Skip to content

Commit

Permalink
feat: allow different postfix and other inputs and documentation (#2)
Browse files Browse the repository at this point in the history
* feat: make input cleaner using paths

* feat: allow different postfix

* feat: allow different postfix

* feat: allow different postfix
oycyc authored Aug 14, 2024

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
1 parent 8cb09b7 commit 0ea31f1
Showing 2 changed files with 26 additions and 24 deletions.
19 changes: 9 additions & 10 deletions README.md
Original file line number Diff line number Diff line change
@@ -37,12 +37,6 @@ name: Spacelift Policy OPA Rego Tests

on:
pull_request:
types:
- opened
- edited
- synchronize
- ready_for_review
- reopened
# Optionally only trigger tests on affecting .rego files.
# paths:
# - '**.rego'
@@ -53,7 +47,7 @@ permissions:
pull-requests: write # required to comment on PRs

jobs:
run-opa-tests:
opa-tests:
runs-on: ubuntu-latest
steps:
- name: Check out repository code
@@ -62,13 +56,15 @@ jobs:
- name: Run OPA Rego Tests
uses: masterpointio/github-action-opa-rego-test@main
with:
test_directory_path: "./config/spacelift-policies" # Path of the directory where the OPA Rego policies are stored. Optional, defaults to `.` which is the root directory.
path: "./config/spacelift-policies" # Path of the directory where the OPA Rego policies are stored. Optional, defaults to `.` which is the root directory.
report_untested_files: true # Flag to check & report Rego files without corresponding test files. Optional, defaults to false.
```
</details>
BE SURE TO ALWAYS APPEND THE POSTFIX `_test.rego` TO YOUR TEST FILES! This is how the GitHub Action know what test to run on files. For example, if you have a file named `my-policy.rego`, you would need a file named `my-policy_test.rego`. It does not matter where the `_test.rego` file is located, just that it is in the same directory as the `.rego` file, meaning that it can be in a subdirectory.
Be sure to always append the postfix to your test files. The default input for the `test_file_postfix` is `_test`, per [OPA's best practices](https://www.openpolicyagent.org/docs/latest/policy-testing/#test-format). If you have a different postfix for your test files, you can specify it in the inputs. This is how GitHub Action know what test to run on files.

For example, if you have a file named `my-policy.rego`, you would need a file named `my-policy_test.rego`. It does not matter where the `_test.rego` file is located, just that it is in the root path, meaning that it can be in a subdirectory.

In the example below, all `_test.rego` files' location are valid and will be executed.

@@ -77,7 +73,8 @@ In the example below, all `_test.rego` files' location are valid and will be exe
### Inputs
| Input | Description | Required | Default |
|-------|-------------|----------|---------|
| `test_directory_path` | Path to the directory containing OPA Rego files to test | No | `.` (root directory) |
| `path` | Path to the directory containing OPA Rego files to test | No | `.` (root directory) |
| `test_file_postfix` | Postfix of the test files to run (e.g. notification.rego <> notification_test.rego) | No | `_test` |
| `write_pr_comment` | Flag to write a user-friendly PR comment with test results | No | `true` |
| `pr_comment_title` | Title of the PR comment for test results | No | `🧪 OPA Rego Policy Test Results` |
| `run_coverage_report` | Flag to run OPA coverage tests and include in PR comment | No | `true` |
@@ -142,3 +139,5 @@ Contributions are welcome! Please feel free to submit a Pull Request or open any
- one way is to PR comment error occured in the execution of the tests. please tak eal ook at the logs..
- publish to marketplace
- release please.
- clean up bash script. optimization.
- add outputs
31 changes: 17 additions & 14 deletions action.yml
Original file line number Diff line number Diff line change
@@ -9,10 +9,14 @@ branding:
color: 'green'

inputs:
test_directory_path:
path:
description: 'Path to the directory containing OPA Rego files to test. Default to root directory.'
required: false
default: '.'
test_file_postfix:
