mirror of
https://github.com/ghndrx/k8s-game-2048.git
synced 2026-02-10 06:45:07 +00:00
82fc2a6691
🧹 PII Cleanup & Security: - Remove all hardcoded domains (darknex.us, hndrx.co) - Remove all hardcoded emails (admin@ references) - Replace all personal info with environment variables - Repository now 100% generic and reusable 🚀 Fully Automatic Pipeline: - Pipeline now runs automatically develop → staging → production - No manual intervention required for production promotions - Auto-promotion triggers after successful tests - All workflows use commit-specific image tags 🔧 Environment Variables: - All manifests use ${VARIABLE_NAME} syntax - All scripts source from .env file - GitHub Actions use secrets for sensitive data - Complete .env.example template provided 📚 Documentation: - New comprehensive WORKFLOWS.md with pipeline details - New PIPELINE_QUICK_REFERENCE.md for quick reference - Updated all docs to use generic placeholders - Added security/privacy section to README 🔐 Security Enhancements: - Updated .gitignore for all sensitive files - Created PII verification script (verify-pii-removal.sh) - Created cleanup automation script (cleanup-pii.sh) - Repository verified PII-free and production-ready BREAKING: Repository now requires .env configuration - Copy .env.example to .env and configure for your environment - Set GitHub repository secrets for CI/CD workflows - All deployments now use environment-specific configuration
241 lines
8.5 KiB
YAML
241 lines
8.5 KiB
YAML
name: Smoke Tests
|
|
|
|
on:
|
|
workflow_run:
|
|
workflows: ["Deploy to Development", "Deploy to Staging", "Deploy to Production"]
|
|
types:
|
|
- completed
|
|
branches: [ develop, staging, main ]
|
|
schedule:
|
|
# Run smoke tests every 6 hours
|
|
- cron: '0 */6 * * *'
|
|
workflow_dispatch:
|
|
inputs:
|
|
environment:
|
|
description: 'Environment to test (dev, staging, prod, all)'
|
|
required: false
|
|
default: 'all'
|
|
type: choice
|
|
options:
|
|
- all
|
|
- dev
|
|
- staging
|
|
- prod
|
|
|
|
jobs:
|
|
smoke-tests:
|
|
name: Smoke Tests
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
environment:
|
|
- ${{ github.event.inputs.environment == 'all' && 'dev' || github.event.inputs.environment || 'dev' }}
|
|
- ${{ github.event.inputs.environment == 'all' && 'staging' || '' }}
|
|
- ${{ github.event.inputs.environment == 'all' && 'prod' || '' }}
|
|
exclude:
|
|
- environment: ''
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set environment variables
|
|
run: |
|
|
case "${{ matrix.environment }}" in
|
|
dev)
|
|
echo "CANONICAL_DOMAIN=https://${{ secrets.DEV_DOMAIN }}" >> $GITHUB_ENV
|
|
echo "ENV_NAME=development" >> $GITHUB_ENV
|
|
;;
|
|
staging)
|
|
echo "CANONICAL_DOMAIN=https://${{ secrets.STAGING_DOMAIN }}" >> $GITHUB_ENV
|
|
echo "ENV_NAME=staging" >> $GITHUB_ENV
|
|
;;
|
|
prod)
|
|
echo "CANONICAL_DOMAIN=https://${{ secrets.PROD_DOMAIN }}" >> $GITHUB_ENV
|
|
echo "ENV_NAME=production" >> $GITHUB_ENV
|
|
;;
|
|
esac
|
|
|
|
- name: Test Canonical Domain Accessibility
|
|
run: |
|
|
