tests: enforce conventions for go Test #2314

Workflow file for this run

	name: E2E Tests

	on:
	schedule:
	- cron: "0 5 * * *"
	workflow_dispatch:
	inputs:
	debug_enabled:
	type: boolean
	description: "Run the build with tmate debugging enabled (https://github.com/marketplace/actions/debugging-with-tmate)"
	required: false
	default: false
	target_ref:
	type: string
	description: "Target ref to run the tests against"
	required: false
	pull_request_target:
	types:
	- opened
	- reopened
	- synchronize
	- labeled
	paths:
	- "**.go"
	- ".github/workflows/**"
	- "test/testdata/**"
	- "vendor/**"
	- ".github/scripts/**"

	jobs:
	e2e-tests:
	# Run on schedule, unconditional workflow_dispatch,
	# or pull_request_target if the actor has write/admin permissions.
	if: >
	github.event_name == 'schedule' \|\|
	github.event_name == 'workflow_dispatch' \|\|
	(github.event_name == 'pull_request_target' && github.event.action != 'labeled') \|\|
	(github.event_name == 'pull_request_target' && github.event.action == 'labeled' && github.event.label.name == 'ok-to-test')
	concurrency:
	group: ${{ github.workflow }}-${{ matrix.provider }}-${{ github.event.pull_request.number \|\| github.ref_name }}
	cancel-in-progress: true

	name: e2e tests
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false
	matrix:
	provider:
	[
	github_public,
	github_ghe_1,
	github_ghe_2,
	github_ghe_3,
	gitlab_bitbucket,
	gitea_1,
	gitea_2,
	gitea_3,
	concurrency,
	]

	env:
	# Common/Infra
	CONTROLLER_DOMAIN_URL: paac.paac-127-0-0-1.nip.io
	KOCACHE: /tmp/ko-cache
	KO_DOCKER_REPO: registry.paac-127-0-0-1.nip.io
	KUBECONFIG: /home/runner/.kube/config.local
	TARGET_TEAM_SLUGS: "pipelines-as-code.maintainers"
	TEST_EL_URL: https://paac.paac-127-0-0-1.nip.io
	TEST_EL_WEBHOOK_SECRET: ${{ secrets.WEBHOOK_SECRET }}

	# GitHub (Public)
	TEST_GITHUB_API_URL: api.github.com
	TEST_GITHUB_PRIVATE_TASK_NAME: task-remote
	TEST_GITHUB_PRIVATE_TASK_URL: https://github.com/openshift-pipelines/pipelines-as-code-e2e-tests-private/blob/main/remote_task.yaml
	TEST_GITHUB_REPO_INSTALLATION_ID: ${{ vars.INSTALLATION_ID }}
	TEST_GITHUB_REPO_OWNER_GITHUBAPP: openshift-pipelines/pipelines-as-code-e2e-tests
	TEST_GITHUB_REPO_OWNER_WEBHOOK: openshift-pipelines/pipelines-as-code-e2e-tests-webhook
	TEST_GITHUB_TOKEN: ${{ secrets.GH_APPS_TOKEN }}

	# GitHub Enterprise (Second)
	TEST_GITHUB_SECOND_API_URL: ghe.pipelinesascode.com
	TEST_GITHUB_SECOND_EL_URL: https://ghe.paac-127-0-0-1.nip.io
	TEST_GITHUB_SECOND_REPO_INSTALLATION_ID: 1
	TEST_GITHUB_SECOND_REPO_OWNER_GITHUBAPP: pipelines-as-code/e2e
	TEST_GITHUB_SECOND_SMEE_URL: ${{ secrets.TEST_GITHUB_SECOND_SMEE_URL }}
	TEST_GITHUB_SECOND_TOKEN: ${{ secrets.TEST_GITHUB_SECOND_TOKEN }}
	TEST_GITHUB_SECOND_WEBHOOK_ORG: pac-e2e-webhook-tests
	TEST_GITHUB_SECOND_WEBHOOK_TOKEN: ${{ secrets.TEST_GITHUB_SECOND_WEBHOOK_TOKEN }}
	TEST_GITHUB_SECOND_WEBHOOK_SECRET: ${{ secrets.TEST_GITHUB_SECOND_WEBHOOK_SECRET }}
	TEST_GITHUB_SECOND_APPLICATION_ID: ${{ vars.TEST_GITHUB_SECOND_APPLICATION_ID }}

