diff --git a/.github/workflows/test-deployment.yml b/.github/workflows/test-deployment.yml
index 7f51fd5d8..196aca018 100644
--- a/.github/workflows/test-deployment.yml
+++ b/.github/workflows/test-deployment.yml
@@ -3,11 +3,11 @@ run-name: Deployment tests for '${{ inputs.environment }}' - `${{ inputs.branch-
on:
workflow_call:
- inputs:
- environment:
+ inputs:
+ environment:
required: true
type: string
- branch-name:
+ branch-name:
required: true
type: string
env:
@@ -25,6 +25,11 @@ jobs:
with:
ref: ${{ github.ref }}
+ - name: Set SHA environment variable
+ if: ${{ github.event_name == 'push' }}
+ run: |
+ echo "LAST_COMMIT_SHA=${GITHUB_SHA}" >> $GITHUB_ENV
+
- uses: actions/setup-node@v3
name: Set up Node.js
with:
@@ -62,9 +67,27 @@ jobs:
TEST_USER_ACCOUNT_PASSWORD: ${{ secrets.TEST_USER_ACCOUNT_PASSWORD }}
run: npm run test:deployment
- - uses: actions/upload-artifact@v3
- if: always()
+ - name: Prepare report for upload
+ run: |
+ zip -qq -r ${{ inputs.environment }}-${{ env.LAST_COMMIT_SHA }}.zip ./playwright-report/
+
+ - name: Azure login with SPN
+ if: '!cancelled()'
+ uses: azure/login@v1
+ with:
+ creds: ${{ secrets.CI_REPORTS_AZ_CREDENTIALS }}
+
+ - name: Push report to blob storage
+ if: '!cancelled()'
+ uses: azure/CLI@v1
+ id: azure
with:
- name: deployment-tests-playwright-report
- path: tests/playwright/playwright-report/
- retention-days: 7
+ azcliversion: 2.53.0
+ inlineScript: |
+ az storage blob upload \
+ --container-name ${{ secrets.CI_REPORTS_STORAGE_CONTAINER_NAME }} \
+ --account-name ${{ secrets.CI_REPORTS_STORAGE_ACCOUNT_NAME }} \
+ --file "./tests/playwright/${{ inputs.environment }}-${{ env.LAST_COMMIT_SHA }}.zip" \
+ --name "Dfe.FindInformationAcademiesTrusts/playwright-report/" \
+ --auth-mode login \
+ --overwrite
diff --git a/terraform/README.md b/terraform/README.md
index cf9761e5d..206ce8b2b 100644
--- a/terraform/README.md
+++ b/terraform/README.md
@@ -151,6 +151,7 @@ If everything looks good, answer `yes` and wait for the new infrastructure to be
| [azurerm_monitor_diagnostic_setting.ci-test-reports](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_diagnostic_setting) | resource |
| [azurerm_storage_account.ci-test-reports](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account) | resource |
| [azurerm_storage_container.ci-test-reports](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_container) | resource |
+| [azurerm_storage_account_blob_container_sas.ci-test-reports](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/storage_account_blob_container_sas) | data source |
## Inputs
@@ -180,6 +181,7 @@ If everything looks good, answer `yes` and wait for the new infrastructure to be
| [dns\_zone\_domain\_name](#input\_dns\_zone\_domain\_name) | DNS zone domain name. If created, records will automatically be created to point to the CDN. | `string` | n/a | yes |
| [enable\_cdn\_frontdoor](#input\_enable\_cdn\_frontdoor) | Enable Azure CDN FrontDoor. This will use the Container Apps endpoint as the origin. | `bool` | `false` | no |
| [enable\_cdn\_frontdoor\_health\_probe](#input\_enable\_cdn\_frontdoor\_health\_probe) | Enable CDN Front Door health probe | `bool` | n/a | yes |
+| [enable\_ci\_report\_storage\_container](#input\_enable\_ci\_report\_storage\_container) | Deploy a Blob Storage Container to store CI Reports in | `bool` | `false` | no |
| [enable\_container\_health\_probe](#input\_enable\_container\_health\_probe) | Enable liveness probes for the Container | `bool` | `true` | no |
| [enable\_container\_registry](#input\_enable\_container\_registry) | Set to true to create a container registry | `bool` | n/a | yes |
| [enable\_dns\_zone](#input\_enable\_dns\_zone) | Conditionally create a DNS zone | `bool` | n/a | yes |
@@ -214,5 +216,7 @@ If everything looks good, answer `yes` and wait for the new infrastructure to be
## Outputs
-No outputs.
