forked from NUWCDIVNPT/stig-manager
-
Notifications
You must be signed in to change notification settings - Fork 2
151 lines (147 loc) · 8.23 KB
/
api-container-tests.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
name: API Container Tests
on:
workflow_dispatch:
pull_request:
branches:
- main
paths:
- "api/source/**"
- "test/api/**"
- "Dockerfile"
- ".github/workflows/api-container-tests.yml"
jobs:
fetch-mysql-versions:
runs-on: ubuntu-latest
outputs:
MYSQL_VERSIONS: ${{ steps.fetch-versions.outputs.version_array }}
steps:
- name: Fetch MySQL Versions
id: fetch-versions
run: |
VERSIONS=$(echo $(curl -s "https://registry.hub.docker.com/v2/repositories/library/mysql/tags/?page_size=100" | jq -r '.results[].name | select(test("^8\\.0\\.\\d+$"))' | sort -V | tail -n3 | cat <(echo "8.0.21") - | jq -Rnc '[inputs]'))
echo "version_array=$VERSIONS" >> $GITHUB_OUTPUT
test_api:
needs: fetch-mysql-versions
name: Postman tests with ${{ matrix.container.name }} and MySQL ${{ matrix.mysql_version }}
runs-on: ubuntu-latest
strategy:
matrix:
container:
- name: "stig-manager-alpine"
build_arg: "node:lts-alpine"
mysql_version: ${{fromJson(needs.fetch-mysql-versions.outputs.MYSQL_VERSIONS)}}
steps:
- name: Check out the repo
uses: actions/checkout@v4
- name: Build image for ${{ matrix.container.name }}
id: image-build
run: |
docker build -t ${{ matrix.container.name }} --build-arg BASE_IMAGE=${{ matrix.container.build_arg }} .
- name: Run mock Keycloak
id: id-run
working-directory: ./test/api/mock-keycloak
run: |
python3 -m http.server 8080 &
- name: Run MySQL container version ${{ matrix.mysql_version }}
id: mysql-run
run: |
docker run -d --name stig-manager-db \
-p 3306:3306 \
-e MYSQL_ROOT_PASSWORD=rootpw \
-e MYSQL_DATABASE=stigman \
-e MYSQL_USER=stigman \
-e MYSQL_PASSWORD=stigman \
mysql:${{ matrix.mysql_version }}
- name: Run STIG Manager container ${{ matrix.container.name }}
id: api-run
run: |
docker run -d --name stig-manager-api \
--net=host \
-e STIGMAN_API_PORT=64001 \
-e STIGMAN_DB_HOST=localhost \
-e STIGMAN_DB_PORT=3306 \
-e STIGMAN_DB_PASSWORD=stigman \
-e STIGMAN_API_AUTHORITY=http://127.0.0.1:8080/auth/realms/stigman \
-e STIGMAN_DEV_RESPONSE_VALIDATION=logOnly \
${{ matrix.container.name }}
- name: Install Newman reporter
id: newman-reporter-install
run: |
sudo npm install -g newman-reporter-htmlextra
- name: Wait for bootstrap
run: for i in {1..10}; do [ $i -gt 1 ] && sleep 5; curl --output /dev/null --silent --fail http://localhost:64001/api/op/configuration && s=0 && break || s=$?; printf '.'; done; (exit $s)
- name: Run Newman Collection LoadTestData
id: newman-run-loadTestData
working-directory: ./test/api
run: |
set -o pipefail
newman run postman_collection.json -e postman_environment.json -d collectionRunnerData.json -n 1 --folder LoadTestData -r cli,htmlextra --reporter-cli-no-assertions --reporter-cli-no-console --reporter-htmlextra-showOnlyFails --reporter-htmlextra-export ./newman/dataPreloadReport-${{ matrix.container.name }}-${{ matrix.mysql_version }}-${{ github.run_id }}.html | grep -A18 '┌─────'
- name: Run Newman Collection GETS
id: newman-run-gets
if: steps.newman-run-loadTestData.conclusion == 'success'
working-directory: ./test/api
run: |
set -o pipefail
newman run postman_collection.json -e postman_environment.json -d collectionRunnerData.json -n 6 --folder GETs -r cli,htmlextra --reporter-cli-no-assertions --reporter-cli-no-console --reporter-htmlextra-showOnlyFails --reporter-htmlextra-export ./newman/GetsReport-${{ matrix.container.name }}-${{ matrix.mysql_version }}-${{ github.run_id }}.html | grep -A18 '┌─────'
- name: Run Newman Collection Posts, Puts, Patches, Deletes
id: newman-run-pppd
