Feature/container function test #19
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: container-image-build-validation | |
| on: | |
| pull_request: | |
| types: | |
| - opened | |
| - edited | |
| - synchronize | |
| - reopened | |
| jobs: | |
| container-build: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout GIT repository | |
| uses: actions/checkout@v3 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v2 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| - name: Test build | |
| uses: docker/[email protected] | |
| with: | |
| push: false | |
| load: false | |
| context: . | |
| platforms: linux/amd64, linux/arm64 | |
| tags: container-build:test | |
| - name: Test build and export for further validation | |
| uses: docker/[email protected] | |
| with: | |
| push: false | |
| load: true | |
| context: . | |
| tags: container-build:test | |
| outputs: type=docker,dest=/tmp/container.tar | |
| - name: Upload container image as artifact | |
| uses: actions/[email protected] | |
| with: | |
| name: container-build | |
| path: /tmp/container.tar | |
| function-test-preparation: | |
| name: Container functionality test preparation | |
| runs-on: ubuntu-latest | |
| permissions: write-all | |
| steps: | |
| - name: Checkout GIT repository | |
| uses: actions/checkout@v4 | |
| - name: Log in to Github container registry | |
| run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
| - name: Build container for functionality test | |
| uses: docker/build-push-action@v5 | |
| with: | |
| push: true | |
| load: false | |
| context: . | |
| file: ./Dockerfile | |
| tags: ghcr.io/cybcon/modbus-client/modbus-client:test | |
| function-test-execution: | |
| name: Container functionality test execution | |
| needs: function-test-preparation | |
| runs-on: ubuntu-latest | |
| services: | |
| modbusserver: | |
| image: oitc/modbus-server:latest | |
| ports: | |
| - 5020:5020 | |
| steps: | |
| - name: Log in to Github container registry | |
| run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
| - name: Pull Modbus Client for functionality test | |
| run: | | |
| docker ghcr.io/cybcon/modbus-client/modbus-client:test | |
| echo "# Modbus functionality test" >> ${GITHUB_STEP_SUMMARY} | |
| - name: Get modbus server address | |
| id: modbus-server-address | |
| run: | | |
| LOCAL_MACHINE=$(ifconfig -a eth0|grep inet|grep -v 127.0.0.1|grep -v inet6|awk '{print $2}'|tr -d "addr:") | |
| echo "DEBUG: ${LOCAL_MACHINE}" | |
| echo "ip=${LOCAL_MACHINE}" >> $GITHUB_OUTPUT | |
| - name: Validate server endpoint | |
| run: | | |
| modbusserver=${{steps. modbus-server-address.outputs.ip}} | |
| ping -c 1 -q ${modbusserver} | |
| RC=$? | |
| if [ ${RC} -gt 0 ]; then | |
| echo "ERROR: Modbus slave not reachable" >&2 | |
| exit 1 | |
| fi | |
| - name: Test Discrete Output Coils | |
| run: | | |
| modbusserver=${{steps. modbus-server-address.outputs.ip}} | |
| echo "## Get Discrete Output Coils" >> ${GITHUB_STEP_SUMMARY} | |
| echo '<details>' >> ${GITHUB_STEP_SUMMARY} | |
| echo ' <summary>Test output details</summary>' >> ${GITHUB_STEP_SUMMARY} | |
| echo "" >> ${GITHUB_STEP_SUMMARY} | |
| echo ' ```' >> ${GITHUB_STEP_SUMMARY} | |
| echo " docker run --rm oitc/modbus-client:latest -s ${modbusserver} -p 5020 -t 1 -r 0 -l 10" >> ${GITHUB_STEP_SUMMARY} | |
| docker run --rm oitc/modbus-client:latest -s ${modbusserver} -p 5020 -t 1 -r 0 -l 10 > output.tmp 2>&1 | |
| cat output.tmp | while read line | |
| do | |
| echo " ${line}" >> ${GITHUB_STEP_SUMMARY} | |
| done | |
| echo ' ```' >> ${GITHUB_STEP_SUMMARY} | |
| echo '</details>' >> ${GITHUB_STEP_SUMMARY} | |
| echo "" >> ${GITHUB_STEP_SUMMARY} | |
| # analyze output | |
| RESULT=$(cat output.tmp | grep ^2 | awk '{print $3}') | |
| if [ "${RESULT}" == "False" ]; then | |
| echo "Test succesfull :white_check_mark:" >> ${GITHUB_STEP_SUMMARY} | |
| else | |
| echo "Test failed :x:" >> ${GITHUB_STEP_SUMMARY} | |