	# GitLab
	TEST_GITLAB_TOKEN: ${{ secrets.GITLAB_TOKEN }}
	TEST_GITLAB_SECOND_TOKEN: ${{ secrets.TEST_GITLAB_SECOND_TOKEN }}
	TEST_GITLAB_SECOND_GROUP: ${{ vars.TEST_GITLAB_SECOND_GROUP }}

	# Gitea
	TEST_GITEA_API_URL: http://localhost:3000
	TEST_GITEA_INTERNAL_URL: http://forgejo-http.forgejo.svc.cluster.local:3000
	TEST_GITEA_PASSWORD: pac
	TEST_GITEA_REPO_OWNER: pac/pac
	TEST_GITEA_USERNAME: pac

	# Bitbucket Cloud
	TEST_BITBUCKET_CLOUD_API_URL: https://api.bitbucket.org/2.0
	TEST_BITBUCKET_CLOUD_E2E_REPOSITORY: cboudjna/pac-e2e-tests
	TEST_BITBUCKET_CLOUD_TOKEN: ${{ secrets.BITBUCKET_CLOUD_TOKEN }}
	TEST_BITBUCKET_CLOUD_USER: cboudjna

	# Bitbucket Server
	TEST_BITBUCKET_SERVER_API_URL: ${{ secrets.BITBUCKET_SERVER_API_URL }}
	TEST_BITBUCKET_SERVER_E2E_REPOSITORY: PAC/pac-e2e-tests
	TEST_BITBUCKET_SERVER_TOKEN: ${{ secrets.BITBUCKET_SERVER_TOKEN }}
	TEST_BITBUCKET_SERVER_USER: pipelines
	TEST_BITBUCKET_SERVER_WEBHOOK_SECRET: ${{ secrets.BITBUCKET_SERVER_WEBHOOK_SECRET }}
	TESTRR_URL: https://testrr.pipelinesascode.com
	TESTRR_PROJECT: pipelinesascode
	TESTRR_USERNAME: pac
	TESTRR_PASSWORD: ${{ secrets.TESTRR_PASSWORD }}
	TESTRR_BRANCH: ${{ github.head_ref \|\| github.ref_name }}
	TESTRR_COMMIT_SHA: ${{ github.event.pull_request.head.sha \|\| github.sha }}
	TESTRR_BUILD_ID: ${{ github.run_id }}
	TESTRR_BUILD_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
	TESTRR_RUN_LABEL: gha-e2e-${{ matrix.provider }}
	steps:
	- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
	with:
	ref: ${{ inputs.target_ref \|\| github.event.pull_request.head.sha \|\| github.sha }}

	# Step to check PR author's org membership and repo permissions.
	# This step will fail the job if checks do not pass, skipping subsequent steps.
	- name: Check user permissions on PRs
	if: github.event_name == 'pull_request_target'
	uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
	with:
	script: \|
	const script = require('./.github/scripts/check-pr-permissions.js')
	await script({github, context, core})

	- uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6
	with:
	go-version-file: "go.mod"

	- name: Cache ko layer cache
	uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
	with:
	path: /tmp/ko-cache
	key: ${{ runner.os }}-ko-${{ hashFiles('go.sum') }}
	restore-keys: \|
	${{ runner.os }}-ko-

	- uses: ko-build/setup-ko@d006021bd0c28d1ce33a07e7943d48b079944c8d # v0.9

	# Start binary build in background as soon as possible so we can optimize
	# the run of e2e when it's start later on
	- name: Build binaries in parallel with cluster installation
	run: \|
	nohup make allbinaries > /tmp/binary-build.log 2>&1 &
	echo $! > /tmp/binary-build.pid

