Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ご意見ください]OWASP ZAP のアクティブスキャンとE2Eテストをまとめて実行する試み #482

Merged
merged 41 commits into from
Jan 19, 2022
Merged

[ご意見ください]OWASP ZAP のアクティブスキャンとE2Eテストをまとめて実行する試み #482

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
41 commits
Select commit Hold shift + click to select a range
81f2386
パッケージをアップデート, TypeScript 関連のパッケージを追加
nanasess Oct 1, 2021
9c0ad2f
ペネトレーションテストを含めたE2Eテスト追加
nanasess Oct 1, 2021
6d05992
Remove skip
nanasess Oct 5, 2021
f31d1c6
テストが止まらないようにするパッチ作成
nanasess Oct 15, 2021
88bf9c3
Merge pull request #491 from nanasess/owaspzap-settings
nanasess Oct 27, 2021
4390261
Remove skip
nanasess Oct 27, 2021
e6d5cfc
Check for exists class
nanasess Oct 27, 2021
79744e1
Add GitHub Actions
nanasess Oct 27, 2021
5072a7a
Fix tty
nanasess Oct 27, 2021
f38fde4
Add GitHub Actions
nanasess Oct 28, 2021
88aeeaa
Add GitHub Actions
nanasess Oct 28, 2021
e5ffe4e
Add repository to ec-cube2/cli
nanasess Nov 8, 2021
69d2400
Bump version to php5friends/phpunit48
nanasess Nov 8, 2021
7fc8c1d
Use ec-cube2/cli
nanasess Nov 8, 2021
8ab918b
Merge remote-tracking branch 'origin/e2e-testing-selenium' into e2e-t…
nanasess Nov 8, 2021
b2b0b54
Add GITHUB_TOKEN
nanasess Nov 8, 2021
228fab6
Fix composer commands
nanasess Nov 8, 2021
50ac551
nanasess/eccube2-fixture-generator を使用するよう修正
nanasess Nov 9, 2021
b2b092e
Fix GitHub Actions
nanasess Nov 9, 2021
cf25e79
Fix FixtureGenerator
nanasess Nov 10, 2021
b64ccd1
Merge remote-tracking branch 'origin/e2e-testing-selenium' into e2e-t…
nanasess Nov 11, 2021
4c4c133
Add nanasess/eccube2-fixture-generator
nanasess Nov 17, 2021
6cc432c
Merge branch 'e2e-testing-selenium-dev2' into e2e-testing-selenium
nanasess Nov 17, 2021
1b6fdc7
Merge remote-tracking branch 'upstream/master' into e2e-testing-selenium
nanasess Nov 17, 2021
10639b1
yarn コマンドを docker-compose で実行するよう修正
nanasess Dec 14, 2021
826d983
インストーラのE2Eテストを追加
nanasess Dec 15, 2021
8f73fdb
Selenium を Playwright に置き換え
nanasess Dec 23, 2021
86584b5
Selenium を Playwright に置き換え
nanasess Dec 23, 2021
ff21dc7
TOPページと商品一覧のテストを移植
nanasess Dec 27, 2021
17689e9
ZAP_PROXY_HOST を HTTP_PROXY に統一
nanasess Jan 5, 2022
f504b9f
Merge remote-tracking branch 'origin/e2e-testing-selenium' into e2e-t…
nanasess Jan 5, 2022
bd9c586
商品詳細のテストを追加
nanasess Jan 5, 2022
0ee6327
Fix matrix.group
nanasess Jan 5, 2022
e447cab
会員登録のテストを追加
nanasess Jan 7, 2022
5b7c9ee
管理画面ログインのテストを追加
nanasess Jan 11, 2022
35a70a9
おすすめ商品のテストを追加
nanasess Jan 11, 2022
4d391b5
プラグイン管理のテストを追加
nanasess Jan 12, 2022
09f450a
売上集計のテストを追加
nanasess Jan 12, 2022
b528cb4
Add .gitignore
nanasess Jan 13, 2022
e4ff04c
Deleted
nanasess Jan 13, 2022
f1c3216
Remove Codeception
nanasess Jan 13, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 10 additions & 8 deletions .babelrc
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,14 +1,16 @@
{
"presets": [
[
"env",
{
"targets": {
"ie": 11
},
// 必要な分だけのpolyfillを自動でインポート
"useBuiltIns": "usage"
}
"@babel/preset-env",
{
"targets": {
"node": "current",
"ie": 11
},
// 必要な分だけのpolyfillを自動でインポート
"useBuiltIns": "usage",
"corejs": 2
}
]
]
}
2 changes: 1 addition & 1 deletion .editorconfig
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ trim_trailing_whitespace = true
indent_style = space
indent_size = 4

