Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feat/keploy experimental #149

Open
wants to merge 18 commits into
base: develop
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from 10 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion .env.docker
Original file line number Diff line number Diff line change
Expand Up @@ -8,4 +8,6 @@ ACCESS_TOKEN_SECRET=4cd7234152590dcfe77e1b6fc52e84f4d30c06fddadd0dd2fb42cbc51fa1
NODE_ENV=production
ENVIRONMENT_NAME=docker
REDIS_HOST=redis
REDIS_PORT=6379
REDIS_PORT=6379
APP_PATH=/Users/apple/repos/template/node-express-graphql-template
ENABLE_DEDUP=true
56 changes: 56 additions & 0 deletions .github/workflows/keploy.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
name: Keploy

on:
pull_request:
branches:
- develop
push:
branches:
- develop

jobs:
node_linux:
runs-on: ubuntu-latest
environment: secrets # Ensure you specify the environment if it's an environment-level secret
steps:
- name: Checkout repository
uses: actions/checkout@v3

- name: Set up Node.js 20
uses: actions/setup-node@v2
with:
node-version: '20'

- name: Print all environment variables for debugging
run: printenv

- name: Install dependencies
run: yarn install

- name: Install nyc
run: yarn add [email protected] --dev

- name: Install Docker
uses: docker/setup-buildx-action@v2

- name: Install Docker Compose
run: |
mkdir -p $HOME/.docker/cli-plugins
curl -L "https://github.com/docker/compose/releases/download/v2.6.1/docker-compose-linux-x86_64" -o $HOME/.docker/cli-plugins/docker-compose
chmod +x $HOME/.docker/cli-plugins/docker-compose
echo "$HOME/.docker/cli-plugins" >> $GITHUB_PATH
docker-compose --version
Comment on lines +36 to +42
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Secure handling of Docker Compose installation.

Downloading and installing Docker Compose from GitHub. Verify the checksum of the downloaded binary to ensure its integrity.

+ curl -L "https://github.com/docker/compose/releases/download/v2.6.1/docker-compose-linux-x86_64" -o $HOME/.docker/cli-plugins/docker-compose | shasum -a 256 -c expected_checksum_file

Committable suggestion was skipped due to low confidence.


- name: Run the node-express-graphql template
run: |
chmod +x /home/runner/work/node-express-graphql-template/node-express-graphql-template/.github/workflows/test_workflows/keploy.sh
/home/runner/work/node-express-graphql-template/node-express-graphql-template/.github/workflows/test_workflows/keploy.sh
env:
KEPLOY_API_KEY: ${{ secrets.KEPLOY_API_KEY }}

- name: Upload coverage to Codecov
uses: codecov/codecov-action@v2
with:
token: ${{ secrets.CODECOV_TOKEN }}
files: ./coverage/lcov.info
verbose: true
Comment on lines +52 to +57
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tip

Codebase Verification

Coverage data upload configuration.

The keploy.sh script referenced in the workflow does not exist in the repository. This means the coverage report (lcov.info) is not being generated, causing the upload step to fail. Please ensure that the script responsible for generating the coverage report is included in the repository and that the file path is correct.

  • Ensure the keploy.sh script is present and correctly generates the lcov.info file.
  • Verify the file path and token usage for security.
Analysis chain

Coverage data upload configuration.

Ensure that the specified coverage file path and token usage are correct and secure.

Scripts executed

The following scripts were executed for the analysis:


Script:

#!/bin/bash
# Description: Verify the coverage file path and token security.

# Test: Check the existence of the specified coverage file and validate the token usage. Expect: Correct file path and secure token handling.
ls ./coverage/lcov.info

Length of output: 93



Script:

#!/bin/bash
# Description: Search for references to `lcov.info` in the keploy.yml workflow file to verify its generation and handling.

# Search for `lcov.info` references in the workflow file
rg 'lcov.info' .github/workflows/keploy.yml

Length of output: 79



Script:

#!/bin/bash
# Description: Search for steps in the keploy.yml workflow file that run tests or generate coverage reports.

# Search for steps that run tests or generate coverage reports
rg -i 'test|coverage' .github/workflows/keploy.yml

Length of output: 421



Script:

#!/bin/bash
# Description: Display the contents of the `keploy.sh` script to verify if it runs tests and generates the coverage report.

