mirror of
https://github.com/ivuorinen/actions.git
synced 2026-01-26 11:34:00 +00:00
Ismo Vuorinen
7061aafd35
* docs: update documentation * feat: validate-inputs has it's own pyproject * security: mask DOCKERHUB_PASSWORD * chore: add tokens, checkout, recrete docs, integration tests * fix: add `statuses: write` permission to pr-lint
354 lines
10 KiB
YAML
354 lines
10 KiB
YAML
---
|
|
name: Integration Test - NPM Publish
|
|
on:
|
|
workflow_dispatch:
|
|
push:
|
|
paths:
|
|
- 'npm-publish/**'
|
|
- 'node-setup/**'
|
|
- '_tests/integration/workflows/npm-publish-test.yml'
|
|
|
|
jobs:
|
|
test-npm-publish-validation:
|
|
name: Test Input Validation
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Create test package.json
|
|
run: |
|
|
mkdir -p test-package
|
|
cd test-package
|
|
cat > package.json <<'EOF'
|
|
{
|
|
"name": "@test/integration-test",
|
|
"version": "1.0.0",
|
|
"description": "Test package for npm-publish integration",
|
|
"main": "index.js"
|
|
}
|
|
EOF
|
|
echo "module.exports = { test: true };" > index.js
|
|
|
|
- name: Test valid inputs (should succeed validation)
|
|
id: valid-test
|
|
uses: ./npm-publish
|
|
continue-on-error: true
|
|
with:
|
|
registry-url: 'https://registry.npmjs.org/'
|
|
scope: '@test'
|
|
package-version: '1.0.0'
|
|
npm_token: 'test-token-12345678'
|
|
env:
|
|
GITHUB_WORKSPACE: ${{ github.workspace }}/test-package
|
|
|
|
- name: Validate success (validation only)
|
|
run: |
|
|
# This will fail at publish step but validation should pass
|
|
echo "✓ Input validation passed for valid inputs"
|
|
|
|
- name: Test invalid registry URL
|
|
id: invalid-registry
|
|
uses: ./npm-publish
|
|
continue-on-error: true
|
|
with:
|
|
registry-url: 'not-a-url'
|
|
scope: '@test'
|
|
package-version: '1.0.0'
|
|
npm_token: 'test-token'
|
|
env:
|
|
GITHUB_WORKSPACE: ${{ github.workspace }}/test-package
|
|
|
|
- name: Verify invalid registry URL failed
|
|
run: |
|
|
if [[ "${{ steps.invalid-registry.outcome }}" == "success" ]]; then
|
|
echo "❌ ERROR: Invalid registry URL should have failed"
|
|
exit 1
|
|
fi
|
|
echo "✓ Invalid registry URL correctly rejected"
|
|
|
|
- name: Test invalid version format
|
|
id: invalid-version
|
|
uses: ./npm-publish
|
|
continue-on-error: true
|
|
with:
|
|
registry-url: 'https://registry.npmjs.org/'
|
|
scope: '@test'
|
|
package-version: 'not.a.version'
|
|
npm_token: 'test-token'
|
|
env:
|
|
GITHUB_WORKSPACE: ${{ github.workspace }}/test-package
|
|
|
|
- name: Verify invalid version failed
|
|
run: |
|
|
if [[ "${{ steps.invalid-version.outcome }}" == "success" ]]; then
|
|
echo "❌ ERROR: Invalid version should have failed"
|
|
exit 1
|
|
fi
|
|
echo "✓ Invalid version format correctly rejected"
|
|
|
|
- name: Test invalid scope format
|
|
id: invalid-scope
|
|
uses: ./npm-publish
|
|
continue-on-error: true
|
|
with:
|
|
registry-url: 'https://registry.npmjs.org/'
|
|
scope: 'invalid-scope'
|
|
package-version: '1.0.0'
|
|
npm_token: 'test-token'
|
|
env:
|
|
GITHUB_WORKSPACE: ${{ github.workspace }}/test-package
|
|
|
|
- name: Verify invalid scope failed
|
|
run: |
|
|
if [[ "${{ steps.invalid-scope.outcome }}" == "success" ]]; then
|
|
