mirror of
https://github.com/ivuorinen/actions.git
synced 2026-01-26 03:23:59 +00:00
Ismo Vuorinen
7061aafd35
* docs: update documentation * feat: validate-inputs has it's own pyproject * security: mask DOCKERHUB_PASSWORD * chore: add tokens, checkout, recrete docs, integration tests * fix: add `statuses: write` permission to pr-lint
514 lines
16 KiB
YAML
514 lines
16 KiB
YAML
---
|
|
name: Integration Test - Node Setup
|
|
on:
|
|
workflow_dispatch:
|
|
push:
|
|
paths:
|
|
- 'node-setup/**'
|
|
- 'version-file-parser/**'
|
|
- 'common-cache/**'
|
|
- 'common-retry/**'
|
|
- '_tests/integration/workflows/node-setup-test.yml'
|
|
|
|
jobs:
|
|
test-node-setup-version-validation:
|
|
name: Test Version Validation
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Test invalid default version format (alphabetic)
|
|
run: |
|
|
VERSION="abc"
|
|
if [[ "$VERSION" =~ ^[0-9]+(\.[0-9]+(\.[0-9]+)?)?$ ]]; then
|
|
echo "❌ ERROR: Should reject alphabetic version"
|
|
exit 1
|
|
fi
|
|
echo "✓ Alphabetic version correctly rejected"
|
|
|
|
- name: Test invalid default version (too low)
|
|
run: |
|
|
VERSION="10"
|
|
major=$(echo "$VERSION" | cut -d'.' -f1)
|
|
if [ "$major" -lt 14 ] || [ "$major" -gt 30 ]; then
|
|
echo "✓ Version $VERSION correctly rejected (major < 14)"
|
|
else
|
|
echo "❌ ERROR: Should reject Node.js $VERSION"
|
|
exit 1
|
|
fi
|
|
|
|
- name: Test invalid default version (too high)
|
|
run: |
|
|
VERSION="50"
|
|
major=$(echo "$VERSION" | cut -d'.' -f1)
|
|
if [ "$major" -lt 14 ] || [ "$major" -gt 30 ]; then
|
|
echo "✓ Version $VERSION correctly rejected (major > 30)"
|
|
else
|
|
echo "❌ ERROR: Should reject Node.js $VERSION"
|
|
exit 1
|
|
fi
|
|
|
|
- name: Test valid version formats
|
|
run: |
|
|
for version in "20" "20.9" "20.9.0" "18" "22.1.0"; do
|
|
if [[ "$version" =~ ^[0-9]+(\.[0-9]+(\.[0-9]+)?)?$ ]]; then
|
|
major=$(echo "$version" | cut -d'.' -f1)
|
|
if [ "$major" -ge 14 ] && [ "$major" -le 30 ]; then
|
|
echo "✓ Version $version accepted"
|
|
else
|
|
echo "❌ ERROR: Version $version should be accepted"
|
|
exit 1
|
|
fi
|
|
else
|
|
echo "❌ ERROR: Version $version format validation failed"
|
|
exit 1
|
|
fi
|
|
done
|
|
|
|
test-node-setup-package-manager-validation:
|
|
name: Test Package Manager Validation
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Test valid package managers
|
|
run: |
|
|
for pm in "npm" "yarn" "pnpm" "bun" "auto"; do
|
|
case "$pm" in
|
|
"npm"|"yarn"|"pnpm"|"bun"|"auto")
|
|
echo "✓ Package manager $pm accepted"
|
|
;;
|
|
*)
|
|
echo "❌ ERROR: Valid package manager $pm rejected"
|
|
exit 1
|
|
;;
|
|
esac
|
|
done
|
|
|
|
- name: Test invalid package manager
|
|
run: |
|
|
PM="invalid-pm"
|
|
case "$PM" in
|
|
"npm"|"yarn"|"pnpm"|"bun"|"auto")
|
|
echo "❌ ERROR: Invalid package manager should be rejected"
|
|
exit 1
|
|
;;
|
|
*)
|
|
echo "✓ Invalid package manager correctly rejected"
|
|
;;
|
|
esac
|
|
|
|
test-node-setup-url-validation:
|
|
name: Test URL Validation
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Test valid registry URLs
|
|
run: |
|
|
for url in "https://registry.npmjs.org" "http://localhost:4873" "https://npm.custom.com/"; do
|
|
if [[ "$url" == "https://"* ]] || [[ "$url" == "http://"* ]]; then
|
|
echo "✓ Registry URL $url accepted"
|
|
else
|
|
echo "❌ ERROR: Valid URL $url rejected"
|
|
exit 1
|
|
fi
|
|
done
|
|
|
|
- name: Test invalid registry URLs
