Skip to content

End to end tests (#9) #84

End to end tests (#9)

End to end tests (#9) #84

Workflow file for this run

name: CI Pipeline
permissions:
contents: read
pull-requests: write
checks: write
actions: read
on:
push:
branches:
- main
pull_request:
jobs:
build-verification:
name: Build Verification
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Install Terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_version: 1.9.3
terraform_wrapper: false
- name: Install Go
uses: actions/setup-go@v1
with:
go-version: 1.21
- name: Terraform Validate
run: |
terraform init -backend=false
terraform validate
working-directory: infrastructure
- name: Run Integration Tests
run: |
terraform init -backend=false
terraform test
working-directory: tests/integration-tests
- name: Run End to End Tests
run: |
go mod tidy
go test -v -timeout 10m
working-directory: tests/end-to-end-tests
env:
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
TF_STATE_RESOURCE_GROUP: ${{ secrets.TF_STATE_RESOURCE_GROUP }}
TF_STATE_STORAGE_ACCOUNT: ${{ secrets.TF_STATE_STORAGE_ACCOUNT }}
TF_STATE_STORAGE_CONTAINER: ${{ secrets.TF_STATE_STORAGE_CONTAINER }}
static-code-analysis:
name: Static Code Analysis
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Install Terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_version: 1.9.3
- name: Run Terraform Format
run: terraform fmt -check
working-directory: infrastructure
- name: Run Terraform Lint
uses: terraform-linters/setup-tflint@v1
with:
tflint_version: latest
- run: tflint
- name: Install Checkov
run: sudo apt-get update && sudo apt-get install -y python3-pip && pip3 install checkov
- name: Run Checkov Scan
run: checkov --directory infrastructure --skip-path example --list
- name: Install GitLeaks
run: |
curl -sSL https://github.com/zricethezav/gitleaks/releases/download/v8.2.4/gitleaks_8.2.4_linux_x64.tar.gz | tar -xz
sudo mv gitleaks /usr/local/bin/
- name: Run GitLeaks Scan
run: gitleaks detect --source . --config .gitleaks.toml
- name: Install Trivy
run: |
sudo apt-get update
sudo apt-get install -y wget apt-transport-https gnupg lsb-release
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list
sudo apt-get update
sudo apt-get install -y trivy
- name: Run Trivy Scan
run: trivy filesystem --security-checks vuln,config --exit-code 1 --severity HIGH,CRITICAL --ignore-unfixed .