Merge pull request #482 from nanasess/e2e-testing-selenium

[ご意見ください]OWASP ZAP のアクティブスキャンとE2Eテストをまとめて実行する試み
EC-CUBE · Jan 19, 2022 · a9603a1 · a9603a1
2 parents 0cbb612 + f1c3216
commit a9603a1
Show file tree

Hide file tree

Showing 78 changed files with 18,491 additions and 18,498 deletions.
diff --git a/.babelrc b/.babelrc
@@ -1,14 +1,16 @@
 {
   "presets": [
     [
-      "env",
-      {
-        "targets": {
-          "ie": 11
-        },
-        // 必要な分だけのpolyfillを自動でインポート
-        "useBuiltIns": "usage"
-      }
+        "@babel/preset-env",
+        {
+            "targets": {
+                "node": "current",
+                "ie": 11
+            },
+            // 必要な分だけのpolyfillを自動でインポート
+            "useBuiltIns": "usage",
+            "corejs": 2
+        }
     ]
   ]
 }
diff --git a/.editorconfig b/.editorconfig
@@ -12,7 +12,7 @@ trim_trailing_whitespace = true
 indent_style = space
 indent_size = 4
 
-[*.{yml,yaml,json,js}]
+[*.{yml,yaml,json,js,ts}]
 indent_style = space
 indent_size = 2
 

diff --git a/.eslintrc.json b/.eslintrc.json
@@ -7,6 +7,19 @@
    "plugins": [
     "import"
   ],
-  "parser": "babel-eslint",
-  "extends": "jquery"
+  "parser": "@typescript-eslint/parser",
+  "extends": [
+    "plugin:@typescript-eslint/recommended",
+    "plugin:prettier/recommended",
+    "prettier/@typescript-eslint",
+    "jquery"
+  ],
+  "rules": {
+    "prettier/prettier": [
+      "error",
+      {
+        "singleQuote": true
+      }
+    ]
+  }
 }
diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml
@@ -70,13 +70,7 @@ jobs:
         php-version: ${{ matrix.php }}
 
     - name: Install to Composer
-      run: |
-        composer install --no-interaction -o
-        composer require php5friends/codeception-phpunit48-wrapper ">=6.0.20" --dev
-        composer require captbaritone/mailcatcher-codeception-module "1.2.1" --dev
-        composer require codeception/codeception "*" --dev
-        composer remove php5friends/codeception-phpunit48-wrapper --dev
-        composer remove php5friends/phpunit48 --ignore-platform-reqs --dev
+      run: composer install --no-interaction -o
 
     - name: Create ADMIN_DIR
       run: |
@@ -110,59 +104,11 @@ jobs:
         phpdbg -qrr data/vendor/bin/phpunit tests/class/SC_SessionFactoryTest.php --coverage-clover=coverage3.xml
         mv data/config/config.php.bak data/config/config.php
 
