simplify k8s integration test (cypress or others)
commjoen opened this issue · 8 comments
we now have a script that does integration testing with the k8s setup for the github action. We need to convert this to cypress or to an easier extensible shell script with just a simple yaml definition or something alike
I would like to work on this enhancement!!
It is all yours! Basically we need to make sure that the spoils of the k8s and the vault challenges are correct and not if_you_see_this_please_use_K8S_and_Vault .
For now that holds for challenge 5,6,7, 33, and the upcomming 44,45,46.
Hey @commjoen can you please provide me with the answers of 5,6,7,33 as of now as it will save my time
You can find them in the spoil endpoints of the challenges. Can you please:
- grab the spoil endpoint first and check that it is not a default value?
- post it to the challenge and check result?
Can you fail the test if it the spoil is a default value or the challenge does not resolve with the spoiled value of the first step please?
i checked the spoil endpoint of challenge 5 it is a default value !!
and that challange 5 is also disabled
so i'm not sure if from my end some k8s setup is required ??
These only work when you use a k8s setup with vault. See the readme and the existing workflow (https://github.com/OWASP/wrongsecrets/actions/workflows/minikube-vault-test.yml ) to be extended /changed for this issue.
heyy @commjoen !!
i have written the cypress scripts for challenge 5,6,7,33 but
for eg:- test of challenge 5
in line no 5, the answer of the challenge is visible clearly and that's not good programming practice so what should i do to hide that,
or will that be fine ???
Can you programmatically obtain the answer from a spoiler and put it in the answer box :-)?