This repository has been archived by the owner on Jan 8, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
141 lines (139 loc) · 7.21 KB
/
repotests.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
name: Repo tests
on:
schedule:
- cron: "0 */18 * * *"
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
if: "! contains(github.event.head_commit.message, '[ci skip]')"
strategy:
matrix:
node-version: [18.x]
os: [ubuntu-latest, macos-latest, windows-latest]
python-version: ['3.11']
steps:
- uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
- uses: actions/setup-java@v3
with:
distribution: 'zulu'
java-version: '19'
- uses: actions/setup-go@v4
with:
go-version: '^1.19.7'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install poetry
poetry install --no-cache
poetry run flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
poetry run flake8 . --count --exit-zero --statistics
- uses: actions/checkout@v3
with:
repository: 'ShiftLeftSecurity/shiftleft-java-example'
path: 'repotests/shiftleft-java-example'
- uses: actions/checkout@v3
with:
repository: 'ShiftLeftSecurity/shiftleft-ts-example'
path: 'repotests/shiftleft-ts-example'
- uses: actions/checkout@v3
with:
repository: 'HooliCorp/DjanGoat'
path: 'repotests/DjanGoat'
- uses: actions/checkout@v3
with:
repository: 'prabhu/Vulnerable-Web-Application'
path: 'repotests/Vulnerable-Web-Application'
- uses: actions/checkout@v3
with:
repository: 'GoogleCloudPlatform/microservices-demo'
path: 'repotests/microservices-demo'
- uses: actions/checkout@v3
with:
repository: 'juice-shop/juicy-malware'
path: 'repotests/juicy-malware'
- name: repotests2
run: |
mkdir /tmp/all_cpgs
docker build -t ghcr.io/appthreat/atomgen -f ci/Dockerfile-atom .
docker build -t ghcr.io/appthreat/cpggen .
docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cpggen cpggen -i /app/repotests/shiftleft-java-example -o /tmp/all_cpgs/shiftleft-java-example/shiftleft-java-example-java.cpg.bin
# docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cpggen joern -J-Xmx7G --script /app/contrib/joern_scripts/cpg-methods.sc --param payload=/tmp/all_cpgs/shiftleft-java-example/shiftleft-java-example-java.cpg.bin --param resultFile=/tmp/all_cpgs/shiftleft-java-example/java-cpg-methods.json
# if [ -e "/tmp/all_cpgs/shiftleft-java-example/java-cpg-methods.json" ]; then
# echo "Java cpg test was successful"
# else
# echo "Java cpg test was not successful"
# exit 1
# fi
docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/atomgen -i /app/repotests/shiftleft-java-example -o /tmp/all_cpgs/shiftleft-java-example/shiftleft-java-example-java.cpg.bin
# docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cpggen joern -J-Xmx7G --script /app/contrib/joern_scripts/cpg-methods.sc --param payload=/tmp/all_cpgs/shiftleft-java-example/shiftleft-java-example-java.cpg.bin --param resultFile=/tmp/all_cpgs/shiftleft-java-example/java-cpg-methods.json
# if [ -e "/tmp/all_cpgs/shiftleft-java-example/java-cpg-methods.json" ]; then
# echo "Java atom test was successful"
# else
# echo "Java atom test was not successful"
# exit 1
# fi
poetry run cpggen -i $GITHUB_WORKSPACE/repotests/shiftleft-java-example -l java --use-container
if [ -e "$GITHUB_WORKSPACE/repotests/shiftleft-java-example/cpg_out/shiftleft-java-example-java.cpg.bin" ]; then
echo "Java direct test was successful"
else
echo "Java direct test was not successful"
exit 1
fi
docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cpggen cpggen -i /app/repotests/shiftleft-ts-example -o /tmp/all_cpgs/shiftleft-ts-example/shiftleft-ts-example-js.cpg.bin
if [ -e "/tmp/all_cpgs/shiftleft-ts-example/shiftleft-ts-example-js.cpg.bin" ]; then
echo "JS direct test was successful"
else
echo "JS direct test was not successful"
exit 1
fi
docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/atomgen -i /app/repotests/shiftleft-ts-example -o /tmp/all_cpgs/shiftleft-ts-example/shiftleft-ts-example-ts.⚛
if [ -e "/tmp/all_cpgs/shiftleft-ts-example/shiftleft-ts-example-ts.⚛" ]; then
echo "JS direct test was successful"
else
echo "JS direct test was not successful"
exit 1
fi
poetry run cpggen -i $GITHUB_WORKSPACE/repotests/shiftleft-ts-example -l ts --use-container
if [ -e "$GITHUB_WORKSPACE/repotests/shiftleft-ts-example/cpg_out/shiftleft-ts-example-ts.cpg.bin" ]; then
echo "TS direct test was successful"
else
echo "TS direct test was not successful"
exit 1
fi
docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -e AT_DEBUG_MODE -t ghcr.io/appthreat/cpggen cpggen -i /app/repotests/DjanGoat -o /tmp/all_cpgs/DjanGoat/DjanGoat-python.cpg.bin -l python
if [ -e "/tmp/all_cpgs/DjanGoat/DjanGoat-python.cpg.bin" ]; then
echo "python cpg test was successful"
else
echo "python cpg test was not successful"
exit 1
fi
docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/atomgen -i /app/repotests/DjanGoat -o /tmp/all_cpgs/DjanGoat/DjanGoat-python.cpg.bin -l python
if [ -e "/tmp/all_cpgs/DjanGoat/DjanGoat-python.cpg.bin" ]; then
echo "python cpg test was successful"
else
echo "python cpg test was not successful"
exit 1
fi
docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cpggen cpggen -i /app/repotests/microservices-demo -o /tmp/all_cpgs/microservices-demo
docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cpggen cpggen -i /app/repotests/juicy-malware/juicy_malware_linux_amd_64 -o /tmp/all_cpgs/juicy-malware/juicy_malware_linux_amd_64-binary.⚛
if [ -e "/tmp/all_cpgs/juicy-malware/juicy_malware_linux_amd_64-binary.⚛" ]; then
echo "Binary cpg test was successful"
else
echo "Binary cpg test was not successful"
exit 1
fi
# docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cpggen joern -J-Xmx7G --script /app/contrib/joern_scripts/cpg-methods.sc --param payload=/tmp/all_cpgs/juicy-malware/juicy_malware_linux_amd_64-binary.⚛ --param resultFile=/tmp/all_cpgs/juicy-malware/binary-cpg-methods.json
# if [ -e "/tmp/all_cpgs/juicy-malware/binary-cpg-methods.json" ]; then
# echo "Binary cpg test was successful"
# else
# echo "Binary cpg test was not successful"
# exit 1
# fi
ls -ltr /tmp/all_cpgs
env:
AT_DEBUG_MODE: debug