test: add integration tests

Signed-off-by: Ilona Shishov <[email protected]>

.github/workflows/ci.yaml

@@ -0,0 +1,56 @@
+name: CI Checks
+on:
+  push:
+  pull_request:
+
+jobs:
+  lint:
+    name: Run ESLint
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+            node-version: 20
+            registry-url: 'https://npm.pkg.github.com'
+        env:
+            NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Run lint
+        run: npm run lint
+
+  check-dist:
+    name: Check Distribution
+    runs-on: ubuntu-latest
+
+    env:
+      BUNDLE_FILE: "dist/index.js"
+      BUNDLE_COMMAND: "npm run bundle"
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+            node-version: 20
+            registry-url: 'https://npm.pkg.github.com'
+        env:
+            NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Verify Latest Bundle
+        uses: redhat-actions/common/bundle-verifier@v1
+        with:
+          bundle_file: ${{ env.BUNDLE_FILE }}
+          bundle_command: ${{ env.BUNDLE_COMMAND }}

.github/workflows/scan_docker.yaml

@@ -0,0 +1,61 @@
+name: Scan Docker project
+on:
+  push:
+  workflow_dispatch:
+
+jobs:
+  test:
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ "ubuntu-latest" ]
+        # Test once with explicit manifest_file, and once without
+        manifest_file: ["Dockerfile", ""]
+        include:
+          - index: 1
+            manifest_file: "Dockerfile"
+          - index: 2
+            manifest_file: ""
+    runs-on: ${{ matrix.os }}
+    defaults:
+      run:
+        shell: bash
+    name: Analyse Docker project
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up JDK 20
+        uses: actions/setup-java@v4
+        with:
+            distribution: 'temurin'
+            java-version: '20'
+
+      - name: Install syft
+        run: |
+            curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin
+
+      - name: Install skopeo
+        run: |
+            sudo apt-get update
+            sudo apt-get install -y skopeo
+
+      - name: RHDA Scan
+        id: rhda_scan
+        uses: RHEcosystemAppEng/rhda-github-action@main
+        with:
+          manifest_directory: manifests/docker
+          manifest_file: ${{ matrix.manifest_file }}
+          artifact_filename: ${{ matrix.os }}${{ matrix.index }}-rhda-report
+          fail_on: never
+
+      - name: Print JSON analysis report
+        if: ${{ always() && steps.rhda_scan.outputs.crda_report_json }}
+        run: cat ${{ steps.rhda_scan.outputs.crda_report_json }}
+
+      - name: Print SARIF analysis report
+        if: ${{ always() && steps.rhda_scan.outputs.crda_report_sarif }}
+        run: cat ${{ steps.rhda_scan.outputs.crda_report_sarif }}
+
+      - name: Print Artifact ID
+        run: echo ${{ steps.rhda_scan.outputs.artifact_id }}

.github/workflows/scan_go.yaml

@@ -0,0 +1,51 @@
+name: Scan Golang project
+on:
+  push:
+  workflow_dispatch:
+
+jobs:
+  test:
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ "ubuntu-latest", "macos-latest", "windows-latest" ]
+        # Test once with explicit manifest_file, and once without
+        manifest_file: ["go.mod", ""]
+        include:
+          - index: 1
+            manifest_file: "go.mod"
+          - index: 2
+            manifest_file: ""
+    runs-on: ${{ matrix.os }}
+    defaults:
+      run:
+        shell: bash
+    name: Analyse Golang project
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Setup Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: '1.22'
+
+      - name: RHDA Scan
+        id: rhda_scan
+        uses: RHEcosystemAppEng/rhda-github-action@main
+        with:
+          manifest_directory: manifests/golang
+          manifest_file: ${{ matrix.manifest_file }}
+          artifact_filename: ${{ matrix.os }}${{ matrix.index }}-rhda-report
+          fail_on: never
+
+      - name: Print JSON analysis report
+        if: ${{ always() && steps.rhda_scan.outputs.crda_report_json }}
+        run: cat ${{ steps.rhda_scan.outputs.crda_report_json }}
+
+      - name: Print SARIF analysis report
+        if: ${{ always() && steps.rhda_scan.outputs.crda_report_sarif }}
+        run: cat ${{ steps.rhda_scan.outputs.crda_report_sarif }}
+
+      - name: Print Artifact ID
+        run: echo ${{ steps.rhda_scan.outputs.artifact_id }}

