chore(deps): lock file maintenance #510
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
push: | |
branches: | |
- "main" | |
- "develop" | |
tags: | |
- "v[0-9]+.[0-9]+.[0-9]+" | |
pull_request: | |
branches: [main, develop] | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} | |
cancel-in-progress: true | |
jobs: | |
meta: | |
runs-on: ubuntu-latest | |
outputs: | |
matrix_supportedSplunk: ${{ steps.matrix.outputs.supportedSplunk }} | |
steps: | |
- uses: actions/checkout@v4 | |
- id: matrix | |
uses: splunk/addonfactory-test-matrix-action@v1 | |
fossa-scan: | |
continue-on-error: true | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- run: | | |
curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash | |
fossa analyze --debug | |
fossa report attribution --format text > /tmp/THIRDPARTY | |
env: | |
FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: THIRDPARTY | |
path: /tmp/THIRDPARTY | |
- run: | | |
fossa test --debug | |
env: | |
FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} | |
compliance-copyrights: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: apache/[email protected] | |
pre-commit: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: "3.7" | |
- uses: pre-commit/[email protected] | |
semgrep: | |
runs-on: ubuntu-latest | |
name: security-sast-semgrep | |
steps: | |
- uses: actions/checkout@v4 | |
- id: semgrep | |
uses: returntocorp/semgrep-action@v1 | |
with: | |
publishToken: ${{ secrets.SEMGREP_PUBLISH_TOKEN }} | |
run-unit-tests: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: true | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: 3.7 | |
- run: | | |
curl -sSL https://install.python-poetry.org | python3 - --version 1.5.1 | |
- run: | | |
poetry install | |
poetry run pytest -v tests/unit | |
build: | |
name: build | |
runs-on: ubuntu-latest | |
needs: | |
- fossa-scan | |
- compliance-copyrights | |
- pre-commit | |
- run-unit-tests | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: 3.7 | |
- run: curl -sSL https://install.python-poetry.org | python3 - --version 1.5.1 | |
- run: | | |
poetry install | |
poetry build | |
- run: | | |
poetry run ucc-gen build \ | |
--source=tests/testdata/Splunk_TA_UCCExample/package \ | |
--config=tests/testdata/Splunk_TA_UCCExample/globalConfig.json \ | |
--ta-version=0.0.1 | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: package | |
path: dist/* | |
if: always() | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: output | |
path: output/* | |
run-ui-tests: | |
needs: | |
- meta | |
- build | |
runs-on: ubuntu-latest | |
if: | | |
!contains(github.event.issue.labels.*.name, 'skip-ui-tests') | |
permissions: | |
id-token: write | |
contents: read | |
checks: write | |
strategy: | |
fail-fast: false | |
matrix: | |
splunk: ${{ fromJson(needs.meta.outputs.matrix_supportedSplunk) }} | |
browser: ["chrome", "firefox"] | |
test_suite: [ | |
"test_splunk_ta_example_addon_logging", | |
"test_splunk_ta_example_addon_account", | |
"test_splunk_ta_example_addon_proxy", | |
"test_splunk_ta_example_addon_input_common", | |
"test_splunk_ta_example_addon_input_1", | |
"test_splunk_ta_example_addon_input_2", | |
"test_splunk_ta_example_addon_custom", | |
"test_splunk_ta_example_addon_alert_actions" | |
] | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
- uses: actions/download-artifact@v3 | |
with: | |
name: package | |
path: dist/ | |
- uses: actions/download-artifact@v3 | |
with: | |
name: output | |
path: output/ | |
- run: | | |
git submodule sync | |
git submodule update --recursive --remote | |
