search

eventespresso / actions

Centralized repository for all of Event Espresso's GitHub Actions used in our CI/CD pipelines
GNU Affero General Public License v3.0
2 stars 6 forks source link

Encrypt artifacts Playwright artifacts in E2E tests #54

Closed alexkuc closed 8 months ago

alexkuc commented 8 months ago

This PR encrypts E2E artifacts using GPG encryption to conceal sensitive information

To decrypt artifact locally:

unzip playwright-report.zip -d report
cd report
gpg --decrypt --ouput report.tar playwright-report.tar.gpg
tar --extract --strip-components 2 --file report.tar

The new variables for the workflow are GPG_PASSWORD and GPG_CIPHER. If you prefer different names, please me know and I'll update the PR.

The implementation is crude and there is certainly room for improvement but as it stands now, this PR is fully functional and follows fail-safe approach where if somewhere along the calling chain something happens, it bails without proceeding further thus eliminating the risk of leaking something unencrypted.

alexkuc commented 8 months ago

@tn3rb Very valuable feedback, thank you so much! Gonna wait for you to review my comments and then act accordingly.