Pass secrets in as environment variables directly #7
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Test | |
on: | |
workflow_dispatch: | |
pull_request_target: | |
types: | |
- opened | |
- synchronize | |
push: | |
branches: | |
- main | |
- ci/setup-gh-actions | |
jobs: | |
authorize: | |
name: Authorize | |
environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }} | |
runs-on: ubuntu-latest | |
steps: | |
- run: true | |
sample: | |
needs: authorize | |
name: Test Sample | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event.pull_request.head.sha || github.ref }} | |
- name: Checkout Tests | |
uses: actions/checkout@v4 | |
with: | |
repository: auth0-samples/api-quickstarts-tests | |
path: tests | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Setup sample .env | |
working-directory: 01-Authorization-RS256 | |
env: | |
AUTH0_DOMAIN: ${{ secrets.AUTH0_DOMAIN }} | |
API_IDENTIFIER: ${{ secrets.API_IDENTIFIER }} | |
run: | | |
sed \ | |
-e "s|{DOMAIN}|$AUTH0_DOMAIN|g" \ | |
-e "s|{API_IDENTIFIER}|$API_IDENTIFIER|g" \ | |
.env.example > .env | |
- name: Build PR image | |
working-directory: 01-Authorization-RS256 | |
env: | |
IMAGE_NAME: ${{ github.event.pull_request.head.sha || github.sha }} | |
CONTAINER_NAME: ${{ github.event.pull_request.head.sha || github.sha }} | |
run: | | |
docker build -t $IMAGE_NAME . | |
docker run -d --env-file .env -p 3010:3010 --name $CONTAINER_NAME $IMAGE_NAME | |
- name: Wait for sample to start | |
run: | | |
sleep 10 | |
docker run --network host --rm appropriate/curl --retry 8 --retry-connrefused -v localhost:3010 | |
- name: Install dependencies | |
working-directory: tests | |
run: npm i | |
- name: Run tests | |
working-directory: tests | |
env: | |
AUTH0_DOMAIN: ${{ secrets.AUTH0_DOMAIN }} | |
API_IDENTIFIER: ${{ secrets.API_IDENTIFIER }} | |
CLIENT_ID_SCOPES_NONE: ${{ secrets.CLIENT_ID_SCOPES_NONE }} | |
CLIENT_SECRET_SCOPES_NONE: ${{ secrets.CLIENT_SECRET_SCOPES_NONE }} | |
CLIENT_ID_SCOPES_READ: ${{ secrets.CLIENT_ID_SCOPES_READ }} | |
CLIENT_SECRET_SCOPES_READ: ${{ secrets.CLIENT_SECRET_SCOPES_READ }} | |
CLIENT_ID_SCOPES_WRITE: ${{ secrets.CLIENT_ID_SCOPES_WRITE }} | |
CLIENT_SECRET_SCOPES_WRITE: ${{ secrets.CLIENT_SECRET_SCOPES_WRITE }} | |
CLIENT_ID_SCOPES_READWRITE: ${{ secrets.CLIENT_ID_SCOPES_READWRITE }} | |
CLIENT_SECRET_SCOPES_READWRITE: ${{ secrets.CLIENT_SECRET_SCOPES_READWRITE }} | |
run: npm test |