Skip to content

Commit fa254d3

Browse files
lindycoderlindycoder
committed
BST-18006 Add the gitlab-ci scan tests
1 parent b44440e commit fa254d3

File tree

2 files changed

+40
-2
lines changed

2 files changed

+40
-2
lines changed

.github/workflows/scan-test.yml

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,38 @@
1+
name: Smoke Tests
2+
3+
on:
4+
pull_request:
5+
types: [opened, synchronize, reopened]
6+
paths: ['scanners/**']
7+
8+
jobs:
9+
gitlab-ci:
10+
name: Gitlab-CI
11+
runs-on: ubuntu-latest
12+
steps:
13+
- name: Generate GitLab OAuth Token
14+
id: gitlab-token
15+
run: |
16+
response=$(curl -s -X POST "https://gitlab.com/oauth/token" \
17+
-d "grant_type=client_credentials" \
18+
-d "client_id=${{ secrets.BOOST_SCAN_RUNNER_GITLAB_CLIENT_ID }}" \
19+
-d "client_secret=${{ secrets.BOOST_SCAN_RUNNER_GITLAB_CLIENT_SECRET }}")
20+
21+
token=$(echo "$response" | jq -r '.access_token')
22+
echo "token=$token" >> $GITHUB_OUTPUT
23+
echo "::add-mask::$token"
24+
- name: Checkout scanner registry
25+
uses: actions/checkout@v4
26+
with:
27+
fetch-depth: 0 # Need full history to detect changes
28+
- name: Run Tests
29+
uses: boostsecurityio/scan-test-action@03526a5475206e034c62f3e2b8abafb9e8e15e85
30+
with:
31+
provider: gitlab-ci
32+
provider-config: |
33+
{
34+
"token": "${{ steps.github-token.outputs.token }}",
35+
"project_id": "boostsecurityio/martin/boostsec-registry-test-runner",
36+
}
37+
registry-repo: "${{ github.repository_owner }}/${{ github.event.repository.name }}"
38+
base-ref: "${{ github.head_ref }}"

docs/setup-gitlab.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -52,8 +52,8 @@ Navigate to the scanner registry repository (GitHub):
5252
run: |
5353
response=$(curl -s -X POST "https://gitlab.com/oauth/token" \
5454
-d "grant_type=client_credentials" \
55-
-d "client_id=${{ secrets.GITLAB_CLIENT_ID }}" \
56-
-d "client_secret=${{ secrets.GITLAB_CLIENT_SECRET }}")
55+
-d "client_id=${{ secrets.BOOST_SCAN_RUNNER_GITLAB_CLIENT_ID }}" \
56+
-d "client_secret=${{ secrets.BOOST_SCAN_RUNNER_GITLAB_CLIENT_SECRET }}")
5757
5858
token=$(echo "$response" | jq -r '.access_token')
5959
echo "token=$token" >> $GITHUB_OUTPUT

0 commit comments

Comments
 (0)