fix(sec): Reduct sensitive data from Maestro logs #12656
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: End-to-End Tests | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - v5 | |
| - release/** | |
| pull_request: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} | |
| env: | |
| SENTRY_AUTH_TOKEN: 'dummy-secret-12345' | |
| MAESTRO_VERSION: '1.40.3' | |
| IOS_DEVICE: 'iPhone 16' | |
| IOS_VERSION: '18.1' | |
| jobs: | |
| diff_check: | |
| uses: ./.github/workflows/skip-ci.yml | |
| auth_token_check: | |
| uses: ./.github/workflows/skip-ci-noauth.yml | |
| secrets: inherit | |
| react-native-test: | |
| name: | |
| Test RN ${{ matrix.rn-version }} ${{ matrix.rn-architecture }} ${{ matrix.engine }} ${{ matrix.platform }} ${{ | |
| matrix.build-type }} ${{ matrix.ios-use-frameworks }} | |
| runs-on: ${{ matrix.runs-on }} | |
| strategy: | |
| fail-fast: false # keeps matrix running if one fails | |
| matrix: | |
| rn-version: ['0.65.3', '0.79.1'] | |
| rn-architecture: ['legacy', 'new'] | |
| platform: ['android', 'ios'] | |
| build-type: ['production'] | |
| ios-use-frameworks: ['no'] # test only no framworks | |
| engine: ['hermes', 'jsc'] | |
| include: | |
| - platform: ios | |
| rn-version: '0.79.1' | |
| runs-on: macos-15 | |
| - platform: ios | |
| rn-version: '0.65.3' | |
| runs-on: macos-15 | |
| - platform: android | |
| runs-on: ubuntu-latest | |
| exclude: | |
| # exclude all rn versions lower than 0.70.0 for new architecture | |
| - rn-version: '0.65.3' | |
| rn-architecture: 'new' | |
| # e2e test only the default combinations | |
| - rn-version: '0.65.3' | |
| engine: 'hermes' | |
| - rn-version: '0.79.1' | |
| engine: 'jsc' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Create test file with dummy secret (TESTING ONLY) | |
| if: ${{ always() }} | |
| run: | | |
| mkdir -p ./dev-packages/e2e-tests/maestro-logs | |
| echo '{"test": "This contains the secret dummy-secret-12345 in the middle"}' > ./dev-packages/e2e-tests/maestro-logs/test-secret.json | |
| echo 'Another line with dummy-secret-12345 here' > ./dev-packages/e2e-tests/maestro-logs/test-secret.txt | |
| echo 'Created test files with dummy secret: dummy-secret-12345' | |
| - name: Redact sensitive data from logs | |
| if: ${{ always() }} | |
| run: | | |
| if [[ "$(uname)" == "Darwin" ]]; then | |
| find ./dev-packages/e2e-tests/maestro-logs -type f -exec \ | |
| sed -i '' "s/${SENTRY_AUTH_TOKEN}/[REDACTED]/g" {} + | |
| echo 'Redacted sensitive data from logs on MacOS' | |
| else | |
| find ./dev-packages/e2e-tests/maestro-logs -type f -exec \ | |
| sed -i "s/${SENTRY_AUTH_TOKEN}/[REDACTED]/g" {} + | |
| echo 'Redacted sensitive data from logs on Ubuntu' | |
| fi | |
| - name: Upload logs | |
| if: ${{ always() }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{ matrix.rn-version }}-${{ matrix.rn-architecture }}-${{ matrix.engine }}-${{ matrix.platform }}-${{ matrix.build-type }}-${{ matrix.ios-use-frameworks }}-logs | |
| path: ./dev-packages/e2e-tests/maestro-logs |