fix: Fix e2e Github workflow #6
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: E2E Tests | |
| on: | |
| pull_request: | |
| types: | |
| - labeled | |
| jobs: | |
| e2e-run: | |
| if: ${{ github.event.label.name == 'e2e-tests-v2' }} | |
| runs-on: ubuntu-latest | |
| # name: WebApp Deploy DEV (no Fleek) | |
| # on: | |
| # workflow_dispatch: | |
| # push: | |
| # branches: | |
| # - 'develop' | |
| # - 'DOPS-*' ## temporal branch for testing only | |
| # jobs: | |
| # setup-env-vars: | |
| # runs-on: ubuntu-latest | |
| # outputs: | |
| # environment: ${{ steps.envtest.outputs.environment }}${{ steps.envdev.outputs.environment }} | |
| steps: | |
| - name: Set environment to TEST | |
| # if: contains(github.ref, '/DOPS-') | |
| # id: envtest | |
| run: | | |
| echo "environment=development" >> $GITHUB_OUTPUT ## temp, change it if have another env | |
| # - name: Set environment to DEV | |
| # if: endsWith(github.ref, '/develop') | |
| # id: envdev | |
| # run: | | |
| # echo "environment=development" >> $GITHUB_OUTPUT | |
| # - name: Set environment to PROD | |
| # if: endsWith(github.ref, '/main') | |
| # id: envprod | |
| # run: | | |
| # echo "environment=production" >> $GITHUB_OUTPUT | |
| build-and-deploy: | |
| runs-on: ubuntu-latest | |
| # needs: [setup-env-vars] | |
| # if: needs.setup-env-vars.outputs.environment != '' && needs.setup-env-vars.outputs.environment != 'production' | |
| # environment: ${{ needs.setup-env-vars.outputs.environment }} | |
| outputs: | |
| BRANCH_NAME: ${{ steps.myvars.outputs.BRANCH_NAME }} | |
| GIT_HASH_SHORT: ${{ steps.myvars.outputs.GIT_HASH_SHORT }} | |
| DATE_IN_SECS: ${{ steps.myvars.outputs.DATE_IN_SECS }} | |
| CONTAINER_TAG: ${{ steps.myvars.outputs.CONTAINER_TAG }} | |
| SHORT_ENV_OUT: ${{ steps.myvars.outputs.SHORT_ENV_OUT }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Set myvars | |
| id: myvars | |
| run: | | |
| branchname=$(echo ${GITHUB_REF#refs/heads/} | tr '/' '-' ) | |
| dateinsecs=$(date +%s) | |
| githashshort=$(git rev-parse --short HEAD) | |
| echo "BRANCH_NAME=$branchname" >> $GITHUB_OUTPUT | |
| echo "GIT_HASH_SHORT=$githashshort" >> $GITHUB_OUTPUT | |
| echo "DATE_IN_SECS=$dateinsecs" >> $GITHUB_OUTPUT | |
| if [ "$branchname" = "develop" ]; then | |
| echo "CURRENT_ENVIRONMENT=development" >> $GITHUB_OUTPUT | |
| echo "SHORT_ENV_OUT=DEV" >> $GITHUB_OUTPUT | |
| elif [ "$branchname" = "main" ]; then | |
| echo "CURRENT_ENVIRONMENT=production" >> $GITHUB_OUTPUT | |
| echo "SHORT_ENV_OUT=PROD" >> $GITHUB_OUTPUT | |
| else | |
| echo "BRANCH_NAME=test" >> $GITHUB_OUTPUT | |
| echo "CURRENT_ENVIRONMENT=testing" >> $GITHUB_OUTPUT | |
| ## Set DEV since we haven't set vars for TEST | |
| echo "SHORT_ENV_OUT=DEV" >> $GITHUB_OUTPUT | |
| fi | |
| containertag="commit-$githashshort" | |
| echo "CONTAINER_TAG=$containertag" >> $GITHUB_OUTPUT | |
| - name: Setup NodeJS, install deps from parent folder | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| cache: 'yarn' | |
| - name: Install depdendencies | |
| run: yarn install --pure-lockfile | |
| - name: Build web-app | |
| run: yarn build | |
| env: | |
