Skip to content
This repository has been archived by the owner on Jan 8, 2024. It is now read-only.

Exe tests

Exe tests #419

Workflow file for this run

name: Exe tests
on:
schedule:
- cron: "0 */18 * * *"
workflow_dispatch:
jobs:
atom-bundled-tests:
runs-on: ubuntu-latest
if: "! contains(github.event.head_commit.message, '[ci skip]')"
strategy:
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
python-version: ['3.8', '3.9', '3.10', '3.11']
steps:
- uses: actions/checkout@v3
with:
repository: 'ShiftLeftSecurity/shiftleft-java-example'
path: 'repotests/shiftleft-java-example'
- uses: actions/checkout@v3
with:
repository: 'ShiftLeftSecurity/shiftleft-ts-example'
path: 'repotests/shiftleft-ts-example'
- uses: actions/checkout@v3
with:
repository: 'HooliCorp/DjanGoat'
path: 'repotests/DjanGoat'
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
- name: Install dependencies
run: |
python -m pip install --upgrade pip
python -m pip install cpggen
- uses: actions/setup-java@v3
with:
distribution: 'zulu'
java-version: '19'
- name: bundle_tests
run: |
mkdir /tmp/all_cpgs /tmp/all_exports
cpggen -i repotests/shiftleft-java-example -o /tmp/all_cpgs/shiftleft-java-example/shiftleft-java-example-java.⚛
if [ -e "/tmp/all_cpgs/shiftleft-java-example/shiftleft-java-example-java.⚛" ]; then
echo "Java direct test was successful"
else
echo "Java direct test was not successful"
exit 1
fi
cpggen -i repotests/shiftleft-ts-example -o /tmp/all_cpgs/shiftleft-ts-example/shiftleft-ts-example-js.⚛
if [ -e "/tmp/all_cpgs/shiftleft-ts-example/shiftleft-ts-example-js.⚛" ]; then
echo "JS direct test was successful"
else
echo "JS direct test was not successful"
exit 1
fi
cpggen -i repotests/DjanGoat -o /tmp/all_cpgs/DjanGoat/DjanGoat-python.⚛ -l python
if [ -e "/tmp/all_cpgs/DjanGoat/DjanGoat-python.⚛" ]; then
echo "Python direct test was successful"
else
echo "Python direct test was not successful"
exit 1
fi
cpggen -i CVE-2023-1664
cpggen -i GHSA-c892-cwq6-qrqf
cpggen -i CVE-2023-20883
cpggen -i GHSA-xf96-w227-r7c4
cpggen -i CVE-2023-32695
cpggen -i CVE-2023-28370
ls -lh /tmp/all_cpgs
env:
AT_DEBUG_MODE: debug
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CPGGEN_MEMORY: 4G
linux-exe-tests:
runs-on: ubuntu-latest
if: "! contains(github.event.head_commit.message, '[ci skip]')"
steps:
- uses: actions/checkout@v3
with:
repository: 'ShiftLeftSecurity/shiftleft-java-example'
path: 'repotests/shiftleft-java-example'
- uses: actions/checkout@v3
with:
repository: 'ShiftLeftSecurity/shiftleft-ts-example'
path: 'repotests/shiftleft-ts-example'
- uses: actions/checkout@v3
with:
repository: 'ShiftLeftSecurity/shiftleft-go-example'
path: 'repotests/shiftleft-go-example'
- uses: actions/checkout@v3
with:
repository: 'prabhu/shiftleft-scala-example'
path: 'repotests/shiftleft-scala-example'
- uses: actions/checkout@v3
with:
repository: 'HooliCorp/vulnerable_net_core'
path: 'repotests/vulnerable_net_core'
- uses: actions/checkout@v3
with:
repository: 'HooliCorp/Goatly.NET'
path: 'repotests/Goatly.NET'
- uses: actions/checkout@v3
with:
repository: 'HooliCorp/DjanGoat'
path: 'repotests/DjanGoat'
- uses: actions/checkout@v3
with:
repository: 'GoogleCloudPlatform/microservices-demo'
path: 'repotests/microservices-demo'
- uses: actions/setup-java@v3
with:
distribution: 'zulu'
java-version: '19'
- name: exetests
run: |
mkdir /tmp/all_cpgs /tmp/all_exports
oras pull ghcr.io/appthreat/cpggen-bin:v1