[*.{yml,yaml,json,js}]
[*.{yml,yaml,json,js,ts}]
indent_style = space
indent_size = 2

Expand Down
17 changes: 15 additions & 2 deletions .eslintrc.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,19 @@
"plugins": [
"import"
],
"parser": "babel-eslint",
"extends": "jquery"
"parser": "@typescript-eslint/parser",
"extends": [
"plugin:@typescript-eslint/recommended",
"plugin:prettier/recommended",
"prettier/@typescript-eslint",
"jquery"
],
"rules": {
"prettier/prettier": [
"error",
{
"singleQuote": true
}
]
}
}
58 changes: 2 additions & 56 deletions .github/workflows/coverage.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,13 +70,7 @@ jobs:
php-version: ${{ matrix.php }}

- name: Install to Composer
run: |
composer install --no-interaction -o
composer require php5friends/codeception-phpunit48-wrapper ">=6.0.20" --dev
composer require captbaritone/mailcatcher-codeception-module "1.2.1" --dev
composer require codeception/codeception "*" --dev
composer remove php5friends/codeception-phpunit48-wrapper --dev
composer remove php5friends/phpunit48 --ignore-platform-reqs --dev
run: composer install --no-interaction -o

- name: Create ADMIN_DIR
run: |
Expand Down Expand Up @@ -110,59 +104,11 @@ jobs:
phpdbg -qrr data/vendor/bin/phpunit tests/class/SC_SessionFactoryTest.php --coverage-clover=coverage3.xml
mv data/config/config.php.bak data/config/config.php

- name: Install symfony/cli
continue-on-error: true
run: |
wget https://get.symfony.com/cli/installer -O - | bash
sudo mv ~/.symfony/bin/symfony /usr/local/bin/symfony
symfony local:php:list

- name: setup-chromedriver
uses: nanasess/setup-chromedriver@master
- name: Run chromedriver
run: |
export DISPLAY=:99
chromedriver --url-base=/wd/hub &
echo ">>> Started chrome-driver"
sudo Xvfb -ac :99 -screen 0 1280x1024x24 > /dev/null 2>&1 &
echo ">>> Started xvfb"
- name: Setup C3
run: |
wget https://raw.github.com/Codeception/c3/2.0/c3.php
sed -i 's,/vendor/autoload.php,/data/vendor/autoload.php,g' c3.php
echo "include __DIR__.'/../c3.php';" >> html/define.php
- name: Run to Codeception
continue-on-error: true
env:
DB: ${{ matrix.db }}
USER: ${{ matrix.dbuser }}
DBUSER: ${{ matrix.dbuser }}
DBPASS: ${{ matrix.dbpass }}
DBNAME: ${{ matrix.dbname }}
DBPORT: ${{ matrix.dbport }}
DBSERVER: 127.0.0.1
HTTP_URL: http://127.0.0.1:8085/
HTTPS_URL: http://127.0.0.1:8085/
XDEBUG_MODE: coverage
run: |
sudo phpenmod -s cli xdebug
sudo phpenmod -s fpm xdebug
mv html/admin html/${ADMIN_DIR}
php data/vendor/bin/codecept build
symfony serve -d --no-tls --port=8085 --document-root=html
php data/vendor/bin/codecept run --env chrome,http --skip-group installer --skip-group excludeCoverage --steps --coverage --coverage-xml
mv ./ctests/_output/acceptance\ \(chrome,\ http\).remote.coverage.xml ctests/_output/acceptance.remote.coverage.xml

