This repository has been archived by the owner on Jan 8, 2024. It is now read-only.
Repo tests #459
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Repo tests | |
| on: | |
| schedule: | |
| - cron: "0 */18 * * *" | |
| workflow_dispatch: | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| if: "! contains(github.event.head_commit.message, '[ci skip]')" | |
| strategy: | |
| matrix: | |
| node-version: [18.x] | |
| os: [ubuntu-latest, macos-latest, windows-latest] | |
| python-version: ['3.11'] | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'zulu' | |
| java-version: '19' | |
| - uses: actions/setup-go@v4 | |
| with: | |
| go-version: '^1.19.7' | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install poetry | |
| poetry install --no-cache | |
| poetry run flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics | |
| poetry run flake8 . --count --exit-zero --statistics | |
| - uses: actions/checkout@v3 | |
| with: | |
| repository: 'ShiftLeftSecurity/shiftleft-java-example' | |
| path: 'repotests/shiftleft-java-example' | |
| - uses: actions/checkout@v3 | |
| with: | |
| repository: 'ShiftLeftSecurity/shiftleft-ts-example' | |
| path: 'repotests/shiftleft-ts-example' | |
| - uses: actions/checkout@v3 | |
| with: | |
| repository: 'HooliCorp/DjanGoat' | |
| path: 'repotests/DjanGoat' | |
| - uses: actions/checkout@v3 | |
| with: | |
| repository: 'prabhu/Vulnerable-Web-Application' | |
| path: 'repotests/Vulnerable-Web-Application' | |
| - uses: actions/checkout@v3 | |
| with: | |
| repository: 'GoogleCloudPlatform/microservices-demo' | |
| path: 'repotests/microservices-demo' | |
| - uses: actions/checkout@v3 | |
| with: | |
| repository: 'juice-shop/juicy-malware' | |
| path: 'repotests/juicy-malware' | |
| - name: repotests2 | |
| run: | | |
| mkdir /tmp/all_cpgs | |
| docker build -t ghcr.io/appthreat/atomgen -f ci/Dockerfile-atom . | |
| docker build -t ghcr.io/appthreat/cpggen . | |
| docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cpggen cpggen -i /app/repotests/shiftleft-java-example -o /tmp/all_cpgs/shiftleft-java-example/shiftleft-java-example-java.cpg.bin | |
| # docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cpggen joern -J-Xmx7G --script /app/contrib/joern_scripts/cpg-methods.sc --param payload=/tmp/all_cpgs/shiftleft-java-example/shiftleft-java-example-java.cpg.bin --param resultFile=/tmp/all_cpgs/shiftleft-java-example/java-cpg-methods.json | |
| # if [ -e "/tmp/all_cpgs/shiftleft-java-example/java-cpg-methods.json" ]; then | |
| # echo "Java cpg test was successful" | |
| # else | |
| # echo "Java cpg test was not successful" | |
| # exit 1 | |
| # fi | |
| docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/atomgen -i /app/repotests/shiftleft-java-example -o /tmp/all_cpgs/shiftleft-java-example/shiftleft-java-example-java.cpg.bin | |
| # docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cpggen joern -J-Xmx7G --script /app/contrib/joern_scripts/cpg-methods.sc --param payload=/tmp/all_cpgs/shiftleft-java-example/shiftleft-java-example-java.cpg.bin --param resultFile=/tmp/all_cpgs/shiftleft-java-example/java-cpg-methods.json | |
| # if [ -e "/tmp/all_cpgs/shiftleft-java-example/java-cpg-methods.json" ]; then | |
| # echo "Java atom test was successful" | |
| # else | |
| # echo "Java atom test was not successful" | |
| # exit 1 | |
