Removed Automatic STIG Import on Init #80
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Test Suite | |
on: | |
workflow_dispatch: | |
pull_request: | |
branches: | |
- main | |
- test-coverage | |
paths: | |
- 'api/source/**' | |
- 'test/api/**' | |
- '.github/workflows/api-audit-test-coverage-response.yml' | |
env: | |
STIGMAN_API_PORT: 64001 | |
STIGMAN_DB_HOST: localhost | |
STIGMAN_DB_PORT: 3306 | |
STIGMAN_DB_PASSWORD: stigman | |
STIGMAN_API_AUTHORITY: http://127.0.0.1:8080/auth/realms/stigman | |
STIGMAN_SWAGGER_ENABLED: true | |
STIGMAN_SWAGGER_SERVER: http://localhost:64001/api | |
STIGMAN_SWAGGER_REDIRECT: http://localhost:64001/api-docs/oauth2-redirect.html | |
STIGMAN_DEV_RESPONSE_VALIDATION: logOnly | |
NODE_V8_COVERAGE: /home/runner/work/stig-manager/stig-manager/api/source/coverage/tmp/ | |
jobs: | |
npm_audit: | |
name: npm audit | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: install dependencies | |
run: npm ci | |
working-directory: ./api/source/ | |
- name: Audit Dependencies and Create PR Comment if needed | |
uses: oke-py/npm-audit-action@2c6b2da234031fbf72af81a04c76b3a152bb2222 # pin@v2 | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
create_issues: false | |
create_pr_comments: true | |
working_directory: ./api/source/ | |
test_api: | |
name: Run tests with coverage | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out the repo | |
uses: actions/checkout@v3 | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
- name: coverage directory | |
run: printenv NODE_V8_COVERAGE | |
- name: Install app dependencies | |
working-directory: ./api/source | |
run: npm ci | |
- name: Run mock Keycloak | |
id: idp-run | |
working-directory: ./test/api/mock-keycloak | |
run: | | |
python3 -m http.server 8080 & | |
- name: Run MySQL container | |
id: mysql-run | |
run: | | |
docker run -d --name stig-manager-db \ | |
-p 3306:3306 \ | |
-e MYSQL_ROOT_PASSWORD=rootpw \ | |
-e MYSQL_DATABASE=stigman \ | |
-e MYSQL_USER=stigman \ | |
-e MYSQL_PASSWORD=stigman \ | |
mysql:8.0.21 | |
- name: Install c8 coverage reporter | |
run: | | |
sudo npm install -g c8 | |
- name: Install Newman reporter | |
id: newman-reporter-install | |
run: | | |
sudo npm install -g newman-reporter-htmlextra | |
- name: Run app and echo pid | |
working-directory: ./api/source | |
run: sh -c 'echo $$ > /tmp/test.pid ; exec c8 -r html node index.js > api-log.json 2>&1' & | |
- name: pid file check | |
working-directory: ./api/source | |
run: cat /tmp/test.pid | |
- name: Wait for bootstrap | |
run: for i in {1..10}; do [ $i -gt 1 ] && sleep 5; curl --output /dev/null --silent --fail http://localhost:64001/api/op/configuration && s=0 && break || s=$?; printf '.'; done; (exit $s) | |
- name: Run Newman Collection LoadTestData | |
id: newman-run-loadTestData | |
working-directory: ./test/api | |
run: | | |
set -o pipefail | |
newman run postman_collection.json -e postman_environment.json -d collectionRunnerData.json -n 1 --folder LoadTestData -r cli,htmlextra --reporter-cli-no-assertions --reporter-cli-no-console --reporter-htmlextra-showOnlyFails --reporter-htmlextra-export ./newman/dataPreloadReport.html | grep -A18 '┌─────' | |
- name: Run Newman Collection GETS | |
id: newman-run-gets | |
if: steps.newman-run-loadTestData.conclusion == 'success' | |
working-directory: ./test/api | |
run: | | |
set -o pipefail | |
newman run postman_collection.json -e postman_environment.json -d collectionRunnerData.json -n 6 --folder GETs -r cli,htmlextra --reporter-cli-no-assertions --reporter-cli-no-console --reporter-htmlextra-showOnlyFails --reporter-htmlextra-export ./newman/GetsReport.html | grep -A18 '┌─────' | |
- name: Run Newman Collection Posts, Puts, Patches, Deletes | |
id: newman-run-pppd | |
