vuln test workflow

tenable · Aug 26, 2021 · 0356423 · 0356423
1 parent a3b201c
commit 0356423
Show file tree

Hide file tree

Showing 4 changed files with 51 additions and 4 deletions.
diff --git a/.github/workflows/e2e-vuln.yml b/.github/workflows/e2e-vuln.yml
@@ -0,0 +1,39 @@
+name: e2e-vuln-test
+on:
+  pull_request_target:
+    types: [assigned, opened, synchronize, reopened, ready_for_review, edited]
+jobs:
+  validate:
+    runs-on: ubuntu-latest
+    env:
+      GO111MODULE: on
+      GOPATH: /home/runner/work/terrascan
+      GOBIN: /home/runner/work/terrascan/bin
+      GO_VERSION: 1.16
+      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID_TEST }}
+      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY_TEST }}
+      AWS_REGION: ${{ secrets.AWS_REGION_TEST }}
+      AZURE_AUTH_TEST_SECRET:  ${{ secrets.AZURE_AUTH_TEST_SECRET }}
+      GOOGLE_APPLICATION_CREDENTIALS_TEST_SECRET:  ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS_TEST_KEY }}
+    steps:
+    - name: Checkout Terrascan
+      uses: actions/checkout@v2
+
+    - name: Setup Go
+      uses: actions/setup-go@v1
+      with:
+        go-version: ${{ env.GO_VERSION }}
+
+    - name: Install golint
+      run: go get -u golang.org/x/lint/golint
+
+    - name: Go validations
+      run: make validate
+
+    - name: Run e2e tests
+      run: make e2e-tests
+
+    - name: Upload coverage to Codecov
+      uses: codecov/codecov-action@v1
+
+
diff --git a/Makefile b/Makefile
@@ -132,3 +132,6 @@ atlantis-docker-push-latest:
 # push release tag terrascan_atlantis docker image
 atlantis-docker-push-latest-tag:
 	./scripts/atlantis/docker-push-latest-tag.sh
+
+e2e-vuln-tests: build
+	./scripts/run-e2e-vuln.sh
diff --git a/scripts/run-e2e-vuln.sh b/scripts/run-e2e-vuln.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+export TERRASCAN_BIN_PATH=${PWD}/bin/terrascan
+
+go test -p 1 -v ./test/e2e/scan/...
diff --git a/test/helper/helper.go b/test/helper/helper.go
@@ -20,7 +20,6 @@ import (
 	"bytes"
 	"encoding/json"
 	"encoding/xml"
-	"fmt"
 	"io"
 	"io/ioutil"
 	"os"
@@ -437,9 +436,6 @@ func CheckSummaryForVulnerabilities(session *gexec.Session, isStdOut bool) {
 		sessionBytes = session.Wait().Err.Contents()
 	}
 
-	output := session.Wait().Err.Contents()
-	fmt.Println("<><>", string(output))
-
 	sessionBytes = bytes.TrimSpace(sessionBytes)
 
 	var sessionEngineOutput policy.EngineOutput