From 13cd14738b54748b750b1644f2257bbd105b8609 Mon Sep 17 00:00:00 2001
From: Fadi Abbud <39081670+Fadiabb@users.noreply.github.com>
Date: Thu, 28 Apr 2022 15:06:45 +0200
Subject: [PATCH] Add github action for integration test

* Add sudo to some commands for the github action.
* Change paths to also work within a github action.
---
 .github/workflows/itest.yml              | 20 ++++++++++++++++++++
 docs/scripts/TLSClientConfigsForITest.sh |  4 ++--
 docs/scripts/TLSConfigsForITest.sh       | 12 ++++++------
 docs/scripts/setupProviderForITest.sh    | 24 ++++++++++++------------
 4 files changed, 40 insertions(+), 20 deletions(-)

diff --git a/.github/workflows/itest.yml b/.github/workflows/itest.yml
index a409583..d638023 100644
--- a/.github/workflows/itest.yml
+++ b/.github/workflows/itest.yml
@@ -1,3 +1,23 @@
 name: Integration tests
 on: workflow_dispatch
 
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+
+      - name: Set up Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.17
+
+      - name: Execute the scripts
+        run: |
+          sudo apt install -y make nginx fcgiwrap gnutls-bin
+          cd ~
+          git clone https://github.com/csaf-poc/csaf_distribution.git
+          cd csaf_distribution/docs/scripts/
+          env FOLDERNAME=devca1 ORGANAME="CSAF Tools Development (internal)" ./TLSConfigsForITest.sh
+          env FOLDERNAME=devca1 ORGANAME="CSAF Tools Development (internal)" ./TLSClientConfigsForITest.sh
+          ./setupProviderForITest.sh
+        shell: bash
diff --git a/docs/scripts/TLSClientConfigsForITest.sh b/docs/scripts/TLSClientConfigsForITest.sh
index 791af5d..b070628 100755
--- a/docs/scripts/TLSClientConfigsForITest.sh
+++ b/docs/scripts/TLSClientConfigsForITest.sh
@@ -40,6 +40,6 @@ echo '
        }
 '> clientCertificateConfigs.txt
 
-sed -i "/^server {/r  ${HOME}/${FOLDERNAME}/clientCertificateConfigs.txt" $NGINX_CONFIG_PATH
+sudo sed -i "/^server {/r  ${HOME}/${FOLDERNAME}/clientCertificateConfigs.txt" $NGINX_CONFIG_PATH
 
-systemctl reload nginx
+sudo systemctl reload nginx
diff --git a/docs/scripts/TLSConfigsForITest.sh b/docs/scripts/TLSConfigsForITest.sh
index 2d0a946..7bd8862 100755
--- a/docs/scripts/TLSConfigsForITest.sh
+++ b/docs/scripts/TLSConfigsForITest.sh
@@ -44,9 +44,9 @@ echo '
         listen [::]:8443 ssl http2 default_server;  # ipv6
 ' > TLS8443Configs.txt
 
-cp $NGINX_CONFIG_PATH $NGINX_CONFIG_PATH.org
-sed -i "/^server {/r ${HOME}/${FOLDERNAME}/TLSConfigs.txt" $NGINX_CONFIG_PATH
-sed -i "/^server {/r ${HOME}/${FOLDERNAME}/TLS8443Configs.txt" $NGINX_CONFIG_PATH
-sed -i "/^\s*listen.*80/d" $NGINX_CONFIG_PATH # Remove configs for listinig on port 80
-systemctl reload nginx
-
+sudo cp $NGINX_CONFIG_PATH $NGINX_CONFIG_PATH.org
+sudo sed -i "/^server {/r ${HOME}/${FOLDERNAME}/TLSConfigs.txt" $NGINX_CONFIG_PATH
+sudo sed -i "/^server {/r ${HOME}/${FOLDERNAME}/TLS8443Configs.txt" $NGINX_CONFIG_PATH
+sudo sed -i "/^\s*listen.*80/d" $NGINX_CONFIG_PATH # Remove configs for listinig on port 80
+sudo systemctl start nginx
+sudo systemctl reload nginx
diff --git a/docs/scripts/setupProviderForITest.sh b/docs/scripts/setupProviderForITest.sh
index 7002770..15fbab6 100755
--- a/docs/scripts/setupProviderForITest.sh
+++ b/docs/scripts/setupProviderForITest.sh
@@ -13,12 +13,12 @@
 
 set -e
 
-chgrp -R www-data  /var/www
-chmod -R g+w  /var/www
+sudo chgrp -R www-data  /var/www
+sudo chmod -R g+w  /var/www
 
 NGINX_CONFIG_PATH=/etc/nginx/sites-available/default
 
-cp /usr/share/doc/fcgiwrap/examples/nginx.conf /etc/nginx/fcgiwrap.conf
+sudo cp /usr/share/doc/fcgiwrap/examples/nginx.conf /etc/nginx/fcgiwrap.conf
 
 echo '
 # Include this file on your nginx.conf to support debian cgi-bin scripts using
@@ -50,9 +50,9 @@ location /cgi-bin/ {
   fastcgi_param SSL_CLIENT_S_DN $ssl_client_s_dn;
   fastcgi_param SSL_CLIENT_I_DN $ssl_client_i_dn;
 }
-' > /etc/nginx/fcgiwrap.conf
+' | sudo tee /etc/nginx/fcgiwrap.conf
 
-sed -i "/^server {/a        include fcgiwrap.conf;" $NGINX_CONFIG_PATH
+sudo sed -i "/^server {/a        include fcgiwrap.conf;" $NGINX_CONFIG_PATH
 
 echo "
         # For atomic directory switches
@@ -61,9 +61,9 @@ echo "
         # directory listings
         autoindex on;
 " > locationConfig.txt
-sed -i "/^\s*location \/ {/r locationConfig.txt" $NGINX_CONFIG_PATH # Insert config inside location{}
+sudo sed -i "/^\s*location \/ {/r locationConfig.txt" $NGINX_CONFIG_PATH # Insert config inside location{}
 
-systemctl reload nginx
+sudo systemctl reload nginx
 
 # assuming that we are in a checked out version in the docs/scripts directory
 # and we want to build the version that is currently checked out
@@ -72,11 +72,11 @@ pushd ../..
 export PATH=$PATH:/usr/local/go/bin
 make build_linux
 # Place the binary under the corresponding path.
-mkdir -p /usr/lib/cgi-bin/
-cp bin-linux-amd64/csaf_provider /usr/lib/cgi-bin/csaf_provider.go
+sudo mkdir -p /usr/lib/cgi-bin/
+sudo cp bin-linux-amd64/csaf_provider /usr/lib/cgi-bin/csaf_provider.go
 
-mkdir -p /usr/lib/csaf/
-cp docs/test-keys/*.asc /usr/lib/csaf/
+sudo mkdir -p /usr/lib/csaf/
+sudo cp docs/test-keys/*.asc /usr/lib/csaf/
 # Configuration file
 echo '
 # upload_signature = true
@@ -85,7 +85,7 @@ key = "/usr/lib/csaf/private.asc"
 #tlps = ["green", "red"]
 canonical_url_prefix = "https://localhost:8443"
 #no_passphrase = true
-' > /usr/lib/csaf/config.toml
+' | sudo tee /usr/lib/csaf/config.toml
 
 # Create the Folders
 curl https://localhost:8443/cgi-bin/csaf_provider.go/create --cert-type p12 --cert ~/devca1/testclient1.p12 --insecure