| # fi | |
| poetry run cpggen -i $GITHUB_WORKSPACE/repotests/shiftleft-java-example -l java --use-container | |
| if [ -e "$GITHUB_WORKSPACE/repotests/shiftleft-java-example/cpg_out/shiftleft-java-example-java.cpg.bin" ]; then | |
| echo "Java direct test was successful" | |
| else | |
| echo "Java direct test was not successful" | |
| exit 1 | |
| fi | |
| docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cpggen cpggen -i /app/repotests/shiftleft-ts-example -o /tmp/all_cpgs/shiftleft-ts-example/shiftleft-ts-example-js.cpg.bin | |
| if [ -e "/tmp/all_cpgs/shiftleft-ts-example/shiftleft-ts-example-js.cpg.bin" ]; then | |
| echo "JS direct test was successful" | |
| else | |
| echo "JS direct test was not successful" | |
| exit 1 | |
| fi | |
| docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/atomgen -i /app/repotests/shiftleft-ts-example -o /tmp/all_cpgs/shiftleft-ts-example/shiftleft-ts-example-ts.⚛ | |
| if [ -e "/tmp/all_cpgs/shiftleft-ts-example/shiftleft-ts-example-ts.⚛" ]; then | |
| echo "JS direct test was successful" | |
| else | |
| echo "JS direct test was not successful" | |
| exit 1 | |
| fi | |
| poetry run cpggen -i $GITHUB_WORKSPACE/repotests/shiftleft-ts-example -l ts --use-container | |
| if [ -e "$GITHUB_WORKSPACE/repotests/shiftleft-ts-example/cpg_out/shiftleft-ts-example-ts.cpg.bin" ]; then | |
| echo "TS direct test was successful" | |
| else | |
| echo "TS direct test was not successful" | |
| exit 1 | |
| fi | |
| docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -e AT_DEBUG_MODE -t ghcr.io/appthreat/cpggen cpggen -i /app/repotests/DjanGoat -o /tmp/all_cpgs/DjanGoat/DjanGoat-python.cpg.bin -l python | |
| if [ -e "/tmp/all_cpgs/DjanGoat/DjanGoat-python.cpg.bin" ]; then | |
| echo "python cpg test was successful" | |
| else | |
| echo "python cpg test was not successful" | |
| exit 1 | |
| fi | |
| docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/atomgen -i /app/repotests/DjanGoat -o /tmp/all_cpgs/DjanGoat/DjanGoat-python.cpg.bin -l python | |
| if [ -e "/tmp/all_cpgs/DjanGoat/DjanGoat-python.cpg.bin" ]; then | |
| echo "python cpg test was successful" | |
| else | |
| echo "python cpg test was not successful" | |
| exit 1 | |
| fi | |
| docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cpggen cpggen -i /app/repotests/microservices-demo -o /tmp/all_cpgs/microservices-demo | |
| docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cpggen cpggen -i /app/repotests/juicy-malware/juicy_malware_linux_amd_64 -o /tmp/all_cpgs/juicy-malware/juicy_malware_linux_amd_64-binary.⚛ | |
| if [ -e "/tmp/all_cpgs/juicy-malware/juicy_malware_linux_amd_64-binary.⚛" ]; then | |
| echo "Binary cpg test was successful" | |
| else | |
| echo "Binary cpg test was not successful" | |
| exit 1 | |
| fi | |
| # docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cpggen joern -J-Xmx7G --script /app/contrib/joern_scripts/cpg-methods.sc --param payload=/tmp/all_cpgs/juicy-malware/juicy_malware_linux_amd_64-binary.⚛ --param resultFile=/tmp/all_cpgs/juicy-malware/binary-cpg-methods.json | |
| # if [ -e "/tmp/all_cpgs/juicy-malware/binary-cpg-methods.json" ]; then | |
| # echo "Binary cpg test was successful" | |
| # else | |
| # echo "Binary cpg test was not successful" | |
| # exit 1 | |
| # fi | |
| ls -ltr /tmp/all_cpgs | |
| env: | |
| AT_DEBUG_MODE: debug |