Thanks for your interest in contributing to Bearer Rules.
Our integration tests run against the latest binary release of Bearer. These tests are included in the CI process, so you shouldn't need to run them in their entirety (which is good because they take a long time to run locally).
The more realistic case is to run tests for a single rule. You can do this locally from a bash shell with the following command:
npm test path-to-rule-test-folderFor example
npm test ./test/ruby/lang/loggerHere are the basic steps to adding a new rule.
- Generate a rule and its associated test folder by running
yarn generate_rule <language> <namespace> <rule_id>see yarn generate_rule --help for more options and information
Example
yarn generate_rule java lang hardcoded_secretThis command generates:
- a YAML file in
rules/java/lang/hardcoded_secret.ymlfor the rule itself - a test folder in
tests/java/lang/hardcoded_secret/containing:- a testdata folder containing a
main.javafile - a
test.jsfile to run the test
- a testdata folder containing a
- Follow the guide here to complete the rule
- Run the tests
yarn test tests/java/lang/hardcoded_secret/test.js - Run the linter/validator to check your rule passes
./scripts/lint.sh
./scripts/validate.sh- Make a pull request containing all of the above
A Contributor License Agreement (CLA) is a legal document that outlines the terms and conditions under which a contributor submits their work, such as code, documentation, or other materials, to a project.
Before submitting any Pull Request, please take a look at our CLA document, fill it out and send it to [email protected]. After that, you are good to go.
You can find more guides and everything you need to get started in the Contributing to Bearer documentation, or join the Discord Community.