-
Notifications
You must be signed in to change notification settings - Fork 1
293 lines (248 loc) · 10.7 KB
/
test-update-rule-metadata.yml
File metadata and controls
293 lines (248 loc) · 10.7 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
name: Test Update Rule Metadata Action
on:
workflow_call:
pull_request:
paths:
- 'update-rule-metadata/**'
- '.github/workflows/test-update-rule-metadata.yml'
push:
branches:
- branch-*
paths:
- 'update-rule-metadata/**'
- '.github/workflows/test-update-rule-metadata.yml'
workflow_dispatch:
jobs:
input-parameter-tests:
name: Test Input Parameters
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Test Default Inputs
id: test-default
uses: ./update-rule-metadata
continue-on-error: true
- name: Test Custom Rule API Version
id: test-rule-api-version
uses: ./update-rule-metadata
with:
rule-api-version: '2.16.0.5000'
continue-on-error: true
- name: Test Custom Sonarpedia Files
id: test-sonarpedia-files
uses: ./update-rule-metadata
with:
sonarpedia-files: 'test/sonarpedia.json,another/sonarpedia.json'
continue-on-error: true
- name: Test Custom Branch (master)
id: test-branch-master
uses: ./update-rule-metadata
with:
branch: 'master'
continue-on-error: true
- name: Test Custom Branch (current)
id: test-branch-current
uses: ./update-rule-metadata
with:
branch: ${{ github.ref_name }}
continue-on-error: true
- name: Test All Optional Parameters
id: test-all-params
uses: ./update-rule-metadata
with:
rule-api-version: '2.16.0.5000'
sonarpedia-files: 'test/sonarpedia.json'
branch: ${{ github.ref_name }}
continue-on-error: true
- name: Verify Parameter Tests
run: |
echo "Input parameter test results:"
echo "Default inputs test outcome: ${{ steps.test-default.outcome }}"
echo "Custom rule-api-version test outcome: ${{ steps.test-rule-api-version.outcome }}"
echo "Custom sonarpedia-files test outcome: ${{ steps.test-sonarpedia-files.outcome }}"
echo "Custom branch (master) test outcome: ${{ steps.test-branch-master.outcome }}"
echo "Custom branch (current) test outcome: ${{ steps.test-branch-current.outcome }}"
echo "All parameters test outcome: ${{ steps.test-all-params.outcome }}"
# All tests are expected to fail due to missing vault access
# We're testing that the parameters are accepted and don't cause syntax errors
echo "✓ All parameter tests completed without syntax errors"
echo "✓ Action accepts all valid input parameter combinations"
branch-parameter-tests:
name: Test Branch Parameter Structure
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Test Branch Parameter Structure
run: |
echo "Testing branch parameter structure..."
# Test that the action file has the branch input defined
if grep -q "branch:" update-rule-metadata/action.yml; then
echo "✓ branch input found in action.yml"
else
echo "✗ branch input not found in action.yml"
exit 1
fi
# Test that the branch input has a default value
if grep -A3 "branch:" update-rule-metadata/action.yml | grep -q "default.*master"; then
echo "✓ branch input has default value of master"
else
echo "✗ branch input does not have default value of master"
exit 1
fi
# Test that checkout uses the branch input
if grep -A2 "actions/checkout@v4" update-rule-metadata/action.yml | grep -q "ref.*inputs.branch"; then
echo "✓ checkout step uses branch input"
else
echo "✗ checkout step does not use branch input"
exit 1
fi
# Test that PR creation uses the branch input for base
if grep -A20 "create-pull-request" update-rule-metadata/action.yml | grep -q "base.*inputs.branch"; then
echo "✓ PR creation uses branch input for base"
else
echo "✗ PR creation does not use branch input for base"
exit 1
fi
echo "✓ Branch parameter structure test completed successfully!"
output-validation:
name: Test Output Schema
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Verify Output Schema
run: |
echo "Validating action outputs are defined correctly..."
# Check for has-changes output
if grep -q "has-changes:" update-rule-metadata/action.yml; then
echo "✓ has-changes output defined"
else
echo "✗ has-changes output not defined"
exit 1
fi
# Check for pull-request-url output
if grep -q "pull-request-url:" update-rule-metadata/action.yml; then
echo "✓ pull-request-url output defined"
else
echo "✗ pull-request-url output not defined"
exit 1
fi
# Check for summary output
if grep -q "summary:" update-rule-metadata/action.yml; then
echo "✓ summary output defined"
else
echo "✗ summary output not defined"
exit 1
fi
echo "✓ All expected outputs are defined"
echo "✓ Output schema validation complete"
vault-and-env-tests:
name: Test Vault Secrets and Environment Variables
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Verify GitHub token vault secret is configured
run: |
echo "Testing that vault secrets include GitHub token..."
