ci: disable telemetry in e2e and integ test workflows #2501
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: E2E Tests | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| aws_region: | |
| description: 'AWS region for deployment' | |
| default: 'us-east-1' | |
| cdk_branch: | |
| description: 'CDK repo branch to build from (default: main)' | |
| default: 'main' | |
| pull_request_target: | |
| branches: [main] | |
| concurrency: | |
| group: e2e-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: false | |
| permissions: | |
| id-token: write # OIDC — lets GitHub assume an AWS IAM role via short-lived token (no stored keys) | |
| contents: read | |
| jobs: | |
| authorize: | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'workflow_dispatch' || github.event_name == 'pull_request_target' | |
| outputs: | |
| is_authorized: ${{ steps.check.outputs.is_authorized }} | |
| steps: | |
| - name: Check authorization | |
| id: check | |
| run: | | |
| if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then | |
| echo "✅ Manual workflow dispatch — authorized" | |
| echo "is_authorized=true" >> "$GITHUB_OUTPUT" | |
| exit 0 | |
| fi | |
| AUTHORIZED_USERS="${{ secrets.AUTHORIZED_USERS }}" | |
| if [[ ",$AUTHORIZED_USERS," == *",${{ github.actor }},"* ]]; then | |
| echo "✅ User ${{ github.actor }} is authorized" | |
| echo "is_authorized=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "⏭️ User ${{ github.actor }} is not in AUTHORIZED_USERS — skipping E2E tests." | |
| echo "ℹ️ External contributors: ask a maintainer to run the E2E tests manually via workflow_dispatch." | |
| echo "is_authorized=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| e2e: | |
| needs: authorize | |
| if: needs.authorize.outputs.is_authorized == 'true' | |
| runs-on: ubuntu-latest | |
| environment: e2e-testing | |
| timeout-minutes: 30 | |
| env: | |
| AGENTCORE_TELEMETRY_DISABLED: '1' | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| fetch-depth: 0 | |
| - uses: actions/setup-node@v6 | |
| with: | |
| node-version: '20.x' | |
| cache: 'npm' | |
| - name: Configure git | |
| run: | | |
| git config --global user.email "ci@amazon.com" | |
| git config --global user.name "CI" | |
| - uses: astral-sh/setup-uv@v7 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v6 | |
| with: | |
| role-to-assume: ${{ secrets.E2E_AWS_ROLE_ARN }} | |
| aws-region: ${{ inputs.aws_region || 'us-east-1' }} | |
| - name: Get AWS Account ID | |
| id: aws | |
| run: echo "account_id=$(aws sts get-caller-identity --query Account --output text)" >> "$GITHUB_OUTPUT" | |
| - name: Get API keys from Secrets Manager | |
| uses: aws-actions/aws-secretsmanager-get-secrets@v2 | |
| with: | |
| secret-ids: | | |
| E2E,${{ secrets.E2E_SECRET_ARN }} | |
| parse-json-secrets: true | |
| - name: Generate GitHub App Token | |
| id: app-token | |
| uses: actions/create-github-app-token@v1 | |
| with: | |
| app-id: ${{ vars.APP_ID }} | |
| private-key: ${{ secrets.APP_PRIVATE_KEY }} | |
| owner: aws | |
| # Clone CDK repo for bundle script (requires App token for private repo access) | |
| - name: Clone CDK repo | |
| run: | | |