	- name: Install gosmee
	uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
	with:
	repo: chmouel/gosmee

	- name: Install Snazy
	uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
	with:
	repo: chmouel/snazy

	- name: Install minica
	run: \|
	go install github.com/jsha/minica@latest
	echo "${HOME}/go/bin" >> "$GITHUB_PATH"

	- name: Clone startpaac
	uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
	with:
	repository: openshift-pipelines/startpaac
	path: startpaac

	- name: Run gosmee for main controller
	run: \|
	nohup gosmee client --saveDir /tmp/gosmee-replay ${{ secrets.PYSMEE_URL }} "https://${CONTROLLER_DOMAIN_URL}" > /tmp/gosmee-main.log 2>&1 &

	- name: Generate unique gosmee URL for Gitea tests
	if: startsWith(matrix.provider, 'gitea') \|\| matrix.provider == 'concurrency'
	id: gosmee-url
	run: \|
	SMEE_URL=$(curl -s https://hook.pipelinesascode.com -o /dev/null -w '%{redirect_url}')
	echo "Generated unique smee URL: ${SMEE_URL}"
	echo "url=${SMEE_URL}" >> "$GITHUB_OUTPUT"
	echo "TEST_GITEA_SMEEURL=${SMEE_URL}" >> "$GITHUB_ENV"

	- name: Run gosmee for main controller (Gitea)
	if: startsWith(matrix.provider, 'gitea') \|\| matrix.provider == 'concurrency'
	run: \|
	nohup gosmee client --saveDir /tmp/gosmee-replay "${TEST_GITEA_SMEEURL}" "https://${CONTROLLER_DOMAIN_URL}" >> /tmp/gosmee-main.log 2>&1 &

	- name: Generate unique gosmee URL for GitLab tests
	if: matrix.provider == 'gitlab_bitbucket'
	id: gosmee-gitlab-url
	run: \|
	SMEE_URL=$(curl -s https://hook.pipelinesascode.com -o /dev/null -w '%{redirect_url}')
	echo "Generated unique GitLab smee URL: ${SMEE_URL}"
	echo "url=${SMEE_URL}" >> "$GITHUB_OUTPUT"
	echo "TEST_GITLAB_SMEEURL=${SMEE_URL}" >> "$GITHUB_ENV"

	- name: Run gosmee for GitLab tests
	if: matrix.provider == 'gitlab_bitbucket'
	run: \|
	nohup gosmee client --saveDir /tmp/gosmee-replay-gitlab "${TEST_GITLAB_SMEEURL}" "https://${CONTROLLER_DOMAIN_URL}" >> /tmp/gosmee-gitlab.log 2>&1 &

	- name: Run gosmee for second controller GHE App
	if: startsWith(matrix.provider, 'github_ghe') \|\| matrix.provider == 'concurrency'
	run: \|
	nohup gosmee client --saveDir /tmp/gosmee-replay-ghe "${TEST_GITHUB_SECOND_SMEE_URL}" "https://ghe.paac-127-0-0-1.nip.io" >> /tmp/gosmee-ghe.log 2>&1 &

	- name: Generate unique gosmee URL for GHE webhook tests
	if: startsWith(matrix.provider, 'github_ghe') \|\| matrix.provider == 'concurrency'
	id: gosmee-ghe-webhook-url
	run: \|
	SMEE_URL=$(curl -s https://hook.pipelinesascode.com -o /dev/null -w '%{redirect_url}')
	echo "Generated unique GHE webhook smee URL: ${SMEE_URL}"
	echo "url=${SMEE_URL}" >> "$GITHUB_OUTPUT"
	echo "TEST_GITHUB_SECOND_WEBHOOK_SMEE_URL=${SMEE_URL}" >> "$GITHUB_ENV"

	- name: Run gosmee for second controller GHE webhook
	if: startsWith(matrix.provider, 'github_ghe') \|\| matrix.provider == 'concurrency'
	run: \|
	nohup gosmee client --saveDir /tmp/gosmee-replay-ghe-webhook "${TEST_GITHUB_SECOND_WEBHOOK_SMEE_URL}" "https://ghe.paac-127-0-0-1.nip.io" >> /tmp/gosmee-ghe-webhook.log 2>&1 &

