Fix tests for Actions AllowList (github#180)

* fix tests for Actions AllowList * add more allowed actions * Update tests/unit/actions-workflows.js Co-authored-by: Tom Jenkinson <tjenkinson@users.noreply.github.com> * Update allowed-actions.js Co-authored-by: Tom Jenkinson <tjenkinson@users.noreply.github.com>
blueboxes · Oct 8, 2020 · 01f53f2 · 01f53f2
1 parent e0072d0
commit 01f53f2
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 9 deletions.
diff --git a/.github/allowed-actions.js b/.github/allowed-actions.js
@@ -8,6 +8,7 @@ module.exports = [
   'actions/cache@v2',
   'actions/checkout@v2',
   'actions/github-script@0.9.0',
+  'actions/github-script@v2.0.0',
   'actions/github-script@v2',
   'actions/github-script@v3',
   'actions/labeler@v2',
@@ -25,6 +26,8 @@ module.exports = [
   'pascalgn/automerge-action@135f0bdb927d9807b5446f7ca9ecc2c51de03c4a',
   'peter-evans/create-issue-from-file@v2',
   'peter-evans/create-pull-request@v2',
+  'rachmari/actions-add-new-issue-to-column@v1.1.1',
+  'rachmari/labeler@v1.0.4',
   'repo-sync/github-sync@v2',
   'repo-sync/pull-request@v2',
   'rtCamp/action-slack-notify@master',

diff --git a/tests/unit/actions-workflows.js b/tests/unit/actions-workflows.js
@@ -19,17 +19,23 @@ function actionsUsedInWorkflow (workflow) {
     .map(key => get(workflow, key))
 }
 
+const allUsedActions = chain(workflows)
+  .map(actionsUsedInWorkflow)
+  .flatten()
+  .uniq()
+  .sort()
+  .value()
+
 describe('GitHub Actions workflows', () => {
-  test('only use allowed actions from ./github/allow-actions.json', async () => {
-    const allUsedActions = chain(workflows)
-      .map(actionsUsedInWorkflow)
-      .flatten()
-      .uniq()
-      .sort()
-      .value()
+  test('all used actions are allowed in .github/allowed-actions.js', () => {
+    expect(allUsedActions.length).toBeGreaterThan(0)
+    const unusedActions = difference(allowedActions, allUsedActions)
+    expect(unusedActions).toEqual([])
+  })
 
+  test('all allowed actions by .github/allowed-actions.js are used by at least one workflow', () => {
     expect(allowedActions.length).toBeGreaterThan(0)
-    expect(allUsedActions.length).toBeGreaterThan(0)
-    expect(difference(allowedActions, allUsedActions)).toEqual([])
+    const disallowedActions = difference(allUsedActions, allowedActions)
+    expect(disallowedActions).toEqual([])
   })
 })