Merge pull request #21 from nginxinc/ag-cert-test-fixes

Update action to first update certs then configurations. Plus test fixes.

Author: agazeley

.github/workflows/testNginxForAzureDeploy.yml

@@ -29,13 +29,6 @@ jobs:
           client-id: ${{ secrets.AZURE_CLIENT_ID }}
           tenant-id: ${{ secrets.AZURE_TENANT_ID }}
           subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-      - name: "Sync NGINX certificate to NGINX for Azure - single cert"
-        uses: nginxinc/[email protected]
-        with:
-          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-          resource-group-name: $TEST_RESOURCE_GROUP_NAME
-          nginx-deployment-name: $NGINX_DEPLOYMENT_NAME
-          nginx-certificate-details: '[{"certificateName": "$NGINX_CERT_NAME", "keyvaultSecret": "https://$NGINX_VAULT_NAME.vault.azure.net/secrets/$NGINX_CERT_NAME", "certificateVirtualPath": "/etc/nginx/ssl/$GITHUB_RUN_NUMBER/my-cert.crt", "keyVirtualPath": "/etc/nginx/ssl/$GITHUB_RUN_NUMBER/my-cert.key"  } ]'
 
       - name: "Update config - single file"
         shell: bash
@@ -62,15 +55,17 @@ jobs:
           cat test/configs/single/nginx.conf
           sed -i 's/000000/'"$GITHUB_RUN_ID"'/g' test/configs/multi/conf.d/proxy.conf
           cat test/configs/multi/conf.d/proxy.conf
-      - name: "Sync NGINX configuration to NGINX for Azure - multi file"
+      - name: "Sync NGINX configuration and certificate to NGINX for Azure - multi file"
         uses: nginxinc/[email protected]
         with:
           subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
           resource-group-name: $TEST_RESOURCE_GROUP_NAME
           nginx-deployment-name: $NGINX_DEPLOYMENT_NAME
+          nginx-resource-location: "westcentralus"
           nginx-config-directory-path: test/configs/multi/
           nginx-root-config-file: $NGINX_ROOT_CONFIG_FILE
           transformed-nginx-config-directory-path: $NGINX_TRANSFORMED_CONFIG_DIR_PATH
+          nginx-certificate-details: '[{"certificateName": "$NGINX_CERT_NAME", "keyvaultSecret": "https://$NGINX_VAULT_NAME.vault.azure.net/secrets/$NGINX_CERT_NAME", "certificateVirtualPath": "/etc/nginx/ssl/$GITHUB_RUN_NUMBER/my-cert.crt", "keyVirtualPath": "/etc/nginx/ssl/$GITHUB_RUN_NUMBER/my-cert.key"  } ]'
 
