From dfb34f5277f07e594b0e6973499b94844349e068 Mon Sep 17 00:00:00 2001 From: Simon Date: Wed, 11 Jan 2023 21:56:00 +0100 Subject: [PATCH] :construction_worker: Implement Integration Test (#22) * :construction_worker: Started assembling integration test pipeline * :wrench: Setup for testing * :wrench: Selected correct report * :white_check_mark: Added Bash based Integration Test * :wrench: Added Schedule (every 3 day at 22.00) * Minor Name adjustment * :wrench: Removed test branch as implementation concluded --- .github/workflows/integration.yml | 31 +++++++++++++++++++++++++------ 1 file changed, 25 insertions(+), 6 deletions(-) diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml index 9e1fd08..5be3009 100644 --- a/.github/workflows/integration.yml +++ b/.github/workflows/integration.yml @@ -5,14 +5,33 @@ on: - main tags: - v* + schedule: + - cron: '0 22 */3 * *' jobs: test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@main - - name: Debug - run: pwd && ls - shell: bash - - name: Integration Test - id: integration-test + - name: Checkout playground repository + uses: actions/checkout@main + with: + repository: Templum/playground + - name: Run Action against known repository and skip upload to compare generated file uses: Templum/govulncheck-action@main + with: + skip-upload: true + go-version: 1.19 + env: + GH_PAT_TOKEN: ${{ secrets.PAT_TOKEN }} + GOPRIVATE: "github.com/Templum/private-lib" + - name: Ensure at least 8 Vulnerabilities are discovered + run: | + rules=$(cat govulncheck-report.sarif | jq '.runs[0].tool.driver.rules | length') + occurrences=$(cat govulncheck-report.sarif | jq '.runs[0].results | length') + if [[ $rules -ge 8 ]]; then echo "Found expected number of rules"; else echo "Found unexpected number of rules $rules expected 8"; exit 1; fi + if [[ $occurrences -ge 8 ]]; then echo "Found expected number of call sites"; else echo "Found unexpected number of call sites ($occurrences expected 8)"; exit 1; fi + - name: Upload Report if Test failed + if: ${{ failure() }} + uses: actions/upload-artifact@v3 + with: + name: sarif-report + path: govulncheck-report.sarif