Public/openbrain-mcp
1
0
Fork 0
mirror of https://gitea.ingwaz.work/Ingwaz/openbrain-mcp.git synced 2026-03-31 14:49:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use ephemeral API key for VPS e2e tests

Browse Source
This commit is contained in:
Agent Zero
2026-03-23 23:54:53 +00:00
parent b001d627e1
commit 1b4fc85ff2
3 changed files with 63 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
.gitea/workflows/ci-cd.yaml
View File

@@ -68,6 +68,14 @@ jobs:
cargo build --release
test -x target/release/openbrain-mcp
- name: Generate ephemeral e2e API key
if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master'
run: |
set -euxo pipefail
install -d -m 700 .ci
umask 077
openssl rand -hex 32 > .ci/openbrain_e2e_key
- name: Setup SSH auth
if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master'
run: |
@@ -104,6 +112,11 @@ jobs:
: "${VPS_HOST:?Set repository secret VPS_HOST}"
: "${VPS_USER:=root}"
SSH="ssh -i $HOME/.ssh/deploy_key -o IdentitiesOnly=yes"
EPHEMERAL_E2E_KEY="$(cat .ci/openbrain_e2e_key)"
EFFECTIVE_OPENBRAIN__AUTH__API_KEYS="$EPHEMERAL_E2E_KEY"
if [[ -n "${OPENBRAIN__AUTH__API_KEYS:-}" ]]; then
EFFECTIVE_OPENBRAIN__AUTH__API_KEYS="${OPENBRAIN__AUTH__API_KEYS},${EPHEMERAL_E2E_KEY}"
fi
: "${OPENBRAIN__DATABASE__HOST:?Set repository secret OPENBRAIN__DATABASE__HOST}"
: "${OPENBRAIN__DATABASE__NAME:?Set repository secret OPENBRAIN__DATABASE__NAME}"
@@ -123,7 +136,7 @@ jobs:
OPENBRAIN__DATABASE__USER='$OPENBRAIN__DATABASE__USER' \
OPENBRAIN__DATABASE__PASSWORD='$OPENBRAIN__DATABASE__PASSWORD' \
OPENBRAIN__DATABASE__POOL_SIZE='$OPENBRAIN__DATABASE__POOL_SIZE' \
OPENBRAIN__AUTH__API_KEYS='$OPENBRAIN__AUTH__API_KEYS' \
OPENBRAIN__AUTH__API_KEYS='$EFFECTIVE_OPENBRAIN__AUTH__API_KEYS' \
bash -s" <<'EOS'
set -euo pipefail
DEPLOY_DIR="${DEPLOY_DIR:-/opt/openbrain-mcp}"
@@ -225,14 +238,54 @@ jobs:
env:
OPENBRAIN_E2E_REMOTE: "true"
OPENBRAIN_E2E_BASE_URL: http://${{ secrets.VPS_HOST }}:3100
OPENBRAIN_E2E_API_KEY: ${{ secrets.OPENBRAIN_E2E_API_KEY }}
OPENBRAIN__AUTH__ENABLED: "true"
run: |
set -euxo pipefail
: "${OPENBRAIN_E2E_API_KEY:?Set repository secret OPENBRAIN_E2E_API_KEY}"
export OPENBRAIN_E2E_API_KEY="$(cat .ci/openbrain_e2e_key)"
. "$HOME/.cargo/env"
cargo test --test e2e_mcp -- --test-threads=1
- name: Remove ephemeral e2e key and restart service
if: always() && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master')
run: |
set -euxo pipefail
: "${VPS_HOST:?Set repository secret VPS_HOST}"
: "${VPS_USER:=root}"
SSH="ssh -i $HOME/.ssh/deploy_key -o IdentitiesOnly=yes"
EPHEMERAL_E2E_KEY="$(cat .ci/openbrain_e2e_key)"
BASE_AUTH_KEYS="${OPENBRAIN__AUTH__API_KEYS:-}"
$SSH "$VPS_USER@$VPS_HOST" "\
DEPLOY_DIR=$DEPLOY_DIR \
OPENBRAIN__AUTH__API_KEYS='$BASE_AUTH_KEYS' \
bash -s" <<'EOS'
set -euo pipefail
DEPLOY_DIR="${DEPLOY_DIR:-/opt/openbrain-mcp}"
ENV_FILE="$DEPLOY_DIR/.env"
upsert_env() {
local key="$1"
local value="$2"
local escaped_value
escaped_value="$(printf '%s' "$value" | sed -e 's/[\\&|]/\\&/g')"
if grep -qE "^${key}=" "$ENV_FILE"; then
sed -i "s|^${key}=.*|${key}=${escaped_value}|" "$ENV_FILE"
else
printf '%s=%s\n' "$key" "$value" >> "$ENV_FILE"
fi
}
if [[ -n "${OPENBRAIN__AUTH__API_KEYS:-}" ]]; then
upsert_env "OPENBRAIN__AUTH__ENABLED" "true"
upsert_env "OPENBRAIN__AUTH__API_KEYS" "$OPENBRAIN__AUTH__API_KEYS"
else
upsert_env "OPENBRAIN__AUTH__ENABLED" "false"
sed -i '/^OPENBRAIN__AUTH__API_KEYS=/d' "$ENV_FILE"
fi
EOS
$SSH "$VPS_USER@$VPS_HOST" "systemctl restart $SERVICE_NAME"
- name: Cleanup SSH key
if: always()
run: |