feat(*): Add AppSec support (#14) #37
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Unit & integration tests | |
on: | |
push: | |
branches: | |
- main | |
paths-ignore: | |
- '**.md' | |
workflow_dispatch: | |
inputs: | |
unit_tests: | |
type: boolean | |
description: Run Unit tests | |
default: true | |
integration_tests: | |
type: boolean | |
description: Run Integration tests | |
default: true | |
schedule: | |
- cron: '15 3 * * 4' | |
permissions: | |
contents: read | |
env: | |
# Allow ddev get to use a GitHub token to prevent rate limiting by tests | |
DDEV_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
jobs: | |
test-suite: | |
strategy: | |
fail-fast: false | |
matrix: | |
php-version: ['7.2','7.3','7.4','8.0','8.1', '8.2', '8.3'] | |
name: Unit and integration test | |
runs-on: ubuntu-latest | |
if: ${{ !contains(github.event.head_commit.message, 'chore(') }} | |
env: | |
EXTENSION_PATH: "my-code/lapi-client" | |
steps: | |
- name: Install DDEV | |
run: | | |
# @see https://ddev.readthedocs.io/en/stable/#installationupgrade-script-linux-and-macos-armarm64-and-amd64-architectures | |
curl -fsSL https://apt.fury.io/drud/gpg.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/ddev.gpg > /dev/null | |
echo "deb [signed-by=/etc/apt/trusted.gpg.d/ddev.gpg] https://apt.fury.io/drud/ * *" | sudo tee /etc/apt/sources.list.d/ddev.list | |
sudo apt-get -q update | |
sudo apt-get -q -y install libnss3-tools ddev | |
mkcert -install | |
ddev config global --instrumentation-opt-in=false --omit-containers=ddev-ssh-agent | |
- name: Create empty PHP DDEV project | |
run: ddev config --project-type=php --project-name=crowdsec-lapi-client --php-version=${{ matrix.php-version }} | |
- name: Add-ons install | |
run: | | |
ddev get julienloizelet/ddev-tools | |
ddev get julienloizelet/ddev-crowdsec-php | |
- name: Prepare for TLS tests | |
run: | | |
mkdir ${{ github.workspace }}/cfssl | |
cp -r .ddev/okaeli-add-on/custom_files/crowdsec/cfssl/* ${{ github.workspace }}/cfssl | |
- name: Start DDEV | |
uses: nick-fields/retry@v3 | |
with: | |
timeout_minutes: 5 | |
max_attempts: 3 | |
shell: bash | |
command: ddev start | |
- name: Some DEBUG information | |
run: | | |
ddev --version | |
ddev exec php -v | |
ddev exec -s crowdsec crowdsec -version | |
- name: Set BOUNCER_KEY env | |
run: | | |
echo "BOUNCER_KEY=$(ddev create-bouncer)" >> $GITHUB_ENV | |
- name: Clone sources | |
uses: actions/checkout@v4 | |
with: | |
path: ${{env.EXTENSION_PATH}} | |
- name: Validate composer.json | |
run: | | |
ddev composer validate --strict --working-dir ./${{env.EXTENSION_PATH}} | |
- name: Install dependencies | |
run: | | |
ddev composer update --working-dir ./${{env.EXTENSION_PATH}} | |
- name: Run Unit tests | |
if: | | |
github.event.inputs.unit_tests == 'true' || | |
github.event_name == 'push' | |
run: ddev php ./${{env.EXTENSION_PATH}}/vendor/bin/phpunit --debug ./${{env.EXTENSION_PATH}}/tests/Unit --testdox | |
- name: Run Integration tests (without TLS) | |
if: | | |
github.event.inputs.integration_tests == 'true' || | |
github.event_name == 'push' | |
run: ddev exec BOUNCER_KEY=${{ env.BOUNCER_KEY }} AGENT_TLS_PATH=/var/www/html/cfssl APPSEC_URL=http://crowdsec:7422 LAPI_URL=https://crowdsec:8080 /usr/bin/php ./${{env.EXTENSION_PATH}}/vendor/bin/phpunit --testdox --colors --exclude-group timeout ./${{env.EXTENSION_PATH}}/tests/Integration | |
- name: Run Integration tests (with TLS) | |
if: | | |
github.event.inputs.integration_tests == 'true' || | |
github.event_name == 'push' | |
run: ddev exec AGENT_TLS_PATH=/var/www/html/cfssl BOUNCER_TLS_PATH=/var/www/html/cfssl APPSEC_URL=http://crowdsec:7422 LAPI_URL=https://crowdsec:8080 /usr/bin/php ./${{env.EXTENSION_PATH}}/vendor/bin/phpunit --testdox --colors --exclude-group timeout ./${{env.EXTENSION_PATH}}/tests/Integration | |
- name: Run Integration tests with timeout | |
if: | | |
github.event.inputs.integration_tests == 'true' || | |
github.event_name == 'push' | |
run: | | |
ddev exec -s crowdsec apk add iproute2 | |
ddev exec -s crowdsec tc qdisc add dev eth0 root netem delay 500ms | |
ddev exec BOUNCER_KEY=${{ env.BOUNCER_KEY }} AGENT_TLS_PATH=/var/www/html/cfssl APPSEC_URL=http://crowdsec:7422 LAPI_URL=https://crowdsec:8080 /usr/bin/php ./${{env.EXTENSION_PATH}}/vendor/bin/phpunit --testdox --colors --group timeout ./${{env.EXTENSION_PATH}}/tests/Integration |