This repository has been archived by the owner on Aug 27, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 6
98 lines (79 loc) · 3.37 KB
/
srp.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
---
# Copyright © 2022-present, Meta Platforms, Inc. and affiliates
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
name: Security Regression Pipeline
on:
pull_request:
push:
branches: [main]
# Run once a week (see https://crontab.guru)
schedule:
- cron: "0 0 * * 0"
# Required to create a reusable workflow
workflow_call:
jobs:
tests:
name: Run security regression tests
runs-on: ubuntu-latest
steps:
- name: Set up git repository
uses: actions/checkout@v3
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: "1.20"
- name: Install chrome
uses: browser-actions/setup-chrome@latest
- name: Compile binary
run: go build
- name: Set git config
run: |
git config --global user.name "Github Actions"
git config --global user.email [email protected]
- name: Clone CALDERA repo
run: |
pushd ..
git clone https://github.com/mitre/caldera.git --recursive caldera-latest
popd
- name: Create test environment with the most recent caldera release
run: ./caldera-security-tests testEnv -r
- name: Wait until container is running
run: |
while [[ -z "$(curl --silent localhost:8888 | grep 'login.js')" ]]; do
pushd ../caldera-latest && docker compose down && docker compose up -d; popd
sleep 60
done
shell: bash
- name: Run security regression test for first XSS
run: ./caldera-security-tests storedXSSUno
- name: Run security regression test for second XSS
run: ./caldera-security-tests storedXSSDos
- name: Run security regression test for third XSS
run: ./caldera-security-tests storedXSSTres
- name: Destroy test environment
run: ./caldera-security-tests testEnv -d
- name: Report failure
uses: nashmaniac/[email protected]
# Only report failures of pushes
# (PRs failures are visible through the Checks
# section) to the default branch
if: failure() && github.event_name == 'push' && github.ref == 'refs/heads/main'
with:
title: 🐛 Tests failed for ${{ github.sha }}
token: ${{ secrets.GITHUB_TOKEN }}
labels: kind/bug
body: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}