Skip to content

Commit

Permalink
Add CycloneDX support
Browse files Browse the repository at this point in the history
  • Loading branch information
@aried3r
aried3r committed Aug 26, 2024
1 parent 8f3e0e6 commit a04cf99
Show file tree
Hide file tree
Showing 7 changed files with 57 additions and 19 deletions.
47 changes: 30 additions & 17 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,18 @@ Also refer to the [documentation on workflow YAML syntax](https://help.github.co
Read [this documentation](https://docs.ketryx.com/manuals/man-06-test-management#id-3.4.-associating-automated-tests-with-configuration-items) for details on how to associate Cucumber and JUnit reports with Ketryx configuration items.
### Upload CycloneDX JSON files
```yaml
- name: Report build to Ketryx
uses: Ketryx/ketryx-github-action
with:
project: ${{ secrets.KETRYX_PROJECT }}
api-key: ${{ secrets.KETRYX_API_KEY }}
cyclonedx-json-path: |
build/**/*.cdx.json
```
### Upload SPDX JSON files
```yaml
Expand Down Expand Up @@ -85,23 +97,24 @@ Sensitive information, especially `api-key`, should be [set as encrypted secrets

By default, a build will be associated with all project versions whose _release ref pattern_ (as configured in the Ketryx project settings) matches the current commit (based on the environment variable `GITHUB_SHA` provided by GitHub); e.g., for the default release ref pattern of `refs/tags/v#`, if you have a tag `refs/tags/v1.0` and a version named "1.0", that tag is associated with the version, and hence builds executed on that tag are associated with the version as well. For more granular control, either `version` or `commit-sha` can be set.

| Parameter | Description | Required | Example |
|-----------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------|----------|--------------------------------------------|
| `project` | Ketryx project ID | **Yes** | `KXPRJ49GQYFQ5RR9KRTPWTRTC39YZ9W` |
| `api-key` | Ketryx API key | **Yes** | `KXTK_...` |
| `ketryx-url` | Ketryx server URL (if not set, will default to `https://app.ketryx.com`) | No | `https://app.ketryx.com` |
| `version` | Ketryx version name or ID (if not set, the build will be associated with a version based on the commit SHA) | No | `KXVSN352CZED7078FC8DN23YYZVM59D` |
| `commit-sha` | Commit SHA (if not set, will use the environment variable `GITHUB_SHA` provided by GitHub Actions) | No | `ad4db8ac1e70bd41aa8bcee6f00a3a1e36bb0e01` |
| `build-name` | Build name to disambiguate several parallel builds | No | `ci-integration-tests` |
| `log` | Log output to store with the build | No | |
| `artifact-path` | Paths (newline-separated [glob](https://github.com/isaacs/node-glob#glob-primer) patterns) of build artifact files | No | `build/out-*.*` |
| `tests` | YAML list of individual test results. Each test result must contain the keys `testedItem` and `result` | No | <pre><code class="language-yaml">- testedItem: SAMD-45&#10; result: pass&#10; title: My automated test&#10; log: Log output from executing this test&#10; artifactPaths:&#10; - build/**/*.log&#10;</code></pre> |
| `test-cucumber-path` | Paths (newline-separated glob patterns) of Cucumber JSON files containing test results | No | `test-results/report.json` |
| `test-junit-path` | Paths (newline-separated glob patterns) of JUnit XML files containing test results | No | `test-results/junit.xml` |
| `spdx-json-path` | Paths (newline-separated glob patterns) of SPDX JSON files | No | `build/**/*.spdx.json` |
| `check-dependencies-status` | Checks the status of dependencies, and fails the build if not all dependencies in the current commit are accepted and controlled | No | `true` |
| `check-item-association` | Checks that the pull request is associated with an item in its title or description | No | `true` |
| `check-release-status` | Checks the status of the given version or the version(s) corresponding to the current commit, and fails the build if the versions are not all released | No | `true` |
| Parameter | Description | Required | Example |
| --------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ | -------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `project` | Ketryx project ID | **Yes** | `KXPRJ49GQYFQ5RR9KRTPWTRTC39YZ9W` |
| `api-key` | Ketryx API key | **Yes** | `KXTK_...` |
| `ketryx-url` | Ketryx server URL (if not set, will default to `https://app.ketryx.com`) | No | `https://app.ketryx.com` |
| `version` | Ketryx version name or ID (if not set, the build will be associated with a version based on the commit SHA) | No | `KXVSN352CZED7078FC8DN23YYZVM59D` |
| `commit-sha` | Commit SHA (if not set, will use the environment variable `GITHUB_SHA` provided by GitHub Actions) | No | `ad4db8ac1e70bd41aa8bcee6f00a3a1e36bb0e01` |
| `build-name` | Build name to disambiguate several parallel builds | No | `ci-integration-tests` |
| `log` | Log output to store with the build | No | |
| `artifact-path` | Paths (newline-separated [glob](https://github.com/isaacs/node-glob#glob-primer) patterns) of build artifact files | No | `build/out-*.*` |
| `tests` | YAML list of individual test results. Each test result must contain the keys `testedItem` and `result` | No | <pre><code class="language-yaml">- testedItem: SAMD-45&#10; result: pass&#10; title: My automated test&#10; log: Log output from executing this test&#10; artifactPaths:&#10; - build/\*_/_.log&#10;</code></pre> |
| `test-cucumber-path` | Paths (newline-separated glob patterns) of Cucumber JSON files containing test results | No | `test-results/report.json` |
| `test-junit-path` | Paths (newline-separated glob patterns) of JUnit XML files containing test results | No | `test-results/junit.xml` |
| `cyclonedx-json-path` | Paths (newline-separated glob patterns) of CycloneDX JSON files | No | `build/**/*.cdx.json` |
| `spdx-json-path` | Paths (newline-separated glob patterns) of SPDX JSON files | No | `build/**/*.spdx.json` |
| `check-dependencies-status` | Checks the status of dependencies, and fails the build if not all dependencies in the current commit are accepted and controlled | No | `true` |
| `check-item-association` | Checks that the pull request is associated with an item in its title or description | No | `true` |
| `check-release-status` | Checks the status of the given version or the version(s) corresponding to the current commit, and fails the build if the versions are not all released | No | `true` |

## Development

Expand Down
3 changes: 3 additions & 0 deletions action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,9 @@ inputs:
log: <Log text to store with the test (optional)>
artifactPaths: <List glob patterns for artifact paths>
```
cyclonedx-json-path:
required: false
description: 'Paths (newline-separated glob patterns) of CycloneDX JSON files'
spdx-json-path:
required: false
description: 'Paths (newline-separated glob patterns) of SPDX JSON files'
Expand Down
8 changes: 8 additions & 0 deletions dist/index.js
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion dist/index.js.map
View file

