Migrate Python tests to JavaScript (#160)

anchore · Apr 5, 2022 · 8e8448f · 8e8448f
1 parent 1447203
commit 8e8448f
Show file tree

Hide file tree

Showing 17 changed files with 128 additions and 491 deletions.
diff --git a/.github/workflows/demo.yml b/.github/workflows/demo.yml
@@ -6,20 +6,20 @@ jobs:
   test-image:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
-    - uses: ./
-      with:
-        image: "alpine:latest"
-        debug: true
-        fail-build: false
+      - uses: actions/checkout@v2
+      - uses: ./
+        with:
+          image: "alpine:latest"
+          debug: true
+          fail-build: false
 
   test-directory:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
-    - uses: ./
-      with:
-        path: "tests/python"
-        debug: true
-        severity-cutoff: "negligible"
-        fail-build: false
+      - uses: actions/checkout@v2
+      - uses: ./
+        with:
+          path: "tests/fixtures/npm-project"
+          debug: true
+          severity-cutoff: "negligible"
+          fail-build: false
diff --git a/.github/workflows/sarifdemo.yml b/.github/workflows/sarifdemo.yml
@@ -6,21 +6,21 @@ jobs:
   sarif-image:
     runs-on: ubuntu-latest
     steps:
-    - name: Checkout the code
-      uses: actions/checkout@v2
-
-    - name: Run the local Scan Action with SARIF generation enabled
-      id: scan
-      uses: ./
-      with:
-        image: "debian:8"
-        debug: true
-        acs-report-enable: true
-        fail-build: false
-        #severity-cutoff: "Medium"
-
-    - name: Inspect Generated SARIF
-      run: cat ${{ steps.scan.outputs.sarif }}
+      - name: Checkout the code
+        uses: actions/checkout@v2
+
+      - name: Run the local Scan Action with SARIF generation enabled
+        id: scan
+        uses: ./
+        with:
+          image: "debian:8"
+          debug: true
+          acs-report-enable: true
+          fail-build: false
+          #severity-cutoff: "Medium"
+
+      - name: Inspect Generated SARIF
+        run: cat ${{ steps.scan.outputs.sarif }}
 
     # Commented out to prevent incorrect SARIF uploads for this action
     # TODO: add functional tests that validate this
@@ -32,21 +32,21 @@ jobs:
   sarif-directory:
     runs-on: ubuntu-latest
     steps:
-    - name: Checkout the code
-      uses: actions/checkout@v2
-
-    - name: Run the local Scan Action with SARIF generation enabled
-      id: scan
-      uses: ./
-      with:
-        path: "tests/python"
-        debug: true
-        acs-report-enable: true
-        fail-build: false
-        #severity-cutoff: "Medium"
-
-    - name: Inspect Generated SARIF
-      run: cat ${{ steps.scan.outputs.sarif }}
+      - name: Checkout the code
+        uses: actions/checkout@v2
+
+      - name: Run the local Scan Action with SARIF generation enabled
+        id: scan
+        uses: ./
+        with:
+          path: "tests/fixtures/npm-project"
+          debug: true
+          acs-report-enable: true
+          fail-build: false
+          #severity-cutoff: "Medium"
+
+      - name: Inspect Generated SARIF
+        run: cat ${{ steps.scan.outputs.sarif }}
     # Commented out to prevent incorrect SARIF uploads for this action
     # TODO: add functional tests that validate this
     # - name: Upload SARIF

