feat: Validate GitHub Actions schema (#2416)
* feat: Validate GitHub Actions schema **BREAKING** previously accepted workflows are now invalid * update code * fix tests * Bump docker / fix lint * fix test action due to moving the file * remove unused function * fix parsing additional functions * fix allow int * update docker dep, due to linter
This commit is contained in:
ChristopherHX
GitHub
@@ -196,16 +196,20 @@ func (j *TestJobFileInfo) runTest(ctx context.Context, t *testing.T, cfg *Config
|
||||
assert.Nil(t, err, j.workflowPath)
|
||||
|
||||
planner, err := model.NewWorkflowPlanner(fullWorkflowPath, true)
|
||||
assert.Nil(t, err, fullWorkflowPath)
|
||||
if err != nil {
|
||||
assert.Error(t, err, j.errorMessage)
|
||||
} else {
|
||||
assert.Nil(t, err, fullWorkflowPath)
|
||||
|
||||
plan, err := planner.PlanEvent(j.eventName)
|
||||
assert.True(t, (err == nil) != (plan == nil), "PlanEvent should return either a plan or an error")
|
||||
if err == nil && plan != nil {
|
||||
err = runner.NewPlanExecutor(plan)(ctx)
|
||||
if j.errorMessage == "" {
|
||||
assert.Nil(t, err, fullWorkflowPath)
|
||||
} else {
|
||||
assert.Error(t, err, j.errorMessage)
|
||||
plan, err := planner.PlanEvent(j.eventName)
|
||||
assert.True(t, (err == nil) != (plan == nil), "PlanEvent should return either a plan or an error")
|
||||
if err == nil && plan != nil {
|
||||
err = runner.NewPlanExecutor(plan)(ctx)
|
||||
if j.errorMessage == "" {
|
||||
assert.Nil(t, err, fullWorkflowPath)
|
||||
} else {
|
||||
assert.Error(t, err, j.errorMessage)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -334,7 +338,7 @@ func TestRunEvent(t *testing.T) {
|
||||
config.EventPath = eventFile
|
||||
}
|
||||
|
||||
testConfigFile := filepath.Join(workdir, table.workflowPath, "config.yml")
|
||||
testConfigFile := filepath.Join(workdir, table.workflowPath, "config/config.yml")
|
||||
if file, err := os.ReadFile(testConfigFile); err == nil {
|
||||
testConfig := &TestConfig{}
|
||||
if yaml.Unmarshal(file, testConfig) == nil {
|
||||
|
||||
@@ -1,44 +1,44 @@
|
||||
inputs:
|
||||
who-to-greet:
|
||||
default: 'Mona the Octocat'
|
||||
runs:
|
||||
using: composite
|
||||
steps:
|
||||
# Test if GITHUB_ACTION_PATH is set correctly before all steps
|
||||
- run: stat $GITHUB_ACTION_PATH/push.yml
|
||||
shell: bash
|
||||
- run: stat $GITHUB_ACTION_PATH/action.yml
|
||||
shell: bash
|
||||
- run: '[[ "$GITHUB_ACTION_REPOSITORY" == "" ]] && [[ "$GITHUB_ACTION_REF" == "" ]]'
|
||||
shell: bash
|
||||
- uses: ./actions/docker-local
|
||||
id: dockerlocal
|
||||
with:
|
||||
who-to-greet: ${{inputs.who-to-greet}}
|
||||
- run: '[[ "${{ env.SOMEVAR }}" == "${{inputs.who-to-greet}}" ]]'
|
||||
shell: bash
|
||||
- run: '[ "${SOMEVAR}" = "Not Mona" ] || exit 1'
|
||||
shell: bash
|
||||
env:
|
||||
SOMEVAR: 'Not Mona'
|
||||