-    - name: Install symfony/cli
-      continue-on-error: true
-      run: |
-        wget https://get.symfony.com/cli/installer -O - | bash
-        sudo mv ~/.symfony/bin/symfony /usr/local/bin/symfony
-        symfony local:php:list
-
-    - name: setup-chromedriver
-      uses: nanasess/setup-chromedriver@master
-    - name: Run chromedriver
-      run: |
-        export DISPLAY=:99
-        chromedriver --url-base=/wd/hub &
-        echo ">>> Started chrome-driver"
-        sudo Xvfb -ac :99 -screen 0 1280x1024x24 > /dev/null 2>&1 &
-        echo ">>> Started xvfb"
-    - name: Setup C3
-      run: |
-        wget https://raw.github.com/Codeception/c3/2.0/c3.php
-        sed -i 's,/vendor/autoload.php,/data/vendor/autoload.php,g' c3.php
-        echo "include __DIR__.'/../c3.php';" >> html/define.php
-    - name: Run to Codeception
-      continue-on-error: true
-      env:
-        DB: ${{ matrix.db }}
-        USER: ${{ matrix.dbuser }}
-        DBUSER: ${{ matrix.dbuser }}
-        DBPASS: ${{ matrix.dbpass }}
-        DBNAME: ${{ matrix.dbname }}
-        DBPORT: ${{ matrix.dbport }}
-        DBSERVER: 127.0.0.1
-        HTTP_URL: http://127.0.0.1:8085/
-        HTTPS_URL: http://127.0.0.1:8085/
-        XDEBUG_MODE: coverage
-      run: |
-        sudo phpenmod -s cli xdebug
-        sudo phpenmod -s fpm xdebug
-        mv html/admin html/${ADMIN_DIR}
-        php data/vendor/bin/codecept build
-        symfony serve -d --no-tls --port=8085 --document-root=html
-        php data/vendor/bin/codecept run --env chrome,http --skip-group installer --skip-group excludeCoverage --steps --coverage --coverage-xml
-        mv ./ctests/_output/acceptance\ \(chrome,\ http\).remote.coverage.xml ctests/_output/acceptance.remote.coverage.xml
-
     - name: Upload coverage
       uses: codecov/codecov-action@v1
       with:
-        files: ./coverage1.xml,./coverage2.xml,./coverage3.xml,./ctests/_output/acceptance.remote.coverage.xml
+        files: ./coverage1.xml,./coverage2.xml,./coverage3.xml
         # token: ${{ secrets.CODECOV_TOKEN }}
         flags: tests
         # yml: ./codecov.yml
         fail_ci_if_error: true
-    - name: Upload evidence
-      uses: actions/upload-artifact@v2
-      with:
-        name: coverage-evidence
-        path: ctests/_output/
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -134,15 +134,15 @@ jobs:
           rm -rf $GITHUB_WORKSPACE/Procfile
           rm -rf $GITHUB_WORKSPACE/build.xml
           rm -rf $GITHUB_WORKSPACE/README.md
-          rm -rf $GITHUB_WORKSPACE/codeception.yml
           rm -rf $GITHUB_WORKSPACE/php.ini
           rm -rf $GITHUB_WORKSPACE/phpinicopy.sh
           rm -rf $GITHUB_WORKSPACE/phpinidel.sh
           rm -rf $GITHUB_WORKSPACE/*.phar
           rm -rf $GITHUB_WORKSPACE/setup.sh
           rm -rf $GITHUB_WORKSPACE/setup_heroku.php
           rm -rf $GITHUB_WORKSPACE/svn_propset.sh
-          rm -rf $GITHUB_WORKSPACE/ctests
+          rm -rf $GITHUB_WORKSPACE/playwright*
+          rm -rf $GITHUB_WORKSPACE/e2e-tests
           rm -rf $GITHUB_WORKSPACE/tests
           rm -rf $GITHUB_WORKSPACE/templates
           rm -rf $GITHUB_WORKSPACE/patches

