2020-03-06 21:33:29 +01:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2013-04-27 14:07:14 +02:00
|
|
|
require 'bundler/gem_tasks'
|
|
|
|
require 'rspec/core/rake_task'
|
2018-02-23 11:13:28 +01:00
|
|
|
require 'rubocop/rake_task'
|
2018-10-28 12:57:13 +01:00
|
|
|
require 'bundler/audit/task'
|
2013-04-27 14:07:14 +02:00
|
|
|
|
|
|
|
RSpec::Core::RakeTask.new(:spec)
|
2018-02-23 11:13:28 +01:00
|
|
|
RuboCop::RakeTask.new
|
2018-10-28 12:57:13 +01:00
|
|
|
Bundler::Audit::Task.new
|
2013-04-27 14:07:14 +02:00
|
|
|
|
2020-02-28 15:13:28 +01:00
|
|
|
desc 'Run experimental solargraph type checker'
|
2020-08-22 12:20:23 +02:00
|
|
|
task :solargraph do
|
2020-02-28 15:13:28 +01:00
|
|
|
sh 'solargraph typecheck'
|
|
|
|
end
|
|
|
|
|
2021-04-16 22:27:22 +02:00
|
|
|
# renovate: datasource=github-tags depName=hadolint/hadolint
|
2022-11-10 02:18:11 +01:00
|
|
|
hadolint_version = 'v2.12.0'
|
2021-04-16 22:27:22 +02:00
|
|
|
|
2021-12-11 22:02:10 +01:00
|
|
|
# renovate: datasource=github-tags depName=aquasecurity/trivy
|
2023-07-06 02:19:47 +02:00
|
|
|
trivy_version = 'v0.43.0'
|
2021-12-11 22:02:10 +01:00
|
|
|
|
|
|
|
namespace :docker do
|
2021-12-12 15:51:28 +01:00
|
|
|
ci_image = 'cmur2/dyndnsd:ci'
|
|
|
|
|
2021-12-11 22:02:10 +01:00
|
|
|
desc 'Lint Dockerfile'
|
|
|
|
task :lint do
|
|
|
|
sh "if [ ! -e ./hadolint ]; then wget -q -O ./hadolint https://github.com/hadolint/hadolint/releases/download/#{hadolint_version}/hadolint-Linux-x86_64; fi"
|
|
|
|
sh 'chmod a+x ./hadolint'
|
|
|
|
sh './hadolint --ignore DL3018 docker/Dockerfile'
|
|
|
|
sh './hadolint --ignore DL3018 --ignore DL3028 docker/ci/Dockerfile'
|
|
|
|
end
|
|
|
|
|
|
|
|
desc 'Build CI Docker image'
|
|
|
|
task :build do
|
|
|
|
sh 'docker build -t cmur2/dyndnsd:ci -f docker/ci/Dockerfile .'
|
|
|
|
end
|
|
|
|
|
|
|
|
desc 'Scan CI Docker image for vulnerabilities'
|
|
|
|
task :scan do
|
|
|
|
ver = trivy_version.gsub('v', '')
|
|
|
|
sh "if [ ! -e ./trivy ]; then wget -q -O - https://github.com/aquasecurity/trivy/releases/download/v#{ver}/trivy_#{ver}_Linux-64bit.tar.gz | tar -xzf - trivy; fi"
|
2022-02-17 10:06:51 +01:00
|
|
|
sh "./trivy image #{ci_image}"
|
2021-12-12 15:51:28 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
desc 'End-to-end test the CI Docker image'
|
|
|
|
task :e2e do
|
|
|
|
sh <<~SCRIPT
|
|
|
|
echo -n '{}' > e2e/db.json
|
|
|
|
chmod a+w e2e/db.json
|
|
|
|
SCRIPT
|
|
|
|
sh "docker run -d --name=dyndnsd-ci -v $(pwd)/e2e:/etc/dyndnsd -p 8080:8080 -p 5353:5353 #{ci_image}"
|
|
|
|
sh 'sleep 1'
|
|
|
|
puts '----------------------------------------'
|
|
|
|
# `dig` needs `sudo apt-get install -y -q dnsutils`
|
|
|
|
sh <<~SCRIPT
|
|
|
|
curl -s -o /dev/null -w '%{http_code}' 'http://localhost:8080/' | grep -q '401'
|
|
|
|
curl -s 'http://foo:secret@localhost:8080/nic/update?hostname=foo.dyn.example.org&myip=1.2.3.4' | grep -q 'good'
|
|
|
|
curl -s 'http://foo:secret@localhost:8080/nic/update?hostname=foo.dyn.example.org&myip=1.2.3.4' | grep -q 'nochg'
|
|
|
|
dig +short AXFR 'dyn.example.org' @127.0.0.1 -p 5353 | grep -q '1.2.3.4'
|
|
|
|
SCRIPT
|
|
|
|
puts '----------------------------------------'
|
|
|
|
sh <<~SCRIPT
|
|
|
|
docker logs dyndnsd-ci
|
|
|
|
docker container rm -f -v dyndnsd-ci
|
|
|
|
rm e2e/db.json
|
|
|
|
SCRIPT
|
2021-12-11 22:02:10 +01:00
|
|
|
end
|
2020-08-22 12:20:23 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
task default: [:rubocop, :spec, 'bundle:audit', :solargraph]
|
2020-02-28 15:13:28 +01:00
|
|
|
|
2020-12-25 18:04:59 +01:00
|
|
|
desc 'Run all tasks desired for CI'
|
2023-07-02 13:56:53 +02:00
|
|
|
task ci: [:default, 'docker:lint', :build, 'docker:build', 'docker:e2e']
|