|
|
run: |
|
|
for url in "ftp://registry.com" "not-a-url" "registry.com"; do
|
|
if [[ "$url" == "https://"* ]] || [[ "$url" == "http://"* ]]; then
|
|
echo "❌ ERROR: Invalid URL $url should be rejected"
|
|
exit 1
|
|
else
|
|
echo "✓ Invalid URL $url correctly rejected"
|
|
fi
|
|
done
|
|
|
|
test-node-setup-retries-validation:
|
|
name: Test Retries Validation
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Test valid retry counts
|
|
run: |
|
|
for retries in "1" "3" "5" "10"; do
|
|
if [[ "$retries" =~ ^[0-9]+$ ]] && [ "$retries" -gt 0 ] && [ "$retries" -le 10 ]; then
|
|
echo "✓ Max retries $retries accepted"
|
|
else
|
|
echo "❌ ERROR: Valid retry count $retries rejected"
|
|
exit 1
|
|
fi
|
|
done
|
|
|
|
- name: Test invalid retry counts
|
|
run: |
|
|
for retries in "0" "11" "abc" "-1"; do
|
|
if [[ "$retries" =~ ^[0-9]+$ ]] && [ "$retries" -gt 0 ] && [ "$retries" -le 10 ]; then
|
|
echo "❌ ERROR: Invalid retry count $retries should be rejected"
|
|
exit 1
|
|
else
|
|
echo "✓ Invalid retry count $retries correctly rejected"
|
|
fi
|
|
done
|
|
|
|
test-node-setup-boolean-validation:
|
|
name: Test Boolean Validation
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Test valid boolean values
|
|
run: |
|
|
for value in "true" "false"; do
|
|
if [[ "$value" == "true" ]] || [[ "$value" == "false" ]]; then
|
|
echo "✓ Boolean value $value accepted"
|
|
else
|
|
echo "❌ ERROR: Valid boolean $value rejected"
|
|
exit 1
|
|
fi
|
|
done
|
|
|
|
- name: Test invalid boolean values
|
|
run: |
|
|
for value in "yes" "no" "1" "0" "True" "FALSE" ""; do
|
|
if [[ "$value" != "true" ]] && [[ "$value" != "false" ]]; then
|
|
echo "✓ Invalid boolean value '$value' correctly rejected"
|
|
else
|
|
echo "❌ ERROR: Invalid boolean $value should be rejected"
|
|
exit 1
|
|
fi
|
|
done
|
|
|
|
test-node-setup-token-validation:
|
|
name: Test Auth Token Validation
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Test injection pattern detection
|
|
run: |
|
|
for token in "token;malicious" "token&&command" "token|pipe"; do
|
|
if [[ "$token" == *";"* ]] || [[ "$token" == *"&&"* ]] || [[ "$token" == *"|"* ]]; then
|
|
echo "✓ Injection pattern in token correctly detected"
|
|
else
|
|
echo "❌ ERROR: Should detect injection pattern in: $token"
|
|
exit 1
|
|
fi
|
|
done
|
|
|
|
- name: Test valid tokens
|
|
run: |
|
|
for token in "npm_AbCdEf1234567890" "github_pat_12345abcdef" "simple-token"; do
|
|
if [[ "$token" == *";"* ]] || [[ "$token" == *"&&"* ]] || [[ "$token" == *"|"* ]]; then
|
|
echo "❌ ERROR: Valid token should not be rejected: $token"
|
|
exit 1
|
|
else
|
|
echo "✓ Valid token accepted"
|
|
fi
|
|
done
|
|
|
|
test-node-setup-package-manager-resolution:
|
|
name: Test Package Manager Resolution
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Test auto detection with detected PM
|
|
run: |
|
|
INPUT_PM="auto"
|
|
DETECTED_PM="pnpm"
|
|
|
|
if [ "$INPUT_PM" = "auto" ]; then
|
|
if [ -n "$DETECTED_PM" ]; then
|
|
FINAL_PM="$DETECTED_PM"
|
|
else
|
|
FINAL_PM="npm"
|
|
fi
|
|
else
|
|
FINAL_PM="$INPUT_PM"
|
|
fi
|
|
|
|
if [[ "$FINAL_PM" != "pnpm" ]]; then
|
|
echo "❌ ERROR: Should use detected PM (pnpm)"
|
|
exit 1
|
|
fi
|
|
echo "✓ Auto-detected package manager correctly resolved"
|
|
|
|
- name: Test auto detection without detected PM
|
|
run: |
|
|
INPUT_PM="auto"
|
|
DETECTED_PM=""
|
|
|
|
if [ "$INPUT_PM" = "auto" ]; then
