Skip to content

chore: merge main into develop #2892

chore: merge main into develop

chore: merge main into develop #2892

name: CI
on:
push:
branches:
- "main"
- "develop"
- "release/**"
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
pull_request:
branches: [ main, develop, "release/**" ]
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
cancel-in-progress: true
jobs:
meta:
runs-on: ubuntu-latest
outputs:
matrix_supportedSplunk: ${{ steps.matrix.outputs.supportedSplunk }}
steps:
- uses: actions/checkout@v4
- id: matrix
uses: splunk/[email protected]
fossa-scan:
continue-on-error: true
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: |
curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash
fossa analyze --debug
fossa report attribution --format text > /tmp/THIRDPARTY
env:
FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
- uses: actions/upload-artifact@v4
with:
name: THIRDPARTY
path: /tmp/THIRDPARTY
- run: |
fossa test --debug
env:
FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
pre-commit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.7"
- uses: pre-commit/[email protected]
semgrep:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- id: semgrep
uses: semgrep/semgrep-action@v1
with:
publishToken: ${{ secrets.SEMGREP_PUBLISH_TOKEN }}
compliance-copyrights:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: apache/[email protected]
build-ui:
name: Build UCC UI
strategy:
matrix:
node-version:
- "20"
uses: ./.github/workflows/build-ui.yml
with:
node-version: ${{ matrix.node-version }}
build:
needs:
- fossa-scan
- build-ui
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.7"
- uses: actions/download-artifact@v4
with:
name: UCC-UI-build
path: built-ui/
- uses: actions/download-artifact@v4
if: "! github.event.pull_request.head.repo.fork "
with:
name: THIRDPARTY
- run: cp -f THIRDPARTY NOTICE
if: "! github.event.pull_request.head.repo.fork "
- run: curl -sSL https://install.python-poetry.org | python3 - --version 1.5.1
- run: poetry install
- name: Check docs
run: poetry run mkdocs build --strict
- name: Build UCC
run: |
cp -R built-ui/. splunk_add_on_ucc_framework/package/appserver/static/js/
poetry build
- uses: actions/upload-artifact@v4
with:
name: UCC-build
path: dist/
test-unit:
runs-on: ubuntu-latest
continue-on-error: true
strategy:
matrix:
python-version:
- "3.7"
- "3.8"
- "3.9"
- "3.10"
- "3.11"
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- run: curl -sSL https://install.python-poetry.org | python3 - --version 1.5.1
- run: |
poetry install
poetry run pytest --cov=splunk_add_on_ucc_framework --cov-report=xml tests/unit
test-smoke:
name: test-smoke ${{ matrix.python-version }}
needs:
- build
runs-on: ubuntu-latest
continue-on-error: true
strategy:
matrix:
python-version:
- "3.7"
- "3.8"
- "3.9"
- "3.10"
- "3.11"
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- uses: actions/download-artifact@v4
with:
name: UCC-UI-build
path: built-ui/
- run: curl -sSL https://install.python-poetry.org | python3 - --version 1.5.1
- run: |
cp -R built-ui/. splunk_add_on_ucc_framework/package/appserver/static/js/
poetry install
poetry run pytest tests/smoke
build-test-addon:
runs-on: ubuntu-latest
needs:
- build-ui
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.7"
- uses: actions/download-artifact@v4
with:
name: UCC-UI-build
path: built-ui/
- run: curl -sSL https://install.python-poetry.org | python3 - --version 1.5.1
- run: |
cp -R built-ui/. splunk_add_on_ucc_framework/package/appserver/static/js/
poetry install --only main
- run: poetry run ucc-gen build --source tests/testdata/test_addons/package_global_config_everything/package
- run: ./scripts/include-rum.sh output/Splunk_TA_UCCExample/appserver/templates/base.html scripts/rum-script.html "$RUM_ACCESS_TOKEN"
env:
RUM_ACCESS_TOKEN: ${{ secrets.RUM_ACCESS_TOKEN}}
- run: poetry run ucc-gen package --path output/Splunk_TA_UCCExample
- uses: actions/upload-artifact@v4
with:
name: Splunk_TA_UCCExample-raw-output
path: output/*
- uses: actions/upload-artifact@v4
with:
name: Splunk_TA_UCCExample-packaged
path: Splunk_TA_UCCExample*.tar.gz
test-ui:
name: test-ui Splunk ${{ matrix.splunk.version }} -m ${{ matrix.test-mark }}
