Skip to content

GraphQL authorization tests #770

GraphQL authorization tests

GraphQL authorization tests #770

Workflow file for this run

name: GraphQL authorization tests
on:
schedule:
- cron: '45 16 * * *'
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Check without bearer token
id: query-no-token
uses: CamiloGarciaLaRotta/watermelon-http-client@v1.5
with:
url: https://graphql.preprod.crownlabs.polito.it/
# No Bearer token
graphql: |
{
tenant: itPolitoCrownlabsV1alpha1Tenant(name: "s112233") {
spec {
email
firstName
lastName
}
}
}
- name: Print the response status
run: |
echo "[i] Query output status ${{ steps.query-no-token.outputs.status }}"
[[ ${{ steps.query-no-token.outputs.status }} -eq 400 ]] || exit 1
shell: bash
- name: Send the Slack notification
uses: 8398a7/action-slack@v3
with:
status: ${{ job.status }}
author_name: CrownLabs CI
custom_payload: |
{
attachments: [{
color: 'danger',
text: `${process.env.AS_WORKFLOW}\n${process.env.AS_JOB} GraphQL authorization test with no bearer token failed`,
}]
}
env:
GITHUB_TOKEN: ${{ secrets.CI_TOKEN }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
if: failure()
- name: Check bad Bearer token
id: query-bad-token
uses: CamiloGarciaLaRotta/watermelon-http-client@v1.5
with:
headers: '{"Authorization": "Bearer CrownlabsTeam" }'
graphql: |
{
tenant: itPolitoCrownlabsV1alpha1Tenant(name: "s112233") {
spec {
email
firstName
lastName
}
}
}
- name: Print the response status
run: |
echo "[i] Query output status ${{ steps.query-bad-token.outputs.status }}"
[[ ${{ steps.query-bad-token.outputs.status }} -eq 401 ]] || exit 1
shell: bash
- name: Send the Slack notification
uses: 8398a7/action-slack@v3
with:
status: ${{ job.status }}
author_name: CrownLabs CI
custom_payload: |
{
attachments: [{
color: 'danger',
text: `${process.env.AS_WORKFLOW}\n${process.env.AS_JOB} GraphQL authorization test with bad bearer token failed`,
}]
}
env:
GITHUB_TOKEN: ${{ secrets.CI_TOKEN }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
if: failure()