- name: Upload coverage
uses: codecov/codecov-action@v1
with:
files: ./coverage1.xml,./coverage2.xml,./coverage3.xml,./ctests/_output/acceptance.remote.coverage.xml
files: ./coverage1.xml,./coverage2.xml,./coverage3.xml
# token: ${{ secrets.CODECOV_TOKEN }}
flags: tests
# yml: ./codecov.yml
fail_ci_if_error: true
- name: Upload evidence
uses: actions/upload-artifact@v2
with:
name: coverage-evidence
path: ctests/_output/
4 changes: 2 additions & 2 deletions .github/workflows/deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -123,15 +123,15 @@ jobs:
rm -rf $GITHUB_WORKSPACE/Procfile
rm -rf $GITHUB_WORKSPACE/build.xml
rm -rf $GITHUB_WORKSPACE/README.md
rm -rf $GITHUB_WORKSPACE/codeception.yml
rm -rf $GITHUB_WORKSPACE/php.ini
rm -rf $GITHUB_WORKSPACE/phpinicopy.sh
rm -rf $GITHUB_WORKSPACE/phpinidel.sh
rm -rf $GITHUB_WORKSPACE/*.phar
rm -rf $GITHUB_WORKSPACE/setup.sh
rm -rf $GITHUB_WORKSPACE/setup_heroku.php
rm -rf $GITHUB_WORKSPACE/svn_propset.sh
rm -rf $GITHUB_WORKSPACE/ctests
rm -rf $GITHUB_WORKSPACE/playwright*
rm -rf $GITHUB_WORKSPACE/e2e-tests
rm -rf $GITHUB_WORKSPACE/tests
rm -rf $GITHUB_WORKSPACE/templates
rm -rf $GITHUB_WORKSPACE/patches
Expand Down
172 changes: 172 additions & 0 deletions .github/workflows/e2e-tests.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,172 @@
name: E2E testing for EC-CUBE
on:
push:
branches:
- '*'
tags:
- '*'
paths:
- '**'
- '!*.md'
pull_request:
paths:
- '**'
- '!*.md'
jobs:
run-on-linux:
name: Run on Linux
runs-on: ubuntu-18.04
strategy:
fail-fast: false
matrix:
group:
- 'test/front_login'
- 'test/front_guest'
- 'test/admin'

steps:
- name: Checkout
uses: actions/checkout@v2

# - name: Create ADMIN_DIR
# run: |
# sudo apt-fast install -y sharutils
# echo "ADMIN_DIR=$(head -c 10 < /dev/random | uuencode -m - | tail -n 2 |head -n 1 | sed 's,[/+],_,g' | head -c10)/" >> $GITHUB_ENV
- name: Setup environment
run: echo "COMPOSE_FILE=docker-compose.yml:docker-compose.pgsql.yml:docker-compose.dev.yml:docker-compose.owaspzap.yml:docker-compose.owaspzap.daemon.yml" >> $GITHUB_ENV

- name: Setup to EC-CUBE
env:
HTTP_URL: https://127.0.0.1:8085/
HTTPS_URL: https://127.0.0.1:8085/
run: |
sudo chown -R 1001:1000 zap
sudo chmod -R g+w zap
docker-compose up -d
docker-compose exec -T ec-cube composer install
docker-compose exec -T ec-cube composer update 'symfony/*' --ignore-platform-req=php -W
docker-compose exec -T ec-cube php data/vendor/bin/eccube eccube:fixtures:generate --products=5 --customers=1 --orders=5
docker-compose exec -T postgres psql --user=eccube_db_user eccube_db -c "UPDATE dtb_customer SET email = 'zap_user@example.com' WHERE customer_id = (SELECT MAX(customer_id) FROM dtb_customer WHERE status = 2 AND del_flg = 0);"