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -12,18 +12,6 @@ jobs:
           - 5000:5000
     steps:
       - uses: actions/checkout@v2
-      - run: echo $(uname -a)
-      - name: Check for npm (so make test works)
-        run: |
-          if ! [ -x "$(command -v npm)" ]; then
-            sudo apt update
-            sudo apt -y upgrade
-            sudo apt update
-            sudo apt -y install curl dirmngr apt-transport-https lsb-release ca-certificates
-            curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -
-            sudo apt -y install nodejs
-            sudo apt -y  install gcc g++ make
-          fi
       - name: Build images
         run: |
           for distro in alpine centos debian; do
@@ -39,13 +27,3 @@ jobs:
       - run: npm ci
       - run: npm audit --production
       - run: npm test
-
-  functional:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - run: make check
-      - uses: actions/upload-artifact@v2
-        with:
-          name: functional-test-output
-          path: tests/functional/output/*
diff --git a/Makefile b/Makefile
diff --git a/dist/index.js b/dist/index.js
@@ -81,10 +81,10 @@ async function run() {
     // Grype accepts several input options, initially this action is supporting both `image` and `path`, so
     // a check must happen to ensure one is selected at least, and then return it
     const source = sourceInput();
-    const debug = core.getInput("debug");
-    const failBuild = core.getInput("fail-build");
-    const acsReportEnable = core.getInput("acs-report-enable");
-    const severityCutoff = core.getInput("severity-cutoff");
+    const debug = core.getInput("debug") || "false";
+    const failBuild = core.getInput("fail-build") || "true";
+    const acsReportEnable = core.getInput("acs-report-enable") || "true";
+    const severityCutoff = core.getInput("severity-cutoff") || "medium";
     const out = await runScan({
       source,
       debug,
@@ -102,10 +102,10 @@ async function run() {
 
 async function runScan({
   source,
-  debug = "false",
-  failBuild = "true",
-  acsReportEnable = "true",
-  severityCutoff = "medium",
+  debug,
+  failBuild,
+  acsReportEnable,
+  severityCutoff,
 }) {
   const out = {};
 

diff --git a/index.js b/index.js
@@ -66,10 +66,10 @@ async function run() {
     // Grype accepts several input options, initially this action is supporting both `image` and `path`, so
     // a check must happen to ensure one is selected at least, and then return it
     const source = sourceInput();
-    const debug = core.getInput("debug");
-    const failBuild = core.getInput("fail-build");
-    const acsReportEnable = core.getInput("acs-report-enable");
-    const severityCutoff = core.getInput("severity-cutoff");
+    const debug = core.getInput("debug") || "false";
+    const failBuild = core.getInput("fail-build") || "true";
+    const acsReportEnable = core.getInput("acs-report-enable") || "true";
+    const severityCutoff = core.getInput("severity-cutoff") || "medium";
     const out = await runScan({
       source,
       debug,
@@ -87,10 +87,10 @@ async function run() {
 
 async function runScan({
   source,
-  debug = "false",
-  failBuild = "true",
-  acsReportEnable = "true",
-  severityCutoff = "medium",
+  debug,
+  failBuild,
+  acsReportEnable,
+  severityCutoff,
 }) {
   const out = {};
 

diff --git a/scripts/local.sh b/scripts/local.sh
diff --git a/tests/README.md b/tests/README.md
@@ -1,27 +1,19 @@
 # Developing tests
 
-Tests are being implemented in javascript (and soon to be Typescript).
-Some tests require a docker registry running locally on port 5000. This is handled
-automatically in the Github action tests,
-but if you want to run the tests yourself you will need to have docker installed
-and run something like:
+Some tests require a docker registry running locally on port 5000 as well as
+some images built.
 
 ```
 docker run -d -p 5000:5000 --name registry registry:2
-```
-
-... or if you run `make test`, this is automatically handled for you. After
-which time, you can just run `npm` directly:
 
-```
-npm test
+for distro in alpine centos debian; do
+  docker build -t localhost:5000/match-coverage/$distro ./tests/fixtures/image-$distro-match-coverage
+  docker push localhost:5000/match-coverage/$distro:latest
+done
 ```
 
-Some of the existing tests are written in Python 3 and will
-download [act](https://github.com/nektos/act) and create a Python virtual
-environment to run them in. To run these locally, from the root directory execute:
+Then, just run:
 
 ```
-npm run build
-make check
+npm test
 ```