       - name: "Validate config update"
         shell: bash

action.yml

@@ -1,44 +1,44 @@
-name: 'NGINX For Azure Deployment Sync'
-description: 'The action synchronizes NGINX configuration from a Git repository and/or certificates already on Azure keyvault to an NGINX for Azure deployment'
+name: "NGINX For Azure Deployment Sync"
+description: "The action synchronizes NGINX configuration from a Git repository and/or certificates already on Azure keyvault to an NGINX for Azure deployment"
 inputs:
   subscription-id:
-    description: 'The Azure subscription ID of the NGINX for Azure deployment.'
+    description: "The Azure subscription ID of the NGINX for Azure deployment."
     required: true
   resource-group-name:
-    description: 'The resource group of the NGINX for Azure deployment.'
+    description: "The resource group of the NGINX for Azure deployment."
     required: true
   nginx-deployment-name:
-    description: 'The name of the NGINX for Azure deployment.'
+    description: "The name of the NGINX for Azure deployment."
     required: true
   nginx-deployment-location:
-    description: 'The location where the NGINX deployment is located. Example westcentralus'
+    description: "The location where the NGINX deployment is located. Example westcentralus"
     required: false
   nginx-config-directory-path:
     description: 'The NGINX configuration directory path relative to the root of the Git repository, example: "config/".'
     required: false
   nginx-root-config-file:
     description: >
-     'The root NGINX configuration file path relative to the NGINX configuration directory in the Git repository, example: "nginx.conf".'
+      'The root NGINX configuration file path relative to the NGINX configuration directory in the Git repository, example: "nginx.conf".'
     required: false
-    default: 'nginx.conf'
+    default: "nginx.conf"
   transformed-nginx-config-directory-path:
     description: >
-     'The transformed absolute path of the NGINX configuration directory in NGINX for Azure deployment, example: "/etc/nginx/". 
-     If the "include" directive in the NGINX configuration files uses absolute paths, the path transformation 
-     can be used to overwrite the file paths when the action synchronizes the files to the NGINX for Azure deployment.'
+      'The transformed absolute path of the NGINX configuration directory in NGINX for Azure deployment, example: "/etc/nginx/". 
+      If the "include" directive in the NGINX configuration files uses absolute paths, the path transformation 
+      can be used to overwrite the file paths when the action synchronizes the files to the NGINX for Azure deployment.'
     required: false
-    default: ''
+    default: ""
   nginx-certificate-details:
     description: 'An array of JSON objects each with keys nginx_cert_name, keyvault_secret, certificate_virtual_path and key_virtual_path. Example: [{"certificateName": "server1", "keyvaultSecret": "https://...", "certificateVirtualPath": "/etc/ssl/certs/server1.crt", "keyVirtualPath": "/etc/ssl/certs/server1.key"  }, {"name": "server2", "keyvaultSecret": "https://...", "certificateVirtualPath": "/etc/ssl/certs/server2.crt", "keyVirtualPath": "/etc/ssl/certs/server2.key"  }] '
     required: false
 runs:
   using: "composite"
   steps:
-    - name: 'Synchronize NGINX configuration from the Git repository to an NGINX for Azure deployment'
+    - name: "Synchronize NGINX certificate(s) from the Git repository to an NGINX for Azure deployment"
+      run: ${{github.action_path}}/src/deploy-certificate.sh --subscription_id=${{ inputs.subscription-id }} --resource_group_name=${{ inputs.resource-group-name }} --nginx_deployment_name=${{ inputs.nginx-deployment-name }} --nginx_resource_location=${{ inputs.nginx-deployment-location }}  --certificates=${{ toJSON(inputs.nginx-certificate-details) }}
+      if: ${{ inputs.nginx-deployment-location != '' && inputs.nginx-certificate-details != '' }}
+      shell: bash
+    - name: "Synchronize NGINX configuration from the Git repository to an NGINX for Azure deployment"
       run: ${{github.action_path}}/src/deploy-config.sh --subscription_id=${{ inputs.subscription-id }} --resource_group_name=${{ inputs.resource-group-name }} --nginx_deployment_name=${{ inputs.nginx-deployment-name }} --config_dir_path=${{ inputs.nginx-config-directory-path }} --root_config_file=${{ inputs.nginx-root-config-file }} --transformed_config_dir_path=${{ inputs.transformed-nginx-config-directory-path }}
       if: ${{ inputs.nginx-config-directory-path != '' }}
       shell: bash
-    - name: 'Synchronize NGINX certificate(s) from the Git repository to an NGINX for Azure deployment'
-      run: ${{github.action_path}}/src/deploy-certificate.sh --subscription_id=${{ inputs.subscription-id }} --resource_group_name=${{ inputs.resource-group-name }} --nginx_deployment_name=${{ inputs.nginx-deployment-name }} --nginx_resource_location=${{ inputs.nginx-deployment-location }}  --certificates=${{ toJSON(inputs.nginx-certificate-details) }} 
-      if: ${{ inputs.nginx-deployment-location != '' && inputs.nginx-certificate-details != '' }}
-      shell: bash