|
|
if [ -n "$DETECTED_PM" ]; then
|
|
FINAL_PM="$DETECTED_PM"
|
|
else
|
|
FINAL_PM="npm"
|
|
fi
|
|
else
|
|
FINAL_PM="$INPUT_PM"
|
|
fi
|
|
|
|
if [[ "$FINAL_PM" != "npm" ]]; then
|
|
echo "❌ ERROR: Should default to npm"
|
|
exit 1
|
|
fi
|
|
echo "✓ Defaults to npm when no detection"
|
|
|
|
- name: Test explicit package manager
|
|
run: |
|
|
INPUT_PM="yarn"
|
|
DETECTED_PM="pnpm"
|
|
|
|
if [ "$INPUT_PM" = "auto" ]; then
|
|
if [ -n "$DETECTED_PM" ]; then
|
|
FINAL_PM="$DETECTED_PM"
|
|
else
|
|
FINAL_PM="npm"
|
|
fi
|
|
else
|
|
FINAL_PM="$INPUT_PM"
|
|
fi
|
|
|
|
if [[ "$FINAL_PM" != "yarn" ]]; then
|
|
echo "❌ ERROR: Should use explicit PM (yarn)"
|
|
exit 1
|
|
fi
|
|
echo "✓ Explicit package manager correctly used"
|
|
|
|
test-node-setup-feature-detection:
|
|
name: Test Feature Detection
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Create test package.json with ESM
|
|
run: |
|
|
mkdir -p test-esm
|
|
cd test-esm
|
|
cat > package.json <<'EOF'
|
|
{
|
|
"name": "test-esm",
|
|
"version": "1.0.0",
|
|
"type": "module"
|
|
}
|
|
EOF
|
|
|
|
- name: Test ESM detection
|
|
run: |
|
|
cd test-esm
|
|
if command -v jq >/dev/null 2>&1; then
|
|
pkg_type=$(jq -r '.type // "commonjs"' package.json 2>/dev/null)
|
|
if [[ "$pkg_type" == "module" ]]; then
|
|
echo "✓ ESM support correctly detected"
|
|
else
|
|
echo "❌ ERROR: Should detect ESM support"
|
|
exit 1
|
|
fi
|
|
else
|
|
echo "⚠️ jq not available, skipping ESM detection test"
|
|
echo "✓ ESM detection logic verified (jq would be required in actual action)"
|
|
fi
|
|
|
|
- name: Create test with TypeScript
|
|
run: |
|
|
mkdir -p test-ts
|
|
cd test-ts
|
|
touch tsconfig.json
|
|
cat > package.json <<'EOF'
|
|
{
|
|
"name": "test-ts",
|
|
"devDependencies": {
|
|
"typescript": "^5.0.0"
|
|
}
|
|
}
|
|
EOF
|
|
|
|
- name: Test TypeScript detection
|
|
run: |
|
|
cd test-ts
|
|
typescript_support="false"
|
|
if [ -f tsconfig.json ]; then
|
|
typescript_support="true"
|
|
fi
|
|
if [[ "$typescript_support" != "true" ]]; then
|
|
echo "❌ ERROR: Should detect TypeScript"
|
|
exit 1
|
|
fi
|
|
echo "✓ TypeScript support correctly detected"
|
|
|
|
- name: Create test with frameworks
|
|
run: |
|
|
mkdir -p test-frameworks
|
|
cd test-frameworks
|
|
cat > package.json <<'EOF'
|
|
{
|
|
"name": "test-frameworks",
|
|
"dependencies": {
|
|
"react": "^18.0.0",
|
|
"next": "^14.0.0"
|
|
}
|
|
}
|
|
EOF
|
|
|
|
- name: Test framework detection
|
|
run: |
|
|
cd test-frameworks
|
|
if command -v jq >/dev/null 2>&1; then
|
|
has_next=$(jq -e '.dependencies.next or .devDependencies.next' package.json >/dev/null 2>&1 && echo "yes" || echo "no")
|
|
has_react=$(jq -e '.dependencies.react or .devDependencies.react' package.json >/dev/null 2>&1 && echo "yes" || echo "no")
|
|
|
|
if [[ "$has_next" == "yes" ]] && [[ "$has_react" == "yes" ]]; then
|
|
echo "✓ Frameworks (Next.js, React) correctly detected"
|
|
else
|
|
echo "❌ ERROR: Should detect Next.js and React"
|
|
exit 1
|
|
fi
|
|
else
|
|
echo "⚠️ jq not available, skipping framework detection test"
|
|
echo "✓ Framework detection logic verified (jq would be required in actual action)"
|
|
fi
|
|
|
|
test-node-setup-security:
|
|
name: Test Security Measures
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Test token sanitization
|
|
run: |
|
|
TOKEN="test-token
|
|
with-newline"
|
|
|
|
# Should remove newlines
|
|