Large diffs are not rendered by default.

3 changes: 3 additions & 0 deletions src/input.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ export type ActionInput = {
testCucumberPath: string[];
testJunitPath: string[];
tests: TestInput[];
cycloneDxJsonPath: string[];
spdxJsonPath: string[];
checkDependenciesStatus: boolean;
checkChangeRequestItemAssociation: boolean;
Expand Down Expand Up @@ -62,6 +63,7 @@ export function readActionInput(): ActionInput {
const artifactPath = core.getMultilineInput('artifact-path');
const testCucumberPath = core.getMultilineInput('test-cucumber-path');
const testJunitPath = core.getMultilineInput('test-junit-path');
const cycloneDxJsonPath = core.getMultilineInput('cyclonedx-json-path');
const spdxJsonPath = core.getMultilineInput('spdx-json-path');

let tests: TestInput[] = [];
Expand Down Expand Up @@ -100,6 +102,7 @@ export function readActionInput(): ActionInput {
testCucumberPath,
testJunitPath,
tests,
cycloneDxJsonPath,
spdxJsonPath,
buildName,
checkDependenciesStatus,
Expand Down
6 changes: 6 additions & 0 deletions src/main.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,12 @@ async function run(): Promise<void> {
artifacts.push({ id: fileId, type: 'junit-xml' });
}
}
for (const pattern of input.cycloneDxJsonPath) {
for (const filePath of await glob(pattern)) {
const fileId = await performUpload(filePath, 'application/json');
artifacts.push({ id: fileId, type: 'cyclonedx-json' });
}
}
for (const pattern of input.spdxJsonPath) {
for (const filePath of await glob(pattern)) {
const fileId = await performUpload(filePath, 'application/json');
Expand Down
7 changes: 6 additions & 1 deletion src/upload.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,12 @@ import { hasProperty } from './util';

export type ArtifactData = {
id: string;
type: 'artifact' | 'cucumber-json' | 'junit-xml' | 'spdx-json';
type:
| 'artifact'
| 'cucumber-json'
| 'cyclonedx-json'
| 'junit-xml'
| 'spdx-json';
};

export type TestArtifactData = {
Expand Down

0 comments on commit a04cf99

Please sign in to comment.