Programming jSQL
💉jSQL runs on 28k lines of code that can break when code is added therefore it requires tests to prevent regressions.
- First unit tests run and process stops if any failure is detected
- Then integration tests run, and process also stops if any test fails
- Finally a new version is released if all tests pass
Unit testing ensures that lines of code produce the expected result, it warns you when you have broken something while adding new code.
You run unit tests without any external resource, no database, no API, and you can inspect the lines of code that have been triggered during the tests by using the code coverage reports. Code that has been not triggered means either it's useless or it does not run as expected.
The following native live reports are displaying the code coverage and mutation coverage for the main 💉jSQL components:
- the
Modelis responsible of the injection - the
Viewdisplays the GUI
| Coverage | Code | Mutation |
|---|---|---|
Model |
report | report |
View |
report | report |
External platforms are also triggered on commit and produce additional reports:
- Sonar measures code complexity, duplication and code smell (report)
- Codecov displays code coverage graphically (report)
- Codacy processes additional quality rules (report)
Integration testing checks that the components interact properly and validate that they access the expected external resources.
The following components must properly communicate during integration tests:
- the injection
Modelruns withJUnittesting framework - the
SpringWeb server API and pages are connected to the databases - the databases are
in-memoryand on🐳 Docker
New releases are automatically uploaded to GitHub when all tests pass and when an administrator approves the release.
The new version is then available to download, also 3rd party platforms like Kali Linux and Packetstorm pull the release.
Useful docs are auto-generated every time the code changes:
- Javadoc describes all the classes and methods
- Surefire report lists all unit tests including the execution time
- dependency report displays the available version updates
| Javadoc | Surefire | Dependencies | |
|---|---|---|---|
Model |
doc | unit tests | updates |
View |
doc | unit tests | updates |
Running unit tests, running integration tests and releasing a new version is processed during CI/CD.
Libraries used for testing are Spring, Spock and Hibernate, and 
GitHub Actions is the cloud platform that runs the entire process.
Non regression tests run databases in-memory and on 🐳 Docker and the GUI is tested on VNC screen with GitHub Actions.
Quality checks are then processed and stored on code quality platforms like Sonarcloud, Codecov, Codacy and Snyk.
The following diagram shows the global 💉jSQL architecture, it describes the components that run on GitHub Actions during the continuous integration process.
---
title: Architecture, covered by CI/CD
---
graph
junit(JUnit Tests)
subgraph "jSQL Injection"
gui(GUI)
model("💉Model")
end
subgraph Spring
apis([/api])
admin([/admin-page])
end
subgraph Memory
memory-other[("
SQLite H2
HSQLDB
Derby
")]
end
subgraph Docker
subgraph Apache + PHP
direction LR
mysql[(MySQL)]
shell(["/shell.php"])
passwd(["/etc/passwd"])
end
end
subgraph Docker2 [Docker]
docker-other[("
SQL Server
PostgreSQL
Neo4j Db2
Cubrid
")]
end
gui -. "call" .-> shell
mysql -. create .-> shell
mysql -. read .-> passwd
junit -.-> gui
junit --> model
model & gui -.-> admin
model --> apis
apis --> Docker & Docker2 & Memory