| exit 1 | |
| fi | |
| - name: Test Discrete Input Contacts | |
| run: | | |
| modbusserver=${{steps. modbus-server-address.outputs.ip}} | |
| echo "## Get Discrete Input Contacts" >> ${GITHUB_STEP_SUMMARY} | |
| echo '<details>' >> ${GITHUB_STEP_SUMMARY} | |
| echo ' <summary>Test output details</summary>' >> ${GITHUB_STEP_SUMMARY} | |
| echo "" >> ${GITHUB_STEP_SUMMARY} | |
| echo ' ```' >> ${GITHUB_STEP_SUMMARY} | |
| echo " docker run --rm oitc/modbus-client:latest -s ${modbusserver} -p 5020 -t 2 -r 0 -l 10" >> ${GITHUB_STEP_SUMMARY} | |
| docker run --rm oitc/modbus-client:latest -s ${modbusserver} -p 5020 -t 2 -r 0 -l 10 > output.tmp 2>&1 | |
| cat output.tmp | while read line | |
| do | |
| echo " ${line}" >> ${GITHUB_STEP_SUMMARY} | |
| done | |
| echo ' ```' >> ${GITHUB_STEP_SUMMARY} | |
| echo '</details>' >> ${GITHUB_STEP_SUMMARY} | |
| echo "" >> ${GITHUB_STEP_SUMMARY} | |
| # analyze output | |
| RESULT=$(cat output.tmp | grep ^10002 | awk '{print $3}') | |
| if [ "${RESULT}" == "False" ]; then | |
| echo "Test succesfull :white_check_mark:" >> ${GITHUB_STEP_SUMMARY} | |
| else | |
| echo "Test failed :x:" >> ${GITHUB_STEP_SUMMARY} | |
| exit 1 | |
| fi | |
| - name: Test Analog Output Holding Register | |
| run: | | |
| modbusserver=${{steps. modbus-server-address.outputs.ip}} | |
| echo "## Get Analog Output Holding Register" >> ${GITHUB_STEP_SUMMARY} | |
| echo '<details>' >> ${GITHUB_STEP_SUMMARY} | |
| echo ' <summary>Test output details</summary>' >> ${GITHUB_STEP_SUMMARY} | |
| echo "" >> ${GITHUB_STEP_SUMMARY} | |
| echo ' ```' >> ${GITHUB_STEP_SUMMARY} | |
| echo " docker run --rm oitc/modbus-client:latest -s ${modbusserver} -p 5020 -t 3 -r 0 -l 10" >> ${GITHUB_STEP_SUMMARY} | |
| docker run --rm oitc/modbus-client:latest -s ${modbusserver} -p 5020 -t 3 -r 0 -l 10 > output.tmp 2>&1 | |
| cat output.tmp | while read line | |
| do | |
| echo " ${line}" >> ${GITHUB_STEP_SUMMARY} | |
| done | |
| echo ' ```' >> ${GITHUB_STEP_SUMMARY} | |
| echo '</details>' >> ${GITHUB_STEP_SUMMARY} | |
| echo "" >> ${GITHUB_STEP_SUMMARY} | |
| # analyze output | |
| RESULT=$(cat output.tmp | grep ^40002 | awk '{print $2}') | |
| if [ "${RESULT}" == "0x0000" ]; then | |
| echo "Test succesfull :white_check_mark:" >> ${GITHUB_STEP_SUMMARY} | |
| else | |
| echo "Test failed :x:" >> ${GITHUB_STEP_SUMMARY} | |
| exit 1 | |
| fi | |
| - name: Test Analog Input Register | |
| run: | | |
| modbusserver=${{steps. modbus-server-address.outputs.ip}} | |
| echo "## Get Analog Input Register" >> ${GITHUB_STEP_SUMMARY} | |
| echo '<details>' >> ${GITHUB_STEP_SUMMARY} | |
| echo ' <summary>Test output details</summary>' >> ${GITHUB_STEP_SUMMARY} | |
| echo "" >> ${GITHUB_STEP_SUMMARY} | |
| echo ' ```' >> ${GITHUB_STEP_SUMMARY} | |
| echo " docker run --rm oitc/modbus-client:latest -s ${modbusserver} -p 5020 -t 4 -r 0 -l 10" >> ${GITHUB_STEP_SUMMARY} | |
| docker run --rm oitc/modbus-client:latest -s ${modbusserver} -p 5020 -t 4 -r 0 -l 10 > output.tmp 2>&1 | |
| cat output.tmp | while read line | |
| do | |
| echo " ${line}" >> ${GITHUB_STEP_SUMMARY} | |
| done | |
| echo ' ```' >> ${GITHUB_STEP_SUMMARY} | |
| echo '</details>' >> ${GITHUB_STEP_SUMMARY} | |
| echo "" >> ${GITHUB_STEP_SUMMARY} | |
| # analyze output | |
| RESULT=$(cat output.tmp | grep ^30002 | head -1 | awk '{print $2}') | |
| if [ "${RESULT}" == "0x0000" ]; then | |
| echo "Test succesfull :white_check_mark:" >> ${GITHUB_STEP_SUMMARY} | |
| else | |
| echo "Test failed :x:" >> ${GITHUB_STEP_SUMMARY} | |
| exit 1 | |
| fi | |
| scan: | |
| name: Container vulnerability scan | |
| needs: container-build | |
| uses: cybcon/github_workflows/.github/workflows/[email protected] | |
| with: | |
| image_name: container-build:test | |
| image_artifact_filename: container.tar | |
| image_artifact_name: container-build | |
| login_dockerhub: false | |
| trivy_tag: latest |