if: steps.newman-run-loadTestData.conclusion == 'success' | |
working-directory: ./test/api | |
run: | | |
set -o pipefail | |
newman run postman_collection.json -e postman_environment.json -d collectionRunnerData.json -n 6 --folder "POSTS, Puts, Patches, and Deletes" -r cli,htmlextra --reporter-cli-no-assertions --reporter-cli-no-console --reporter-htmlextra-showOnlyFails --reporter-htmlextra-export ./newman/PPPDReport.html | grep -A18 '┌─────' | |
- name: Run Newman Collection STIGS | |
id: newman-run-stigs | |
if: steps.newman-run-loadTestData.conclusion == 'success' | |
working-directory: ./test/api | |
run: | | |
set -o pipefail | |
newman run postman_collection.json -e postman_environment.json -d collectionRunnerData.json -n 2 --folder "STIGS" -r cli,htmlextra --reporter-cli-no-assertions --reporter-cli-no-console --reporter-htmlextra-showOnlyFails --reporter-htmlextra-export ./newman/stigsReport.html | grep -A18 '┌─────' | |
- name: Run Newman Collection LVL1 Cross-Boundary Tests | |
id: newman-run-lvl1-cross-boundary | |
if: steps.newman-run-loadTestData.conclusion == 'success' | |
working-directory: ./test/api | |
run: | | |
set -o pipefail | |
newman run postman_collection.json -e postman_environment.json -d collectionRunnerData.json -n 1 --folder "LVL1 cross-boundary tests" -r cli,htmlextra --reporter-cli-no-assertions --reporter-cli-no-console --reporter-htmlextra-showEnvironmentData --reporter-htmlextra-export ./newman/lvl1Report.html | grep -A18 '┌─────' | |
- name: Run Newman Collection Additional Sundry Tests | |
id: newman-run-additional-sundry | |
if: steps.newman-run-loadTestData.conclusion == 'success' | |
working-directory: ./test/api | |
run: | | |
set -o pipefail | |
newman run postman_collection.json -e postman_environment.json -d collectionRunnerData.json -n 1 --folder "Additional sundry tests" -r cli,htmlextra --reporter-cli-no-assertions --reporter-cli-no-console --reporter-htmlextra-showEnvironmentData --reporter-htmlextra-export ./newman/AdditionalSundryReport.html | grep -A18 '┌─────' | |
- name: Kill child pid | |
working-directory: ./api/source | |
run: kill -SIGINT $(ps -ef --ppid `cat /tmp/test.pid` -o pid= ) | |
- name: Wait until c8 process ends, or 60 seconds, whichever is shorter. | |
run: timeout 60 tail --pid=`cat /tmp/test.pid` -f /dev/null | |
- name: run c8 text report | |
working-directory: ./api/source | |
run: c8 report -r text | |
- name: Upload Newman artifact | |
id: artifact-upload-newman | |
uses: actions/upload-artifact@v3 | |
if: ${{ always() }} | |
with: | |
name: newman-htmlextra | |
path: ./test/api/newman | |
- name: Upload coverage artifact | |
id: artifact-upload-coverage | |
uses: actions/upload-artifact@v3 | |
if: ${{ always() }} | |
with: | |
name: coverage-report | |
path: ./api/source/coverage | |
- name: Upload API logs | |
id: artifact-upload-api-logs | |
uses: actions/upload-artifact@v3 | |
if: ${{ always() }} | |
with: | |
name: api-log | |
path: ./api/source/api-log.json | |
response_validation: | |
name: Response validation | |
needs: | |
- test_api | |
runs-on: ubuntu-latest | |
steps: | |
- name: Download API log artifact | |
uses: actions/download-artifact@v3 | |
with: | |
name: api-log | |
path: ./logs | |
- name: Test for response validation messages | |
working-directory: ./logs | |
run: | | |
jq -s 'map(select(.type=="responseValidation")|{method:.data.request.method,url:.data.request.url,errors:.data.error.errors,body:.data.body})' api-log.json > response-validation.json | |
exit $(jq '. | length' response-validation.json) | |
- name: Upload response validation artifact | |
if: ${{ failure() }} | |
uses: actions/upload-artifact@master | |
with: | |
name: response-validation | |
path: ./logs/response-validation.json |