sanitized=$(echo "$TOKEN" | tr -d '\n\r')
|
|
|
|
if [[ "$sanitized" == *$'\n'* ]] || [[ "$sanitized" == *$'\r'* ]]; then
|
|
echo "❌ ERROR: Newlines not removed"
|
|
exit 1
|
|
fi
|
|
echo "✓ Token sanitization works correctly"
|
|
|
|
- name: Test package manager sanitization
|
|
run: |
|
|
PM="npm
|
|
with-newline"
|
|
|
|
# Should remove newlines
|
|
sanitized=$(echo "$PM" | tr -d '\n\r')
|
|
|
|
if [[ "$sanitized" == *$'\n'* ]] || [[ "$sanitized" == *$'\r'* ]]; then
|
|
echo "❌ ERROR: Newlines not removed from PM"
|
|
exit 1
|
|
fi
|
|
echo "✓ Package manager sanitization works correctly"
|
|
|
|
test-node-setup-integration-workflow:
|
|
name: Test Integration Workflow
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Simulate complete workflow
|
|
run: |
|
|
echo "=== Simulating Node Setup Workflow ==="
|
|
|
|
# 1. Validation
|
|
echo "Step 1: Validate inputs"
|
|
DEFAULT_VERSION="20"
|
|
PACKAGE_MANAGER="npm"
|
|
REGISTRY_URL="https://registry.npmjs.org"
|
|
CACHE="true"
|
|
INSTALL="true"
|
|
MAX_RETRIES="3"
|
|
echo "✓ Inputs validated"
|
|
|
|
# 2. Version parsing
|
|
echo "Step 2: Parse Node.js version"
|
|
NODE_VERSION="20.9.0"
|
|
echo "✓ Version parsed: $NODE_VERSION"
|
|
|
|
# 3. Package manager resolution
|
|
echo "Step 3: Resolve package manager"
|
|
if [ "$PACKAGE_MANAGER" = "auto" ]; then
|
|
FINAL_PM="npm"
|
|
else
|
|
FINAL_PM="$PACKAGE_MANAGER"
|
|
fi
|
|
echo "✓ Package manager resolved: $FINAL_PM"
|
|
|
|
# 4. Setup Node.js
|
|
echo "Step 4: Setup Node.js $NODE_VERSION"
|
|
if command -v node >/dev/null 2>&1; then
|
|
echo "✓ Node.js available: $(node --version)"
|
|
fi
|
|
|
|
# 5. Enable Corepack
|
|
echo "Step 5: Enable Corepack"
|
|
if command -v corepack >/dev/null 2>&1; then
|
|
echo "✓ Corepack available"
|
|
else
|
|
echo "⚠️ Corepack not available in test environment"
|
|
fi
|
|
|
|
# 6. Cache dependencies
|
|
if [[ "$CACHE" == "true" ]]; then
|
|
echo "Step 6: Cache dependencies"
|
|
echo "✓ Would use common-cache action"
|
|
fi
|
|
|
|
# 7. Install dependencies
|
|
if [[ "$INSTALL" == "true" ]]; then
|
|
echo "Step 7: Install dependencies"
|
|
echo "✓ Would run: $FINAL_PM install"
|
|
fi
|
|
|
|
echo "=== Workflow simulation completed ==="
|
|
|
|
integration-test-summary:
|
|
name: Integration Test Summary
|
|
runs-on: ubuntu-latest
|
|
needs:
|
|
- test-node-setup-version-validation
|
|
- test-node-setup-package-manager-validation
|
|
- test-node-setup-url-validation
|
|
- test-node-setup-retries-validation
|
|
- test-node-setup-boolean-validation
|
|
- test-node-setup-token-validation
|
|
- test-node-setup-package-manager-resolution
|
|
- test-node-setup-feature-detection
|
|
- test-node-setup-security
|
|
- test-node-setup-integration-workflow
|
|
steps:
|
|
- name: Summary
|
|
run: |
|
|
echo "=========================================="
|
|
echo "Node Setup Integration Tests - PASSED"
|
|
echo "=========================================="
|
|
echo ""
|
|
echo "✓ Version validation tests"
|
|
echo "✓ Package manager validation tests"
|
|
echo "✓ URL validation tests"
|
|
echo "✓ Retries validation tests"
|
|
echo "✓ Boolean validation tests"
|
|
echo "✓ Token validation tests"
|
|
echo "✓ Package manager resolution tests"
|
|
echo "✓ Feature detection tests"
|
|
echo "✓ Security measure tests"
|
|
echo "✓ Integration workflow tests"
|
|
echo ""
|
|
echo "All node-setup integration tests completed successfully!"
|