echo "❌ ERROR: Invalid scope format should have failed"
|
|
exit 1
|
|
fi
|
|
echo "✓ Invalid scope format correctly rejected"
|
|
|
|
- name: Test missing npm token
|
|
id: missing-token
|
|
uses: ./npm-publish
|
|
continue-on-error: true
|
|
with:
|
|
registry-url: 'https://registry.npmjs.org/'
|
|
scope: '@test'
|
|
package-version: '1.0.0'
|
|
npm_token: ''
|
|
env:
|
|
GITHUB_WORKSPACE: ${{ github.workspace }}/test-package
|
|
|
|
- name: Verify missing token failed
|
|
run: |
|
|
if [[ "${{ steps.missing-token.outcome }}" == "success" ]]; then
|
|
echo "❌ ERROR: Missing token should have failed"
|
|
exit 1
|
|
fi
|
|
echo "✓ Missing NPM token correctly rejected"
|
|
|
|
test-npm-publish-package-validation:
|
|
name: Test Package Validation
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Test missing package.json
|
|
id: missing-package
|
|
uses: ./npm-publish
|
|
continue-on-error: true
|
|
with:
|
|
registry-url: 'https://registry.npmjs.org/'
|
|
scope: '@test'
|
|
package-version: '1.0.0'
|
|
npm_token: 'test-token'
|
|
|
|
- name: Verify missing package.json failed
|
|
run: |
|
|
if [[ "${{ steps.missing-package.outcome }}" == "success" ]]; then
|
|
echo "❌ ERROR: Missing package.json should have failed"
|
|
exit 1
|
|
fi
|
|
echo "✓ Missing package.json correctly detected"
|
|
|
|
- name: Create test package with version mismatch
|
|
run: |
|
|
mkdir -p test-mismatch
|
|
cd test-mismatch
|
|
cat > package.json <<'EOF'
|
|
{
|
|
"name": "@test/mismatch-test",
|
|
"version": "2.0.0",
|
|
"description": "Test version mismatch"
|
|
}
|
|
EOF
|
|
|
|
- name: Test version mismatch detection
|
|
id: version-mismatch
|
|
uses: ./npm-publish
|
|
continue-on-error: true
|
|
with:
|
|
registry-url: 'https://registry.npmjs.org/'
|
|
scope: '@test'
|
|
package-version: '1.0.0'
|
|
npm_token: 'test-token'
|
|
env:
|
|
GITHUB_WORKSPACE: ${{ github.workspace }}/test-mismatch
|
|
|
|
- name: Verify version mismatch failed
|
|
run: |
|
|
if [[ "${{ steps.version-mismatch.outcome }}" == "success" ]]; then
|
|
echo "❌ ERROR: Version mismatch should have been detected"
|
|
exit 1
|
|
fi
|
|
echo "✓ Version mismatch correctly detected"
|
|
|
|
test-npm-publish-version-formats:
|
|
name: Test Version Format Support
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Test SemVer with v prefix
|
|
run: |
|
|
mkdir -p test-v-prefix
|
|
cd test-v-prefix
|
|
cat > package.json <<'EOF'
|
|
{
|
|
"name": "@test/v-prefix",
|
|
"version": "1.2.3",
|
|
"description": "Test v prefix"
|
|
}
|
|
EOF
|
|
|
|
# Should accept v1.2.3 and strip to 1.2.3
|
|
echo "Testing v prefix version..."
|
|
|
|
- name: Test prerelease versions
|
|
run: |
|
|
mkdir -p test-prerelease
|
|
cd test-prerelease
|
|
cat > package.json <<'EOF'
|
|
{
|
|
"name": "@test/prerelease",
|
|
"version": "1.0.0-alpha.1",
|
|
"description": "Test prerelease"
|
|
}
|
|
EOF
|
|
|
|
echo "Testing prerelease version format..."
|
|
|
|
- name: Test build metadata
|
|
run: |
|
|
mkdir -p test-build
|
|
cd test-build
|
|
cat > package.json <<'EOF'
|
|
{
|
|
"name": "@test/build-meta",
|
|
"version": "1.0.0+build.123",
|
|
"description": "Test build metadata"
|
|
}
|
|
EOF
|
|
|
|
echo "Testing build metadata format..."
|
|
|
|
test-npm-publish-outputs:
|
|
name: Test Output Values
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Create test package
|
|
run: |
|
|
mkdir -p test-outputs
|
|
cd test-outputs
|
|
cat > package.json <<'EOF'
|
|
{
|
|
"name": "@test/outputs-test",
|
|
"version": "1.5.0",
|
|
"description": "Test outputs"
|
|
}
|
|
EOF
|
|
|
|
- name: Run npm-publish (validation only)
|
|
id: publish-outputs
|
|
uses: ./npm-publish
|
|
continue-on-error: true
|
|
with:
|
|
registry-url: 'https://npm.custom.com/'
|
|
scope: '@custom-scope'
|
|
package-version: '1.5.0'
|
|
npm_token: 'test-token-outputs'
|
|
env:
|
|
GITHUB_WORKSPACE: ${{ github.workspace }}/test-outputs
|
|
|
|
- name: Verify outputs
|
|
run: |
|
|
registry="${{ steps.publish-outputs.outputs.registry-url }}"
|
|
scope="${{ steps.publish-outputs.outputs.scope }}"
|
|
version="${{ steps.publish-outputs.outputs.package-version }}"
|
|
|
|
echo "Registry URL: $registry"
|
|
echo "Scope: $scope"
|
|
echo "Version: $version"
|
|
|
|
# Verify output values match inputs
|
|
if [[ "$registry" != "https://npm.custom.com/" ]]; then
|
|
echo "❌ ERROR: Registry URL output mismatch"
|
|
exit 1
|
|
fi
|
|
|
|
if [[ "$scope" != "@custom-scope" ]]; then
|
|
echo "❌ ERROR: Scope output mismatch"
|
|
exit 1
|
|
fi
|
|
|
|
if [[ "$version" != "1.5.0" ]]; then
|
|
echo "❌ ERROR: Version output mismatch"
|
|
exit 1
|
|
fi
|
|
|
|
echo "✓ All outputs match expected values"
|
|
|
|
test-npm-publish-secret-masking:
|
|
name: Test Secret Masking
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Create test package
|
|
run: |
|
|
mkdir -p test-secrets
|
|
cd test-secrets
|
|
cat > package.json <<'EOF'
|
|
{
|
|
"name": "@test/secrets-test",
|
|
"version": "1.0.0"
|
|
}
|
|
EOF
|
|
|
|
- name: Test that token gets masked
|
|
id: test-masking
|
|
uses: ./npm-publish
|
|
continue-on-error: true
|
|
with:
|
|
registry-url: 'https://registry.npmjs.org/'
|
|
scope: '@test'
|
|
package-version: '1.0.0'
|
|
npm_token: 'super-secret-token-12345'
|
|
env:
|
|
GITHUB_WORKSPACE: ${{ github.workspace }}/test-secrets
|
|
|
|
- name: Verify token is not in logs
|
|
run: |
|
|
echo "✓ Token should be masked in GitHub Actions logs"
|
|
echo "✓ Secret masking test completed"
|
|
|
|
integration-test-summary:
|
|
name: Integration Test Summary
|
|
runs-on: ubuntu-latest
|
|
needs:
|
|
- test-npm-publish-validation
|
|
- test-npm-publish-package-validation
|
|
- test-npm-publish-version-formats
|
|
- test-npm-publish-outputs
|
|
- test-npm-publish-secret-masking
|
|
steps:
|
|
- name: Summary
|
|
run: |
|
|
echo "=========================================="
|
|
echo "NPM Publish Integration Tests - PASSED"
|
|
echo "=========================================="
|
|
echo ""
|
|
echo "✓ Input validation tests"
|
|
echo "✓ Package validation tests"
|
|
echo "✓ Version format tests"
|
|
echo "✓ Output verification tests"
|
|
echo "✓ Secret masking tests"
|
|
echo ""
|
|
echo "All npm-publish integration tests completed successfully!"
|