diff --git a/.github/workflows/e2e-tests.yml b/.github/workflows/e2e-tests.yml
@@ -0,0 +1,172 @@
+name: E2E testing for EC-CUBE
+on:
+  push:
+    branches:
+      - '*'
+    tags:
+      - '*'
+    paths:
+      - '**'
+      - '!*.md'
+  pull_request:
+    paths:
+      - '**'
+      - '!*.md'
+jobs:
+  run-on-linux:
+    name: Run on Linux
+    runs-on: ubuntu-18.04
+    strategy:
+      fail-fast: false
+      matrix:
+        group:
+          - 'test/front_login'
+          - 'test/front_guest'
+          - 'test/admin'
+
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v2
+
+    # - name: Create ADMIN_DIR
+    #   run: |
+    #     sudo apt-fast install -y sharutils
+    #     echo "ADMIN_DIR=$(head -c 10 < /dev/random | uuencode -m - | tail -n 2 |head -n 1 |  sed 's,[/+],_,g' | head -c10)/" >> $GITHUB_ENV
+    - name: Setup environment
+      run: echo "COMPOSE_FILE=docker-compose.yml:docker-compose.pgsql.yml:docker-compose.dev.yml:docker-compose.owaspzap.yml:docker-compose.owaspzap.daemon.yml" >> $GITHUB_ENV
+
+    - name: Setup to EC-CUBE
+      env:
+        HTTP_URL: https://127.0.0.1:8085/
+        HTTPS_URL: https://127.0.0.1:8085/
+      run: |
+        sudo chown -R 1001:1000 zap
+        sudo chmod -R g+w zap
+        docker-compose up -d
+        docker-compose exec -T ec-cube composer install
+        docker-compose exec -T ec-cube composer update 'symfony/*' --ignore-platform-req=php -W
+        docker-compose exec -T ec-cube php data/vendor/bin/eccube eccube:fixtures:generate --products=5 --customers=1 --orders=5
+        docker-compose exec -T postgres psql --user=eccube_db_user eccube_db -c "UPDATE dtb_customer SET email = 'zap_user@example.com' WHERE customer_id = (SELECT MAX(customer_id) FROM dtb_customer WHERE status = 2 AND del_flg = 0);"
+
+    - run: sleep 1
+    - run: |
+        yarn install
+        yarn run playwright install --with-deps chromium
+        yarn playwright install-deps chromium
+
+    - name: Run to E2E testing
+      env:
+        GROUP: ${{ matrix.group }}
+        HTTPS_PROXY: 'localhost:8090'
+        HTTP_PROXY: 'localhost:8090'
+        CI: 1
+        FORCE_COLOR: 1
+      run: yarn test:e2e e2e-tests/${GROUP}
+
+    - name: Upload evidence
+      if: failure()
+      uses: actions/upload-artifact@v2
+      with:
+        name: linux-php${{ matrix.tag }}-${{ matrix.db }}-evidence
+        path: 'test-results/'
+    - name: Upload logs
+      if: failure()
+      uses: actions/upload-artifact@v2
+      with:
+        name: linux-php${{ matrix.php }}-${{ matrix.db }}-logs
+        path: data/logs
+  installer:
+    name: Installer test
+    runs-on: ubuntu-18.04
+    strategy:
+      fail-fast: false
+      matrix:
+        db: [ 'pgsql', 'mysql' ]
+        tag:
+          - '5.6-apache'
+          - '7.1-apache'
+          - '7.2-apache'
+          - '7.3-apache'
+          - '7.4-apache'
+        include:
+          - db: mysql
+            dbport: '3306'
+            dbuser: 'eccube_db_user'
+            dbpass: 'password'
+            dbname: 'eccube_db'
+            dbhost: 'mysql'
+          - db: pgsql
+            dbport: '5432'
+            dbuser: 'eccube_db_user'
+            dbpass: 'password'
+            dbname: 'eccube_db'
+            dbhost: 'postgres'
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v2
+
+    - name: Setup environment
+      env:
+        DB_TYPE: ${{ matrix.db }}
+      run: echo "COMPOSE_FILE=docker-compose.yml:docker-compose.${DB_TYPE}.yml:docker-compose.dev.yml:docker-compose.owaspzap.yml:docker-compose.owaspzap.daemon.yml" >> $GITHUB_ENV
+    - name: Setup to EC-CUBE
+      env:
+        HTTP_URL: https://127.0.0.1:8085/
+        HTTPS_URL: https://127.0.0.1:8085/
+        TAG: ${{ matrix.tag }}
+      run: |
+        sudo chown -R 1001:1000 zap
+        sudo chmod -R g+w zap
+        sh -c 'echo "<?php" >> data/config/config.php'
+        docker-compose build --build-arg TAG=${TAG} ec-cube
+        docker-compose up -d
+
+    - run: sleep 1
+    - run: |
+        yarn install
+        yarn run playwright install --with-deps chromium
+        yarn playwright install-deps chromium
+    - run: |
+        rm data/config/config.php
+        chmod -R o+w html
+        chmod o+w data
+        chmod -R o+w data/Smarty
+        chmod -R o+w data/cache
+        chmod -R o+w data/class
+        chmod -R o+w data/class_extends
+        chmod o+w data/config
+        chmod -R o+w data/download
+        chmod -R o+w data/downloads
+        chmod o+w data/fonts
+        chmod o+w data/include
+        chmod o+w data/logs
+        chmod -R o+w data/module
+        chmod o+w data/smarty_extends
+        chmod o+w data/upload
+        chmod o+w data/upload/csv
+
+    - name: Run to E2E testing
+      env:
+        HTTP_PROXY: 'localhost:8090'
+        HTTPS_PROXY: 'localhost:8090'
+        CI: 1
+        FORCE_COLOR: 1
+        DB_TYPE: ${{ matrix.db }}
+        DB_USER: ${{ matrix.dbuser }}
+        DB_PASSWORD: ${{ matrix.dbpass }}
+        DB_NAME: ${{ matrix.dbname }}
+        DB_PORT: ${{ matrix.dbport }}
+        DB_SERVER: ${{ matrix.dbhost }}
+      run: yarn test:e2e e2e-tests/test/installer/installer.test.ts
+    - name: Upload logs
+      if: failure()
+      uses: actions/upload-artifact@v2
+      with:
+        name: linux-php${{ matrix.tag }}-${{ matrix.db }}-logs
+        path: html/install/temp/install.log*
+    - name: Upload evidence
+      if: failure()
+      uses: actions/upload-artifact@v2
+      with:
+        name: linux-php${{ matrix.tag }}-${{ matrix.db }}-evidence
+        path: 'test-results/'