# Find the `keploy.sh` script
fd keploy.sh

# Display the contents of the `keploy.sh` script
cat $(fd keploy.sh)

Length of output: 36



Script:

#!/bin/bash
# Description: Search for the `keploy.sh` script in the entire repository and display its path if found.

# Search for the `keploy.sh` script in the entire repository
fd keploy.sh

Length of output: 14

48 changes: 48 additions & 0 deletions .github/workflows/test_workflows/keploy.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
curl --silent -O -L https://keploy.io/ent/install.sh
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ensure secure handling of downloaded files.

Using curl to download and execute scripts can be risky. Consider verifying the integrity of the downloaded script before execution.

+ curl --silent -O -L https://keploy.io/ent/install.sh | shasum -a 256 -c expected_checksum_file

Committable suggestion was skipped due to low confidence.



sudo docker compose --env-file .env.docker build
curl --silent -o keployE --location "https://keploy-enterprise.s3.us-west-2.amazonaws.com/releases/latest/enterprise_linux_amd64"
sudo chmod a+x keployE && sudo mkdir -p /usr/local/bin && sudo mv keployE /usr/local/bin
Comment on lines +4 to +6
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Potential security risk with broad permissions.

Setting broad permissions with chmod a+x and moving binaries with sudo could pose a security risk. Ensure that only necessary permissions are granted, and consider using user-specific directories if possible.

- sudo chmod a+x keployE && sudo mkdir -p /usr/local/bin && sudo mv keployE /usr/local/bin
+ sudo chmod u+x keployE && sudo mv keployE /usr/local/bin

Committable suggestion was skipped due to low confidence.



# Build the project locally
echo "Project built successfully"

echo $(pwd)


sudo -E env PATH="$PATH" /usr/local/bin/keployE test -c "sudo docker compose --env-file .env.docker up" --containerName "node-express-graphql-template-app-1" --delay 30 --apiTimeout 30 --generateGithubActions=false
echo "Keploy started in test mode"

all_passed=true

# Loop through test sets
for i in {0..0}
do
# Define the report file for each test set
report_file="./keploy/reports/test-run-0/test-set-$i-report.yaml"

# Extract the test status
test_status=$(grep 'status:' "$report_file" | head -n 1 | awk '{print $2}')

# Print the status for debugging
echo "Test status for test-set-$i: $test_status"

# Check if any test set did not pass
if [ "$test_status" != "PASSED" ]; then
all_passed=false
echo "Test-set-$i did not pass."
break # Exit the loop early as all tests need to pass
fi
done

# Check the overall test status and exit accordingly
if [ "$all_passed" = true ]; then
docker cp node-express-graphql-template-app-1:$(pwd)/.nyc_output $(pwd)/.nyc_output
npx nyc report
echo "All tests passed"
exit 0
else
exit 1
fi
8 changes: 7 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -94,4 +94,10 @@ typings/
# DS_Store
.DS_Store
report.json
reports/test-report.xml
reports/test-report.xml

# Keploy test reports
dedupData.yaml
duplicates.yaml
keploy/reports
docker-compose-tmp.yaml
36 changes: 25 additions & 11 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,10 +1,15 @@
FROM node:20
ARG ENVIRONMENT_NAME
ARG BUILD_NAME
ARG APP_PATH
ARG PLATFORM

RUN mkdir -p /app-build
ADD . /app-build
WORKDIR /app-build
# RUN mkdir -p /app-build
# ADD . /app-build
# WORKDIR /app-build
RUN mkdir -p ${APP_PATH}
ADD . ${APP_PATH}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use COPY instead of ADD for better practice in Dockerfiles.

ADD is generally used for archives and remote URLs. It's recommended to use COPY for copying local files to improve clarity and avoid unintended decompression.

