ansible-onepasswordconnect-collection icon indicating copy to clipboard operation
ansible-onepasswordconnect-collection copied to clipboard

Published 20 hours ago verified publisher icon 1Password

Add automated testing with GitHub actions

Open verkaufer opened this issue 3 years ago • 1 comments

Summary

Testing the Ansible collection should follow the CI practices we have in other integration repositories. There are clearly defined steps for testing the collection, but we're still relying on manually running the tests locally.

Use cases

  • CI testing parity with our other integrations
  • Test a wider set of Ansible & Python versions without maintaining multiple pyenvs & virtualenvs on developer machines
  • Improve confidence in changes and make it easier to review community contributions

Proposed solution

I suggest the approach taken by icinga-director collection to run their sanity and integration tests. They define multiple Python and Ansible-core versions and let the GitHub action take care of setup and teardown.

Integration tests present a different obstacle. We would need to test Connect against a 1Password testing environment to get useful results. I believe the Connect Helm-Chart or K8s operator run an integration suite with an account in a test environment. Perhaps we can do something similar?

Then running the Connect service should be doable with a GitHub Action service container.

  • However, there are some issues with running Connect as a GHA service

Is there a workaround to accomplish this today?

We could continue testing manually, but that's not something we should encourage.

References & Prior Work

verkaufer avatar Dec 17 '21 22:12 verkaufer

Confirming the ansible-test sanity tests pass sounds like a good first step for this while we continue researching better integration test automations.

We'll want to split this issue into two:

  1. add automated ansible-test sanity tests
  2. add automated integration tests that spin up a Connect server and talk to a staging 1Password environment we control?
    • To avoid malicious actors we may want to restrict integration tests to only run after merging to main. That way we avoid drive-by PRs that could insert data into our staging 1Password environment

verkaufer avatar Jan 04 '22 14:01 verkaufer