diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 252af9e..eb30446 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -5,12 +5,12 @@ on: push: branches: 'main' +# Temporarily splitting out tests into separate jobs for improving workflow execution time jobs: - test: - name: 'Run Tests' + unit_test: + name: 'Run Unit Tests' runs-on: labels: ubuntu-latest-m - steps: - uses: actions/checkout@v4 - name: Setup Go @@ -25,15 +25,106 @@ jobs: run: go install github.com/mfridman/tparse@latest - name: Unit Tests run: go test --cover $(go list ./... | grep -v /integration | grep -v /database | grep -v /cmd | grep -v /viewer ) -json 2>&1 | tee unit.out && tparse -all --file=unit.out + - name: Upload test output on failure + uses: actions/upload-artifact@v4 + if: ${{ failure() }} + with: + name: media + path: unit.out + + integration_test: + name: 'Run Integration Tests' + runs-on: + labels: ubuntu-latest-m + steps: + - uses: actions/checkout@v4 + - name: Setup Go + uses: actions/setup-go@v5 + with: + go-version: '1.22' + - name: Install dependencies + run: go get . + - name: Build + run: go build -v ./... + - name: Install tparse + run: go install github.com/mfridman/tparse@latest - name: Integration Tests shell: 'script -q -e -c "bash {0}"' run: go test ./integration/... -json -timeout 1800s 2>&1 | tee integration.out && tparse -all --file=integration.out + - name: Upload test output on failure + uses: actions/upload-artifact@v4 + if: ${{ failure() }} + with: + name: media + path: integration.out + + database_test: + name: 'Run Database Tests' + runs-on: + labels: ubuntu-latest-m + steps: + - uses: actions/checkout@v4 + - name: Setup Go + uses: actions/setup-go@v5 + with: + go-version: '1.22' + - name: Install dependencies + run: go get . + - name: Build + run: go build -v ./... + - name: Install tparse + run: go install github.com/mfridman/tparse@latest - name: Database Tests shell: 'script -q -e -c "bash {0}"' run: go test ./database/... -json -timeout 1800s 2>&1 | tee database.out && tparse -all --file=database.out + - name: Upload test output on failure + uses: actions/upload-artifact@v4 + if: ${{ failure() }} + with: + name: media + path: database.out + cmd_test: + name: 'Run Cmd Tests' + runs-on: + labels: ubuntu-latest-m + steps: + - uses: actions/checkout@v4 + - name: Setup Go + uses: actions/setup-go@v5 + with: + go-version: '1.22' + - name: Install dependencies + run: go get . + - name: Build + run: go build -v ./... + - name: Install tparse + run: go install github.com/mfridman/tparse@latest - name: Cmd Tests shell: 'script -q -e -c "bash {0}"' run: go test ./cmd/... -json -timeout 1800s 2>&1 | tee cmd.out && tparse -all --file=cmd.out + - name: Upload test output on failure + uses: actions/upload-artifact@v4 + if: ${{ failure() }} + with: + name: media + path: cmd.out + + viewer_test: + name: 'Run Viewer Tests' + runs-on: + labels: ubuntu-latest-m + steps: + - uses: actions/checkout@v4 + - name: Setup Go + uses: actions/setup-go@v5 + with: + go-version: '1.22' + - name: Install dependencies + run: go get . + - name: Build + run: go build -v ./... + - name: Install tparse + run: go install github.com/mfridman/tparse@latest - name: Viewer Tests shell: 'script -q -e -c "bash {0}"' run: go test ./viewer/... -json -timeout 1800s 2>&1 | tee viewer.out && tparse -all --file=viewer.out @@ -42,10 +133,6 @@ jobs: if: ${{ failure() }} with: name: media - path: | - integration.out - unit.out - database.out - cmd.out - viewer.out + path: viewer.out + diff --git a/viewer/csv_test.go b/viewer/csv_test.go index 8c1cdf1..463cc76 100644 --- a/viewer/csv_test.go +++ b/viewer/csv_test.go @@ -11,7 +11,7 @@ import ( "github.com/stretchr/testify/require" ) -const expectedCSVHeader = "Severity,Source IP,Destination IP,FQDN,Beacon Score,Strobe,Total Duration,Long Connection Score,Subdomains,C2 Over DNS Score,Threat Intel,Prevalence,First Seen,Missing Host Header,Connection Count,Total Bytes,Port:Proto:Service\n" +const expectedCSVHeader = "Severity,Source IP,Destination IP,FQDN,Beacon Score,Strobe,Total Duration,Long Connection Score,Subdomains,C2 Over DNS Score,Threat Intel,Prevalence,First Seen,Missing Host Header,Connection Count,Total Bytes,Port:Proto:Service,Modifiers\n" func (s *ViewerTestSuite) TestGetCSVOutput() { // minTimestamp, maxTimestamp, _, useCurrentTime, err := s.db.GetBeaconMinMaxTimestamps() @@ -34,13 +34,8 @@ func (s *ViewerTestSuite) TestGetCSVOutput() { minTimestamp: minTimestamp, search: "", limit: 1, - // Critical,::,::,r-1x.com,0.00%,false,0,0.00%,62468,80.00%,false,0.00%,23 hours ago,false,0,0,"" - // High,10.55.100.106,::,static4.businessinsider.com,42.90%,false,168038.74730999992,80.00%,0,0.00%,false,0.71%,23 hours ago,false,1540,59346910,"80:tcp:http,80::" - // Critical,10.55.100.111,::,cdn.content.prod.cms.msn.com,1,false,2686.9578759999995,0,0,0,false,0.35714287,6 years ago,false,48,114487,"80:tcp:http" expectedCSV: expectedCSVHeader + - // "Critical,10.55.100.111,::,cdn.content.prod.cms.msn.com,1,false,2686.96,0,0.00,0,0.00,false,0.36,6 years ago,false,48,114487,\"80:tcp:http\"\n", //+ - // "Critical,::,::,r-1x.com,0.00,false,0,0.00,0,0.00,false,0.00,23 hours ago,false,0,0,\"\"\n", - `Critical,192.168.88.2,165.227.88.15,,0,true,15176.8545,0.41078964,0,0,false,0.06666667,23 hours ago,false,108858,43451342,"53:tcp:,53:udp:dns"`, + `Critical,10.55.100.103,::,www.alexa.com,0.899,false,119027.91,0.8,0,0,false,0.8666667,23 hours ago,false,602,47747442,"443:tcp:ssl,80:tcp:http","mime_type_mismatch:288,rare_signature:Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.16299.98"`, expectedError: false, }, } @@ -101,7 +96,7 @@ func (s *ViewerTestSuite) TestFormatToCSV() { }, relativeTimestamp: time.Now(), expectedCSV: expectedCSVHeader + - "High,10.55.100.111,88.221.81.192,example.com,0.75,false,10800,0.8,3,0.45,true,0.35,3 days ago,false,2574,24335500,\"80:tcp:http,443:tcp:https\"", + "High,10.55.100.111,88.221.81.192,example.com,0.75,false,10800,0.8,3,0.45,true,0.35,3 days ago,false,2574,24335500,\"80:tcp:http,443:tcp:https\",\"\"", expectedError: false, }, {