| VITE_REACT_APP_DEPLOY_VERSION: ${{ github.sha }} | |
| VITE_REACT_APP_DEPLOY_ENVIRONMENT: ${{ needs.setup-env-vars.outputs.environment }} | |
| VITE_REACT_APP_ANALYTICS_KEY: ${{ secrets.VITE_REACT_APP_ANALYTICS_KEY }} | |
| VITE_IPFS_API_KEY: ${{ secrets.VITE_IPFS_API_KEY }} | |
| VITE_ETHERSCAN_API_KEY: ${{ secrets.VITE_ETHERSCAN_API_KEY }} | |
| VITE_POLYGONSCAN_API_KEY: ${{secrets.VITE_POLYGONSCAN_API_KEY}} | |
| VITE_INFURA_GOERLI_PROJECT_ID: ${{ secrets.VITE_INFURA_GOERLI_PROJECT_ID }} | |
| VITE_INFURA_MAINNET_PROJECT_ID: ${{ secrets.VITE_INFURA_MAINNET_PROJECT_ID }} | |
| VITE_INFURA_API_KEY: ${{ secrets.VITE_INFURA_API_KEY }} | |
| VITE_WALLET_CONNECT_PROJECT_ID: ${{ secrets.VITE_WALLET_CONNECT_PROJECT_ID }} | |
| VITE_ALCHEMY_KEY_POLYGON_MUMBAI: ${{ secrets.VITE_ALCHEMY_KEY_POLYGON_MUMBAI }} | |
| VITE_ALCHEMY_KEY_POLYGON_MAINNET: ${{ secrets.VITE_ALCHEMY_KEY_POLYGON_MUMBAI }} | |
| VITE_ALCHEMY_KEY_MAINNET: ${{ secrets.VITE_ALCHEMY_KEY_MAINNET }} | |
| VITE_ALCHEMY_KEY_GOERLI: ${{ secrets.VITE_ALCHEMY_KEY_GOERLI }} | |
| VITE_COVALENT_API_KEY: ${{secrets.VITE_COVALENT_API_KEY}} | |
| NODE_OPTIONS: '--max-old-space-size=6656' | |
| - name: Setup Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set swap space on Runner | |
| uses: pierotofy/set-swap-space@master | |
| with: | |
| swap-size-gb: 12 | |
| ## Use this step instead of `docker/build-push-action@v4` to avoid JavaScript heap out memory error | |
| ## Using 'docker buildx build ...' allows controlling memory and memory-swap | |
| ## https://developer.ibm.com/articles/nodejs-memory-management-in-container-environments/ | |
| ## https://docs.docker.com/engine/reference/commandline/buildx_build/#build-arg | |
| - name: Build container and Push to GHCR.IO ( ${{ steps.myvars.outputs.SHORT_ENV_OUT }} ) | |
| run: | | |
| mkdir -p /tmp/docker-build-push-${{ steps.myvars.outputs.DATE_IN_SECS }}/ | |
| docker buildx build . --file ./Dockerfile.webapp.dev --push \ | |
| --build-arg VITE_REACT_APP_DEPLOY_VERSION=${{ github.sha }} \ | |
| --build-arg VITE_REACT_APP_DEPLOY_ENVIRONMENT=${{ needs.setup-env-vars.outputs.environment }} \ | |
| --build-arg VITE_REACT_APP_ANALYTICS_KEY=${{ secrets.VITE_REACT_APP_ANALYTICS_KEY }} \ | |
| --build-arg VITE_IPFS_API_KEY=${{ secrets.VITE_IPFS_API_KEY }} \ | |
| --build-arg VITE_ETHERSCAN_API_KEY=${{ secrets.VITE_ETHERSCAN_API_KEY }} \ | |
| --build-arg VITE_INFURA_GOERLI_PROJECT_ID=${{ secrets.VITE_INFURA_GOERLI_PROJECT_ID }} \ | |
| --build-arg VITE_INFURA_MAINNET_PROJECT_ID=${{ secrets.VITE_INFURA_MAINNET_PROJECT_ID }} \ | |
| --build-arg VITE_INFURA_API_KEY=${{ secrets.VITE_INFURA_API_KEY }} \ | |
| --build-arg VITE_WALLET_CONNECT_PROJECT_ID=${{ secrets.VITE_WALLET_CONNECT_PROJECT_ID }} \ | |
| --build-arg VITE_ALCHEMY_KEY_POLYGON_MUMBAI=${{ secrets.VITE_ALCHEMY_KEY_POLYGON_MUMBAI }} \ | |
| --build-arg VITE_ALCHEMY_KEY_POLYGON_MAINNET=${{ secrets.VITE_ALCHEMY_KEY_POLYGON_MAINNET }} \ | |
| --build-arg VITE_ALCHEMY_KEY_MAINNET=${{ secrets.VITE_ALCHEMY_KEY_MAINNET }} \ | |
| --build-arg VITE_ALCHEMY_KEY_GOERLI=${{ secrets.VITE_ALCHEMY_KEY_GOERLI }} \ | |
