Skip to content

chore(deps): bump actions/checkout from 3 to 4 #459

chore(deps): bump actions/checkout from 3 to 4

chore(deps): bump actions/checkout from 3 to 4 #459

on:
push:
branches:
- "main"
- "develop"
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
pull_request:
branches: [main, develop]
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
cancel-in-progress: true
jobs:
meta:
runs-on: ubuntu-latest
outputs:
matrix_supportedSplunk: ${{ steps.matrix.outputs.supportedSplunk }}
steps:
- uses: actions/checkout@v4
- id: matrix
uses: splunk/addonfactory-test-matrix-action@v1
fossa-scan:
continue-on-error: true
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: |
curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash
fossa analyze --debug
fossa report attribution --format text > /tmp/THIRDPARTY
env:
FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
- uses: actions/upload-artifact@v3
with:
name: THIRDPARTY
path: /tmp/THIRDPARTY
- run: |
fossa test --debug
env:
FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
compliance-copyrights:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: apache/[email protected]
pre-commit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: "3.7"
- uses: pre-commit/[email protected]
semgrep:
runs-on: ubuntu-latest
name: security-sast-semgrep
if: github.actor != 'dependabot[bot]'
steps:
- uses: actions/checkout@v4
- id: semgrep
uses: returntocorp/semgrep-action@v1
with:
publishToken: ${{ secrets.SEMGREP_PUBLISH_TOKEN }}
run-unit-tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: 3.7
- name: Install dependencies
run: |
curl -sSL https://install.python-poetry.org | python3 - --version 1.4.2
- name: Test with pytest
run: |
poetry install
poetry run pytest -v tests/unit
build:
name: build
runs-on: ubuntu-latest
needs:
- fossa-scan
- compliance-copyrights
- pre-commit
- run-unit-tests
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: Setup python
uses: actions/setup-python@v4
with:
python-version: 3.7
- name: Install tools
run: |
curl -sSL https://install.python-poetry.org | python3 - --version 1.4.2
- name: Build Package
run: |
poetry install
poetry build
- name: artifact-splunk-unpacked
uses: actions/upload-artifact@v3
with:
name: package
path: dist/*
if: always()
prerequisites-ui-tests:
runs-on: ubuntu-latest
outputs:
ta_example_version: ${{ steps.ta-example.outputs.version }}
steps:
- name: Fetch latest version of Splunk_TA example
id: ta-example
run: |
ta_example_version=`basename $(curl -H 'Authorization: token ${{ secrets.GITHUB_TOKEN }}' -s https://api.github.com/repos/splunk/splunk-add-on-for-ucc-example/releases/latest | jq -r '.assets | last | .browser_download_url')`
echo "version=$ta_example_version" >> $GITHUB_OUTPUT
- name: Cache Splunk_TA example
id: cache_ta
uses: actions/cache@v3
with:
path: Splunk_TA*.spl
key: ${{ steps.ta-example.outputs.version }}
- name: Download Splunk_TA example
if: steps.cache_ta.outputs.cache-hit != 'true'
run: curl -s https://api.github.com/repos/splunk/splunk-add-on-for-ucc-example/releases/latest | jq -r '.assets | last | .browser_download_url' | wget -i -
run-ui-tests:
needs:
- meta
- build
- prerequisites-ui-tests
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
checks: write
strategy:
fail-fast: false
matrix:
splunk: ${{ fromJson(needs.meta.outputs.matrix_supportedSplunk) }}
browser: ["chrome", "firefox"]
test_suit: [
"test_splunk_ta_example_addon_logging",
"test_splunk_ta_example_addon_account",
"test_splunk_ta_example_addon_proxy",
"test_splunk_ta_example_addon_input",
"test_splunk_ta_example_addon_custom",
"test_splunk_ta_example_addon_alert_actions"
]
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- uses: actions/download-artifact@v3