	- name: Setup tmate session
	uses: mxschmitt/action-tmate@c0afd6f790e3a5564914980036ebf83216678101 # v3
	# add all environment so we can debug easily
	env:
	# Common/Infra
	CONTROLLER_DOMAIN_URL: paac.paac-127-0-0-1.nip.io
	KOCACHE: /tmp/ko-cache
	KO_DOCKER_REPO: registry.paac-127-0-0-1.nip.io
	KUBECONFIG: /home/runner/.kube/config.local
	PYSMEE_URL: ${{ secrets.PYSMEE_URL }}
	TARGET_TEAM_SLUGS: "pipeline-as-code,pipeline-as-code-contributors"
	TEST_EL_URL: https://paac.paac-127-0-0-1.nip.io
	TEST_EL_WEBHOOK_SECRET: ${{ secrets.WEBHOOK_SECRET }}
	TEST_PROVIDER: ${{ matrix.provider }}

	# GitHub (Public)
	APP_PRIVATE_KEY: ${{ secrets.APP_PRIVATE_KEY }}
	TEST_GITHUB_API_URL: api.github.com
	TEST_GITHUB_PRIVATE_TASK_NAME: task-remote
	TEST_GITHUB_PRIVATE_TASK_URL: https://github.com/openshift-pipelines/pipelines-as-code-e2e-tests-private/blob/main/remote_task.yaml
	TEST_GITHUB_REPO_INSTALLATION_ID: ${{ vars.INSTALLATION_ID }}
	TEST_GITHUB_REPO_OWNER_GITHUBAPP: openshift-pipelines/pipelines-as-code-e2e-tests
	TEST_GITHUB_REPO_OWNER_WEBHOOK: openshift-pipelines/pipelines-as-code-e2e-tests-webhook
	TEST_GITHUB_TOKEN: ${{ secrets.GH_APPS_TOKEN }}

	# GitHub Enterprise (Second)
	TEST_GITHUB_SECOND_API_URL: ghe.pipelinesascode.com
	TEST_GITHUB_SECOND_APPLICATION_ID: ${{ vars.TEST_GITHUB_SECOND_APPLICATION_ID }}
	TEST_GITHUB_SECOND_EL_URL: https://ghe.paac-127-0-0-1.nip.io
	TEST_GITHUB_SECOND_PRIVATE_KEY: ${{ secrets.TEST_GITHUB_SECOND_PRIVATE_KEY }}
	TEST_GITHUB_SECOND_REPO_INSTALLATION_ID: 1
	TEST_GITHUB_SECOND_REPO_OWNER_GITHUBAPP: pipelines-as-code/e2e
	TEST_GITHUB_SECOND_SMEE_URL: ${{ secrets.TEST_GITHUB_SECOND_SMEE_URL }}
	TEST_GITHUB_SECOND_TOKEN: ${{ secrets.TEST_GITHUB_SECOND_TOKEN }}
	TEST_GITHUB_SECOND_WEBHOOK_ORG: pac-e2e-webhook-tests
	TEST_GITHUB_SECOND_WEBHOOK_SECRET: ${{ secrets.TEST_GITHUB_SECOND_WEBHOOK_SECRET }}
	TEST_GITHUB_SECOND_WEBHOOK_TOKEN: ${{ secrets.TEST_GITHUB_SECOND_WEBHOOK_TOKEN }}

	# GitLab
	TEST_GITLAB_API_URL: https://gitlab.com
	TEST_GITLAB_GROUP: pac-e2e-tests
	TEST_GITLAB_SECOND_GROUP: ${{ vars.TEST_GITLAB_SECOND_GROUP }}
	TEST_GITLAB_SMEEURL: ${{ env.TEST_GITLAB_SMEEURL }}
	TEST_GITLAB_TOKEN: ${{ secrets.GITLAB_TOKEN }}
	TEST_GITLAB_SECOND_TOKEN: ${{ secrets.TEST_GITLAB_SECOND_TOKEN }}

