
-                });
-                return github.rest.repos.deleteDeployment({
-                  owner: context.repo.owner,
-                  repo: context.repo.repo,
-                  deployment_id: deployment.id
-                });
-              })
-            );
diff --git a/.identity/02_application_action.tf b/.identity/02_application_action.tf
@@ -1,84 +1,84 @@
-module "github_runner_app" {
-  source = "git::https://github.com/pagopa/github-actions-tf-modules.git//app-github-runner-creator?ref=main"
-
-  app_name = local.app_name
-
-  subscription_id = data.azurerm_subscription.current.id
-
-  github_org              = local.github.org
-  github_repository       = local.github.repository
-  github_environment_name = var.env
-
-  container_app_github_runner_env_rg = local.container_app_environment.resource_group
-}
-
-resource "null_resource" "github_runner_app_permissions_to_namespace" {
-  triggers = {
-    aks_id               = data.azurerm_kubernetes_cluster.aks.id
-    service_principal_id = module.github_runner_app.client_id
-    namespace            = local.domain
-    version              = "v2"
-  }
-
-  provisioner "local-exec" {
-    command = <<EOT
-      az role assignment create --role "Azure Kubernetes Service RBAC Admin" \
-      --assignee ${self.triggers.service_principal_id} \
-      --scope ${self.triggers.aks_id}/namespaces/${self.triggers.namespace}
-
-      az role assignment list --role "Azure Kubernetes Service RBAC Admin"  \
-      --scope ${self.triggers.aks_id}/namespaces/${self.triggers.namespace}
-    EOT
-  }
-
-  provisioner "local-exec" {
-    when    = destroy
-    command = <<EOT
-      az role assignment delete --role "Azure Kubernetes Service RBAC Admin" \
-      --assignee ${self.triggers.service_principal_id} \
-      --scope ${self.triggers.aks_id}/namespaces/${self.triggers.namespace}
-    EOT
-  }
-}
-
-resource "azurerm_role_assignment" "environment_terraform_resource_group_dashboards" {
-  scope                = data.azurerm_resource_group.dashboards.id
-  role_definition_name = "Contributor"
-  principal_id         = module.github_runner_app.object_id
-}
-
-resource "azurerm_role_assignment" "environment_key_vault" {
-  scope                = data.azurerm_key_vault.key_vault.id
-  role_definition_name = "Reader"
-  principal_id         = module.github_runner_app.object_id
-}
-
-resource "azurerm_role_assignment" "environment_key_vault_domain" {
-  scope                = data.azurerm_key_vault.domain_key_vault.id
-  role_definition_name = "Reader"
-  principal_id         = module.github_runner_app.object_id
-}
-
-resource "azurerm_key_vault_access_policy" "ad_kv_group_policy" {
-  key_vault_id = data.azurerm_key_vault.key_vault.id
-
-  tenant_id = data.azurerm_client_config.current.tenant_id
-  object_id = module.github_runner_app.object_id
-
-  key_permissions         = []
-  secret_permissions      = ["Get", "List"]
-  storage_permissions     = []
-  certificate_permissions = []
-}
-
-resource "azurerm_key_vault_access_policy" "ad_domain_kv_group_policy" {
-  key_vault_id = data.azurerm_key_vault.domain_key_vault.id
-
-  tenant_id = data.azurerm_client_config.current.tenant_id
-  object_id = module.github_runner_app.object_id
-
-  key_permissions         = []
-  secret_permissions      = ["Get", "List"]
-  storage_permissions     = []
-  certificate_permissions = []
-}
+#module "github_runner_app" {
+#  source = "git::https://github.com/pagopa/github-actions-tf-modules.git//app-github-runner-creator?ref=main"
+#
+#  app_name = local.app_name
+#
+#  subscription_id = data.azurerm_subscription.current.id
+#
+#  github_org              = local.github.org
+#  github_repository       = local.github.repository
+#  github_environment_name = var.env
+#
+#  container_app_github_runner_env_rg = local.container_app_environment.resource_group
+#}
+#
+#resource "null_resource" "github_runner_app_permissions_to_namespace" {
+#  triggers = {
+#    aks_id               = data.azurerm_kubernetes_cluster.aks.id
+#    service_principal_id = module.github_runner_app.client_id
+#    namespace            = local.domain
+#    version              = "v2"
+#  }
+#
+#  provisioner "local-exec" {
+#    command = <<EOT
+#      az role assignment create --role "Azure Kubernetes Service RBAC Admin" \
+#      --assignee ${self.triggers.service_principal_id} \
+#      --scope ${self.triggers.aks_id}/namespaces/${self.triggers.namespace}
+#
+#      az role assignment list --role "Azure Kubernetes Service RBAC Admin"  \
+#      --scope ${self.triggers.aks_id}/namespaces/${self.triggers.namespace}
+#    EOT
+#  }
+#
+#  provisioner "local-exec" {
+#    when    = destroy
+#    command = <<EOT
+#      az role assignment delete --role "Azure Kubernetes Service RBAC Admin" \
+#      --assignee ${self.triggers.service_principal_id} \
+#      --scope ${self.triggers.aks_id}/namespaces/${self.triggers.namespace}
+#    EOT
+#  }
+#}
+#
+#resource "azurerm_role_assignment" "environment_terraform_resource_group_dashboards" {
+#  scope                = data.azurerm_resource_group.dashboards.id
+#  role_definition_name = "Contributor"
+#  principal_id         = module.github_runner_app.object_id
+#}
+#
+#resource "azurerm_role_assignment" "environment_key_vault" {
+#  scope                = data.azurerm_key_vault.key_vault.id
+#  role_definition_name = "Reader"
+#  principal_id         = module.github_runner_app.object_id
+#}
+#
+#resource "azurerm_role_assignment" "environment_key_vault_domain" {
+#  scope                = data.azurerm_key_vault.domain_key_vault.id
+#  role_definition_name = "Reader"
+#  principal_id         = module.github_runner_app.object_id
+#}
+#
+#resource "azurerm_key_vault_access_policy" "ad_kv_group_policy" {
+#  key_vault_id = data.azurerm_key_vault.key_vault.id
+#
+#  tenant_id = data.azurerm_client_config.current.tenant_id
+#  object_id = module.github_runner_app.object_id
+#
+#  key_permissions         = []
+#  secret_permissions      = ["Get", "List"]
+#  storage_permissions     = []
+#  certificate_permissions = []
+#}
+#
+#resource "azurerm_key_vault_access_policy" "ad_domain_kv_group_policy" {
+#  key_vault_id = data.azurerm_key_vault.domain_key_vault.id
+#
+#  tenant_id = data.azurerm_client_config.current.tenant_id
+#  object_id = module.github_runner_app.object_id
+#
+#  key_permissions         = []
+#  secret_permissions      = ["Get", "List"]
+#  storage_permissions     = []
+#  certificate_permissions = []
+#}
diff --git a/.identity/03_github_environment.tf b/.identity/03_github_environment.tf
@@ -21,7 +21,7 @@ resource "github_repository_environment" "github_repository_environment" {
 
