diff --git a/.github/workflows/create_test_report.yml b/.github/workflows/create_test_report.yml index 4c9a55ffd1..2085a10276 100644 --- a/.github/workflows/create_test_report.yml +++ b/.github/workflows/create_test_report.yml @@ -18,12 +18,12 @@ jobs: - uses: actions/setup-node@v4 with: node-version: 18 - - name: "Azure OIDC Login" - uses: azure/login@v1 + - name: Azure Login + uses: azure/login@v2 with: - client-id: ${{ vars.CFS_CLIENT_ID }} - tenant-id: ${{ vars.CFS_TENANT_ID }} - subscription-id: ${{ vars.CFS_SUBSCRIPTION_ID }} + client-id: ${{ secrets.AZURE_BLOB_REPORTS_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_BLOB_REPORTS_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_BLOB_REPORTS_SUBSCRIPTION_ID }} - run: npm ci env: DEBUG: pw:install diff --git a/.github/workflows/publish_canary.yml b/.github/workflows/publish_canary.yml index 6c9eb046e0..c28ca4a525 100644 --- a/.github/workflows/publish_canary.yml +++ b/.github/workflows/publish_canary.yml @@ -17,10 +17,17 @@ jobs: runs-on: ubuntu-20.04 if: github.repository == 'microsoft/playwright' permissions: - contents: read - id-token: write + id-token: write # This is required for OIDC login (azure/login) to succeed + contents: read # This is required for actions/checkout to succeed + environment: allow-publish-driver-to-cdn # This is required for OIDC login (azure/login) steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + with: + client-id: ${{ secrets.AZURE_PW_CDN_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_PW_CDN_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_PW_CDN_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -52,8 +59,6 @@ jobs: - name: build & publish driver env: AZ_UPLOAD_FOLDER: driver/next - AZ_ACCOUNT_KEY: ${{ secrets.AZ_ACCOUNT_KEY }} - AZ_ACCOUNT_NAME: ${{ secrets.AZ_ACCOUNT_NAME }} run: | utils/build/build-playwright-driver.sh utils/build/upload-playwright-driver.sh diff --git a/.github/workflows/publish_release_docker.yml b/.github/workflows/publish_release_docker.yml index bc836960f1..ca3ca0c43a 100644 --- a/.github/workflows/publish_release_docker.yml +++ b/.github/workflows/publish_release_docker.yml @@ -18,18 +18,25 @@ jobs: publish-docker-release: name: "publish to DockerHub" runs-on: ubuntu-22.04 + permissions: + id-token: write # This is required for OIDC login (azure/login) to succeed + contents: read # This is required for actions/checkout to succeed if: github.repository == 'microsoft/playwright' + environment: allow-publishing-docker-to-acr steps: + - name: Azure Login + uses: azure/login@v2 + with: + client-id: ${{ secrets.AZURE_DOCKER_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_DOCKER_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_DOCKER_SUBSCRIPTION_ID }} + - name: Login to ACR via OIDC + run: az acr login --name playwright - uses: actions/checkout@v4 - uses: actions/setup-node@v4 with: node-version: 18 registry-url: 'https://registry.npmjs.org' - - uses: azure/docker-login@v1 - with: - login-server: playwright.azurecr.io - username: playwright - password: ${{ secrets.DOCKER_PASSWORD }} - name: Set up Docker QEMU for arm64 docker builds uses: docker/setup-qemu-action@v3 with: diff --git a/.github/workflows/publish_release_driver.yml b/.github/workflows/publish_release_driver.yml index 61524f9cd2..b406c15eda 100644 --- a/.github/workflows/publish_release_driver.yml +++ b/.github/workflows/publish_release_driver.yml @@ -12,8 +12,18 @@ jobs: name: "publish playwright driver to CDN" runs-on: ubuntu-20.04 if: github.repository == 'microsoft/playwright' + permissions: + id-token: write # This