- run: sleep 1
- run: |
yarn install
yarn run playwright install --with-deps chromium
yarn playwright install-deps chromium

- name: Run to E2E testing
env:
GROUP: ${{ matrix.group }}
HTTPS_PROXY: 'localhost:8090'
HTTP_PROXY: 'localhost:8090'
CI: 1
FORCE_COLOR: 1
run: yarn test:e2e e2e-tests/${GROUP}

- name: Upload evidence
if: failure()
uses: actions/upload-artifact@v2
with:
name: linux-php${{ matrix.tag }}-${{ matrix.db }}-evidence
path: 'test-results/'
- name: Upload logs
if: failure()
uses: actions/upload-artifact@v2
with:
name: linux-php${{ matrix.php }}-${{ matrix.db }}-logs
path: data/logs
installer:
name: Installer test
runs-on: ubuntu-18.04
strategy:
fail-fast: false
matrix:
db: [ 'pgsql', 'mysql' ]
tag:
- '5.6-apache'
- '7.1-apache'
- '7.2-apache'
- '7.3-apache'
- '7.4-apache'
include:
- db: mysql
dbport: '3306'
dbuser: 'eccube_db_user'
dbpass: 'password'
dbname: 'eccube_db'
dbhost: 'mysql'
- db: pgsql
dbport: '5432'
dbuser: 'eccube_db_user'
dbpass: 'password'
dbname: 'eccube_db'
dbhost: 'postgres'
steps:
- name: Checkout
uses: actions/checkout@v2

- name: Setup environment
env:
DB_TYPE: ${{ matrix.db }}
run: echo "COMPOSE_FILE=docker-compose.yml:docker-compose.${DB_TYPE}.yml:docker-compose.dev.yml:docker-compose.owaspzap.yml:docker-compose.owaspzap.daemon.yml" >> $GITHUB_ENV
- name: Setup to EC-CUBE
env:
HTTP_URL: https://127.0.0.1:8085/
HTTPS_URL: https://127.0.0.1:8085/
TAG: ${{ matrix.tag }}
run: |
sudo chown -R 1001:1000 zap
sudo chmod -R g+w zap
sh -c 'echo "<?php" >> data/config/config.php'
docker-compose build --build-arg TAG=${TAG} ec-cube
docker-compose up -d

- run: sleep 1
- run: |
yarn install
yarn run playwright install --with-deps chromium
yarn playwright install-deps chromium
- run: |
rm data/config/config.php
chmod -R o+w html
chmod o+w data
chmod -R o+w data/Smarty
chmod -R o+w data/cache
chmod -R o+w data/class
chmod -R o+w data/class_extends
chmod o+w data/config
chmod -R o+w data/download
chmod -R o+w data/downloads
chmod o+w data/fonts
chmod o+w data/include
chmod o+w data/logs
chmod -R o+w data/module
chmod o+w data/smarty_extends
chmod o+w data/upload
chmod o+w data/upload/csv

- name: Run to E2E testing
env:
HTTP_PROXY: 'localhost:8090'
HTTPS_PROXY: 'localhost:8090'
CI: 1
FORCE_COLOR: 1
DB_TYPE: ${{ matrix.db }}
DB_USER: ${{ matrix.dbuser }}
DB_PASSWORD: ${{ matrix.dbpass }}
DB_NAME: ${{ matrix.dbname }}
DB_PORT: ${{ matrix.dbport }}
DB_SERVER: ${{ matrix.dbhost }}
run: yarn test:e2e e2e-tests/test/installer/installer.test.ts
- name: Upload logs
if: failure()
uses: actions/upload-artifact@v2
with:
name: linux-php${{ matrix.tag }}-${{ matrix.db }}-logs
path: html/install/temp/install.log*
- name: Upload evidence
if: failure()
uses: actions/upload-artifact@v2
with:
name: linux-php${{ matrix.tag }}-${{ matrix.db }}-evidence
path: 'test-results/'
Loading