Skip to content

Pass secrets in as environment variables directly #7

Pass secrets in as environment variables directly

Pass secrets in as environment variables directly #7

Workflow file for this run

name: Test
on:
workflow_dispatch:
pull_request_target:
types:
- opened
- synchronize
push:
branches:
- main
- ci/setup-gh-actions
jobs:
authorize:
name: Authorize
environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }}
runs-on: ubuntu-latest
steps:
- run: true
sample:
needs: authorize
name: Test Sample
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha || github.ref }}
- name: Checkout Tests
uses: actions/checkout@v4
with:
repository: auth0-samples/api-quickstarts-tests
path: tests
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Setup sample .env
working-directory: 01-Authorization-RS256
env:
AUTH0_DOMAIN: ${{ secrets.AUTH0_DOMAIN }}
API_IDENTIFIER: ${{ secrets.API_IDENTIFIER }}
run: |
sed \
-e "s|{DOMAIN}|$AUTH0_DOMAIN|g" \
-e "s|{API_IDENTIFIER}|$API_IDENTIFIER|g" \
.env.example > .env
- name: Build PR image
working-directory: 01-Authorization-RS256
env:
IMAGE_NAME: ${{ github.event.pull_request.head.sha || github.sha }}
CONTAINER_NAME: ${{ github.event.pull_request.head.sha || github.sha }}
run: |
docker build -t $IMAGE_NAME .
docker run -d --env-file .env -p 3010:3010 --name $CONTAINER_NAME $IMAGE_NAME
- name: Wait for sample to start
run: |
sleep 10
docker run --network host --rm appropriate/curl --retry 8 --retry-connrefused -v localhost:3010
- name: Install dependencies
working-directory: tests
run: npm i
- name: Run tests
working-directory: tests
env:
AUTH0_DOMAIN: ${{ secrets.AUTH0_DOMAIN }}
API_IDENTIFIER: ${{ secrets.API_IDENTIFIER }}
CLIENT_ID_SCOPES_NONE: ${{ secrets.CLIENT_ID_SCOPES_NONE }}
CLIENT_SECRET_SCOPES_NONE: ${{ secrets.CLIENT_SECRET_SCOPES_NONE }}
CLIENT_ID_SCOPES_READ: ${{ secrets.CLIENT_ID_SCOPES_READ }}
CLIENT_SECRET_SCOPES_READ: ${{ secrets.CLIENT_SECRET_SCOPES_READ }}
CLIENT_ID_SCOPES_WRITE: ${{ secrets.CLIENT_ID_SCOPES_WRITE }}
CLIENT_SECRET_SCOPES_WRITE: ${{ secrets.CLIENT_SECRET_SCOPES_WRITE }}
CLIENT_ID_SCOPES_READWRITE: ${{ secrets.CLIENT_ID_SCOPES_READWRITE }}
CLIENT_SECRET_SCOPES_READWRITE: ${{ secrets.CLIENT_SECRET_SCOPES_READWRITE }}
run: npm test