is required for OIDC login (azure/login) to succeed + contents: read # This is required for actions/checkout to succeed + environment: allow-publish-driver-to-cdn # This is required for OIDC login (azure/login) steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + with: + client-id: ${{ secrets.AZURE_PW_CDN_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_PW_CDN_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_PW_CDN_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -25,5 +35,3 @@ jobs: - run: utils/build/upload-playwright-driver.sh env: AZ_UPLOAD_FOLDER: driver - AZ_ACCOUNT_KEY: ${{ secrets.AZ_ACCOUNT_KEY }} - AZ_ACCOUNT_NAME: ${{ secrets.AZ_ACCOUNT_NAME }} diff --git a/.github/workflows/tests_electron.yml b/.github/workflows/tests_electron.yml index 05f7302747..9107f6c37b 100644 --- a/.github/workflows/tests_electron.yml +++ b/.github/workflows/tests_electron.yml @@ -17,11 +17,11 @@ on: env: # Force terminal colors. @see https://www.npmjs.com/package/colors FORCE_COLOR: 1 - FLAKINESS_CONNECTION_STRING: ${{ secrets.FLAKINESS_CONNECTION_STRING }} jobs: test_electron: name: ${{ matrix.os }} + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} strategy: fail-fast: false matrix: @@ -29,6 +29,13 @@ jobs: runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 diff --git a/.github/workflows/tests_primary.yml b/.github/workflows/tests_primary.yml index 5b4b080287..c932702d72 100644 --- a/.github/workflows/tests_primary.yml +++ b/.github/workflows/tests_primary.yml @@ -22,12 +22,12 @@ concurrency: env: # Force terminal colors. @see https://www.npmjs.com/package/colors FORCE_COLOR: 1 - FLAKINESS_CONNECTION_STRING: ${{ secrets.FLAKINESS_CONNECTION_STRING }} ELECTRON_SKIP_BINARY_DOWNLOAD: 1 jobs: test_linux: name: ${{ matrix.os }} (${{ matrix.browser }} - Node.js ${{ matrix.node-version }}) + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} strategy: fail-fast: false matrix: @@ -44,8 +44,18 @@ jobs: runs-on: ${{ matrix.os }} env: PWTEST_BOT_NAME: "${{ matrix.browser }}-${{ matrix.os }}-node${{ matrix.node-version }}" + permissions: + id-token: write # This is required for OIDC login (azure/login) to succeed + contents: read # This is required for actions/checkout to succeed steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: ${{ matrix.node-version }} @@ -69,6 +79,7 @@ jobs: test_linux_chromium_tot: name: ${{ matrix.os }} (chromium tip-of-tree) + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} strategy: fail-fast: false matrix: @@ -76,8 +87,18 @@ jobs: runs-on: ${{ matrix.os }} env: PWTEST_BOT_NAME: "${{ matrix.os }}-chromium-tip-of-tree" + permissions: + id-token: write # This is required for OIDC login (azure/login) to succeed + contents: read # This is required for actions/checkout to succeed steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -103,6 +124,7 @@ jobs: test_test_runner: name: Test Runner + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} strategy: fail-fast: false matrix: @@ -130,8 +152,18 @@ jobs: runs-on: ${{ matrix.os }} env: PWTEST_BOT_NAME: "${{ matrix.os }}-node${{ matrix.node-version }}-${{ matrix.shardIndex }}" + permissions: + id-token: write # This is required for OIDC login (azure/login) to succeed + contents: read # This is required for actions/checkout to succeed steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: ${{matrix.node-version}} @@ -227,6 +259,7 @@ jobs: test_package_installations: name: "Installation Test ${{ matrix.os }}" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} strategy: fail-fast: false matrix: @@ -238,8 +271,18 @@ jobs: timeout-minutes: 