From d26348d0651a4edae4de62ff5bec0a4d5d92d5fb Mon Sep 17 00:00:00 2001 From: jake Date: Sat, 17 May 2025 15:47:24 +0000 Subject: [PATCH] new/unit-tests (#1) Reviewed-on: https://code.jakeyoungdev.com/actions/donotpassgo/pulls/1 Co-authored-by: jake Co-committed-by: jake --- README.md | 41 +++++++++++++++++++++++++++++++---------- action.yaml | 13 ++++++++++++- test.sh | 28 ++++++++++++++++++++++++++++ 3 files changed, 71 insertions(+), 11 deletions(-) create mode 100755 test.sh diff --git a/README.md b/README.md index 12c490c..c4f70d8 100644 --- a/README.md +++ b/README.md @@ -1,13 +1,34 @@ # donotpassgo -A composite workflow that runs security checks on Go projects. Golang must be installed before this workflow can run. +A composite workflow that runs general code checks on Go projects, an optional test input is available to trigger unit tests. See [steps](#steps) for more information on the jobs run + +## Usage +adding donotpassgo to workflows is simple, just add the following step to your yaml file: +```yaml +- name: "checkpoint" + uses: https://code.jakeyoungdev.com/actions/donotpassgo@main +``` + +donotpassgo has optional support for running unit tests, this can be added by setting the test flag to standard +```yaml +- name: "checkpoint" + uses: https://code.jakeyoungdev.com/actions/donotpassgo@main + with: + test: standard +``` + +running unit tests with ginkgo is also supported by setting the test flag to ginkgo +```yaml +- name: "checkpoint" + uses: https://code.jakeyoungdev.com/actions/donotpassgo@main + with: + test: ginkgo +``` ## Steps -### govulncheck -govulncheck is installed using 'go install' and is used to scan the application dependencies and standard library. - -### gosec -gosec is used for static code analysis. - -## TODO -1. Add support for unit tests -2. Add ginkgo/gomega support \ No newline at end of file +donotpassgo runs several workflow jobs to ensure quality and secure go code, these steps may be updated as new tools develop. +### Dependency Scans +[govulncheck](https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck) is installed using golang and is used to scan for vulnerabilities in the project dependencies and standard library. +### Static Code Analysis +[gosec](https://github.com/securego/gosec) inspects source code for security problems +### Unit Tests +donotpassgo supports two unit tests libraries: the standard go library and [ginkgo](https://github.com/onsi/ginkgo) \ No newline at end of file diff --git a/action.yaml b/action.yaml index d4c18ab..aed5b2f 100644 --- a/action.yaml +++ b/action.yaml @@ -1,9 +1,20 @@ name: "donotpassgo" description: "general go code checks" +inputs: + test: + description: "runs unit tests with specified library" + required: false + default: "none" runs: using: "composite" steps: - - name: "install go packages" + - name: "run unit tests" + shell: bash + run: ${{ github.action_path }}/test.sh + env: + LIBRARY: ${{ inputs.test }} + + - name: "install govulncheck" run: | go install golang.org/x/vuln/cmd/govulncheck@latest diff --git a/test.sh b/test.sh new file mode 100755 index 0000000..39dfe8a --- /dev/null +++ b/test.sh @@ -0,0 +1,28 @@ +#!/bin/bash +if [[ "$LIBRARY" == "none" ]]; then + echo "Test flag not set, skipping unit tests." + exit 0 +fi + +if [[ "$LIBRARY" == "standard" ]]; then + echo "Running unit tests with standard library" + if go test ./...; then + echo "Tests passed!" + exit 0 + else + echo "Tests failed!" + exit 1 + fi +fi + +if [[ "$LIBRARY" == "ginkgo" ]]; then + echo "Running unit tests with ginkgo" + go install github.com/onsi/ginkgo/v2/ginkgo@v2.23.4 + if ginkgo ./...; then + echo "Tests passed!" + exit 0 + else + echo "Tests failed!" + exit 1 + fi +fi \ No newline at end of file