| --build-arg VITE_COVALENT_API_KEY=${{secrets.VITE_COVALENT_API_KEY}} \ | |
| --build-arg NODE_OPTIONS='--max-old-space-size=6656' \ | |
| --cache-from type=gha \ | |
| --cache-to type=gha,mode=max \ | |
| --iidfile /tmp/docker-build-push-${{ steps.myvars.outputs.DATE_IN_SECS }}/iidfile \ | |
| --provenance mode=max,builder-id=https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} \ | |
| --metadata-file /tmp/docker-build-push-${{ steps.myvars.outputs.DATE_IN_SECS }}/metadata-file \ | |
| --tag ghcr.io/${{ github.repository }}:${{ steps.myvars.outputs.BRANCH_NAME }} \ | |
| --tag ghcr.io/${{ github.repository }}:commit-${{ steps.myvars.outputs.GIT_HASH_SHORT }} \ | |
| --tag ghcr.io/${{ github.repository }}:webapp-${{ steps.myvars.outputs.BRANCH_NAME }}-${{ steps.myvars.outputs.DATE_IN_SECS }} | |
| - name: Start development server and Run E2E Tests | |
| run: | | |
| yarn dev & | |
| sleep 10 # Wait for the server to start; adjust the time as needed | |
| # xvfb-run --server-args="-screen 0 1920x1080x24" npx synpress run --configFile synpress.config.js --record --key 0c4de406-82ab-48c2-94b1-6267578d2f33 | |
| npx synpress run --configFile synpress.config.js --record --key 0c4de406-82ab-48c2-94b1-6267578d2f33 | |
| # run: xvfb-run --server-args="-screen 0 1920x1080x24" npx synpress run --configFile synpress.config.js --record --key 0c4de406-82ab-48c2-94b1-6267578d2f33 | |
| # uses: cypress-io/github-action@v6 | |
| # with: | |
| # # cache: false | |
| # cache-key: '' | |
| # start: yarn dev | |
| # command: | | |
| # npx cypress cache clear | |
| # npx synpress run --configFile synpress.config.js --record --key 0c4de406-82ab-48c2-94b1-6267578d2f33 | |
| # record: true | |
| # wait-on: 'http://localhost:3000' | |
| # wait-on-timeout: 120 | |
| # # browser: chrome | |
| # # spec: tests/e2e/specs/* | |
| env: | |
| VITE_REACT_APP_DEPLOY_VERSION: ${{ github.sha }} | |
| VITE_REACT_APP_DEPLOY_ENVIRONMENT: ${{ needs.set-environment.outputs.environment }} | |
| VITE_REACT_APP_ANALYTICS_KEY: ${{ secrets.VITE_REACT_APP_ANALYTICS_KEY }} | |
| VITE_IPFS_API_KEY: ${{secrets.VITE_IPFS_API_KEY}} | |
| VITE_ETHERSCAN_API_KEY: ${{secrets.VITE_ETHERSCAN_API_KEY}} | |
| VITE_POLYGONSCAN_API_KEY: ${{secrets.VITE_POLYGONSCAN_API_KEY}} | |
| VITE_INFURA_GOERLI_PROJECT_ID: ${{secrets.VITE_INFURA_GOERLI_PROJECT_ID}} | |
| VITE_INFURA_MAINNET_PROJECT_ID: ${{secrets.VITE_INFURA_MAINNET_PROJECT_ID}} | |
| VITE_WALLET_CONNECT_PROJECT_ID: ${{secrets.VITE_WALLET_CONNECT_PROJECT_ID}} | |
| VITE_INFURA_API_KEY: ${{secrets.VITE_INFURA_API_KEY}} | |
| VITE_ALCHEMY_KEY_POLYGON_MUMBAI: ${{secrets.VITE_ALCHEMY_KEY_POLYGON_MUMBAI}} | |
| VITE_ALCHEMY_KEY_POLYGON_MAINNET: ${{secrets.VITE_ALCHEMY_KEY_POLYGON_MUMBAI}} | |
| VITE_ALCHEMY_KEY_MAINNET: ${{secrets.VITE_ALCHEMY_KEY_MAINNET}} | |
| VITE_ALCHEMY_KEY_GOERLI: ${{secrets.VITE_ALCHEMY_KEY_GOERLI}} | |
| VITE_COVALENT_API_KEY: ${{secrets.VITE_COVALENT_API_KEY}} | |
| NODE_OPTIONS: '--max-old-space-size=6656' | |
| PRIVATE_KEY: '81ce9e0a6df4f2dbf667830614bfa162d5aa4ef4992362911dc8d14ea53a31e1' | |
| # For recording and parallelization to work you must set your CYPRESS_RECORD_KEY | |