# Test that the vault step retrieves a GitHub token for private rspec repo access
TOKEN='${'
TOKEN+="{ inputs.rspec-token-suffix || 'rspec-read' }"
TOKEN+='}'
if grep -A10 "Get vault secrets" update-rule-metadata/action.yml | grep -q "development/github/token/{REPO_OWNER_NAME_DASH}-${TOKEN}"; then
echo "✓ GitHub token vault secret path found"
else
echo "✗ GitHub token vault secret path not found in vault step"
exit 1
fi
# Test that the GitHub token is mapped to GITHUB_TOKEN
if grep -A10 "Get vault secrets" update-rule-metadata/action.yml | grep -q "GITHUB_TOKEN"; then
echo "✓ GITHUB_TOKEN mapping found in vault secrets"
else
echo "✗ GITHUB_TOKEN mapping not found in vault secrets"
exit 1
fi
- name: Verify GITHUB_TOKEN is passed to rule-api execution step
run: |
echo "Testing that rule-api step has GITHUB_TOKEN in env..."
# Extract the rule-api step block (from "Run rule-api" to the next step marker)
STEP_BLOCK=$(sed -n '/name: Run rule-api to update metadata/,/^ - name: Remove rule-api/p' update-rule-metadata/action.yml)
if echo "$STEP_BLOCK" | grep -q "GITHUB_TOKEN"; then
echo "✓ GITHUB_TOKEN found in rule-api execution step"
else
echo "✗ GITHUB_TOKEN not found in rule-api execution step"
exit 1
fi
# Verify it references the vault output
if echo "$STEP_BLOCK" | grep -q "fromJSON(steps.secrets.outputs.vault).GITHUB_TOKEN"; then
echo "✓ GITHUB_TOKEN references vault output correctly"
else
echo "✗ GITHUB_TOKEN does not reference vault output"
exit 1
fi
integration-tests:
name: Integration Tests
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Test Action Execution
id: test-execution
uses: ./update-rule-metadata
with:
branch: ${{ github.ref_name }}
continue-on-error: true
- name: Check Outputs Available
if: steps.test-execution.outcome == 'success'
run: |
echo "Testing outputs from successful execution..."
echo "has-changes: ${{ steps.test-execution.outputs.has-changes }}"
echo "summary: ${{ steps.test-execution.outputs.summary }}"
if [ "${{ steps.test-execution.outputs.has-changes }}" = "true" ]; then
echo "pull-request-url: ${{ steps.test-execution.outputs.pull-request-url }}"
fi
- name: Verify Integration Test
run: |
echo "================================"
echo "Integration Test Results:"
echo "================================"
echo "Execution outcome: ${{ steps.test-execution.outcome }}"
if [ "${{ steps.test-execution.outcome }}" = "success" ]; then
echo "✓ Action executed successfully"
echo " - Changes detected: ${{ steps.test-execution.outputs.has-changes }}"
echo " - Summary available: ${{ steps.test-execution.outputs.summary != '' && 'Yes' || 'No' }}"
else
echo "⚠ Action failed (expected if vault credentials unavailable or no sonarpedia files exist)"
echo " This is normal in test environments without proper setup"
fi
echo "================================"
echo "✓ Integration test completed"
validation-summary:
name: Test Summary
runs-on: ubuntu-latest
needs: [input-parameter-tests, branch-parameter-tests, output-validation, integration-tests, vault-and-env-tests]
if: always()
steps:
- name: Summary
run: |
echo "================================"
echo "Test Suite Summary"
echo "================================"
echo "Input Parameter Tests: ${{ needs.input-parameter-tests.result }}"
echo "Branch Parameter Tests: ${{ needs.branch-parameter-tests.result }}"
echo "Output Validation: ${{ needs.output-validation.result }}"
echo "Integration Tests: ${{ needs.integration-tests.result }}"
echo "Vault & Env Variable Tests: ${{ needs.vault-and-env-tests.result }}"
echo "================================"
if [[ "${{ needs.input-parameter-tests.result }}" == "success" && \
"${{ needs.branch-parameter-tests.result }}" == "success" && \
"${{ needs.output-validation.result }}" == "success" && \
"${{ needs.vault-and-env-tests.result }}" == "success" ]]; then
echo "✓ All validation tests passed!"
echo "✓ Action is properly configured and ready to use"
else
echo "✗ Some tests failed - please review the results above"
exit 1
fi