Installations
npm install @postlight/ci-failed-test-reporter
Releases
Unable to fetch releases
Developer
postlight
Developer Guide
Module System
CommonJS
Min. Node Version
Typescript Support
No
Node Version
10.2.1
NPM Version
5.6.0
Statistics
11 Stars
88 Commits
1 Forks
37 Watching
8 Branches
20 Contributors
Updated on 03 Jan 2024
Languages
JavaScript (100%)
Total Downloads
Cumulative downloads
Total Downloads
9,594,213
Last day
-4.4%
14,344
Compared to previous day
Last week
23.2%
100,517
Compared to previous week
Last month
11.2%
327,431
Compared to previous month
Last year
1.3%
2,474,877
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Dev Dependencies
25
CI Failed Test Reporter
A familiar scene: you open up a PR only to see that your CI build failed because of some tests that didn't pass. But which tests? GitHub won't tell you. Your best options for finding out include opening a console and running your test suite locally or manually sifting through the CI logs, and neither of these is as efficient as you'd like.
This tool was built to facilitate this process—when your CI build breaks due to failing tests, it reads the JSON test report generated by your testing framework, formats it into markdown, and posts it as a comment directly on your PR. With this tool, you can see which tests broke the build in the same place you find out it's broken, no context-switching necessary.
Installation
1yarn add @postlight/ci-failed-test-reporter 2 3# or 4 5npm install @postlight/ci-failed-test-reporter
Note on testing frameworks
This package is currently only compatible with JSON test results generated by Jest and Mocha, but we're hoping to add additional support in the future.
Usage
The basic usage is simple: First, you'll run your tests in a way that outputs the results to a JSON file:
Jest:
1jest --json --outputFile test-output.json
Mocha:
1mocha --recursive './src/tests/mocha/*.js' --reporter json > test-output.json
You'll likely want to add this as a script to your package.json
, like so:
Jest:
1 "scripts": { 2 "test-with-output": "jest --json --outputFile test-output.json", 3 }
Mocha:
1 "scripts": { 2 "test-with-output": "mocha --recursive './src/tests/mocha/*.js' --reporter json > test-output.json", 3 }
Next, you run ciftr
(ci-failed-test-reporter) to parse the test results and report failed tests:
1yarn ciftr test-output.json
Before that will work in your CI environment, you'll need to do two things:
- Set up your CI config
- Create a GitHub API key and add it to your CI environment variables
Currently, this tool currently only works with CircleCI, but we're looking into opening it up to other CI solutions.
CI Setup
This tool has only been tested using CircleCI and Travis, but should be able to work with any CI solution that allows you to set the proper environment variables. Below, we've outlined the process for setting up a CircleCI config for use with the tool. The process should be somewhat similar across CI solutions—make sure to look at the CI tool's docs to determine what needs to be done differently.
Setting up a CircleCI config
To set things up with CircleCI, there's just one run
block you'll need to add to your .circleci/config.yml
file.
After the step where you run your tests, you'll run ciftr
:
1- run: yarn test 2- run: 3 name: Upload Test Report 4 command: yarn ciftr test-report.json # this should mirror whereever you've saved your test results 5 when: on_fail # only run this when tests have failed
You can check out this CircleCI config for a full working example. The only thing you will definitely want to change is the working_directory
value, which should be changed to the name of your repo. Note that this config assumes you're saving your test reports as test-report.json
in the root directory.
Setting up a Travis config
To set things up with Travis, you only need to add the following step to your .travis.yml
file:
after_failure:
- yarn ciftr /test-report.json
You'll be all set after that! Again, this assumes that the testing framework is writing test results in a file called test-report.json
in the root directory of your project. Check out our example Travis config for a working example that you can use as a guide.
Using this project with another CI solution
While we've only tested this package with Travis and CircleCI, it should work swimmingly with any CI solution that allows you to access a few key pieces of info about the current build. The following environment variables must be defined—you may be able to export them as part of a step in your build process.
CIFTR_GITHUB_API_KEY="your github API key"
CIFTR_PR_USERNAME="the repo owner's username"
CIFTR_PR_NUMBER="the number of the pull request"
CIFTR_PR_REPONAME="the repo name"
Here's an example of how you might manually export the appropriate environment variables, using CircleCI as an example (remember that this package supports CircleCI, so need to use this code in your actual config). The process for another CI tool may or may not look similar.
- run:
name: Define Environment Variables at Runtime
command: |
echo 'export CIFTR_PR_REPONAME=${CIRCLE_PROJECT_REPONAME}' >> $BASH_ENV
echo 'export CIFTR_PR_USERNAME=${CIRCLE_PROJECT_USERNAME}' >> $BASH_ENV
# grep just the pr number from the PR URL
echo 'export CIFTR_PR_NUMBER=$(echo $CIRCLE_PULL_REQUEST | grep -Eo "\/pull\/([0-9]+)" | grep -Eo "[0-9]+")' >> $BASH_ENV
source $BASH_ENV
Setting Up Your GitHub API Key Environment Variable
The only environment variable you need to define for use through the CircleCI webapp is CIFTR_GITHUB_API_KEY
, which must be populated with your GitHub API key. This can be the API key of any user with access to the repo—at Postlight, we've created a postlight-bot
user and recommend you do similarly. In order to create a GitHub API key, start here. The rest of the necessary environment variables are built into CircleCI and are exported in your CircleCI config file, as detailed [above](#Set up your CircleCI config).
TODO
- Add support for other JS testing frameworks, or possibly add bring-your-own-framework functionality
- Allow configuration of comment template
- Add example config setup for Jenkins
Pull requests are more than welcome!
🔬 A project from your friends at Postlight Labs
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE-APACHE:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE-APACHE:0
Reason
Found 2/30 approved changesets -- score normalized to 0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 5 are checked with a SAST tool
Reason
59 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-6chw-6frg-f759
- Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-w8qv-6jwh-64r5
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm
- Warn: Project is vulnerable to: GHSA-2j2x-2gpw-g8fm
- Warn: Project is vulnerable to: GHSA-8r6j-v8pm-fqw3
- Warn: Project is vulnerable to: MAL-2023-462
- Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-w457-6q6x-cgp9
- Warn: Project is vulnerable to: GHSA-62gr-4qp9-h98f
- Warn: Project is vulnerable to: GHSA-f52g-6jhx-586p
- Warn: Project is vulnerable to: GHSA-2cf5-4w76-r9qv
- Warn: Project is vulnerable to: GHSA-3cqr-58rm-57f8
- Warn: Project is vulnerable to: GHSA-g9r4-xpmj-mj65
- Warn: Project is vulnerable to: GHSA-q2c6-c6pm-g3gh
- Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44
- Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp
- Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m / GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-fhjf-83wg-r2j9
- Warn: Project is vulnerable to: GHSA-w7rc-rwvf-8q5r
- Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
- Warn: Project is vulnerable to: GHSA-5fw9-fq32-wv5p
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-4g88-fppr-53pp
- Warn: Project is vulnerable to: GHSA-4jqc-8m5r-9rpr
- Warn: Project is vulnerable to: GHSA-3jfq-g458-7qm9
- Warn: Project is vulnerable to: GHSA-r628-mhmh-qjhw
- Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc
- Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh
- Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-jgrx-mgxx-jf9v
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-332q-7ff2-57h2
- Warn: Project is vulnerable to: GHSA-6fc8-4gx4-v693
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
- Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
Score
1.7
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More