Bump actions/setup-node from 2 to 4 #18
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: PR Test | |
| on: pull_request | |
| jobs: | |
| cfn-lint: | |
| runs-on: [self-hosted, public, linux, x64] | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - uses: actions/setup-python@v2 | |
| with: | |
| python-version: 3.7 | |
| - name: Install cfn-lint | |
| run: | | |
| pip install cfn-lint==0.51.0 | |
| - name: Lint Cloudformation templates | |
| run: | | |
| cfn-lint tests/cloudformation/checks/resource/aws/**/* -i W | |
| unit-tests: | |
| strategy: | |
| fail-fast: true | |
| matrix: | |
| python: [3.7, 3.8, 3.9] | |
| runs-on: [self-hosted, public, linux, x64] | |
| steps: | |
| - uses: actions/checkout@v1 | |
| - name: Set up Python ${{ matrix.python }} | |
| uses: actions/setup-python@v2 | |
| with: | |
| python-version: ${{ matrix.python }} | |
| - uses: dschep/install-pipenv-action@v1 | |
| - name: Install dependencies | |
| run: | | |
| pipenv --python ${{ matrix.python }} | |
| pipenv install --dev | |
| - name: Unit tests | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| pipenv run python -m coverage run -m pytest tests | |
| pipenv run python -m coverage report | |
| pipenv run python -m coverage html | |
| integration-tests: | |
| strategy: | |
| fail-fast: true | |
| matrix: | |
| python: [3.7, 3.8, 3.9] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - uses: actions/setup-python@v2 | |
| with: | |
| python-version: ${{ matrix.python }} | |
| - uses: actions/setup-node@v4 | |
| - uses: azure/setup-helm@v1 | |
| - uses: dschep/install-pipenv-action@v1 | |
| - name: Build & install checkov package | |
| run: | | |
| pipenv --python ${{ matrix.python }} | |
| pipenv run pip install --upgrade pip==21.1.1 | |
| pipenv run pip install pytest | |
| pipenv run python setup.py sdist bdist_wheel | |
| pipenv run pip install dist/checkov-*.whl | |
| - name: Clone Terragoat - vulnerable terraform | |
| run: git clone https://github.com/bridgecrewio/terragoat | |
| - name: Clone Cfngoat - vulnerable cloudformation | |
| run: git clone https://github.com/bridgecrewio/cfngoat | |
| - name: Clone Kubernetes-goat - vulnerable kubernetes | |
| run: git clone https://github.com/madhuakula/kubernetes-goat | |
| - name: Create checkov reports | |
| env: | |
| LOG_LEVEL: INFO | |
| BC_KEY: ${{ secrets.BC_API_KEY }} | |
| run: | | |
| sleep $((RANDOM % 11)) | |
| ./integration_tests/prepare_data.sh 3.8 # Just making sure the API key tests don't run on PRs | |
| - name: Run integration tests | |
| run: | | |
| pipenv run pytest integration_tests -k 'not api_key' |