Skip to content

Commit

Permalink
Adds GHA definition and component tests
Browse files Browse the repository at this point in the history
  • Loading branch information
ubiratansoares committed Sep 22, 2024
1 parent dc5adc3 commit ffd7d4b
Show file tree
Hide file tree
Showing 4 changed files with 94 additions and 2 deletions.
15 changes: 13 additions & 2 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -64,5 +64,16 @@ jobs:
- name: Project Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: Run tests
run: echo "To do"
- name: Prepares fixtures
run: ./src/fixtures.sh

- name: Component test for iOS GHA
uses: ./gha/ios
with:
archive-file: .tmp/pocket-casts-ios.xcarchive

- name: Component test for Android GHA
uses: ./gha/android
with:
archive-file: .tmp/pocket-casts-android.apk
wait-for-summary: true
30 changes: 30 additions & 0 deletions gha/android/action.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
# Copyright 2024 Dotanuki Labs
# SPDX-License-Identifier: MIT

name: "appsweep-scan-action-android"
description: "Scan Android artifacts for security issues with Guardsquare Appsweep"

inputs:
archive-file:
description: >
Path to the Android archive to scan. Accepted formats: '.aab' and '.apk'
required: true
mappings-file:
description: >
Path to the R8/proguard mappings file
required: false
wait-for-summary:
description: >
Whether or not this Action should wait for scan outcomes and show the summary of issues
default: "false"
required: false

runs:
using: "composite"
steps:
- shell: bash
run: |
${{ github.action_path }}/src/main.sh \
--archive ${{ inputs.archive-file }} \
--extras ${{ inputs.mapping-file }} \
--summary ${{ inputs.wait-for-summary }}
30 changes: 30 additions & 0 deletions gha/ios/action.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
# Copyright 2024 Dotanuki Labs
# SPDX-License-Identifier: MIT

name: "appsweep-scan-action-ios"
description: "Scan iOS artifacts for security issues with Guardsquare Appsweep"

inputs:
archive-file:
description: >
Path to the iOS archive to scan. Accepted formats: '.ipa' and '.xcarchive'
required: true
dsyms-path:
description: >
Path to the dSyms folder
required: false
wait-for-summary:
description: >
Whether or not this Action should wait for scan outcomes and show the summary of issues
default: "false"
required: false

runs:
using: "composite"
steps:
- shell: bash
run: |
${{ github.action_path }}/src/main.sh \
--archive ${{ inputs.archive-file }} \
--extras ${{ inputs.dsyms-path }} \
--summary ${{ inputs.wait-for-summary }}
21 changes: 21 additions & 0 deletions src/fixtures.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
#!/usr/bin/env bash
# Copyright 2024 Dotanuki Labs
# SPDX-License-Identifier: MIT

set -euo pipefail

readonly android_fixture="https://github.com/Automattic/pocket-casts-android/releases/download/7.72/app-7.72.apk"
readonly android_package="pocket-casts-android.apk"
readonly ios_fixture="https://github.com/Automattic/pocket-casts-ios/releases/download/7.72/PocketCasts.xcarchive.zip"
readonly ios_package="pocket-casts-ios.xcarchive"

script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
cd "${script_dir%/*}"
actual_dir=$(pwd)
rm -rf "$actual_dir/.tmp" && mkdir "$actual_dir/.tmp"

echo
echo "Downloading fixtures to $HOME/.tmp"
echo
curl -fsSL -o "$actual_dir/.tmp/$android_package" -C - "$android_fixture"
curl -fsSL -o "$actual_dir/.tmp/$ios_package" -C - "$ios_fixture"

0 comments on commit ffd7d4b

Please sign in to comment.