chmod +x cpggen-linux-amd64
./cpggen-linux-amd64 --help
oras pull ghcr.io/appthreat/atomgen-bin:v1
chmod +x atomgen
./atomgen --help
./cpggen-linux-amd64 -i repotests/shiftleft-java-example -o /tmp/all_cpgs/shiftleft-java-example/shiftleft-java-example-java.⚛
if [ -e "/tmp/all_cpgs/shiftleft-java-example/shiftleft-java-example-java.⚛" ]; then
echo "Java direct test was successful"
else
echo "Java direct test was not successful"
exit 1
fi
./atomgen -i repotests/shiftleft-java-example -o /tmp/all_cpgs/shiftleft-java-example/shiftleft-java-example-java.⚛
if [ -e "/tmp/all_cpgs/shiftleft-java-example/shiftleft-java-example-java.⚛" ]; then
echo "Java direct test was successful"
else
echo "Java direct test was not successful"
exit 1
fi
./cpggen-linux-amd64 -i repotests/shiftleft-ts-example -o /tmp/all_cpgs/shiftleft-ts-example/shiftleft-ts-example-js.⚛
if [ -e "/tmp/all_cpgs/shiftleft-ts-example/shiftleft-ts-example-js.⚛" ]; then
echo "JS direct test was successful"
else
echo "JS direct test was not successful"
exit 1
fi
./atomgen -i repotests/shiftleft-ts-example -o /tmp/all_cpgs/shiftleft-ts-example/shiftleft-ts-example-js.⚛
if [ -e "/tmp/all_cpgs/shiftleft-ts-example/shiftleft-ts-example-js.⚛" ]; then
echo "JS direct test was successful"
else
echo "JS direct test was not successful"
exit 1
fi
./cpggen-linux-amd64 -i repotests/DjanGoat -o /tmp/all_cpgs/DjanGoat -l python
./atomgen -i repotests/DjanGoat -o /tmp/all_cpgs/DjanGoat -l python
./cpggen-linux-amd64 -i repotests/microservices-demo -o /tmp/all_cpgs/microservices-demo --build
ls -ltr /tmp/all_cpgs
ls -ltr /tmp/all_exports
env:
AT_DEBUG_MODE: debug
CPGGEN_MEMORY: 4G
windows-exe-tests:
runs-on: windows-latest
if: "! contains(github.event.head_commit.message, '[ci skip]')"
steps:
- uses: actions/checkout@v3
with:
repository: 'ShiftLeftSecurity/shiftleft-java-example'
path: 'repotests/shiftleft-java-example'
- uses: actions/checkout@v3
with:
repository: 'ShiftLeftSecurity/shiftleft-ts-example'
path: 'repotests/shiftleft-ts-example'
- uses: actions/checkout@v3
with:
repository: 'ShiftLeftSecurity/shiftleft-go-example'
path: 'repotests/shiftleft-go-example'
- uses: actions/checkout@v3
with:
repository: 'HooliCorp/DjanGoat'
path: 'repotests/DjanGoat'
- uses: actions/checkout@v3
with:
repository: 'GoogleCloudPlatform/microservices-demo'
path: 'repotests/microservices-demo'
- uses: actions/setup-java@v3
with:
distribution: 'zulu'
java-version: '19'
- name: exetests
run: |
Invoke-WebRequest -Uri https://github.com/oras-project/oras/releases/download/v1.0.0/oras_1.0.0_windows_amd64.zip -UseBasicParsing -OutFile oras_1.0.0_windows_amd64.zip
Expand-Archive -Path oras_1.0.0_windows_amd64.zip -DestinationPath .
.\oras.exe pull ghcr.io/appthreat/cpggen-windows-bin:v1
.\cpggen.exe --help
.\cpggen.exe -i $env:GITHUB_WORKSPACE\\repotests\\shiftleft-java-example -o $env:GITHUB_WORKSPACE\\repotests\\shiftleft-java-example\\cpg_out
.\cpggen.exe -i $env:GITHUB_WORKSPACE\\repotests\\shiftleft-ts-example -o $env:GITHUB_WORKSPACE\\repotests\\shiftleft-ts-example\\cpg_out
.\cpggen.exe -i $env:GITHUB_WORKSPACE\\repotests\\DjanGoat -o $env:GITHUB_WORKSPACE\\repotests\\DjanGoat\\cpg_out
.\cpggen.exe -i $env:GITHUB_WORKSPACE\\repotests\\microservices-demo -o $env:GITHUB_WORKSPACE\\repotests\\microservices-demo\\cpg_out --build
env:
AT_DEBUG_MODE: debug
PYTHONIOENCODING: utf-8
PYTHONUTF8: 1
CPGGEN_MEMORY: 3G