	# Gitea
	TEST_GITEA_API_URL: http://localhost:3000
	TEST_GITEA_INTERNAL_URL: http://forgejo-http.forgejo.svc.cluster.local:3000
	TEST_GITEA_PASSWORD: pac
	TEST_GITEA_REPO_OWNER: pac/pac
	TEST_GITEA_USERNAME: pac

	# Bitbucket Cloud
	TEST_BITBUCKET_CLOUD_API_URL: https://api.bitbucket.org/2.0
	TEST_BITBUCKET_CLOUD_E2E_REPOSITORY: cboudjna/pac-e2e-tests
	TEST_BITBUCKET_CLOUD_TOKEN: ${{ secrets.BITBUCKET_CLOUD_TOKEN }}
	TEST_BITBUCKET_CLOUD_USER: cboudjna

	# Bitbucket Server
	TEST_BITBUCKET_SERVER_API_URL: ${{ secrets.BITBUCKET_SERVER_API_URL }}
	TEST_BITBUCKET_SERVER_E2E_REPOSITORY: PAC/pac-e2e-tests
	TEST_BITBUCKET_SERVER_TOKEN: ${{ secrets.BITBUCKET_SERVER_TOKEN }}
	TEST_BITBUCKET_SERVER_USER: pipelines
	TEST_BITBUCKET_SERVER_WEBHOOK_SECRET: ${{ secrets.BITBUCKET_SERVER_WEBHOOK_SECRET }}
	if: ${{ github.event_name == 'workflow_dispatch' && inputs.debug_enabled }}
	with:
	detached: true
	limit-access-to-actor: true

	- name: Start installing cluster with startpaac
	env:
	PAC_DIR: ${{ github.workspace }}
	run: \|
	mkdir -p ~/secrets
	echo "${{ vars.APPLICATION_ID }}" > ~/secrets/github-application-id
	echo "${{ secrets.APP_PRIVATE_KEY }}" > ~/secrets/github-private-key
	echo "${{ secrets.WEBHOOK_SECRET }}" > ~/secrets/webhook.secret
	echo "${{ secrets.PYSMEE_URL }}" > ~/secrets/smee


	mkdir -p ~/secrets-second
	echo "${{ vars.TEST_GITHUB_SECOND_APPLICATION_ID }}" > ~/secrets-second/github-application-id
	echo "${{ secrets.TEST_GITHUB_SECOND_PRIVATE_KEY }}" > ~/secrets-second/github-private-key
	echo "${{ secrets.TEST_GITHUB_SECOND_WEBHOOK_SECRET }}" > ~/secrets-second/webhook.secret
	echo "${{ secrets.TEST_GITHUB_SECOND_SMEE_URL }}" > ~/secrets-second/smee

	export PAC_SECRET_FOLDER=~/secrets
	export PAC_SECOND_SECRET_FOLDER=~/secrets-second
	export PAC_WEBHOOK_SECRET="${{secrets.WEBHOOK_SECRET}}"
	export PAC_DOMAIN=paac-127-0-0-1.nip.io
	export TARGET_HOST=local

	cd startpaac
	./startpaac --ci -a

	- name: Install minica CA certificate to system trust store
	run: \|
	set -x
	if [ -f /tmp/certs/minica.pem ]; then
	sudo mkdir -p /usr/local/share/ca-certificates/
	sudo cp /tmp/certs/minica.pem /usr/local/share/ca-certificates/minica.crt
	sudo update-ca-certificates
	else
	echo "ERROR: /tmp/certs/minica.pem not found"
	exit 1
	fi

	- name: Configure git to skip TLS verification
	run: \|
	git config --global http.sslVerify false