- run: '[[ "${{ steps.dockerlocal.outputs.whoami }}" == "${{inputs.who-to-greet}}" ]]'
|
||||
shell: bash
|
||||
# Test if overriding args doesn't leak inputs
|
||||
- uses: ./actions/docker-local-noargs
|
||||
with:
|
||||
args: ${{format('"{0}"', 'Mona is not the Octocat') }}
|
||||
who-to-greet: ${{inputs.who-to-greet}}
|
||||
- run: '[[ "${{ env.SOMEVAR }}" == "Mona is not the Octocat" ]]'
|
||||
shell: bash
|
||||
- uses: ./localdockerimagetest_
|
||||
# Also test a remote docker action here
|
||||
- uses: actions/hello-world-docker-action@v1
|
||||
with:
|
||||
who-to-greet: 'Mona the Octocat'
|
||||
# Test if GITHUB_ACTION_PATH is set correctly after all steps
|
||||
- run: stat $GITHUB_ACTION_PATH/push.yml
|
||||
shell: bash
|
||||
- run: stat $GITHUB_ACTION_PATH/action.yml
|
||||
shell: bash
|
||||
- run: '[[ "$GITHUB_ACTION_REPOSITORY" == "" ]] && [[ "$GITHUB_ACTION_REF" == "" ]]'
|
||||
shell: bash
|
||||
inputs:
|
||||
who-to-greet:
|
||||
default: 'Mona the Octocat'
|
||||
runs:
|
||||
using: composite
|
||||
steps:
|
||||
# Test if GITHUB_ACTION_PATH is set correctly before all steps
|
||||
- run: stat $GITHUB_ACTION_PATH/../push.yml
|
||||
shell: bash
|
||||
- run: stat $GITHUB_ACTION_PATH/action.yml
|
||||
shell: bash
|
||||
- run: '[[ "$GITHUB_ACTION_REPOSITORY" == "" ]] && [[ "$GITHUB_ACTION_REF" == "" ]]'
|
||||
shell: bash
|
||||
- uses: ./actions/docker-local
|
||||
id: dockerlocal
|
||||
with:
|
||||
who-to-greet: ${{inputs.who-to-greet}}
|
||||
- run: '[[ "${{ env.SOMEVAR }}" == "${{inputs.who-to-greet}}" ]]'
|
||||
shell: bash
|
||||
- run: '[ "${SOMEVAR}" = "Not Mona" ] || exit 1'
|
||||
shell: bash
|
||||
env:
|
||||
SOMEVAR: 'Not Mona'
|
||||
- run: '[[ "${{ steps.dockerlocal.outputs.whoami }}" == "${{inputs.who-to-greet}}" ]]'
|
||||
shell: bash
|
||||
# Test if overriding args doesn't leak inputs
|
||||
- uses: ./actions/docker-local-noargs
|
||||
with:
|
||||
args: ${{format('"{0}"', 'Mona is not the Octocat') }}
|
||||
who-to-greet: ${{inputs.who-to-greet}}
|
||||
- run: '[[ "${{ env.SOMEVAR }}" == "Mona is not the Octocat" ]]'
|
||||
shell: bash
|
||||
- uses: ./localdockerimagetest_
|
||||
# Also test a remote docker action here
|
||||
- uses: actions/hello-world-docker-action@v1
|
||||
with:
|
||||
who-to-greet: 'Mona the Octocat'
|
||||
# Test if GITHUB_ACTION_PATH is set correctly after all steps
|
||||
- run: stat $GITHUB_ACTION_PATH/../push.yml
|
||||
shell: bash
|
||||
- run: stat $GITHUB_ACTION_PATH/action.yml
|
||||
shell: bash
|
||||
- run: '[[ "$GITHUB_ACTION_REPOSITORY" == "" ]] && [[ "$GITHUB_ACTION_REF" == "" ]]'
|
||||
shell: bash
|
||||
@@ -6,4 +6,4 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: ./local-action-via-composite-dockerfile
|
||||
- uses: ./local-action-via-composite-dockerfile/action
|
||||
Reference in New Issue
Block a user