PowerOn/platform-core
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: tests on github
All checks were successful
Deploy Plattform-Core / test (push) Successful in 41s
Details
Deploy Plattform-Core / deploy (push) Successful in 4s
Details

Browse source
This commit is contained in:
Ida 2026-05-20 16:43:17 +02:00
parent d82fc0d955
commit bc8b0288ca
3 changed files with 81 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

74
.github/scripts/load_config_key_from_azure.py vendored Normal file
View file

@ -0,0 +1,74 @@
#!/usr/bin/env python3
# Copyright (c) 2026 Patrick Motsch
"""Load CONFIG_KEY from Azure App Service for CI pytest (Kudu API + publish profile)."""
from __future__ import annotations
import base64
import json
import os
import sys
import urllib.request
import xml.etree.ElementTree as ET
def main() -> None:
profile_xml = os.environ.get("AZURE_PUBLISH_PROFILE")
setting_name = os.environ.get("SETTING_NAME", "CONFIG_KEY")
if not profile_xml:
print("::error::AZURE_PUBLISH_PROFILE is not set", file=sys.stderr)
sys.exit(1)
root = ET.fromstring(profile_xml)
pub = None
for element in root.findall(".//publishProfile"):
url = (element.get("publishUrl") or "").lower()
if "scm" in url:
pub = element
break
if pub is None:
pub = root.find(".//publishProfile")
if pub is None:
print("::error::No publishProfile in publish profile XML", file=sys.stderr)
sys.exit(1)
host = (pub.get("publishUrl") or "").split(":")[0]
user = pub.get("userName")
pwd = pub.get("userPWD")
if not (host and user and pwd):
print("::error::Could not parse SCM credentials from publish profile", file=sys.stderr)
sys.exit(1)
api = f"https://{host}/api/settings"
req = urllib.request.Request(api)
cred = base64.b64encode(f"{user}:{pwd}".encode()).decode()
req.add_header("Authorization", f"Basic {cred}")
try:
with urllib.request.urlopen(req, timeout=60) as resp:
settings = json.load(resp)
except Exception as exc:
print(f"::error::Kudu settings request failed: {exc}", file=sys.stderr)
sys.exit(1)
if not isinstance(settings, dict) or setting_name not in settings:
preview = sorted(settings.keys())[:25] if isinstance(settings, dict) else []
print(
f"::error::{setting_name} not in Azure App Service application settings "
f"(sample keys: {preview})",
file=sys.stderr,
)
sys.exit(1)
value = settings[setting_name]
if not value or not str(value).strip():
print(f"::error::{setting_name} is empty in Azure App Service", file=sys.stderr)
sys.exit(1)
github_env = os.environ.get("GITHUB_ENV")
if github_env:
with open(github_env, "a", encoding="utf-8") as handle:
handle.write(f"{setting_name}<<EOF\n{value}\nEOF\n")
print(f"Loaded {setting_name} from Azure App Service ({len(value)} characters)")
if __name__ == "__main__":
main()

13
.github/workflows/int_gateway-int.yml vendored
View file

@ -42,19 +42,12 @@ jobs:
pip install -r requirements.txt --no-cache-dir pip install -r requirements.txt --no-cache-dir
fi fi
- name: Verify CONFIG_KEY for pytest - name: Load CONFIG_KEY from Azure App Service
env: env:
CONFIG_KEY: ${{ secrets.CONFIG_KEY }} AZURE_PUBLISH_PROFILE: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_GATEWAY_INT }}
run: | run: python .github/scripts/load_config_key_from_azure.py
if [ -z "${CONFIG_KEY}" ]; then
echo "::error::CONFIG_KEY is empty in GitHub Environment 'Production'. Add the int master key as CONFIG_KEY there (must decrypt INT_ENC:* in env-gateway-int.env)."
exit 1
fi
echo "CONFIG_KEY is set (${#CONFIG_KEY} characters)."
- name: Run tests - name: Run tests
env:
CONFIG_KEY: ${{ secrets.CONFIG_KEY }}
run: python -m pytest tests/ --ignore=tests/demo run: python -m pytest tests/ --ignore=tests/demo
build: build:

19
.github/workflows/main_gateway-prod.yml vendored
View file

@ -18,11 +18,7 @@ concurrency:
jobs: jobs:
test: test:
runs-on: ubuntu-latest runs-on: ubuntu-latest
# Same GitHub Environment as deploy — CONFIG_KEY lives here (not on the build job). environment: Production
environment:
name: 'Production'
url: ${{ steps.deploy-to-webapp.outputs.webapp-url }}
steps: steps:
- uses: actions/checkout@v5 - uses: actions/checkout@v5
@ -46,19 +42,12 @@ jobs:
pip install -r requirements.txt --no-cache-dir pip install -r requirements.txt --no-cache-dir
fi fi
- name: Verify CONFIG_KEY for pytest - name: Load CONFIG_KEY from Azure App Service
env: env:
CONFIG_KEY: ${{ secrets.CONFIG_KEY }} AZURE_PUBLISH_PROFILE: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_GATEWAY_PROD }}
run: | run: python .github/scripts/load_config_key_from_azure.py
if [ -z "${CONFIG_KEY}" ]; then
echo "::error::CONFIG_KEY is empty in GitHub Environment 'Production'. Azure App Service settings are not visible to this job — add CONFIG_KEY under Settings → Environments → Production → Environment secrets (same value as in Azure portal)."
exit 1
fi
echo "CONFIG_KEY is set (${#CONFIG_KEY} characters)."
- name: Run tests - name: Run tests
env:
CONFIG_KEY: ${{ secrets.CONFIG_KEY }}
run: python -m pytest tests/ --ignore=tests/demo run: python -m pytest tests/ --ignore=tests/demo
build: build: