Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add CycloneDX support #12

Merged
merged 3 commits into from
Aug 27, 2024
Merged

Add CycloneDX support #12

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
a04cf99
Add CycloneDX support
aried3r Aug 26, 2024
31fd5f2
Revert changes caused by formatter
aried3r Aug 26, 2024
76e36b9
Regenerate `dist`
aried3r Aug 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
45 changes: 29 additions & 16 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,18 @@ Also refer to the [documentation on workflow YAML syntax](https://help.github.co

Read [this documentation](https://docs.ketryx.com/manuals/man-06-test-management#id-3.4.-associating-automated-tests-with-configuration-items) for details on how to associate Cucumber and JUnit reports with Ketryx configuration items.

### Upload CycloneDX JSON files

```yaml
- name: Report build to Ketryx
uses: Ketryx/ketryx-github-action
with:
project: ${{ secrets.KETRYX_PROJECT }}
api-key: ${{ secrets.KETRYX_API_KEY }}
cyclonedx-json-path: |
build/**/*.cdx.json
```

### Upload SPDX JSON files

```yaml
Expand Down Expand Up @@ -85,23 +97,24 @@ Sensitive information, especially `api-key`, should be [set as encrypted secrets

By default, a build will be associated with all project versions whose _release ref pattern_ (as configured in the Ketryx project settings) matches the current commit (based on the environment variable `GITHUB_SHA` provided by GitHub); e.g., for the default release ref pattern of `refs/tags/v#`, if you have a tag `refs/tags/v1.0` and a version named "1.0", that tag is associated with the version, and hence builds executed on that tag are associated with the version as well. For more granular control, either `version` or `commit-sha` can be set.

| Parameter | Description | Required | Example |
|-----------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------|----------|--------------------------------------------|
| `project` | Ketryx project ID | **Yes** | `KXPRJ49GQYFQ5RR9KRTPWTRTC39YZ9W` |
| `api-key` | Ketryx API key | **Yes** | `KXTK_...` |
| `ketryx-url` | Ketryx server URL (if not set, will default to `https://app.ketryx.com`) | No | `https://app.ketryx.com` |
| `version` | Ketryx version name or ID (if not set, the build will be associated with a version based on the commit SHA) | No | `KXVSN352CZED7078FC8DN23YYZVM59D` |
| `commit-sha` | Commit SHA (if not set, will use the environment variable `GITHUB_SHA` provided by GitHub Actions) | No | `ad4db8ac1e70bd41aa8bcee6f00a3a1e36bb0e01` |
| `build-name` | Build name to disambiguate several parallel builds | No | `ci-integration-tests` |
| `log` | Log output to store with the build | No | |
| `artifact-path` | Paths (newline-separated [glob](https://github.com/isaacs/node-glob#glob-primer) patterns) of build artifact files | No | `build/out-*.*` |
| Parameter | Description | Required | Example |
| --------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ | -------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `project` | Ketryx project ID | **Yes** | `KXPRJ49GQYFQ5RR9KRTPWTRTC39YZ9W` |
| `api-key` | Ketryx API key | **Yes** | `KXTK_...` |
| `ketryx-url` | Ketryx server URL (if not set, will default to `https://app.ketryx.com`) | No | `https://app.ketryx.com` |
| `version` | Ketryx version name or ID (if not set, the build will be associated with a version based on the commit SHA) | No | `KXVSN352CZED7078FC8DN23YYZVM59D` |
| `commit-sha` | Commit SHA (if not set, will use the environment variable `GITHUB_SHA` provided by GitHub Actions) | No | `ad4db8ac1e70bd41aa8bcee6f00a3a1e36bb0e01` |
| `build-name` | Build name to disambiguate several parallel builds | No | `ci-integration-tests` |
| `log` | Log output to store with the build | No | |
| `artifact-path` | Paths (newline-separated [glob](https://github.com/isaacs/node-glob#glob-primer) patterns) of build artifact files | No | `build/out-*.*` |
| `tests` | YAML list of individual test results. Each test result must contain the keys `testedItem` and `result` | No | <pre><code class="language-yaml">- testedItem: SAMD-45&#10; result: pass&#10; title: My automated test&#10; log: Log output from executing this test&#10; artifactPaths:&#10; - build/**/*.log&#10;</code></pre> |
| `test-cucumber-path` | Paths (newline-separated glob patterns) of Cucumber JSON files containing test results | No | `test-results/report.json` |
| `test-junit-path` | Paths (newline-separated glob patterns) of JUnit XML files containing test results | No | `test-results/junit.xml` |
| `spdx-json-path` | Paths (newline-separated glob patterns) of SPDX JSON files | No | `build/**/*.spdx.json` |
| `check-dependencies-status` | Checks the status of dependencies, and fails the build if not all dependencies in the current commit are accepted and controlled | No | `true` |
| `check-item-association` | Checks that the pull request is associated with an item in its title or description | No | `true` |
| `check-release-status` | Checks the status of the given version or the version(s) corresponding to the current commit, and fails the build if the versions are not all released | No | `true` |
| `test-cucumber-path` | Paths (newline-separated glob patterns) of Cucumber JSON files containing test results | No | `test-results/report.json` |
| `test-junit-path` | Paths (newline-separated glob patterns) of JUnit XML files containing test results | No | `test-results/junit.xml` |
| `cyclonedx-json-path` | Paths (newline-separated glob patterns) of CycloneDX JSON files | No | `build/**/*.cdx.json` |
| `spdx-json-path` | Paths (newline-separated glob patterns) of SPDX JSON files | No | `build/**/*.spdx.json` |
| `check-dependencies-status` | Checks the status of dependencies, and fails the build if not all dependencies in the current commit are accepted and controlled | No | `true` |
| `check-item-association` | Checks that the pull request is associated with an item in its title or description | No | `true` |
| `check-release-status` | Checks the status of the given version or the version(s) corresponding to the current commit, and fails the build if the versions are not all released | No | `true` |

## Development

Expand Down
3 changes: 3 additions & 0 deletions action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,9 @@ inputs:
log: <Log text to store with the test (optional)>
artifactPaths: <List glob patterns for artifact paths>
```
cyclonedx-json-path:
required: false
description: 'Paths (newline-separated glob patterns) of CycloneDX JSON files'
spdx-json-path:
required: false
description: 'Paths (newline-separated glob patterns) of SPDX JSON files'
Expand Down
8 changes: 8 additions & 0 deletions dist/index.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion dist/index.js.map
View file
Open in desktop