echo "🎯 Testing canonical Knative domain: ${{ env.CANONICAL_DOMAIN }}"
|
|
|
|
# Test HTTPS access to canonical domain
|
|
response_code=$(curl -s -o /dev/null -w "%{http_code}" -L --max-time 30 "${{ env.CANONICAL_DOMAIN }}")
|
|
echo "Canonical domain HTTP response code: $response_code"
|
|
|
|
if [ "$response_code" != "200" ]; then
|
|
echo "❌ Canonical domain ${{ env.CANONICAL_DOMAIN }} returned HTTP $response_code"
|
|
exit 1
|
|
else
|
|
echo "✅ Canonical domain ${{ env.CANONICAL_DOMAIN }} is accessible"
|
|
fi
|
|
|
|
- name: Test Content Validation
|
|
run: |
|
|
echo "📄 Testing content validation on canonical domain: ${{ env.CANONICAL_DOMAIN }}"
|
|
|
|
# Download the page content from canonical domain
|
|
content=$(curl -s -L --max-time 30 "${{ env.CANONICAL_DOMAIN }}")
|
|
|
|
# Check if it contains expected 2048 game elements
|
|
if echo "$content" | grep -q "2048"; then
|
|
echo "✅ Page contains '2048' title"
|
|
else
|
|
echo "❌ Page does not contain '2048' title"
|
|
exit 1
|
|
fi
|
|
|
|
if echo "$content" | grep -q "HOW TO PLAY"; then
|
|
echo "✅ Page contains game instructions"
|
|
else
|
|
echo "❌ Page does not contain game instructions"
|
|
exit 1
|
|
fi
|
|
|
|
if echo "$content" | grep -q "Environment.*${{ env.ENV_NAME }}"; then
|
|
echo "✅ Page shows correct environment: ${{ env.ENV_NAME }}"
|
|
else
|
|
echo "⚠️ Environment indicator not found or incorrect"
|
|
# Don't fail on this, just warn
|
|
fi
|
|
|
|
# Check if CSS and JS files are referenced
|
|
if echo "$content" | grep -q "style.css"; then
|
|
echo "✅ CSS file is referenced"
|
|
else
|
|
echo "❌ CSS file is not referenced"
|
|
exit 1
|
|
fi
|
|
|
|
if echo "$content" | grep -q "script.js"; then
|
|
echo "✅ JavaScript file is referenced"
|
|
else
|
|
echo "❌ JavaScript file is not referenced"
|
|
exit 1
|
|
fi
|
|
|
|
- name: Test Performance
|
|
run: |
|
|
echo "⚡ Testing performance for canonical domain: ${{ env.CANONICAL_DOMAIN }}"
|
|
|
|
# Measure response time on canonical domain
|
|
response_time=$(curl -s -o /dev/null -w "%{time_total}" -L --max-time 30 "${{ env.CANONICAL_DOMAIN }}")
|
|
echo "Canonical domain response time: ${response_time}s"
|
|
|
|
# Check if response time is reasonable (under 10 seconds)
|
|
if (( $(echo "$response_time < 10.0" | bc -l) )); then
|
|
echo "✅ Canonical domain response time is acceptable"
|
|
else
|
|
echo "⚠️ Canonical domain response time is slow: ${response_time}s"
|
|
fi
|
|
|
|
# Check content size
|
|
content_size=$(curl -s -L --max-time 30 "${{ env.CANONICAL_DOMAIN }}" | wc -c)
|
|
echo "Content size: $content_size bytes"
|
|
|
|
if [ $content_size -gt 1000 ]; then
|
|
echo "✅ Content size is reasonable"
|
|
else
|
|
echo "❌ Content size is too small: $content_size bytes"
|
|
exit 1
|
|
fi
|
|
|
|
test-canonical-domains:
|
|
name: Canonical Domain Infrastructure Tests
|
|
runs-on: ubuntu-latest
|
|
if: github.event.inputs.environment == 'all' || github.event.inputs.environment == '' || github.event_name != 'workflow_dispatch'
