# IRIS Source Code # Copyright (C) 2023 - DFIR-IRIS # contact@dfir-iris.org # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public # License as published by the Free Software Foundation; either # version 3 of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public License # along with this program; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. name: Continuous Integration on: [push, pull_request] jobs: static-checks: name: Static analyis checks runs-on: ubuntu-22.04 steps: - name: Check out iris uses: actions/checkout@v4 - name: Check code with ruff uses: astral-sh/ruff-action@v2 with: args: check --output-format=github src: ./source build-docker-db: name: Build docker db runs-on: ubuntu-22.04 steps: - name: Check out iris uses: actions/checkout@v4 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Build and export uses: docker/build-push-action@v6 with: context: docker/db tags: iriswebapp_db:develop outputs: type=docker,dest=${{ runner.temp }}/iriswebapp_db.tar cache-from: type=gha cache-to: type=gha,mode=max - name: Upload artifact uses: actions/upload-artifact@v4 with: name: iriswebapp_db path: ${{ runner.temp }}/iriswebapp_db.tar build-docker-nginx: name: Build docker nginx runs-on: ubuntu-22.04 steps: - name: Check out iris uses: actions/checkout@v4 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Build and export uses: docker/build-push-action@v6 with: context: docker/nginx tags: iriswebapp_nginx:develop build-args: | NGINX_CONF_GID=1234 NGINX_CONF_FILE=nginx.conf outputs: type=docker,dest=${{ runner.temp }}/iriswebapp_nginx.tar cache-from: type=gha cache-to: type=gha,mode=max - name: Upload artifact uses: actions/upload-artifact@v4 with: name: iriswebapp_nginx path: ${{ runner.temp }}/iriswebapp_nginx.tar build-docker-app: name: Build docker app runs-on: ubuntu-22.04 steps: - name: Check out iris uses: actions/checkout@v4 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Build and export uses: docker/build-push-action@v6 with: context: . file: docker/webApp/Dockerfile tags: iriswebapp_app:develop outputs: type=docker,dest=${{ runner.temp }}/iriswebapp_app.tar cache-from: type=gha cache-to: type=gha,mode=max - name: Upload artifact uses: actions/upload-artifact@v4 with: name: iriswebapp_app path: ${{ runner.temp }}/iriswebapp_app.tar build-graphql-documentation: name: Generate graphQL documentation runs-on: ubuntu-22.04 needs: - build-docker-db - build-docker-nginx - build-docker-app steps: - name: Download artifacts uses: actions/download-artifact@v4 with: pattern: iriswebapp_* path: ${{ runner.temp }} merge-multiple: true - name: Load docker images run: | docker load --input ${{ runner.temp }}/iriswebapp_db.tar docker load --input ${{ runner.temp }}/iriswebapp_nginx.tar docker load --input ${{ runner.temp }}/iriswebapp_app.tar - name: Check out iris uses: actions/checkout@v4 - name: Start development server run: | # Even though, we use --env-file option when running docker compose, this is still necessary, because the compose has a env_file attribute :( # TODO should move basic.env file, which is in directory tests, up. It's used in several places. Maybe, rename it into dev.env cp tests/data/basic.env .env docker compose --file docker-compose.dev.yml --env-file tests/data/basic.env up --detach - name: Generate GraphQL documentation run: | npx spectaql@^3.0.2 source/spectaql/config.yml - name: Stop development server run: | docker compose down - uses: actions/upload-artifact@v4 with: name: GraphQL DFIR-IRIS documentation path: public if-no-files-found: error test-api: name: Test API runs-on: ubuntu-22.04 needs: - build-docker-db - build-docker-nginx - build-docker-app steps: - name: Download artifacts uses: actions/download-artifact@v4 with: pattern: iriswebapp_* path: ${{ runner.temp }} merge-multiple: true - name: Load docker images run: | docker load --input ${{ runner.temp }}/iriswebapp_db.tar docker load --input ${{ runner.temp }}/iriswebapp_nginx.tar docker load --input ${{ runner.temp }}/iriswebapp_app.tar - name: Check out iris uses: actions/checkout@v4 - name: Start development server run: | # Even though, we use --env-file option when running docker compose, this is still necessary, because the compose has a env_file attribute :( # TODO should move basic.env file, which is in directory tests, up. It's used in several places. Maybe, rename it into dev.env cp tests/data/basic.env .env docker compose --file docker-compose.dev.yml up --detach - name: Run tests working-directory: tests run: | python -m venv venv source venv/bin/activate pip install -r requirements.txt PYTHONUNBUFFERED=true python -m unittest --verbose - name: Stop development server run: | docker compose down test-e2e: name: End to end tests runs-on: ubuntu-22.04 needs: - build-docker-db - build-docker-nginx - build-docker-app steps: - name: Download artifacts uses: actions/download-artifact@v4 with: pattern: iriswebapp_* path: ${{ runner.temp }} merge-multiple: true - name: Load docker images run: | docker load --input ${{ runner.temp }}/iriswebapp_db.tar docker load --input ${{ runner.temp }}/iriswebapp_nginx.tar docker load --input ${{ runner.temp }}/iriswebapp_app.tar - name: Check out iris uses: actions/checkout@v4 - uses: actions/setup-node@v4 with: node-version: 20 cache: npm cache-dependency-path: | ui/package-lock.json e2e/package-lock.json - name: Build ui to be mounted in development docker working-directory: ui run: | npm ci npm run build - name: Install e2e dependencies working-directory: e2e run: npm ci - name: Install playwright dependencies working-directory: e2e run: npx playwright install chromium firefox - name: Start development server run: | # TODO should move basic.env file, which is in directory tests, up. It's used in several places. Maybe, rename it into dev.env cp tests/data/basic.env .env docker compose --file docker-compose.dev.yml up --detach - name: Run end to end tests working-directory: e2e run: npx playwright test - name: Stop development server run: | docker compose down - uses: actions/upload-artifact@v4 if: ${{ always() }} with: name: playwright-report path: e2e/playwright-report/