- ADD . ${APP_PATH}
+ COPY . ${APP_PATH}
- ADD scripts/migrate-and-run.sh ${APP_PATH}/
+ COPY scripts/migrate-and-run.sh ${APP_PATH}/
- ADD package.json ${APP_PATH}/
+ COPY package.json ${APP_PATH}/
- ADD . ./
+ COPY . ./

Also applies to: 31-31, 32-32, 33-33

Tools
Hadolint

[error] 11-11: Use COPY instead of ADD for files and folders

(DL3020)

WORKDIR ${APP_PATH}
RUN --mount=type=cache,target=/root/.yarn YARN_CACHE_FOLDER=/root/.yarn yarn --frozen-lockfile
RUN yarn
RUN yarn build:$BUILD_NAME
Expand All @@ -13,16 +18,25 @@ RUN yarn build:$BUILD_NAME
FROM node:20-alpine
ARG ENVIRONMENT_NAME
ARG BUILD_NAME
ARG APP_PATH
ARG PLATFORM

RUN mkdir -p /dist
WORKDIR ${APP_PATH}
RUN mkdir -p ${APP_PATH}/dist
RUN apk add yarn
RUN yarn global add [email protected]
RUN yarn add shelljs dotenv pg [email protected]
ADD scripts/migrate-and-run.sh /
ADD package.json /
ADD . /
COPY --from=0 /app-build/dist ./dist

RUN yarn global add [email protected] [email protected]
RUN yarn add shelljs dotenv pg [email protected]
RUN apk add --no-cache dumb-init
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consolidate multiple RUN commands to optimize layers.

Consolidating RUN commands can reduce the number of layers in the Docker image, leading to improved build performance and smaller image sizes.

- RUN yarn global add [email protected] [email protected]
- RUN yarn add shelljs dotenv pg [email protected]
- RUN apk add --no-cache dumb-init
+ RUN yarn global add [email protected] [email protected] && \
+    yarn add shelljs dotenv pg [email protected] && \
+    apk add --no-cache dumb-init
Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
RUN yarn global add [email protected] [email protected]
RUN yarn add shelljs dotenv pg [email protected]
RUN apk add --no-cache dumb-init
RUN yarn global add [email protected] [email protected] && \
yarn add shelljs dotenv pg [email protected] && \
apk add --no-cache dumb-init
Tools
Hadolint

[info] 28-28: Multiple consecutive RUN instructions. Consider consolidation.

(DL3059)


[info] 29-29: Multiple consecutive RUN instructions. Consider consolidation.

(DL3059)


[warning] 30-30: Pin versions in apk add. Instead of apk add <package> use apk add <package>=<version>

(DL3018)


[info] 30-30: Multiple consecutive RUN instructions. Consider consolidation.

(DL3059)

ADD scripts/migrate-and-run.sh ${APP_PATH}/
ADD package.json ${APP_PATH}/
ADD . ./
COPY --from=0 ${APP_PATH}/dist ${APP_PATH}/dist
ADD https://keploy-enterprise.s3.us-west-2.amazonaws.com/releases/latest/assets/freeze_time_$PLATFORM.so /lib/keploy/freeze_time_$PLATFORM.so
RUN chmod +x /lib/keploy/freeze_time_$PLATFORM.so
ENV LD_PRELOAD=/lib/keploy/freeze_time_$PLATFORM.so
ENTRYPOINT ["dumb-init", "--"]
STOPSIGNAL SIGINT

CMD ["sh", "./migrate-and-run.sh"]
EXPOSE 9000
EXPOSE 9000
7 changes: 7 additions & 0 deletions docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,11 +18,18 @@ services:
args:
ENVIRONMENT_NAME: .docker
BUILD_NAME: docker
PLATFORM: arm64
APP_PATH: ${APP_PATH}
restart: always
depends_on:
- db_postgres
- redis
ports:
- 9000:9000
environment:
ENABLE_DEDUP: "true"
env_file:
- ./.env.docker
volumes:
- ${APP_PATH}/dedupData.yaml:${APP_PATH}.dedupData.yaml
stop_grace_period: 50s
18 changes: 18 additions & 0 deletions keploy-runner.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
#!/bin/bash -x -i -e
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Incorrect shebang usage in script.

The shebang should specify only one parameter. Consider modifying it to ensure compatibility across different operating systems.

- #!/bin/bash -x -i -e
+ #!/bin/bash
+ set -x -i -e
Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
#!/bin/bash -x -i -e
#!/bin/bash
set -x -i -e
Tools
Shellcheck

[error] 1-1: On most OS, shebangs can only specify a single parameter.

(SC2096)


# Command to be executed
alias keploy="docker run --pull always --name keploy-v2 -p 16789:16789 --privileged --pid=host -it -v $(pwd):$(pwd) -w $(pwd) -v /sys/fs/cgroup:/sys/fs/cgroup -v debugfs:/sys/kernel/debug:rw -v /sys/fs/bpf:/sys/fs/bpf -v /var/run/docker.sock:/var/run/docker.sock -v /Users/apple/.keploy:/root/.keploy --rm docker.io/keploy/enterprise"
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Potential issue with alias expansion.

