change permissions on shell #52
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: API-Provider-CI | |
on: | |
push: | |
branches: | |
- fixed-spec | |
- secure-implementation | |
pull_request: | |
workflow_dispatch: | |
env: | |
#oas_file: oas/openapi-transformed.json | |
results_file: ReadyAPI-Tests/report.xml | |
jobs: | |
lint-api: | |
name: linting-api | |
runs-on: ubuntu-latest | |
steps: | |
# Check out the repository | |
- uses: actions/checkout@v2 | |
- uses: actions/setup-node@v3 | |
- run: | | |
npm install --save -D @stoplight/spectral-owasp-ruleset | |
npm install --save -D @stoplight/spectral-cli | |
# Run Spectral | |
- uses: stoplightio/spectral-action@latest | |
with: | |
file_glob: 'apis/ecommerce.yaml' | |
spectral_ruleset: '.spectral.yaml' | |
validation-implementation: | |
needs: lint-api | |
runs-on: ubuntu-latest | |
steps: | |
- name: 'Checkout code' | |
uses: actions/checkout@main | |
- name: Setup the stack | |
run: docker-compose up -d | |
- name: Get Container Name | |
id: get-container | |
run: | | |
docker ps -a | |
CONTAINER_ID=$(docker ps -aqf "name=webinar-security-by-design_web_1") | |
echo "::set-output name=container_id::$CONTAINER_ID" | |
- name: Migrate DB and Seed within ${{ steps.get-container.outputs.container_id }} | |
run: | | |
docker exec -t ${{ steps.get-container.outputs.container_id }} alembic upgrade heads | |
docker exec ${{ steps.get-container.outputs.container_id }} python src/fixtures.py | |
- uses: schemathesis/action@v1 | |
with: | |
schema: './apis/crapi.yaml' | |
base-url: 'http://0.0.0.0:8000' | |
args: '--dry-run --validate-schema true' | |
functional-test-api: | |
needs: [lint-api, validation-implementation] | |
runs-on: ubuntu-latest | |
steps: | |
- name: 'Checkout code' | |
uses: actions/checkout@main | |
- name: Setup the stack | |
run: docker-compose up -d | |
- name: Get Container Name | |
id: get-container | |
run: | | |
docker ps -a | |
CONTAINER_ID=$(docker ps -aqf "name=webinar-security-by-design_web_1") | |
echo "::set-output name=container_id::$CONTAINER_ID" | |
- name: Migrate DB and Seed within ${{ steps.get-container.outputs.container_id }} | |
run: | | |
docker exec -t ${{ steps.get-container.outputs.container_id }} alembic upgrade heads | |
docker exec ${{ steps.get-container.outputs.container_id }} python src/fixtures.py | |
- name: Test local | |
run: chmod ugo+rwx ReadyAPI-Tests && ./launchReadyAPITestRunner.sh | |
env: | |
PROJECT_FOLDER: ReadyAPI-Tests | |
PROJECT_FILE: 'secure-by-design-readyapi-project.xml' | |
SLM_API_KEY: ${{ secrets.SLM_API_KEY }} | |
ENDPOINT: http://0.0.0.0:8000 | |
security-test-api: | |
needs: [lint-api, validation-implementation, functional-test-api] | |
runs-on: ubuntu-latest | |
steps: | |
- name: 'Checkout code' | |
uses: actions/checkout@main | |
- name: Setup the stack | |
run: docker-compose up -d | |
- name: Get Container Name | |
id: get-container | |
run: | | |
CONTAINER_ID=$(docker ps -aqf "name=webinar-security-by-design_web_1") | |
echo "::set-output name=container_id::$CONTAINER_ID" | |
- name: Migrate DB and Seed within ${{ steps.get-container.outputs.container_id }} | |
run: | | |
docker exec -t ${{ steps.get-container.outputs.container_id }} alembic upgrade heads | |
docker exec ${{ steps.get-container.outputs.container_id }} python src/fixtures.py | |
- name: Test local | |
run: chmod ugo+rwx ReadyAPI-Tests && ./launchReadyAPISecurityRunner.sh | |
env: | |
PROJECT_FOLDER: ReadyAPI-Tests | |
PROJECT_FILE: 'secure-by-design-readyapi-project.xml' | |
SLM_API_KEY: ${{ secrets.SLM_API_KEY }} | |
ENDPOINT: http://0.0.0.0:8000 |