+| Name | Description |
+|------|-------------|
+| [ci-test-reports-storage-sas-url](#output\_ci-test-reports-storage-sas-url) | A SAS tokenised URL for accessing the CI Reports in the Blob Storage Container |
diff --git a/terraform/ci-storage.tf b/terraform/ci-storage.tf
index 107a06512..a0600f049 100644
--- a/terraform/ci-storage.tf
+++ b/terraform/ci-storage.tf
@@ -3,6 +3,8 @@ locals {
}
resource "azurerm_storage_account" "ci-test-reports" {
+ count = local.enable_ci_report_storage_container ? 1 : 0
+
name = "${replace(local.resource_prefix, "-", "")}reports"
resource_group_name = module.azure_container_apps_hosting.azurerm_resource_group_default.name
location = module.azure_container_apps_hosting.azurerm_resource_group_default.location
@@ -16,14 +18,18 @@ resource "azurerm_storage_account" "ci-test-reports" {
}
resource "azurerm_storage_container" "ci-test-reports" {
+ count = local.enable_ci_report_storage_container ? 1 : 0
+
name = "${local.resource_prefix}-reports"
- storage_account_name = azurerm_storage_account.ci-test-reports.name
- container_access_type = "blob"
+ storage_account_name = azurerm_storage_account.ci-test-reports[0].name
+ container_access_type = "private"
}
resource "azurerm_monitor_diagnostic_setting" "ci-test-reports" {
+ count = local.enable_ci_report_storage_container ? 1 : 0
+
name = "${local.resource_prefix}-reports-diag"
- target_resource_id = azurerm_storage_account.ci-test-reports.id
+ target_resource_id = azurerm_storage_account.ci-test-reports[0].id
log_analytics_workspace_id = module.azure_container_apps_hosting.azurerm_log_analytics_workspace_container_app.id
log_analytics_destination_type = "Dedicated"
eventhub_name = local.enable_event_hub ? module.azure_container_apps_hosting.azurerm_eventhub_container_app.name : null
@@ -32,3 +38,31 @@ resource "azurerm_monitor_diagnostic_setting" "ci-test-reports" {
category = "Transaction"
}
}
+
+data "azurerm_storage_account_blob_container_sas" "ci-test-reports" {
+ count = local.enable_ci_report_storage_container ? 1 : 0
+
+ connection_string = azurerm_storage_account.ci-test-reports[0].primary_connection_string
+ container_name = azurerm_storage_container.ci-test-reports[0].name
+ https_only = true
+
+ start = formatdate("YYYY-MM-DD'T'hh:mm:ssZ", timestamp())
+ expiry = formatdate("YYYY-MM-DD'T'hh:mm:ssZ", timeadd(timestamp(), "+4380h")) # +6 months
+
+ permissions {
+ read = true
+ add = true
+ create = true
+ write = true
+ delete = true
+ list = true
+ }
+}
+
+output "ci-test-reports-storage-sas-url" {
+ count = local.enable_ci_report_storage_container ? 1 : 0
+
+ description = "A SAS tokenised URL for accessing the CI Reports in the Blob Storage Container"
+ value = data.azurerm_storage_account_blob_container_sas.ci-test-reports[0].sas
+ sensitive = true
+}
diff --git a/terraform/locals.tf b/terraform/locals.tf
index 2bcc3c614..df1372482 100644
--- a/terraform/locals.tf
+++ b/terraform/locals.tf
@@ -53,4 +53,5 @@ locals {
statuscake_contact_group_name = var.statuscake_contact_group_name
statuscake_contact_group_integrations = var.statuscake_contact_group_integrations
statuscake_contact_group_email_addresses = var.statuscake_contact_group_email_addresses
+ enable_ci_report_storage_container = var.enable_ci_report_storage_container
}
diff --git a/terraform/variables.tf b/terraform/variables.tf
index f473d4187..e0c55f562 100644
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -308,3 +308,9 @@ variable "statuscake_contact_group_email_addresses" {
type = list(string)
default = []
}
+
+variable "enable_ci_report_storage_container" {
+ description = "Deploy a Blob Storage Container to store CI Reports in"
+ type = bool
+ default = false
+}