if: |
github.base_ref == 'main' ||
github.ref_name == 'main' ||
github.base_ref == 'develop' ||
github.ref_name == 'develop' ||
contains(github.event.pull_request.labels.*.name, 'run-ui-tests')
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
checks: write
continue-on-error: true
needs:
- meta
- build-test-addon
- build
- test-unit
- test-smoke
strategy:
matrix:
splunk: ${{ fromJson(needs.meta.outputs.matrix_supportedSplunk) }}
test-mark:
- "logging"
- "proxy"
- "account"
- "custom"
- "alert"
- "input"
- "configuration"
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.7"
- uses: actions/download-artifact@v4
with:
name: Splunk_TA_UCCExample-raw-output
path: output/
- run: |
curl -sSL https://install.python-poetry.org | python3 - --version 1.5.1
poetry install --only dev
- name: Link chromedriver
# Use installed chromedriver https://github.com/actions/runner-images/blob/main/images/linux/Ubuntu2204-Readme.md
run: |
export PATH=$PATH:$CHROMEWEBDRIVER
chromedriver --version
- run: |
./run_splunk.sh ${{ matrix.splunk.version }}
until curl -Lsk "https://localhost:8088/services/collector/health" &>/dev/null ; do echo -n "Waiting for HEC-" && sleep 5 ; done
timeout-minutes: 5
- run: poetry run pytest tests/ui -m "${{ matrix.test-mark }}" --headless --junitxml=test-results/junit.xml
- uses: actions/upload-artifact@v4
if: success() || failure()
with:
name: test-results-ui-${{ matrix.splunk.version }}-${{ matrix.test-mark }}
path: test-results/*
- uses: dorny/test-reporter@v1
if: success() || failure()
with:
name: test-report-ui-${{ matrix.splunk.version }}-${{ matrix.test-mark }}
path: "test-results/*.xml"
reporter: java-junit
appinspect-for-expected-outputs:
name: splunk-appinspect ${{ matrix.tags }} tests/testdata/expected_addons/expected_output_global_config_everything/Splunk_TA_UCCExample
runs-on: ubuntu-latest
continue-on-error: true
strategy:
matrix:
tags:
- "cloud"
- "appapproval"
- "deprecated_feature"
- "developer_guidance"
- "future"
- "self-service"
- "splunk_appinspect"
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.7"
- run: curl -sSL https://install.python-poetry.org | python3 - --version 1.5.1
- name: Package tests/expected_output_global_config_everything/Splunk_TA_UCCExample
run: |
poetry install
mkdir tests/packaged
poetry run ucc-gen package --path tests/testdata/expected_addons/expected_output_global_config_everything/Splunk_TA_UCCExample -o tests/packaged
- uses: splunk/[email protected]
with:
app_path: tests/packaged
included_tags: ${{ matrix.tags }}
appinspect_manual_checks: tests/testdata/expected_addons/expected_output_global_config_everything/.appinspect.manualcheck.yaml
appinspect_expected_failures: tests/testdata/expected_addons/expected_output_global_config_everything/.appinspect.expect.yaml
release:
needs:
- build
- compliance-copyrights
- fossa-scan
- test-unit
- test-smoke
- test-ui
- appinspect-for-expected-outputs
- semgrep
- pre-commit
runs-on: ubuntu-latest
if: "! github.event.pull_request.head.repo.fork "
steps:
- uses: actions/checkout@v4
with:
# Very important: semantic-release won't trigger a tagged
# build if this is not set false
persist-credentials: false
- uses: actions/setup-python@v5
with:
python-version: "3.7"
- run: curl -sSL https://install.python-poetry.org | python3 - --version 1.5.1
- uses: actions/download-artifact@v4
with:
name: UCC-UI-build
path: built-ui/
- uses: actions/download-artifact@v4
with:
name: THIRDPARTY
- run: cp -f THIRDPARTY NOTICE
- run: poetry install
- name: Copy built UCC UI into UCC generator folder
run: |
cp -R built-ui/. splunk_add_on_ucc_framework/package/appserver/static/js/
- id: semantic
uses: splunk/[email protected]
with:
git_committer_name: ${{ secrets.SA_GH_USER_NAME }}
git_committer_email: ${{ secrets.SA_GH_USER_EMAIL }}
gpg_private_key: ${{ secrets.SA_GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.SA_GPG_PASSPHRASE }}
extra_plugins: |
semantic-release-replace-plugin
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN_ADMIN }}
- if: ${{ steps.semantic.outputs.new_release_published == 'true' }}
run: |
poetry build
poetry publish -n -u ${{ secrets.PYPI_USERNAME }} -p ${{ secrets.PYPI_TOKEN }}