SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions

Add github action for integration test

Browse source 
* Add sudo to some commands for the github action.
* Change paths to also work within a github action.
This commit is contained in:
Fadi Abbud 2022-04-28 15:06:45 +02:00 committed by GitHub
parent dad549c392
commit 13cd14738b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 40 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

20
.github/workflows/itest.yml vendored
View file

@ -1,3 +1,23 @@
name: Integration tests name: Integration tests
on: workflow_dispatch on: workflow_dispatch
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: 1.17
- name: Execute the scripts
run: |
sudo apt install -y make nginx fcgiwrap gnutls-bin
cd ~
git clone https://github.com/csaf-poc/csaf_distribution.git
cd csaf_distribution/docs/scripts/
env FOLDERNAME=devca1 ORGANAME="CSAF Tools Development (internal)" ./TLSConfigsForITest.sh
env FOLDERNAME=devca1 ORGANAME="CSAF Tools Development (internal)" ./TLSClientConfigsForITest.sh
./setupProviderForITest.sh
shell: bash

4
docs/scripts/TLSClientConfigsForITest.sh
View file

@ -40,6 +40,6 @@ echo '
} }
'> clientCertificateConfigs.txt '> clientCertificateConfigs.txt
sed -i "/^server {/r ${HOME}/${FOLDERNAME}/clientCertificateConfigs.txt" $NGINX_CONFIG_PATH sudo sed -i "/^server {/r ${HOME}/${FOLDERNAME}/clientCertificateConfigs.txt" $NGINX_CONFIG_PATH
systemctl reload nginx sudo systemctl reload nginx

12
docs/scripts/TLSConfigsForITest.sh
View file

@ -44,9 +44,9 @@ echo '
listen [::]:8443 ssl http2 default_server; # ipv6 listen [::]:8443 ssl http2 default_server; # ipv6
' > TLS8443Configs.txt ' > TLS8443Configs.txt
cp $NGINX_CONFIG_PATH $NGINX_CONFIG_PATH.org sudo cp $NGINX_CONFIG_PATH $NGINX_CONFIG_PATH.org
sed -i "/^server {/r ${HOME}/${FOLDERNAME}/TLSConfigs.txt" $NGINX_CONFIG_PATH sudo sed -i "/^server {/r ${HOME}/${FOLDERNAME}/TLSConfigs.txt" $NGINX_CONFIG_PATH
sed -i "/^server {/r ${HOME}/${FOLDERNAME}/TLS8443Configs.txt" $NGINX_CONFIG_PATH sudo sed -i "/^server {/r ${HOME}/${FOLDERNAME}/TLS8443Configs.txt" $NGINX_CONFIG_PATH
sed -i "/^\s*listen.*80/d" $NGINX_CONFIG_PATH # Remove configs for listinig on port 80 sudo sed -i "/^\s*listen.*80/d" $NGINX_CONFIG_PATH # Remove configs for listinig on port 80
systemctl reload nginx sudo systemctl start nginx
sudo systemctl reload nginx

24
docs/scripts/setupProviderForITest.sh
View file

@ -13,12 +13,12 @@
set -e set -e
chgrp -R www-data /var/www sudo chgrp -R www-data /var/www
chmod -R g+w /var/www sudo chmod -R g+w /var/www
NGINX_CONFIG_PATH=/etc/nginx/sites-available/default NGINX_CONFIG_PATH=/etc/nginx/sites-available/default
cp /usr/share/doc/fcgiwrap/examples/nginx.conf /etc/nginx/fcgiwrap.conf sudo cp /usr/share/doc/fcgiwrap/examples/nginx.conf /etc/nginx/fcgiwrap.conf
echo ' echo '
# Include this file on your nginx.conf to support debian cgi-bin scripts using # Include this file on your nginx.conf to support debian cgi-bin scripts using
@ -50,9 +50,9 @@ location /cgi-bin/ {
fastcgi_param SSL_CLIENT_S_DN $ssl_client_s_dn; fastcgi_param SSL_CLIENT_S_DN $ssl_client_s_dn;
fastcgi_param SSL_CLIENT_I_DN $ssl_client_i_dn; fastcgi_param SSL_CLIENT_I_DN $ssl_client_i_dn;
} }
' > /etc/nginx/fcgiwrap.conf ' | sudo tee /etc/nginx/fcgiwrap.conf
sed -i "/^server {/a include fcgiwrap.conf;" $NGINX_CONFIG_PATH sudo sed -i "/^server {/a include fcgiwrap.conf;" $NGINX_CONFIG_PATH
echo " echo "
# For atomic directory switches # For atomic directory switches
@ -61,9 +61,9 @@ echo "
# directory listings # directory listings
autoindex on; autoindex on;
" > locationConfig.txt " > locationConfig.txt
sed -i "/^\s*location \/ {/r locationConfig.txt" $NGINX_CONFIG_PATH # Insert config inside location{} sudo sed -i "/^\s*location \/ {/r locationConfig.txt" $NGINX_CONFIG_PATH # Insert config inside location{}
systemctl reload nginx sudo systemctl reload nginx
# assuming that we are in a checked out version in the docs/scripts directory # assuming that we are in a checked out version in the docs/scripts directory
# and we want to build the version that is currently checked out # and we want to build the version that is currently checked out
@ -72,11 +72,11 @@ pushd ../..
export PATH=$PATH:/usr/local/go/bin export PATH=$PATH:/usr/local/go/bin
make build_linux make build_linux
# Place the binary under the corresponding path. # Place the binary under the corresponding path.
mkdir -p /usr/lib/cgi-bin/ sudo mkdir -p /usr/lib/cgi-bin/
cp bin-linux-amd64/csaf_provider /usr/lib/cgi-bin/csaf_provider.go sudo cp bin-linux-amd64/csaf_provider /usr/lib/cgi-bin/csaf_provider.go
mkdir -p /usr/lib/csaf/ sudo mkdir -p /usr/lib/csaf/
cp docs/test-keys/*.asc /usr/lib/csaf/ sudo cp docs/test-keys/*.asc /usr/lib/csaf/
# Configuration file # Configuration file
echo ' echo '
# upload_signature = true # upload_signature = true
@ -85,7 +85,7 @@ key = "/usr/lib/csaf/private.asc"
#tlps = ["green", "red"] #tlps = ["green", "red"]
canonical_url_prefix = "https://localhost:8443" canonical_url_prefix = "https://localhost:8443"
#no_passphrase = true #no_passphrase = true
' > /usr/lib/csaf/config.toml ' | sudo tee /usr/lib/csaf/config.toml
# Create the Folders # Create the Folders
curl https://localhost:8443/cgi-bin/csaf_provider.go/create --cert-type p12 --cert ~/devca1/testclient1.p12 --insecure curl https://localhost:8443/cgi-bin/csaf_provider.go/create --cert-type p12 --cert ~/devca1/testclient1.p12 --insecure