| # in GitHub repo → Settings → Secrets → Actions | |
| # CYPRESS_RECORD_KEY: ${{ secrets.CYPRESS_RECORD_KEY }} | |
| CYPRESS_RECORD_KEY: '0c4de406-82ab-48c2-94b1-6267578d2f33' # key of testing project | |
| CYPRESS_PRIVATE_KEY: ${{secrets.CYPRESS_PRIVATE_KEY}} | |
| # Creating a token https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token | |
| # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # - name: Upload sourcemap to Kibana sourcemap endpoint (APM) | |
| # env: | |
| # COMMIT_SHA: ${{ github.sha }} | |
| # run: | | |
| # for f in $(find ./dist/assets/ -name *.js.map) ; do | |
| # curl -X POST "https://kibana-sourcemaps.aragon.org/api/apm/sourcemaps" \ | |
| # -H 'Content-Type: multipart/form-data' \ | |
| # -H 'kbn-xsrf: true' \ | |
| # -H 'Authorization: ApiKey ${{ secrets.APM_API_KEY }}' \ | |
| # -F service_name="aragon-app" \ | |
| # -F service_version="$COMMIT_SHA" \ | |
| # -F bundle_filepath="http://localhost/assets/$(basename $f)" \ | |
| # -F sourcemap=@$f | |
| # done | |
| # scan-vulns-repo: | |
| # name: Scan Vulnerabilities in Repo | |
| # runs-on: ubuntu-latest | |
| # needs: [build-and-deploy] | |
| # steps: | |
| # - name: Checkout code | |
| # uses: actions/checkout@v3 | |
| # ## The 'fs' scan mode requires *.lock files in order to scan for vulns | |
| # ## and to collect license info of packages you should run npm install before. | |
| # - name: Setup NodeJS before scanning with Trivy | |
| # uses: actions/setup-node@v3 | |
| # with: | |
| # node-version: 18 | |
| # cache: 'yarn' | |
| # - name: Install depdendencies | |
| # run: yarn install --pure-lockfile | |
| # - name: Scan in Repo (html) | |
| # uses: aquasecurity/trivy-action@master | |
| # if: success() || failure() | |
| # with: | |
| # scan-type: fs | |
| # scanners: vuln,secret,config | |
| # scan-ref: . | |
| # format: template | |
| # template: '@/contrib/html.tpl' | |
| # output: trivy-results-repo-${{ needs.build-and-deploy.outputs.GIT_HASH_SHORT }}.html | |
| # skip-dirs: node_modules/browser-resolve/node_modules/resolve/ | |
| # #skip-dirs: node_modules/browser-resolve/node_modules/resolve/test/resolver/biz/node_modules/garply/package.json | |
| # env: | |
| # TRIVY_USERNAME: ${{ github.repository_owner }} | |
| # TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} | |
| # - name: Scan in Repo (sarif) | |
| # uses: aquasecurity/trivy-action@master | |
| # if: success() || failure() | |
| # with: | |
| # scan-type: fs | |
| # scanners: vuln,secret,config | |
| # scan-ref: . | |
| # format: sarif | |
| # output: trivy-results-repo-${{ needs.build-and-deploy.outputs.GIT_HASH_SHORT }}.sarif | |
| # skip-dirs: node_modules/browser-resolve/node_modules/resolve/ | |
| # #skip-dirs: node_modules/browser-resolve/node_modules/resolve/test/resolver/biz/node_modules/garply/package.json | |
| # env: | |
| # TRIVY_USERNAME: ${{ github.repository_owner }} | |
| # TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} | |
| # - name: Publish Repo Scan Results as Artifact | |
| # uses: actions/upload-artifact@v3 | |
| # if: success() || failure() | |
| # with: | |
