From 4c8c0ea158967c42c44ae55ff754d566c8ed6024 Mon Sep 17 00:00:00 2001 From: Gil LaHaye Date: Thu, 7 Mar 2024 14:20:12 -0800 Subject: [PATCH] Simplify GitHub actions and fix parts of integration testing (#845) ### Motivation and Context We want integration tests to work ### Description Remove some of the redundancy and make integration tests take proper input ### Contribution Checklist - [ ] The code builds clean without any errors or warnings - [ ] The PR follows the [Contribution Guidelines](https://github.com/microsoft/chat-copilot/blob/main/CONTRIBUTING.md) and the [pre-submission formatting script](https://github.com/microsoft/chat-copilot/blob/main/CONTRIBUTING.md#development-scripts) raises no violations - [ ] All unit tests pass, and I have added new tests where possible --- .github/workflows/copilot-deploy-backend.yml | 15 +++-------- .../workflows/copilot-deploy-environment.yml | 26 ------------------- .github/workflows/copilot-deploy-infra.yml | 20 ++++---------- .../copilot-deploy-memorypipeline.yml | 13 +++------- .github/workflows/copilot-deploy-pipeline.yml | 10 ------- .github/workflows/copilot-deploy-plugins.yml | 15 +++-------- .../copilot-run-integration-tests.yml | 16 +++++++----- .github/workflows/copilot-test-e2e.yml | 19 +++++++------- 8 files changed, 36 insertions(+), 98 deletions(-) diff --git a/.github/workflows/copilot-deploy-backend.yml b/.github/workflows/copilot-deploy-backend.yml index f07bcfd39..3491b0f5d 100644 --- a/.github/workflows/copilot-deploy-backend.yml +++ b/.github/workflows/copilot-deploy-backend.yml @@ -12,13 +12,6 @@ on: DEPLOYMENT_NAME: required: true type: string - secrets: - AZURE_CLIENT_ID: - required: true - AZURE_TENANT_ID: - required: true - AZURE_SUBSCRIPTION_ID: - required: true outputs: backend-host: description: "Host to which backend is deployed" @@ -59,9 +52,9 @@ jobs: - name: Azure login uses: azure/login@v2 with: - client-id: ${{secrets.AZURE_CLIENT_ID}} - tenant-id: ${{secrets.AZURE_TENANT_ID}} - subscription-id: ${{secrets.AZURE_SUBSCRIPTION_ID}} + client-id: ${{vars.APPLICATION_CLIENT_ID}} + tenant-id: ${{vars.APPLICATION_TENANT_ID}} + subscription-id: ${{vars.AZURE_SUBSCRIPTION_ID}} enable-AzPSSession: false - name: Get app name @@ -80,4 +73,4 @@ jobs: - name: "Deploy" run: | - scripts/deploy/deploy-webapi.sh -p "${{ github.workspace }}/${{inputs.ARTIFACT_NAME}}/webapi.zip" -d ${{inputs.DEPLOYMENT_NAME}} -s ${{secrets.AZURE_SUBSCRIPTION_ID}} -rg ${{vars.CC_DEPLOYMENT_GROUP_NAME}} --skip-app-registration + scripts/deploy/deploy-webapi.sh -p "${{ github.workspace }}/${{inputs.ARTIFACT_NAME}}/webapi.zip" -d ${{inputs.DEPLOYMENT_NAME}} -s ${{vars.AZURE_SUBSCRIPTION_ID}} -rg ${{vars.CC_DEPLOYMENT_GROUP_NAME}} --skip-app-registration diff --git a/.github/workflows/copilot-deploy-environment.yml b/.github/workflows/copilot-deploy-environment.yml index 63cd96a4c..c29b4bae8 100644 --- a/.github/workflows/copilot-deploy-environment.yml +++ b/.github/workflows/copilot-deploy-environment.yml @@ -15,15 +15,6 @@ on: PLUGINS_ARTIFACT_NAME: required: true type: string - secrets: - AZURE_CLIENT_ID: - required: true - AZURE_TENANT_ID: - required: true - AZURE_SUBSCRIPTION_ID: - required: true - AZURE_OPENAI_ENDPOINT: - required: true outputs: backend-host: description: "Host on which backend runs" @@ -38,11 +29,6 @@ jobs: uses: ./.github/workflows/copilot-deploy-infra.yml with: ENVIRONMENT: ${{inputs.ENVIRONMENT}} - secrets: - AZURE_CLIENT_ID: ${{secrets.AZURE_CLIENT_ID}} - AZURE_TENANT_ID: ${{secrets.AZURE_TENANT_ID}} - AZURE_SUBSCRIPTION_ID: ${{secrets.AZURE_SUBSCRIPTION_ID}} - AZURE_OPENAI_ENDPOINT: ${{secrets.AZURE_OPENAI_ENDPOINT}} deploy-backend: needs: [deploy-infra] @@ -51,10 +37,6 @@ jobs: ARTIFACT_NAME: ${{inputs.WEBAPI_ARTIFACT_NAME}} DEPLOYMENT_NAME: ${{needs.deploy-infra.outputs.deployment-id}} ENVIRONMENT: ${{inputs.ENVIRONMENT}} - secrets: - AZURE_CLIENT_ID: ${{secrets.AZURE_CLIENT_ID}} - AZURE_TENANT_ID: ${{secrets.AZURE_TENANT_ID}} - AZURE_SUBSCRIPTION_ID: ${{secrets.AZURE_SUBSCRIPTION_ID}} deploy-memorypipeline: needs: [deploy-infra] @@ -63,10 +45,6 @@ jobs: ARTIFACT_NAME: ${{inputs.MEMORYPIPELINE_ARTIFACT_NAME}} DEPLOYMENT_NAME: ${{needs.deploy-infra.outputs.deployment-id}} ENVIRONMENT: ${{inputs.ENVIRONMENT}} - secrets: - AZURE_CLIENT_ID: ${{secrets.AZURE_CLIENT_ID}} - AZURE_TENANT_ID: ${{secrets.AZURE_TENANT_ID}} - AZURE_SUBSCRIPTION_ID: ${{secrets.AZURE_SUBSCRIPTION_ID}} deploy-plugins: needs: [deploy-infra] @@ -75,7 +53,3 @@ jobs: ARTIFACT_NAME: ${{inputs.PLUGINS_ARTIFACT_NAME}} DEPLOYMENT_NAME: ${{needs.deploy-infra.outputs.deployment-id}} ENVIRONMENT: ${{inputs.ENVIRONMENT}} - secrets: - AZURE_CLIENT_ID: ${{secrets.AZURE_CLIENT_ID}} - AZURE_TENANT_ID: ${{secrets.AZURE_TENANT_ID}} - AZURE_SUBSCRIPTION_ID: ${{secrets.AZURE_SUBSCRIPTION_ID}} diff --git a/.github/workflows/copilot-deploy-infra.yml b/.github/workflows/copilot-deploy-infra.yml index c47fa6d4a..83f6bd483 100644 --- a/.github/workflows/copilot-deploy-infra.yml +++ b/.github/workflows/copilot-deploy-infra.yml @@ -6,15 +6,6 @@ on: ENVIRONMENT: required: true type: string - secrets: - AZURE_CLIENT_ID: - required: true - AZURE_TENANT_ID: - required: true - AZURE_SUBSCRIPTION_ID: - required: true - AZURE_OPENAI_ENDPOINT: - required: true outputs: deployment-id: description: "The Id of the current deployment." @@ -47,9 +38,9 @@ jobs: - name: Azure login uses: azure/login@v2 with: - client-id: ${{secrets.AZURE_CLIENT_ID}} - tenant-id: ${{secrets.AZURE_TENANT_ID}} - subscription-id: ${{secrets.AZURE_SUBSCRIPTION_ID}} + client-id: ${{vars.APPLICATION_CLIENT_ID}} + tenant-id: ${{vars.APPLICATION_TENANT_ID}} + subscription-id: ${{vars.AZURE_SUBSCRIPTION_ID}} enable-AzPSSession: false - name: deploy-infra @@ -57,8 +48,7 @@ jobs: with: azcliversion: 2.30.0 inlineScript: | - AI_SERVICE_KEY=$(az cognitiveservices account keys list --name ${{vars.AZUREOPENAI__NAME}} --resource-group ${{vars.AZUREOPENAI_DEPLOYMENT_GROUP_NAME}} | jq -r '.key1') + AI_SERVICE_KEY=$(az cognitiveservices account keys list --name ${{vars.AZURE_OPENAI_NAME}} --resource-group ${{vars.AZUREOPENAI_DEPLOYMENT_GROUP_NAME}} | jq -r '.key1') echo "::add-mask::$AI_SERVICE_KEY" APP_TENANT_ID=${{vars.APPLICATION_TENANT_ID}} - [ -z "$APP_TENANT_ID" ] && APP_TENANT_ID=${{secrets.AZURE_TENANT_ID}} # Use secrets.AZURE_TENANT_ID if vars.APPLICATION_TENANT_ID is not set - scripts/deploy/deploy-azure.sh --subscription ${{secrets.AZURE_SUBSCRIPTION_ID}} --resource-group ${{vars.CC_DEPLOYMENT_GROUP_NAME}} --deployment-name ${{steps.deployment-id.outputs.deployment_name}} --region ${{vars.CC_DEPLOYMENT_REGION}} --client-id ${{vars.BACKEND_CLIENT_ID}} --frontend-client-id ${{vars.APPLICATION_CLIENT_ID}} --tenant-id $APP_TENANT_ID --instance ${{vars.AZURE_INSTANCE}} --ai-service AzureOpenAI --ai-endpoint ${{secrets.AZURE_OPENAI_ENDPOINT}} --ai-service-key $AI_SERVICE_KEY --app-service-sku ${{vars.WEBAPP_API_SKU}} --no-deploy-package --debug-deployment --deploy-web-searcher-plugin + scripts/deploy/deploy-azure.sh --subscription ${{vars.AZURE_SUBSCRIPTION_ID}} --resource-group ${{vars.CC_DEPLOYMENT_GROUP_NAME}} --deployment-name ${{steps.deployment-id.outputs.deployment_name}} --region ${{vars.CC_DEPLOYMENT_REGION}} --client-id ${{vars.BACKEND_CLIENT_ID}} --frontend-client-id ${{vars.APPLICATION_CLIENT_ID}} --tenant-id $APP_TENANT_ID --instance ${{vars.AZURE_INSTANCE}} --ai-service AzureOpenAI --ai-endpoint ${{vars.AZURE_OPENAI_ENDPOINT}} --ai-service-key $AI_SERVICE_KEY --app-service-sku ${{vars.WEBAPP_API_SKU}} --no-deploy-package --debug-deployment --deploy-web-searcher-plugin diff --git a/.github/workflows/copilot-deploy-memorypipeline.yml b/.github/workflows/copilot-deploy-memorypipeline.yml index 169e422a4..f87735c69 100644 --- a/.github/workflows/copilot-deploy-memorypipeline.yml +++ b/.github/workflows/copilot-deploy-memorypipeline.yml @@ -12,13 +12,6 @@ on: DEPLOYMENT_NAME: required: true type: string - secrets: - AZURE_CLIENT_ID: - required: true - AZURE_TENANT_ID: - required: true - AZURE_SUBSCRIPTION_ID: - required: true permissions: contents: read @@ -51,9 +44,9 @@ jobs: - name: Azure login uses: azure/login@v2 with: - client-id: ${{secrets.AZURE_CLIENT_ID}} - tenant-id: ${{secrets.AZURE_TENANT_ID}} - subscription-id: ${{secrets.AZURE_SUBSCRIPTION_ID}} + client-id: ${{vars.APPLICATION_CLIENT_ID}} + tenant-id: ${{vars.APPLICATION_TENANT_ID}} + subscription-id: ${{vars.AZURE_SUBSCRIPTION_ID}} enable-AzPSSession: false - name: Get app name diff --git a/.github/workflows/copilot-deploy-pipeline.yml b/.github/workflows/copilot-deploy-pipeline.yml index c2390b6c9..c47818974 100644 --- a/.github/workflows/copilot-deploy-pipeline.yml +++ b/.github/workflows/copilot-deploy-pipeline.yml @@ -31,11 +31,6 @@ jobs: WEBAPI_ARTIFACT_NAME: ${{needs.build-webapi.outputs.artifact}} MEMORYPIPELINE_ARTIFACT_NAME: ${{needs.build-memorypipeline.outputs.artifact}} PLUGINS_ARTIFACT_NAME: ${{needs.build-plugins.outputs.artifact}} - secrets: - AZURE_CLIENT_ID: ${{secrets.AZURE_CLIENT_ID}} - AZURE_TENANT_ID: ${{secrets.AZURE_TENANT_ID}} - AZURE_SUBSCRIPTION_ID: ${{secrets.AZURE_SUBSCRIPTION_ID}} - AZURE_OPENAI_ENDPOINT: ${{secrets.AZURE_OPENAI_ENDPOINT}} int-tests: uses: ./.github/workflows/copilot-run-integration-tests.yml @@ -51,8 +46,3 @@ jobs: WEBAPI_ARTIFACT_NAME: ${{needs.build-webapi.outputs.artifact}} MEMORYPIPELINE_ARTIFACT_NAME: ${{needs.build-memorypipeline.outputs.artifact}} PLUGINS_ARTIFACT_NAME: ${{needs.build-plugins.outputs.artifact}} - secrets: - AZURE_CLIENT_ID: ${{secrets.AZURE_CLIENT_ID}} - AZURE_TENANT_ID: ${{secrets.AZURE_TENANT_ID}} - AZURE_SUBSCRIPTION_ID: ${{secrets.AZURE_SUBSCRIPTION_ID}} - AZURE_OPENAI_ENDPOINT: ${{secrets.AZURE_OPENAI_ENDPOINT}} diff --git a/.github/workflows/copilot-deploy-plugins.yml b/.github/workflows/copilot-deploy-plugins.yml index b4e9feadd..0efa1dc54 100644 --- a/.github/workflows/copilot-deploy-plugins.yml +++ b/.github/workflows/copilot-deploy-plugins.yml @@ -12,13 +12,6 @@ on: DEPLOYMENT_NAME: required: true type: string - secrets: - AZURE_CLIENT_ID: - required: true - AZURE_TENANT_ID: - required: true - AZURE_SUBSCRIPTION_ID: - required: true permissions: contents: read @@ -56,15 +49,15 @@ jobs: - name: "Azure login" uses: azure/login@v2 with: - client-id: ${{secrets.AZURE_CLIENT_ID}} - tenant-id: ${{secrets.AZURE_TENANT_ID}} - subscription-id: ${{secrets.AZURE_SUBSCRIPTION_ID}} + client-id: ${{vars.APPLICATION_CLIENT_ID}} + tenant-id: ${{vars.APPLICATION_TENANT_ID}} + subscription-id: ${{vars.AZURE_SUBSCRIPTION_ID}} enable-AzPSSession: false - name: "Deploy" run: | scripts/deploy/deploy-plugins.sh \ --deployment-name ${{inputs.DEPLOYMENT_NAME}} \ - --subscription ${{secrets.AZURE_SUBSCRIPTION_ID}} \ + --subscription ${{vars.AZURE_SUBSCRIPTION_ID}} \ --resource-group ${{vars.CC_DEPLOYMENT_GROUP_NAME}} \ --packages "${{ github.workspace }}/${{inputs.ARTIFACT_NAME}}" diff --git a/.github/workflows/copilot-run-integration-tests.yml b/.github/workflows/copilot-run-integration-tests.yml index 4579f4ccd..eabfb5a1b 100644 --- a/.github/workflows/copilot-run-integration-tests.yml +++ b/.github/workflows/copilot-run-integration-tests.yml @@ -6,17 +6,24 @@ on: BACKEND_HOST: required: true type: string + ENVIRONMENT: + required: true + type: string workflow_call: inputs: BACKEND_HOST: required: true type: string + ENVIRONMENT: + required: true + type: string permissions: contents: read jobs: tests: + environment: ${{inputs.ENVIRONMENT}} name: Integration Testing runs-on: windows-latest @@ -26,16 +33,13 @@ jobs: - name: Configure test environment working-directory: integration-tests env: - TenantId: ${{ secrets.COPILOT_CHAT_TEST_TENANT_ID }} - WebApiClientId: ${{ secrets.COPILOT_CHAT_TEST_APP_AAD_WEBAPI_CLIENT_ID }} - WebAppClientId: ${{ secrets.COPILOT_CHAT_TEST_APP_AAD_WEBAPP_CLIENT_ID }} Username: ${{secrets.COPILOT_CHAT_TEST_USER_ACCOUNT1}} Password: ${{secrets.COPILOT_CHAT_TEST_USER_PASSWORD1}} run: | dotnet user-secrets set "BaseServerUrl" "https://${{inputs.BACKEND_HOST}}.azurewebsites.net/" - dotnet user-secrets set "Authority" "https://login.microsoftonline.com/$env:TenantID" - dotnet user-secrets set "ClientID" "$env:WebAppClientId" - dotnet user-secrets set "Scopes" "openid, offline_access, profile, api://$env:WebApiClientId/access_as_user" + dotnet user-secrets set "Authority" "https://login.microsoftonline.com/${{vars.APPLICATION_TENANT_ID}}" + dotnet user-secrets set "ClientID" ${{vars.APPLICATION_CLIENT_ID}} + dotnet user-secrets set "Scopes" "openid, offline_access, profile, api://${{vars.BACKEND_CLIENT_ID}}/access_as_user" dotnet user-secrets set "Username" "$env:Username" dotnet user-secrets set "Password" "$env:Password" diff --git a/.github/workflows/copilot-test-e2e.yml b/.github/workflows/copilot-test-e2e.yml index 8ec76079d..197e5c04e 100644 --- a/.github/workflows/copilot-test-e2e.yml +++ b/.github/workflows/copilot-test-e2e.yml @@ -1,6 +1,10 @@ name: Copilot Chat Tests on: workflow_dispatch: + inputs: + ENVIRONMENT: + required: true + type: string merge_group: types: [checks_requested] @@ -9,6 +13,7 @@ permissions: jobs: e2e: + environment: ${{inputs.ENVIRONMENT}} defaults: run: working-directory: webapp @@ -37,20 +42,16 @@ jobs: working-directory: webapi env: AzureOpenAI__ApiKey: ${{ secrets.AZUREOPENAI__APIKEY }} - AzureOpenAI__Endpoint: ${{ secrets.AZUREOPENAI__ENDPOINT }} - TenantId: ${{ secrets.COPILOT_CHAT_TEST_TENANT_ID }} - WebApi_ClientId: ${{ secrets.COPILOT_CHAT_TEST_APP_AAD_WEBAPI_CLIENT_ID }} - WebApp_ClientId: ${{ secrets.COPILOT_CHAT_TEST_APP_AAD_WEBAPP_CLIENT_ID }} run: | dotnet dev-certs https dotnet user-secrets set "KernelMemory:Services:AzureOpenAIText:APIKey" "$AzureOpenAI__ApiKey" - dotnet user-secrets set "KernelMemory:Services:AzureOpenAIText:Endpoint" "$AzureOpenAI__Endpoint" + dotnet user-secrets set "KernelMemory:Services:AzureOpenAIText:Endpoint" ${{vars.AZURE_OPENAI_ENDPOINT}} dotnet user-secrets set "KernelMemory:Services:AzureOpenAIEmbedding:APIKey" "$AzureOpenAI__ApiKey" - dotnet user-secrets set "KernelMemory:Services:AzureOpenAIEmbedding:Endpoint" "$AzureOpenAI__Endpoint" + dotnet user-secrets set "KernelMemory:Services:AzureOpenAIEmbedding:Endpoint" ${{vars.AZURE_OPENAI_ENDPOINT}} dotnet user-secrets set "Authentication:Type" "AzureAd" - dotnet user-secrets set "Authentication:AzureAd:TenantId" "$TenantId" - dotnet user-secrets set "Authentication:AzureAd:ClientId" "$WebApi_ClientId" - dotnet user-secrets set "Frontend:AadClientId" "$WebApp_ClientId" + dotnet user-secrets set "Authentication:AzureAd:TenantId" ${{vars.APPLICATION_TENANT_ID}} + dotnet user-secrets set "Authentication:AzureAd:ClientId" ${{vars.BACKEND_CLIENT_ID}} + dotnet user-secrets set "Frontend:AadClientId" ${{vars.APPLICATION_CLIENT_ID}} - name: Start service in background working-directory: webapi