Skip to content

Fix: Relocate GitHub Summary Vulnerability Report (#321) #912

Fix: Relocate GitHub Summary Vulnerability Report (#321)

Fix: Relocate GitHub Summary Vulnerability Report (#321) #912

name: _Test OCI Factory | mock-rock
on:
workflow_dispatch:
push:
paths:
- ".github/workflows/*"
- ".github/actions/**"
- "!.github/workflows/CLA-Check.yaml"
- "!.github/workflows/PR-Validator.yaml"
- "!.github/workflows/_Auto-updates.yaml"
- "!.github/workflows/Continuous-Testing.yaml"
- "!.github/workflows/CLI-Client.yaml"
- "examples/**"
- "oci/mock*"
- "src/**"
- "tools/**"
- "tests/**"
- "!tools/workflow-engine/**"
- "!tools/cli-client/**"
env:
# local path to clone the oci-factory to
# path of pytest junit output
PYTEST_RESULT_PATH: pytest_results.xml
jobs:
access-check:
name: Validate access to mock-rock
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/validate-actor
with:
admin-only: true
image-path: "oci/mock-rock"
github-token: ${{ secrets.ROCKSBOT_TOKEN }}
pytest:
# Trigger python unit tests across the repository
name: pytest
runs-on: ubuntu-22.04
steps:
# Job Setup
- uses: actions/checkout@v4
with:
fetch-depth: 1
- uses: actions/setup-python@v5
with:
python-version: "3.x"
# Note: Add additional dependency installation lines as required below
# test-oci-factory/pytest requirements
- run: pip install -r tests/etc/requirements.txt
# build_rock/configure requirements
- run: pip install -r src/build_rock/configure/requirements.txt
- name: Run pytest
continue-on-error: true
run: |
python3 -m pytest --junit-xml "${{ env.PYTEST_RESULT_PATH }}"
- name: Generate Summary
if: ${{ !cancelled() }}
run: |
python3 -m tools.junit_to_markdown --input-junit "${{ env.PYTEST_RESULT_PATH }}" >> $GITHUB_STEP_SUMMARY
- name: Upload pytest Result
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v4
with:
name: ${{ env.PYTEST_RESULT_PATH }}
path: ${{ env.PYTEST_RESULT_PATH }}
if-no-files-found: error
bats-test:
# Trigger bash unit tests across the repository
name: bats
runs-on: ubuntu-22.04
steps:
# Job Setup
- uses: actions/checkout@v4
with:
fetch-depth: 1
- name: Install bats
run: |
sudo apt-get update
sudo apt-get install -y bats
- name: Run bats
env:
GITHUB_TOKEN: ${{ secrets.ROCKSBOT_TOKEN }}
run: |
find ${{ github.workspace }} -name 'test-*.bats' | xargs bats
# # Test use case of reuseable workflow
# build-rock:
# uses: ./.github/workflows/Build-Rock.yaml
# with:
# # mock rock
# oci-archive-name: "mock-rock"
# rock-repo: canonical/rocks-toolbox
# rock-repo-commit: main
# rockfile-directory: mock_rock/1.2 # 1.0 - multi arch, 1.2 single arch rock
# test-rock:
# uses: ./.github/workflows/Test-Rock.yaml
# needs: [build-rock]
# with:
# oci-archive-name: "mock-rock"
# test-black-box: true
# test-efficiency: true
# test-malware: true
# test-oci-compliance: true
# test-vulnerabilities: true
# # Test workflow used in continuous testing
# test-vulnerability-scan:
# name: Test vulnerability scan workflow
# needs: [access-check]
# uses: ./.github/workflows/Vulnerability-Scan.yaml
# with:
# oci-image-name: "ghcr.io/canonical/oci-factory/mock-rock:1.1-22.04_844"
# oci-image-path: "oci/mock-rock"
# secrets: inherit
# Test full image workflow
test-workflows:
name: Trigger internal tests for mock-rock
needs: [access-check]
uses: ./.github/workflows/Image.yaml
with:
oci-image-name: "mock-rock"
upload: true
secrets: inherit