Satori CI - Automated Software Testing Platform
Project description
What is Satori CI?
Satori allows you to assert how systems and software behave. Automatize software and system testing using three different approaches:
- On demand: you need to execute the test one time (ie, Security Testing, Stress Testing, etc)
- Scheduled: you need to know on a regular basis what is the status of something (ie, Monitoring live systems every five minutes, Auditing weekly/monthly/yearly systems, etc)
- CI/CD: you need to execute it every time you are pushing new code (ie, Security Testing, System Testing, etc)
Setup Satori CLI
Three steps:
- Execute on your command line terminal:
pip3 install satori-ci
- With Satori CLI installed, now we need to get a Satori Token to use it:
- Log in the Satori website using Github credentials: https://www.satori-ci.com/login
- On the Satori website go to User Settings
- Copy your User API Token
- Replace the string YOUR_TOKEN with your clipboard on the next command:
satori-cli config token YOUR_TOKEN
Actions
You can take actions on:
- run: whenever you are launching on demand scans for playbook files or directories
- repo: whenever you are taking actions on repositories
- monitor: visualize your scheduled playbooks
- team: actions related to your team settings
Now, lets test software.
satori-cli run
Consider the following example "Hello World" program written in Python:
print("Hello World")
If save that into a file named hello_world.py
and we execute this program, we would see the following on the console:
foo@bar:~$ python hello_world.py
Hello World
How can you test aumatically that that piece of software behaves according to specification? You can write a Satori Playbook using a simple and practical notation:
foo@bar:~$ cat .satori.yml
test:
assertStdoutEqual: "Hello World\n"
python:
- [ python hello_world.py ]
Lets test the code with the playbook
foo@bar:~$ satori-cli run ./ --sync
Satori CI 1.2.3 - Automated Software Testing Platform
Uploading... ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 331/331 bytes 0:00:00
UUID: AOQxDWDkXpZp
Report: https://www.satori-ci.com/report_details/?n=AOQxDWDkXpZp
- Report status: Completed | Result: Pass | Elapsed time: 62.6s
• test: test > python
• asserts:
░ assert: assertStdoutEqual
░ status: Pass
░ expected: Hello World
- - - - - - - - - - - - - - - - - - - -
• testcases: 1
• test_status: Pass
• total_fails: 0
- - - - - - - - - - - - - - - - - - - -
The code and the Satori playbook instructions were executed on a new Docker instance hosted by AWS. Satori asserts that this piece of software output "Hello World". You can assert several things:
- assertStdout: True|False
Is output produced?
- assertStdoutEqual: String*
Is the output equal to the String?
- assertStdoutNotEquals: String
Is the output different than String?
- assertStdoutContains: String
Does the output contains the String?
- assertStdoutNotContains: String
Does the output not contain the String?
- assertStdoutSHA256: SHA256Checksum
Is the output equal to this SHA256 hash?
- assertStdoutRegex: Regex
Does the output matches your regexp?
- assertStdoutNotRegex: Regex
Does the output not match your regexp?
The previos can also be applied to assertStderr. Finally, you can assert the return code of your the execution using assertReturnCode.
Please let us know if you need to assert something else that we is not covered by them.
Setup Satori CI Github App
We tested on demand. Now let's do it as part of your regular Github CI process.
-
Click on Install
-
Select the repositories where you will be installing it or select all repositories
By default you can get notifications via email and Github issues. If you want to get notified in slack, discord or telegram go to https://www.satori-ci.com/user-settings/ to define their details.
If you want to detail in your playbook to be notified when the scans are ready, add the following to them:
settings:
log|logOnFail|logOnPass: slack|email|issue|discord|telegram
For example:
settings:
logOnFail: slack
test:
assertStdoutEqual: Hello World
python:
- [ python hello_world.py ]
and put it on a file named .satori.yml inside your repository.
satori-cli repo
You can check which repositories you connected with a playbook by running
foo@bar:~$ satori-cli repo
You can scan all your commits from your repository to see if there were any discrepancies at some point:
foo@bar:~$ satori-cli repo githubusername/repository scan -c 100 --sync
satori-cli playbook
Are used to assert software behaviors, wether they are source code files or live systems. You can see a list of public playbooks by running
Public playbooks
They can be imported by playbooks that you have in your CI or on assets being Monitored.
foo@bar:~$ satori-cli playbook --public
URI | Name
satori://code/trufflehog.yml | Trufflehog will search for secrets in your code
satori://code/semgrep.yml | Static source code analysis with semgrep
...
You can check your private playbooks executed just by running satori-cli playbook
Import Playbooks
Playbooks can import other local or remote playbooks. We keep at TBC a list of playbooks that can be referenced with the
import:
- satori://code/trufflehog.yml
- satori://code/semgrep.yml
test:
assertStdoutEqual: Hello World
python:
- [ python hello_world.py ]
Private Playbooks
We will store a copy of the playbooks that you have executed and show them to you whenever you execute the command:
foo@bar:~$ satori-cli playbooks private
Type | URI | Name | Imports
CI | github://satorici/satori-cli/.satori.yml | |
Monitor | github://satorici/playbooks/test/satori/monitor.yml | Monitor Assets | monitorBlog.yml
Run | github://satorici/playbooks/test/satori/monitorBlog.yml | Monitor Blog |
...
Is there a playbook that you would like us to add? Drop us a line at support@satori-ci.com
satori-cli monitor
Assert that your systems are running as expected by setting a schedule for your playbook. Playbooks that define a schedule can be monitored with:
satori-cli monitor
For example, you can define schedule a crontab rate to a playbook just as in the following exmaple to verify the Hello World website from Satori every hour:
settings:
- name: Monitor Blog
- schedule: "0 * * * *"
- logOnFail: slack
test:
assertStdout: "Hello World"
blog:
- [ curl -s https://www.satori-ci.com/hello-world/ ]
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for satori_ci-1.4.7-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 3670de217ea911db686a3a9d47300c4fc319324d7a421a7473bc638c7993b4e7 |
|
MD5 | 47d34c9b6eeeb3cc3002fd51a5daa84e |
|
BLAKE2b-256 | 1fe6d7f1e97732b013407bd0528a94ba6589f8aec3c02ec5fc1fafe921c9776c |