cn/dyndnsd
1
0
Fork 0
mirror of https://github.com/cmur2/dyndnsd.git synced 2025-10-31 00:25:06 +01:00
Code Releases Activity
Files
26381244aa5b378c1f162a0591930aceea344407
dyndnsd/Rakefile
renovate[bot] 26381244aa project: update aquasecurity/trivy to v0.50.0
2024-03-21 10:26:13 +01:00

75 lines
2.5 KiB
Ruby
Raw Blame History

# frozen_string_literal: true
require 'bundler/gem_tasks'
require 'rspec/core/rake_task'
require 'rubocop/rake_task'
require 'bundler/audit/task'
RSpec::Core::RakeTask.new(:spec)
RuboCop::RakeTask.new
Bundler::Audit::Task.new
desc 'Run experimental solargraph type checker'
task :solargraph do
sh 'solargraph typecheck'
end
# renovate: datasource=github-tags depName=hadolint/hadolint
hadolint_version = 'v2.12.0'
# renovate: datasource=github-tags depName=aquasecurity/trivy
trivy_version = 'v0.50.0'
namespace :docker do
ci_image = 'cmur2/dyndnsd:ci'
desc 'Lint Dockerfile'
task :lint do
sh "if [ ! -e ./hadolint ]; then wget -q -O ./hadolint https://github.com/hadolint/hadolint/releases/download/#{hadolint_version}/hadolint-Linux-x86_64; fi"
sh 'chmod a+x ./hadolint'
sh './hadolint --ignore DL3018 docker/Dockerfile'
sh './hadolint --ignore DL3018 --ignore DL3028 docker/ci/Dockerfile'
end
desc 'Build CI Docker image'
task :build do
sh 'docker build -t cmur2/dyndnsd:ci -f docker/ci/Dockerfile .'
end
desc 'Scan CI Docker image for vulnerabilities'
task :scan do
ver = trivy_version.gsub('v', '')
sh "if [ ! -e ./trivy ]; then wget -q -O - https://github.com/aquasecurity/trivy/releases/download/v#{ver}/trivy_#{ver}_Linux-64bit.tar.gz | tar -xzf - trivy; fi"
sh "./trivy image #{ci_image}"
end
desc 'End-to-end test the CI Docker image'
task :e2e do
sh <<~SCRIPT
echo -n '{}' > e2e/db.json
chmod a+w e2e/db.json
SCRIPT
sh "docker run -d --name=dyndnsd-ci -v $(pwd)/e2e:/etc/dyndnsd -p 8080:8080 -p 5353:5353 #{ci_image}"
sh 'sleep 1'
puts '----------------------------------------'
# `dig` needs `sudo apt-get install -y -q dnsutils`
sh <<~SCRIPT
curl -s -o /dev/null -w '%{http_code}' 'http://localhost:8080/' | grep -q '401'
curl -s 'http://foo:secret@localhost:8080/nic/update?hostname=foo.dyn.example.org&myip=1.2.3.4' | grep -q 'good'
curl -s 'http://foo:secret@localhost:8080/nic/update?hostname=foo.dyn.example.org&myip=1.2.3.4' | grep -q 'nochg'
dig +short AXFR 'dyn.example.org' @127.0.0.1 -p 5353 | grep -q '1.2.3.4'
SCRIPT
puts '----------------------------------------'
sh <<~SCRIPT
docker logs dyndnsd-ci
docker container rm -f -v dyndnsd-ci
rm e2e/db.json
SCRIPT
end
end
task default: [:rubocop, :spec, 'bundle:audit', :solargraph]
desc 'Run all tasks desired for CI'
task ci: [:default, 'docker:lint', :build, 'docker:build', 'docker:e2e']
View Git Blame Copy Permalink