Large diffs are not rendered by default.

3 changes: 3 additions & 0 deletions src/input.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ export type ActionInput = {
testCucumberPath: string[];
testJunitPath: string[];
tests: TestInput[];
cycloneDxJsonPath: string[];
spdxJsonPath: string[];
checkDependenciesStatus: boolean;
checkChangeRequestItemAssociation: boolean;
Expand Down Expand Up @@ -62,6 +63,7 @@ export function readActionInput(): ActionInput {
const artifactPath = core.getMultilineInput('artifact-path');
const testCucumberPath = core.getMultilineInput('test-cucumber-path');
const testJunitPath = core.getMultilineInput('test-junit-path');
const cycloneDxJsonPath = core.getMultilineInput('cyclonedx-json-path');
const spdxJsonPath = core.getMultilineInput('spdx-json-path');

let tests: TestInput[] = [];
Expand Down Expand Up @@ -100,6 +102,7 @@ export function readActionInput(): ActionInput {
testCucumberPath,
testJunitPath,
tests,
cycloneDxJsonPath,
spdxJsonPath,
buildName,
checkDependenciesStatus,
Expand Down
6 changes: 6 additions & 0 deletions src/main.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,12 @@ async function run(): Promise<void> {
artifacts.push({ id: fileId, type: 'junit-xml' });
}
}
for (const pattern of input.cycloneDxJsonPath) {
for (const filePath of await glob(pattern)) {
const fileId = await performUpload(filePath, 'application/json');
artifacts.push({ id: fileId, type: 'cyclonedx-json' });
}
}
for (const pattern of input.spdxJsonPath) {
for (const filePath of await glob(pattern)) {
const fileId = await performUpload(filePath, 'application/json');
Expand Down
7 changes: 6 additions & 1 deletion src/upload.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,12 @@ import { hasProperty } from './util';

export type ArtifactData = {
id: string;
type: 'artifact' | 'cucumber-json' | 'junit-xml' | 'spdx-json';
type:
| 'artifact'
| 'cucumber-json'
| 'cyclonedx-json'
| 'junit-xml'
| 'spdx-json';
};

export type TestArtifactData = {
Expand Down