	- name: Enable debug logging for e2e
	run: \|
	set -euo pipefail
	kubectl -n pipelines-as-code patch configmap pac-config-logging --type merge -p '{"data":{"loglevel.pipelinesascode":"debug","loglevel.pac-watcher":"debug","loglevel.pipelines-as-code-webhook":"debug"}}'
	kubectl -n pipelines-as-code rollout restart deployment/pipelines-as-code-controller deployment/pipelines-as-code-webhook deployment/pipelines-as-code-watcher
	for name in controller webhook watcher; do
	echo "=== Waiting for $name to be ready ==="
	kubectl -n pipelines-as-code rollout status deployment/pipelines-as-code-$name --timeout=120s
	done

	# Adjusted step-level conditions based on the new job-level logic
	- name: Run E2E Tests
	# This step runs for schedule, PR target (if job started), or workflow_dispatch (if job started)
	# Remove the old label check which is no longer relevant for triggering.
	if: ${{ github.event_name == 'schedule' \|\| github.event_name == 'workflow_dispatch' \|\| github.event_name == 'pull_request_target' }}
	env:
	TEST_PROVIDER: ${{ matrix.provider }}
	TEST_BITBUCKET_CLOUD_TOKEN: ${{ secrets.BITBUCKET_CLOUD_TOKEN }}
	TEST_EL_WEBHOOK_SECRET: ${{ secrets.WEBHOOK_SECRET }}
	TEST_GITHUB_REPO_INSTALLATION_ID: ${{ vars.INSTALLATION_ID }}
	TEST_GITHUB_TOKEN: ${{ secrets.GH_APPS_TOKEN }}
	TEST_GITHUB_SECOND_TOKEN: ${{ secrets.TEST_GITHUB_SECOND_TOKEN }}
	TEST_GITHUB_SECOND_WEBHOOK_TOKEN: ${{ secrets.TEST_GITHUB_SECOND_WEBHOOK_TOKEN }}
	TEST_GITLAB_TOKEN: ${{ secrets.GITLAB_TOKEN }}
	TEST_GITLAB_SECOND_TOKEN: ${{ secrets.TEST_GITLAB_SECOND_TOKEN }}
	TEST_GITLAB_SECOND_GROUP: ${{ vars.TEST_GITLAB_SECOND_GROUP }}
	TEST_BITBUCKET_SERVER_TOKEN: ${{ secrets.BITBUCKET_SERVER_TOKEN }}
	TEST_BITBUCKET_SERVER_API_URL: ${{ secrets.BITBUCKET_SERVER_API_URL }}
	TEST_BITBUCKET_SERVER_WEBHOOK_SECRET: ${{ secrets.BITBUCKET_SERVER_WEBHOOK_SECRET }}
	run: \|
	./hack/gh-workflow-ci.sh run_e2e_tests

	- name: Collect logs
	if: ${{ always() }}
	env:
	TEST_GITHUB_SECOND_SMEE_URL: ${{ secrets.TEST_GITHUB_SECOND_SMEE_URL }}
	TEST_GITHUB_SECOND_WEBHOOK_SMEE_URL: ${{ steps.gosmee-ghe-webhook-url.outputs.url }}
	TEST_GITLAB_SMEEURL: ${{ steps.gosmee-gitlab-url.outputs.url }}
	run: \|
	./hack/gh-workflow-ci.sh collect_logs

	- name: Show controllers/watcher errors with Snazy
	if: ${{ always() }}
	run: \|
	./hack/gh-workflow-ci.sh output_logs

	- name: Upload artifacts
	if: ${{ always() }}
	uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
	with:
	name: logs-e2e-tests-${{ matrix.provider }}
	path: /tmp/logs

	notify-slack:
	name: Notify Slack on Failures
	runs-on: ubuntu-latest
	needs: [e2e-tests]
	if: ${{ always() && github.ref_name == 'main' && github.event_name == 'schedule' }}
	steps:
	- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
	- name: Download all artifacts
	uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
	with:
	path: artifacts
	pattern: logs-e2e-tests-*

	- name: Send Slack notification
	env:
	SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
	run: \|
	./hack/notify-slack.sh artifacts

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

tests: enforce conventions for go Test #2314

Workflow file

tests: enforce conventions for go Test #2314

Uh oh!

Workflow file for this run