Add tests for python code (#2759)

* add tests for python code

* ruff format

.github/workflows/generate-counter.yml

@@ -1,43 +0,0 @@
-name: generate-svg-counter
-
-on:
-  push:
-    branches: [ "master" ]
-
-jobs:
-  generate-counter:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          token: ${{ secrets.PROTECTED_BRANCH_PUSH_TOKEN }}
-      - name: Install poetry
-        run: pipx install poetry
-      - uses: actions/setup-python@v5
-        with:
-          python-version: '3.11.2'
-          cache: 'poetry'
-      - name: Install dependencies
-        run: poetry install --no-interaction --no-root
-      - name: Generate shields.io URL
-        run: poetry run python atomic_red_team/runner.py generate-counter
-        id: counter
-      - name: Update README
-        run: |
-          echo ${{ steps.counter.outputs.result }}
-          sed -i "s|https://img.shields.io/badge/Atomics-.*-flat.svg|${{ steps.counter.outputs.result }}|" README.md
-        shell: bash
-      - name: Generate and commit unique GUIDs for each atomic test
-        run: poetry run python atomic_red_team/runner.py generate-guids
-      - name: update github with new site
-        run: |
-          # configure git to prep for commit
-          git config user.email "opensource@redcanary.com"
-          git config user.name "publish bot"
-          git config --global push.default simple
-          git add README.md
-          git add atomics
-          git commit --allow-empty -m "updating atomics count and guids [ci skip]"
-          # push quietly to prevent showing the token in log
-          # no need to provide any credentials
-          git push --force

.github/workflows/generate-docs.yml

@@ -11,6 +11,35 @@ jobs:
         uses: actions/checkout@v4
         with:
           token: ${{ secrets.PROTECTED_BRANCH_PUSH_TOKEN }}
+
+      - name: Install poetry
+        run: pipx install poetry
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.11.2"
+          cache: "poetry"
+      - name: Install dependencies
+        run: poetry install --no-interaction
+
+      - name: Generate shields.io URL
+        run: poetry run python runner.py generate-counter
+        id: counter
+        working-directory: atomic_red_team
+        env:
+          PYTHONPATH: ${{ github.workspace }}
+
+      - name: Update README
+        run: |
+          echo ${{ steps.counter.outputs.result }}
+          sed -i "s|https://img.shields.io/badge/Atomics-.*-flat.svg|${{ steps.counter.outputs.result }}|" README.md
+        shell: bash
+
+      - name: Generate and commit unique GUIDs for each atomic test
+        run: poetry run python runner.py generate-guids
+        working-directory: atomic_red_team
+        env:
+          PYTHONPATH: ${{ github.workspace }}
+
       - name: setup ruby
         uses: ruby/setup-ruby@v1
         with:
@@ -33,6 +62,7 @@ jobs:
             git config credential.helper 'cache --timeout=120'
             git config user.email "opensource@redcanary.com"
             git config user.name "Atomic Red Team doc generator"
+            git add README.md
             git add atomics
             git commit -am "Generated docs from job=$GITHUB_JOB branch=$GITHUB_REF_NAME [ci skip]"
             git push origin $GITHUB_REF_NAME -f

.github/workflows/run-python-tests.yml

@@ -0,0 +1,29 @@
+name: validate-python-file-changes
+
+on:
+  pull_request:
+    branches:
+      - master
+    paths:
+      - "atomic_red_team/**/*.py"
+
+jobs:
+  validate-python-file-changes:
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout repo
+        uses: actions/checkout@v4
+      - name: Install poetry
+        run: pipx install poetry
+      - name: setup python3.11
+        uses: actions/setup-python@v5
+        id: setup-python
+        with:
+          python-version: "3.11.2"
+          cache: "poetry"
+
+      - name: Install dependencies
+        run: poetry install --no-interaction
+
+      - name: Run pytest
+        run: poetry run pytest atomic_red_team/tests

.github/workflows/validate-atomics.yml

@@ -21,10 +21,13 @@ jobs:
           cache: "poetry"
 
       - name: Install dependencies
-        run: poetry install --no-interaction --no-root
+        run: poetry install --no-interaction
 
       - name: validate the format of atomics tests against the spec
-        run: poetry run python atomic_red_team/runner.py validate
+        run: poetry run python runner.py validate
+        working-directory: atomic_red_team
+        env:
+          PYTHONPATH: ${{ github.workspace }}
 
   upload:
     runs-on: ubuntu-latest
@@ -61,8 +64,11 @@ jobs:
         run: poetry install --no-interaction --no-root
       - name: save labels and reviewers into a file.
         run: |
-          poetry run python atomic_red_team/runner.py generate-labels --pr '${{steps.get_pr_number.outputs.result}}' --token ${{ secrets.GITHUB_TOKEN }}
+          poetry run python runner.py generate-labels --pr '${{steps.get_pr_number.outputs.result}}' --token ${{ secrets.GITHUB_TOKEN }}
+        working-directory: atomic_red_team
+        env:
+          PYTHONPATH: ${{ github.workspace }}
       - uses: actions/upload-artifact@v4
         with:
           name: labels.json
-          path: pr/
+          path: pr/