Skip to content

test

test #633

Workflow file for this run

---
name: test
# Run for all pushes to main and pull requests when Go or YAML files change
on:
push:
branches:
- main
pull_request:
jobs:
test:
name: test
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: '1.19'
- name: Run golangci-lint
run: make lint
- name: Run go tests and generate coverage report
run: make coverage
- name: Upload coverage report
uses: codecov/codecov-action@v3
with:
token: ${{ secrets.CODECOV_TOKEN }}
file: ./coverage.out
flags: unittests
name: codecov-umbrella
build-image:
name: build-image
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Build
uses: docker/build-push-action@v5
with:
context: .
file: ./images/audittail/Dockerfile
push: false
tags: ghcr.io/metal-toolbox/audittail:latest
- name: Scan image
id: scan
uses: anchore/scan-action@v3
with:
image: ghcr.io/metal-toolbox/audittail:latest
acs-report-enable: true
- name: upload Anchore scan SARIF report
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: ${{ steps.scan.outputs.sarif }}
- name: Inspect action SARIF report
run: cat ${{ steps.scan.outputs.sarif }}
kube-test:
strategy:
matrix:
scenario: [nonroot, rootuser]
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Create k8s Kind Cluster
uses: helm/kind-action@v1.9.0
with:
cluster_name: kind
- name: Install Helm
uses: azure/setup-helm@v4
with:
version: latest
- name: Build image
run: make image
- name: Load audittail image into kind cluster
run: kind load docker-image ghcr.io/metal-toolbox/audittail:latest
- name: Create Namespace
run: kubectl create namespace ${{ matrix.scenario }}
- name: Deploy test scenario
run: cd tests && helm dependency update ./kube_scenario/ && helm template kubescenario -s templates/${{ matrix.scenario }}.yml ./kube_scenario/ | kubectl apply -f - -n ${{ matrix.scenario }}
- name: Wait for readiness
run: kubectl wait --for=condition=ready --timeout=60s -n ${{ matrix.scenario }} pod myapp
- name: Get pod information
run: kubectl describe -n ${{ matrix.scenario }} pod myapp
- name: Get logs
id: logs
run: |
kubectl logs -n ${{ matrix.scenario }} myapp -c audit-logger
echo "::set-output name=auditlog::$(kubectl logs -n ${{ matrix.scenario }} myapp -c audit-logger)"
- name: Inspect logs
run: echo ${{ steps.logs.outputs.auditlog }}
- name: Check logs
run: |
echo ${{ steps.logs.outputs.auditlog }} | grep "This is an audit log"
echo ${{ steps.logs.outputs.auditlog }} | grep "This is an audit log" | wc -l | grep 1