if: steps.newman-run-loadTestData.conclusion == 'success'
working-directory: ./test/api
run: |
set -o pipefail
newman run postman_collection.json -e postman_environment.json -d collectionRunnerData.json -n 6 --folder "POSTS, Puts, Patches, and Deletes" -r cli,htmlextra --reporter-cli-no-assertions --reporter-cli-no-console --reporter-htmlextra-showOnlyFails --reporter-htmlextra-export ./newman/PPPDReport-${{ matrix.container.name }}-${{ matrix.mysql_version }}-${{ github.run_id }}.html | grep -A18 '┌─────'
- name: Run Newman Collection STIGS
id: newman-run-stigs
if: steps.newman-run-loadTestData.conclusion == 'success'
working-directory: ./test/api
run: |
set -o pipefail
newman run postman_collection.json -e postman_environment.json -d collectionRunnerData.json -n 2 --folder "STIGS" -r cli,htmlextra --reporter-cli-no-assertions --reporter-cli-no-console --reporter-htmlextra-showOnlyFails --reporter-htmlextra-export ./newman/stigsReport-${{ matrix.container.name }}-${{ matrix.mysql_version }}-${{ github.run_id }}.html | grep -A18 '┌─────'
- name: Run Newman Collection LVL1 Cross-Boundary Tests
id: newman-run-lvl1-cross-boundary
if: steps.newman-run-loadTestData.conclusion == 'success'
working-directory: ./test/api
run: |
set -o pipefail
newman run postman_collection.json -e postman_environment.json -d collectionRunnerData.json -n 1 --folder "LVL1 cross-boundary tests" -r cli,htmlextra --reporter-cli-no-assertions --reporter-cli-no-console --reporter-htmlextra-showEnvironmentData --reporter-htmlextra-export ./newman/lvl1Report-${{ matrix.container.name }}-${{ matrix.mysql_version }}-${{ github.run_id }}.html | grep -A18 '┌─────'
- name: Run Newman Collection Additional Sundry Tests
id: newman-run-additional-sundry
if: steps.newman-run-loadTestData.conclusion == 'success'
working-directory: ./test/api
run: |
set -o pipefail
newman run postman_collection.json -e postman_environment.json -d collectionRunnerData.json -n 1 --folder "Additional sundry tests" -r cli,htmlextra --reporter-cli-no-assertions --reporter-cli-no-console --reporter-htmlextra-showEnvironmentData --reporter-htmlextra-export ./newman/AdditionalSundryReport-${{ matrix.container.name }}-${{ matrix.mysql_version }}-${{ github.run_id }}.html | grep -A18 '┌─────'
- name: Upload Newman artifact
id: artifact-upload
uses: actions/upload-artifact@v4
if: ${{ always() }}
with:
name: newman-htmlextra-${{ matrix.container.name }}-${{ matrix.mysql_version }}-${{ github.run_id }}
path: ./test/api/newman
- name: Extract API container log
id: api-log-extract
if: ${{ always() }}
working-directory: ./test/api
run: |
docker logs stig-manager-api > api-log-${{ matrix.container.name }}-${{ matrix.mysql_version }}-${{ github.run_id }}.json
- name: Upload API log artifact
uses: actions/upload-artifact@v4
id: api-log-upload
if: ${{ always() }}
with:
name: api-log-${{ matrix.container.name }}-${{ matrix.mysql_version }}-${{ github.run_id }}
path: ./test/api/api-log-${{ matrix.container.name }}-${{ matrix.mysql_version }}-${{ github.run_id }}.json
- name: Collect all container logs on failure
if: ${{ cancelled() || failure() }}
uses: jwalton/gh-docker-logs@54a2a89cd6a2c929525f26ca67a7a4857a5dc1d9 # pin@v1
with:
dest: "./logs-${{ matrix.container.name }}-${{ matrix.mysql_version }}"
- name: Tar container logs
if: ${{ cancelled() || failure() }}
run: tar cvzf ./logs-${{ matrix.container.name }}-${{ matrix.mysql_version }}.tgz ./logs-${{ matrix.container.name }}-${{ matrix.mysql_version }}
- name: Upload container logs artifact
if: ${{ cancelled() || failure() }}
uses: actions/upload-artifact@v4
with:
name: logs-${{ matrix.container.name }}-${{ matrix.mysql_version }}.tgz
path: ./logs-${{ matrix.container.name }}-${{ matrix.mysql_version }}.tgz