.github/workflows/scan_gradle.yaml

@@ -0,0 +1,52 @@
+name: Scan Gradle project
+on:
+  push:
+  workflow_dispatch:
+
+jobs:
+  test:
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ "ubuntu-latest", "macos-latest", "windows-latest" ]
+        # Test once with explicit manifest_file, and once without
+        manifest_file: ["build.gradle", ""]
+        include:
+          - index: 1
+            manifest_file: "build.gradle"
+          - index: 2
+            manifest_file: ""
+    runs-on: ${{ matrix.os }}
+    defaults:
+      run:
+        shell: bash
+    name: Analyse Gradle project
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Setup Java
+        uses: actions/setup-java@v4
+        with:
+          distribution: temurin
+          java-version: '20'
+
+      - name: RHDA Scan
+        id: rhda_scan
+        uses: RHEcosystemAppEng/rhda-github-action@main
+        with:
+          manifest_directory: manifests/gradle
+          manifest_file: ${{ matrix.manifest_file }}
+          artifact_filename: ${{ matrix.os }}${{ matrix.index }}-rhda-report
+          fail_on: never
+
+      - name: Print JSON analysis report
+        if: ${{ always() && steps.rhda_scan.outputs.crda_report_json }}
+        run: cat ${{ steps.rhda_scan.outputs.crda_report_json }}
+
+      - name: Print SARIF analysis report
+        if: ${{ always() && steps.rhda_scan.outputs.crda_report_sarif }}
+        run: cat ${{ steps.rhda_scan.outputs.crda_report_sarif }}
+
+      - name: Print Artifact ID
+        run: echo ${{ steps.rhda_scan.outputs.artifact_id }}

.github/workflows/scan_maven.yaml

@@ -0,0 +1,52 @@
+name: Scan Maven project
+on:
+  push:
+  workflow_dispatch:
+
+jobs:
+  test:
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ "ubuntu-latest", "macos-latest", "windows-latest" ]
+        # Test once with explicit manifest_file, and once without
+        manifest_file: ["pom.xml", ""]
+        include:
+          - index: 1
+            manifest_file: "pom.xml"
+          - index: 2
+            manifest_file: ""
+    runs-on: ${{ matrix.os }}
+    defaults:
+      run:
+        shell: bash
+    name: Analyse Maven project
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Setup Java
+        uses: actions/setup-java@v4
+        with:
+          distribution: temurin
+          java-version: '20'
+
+      - name: RHDA Scan
+        id: rhda_scan
+        uses: RHEcosystemAppEng/rhda-github-action@main
+        with:
+          manifest_directory: manifests/maven
+          manifest_file: ${{ matrix.manifest_file }}
+          artifact_filename: ${{ matrix.os }}${{ matrix.index }}-rhda-report
+          fail_on: never
+
+      - name: Print JSON analysis report
+        if: ${{ always() && steps.rhda_scan.outputs.crda_report_json }}
+        run: cat ${{ steps.rhda_scan.outputs.crda_report_json }}
+
+      - name: Print SARIF analysis report
+        if: ${{ always() && steps.rhda_scan.outputs.crda_report_sarif }}
+        run: cat ${{ steps.rhda_scan.outputs.crda_report_sarif }}
+
+      - name: Print Artifact ID
+        run: echo ${{ steps.rhda_scan.outputs.artifact_id }}

.github/workflows/scan_npm.yaml

@@ -0,0 +1,54 @@
+name: Scan Npm project
+on:
+  push:
+  workflow_dispatch:
+
+jobs:
+  test:
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ "ubuntu-latest", "macos-latest", "windows-latest" ]
+        # Test once with explicit manifest_file, and once without
+        manifest_file: ["package.json", ""]
+        include:
+          - index: 1
+            manifest_file: "package.json"
+          - index: 2
+            manifest_file: ""
+    runs-on: ${{ matrix.os }}
+    defaults:
+      run:
+        shell: bash
+    name: Analyse Npm project
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+            node-version: '20'
+
+      - name: Install dependencies
+        run: npm i 
+
+      - name: RHDA Scan
+        id: rhda_scan
+        uses: RHEcosystemAppEng/rhda-github-action@main
+        with:
+          manifest_directory: manifests/npm
+          manifest_file: ${{ matrix.manifest_file }}
+          artifact_filename: ${{ matrix.os }}${{ matrix.index }}-rhda-report
+          fail_on: never
+
+      - name: Print JSON analysis report
+        if: ${{ always() && steps.rhda_scan.outputs.crda_report_json }}
+        run: cat ${{ steps.rhda_scan.outputs.crda_report_json }}
+
+      - name: Print SARIF analysis report
+        if: ${{ always() && steps.rhda_scan.outputs.crda_report_sarif }}
+        run: cat ${{ steps.rhda_scan.outputs.crda_report_sarif }}
+
+      - name: Print Artifact ID
+        run: echo ${{ steps.rhda_scan.outputs.artifact_id }}