CI/CD Template Tests
This directory contains validation tests for the StellaOps CI/CD signing templates.
Running Tests
# Run all validation tests
./validate-templates.sh
# Run with verbose output
bash -x validate-templates.sh
Test Coverage
| Test Suite | Description |
|---|---|
| File Existence | Verifies all template files exist |
| YAML Syntax | Validates YAML syntax using yq |
| Workflow Structure | Checks required fields in workflows |
| Documentation | Validates documentation content |
| Cross-Platform | Ensures consistent patterns across platforms |
| actionlint | GitHub Actions specific linting |
Prerequisites
For full test coverage, install:
# yq - YAML processor
brew install yq # macOS
# or
apt-get install yq # Debian/Ubuntu
# actionlint - GitHub Actions linter
go install github.com/rhysd/actionlint/cmd/actionlint@latest
# or
brew install actionlint
Templates Tested
GitHub Actions
stellaops-sign.yml- Reusable signing workflowstellaops-verify.yml- Reusable verification workflow- Example workflows for containers, SBOMs, verdicts
GitLab CI
.gitlab-ci-stellaops.yml- Include-able templatesexample-pipeline.gitlab-ci.yml- Full pipeline example
Gitea
release-keyless-sign.yml- Release signingdeploy-keyless-verify.yml- Deploy verification
Expected Output
========================================
CI/CD Template Validation Tests
Sprint: SPRINT_20251226_004_BE
========================================
Checking required tools
✓ PASS: yq is installed
✓ PASS: actionlint is installed
Testing GitHub Actions templates exist
✓ PASS: .github/workflows/examples/stellaops-sign.yml exists
...
Test Summary
========================================
Passed: 25
Failed: 0
All tests passed!