- name: Splunk Testing | |
run: | | |
mkdir test-results | |
export SPLUNK_VERSION=${{ matrix.splunk.version }} | |
SPLUNK_APP_ID=Splunk_TA_UCCExample | |
export SPLUNK_APP_ID | |
SPLUNK_APP_PACKAGE=output/Splunk_TA_UCCExample | |
export SPLUNK_APP_PACKAGE | |
export TEST_SET=tests/ui | |
export TEST_BROWSER="${{ matrix.browser }}" | |
export TEST_SUITE="-k ${{ matrix.test_suite }}" | |
export SAUCE_USERNAME="${{ secrets.SAUCE_USERNAME }}" | |
export SAUCE_PASSWORD="${{ secrets.SAUCE_PASSWORD }}" | |
export SAUCE_TUNNEL_ID="${{ secrets.SAUCE_TUNNEL_ID }}" | |
JOB_NAME="GithubActions::${GITHUB_REPOSITORY#splunk/}[${GITHUB_REF#refs/heads/}][${{ matrix.browser }}] #$(date +%s)" | |
export JOB_NAME | |
SAUCE_IDENTIFIER=$SAUCE_IDENTIFIER-$(cat /proc/sys/kernel/random/uuid) | |
export SAUCE_IDENTIFIER | |
echo "environment setup..." | |
echo "$SPLUNK_VERSION" | |
echo "$SPLUNK_APP_ID" | |
echo "$SPLUNK_APP_PACKAGE" | |
echo "$TEST_SET" | |
echo "$TEST_BROWSER" | |
echo "$TEST_SUITE" | |
echo "Testing..." | |
docker-compose -f docker-compose-ci.yml build | |
# Saucelab connection | |
docker-compose -f docker-compose-ci.yml up -d sauceconnect | |
# Start Splunk | |
docker-compose -f docker-compose-ci.yml up -d splunk | |
until docker-compose -f docker-compose-ci.yml logs splunk | grep "Ansible playbook complete" ; do sleep 1; done | |
# Normal Inspecting | |
docker-compose -f docker-compose-ci.yml logs sauceconnect | |
docker ps -a | |
# Run the tests | |
test_exit_code=0 | |
docker-compose -f docker-compose-ci.yml up --abort-on-container-exit test || test_exit_code=$? | |
# Collect Results | |
docker container create --name dummy \ | |
-v addon-factory-smartx-ui-test-library_results:/work/test-results \ | |
registry.access.redhat.com/ubi7/ubi | |
docker cp dummy:/work/test-results/test.xml test-results/ || true | |
docker cp dummy:/work/test-results/test.xml test-results/ || true | |
docker cp dummy:/work/assets test-results/assets || true | |
docker cp dummy:/work/test-results/report.html test-results/report.html || true | |
docker-compose -f docker-compose-ci.yml down || true | |
echo exit code "$test_exit_code" | |
exit "$test_exit_code" | |
- uses: actions/upload-artifact@v3 | |
if: always() | |
with: | |
name: test-results-${{ matrix.splunk.version }}_${{ matrix.python-version }}_${{ matrix.browser }}_${{ matrix.test_suite }} | |
path: test-results/* | |
- uses: dorny/test-reporter@v1 | |
if: always() | |
with: | |
name: test-report-${{ matrix.splunk.version }}_${{ matrix.python-version }}_${{ matrix.browser }}_${{ matrix.test_suite }} | |
path: "test-results/*.xml" | |
reporter: java-junit | |
publish: | |
needs: | |
- pre-commit | |
- build | |
- run-ui-tests | |
- run-unit-tests | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: false | |
persist-credentials: false | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: "3.7" | |
- run: curl -sSL https://install.python-poetry.org | python3 - --version 1.5.1 | |
- id: semantic | |
uses: splunk/[email protected] | |
with: | |
git_committer_name: ${{ secrets.SA_GH_USER_NAME }} | |
git_committer_email: ${{ secrets.SA_GH_USER_EMAIL }} | |
gpg_private_key: ${{ secrets.SA_GPG_PRIVATE_KEY }} | |
passphrase: ${{ secrets.SA_GPG_PASSPHRASE }} | |
extra_plugins: | | |
@google/semantic-release-replace-plugin | |
env: | |
GITHUB_TOKEN: ${{ secrets.GH_TOKEN_ADMIN }} | |
- if: ${{ steps.semantic.outputs.new_release_published == 'true' }} | |
uses: splunk/[email protected] | |
with: | |
pypi_username: ${{ secrets.PYPI_USERNAME }} | |
pypi_token: ${{ secrets.PYPI_TOKEN }} |