description: 'The postfix to use for test files. E.g. notification.rego <> notification_test.rego. Default is "_test".'
required: false
default: '_test'
write_pr_comment:
description: 'Flag to write an user friendly PR comment of the test results. Default of true.'
required: false
@@ -26,7 +30,7 @@ inputs:
required: false
default: true
report_untested_files:
description: 'Check & report in the PR comments of the Rego files that do not have any corresponding test files. For best conventions, append the postfix `_test` in your test file. E.g. `notification.rego` <> `notification_test.rego`'
description: 'Check & report in the PR comments of the Rego files that do not have any corresponding test files. For best conventions, append the postfix `_test` (or what you set as the `test_file_postfix` input) for your test file. E.g. `notification.rego` <> `notification_test.rego`'
required: false
default: false

@@ -42,12 +46,12 @@ runs:
id: opa-test
shell: bash
run: |
BASE_DIRECTORY_PATH="${{ inputs.test_directory_path }}"
tests=$(find "$BASE_DIRECTORY_PATH" -type f -name "*_test.rego")
BASE_DIRECTORY_PATH="${{ inputs.path }}"
tests=$(find "$BASE_DIRECTORY_PATH" -type f -name "*${{ inputs.test_file_postfix }}.rego")
output=""
for test in $tests; do
echo "Running test: $test"
base_name=$(basename "$test" _test.rego)
base_name=$(basename "$test" "${{ inputs.test_file_postfix }}.rego")
test_dir=$(dirname "$test")
impl_file=$(find "$test_dir" "$test_dir/.." -maxdepth 1 -type f -name "${base_name}.rego" | head -n1)
if [ -n "$impl_file" ]; then
@@ -67,14 +71,13 @@ runs:
- name: Run OPA Coverage Tests
id: opa-coverage
shell: bash
# OPA's CLI for testing and coverage isn't as smart as other languages. Have to manually test each file one by one, and we cannot pass in multiple files at once - you can, but if one fail, the rest won't run. That's not good because we want to test all files and report the result on those, even if one fails. It also cannot find all the files and corresponding test files, hence we have to manually find them dynamically with bash.
run: |
BASE_DIRECTORY_PATH="${{ inputs.test_directory_path }}"
tests=$(find "$BASE_DIRECTORY_PATH" -type f -name "*_test.rego")
BASE_DIRECTORY_PATH="${{ inputs.path }}"
tests=$(find "$BASE_DIRECTORY_PATH" -type f -name "*${{ inputs.test_file_postfix }}.rego")
output=""
for test in $tests; do
echo "Running coverage test: $test"
base_name=$(basename "$test" _test.rego)
base_name=$(basename "$test" "${{ inputs.test_file_postfix }}.rego")
test_dir=$(dirname "$test")
impl_file=$(find "$test_dir" "$test_dir/.." -maxdepth 1 -type f -name "${base_name}.rego" | head -n1)
if [ -n "$impl_file" ]; then
@@ -96,14 +99,14 @@ runs:
id: find-no-test
shell: bash
run: |
main_dir="${{ inputs.test_directory_path }}"
main_dir="${{ inputs.path }}"
echo "Searching for untested Rego files in: $main_dir"
no_test_files=$(find "$main_dir" -type f -name "*.rego" ! -name "*_test.rego" | while read file; do
no_test_files=$(find "$main_dir" -type f -name "*.rego" ! -name "*${{ inputs.test_file_postfix }}.rego" | while read file; do
base_name=$(basename "$file" .rego)
# Search for a corresponding test file anywhere in the project
test_file=$(find "$main_dir" -type f -name "${base_name}_test.rego")
test_file=$(find "$main_dir" -type f -name "${base_name}${{ inputs.test_file_postfix }}.rego")
if [ -z "$test_file" ]; then
echo "$file"
@@ -122,8 +125,8 @@ runs:
run: node ${{ github.action_path }}/dist/index.js
shell: bash
# We need to use `env` to pass the inputs into the script. Since this isn't running `with: node` (find the specifics)
# we cannot pass it in with 'inputs' in this workflow step with this composite action. THis is a workaround since
# GitHub Actions doesn't have a clean way of having a composite action use a custom action within the same repository.
# we cannot pass it in with 'inputs' in this workflow step with this composite action.
# GitHub Actions doesn't have a direct way of having a composite action use a custom action within the same repository.
env:
test_result: ${{ steps.opa-test.outputs.test_result }}
coverage_result: ${{ steps.opa-coverage.outputs.coverage_result }}

0 comments on commit 0ea31f1

Please sign in to comment.