[CDAPI-100]: Integrate CI Tests with APIM Proxy III#41
[CDAPI-100]: Integrate CI Tests with APIM Proxy III#41nhsd-rebecca-flynn wants to merge 19 commits intomainfrom
Conversation
|
✅ Trivy gate: no Critical/High vulnerabilities. Trivy Filesystem Scan SummaryFilesystem: /tmp/artifact
✅ No vulnerabilities found. |
nhsd-rebecca-flynn
force-pushed
the
feature/CDAPI-100-2
branch
6 times, most recently
from
f133ca4 to
bf73134
Compare
nhsd-rebecca-flynn
force-pushed
the
feature/CDAPI-100-2
branch
from
b62d8e1 to
a932d9e
Compare
nhsd-rebecca-flynn
force-pushed
the
feature/CDAPI-100-2
branch
2 times, most recently
from
b3947b8 to
172c27e
Compare
…cluded initial validation
nhsd-rebecca-flynn
force-pushed
the
feature/CDAPI-100-2
branch
from
6349910 to
21a66d5
Compare
nhsd-rebecca-flynn
requested review from
MohammadPatelNHS,
adamoldfield-nhs and
neil-sproston
neil-sproston
left a comment
neil-sproston
left a comment
There was a problem hiding this comment.
From a platform POV it looks sane and sensible and leave us in a perfect position ready when we re-plumb the preview-env functionality back into the man CI pipelines.
nhsd-jack-wainwright
left a comment
nhsd-jack-wainwright
left a comment
There was a problem hiding this comment.
Looks good to me 👍 , just a few minor comments / questions.
| "remoteUser": "pathology-dev", | ||
| "containerUser": "pathology-dev", | ||
| "containerEnv": { | ||
| "REQUESTS_CA_BUNDLE": "/etc/ssl/cert.pem" |
There was a problem hiding this comment.
Where is this container environment variable used?
There was a problem hiding this comment.
Without REQUESTS_CA_BUNDLE=/etc/ssl/cert.pem, Python's requests library falls back to its bundled certifi CA certificates instead of the system's CA store. Setting REQUESTS_CA_BUNDLE forces requests to use the system certificate bundle, including any custom CA certs added to the container image, instead of the limited certifi bundle.
|
|
Deployment Complete
|
3 participants
Description
Update the integration, contract, schema and acceptance tests ran as part of the CI process to run against the deployed APIM proxy
Summary
Dual-environment test infrastructure: Tests now run against either a local Lambda (ENV=local) or a remote APIM proxy preview environment (ENV=remote), driven by .env files and Makefile targets.
Client abstraction: Client is now a Protocol with LocalClient and RemoteClient implementations; remote requests carry APIM auth headers and have longer timeouts.
CI pipeline restructure: Acceptance tests, coverage merging, and SonarCloud analysis moved from stage-2-test.yaml into preview-env.yaml; a new reusable run-test-suite composite action reduces duplication. Integration, Contract and Schema validation tests still also run locally.
Contract/status endpoint updates: _status response changed from text/plain "OK" to application/json {"status": "pass", ...} (Proxygen standard format); pact contract updated accordingly.
Context
To allow for the CI process to run before the APIM integration has been completed, the tests are currently executed against a container running within the same process, which invokes the lambda in the same way as it would be ran within AWS. This ticket looks to alter the target of the tests to instead point at the deployed APIM proxy for the Pull Request.
Type of changes
Checklist
Sensitive Information Declaration
To ensure the utmost confidentiality and protect your and others privacy, we kindly ask you to NOT including PII (Personal Identifiable Information) / PID (Personal Identifiable Data) or any other sensitive data in this PR (Pull Request) and the codebase changes. We will remove any PR that do contain any sensitive information. We really appreciate your cooperation in this matter.