30 env: PWTEST_BOT_NAME: "package-installations-${{ matrix.os }}" + permissions: + id-token: write # This is required for OIDC login (azure/login) to succeed + contents: read # This is required for actions/checkout to succeed steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 diff --git a/.github/workflows/tests_secondary.yml b/.github/workflows/tests_secondary.yml index 05325d9a7d..895d4ca4cc 100644 --- a/.github/workflows/tests_secondary.yml +++ b/.github/workflows/tests_secondary.yml @@ -17,12 +17,16 @@ on: env: # Force terminal colors. @see https://www.npmjs.com/package/colors FORCE_COLOR: 1 - FLAKINESS_CONNECTION_STRING: ${{ secrets.FLAKINESS_CONNECTION_STRING }} ELECTRON_SKIP_BINARY_DOWNLOAD: 1 +permissions: + id-token: write # This is required for OIDC login (azure/login) to succeed + contents: read # This is required for actions/checkout to succeed + jobs: test_linux: name: ${{ matrix.os }} (${{ matrix.browser }}) + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} strategy: fail-fast: false matrix: @@ -33,6 +37,13 @@ jobs: PWTEST_BOT_NAME: "${{ matrix.browser }}-${{ matrix.os }}" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -56,6 +67,7 @@ jobs: test_mac: name: ${{ matrix.os }} (${{ matrix.browser }}) + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} strategy: fail-fast: false matrix: @@ -70,6 +82,13 @@ jobs: if: ${{ matrix.os == 'macos-14' }} run: sqlite3 $HOME/Library/Application\ Support/com.apple.TCC/TCC.db "INSERT OR IGNORE INTO access VALUES ('kTCCServiceMicrophone','/usr/local/opt/runner/provisioner/provisioner',1,2,4,1,NULL,NULL,0,'UNUSED',NULL,0,1687786159,NULL,NULL,'UNUSED',1687786159);" - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -92,6 +111,7 @@ jobs: test_win: name: "Windows" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} strategy: fail-fast: false matrix: @@ -101,6 +121,13 @@ jobs: PWTEST_BOT_NAME: "${{ matrix.browser }}-windows-latest" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -128,6 +155,7 @@ jobs: test-package-installations-other-node-versions: name: "Installation Test ${{ matrix.os }} (${{ matrix.node_version }})" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: ${{ matrix.os }} strategy: fail-fast: false @@ -140,6 +168,13 @@ jobs: timeout-minutes: 30 steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: ${{ matrix.node_version }} @@ -160,6 +195,7 @@ jobs: headed_tests: name: "headed ${{ matrix.browser }} (${{ matrix.os }})" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} strategy: fail-fast: false matrix: @@ -174,6 +210,13 @@ jobs: if: ${{ matrix.os == 'macos-latest' }} run: sqlite3 $HOME/Library/Application\ Support/com.apple.TCC/TCC.db "INSERT OR IGNORE INTO access VALUES ('kTCCServiceMicrophone','/usr/local/opt/runner/provisioner/provisioner',1,2,4,1,NULL,NULL,0,'UNUSED',NULL,0,1687786159,NULL,NULL,'UNUSED',1687786159);" - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -199,6 +242,7 @@ jobs: transport_linux: name: "Transport" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} strategy: fail-fast: false matrix: @@ -208,6 +252,13 @@ jobs: PWTEST_BOT_NAME: "${{ matrix.mode }}" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -232,6 +283,7 @@ jobs: tracing_linux: name: Tracing ${{ matrix.browser }} ${{ matrix.channel }} + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} strategy: fail-fast: false matrix: @@ -246,6 +298,13 @@ jobs: PWTEST_BOT_NAME: "tracing-${{ matrix.channel || matrix.browser }}" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -271,11 +330,19 @@ jobs: chrome_stable_linux: name: "Chrome Stable (Linux)" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: ubuntu-20.04 env: PWTEST_BOT_NAME: "chrome-stable-linux" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -299,11 +366,19 @@ jobs: chrome_stable_win: name: "Chrome Stable (Win)" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: windows-latest env: PWTEST_BOT_NAME: "chrome-stable-windows" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -328,11 +403,19 @@ jobs: chrome_stable_mac: name: "Chrome Stable (Mac)" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: macos-latest env: PWTEST_BOT_NAME: "chrome-stable-mac" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -356,6 +439,7 @@ jobs: chromium_tot: name: Chromium TOT ${{ matrix.os }} + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: ${{ matrix.os }} env: PWTEST_CHANNEL: chromium-tip-of-tree @@ -366,6 +450,13 @@ jobs: os: [ubuntu-20.04, macos-12, windows-latest] steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -390,6 +481,7 @@ jobs: chromium_tot_headed: name: Chromium TOT headed ${{ matrix.os }} + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: ${{ matrix.os }} env: PWTEST_CHANNEL: chromium-tip-of-tree @@ -400,6 +492,13 @@ jobs: os: [ubuntu-latest, macos-latest, windows-latest] steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -424,11 +523,19 @@ jobs: firefox_beta_linux: name: "Firefox Beta (Linux)" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: ubuntu-20.04 env: PWTEST_BOT_NAME: "firefox-beta-linux" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -452,11 +559,19 @@ jobs: firefox_beta_win: name: "Firefox Beta (Win)" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: windows-latest env: PWTEST_BOT_NAME: "firefox-beta-windows" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -481,11 +596,19 @@ jobs: firefox_beta_mac: name: "Firefox Beta (Mac)" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: macos-latest env: PWTEST_BOT_NAME: "firefox-beta-mac" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -509,11 +632,19 @@ jobs: edge_stable_mac: name: "Edge Stable (Mac)" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: macos-latest env: PWTEST_BOT_NAME: "edge-stable-mac" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -537,11 +668,19 @@ jobs: edge_stable_win: name: "Edge Stable (Win)" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: windows-latest env: PWTEST_BOT_NAME: "edge-stable-windows" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -566,11 +705,19 @@ jobs: edge_stable_linux: name: "Edge Stable (Linux)" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: ubuntu-20.04 env: PWTEST_BOT_NAME: "edge-stable-linux" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -594,11 +741,19 @@ jobs: edge_beta_mac: name: "Edge Beta (Mac)" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: macos-latest env: PWTEST_BOT_NAME: "edge-beta-mac" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -622,11 +777,19 @@ jobs: edge_beta_win: name: "Edge Beta (Win)" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: windows-latest env: PWTEST_BOT_NAME: "edge-beta-windows" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -651,11 +814,19 @@ jobs: edge_beta_linux: name: "Edge Beta (Linux)" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: ubuntu-20.04 env: PWTEST_BOT_NAME: "edge-beta-linux" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -679,11 +850,19 @@ jobs: edge_dev_mac: name: "Edge Dev (Mac)" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: macos-latest env: PWTEST_BOT_NAME: "edge-dev-mac" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -707,11 +886,19 @@ jobs: edge_dev_win: name: "Edge Dev (Win)" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: windows-latest env: PWTEST_BOT_NAME: "edge-dev-windows" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -736,11 +923,19 @@ jobs: edge_dev_linux: name: "Edge Dev (Linux)" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: ubuntu-20.04 env: PWTEST_BOT_NAME: "edge-dev-linux" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -764,11 +959,19 @@ jobs: chrome_beta_linux: name: "Chrome Beta (Linux)" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: ubuntu-20.04 env: PWTEST_BOT_NAME: "chrome-beta-linux" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -792,11 +995,19 @@ jobs: chrome_beta_win: name: "Chrome Beta (Win)" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: windows-latest env: PWTEST_BOT_NAME: "chrome-beta-windows" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -821,11 +1032,19 @@ jobs: chrome_beta_mac: name: "Chrome Beta (Mac)" + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: macos-latest env: PWTEST_BOT_NAME: "chrome-beta-mac" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 @@ -862,11 +1081,19 @@ jobs: test_linux_chromium_headless_new: name: Linux Chromium Headless New + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: ubuntu-latest env: PWTEST_BOT_NAME: "headless-new" steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 diff --git a/.github/workflows/tests_video.yml b/.github/workflows/tests_video.yml index b51c0e4e76..5aa6e778ea 100644 --- a/.github/workflows/tests_video.yml +++ b/.github/workflows/tests_video.yml @@ -9,20 +9,30 @@ on: env: # Force terminal colors. @see https://www.npmjs.com/package/colors FORCE_COLOR: 1 - FLAKINESS_CONNECTION_STRING: ${{ secrets.FLAKINESS_CONNECTION_STRING }} ELECTRON_SKIP_BINARY_DOWNLOAD: 1 jobs: video_linux: name: "Video Linux" + environment: allow-uploading-flakiness-results strategy: fail-fast: false matrix: browser: [chromium, firefox, webkit] os: [ubuntu-20.04, ubuntu-22.04] + permissions: + id-token: write # This is required for OIDC login (azure/login) to succeed + contents: read # This is required for actions/checkout to succeed runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 diff --git a/.github/workflows/tests_webview2.yml b/.github/workflows/tests_webview2.yml index cf9a2ef0e9..7063c8b4cc 100644 --- a/.github/workflows/tests_webview2.yml +++ b/.github/workflows/tests_webview2.yml @@ -17,15 +17,25 @@ on: env: # Force terminal colors. @see https://www.npmjs.com/package/colors FORCE_COLOR: 1 - FLAKINESS_CONNECTION_STRING: ${{ secrets.FLAKINESS_CONNECTION_STRING }} ELECTRON_SKIP_BINARY_DOWNLOAD: 1 jobs: test_webview2: name: WebView2 + environment: ${{ github.event_name == 'push' && 'allow-uploading-flakiness-results' || null }} runs-on: windows-2022 + permissions: + id-token: write # This is required for OIDC login (azure/login) to succeed + contents: read # This is required for actions/checkout to succeed steps: - uses: actions/checkout@v4 + - name: Azure Login + uses: azure/login@v2 + if: github.event_name == 'push' && github.repository == 'microsoft/playwright' + with: + client-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_FLAKINESS_DASHBOARD_SUBSCRIPTION_ID }} - uses: actions/setup-node@v4 with: node-version: 18 diff --git a/utils/build/upload-playwright-driver.sh b/utils/build/upload-playwright-driver.sh index 726424ba4a..45c5d3a323 100755 --- a/utils/build/upload-playwright-driver.sh +++ b/utils/build/upload-playwright-driver.sh @@ -5,9 +5,11 @@ set +x trap "cd $(pwd -P)" EXIT cd "$(dirname "$0")" +AZ_STORAGE_ACCOUNT="playwright2" PACKAGE_VERSION=$(node -p "require('../../package.json').version") -az storage blob upload -c builds --account-key ${AZ_ACCOUNT_KEY} --account-name ${AZ_ACCOUNT_NAME} -f ./output/playwright-${PACKAGE_VERSION}-mac.zip -n "${AZ_UPLOAD_FOLDER}/playwright-${PACKAGE_VERSION}-mac.zip" -az storage blob upload -c builds --account-key ${AZ_ACCOUNT_KEY} --account-name ${AZ_ACCOUNT_NAME} -f ./output/playwright-${PACKAGE_VERSION}-mac-arm64.zip -n "${AZ_UPLOAD_FOLDER}/playwright-${PACKAGE_VERSION}-mac-arm64.zip" -az storage blob upload -c builds --account-key ${AZ_ACCOUNT_KEY} --account-name ${AZ_ACCOUNT_NAME} -f ./output/playwright-${PACKAGE_VERSION}-linux.zip -n "${AZ_UPLOAD_FOLDER}/playwright-${PACKAGE_VERSION}-linux.zip" -az storage blob upload -c builds --account-key ${AZ_ACCOUNT_KEY} --account-name ${AZ_ACCOUNT_NAME} -f ./output/playwright-${PACKAGE_VERSION}-linux-arm64.zip -n "${AZ_UPLOAD_FOLDER}/playwright-${PACKAGE_VERSION}-linux-arm64.zip" -az storage blob upload -c builds --account-key ${AZ_ACCOUNT_KEY} --account-name ${AZ_ACCOUNT_NAME} -f ./output/playwright-${PACKAGE_VERSION}-win32_x64.zip -n "${AZ_UPLOAD_FOLDER}/playwright-${PACKAGE_VERSION}-win32_x64.zip" + +az storage blob upload -c builds --account-name ${AZ_STORAGE_ACCOUNT} -f ./output/playwright-${PACKAGE_VERSION}-mac.zip -n "${AZ_UPLOAD_FOLDER}/playwright-${PACKAGE_VERSION}-mac.zip" +az storage blob upload -c builds --account-name ${AZ_STORAGE_ACCOUNT} -f ./output/playwright-${PACKAGE_VERSION}-mac-arm64.zip -n "${AZ_UPLOAD_FOLDER}/playwright-${PACKAGE_VERSION}-mac-arm64.zip" +az storage blob upload -c builds --account-name ${AZ_STORAGE_ACCOUNT} -f ./output/playwright-${PACKAGE_VERSION}-linux.zip -n "${AZ_UPLOAD_FOLDER}/playwright-${PACKAGE_VERSION}-linux.zip" +az storage blob upload -c builds --account-name ${AZ_STORAGE_ACCOUNT} -f ./output/playwright-${PACKAGE_VERSION}-linux-arm64.zip -n "${AZ_UPLOAD_FOLDER}/playwright-${PACKAGE_VERSION}-linux-arm64.zip" +az storage blob upload -c builds --account-name ${AZ_STORAGE_ACCOUNT} -f ./output/playwright-${PACKAGE_VERSION}-win32_x64.zip -n "${AZ_UPLOAD_FOLDER}/playwright-${PACKAGE_VERSION}-win32_x64.zip" diff --git a/utils/upload_flakiness_dashboard.sh b/utils/upload_flakiness_dashboard.sh index 63cef4ed3d..f4b7f96236 100755 --- a/utils/upload_flakiness_dashboard.sh +++ b/utils/upload_flakiness_dashboard.sh @@ -21,9 +21,6 @@ if [[ ($1 == '--help') || ($1 == '-h') ]]; then echo "usage: $(basename $0) " echo echo "Upload report to the flakiness dashboard." - echo - echo "NOTE: the following env variables are required:" - echo " FLAKINESS_CONNECTION_STRING connection for the azure blob storage to upload report" exit 0 fi @@ -37,13 +34,6 @@ if [[ "${GITHUB_REF}" != "refs/heads/main" && "${GITHUB_REF}" != 'refs/heads/rel exit 0 fi -if [[ -z "${FLAKINESS_CONNECTION_STRING}" ]]; then - echo "ERROR: \$FLAKINESS_CONNECTION_STRING environment variable is missing." - echo " 'Azure Account Name' and 'Azure Account Key' secrets are required" - echo " to upload flakiness results to Azure blob storage." - exit 1 -fi - if [[ $# == 0 ]]; then echo "ERROR: missing report name!" echo "try './$(basename $0) --help' for more information" @@ -92,7 +82,9 @@ node -e "${EMBED_METADATA_SCRIPT}" "$1" > "${REPORT_NAME}" gzip "${REPORT_NAME}" -az storage blob upload --connection-string "${FLAKINESS_CONNECTION_STRING}" -c uploads -f "${REPORT_NAME}.gz" -n "${REPORT_NAME}.gz" +AZ_STORAGE_ACCOUNT="folioflakinessdashboard" + +az storage blob upload --account-name "${AZ_STORAGE_ACCOUNT}" -c uploads -f "${REPORT_NAME}.gz" -n "${REPORT_NAME}.gz" UTC_DATE=$(cat <