The alias for keploy might not expand as expected when used. It's generally safer to use a function in scripts to avoid issues with scope and expansion.

- alias keploy="docker run --pull always --name keploy-v2 -p 16789:16789 --privileged --pid=host -it -v $(pwd):$(pwd) -w $(pwd) -v /sys/fs/cgroup:/sys/fs/cgroup -v debugfs:/sys/kernel/debug:rw -v /sys/fs/bpf:/sys/fs/bpf -v /var/run/docker.sock:/var/run/docker.sock -v /Users/apple/.keploy:/root/.keploy --rm docker.io/keploy/enterprise"
+ keploy() {
+   docker run --pull always --name keploy-v2 -p 16789:16789 --privileged --pid=host -it -v $(pwd):$(pwd) -w $(pwd) -v /sys/fs/cgroup:/sys/fs/cgroup -v debugfs:/sys/kernel/debug:rw -v /sys/fs/bpf:/sys/fs/bpf -v /var/run/docker.sock:/var/run/docker.sock -v /Users/apple/.keploy:/root/.keploy --rm docker.io/keploy/enterprise "$@"
+ }
Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
alias keploy="docker run --pull always --name keploy-v2 -p 16789:16789 --privileged --pid=host -it -v $(pwd):$(pwd) -w $(pwd) -v /sys/fs/cgroup:/sys/fs/cgroup -v debugfs:/sys/kernel/debug:rw -v /sys/fs/bpf:/sys/fs/bpf -v /var/run/docker.sock:/var/run/docker.sock -v /Users/apple/.keploy:/root/.keploy --rm docker.io/keploy/enterprise"
keploy() {
docker run --pull always --name keploy-v2 -p 16789:16789 --privileged --pid=host -it -v $(pwd):$(pwd) -w $(pwd) -v /sys/fs/cgroup:/sys/fs/cgroup -v debugfs:/sys/kernel/debug:rw -v /sys/fs/bpf:/sys/fs/bpf -v /var/run/docker.sock:/var/run/docker.sock -v /Users/apple/.keploy:/root/.keploy --rm docker.io/keploy/enterprise "$@"
}
Tools
Shellcheck

[warning] 4-4: This expands when defined, not when used. Consider escaping.

(SC2139)


# Number of times to run the command
ITERATIONS=10

# Loop to execute the command
for (( i=1; i<=$ITERATIONS; i++ ))
do
echo "Running iteration $i"
keploy test -c 'docker compose --env-file .env.docker up' --containerName "fast-api-app" --delay 30 --freezeTime --testsets='test-set-1'
echo "Iteration $i complete"
echo "----------------------------------------"
done

echo "Script execution complete"
52 changes: 52 additions & 0 deletions keploy.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
path: ""
appId: 0
appName: ""
command: ""
port: 0
proxyPort: 16789
dnsPort: 26789
debug: false
disableANSI: false
disableTele: false
inDocker: false
generateGithubActions: true
containerName: ""
networkName: ""
buildDelay: 30
test:
selectedTests: {}
globalNoise:
global:
body:
data.signIn.token: []
data.signUp.token: []
header:
Etag: []
Vary: []
test-sets: {}
delay: 5
apiTimeout: 5
coverage: false
goCoverage: false
coverageReportPath: ""
ignoreOrdering: true
mongoPassword: "default@123"
language: ""
removeUnusedMocks: false
basePath: ""
mocking: true
dedup: true
disableMockUpload: false
freezeTime: false
record:
recordTimer: 0s
filters: []
configPath: ""
bypassRules: []
cmdType: "native"
enableTesting: false
fallbackOnMiss: false
keployContainer: "keploy-v2"
keployNetwork: "keploy-network"

# Visit [https://keploy.io/docs/running-keploy/configuration-file/] to learn about using keploy through configration file.
1 change: 1 addition & 0 deletions keploy/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
/*/mocks.yaml
6 changes: 6 additions & 0 deletions keploy/test-set-0/config.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
testset:
pre_script: ""
post_script: ""
template: {}
mocks:
- daa16f86fded81299cb178aec234e127a08ad8a9174ce8b4e8f8ee23d7eebf0d.yaml
Loading
Loading