| # name: trivy-results-repo-${{ needs.build-and-deploy.outputs.DATE_IN_SECS }}.zip | |
| # path: trivy-results-repo-${{ needs.build-and-deploy.outputs.GIT_HASH_SHORT }}.* | |
| # - name: Load Repo Scan Results (sarif) to Github | |
| # uses: github/codeql-action/upload-sarif@v2 | |
| # if: always() | |
| # #if: false ## false = bypass | |
| # with: | |
| # sarif_file: trivy-results-repo-${{ needs.build-and-deploy.outputs.GIT_HASH_SHORT }}.sarif | |
| # category: sca-vulns-repo | |
| # scan-vulns-docker: | |
| # name: Scan Vulnerabilities in Docker | |
| # runs-on: ubuntu-latest | |
| # needs: [build-and-deploy] | |
| # steps: | |
| # - name: Checkout code | |
| # uses: actions/checkout@v3 | |
| # - name: Vuln scan in Docker (table) | |
| # uses: aquasecurity/trivy-action@master | |
| # with: | |
| # scan-type: image | |
| # scanners: vuln,secret,config | |
| # image-ref: ghcr.io/${{ github.repository }}:${{ needs.build-and-deploy.outputs.CONTAINER_TAG }} | |
| # format: table | |
| # env: | |
| # TRIVY_USERNAME: ${{ github.repository_owner }} | |
| # TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} | |
| # - name: Vuln scan in Docker (html) | |
| # uses: aquasecurity/trivy-action@master | |
| # with: | |
| # scan-type: image | |
| # scanners: vuln,secret,config | |
| # image-ref: ghcr.io/${{ github.repository }}:${{ needs.build-and-deploy.outputs.CONTAINER_TAG }} | |
| # format: template | |
| # template: '@/contrib/html.tpl' | |
| # output: trivy-results-docker-${{ needs.build-and-deploy.outputs.GIT_HASH_SHORT }}.html | |
| # env: | |
| # TRIVY_USERNAME: ${{ github.repository_owner }} | |
| # TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} | |
| # - name: Vuln scan in Docker (sarif) | |
| # uses: aquasecurity/trivy-action@master | |
| # with: | |
| # scan-type: image | |
| # scanners: vuln,secret,config | |
| # image-ref: ghcr.io/${{ github.repository }}:${{ needs.build-and-deploy.outputs.CONTAINER_TAG }} | |
| # format: sarif | |
| # output: trivy-results-docker-${{ needs.build-and-deploy.outputs.GIT_HASH_SHORT }}.sarif | |
| # env: | |
| # TRIVY_USERNAME: ${{ github.repository_owner }} | |
| # TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} | |
| # - name: Publish Docker Scan Results as Artifact | |
| # uses: actions/upload-artifact@v3 | |
| # if: success() || failure() | |
| # with: | |
| # name: trivy-results-docker-${{ needs.build-and-deploy.outputs.DATE_IN_SECS }}.zip | |
| # path: trivy-results-docker-${{ needs.build-and-deploy.outputs.GIT_HASH_SHORT }}.* | |
| # ## If have error is because "Advanced Security" must be enabled for this repository to use code scanning. | |
| # ## If this repo is private and CodeQL features can not be enabled and used, so the next step will not work. | |
| # ## Info: https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github | |
| # - name: Load Docker Scan Results (sarif) to Github | |
| # uses: github/codeql-action/upload-sarif@v2 | |
| # if: always() | |
| # #if: false ## false = bypass | |
| # with: | |
| # sarif_file: trivy-results-docker-${{ needs.build-and-deploy.outputs.GIT_HASH_SHORT }}.sarif | |
| # category: sca-vulns-docker |