 locals {
   env_secrets = {
-    "CLIENT_ID" : module.github_runner_app.application_id,
+     #"CLIENT_ID" : module.github_runner_app.application_id,
     "TENANT_ID" : data.azurerm_client_config.current.tenant_id,
     "SUBSCRIPTION_ID" : data.azurerm_subscription.current.subscription_id,
     "API_SUBSCRIPTION_KEY" : data.azurerm_key_vault_secret.key_vault_integration_test_subkey.value,

diff --git a/integration-test/README.MD b/integration-test/README.MD
@@ -5,7 +5,6 @@
 
 To run the integration test from local environment, simply execute this commands:
 ```
-export REPORTING_BATCH_CONNECTION_STRING=##QUEUE_CONNECTION_STRING## \    
 yarn install && \
 yarn test:${{ parameters.ENV }} ${{ secrets.API_SUBSCRIPTION_KEY }}
 ```

diff --git a/integration-test/run_integration_test.sh b/integration-test/run_integration_test.sh
@@ -3,7 +3,6 @@ set -e
 
 export ENV=$1
 export API_SUBSCRIPTION_KEY=$2
-export REPORTING_BATCH_CONNECTION_STRING=${REPORTING_BATCH_CONNECTION_STRING}
 
 # run integration tests (application must be running)