Hi Catherine, I looked into clamp's code base and I could not find the scripts. Are these committed to the repo? It will be good to look at a sample implementation. I have a few questions about the approach
1. I am new to Istanbul so not sure what you mean by code coverage counter and hooks(a sample will be great) 2. What is the need to run a Robot Framework? My understanding is that Istanbul can give a coverage report on its own. Why are we including selenium and RF? 3. Is the end goal here to create a Istanbul report in JSON format? 4. How do we plan on adding these steps to Jenkins build? Regards Arul From: [email protected] [mailto:[email protected]] On Behalf Of Catherine LEFEVRE Sent: Wednesday, June 27, 2018 5:56 AM To: [email protected]; [email protected]; [email protected] Subject: [Onap-seccom] [CII Badging - Passing Level] [JS Test Coverage] Importance: High Dear ONAP Security Subcommittee, ONAP Community and PTLs, We would like to discuss the infrastructure that will be required to get JavaScript test coverage. We believe that, even if the LF enables the SonarJS plug-in (https://docs.sonarqube.org/display/PLUG/SonarJS), there will be a significant setup to be built up in each application in order to gather the requested inputs for sonar. Sonar expects that each build gathers the coverage data and transmits that as part of the build. So Sonar will then be able to map the coverage data and show it in the dashboard. We performed a walk-through of the solution for obtaining JavaScript CLAMP UI Code coverage. The basic sequence for the solution is: 1. Separate JS code from HTML code into separate files; 2. Inject JS source files with code coverage counters and hooks via use of the Istanbul test coverage tool set; 3. Bundle injected JS source files into CLAMP application, and startup CLAMP as normal; 4. Startup Istanbul Middleware service using Express/Node.js web application framework; 5. Run a Robot Framework (RF) test plan to exercise CLAMP UI via a web browser session supported by the Selenium Library extension; 6. When all tests have been executed, four final actions are executed from within the Robot test suite: a) Get the raw coverage data (JSON stringifed) from the browser session; b) Post the JSON coverage data to the Istanbul Middleware service started earlier; c) Get the refined coverage data in a zip file containing html files that can display the coverage graphically; d) Extract the lcov.info file from the zip file; 7. Adjust the source file references in the lcov.info file obtained from the Istanbul Middleware to contain relative path names suitable for SonarQube. The infrastructure will need to run a build that will require additional containers to be built and run, as well as complexities in the way to gather the info [cid:[email protected]] Detailed sample implementations for above flow are presented below. [cid:[email protected]] We welcome any input from the ONAP Community on this JS test coverage proposal. If it is confirmed that the above solution is the right way to move forward then we believe that we should split the JS test coverage into several phases that will be implemented across multiple ONAP releases depending on each project's bandwidth: Phase 1 - Setup the infrastructure Phase 2- Analyze the SONAR test coverage and build a plan to meet JS test coverage criteria Phase 3- Add test cases to meet the JS test coverage criteria We also would like to discuss this approach with the ONAP Security Subcommittee since it will impact CII Badging Passing Level. Many thanks & regards Catherine & the CLAMP Team Catherine Lefèvre AT&T Labs - Network Cloud & Infrastructure D2 Platform & Systems Development AVP Software Development & Engineering ECOMP/ONAP/RUBY/SPP Phone: +32 2 418 49 22 Mobile: +32 475 77 36 73 [email protected]<mailto:[email protected]> TEXTING and DRIVING... It Can Wait AT&T BUROGEST OFFICE PARK SA Avenue des Dessus-de-Lives, 2 5101 Loyers (Namur) Belgium NOTE: This email (or its attachments) contains information belonging to the sender, which may be confidential. proprietary and/or legally privileged. The information is intended only for the use of the individual(s) or entity(ies) named above. If you are not the intended recipient, you are hereby notified that any disclosure, distribution or taking of any action in reliance on the content of this is strictly forbidden. If you have received this e-mail in error please immediately notify the sender identified above This message and the information contained herein is proprietary and confidential and subject to the Amdocs policy statement, you may review at https://www.amdocs.com/about/email-disclaimer <https://www.amdocs.com/about/email-disclaimer> -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#10684): https://lists.onap.org/g/onap-discuss/message/10684 Mute This Topic: https://lists.onap.org/mt/22721722/21656 Group Owner: [email protected] Unsubscribe: https://lists.onap.org/g/onap-discuss/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
