add support for integration test via GitHub Actions (#913)

awslabs · Aug 13, 2024 · d7c53b2 · d7c53b2
1 parent 6bbd1c1
commit d7c53b2
Show file tree

Hide file tree

Showing 15 changed files with 240 additions and 751 deletions.
diff --git a/.github/workflows/run-integration-test.yml b/.github/workflows/run-integration-test.yml
@@ -0,0 +1,62 @@
+name: Run integration tests
+
+permissions:
+  id-token: write
+  contents: read
+
+on:
+  workflow_dispatch:
+  push:
+
+jobs:
+  run-integration-tests:
+    runs-on: ubuntu-latest
+    steps:
+        - name: install Cargo Lambda
+          uses: jaxxstorm/[email protected]
+          with:
+            repo: cargo-lambda/cargo-lambda
+            platform: linux
+            arch: x86_64
+        - name: install Zig toolchain
+          uses: korandoru/setup-zig@v1
+          with:
+            zig-version: 0.10.0
+        - name: install SAM
+          uses: aws-actions/setup-sam@v2
+          with:
+            use-installer: true
+        - uses: actions/checkout@v3
+        - name: configure aws credentials
+          uses: aws-actions/[email protected]
+          with:
+            role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
+            role-session-name: ${{ secrets.ROLE_SESSION_NAME }}
+            aws-region: ${{ secrets.AWS_REGION }}
+        - name: build  stack
+          run: cd lambda-integration-tests && sam build --beta-features
+        - name: validate stack
+          run: cd lambda-integration-tests && sam validate --lint
+        - name: deploy stack
+          id: deploy_stack
+          env:
+            AWS_REGION: ${{ secrets.AWS_REGION }}
+          run: |
+            cd lambda-integration-tests
+            stackName="aws-lambda-rust-integ-test-$GITHUB_RUN_ID"
+            echo "STACK_NAME=$stackName" >> "$GITHUB_OUTPUT"
+            echo "Stack name = $stackName"
+            sam deploy --stack-name "${stackName}" --parameter-overrides "ParameterKey=SecretToken,ParameterValue=${{ secrets.SECRET_TOKEN }}" "ParameterKey=LambdaRole,ParameterValue=${{ secrets.AWS_LAMBDA_ROLE }}" --no-confirm-changeset  --no-progressbar  > disable_output
+            TEST_ENDPOINT=$(sam list stack-outputs --stack-name "${stackName}" --output json | jq -r '.[] | .OutputValue')
+            echo "TEST_ENDPOINT=$TEST_ENDPOINT" >> "$GITHUB_OUTPUT"
+        - name: run test
+          env:
+            SECRET_TOKEN: ${{ secrets.SECRET_TOKEN }}
+            TEST_ENDPOINT: ${{ steps.deploy_stack.outputs.TEST_ENDPOINT }}
+          run: cd lambda-integration-tests && cargo test
+        - name: cleanup
+          if: always()
+          env:
+            AWS_REGION: ${{ secrets.AWS_REGION }}
+            STACK_NAME: ${{ steps.deploy_stack.outputs.STACK_NAME }}
+          run: sam delete --stack-name "${STACK_NAME}" --no-prompts
diff --git a/lambda-integration-tests/Cargo.toml b/lambda-integration-tests/Cargo.toml
@@ -1,22 +1,30 @@
 [package]
-name = "lambda_integration_tests"
-version = "0.5.0"
-authors = ["Nicolas Moutschen <[email protected]>"]
-edition = "2018"
+name = "aws_lambda_rust_integration_tests"
+version = "0.1.0"
+authors = ["Maxime David"]
+edition = "2021"
 description = "AWS Lambda Runtime integration tests"
 license = "Apache-2.0"
 repository = "https://github.com/awslabs/aws-lambda-rust-runtime"
 categories = ["web-programming::http-server"]
 keywords = ["AWS", "Lambda", "API"]
 readme = "../README.md"
 
-# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
-
 [dependencies]
-lambda_http = { path = "../lambda-http" }
 lambda_runtime = { path = "../lambda-runtime" }
-lambda-extension = { path = "../lambda-extension" }
-serde = { version = "1", features = ["derive"] }
+aws_lambda_events = { path = "../lambda-events" }
+serde_json = "1.0.121"
 tokio = { version = "1", features = ["full"] }
-tracing = { version = "0.1", features = ["log"] }
-tracing-subscriber = { version = "0.3", default-features = false, features = ["fmt"] }
+serde = { version = "1.0.204", features = ["derive"] }
+
+[dev-dependencies]
+reqwest = { version = "0.12.5", features = ["blocking"] }
+openssl = { version = "0.10", features = ["vendored"] }
+
+[[bin]]
+name = "helloworld"
+path = "src/helloworld.rs"
+
+[[bin]]
+name = "authorizer"
+path = "src/authorizer.rs"
diff --git a/lambda-integration-tests/python/main.py b/lambda-integration-tests/python/main.py
diff --git a/lambda-integration-tests/samconfig.toml b/lambda-integration-tests/samconfig.toml
@@ -0,0 +1,23 @@
+version = 0.1
+
+[default]
+[default.build.parameters]
+cached = true
+parallel = true
+
+[default.validate.parameters]
+lint = true
+
+[default.deploy.parameters]
+capabilities = "CAPABILITY_IAM"
+confirm_changeset = true
+s3_bucket = "aws-lambda-rust-runtime-integration-testing"
+
+[default.sync.parameters]
+watch = true
+
+[default.local_start_api.parameters]
+warm_containers = "EAGER"
+
+[default.local_start_lambda.parameters]
+warm_containers = "EAGER"
diff --git a/lambda-integration-tests/src/authorizer.rs b/lambda-integration-tests/src/authorizer.rs
@@ -0,0 +1,53 @@
+use std::env;
+
+use aws_lambda_events::{
+    apigw::{ApiGatewayCustomAuthorizerPolicy, ApiGatewayCustomAuthorizerResponse},
+    event::iam::IamPolicyStatement,
+};
+use lambda_runtime::{service_fn, tracing, Error, LambdaEvent};
+use serde::Deserialize;
+use serde_json::json;
+
+#[derive(Deserialize)]
+#[serde(rename_all = "camelCase")]
+struct APIGatewayCustomAuthorizerRequest {
+    authorization_token: String,
+    method_arn: String,
+}
+
+#[tokio::main]
+async fn main() -> Result<(), Error> {
+    tracing::init_default_subscriber();
+    let func = service_fn(func);
+    lambda_runtime::run(func).await?;
+    Ok(())
+}
+
+async fn func(
+    event: LambdaEvent<APIGatewayCustomAuthorizerRequest>,
+) -> Result<ApiGatewayCustomAuthorizerResponse, Error> {
+    let expected_token = env::var("SECRET_TOKEN").expect("could not read the secret token");
+    if event.payload.authorization_token == expected_token {
+        return Ok(allow(&event.payload.method_arn));
+    }
+    panic!("token is not valid");
+}
+
+fn allow(method_arn: &str) -> ApiGatewayCustomAuthorizerResponse {
+    let stmt = IamPolicyStatement {
+        action: vec!["execute-api:Invoke".to_string()],
+        resource: vec![method_arn.to_owned()],
+        effect: aws_lambda_events::iam::IamPolicyEffect::Allow,
+        condition: None,
+    };
+    let policy = ApiGatewayCustomAuthorizerPolicy {
+        version: Some("2012-10-17".to_string()),
+        statement: vec![stmt],
+    };
+    ApiGatewayCustomAuthorizerResponse {
+        principal_id: Some("user".to_owned()),
+        policy_document: policy,
+        context: json!({ "hello": "world" }),
+        usage_identifier_key: None,
+    }
+}
diff --git a/lambda-integration-tests/src/bin/extension-fn.rs b/lambda-integration-tests/src/bin/extension-fn.rs
diff --git a/lambda-integration-tests/src/bin/extension-trait.rs b/lambda-integration-tests/src/bin/extension-trait.rs
diff --git a/lambda-integration-tests/src/bin/http-fn.rs b/lambda-integration-tests/src/bin/http-fn.rs