with:
name: package
path: dist/
- name: update submodule
run: |
git submodule sync
git submodule update --recursive --remote
- name: Cache Splunk_TA example
id: cache_ta
uses: actions/cache@v3
with:
path: Splunk_TA*.spl
key: ${{ needs.prerequisites-ui-tests.outputs.ta_example_version }}
- name: Setup for testing
run: |
mkdir output test-results
tar -xvf Splunk_TA*.spl -C output/
pip install git+https://github.com/pixelb/crudini
- name: Splunk Testing
run: |
export SPLUNK_VERSION=${{ matrix.splunk.version }}
SPLUNK_APP_ID=$(crudini --get tests/deps/splunk-add-on-for-ucc-example/package/default/app.conf id name)
export SPLUNK_APP_ID
SPLUNK_APP_PACKAGE=output/$(ls output/)
export SPLUNK_APP_PACKAGE
export TEST_SET=tests/ui
export TEST_BROWSER="${{ matrix.browser }}"
export TEST_SUITE="-k ${{ matrix.test_suit }}"
export SAUCE_USERNAME="${{ secrets.SAUCE_USERNAME }}"
export SAUCE_PASSWORD="${{ secrets.SAUCE_PASSWORD }}"
export SAUCE_TUNNEL_ID="${{ secrets.SAUCE_TUNNEL_ID }}"
JOB_NAME="GithubActions::${GITHUB_REPOSITORY#splunk/}[${GITHUB_REF#refs/heads/}][${{ matrix.browser }}] #$(date +%s)"
export JOB_NAME
SAUCE_IDENTIFIER=$SAUCE_IDENTIFIER-$(cat /proc/sys/kernel/random/uuid)
export SAUCE_IDENTIFIER
echo "environment setup..."
echo "$SPLUNK_VERSION"
echo "$SPLUNK_APP_ID"
echo "$SPLUNK_APP_PACKAGE"
echo "$TEST_SET"
echo "$TEST_BROWSER"
echo "$TEST_SUITE"
echo "Testing..."
docker-compose -f docker-compose-ci.yml build
# Saucelab connection
docker-compose -f docker-compose-ci.yml up -d sauceconnect
# Start Splunk
docker-compose -f docker-compose-ci.yml up -d splunk
until docker-compose -f docker-compose-ci.yml logs splunk | grep "Ansible playbook complete" ; do sleep 1; done
# Normal Inspecting
docker-compose -f docker-compose-ci.yml logs sauceconnect
docker ps -a
# Run the tests
test_exit_code=0
docker-compose -f docker-compose-ci.yml up --abort-on-container-exit test || test_exit_code=$?
# Collect Results
docker container create --name dummy \
-v addon-factory-smartx-ui-test-library_results:/work/test-results \
registry.access.redhat.com/ubi7/ubi
docker cp dummy:/work/test-results/test.xml test-results/ || true
docker cp dummy:/work/test-results/test.xml test-results/ || true
docker cp dummy:/work/assets test-results/assets || true
docker cp dummy:/work/test-results/report.html test-results/report.html || true
docker-compose -f docker-compose-ci.yml down || true
echo exit code "$test_exit_code"
exit "$test_exit_code"
- uses: actions/upload-artifact@v3
if: always()
with:
name: test-results-${{ matrix.splunk }}_${{ matrix.python-version }}_${{ matrix.browser }}_${{ matrix.test_suit }}
path: test-results/*
- uses: dorny/test-reporter@v1
if: always()
with:
name: test-report-${{ matrix.splunk }}_${{ matrix.python-version }}_${{ matrix.browser }}_${{ matrix.test_suit }}
path: "test-results/*.xml"
reporter: java-junit
publish:
needs:
- pre-commit
- build
- run-ui-tests
- run-unit-tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
submodules: false
persist-credentials: false
- uses: actions/setup-python@v4
with:
python-version: "3.7"
- run: curl -sSL https://install.python-poetry.org | python3 - --version 1.4.2
- id: semantic
uses: splunk/[email protected]
with:
git_committer_name: ${{ secrets.SA_GH_USER_NAME }}
git_committer_email: ${{ secrets.SA_GH_USER_EMAIL }}
gpg_private_key: ${{ secrets.SA_GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.SA_GPG_PASSPHRASE }}
extra_plugins: |
@google/semantic-release-replace-plugin
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN_ADMIN }}
- if: ${{ steps.semantic.outputs.new_release_published == 'true' }}
uses: splunk/[email protected]
with:
pypi_username: ${{ secrets.PYPI_USERNAME }}
pypi_token: ${{ secrets.PYPI_TOKEN }}