| CDK_BRANCH="${{ inputs.cdk_branch || 'main' }}" | |
| echo "Cloning CDK from branch: $CDK_BRANCH" | |
| git clone --depth 1 --branch "$CDK_BRANCH" "https://x-access-token:${CDK_REPO_TOKEN}@github.com/${CDK_REPO}.git" /tmp/cdk-repo | |
| env: | |
| CDK_REPO_TOKEN: ${{ steps.app-token.outputs.token }} | |
| CDK_REPO: ${{ secrets.CDK_REPO_NAME }} | |
| - run: npm ci | |
| - name: Bundle GA and preview tarballs | |
| run: | | |
| npm run bundle | |
| GA_TARBALL=$(ls aws-agentcore-*.tgz | grep -v preview | head -1) | |
| PREVIEW_TARBALL=$(ls aws-agentcore-*-preview-*.tgz | head -1) | |
| echo "GA_TARBALL=$PWD/$GA_TARBALL" >> "$GITHUB_ENV" | |
| echo "PREVIEW_TARBALL=$PWD/$PREVIEW_TARBALL" >> "$GITHUB_ENV" | |
| env: | |
| AGENTCORE_CDK_PATH: /tmp/cdk-repo | |
| - name: Install GA CLI globally | |
| run: npm install -g "$GA_TARBALL" | |
| - name: Detect changed e2e test files | |
| id: changed | |
| run: | | |
| BASE_SHA=${{ github.event.pull_request.base.sha || 'HEAD~1' }} | |
| # If any helper file changed, run all e2e tests | |
| HELPERS_CHANGED=$(git diff --name-only "$BASE_SHA"..HEAD -- 'e2e-tests/*.ts' \ | |
| | grep -v '\.test\.ts$' | head -1) | |
| if [ -n "$HELPERS_CHANGED" ]; then | |
| GA_EXTRA=$(find e2e-tests -name '*.test.ts' \ | |
| | grep -v '^e2e-tests/strands-bedrock\.test\.ts$' \ | |
| | grep -v '^e2e-tests/harness-' \ | |
| | tr '\n' ' ') | |
| HARNESS_EXTRA=$(find e2e-tests -name 'harness-*.test.ts' \ | |
| | grep -v '^e2e-tests/harness-bedrock\.test\.ts$' \ | |
| | tr '\n' ' ') | |
| else | |
| GA_EXTRA=$(git diff --name-only "$BASE_SHA"..HEAD -- 'e2e-tests/*.test.ts' \ | |
| | grep -v '^e2e-tests/strands-bedrock\.test\.ts$' \ | |
| | grep -v '^e2e-tests/harness-' \ | |
| | tr '\n' ' ') | |
| HARNESS_EXTRA=$(git diff --name-only "$BASE_SHA"..HEAD -- 'e2e-tests/harness-*.test.ts' \ | |
| | grep -v '^e2e-tests/harness-bedrock\.test\.ts$' \ | |
| | tr '\n' ' ') | |
| fi | |
| echo "ga_extra=$GA_EXTRA" >> "$GITHUB_OUTPUT" | |
| echo "harness_extra=$HARNESS_EXTRA" >> "$GITHUB_OUTPUT" | |
| echo "GA extra tests: ${GA_EXTRA:-none}" | |
| echo "Harness extra tests: ${HARNESS_EXTRA:-none}" | |
| - name: Run E2E tests (GA) | |
| env: | |
| AWS_ACCOUNT_ID: ${{ steps.aws.outputs.account_id }} | |
| AWS_REGION: ${{ inputs.aws_region || 'us-east-1' }} | |
| ANTHROPIC_API_KEY: ${{ env.E2E_ANTHROPIC_API_KEY }} | |
| OPENAI_API_KEY: ${{ env.E2E_OPENAI_API_KEY }} | |
| GEMINI_API_KEY: ${{ env.E2E_GEMINI_API_KEY }} | |
| run: npx vitest run --project e2e e2e-tests/strands-bedrock.test.ts ${{ steps.changed.outputs.ga_extra }} | |
| - name: Install preview CLI globally | |
| run: npm install -g "$PREVIEW_TARBALL" | |
| - name: Run E2E tests (preview/harness) | |
| env: | |
| AWS_ACCOUNT_ID: ${{ steps.aws.outputs.account_id }} | |
| AWS_REGION: ${{ inputs.aws_region || 'us-east-1' }} | |
| ANTHROPIC_API_KEY: ${{ env.E2E_ANTHROPIC_API_KEY }} | |
| OPENAI_API_KEY: ${{ env.E2E_OPENAI_API_KEY }} | |
| GEMINI_API_KEY: ${{ env.E2E_GEMINI_API_KEY }} | |
| BUILD_PREVIEW: '1' | |
| run: npx vitest run --project e2e e2e-tests/harness-bedrock.test.ts ${{ steps.changed.outputs.harness_extra }} |