mirror of
https://github.com/trufflesecurity/trufflehog.git
synced 2024-11-14 00:47:21 +00:00
b4329e0825
* add buildpulse config to sources * remove tab indentation * add correct repo ID * wrap test command in gotestsum * exclusion should be detectors * fix exclusions to match community-test * update tag to reflect comm. tests
92 lines
2.9 KiB
YAML
92 lines
2.9 KiB
YAML
|
|
name: Test
|
|
|
|
on:
|
|
push:
|
|
tags:
|
|
- v*
|
|
branches:
|
|
- main
|
|
pull_request:
|
|
|
|
jobs:
|
|
test:
|
|
if: ${{ ! github.event.pull_request.head.repo.fork }}
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
actions: 'read'
|
|
contents: 'read'
|
|
id-token: 'write'
|
|
steps:
|
|
- name: Install Go
|
|
uses: actions/setup-go@v4
|
|
with:
|
|
go-version: '1.21'
|
|
- name: Checkout code
|
|
uses: actions/checkout@v3
|
|
- id: 'auth'
|
|
uses: 'google-github-actions/auth@v1'
|
|
with:
|
|
workload_identity_provider: 'projects/811013774421/locations/global/workloadIdentityPools/github-pool/providers/github-provider'
|
|
service_account: 'github-ci-external@trufflehog-testing.iam.gserviceaccount.com'
|
|
- name: Test
|
|
run: make test-integration
|
|
test-detectors:
|
|
if: ${{ ! github.event.pull_request.head.repo.fork }}
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
actions: 'read'
|
|
contents: 'read'
|
|
id-token: 'write'
|
|
steps:
|
|
- name: Install Go
|
|
uses: actions/setup-go@v4
|
|
with:
|
|
go-version: '1.21'
|
|
- name: Checkout code
|
|
uses: actions/checkout@v3
|
|
- id: 'auth'
|
|
uses: 'google-github-actions/auth@v1'
|
|
with:
|
|
workload_identity_provider: 'projects/811013774421/locations/global/workloadIdentityPools/github-pool/providers/github-provider'
|
|
service_account: 'github-ci-external@trufflehog-testing.iam.gserviceaccount.com'
|
|
- name: Test
|
|
run: make test-detectors
|
|
continue-on-error: true
|
|
test-community:
|
|
if: ${{ github.event.pull_request.head.repo.fork }}
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
actions: 'read'
|
|
contents: 'read'
|
|
steps:
|
|
- name: Install Go
|
|
uses: actions/setup-go@v4
|
|
with:
|
|
go-version: '1.21'
|
|
- name: Checkout code
|
|
uses: actions/checkout@v3
|
|
- name: Set up gotestsum
|
|
run: |
|
|
go install gotest.tools/gotestsum@latest
|
|
mkdir -p tmp/test-results
|
|
- name: Test
|
|
run: |
|
|
CGO_ENABLED=1 gotestsum --junitfile tmp/test-results/test.xml --raw-command -- go test -json -tags=sources $(go list ./... | grep -v /vendor/ | grep -v pkg/detectors | grep -v pkg/sources)
|
|
if: ${{ success() || failure() }} # always run this step, even if there were previous errors
|
|
- name: Upload test results to BuildPulse for flaky test detection
|
|
if: '!cancelled()' # Run this step even when the tests fail. Skip if the workflow is cancelled.
|
|
uses: buildpulse/buildpulse-action@main
|
|
with:
|
|
account: 79229934
|
|
repository: 77726177
|
|
path: |
|
|
tmp/test-results/*.xml
|
|
key: ${{ secrets.BUILDPULSE_ACCESS_KEY_ID }}
|
|
secret: ${{ secrets.BUILDPULSE_SECRET_ACCESS_KEY }}
|
|
tags: community
|
|
- name: Annotate test results
|
|
uses: mikepenz/action-junit-report@v3
|
|
if: success() || failure() # always run even if the previous step fails
|
|
with:
|
|
report_paths: 'tmp/test-results/*.xml'
|