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Test Canonical Domain DNS Resolution
|
|
run: |
|
|
echo "🌐 Testing canonical domain DNS resolution"
|
|
|
|
# Canonical domains (Knative domains only)
|
|
canonical_domains=(
|
|
"${{ secrets.DEV_DOMAIN }}"
|
|
"${{ secrets.STAGING_DOMAIN }}"
|
|
"${{ secrets.PROD_DOMAIN }}"
|
|
)
|
|
|
|
for domain in "${canonical_domains[@]}"; do
|
|
echo "Testing DNS for canonical domain: $domain"
|
|
ip=$(dig +short $domain)
|
|
if [ -n "$ip" ]; then
|
|
echo "✅ $domain resolves to: $ip"
|
|
else
|
|
echo "❌ $domain does not resolve"
|
|
exit 1
|
|
fi
|
|
done
|
|
|
|
- name: Test Canonical Domain SSL Certificate Chain
|
|
run: |
|
|
echo "🔐 Testing SSL certificate chains for canonical domains"
|
|
|
|
# Canonical domains (Knative domains only)
|
|
canonical_domains=(
|
|
"${{ secrets.DEV_DOMAIN }}"
|
|
"${{ secrets.STAGING_DOMAIN }}"
|
|
"${{ secrets.PROD_DOMAIN }}"
|
|
)
|
|
|
|
for domain in "${canonical_domains[@]}"; do
|
|
echo "Testing SSL chain for canonical domain: $domain"
|
|
|
|
# Test certificate chain
|
|
chain_result=$(echo | openssl s_client -servername $domain -connect $domain:443 -verify_return_error 2>&1)
|
|
|
|
if echo "$chain_result" | grep -q "Verify return code: 0"; then
|
|
echo "✅ $domain has valid SSL certificate chain"
|
|
else
|
|
echo "❌ $domain has invalid SSL certificate chain"
|
|
echo "$chain_result"
|
|
exit 1
|
|
fi
|
|
done
|
|
|
|
summary:
|
|
name: Test Summary
|
|
runs-on: ubuntu-latest
|
|
needs: [smoke-tests, test-canonical-domains]
|
|
if: always()
|
|
|
|
steps:
|
|
- name: Check test results
|
|
run: |
|
|
if [ "${{ needs.smoke-tests.result }}" = "success" ] && [ "${{ needs.test-canonical-domains.result }}" = "success" ]; then
|
|
echo "✅ All tests passed successfully!"
|
|
echo "🎮 2048 game is working correctly across all environments using canonical Knative domains"
|
|
else
|
|
echo "❌ Some tests failed"
|
|
echo "Smoke tests: ${{ needs.smoke-tests.result }}"
|
|
echo "Canonical domain tests: ${{ needs.test-canonical-domains.result }}"
|
|
exit 1
|
|
fi
|
|
|
|
- name: Post summary
|
|
if: always()
|
|
run: |
|
|
echo "## Test Summary" >> $GITHUB_STEP_SUMMARY
|
|
echo "" >> $GITHUB_STEP_SUMMARY
|
|
echo "| Test Type | Status |" >> $GITHUB_STEP_SUMMARY
|
|
echo "|-----------|--------|" >> $GITHUB_STEP_SUMMARY
|
|
echo "| Smoke Tests | ${{ needs.smoke-tests.result == 'success' && '✅ Passed' || '❌ Failed' }} |" >> $GITHUB_STEP_SUMMARY
|
|
echo "| Canonical Domain Tests | ${{ needs.test-canonical-domains.result == 'success' && '✅ Passed' || '❌ Failed' }} |" >> $GITHUB_STEP_SUMMARY
|
|
echo "" >> $GITHUB_STEP_SUMMARY
|
|
echo "### Tested Canonical Domains" >> $GITHUB_STEP_SUMMARY
|
|
|
|
# Use canonical domain format
|
|
DEV_URL="https://${{ secrets.DEV_DOMAIN }}"
|
|
STAGING_URL="https://${{ secrets.STAGING_DOMAIN }}"
|
|
PROD_URL="https://${{ secrets.PROD_DOMAIN }}"
|
|
|
|
echo "- 🧪 Development: $DEV_URL" >> $GITHUB_STEP_SUMMARY
|
|
echo "- 🎭 Staging: $STAGING_URL" >> $GITHUB_STEP_SUMMARY
|
|
echo "- 🚀 Production: $PROD_URL" >> $GITHUB_STEP_SUMMARY
|