chore(deps): lock file maintenance #965
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
push: | |
branches: | |
- "main" | |
- "develop" | |
tags: | |
- "v[0-9]+.[0-9]+.[0-9]+" | |
pull_request: | |
branches: [main, develop] | |
concurrency: | |
group: ${{ github.head_ref || github.run_id }} | |
cancel-in-progress: true | |
env: | |
PYTHON_VERSION: "3.7" | |
POETRY_VERSION: "1.5.1" | |
jobs: | |
meta: | |
runs-on: ubuntu-latest | |
outputs: | |
matrix_supportedSplunk: ${{ steps.matrix.outputs.supportedSplunk }} | |
steps: | |
- uses: actions/checkout@v4 | |
- id: matrix | |
uses: splunk/[email protected] | |
fossa-scan: | |
continue-on-error: true | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- run: | | |
curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash | |
fossa analyze --debug | |
fossa report attribution --format text > /tmp/THIRDPARTY | |
env: | |
FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: THIRDPARTY | |
path: /tmp/THIRDPARTY | |
- run: | | |
fossa test --debug | |
env: | |
FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} | |
compliance-copyrights: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: apache/[email protected] | |
pre-commit: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: "3.12" | |
- uses: pre-commit/[email protected] | |
semgrep: | |
uses: splunk/sast-scanning/.github/workflows/sast-scan.yml@main | |
secrets: | |
SEMGREP_KEY: ${{ secrets.SEMGREP_PUBLISH_TOKEN }} | |
run-unit-tests: | |
runs-on: ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: ${{ env.PYTHON_VERSION }} | |
- run: | | |
curl -sSL https://install.python-poetry.org | python3 - --version ${{ env.POETRY_VERSION }} | |
- id: cache-poetry | |
uses: actions/cache@v3 | |
with: | |
path: ~/.cache/pypoetry | |
key: poetry-${{ runner.os }}-${{ hashFiles('poetry.lock') }} | |
restore-keys: | | |
poetry-${{ runner.os }}- | |
- run: poetry install | |
if: ${{ steps.cache-poetry.outputs.cache-hit != 'true' }} | |
- run: poetry run pytest -v tests/unit | |
build: | |
name: build | |
runs-on: ubuntu-22.04 | |
needs: | |
- fossa-scan | |
- compliance-copyrights | |
- pre-commit | |
- run-unit-tests | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: ${{ env.PYTHON_VERSION }} | |
- run: curl -sSL https://install.python-poetry.org | python3 - --version ${{ env.POETRY_VERSION }} | |
- id: cache-poetry | |
uses: actions/cache@v3 | |
with: | |
path: ~/.cache/pypoetry | |
key: poetry-${{ runner.os }}-${{ hashFiles('poetry.lock') }} | |
restore-keys: | | |
poetry-${{ runner.os }}- | |
- run: poetry install | |
if: ${{ steps.cache-poetry.outputs.cache-hit != 'true' }} | |
- run: poetry build | |
- run: | | |
poetry run ucc-gen build \ | |
--source=tests/testdata/Splunk_TA_UCCExample/package \ | |
--config=tests/testdata/Splunk_TA_UCCExample/globalConfig.json \ | |
--ta-version=0.0.1 | |
if: always() | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: output | |
path: output/* | |
run-ui-tests: | |
name: test-ui Splunk ${{ matrix.splunk.version }} -k ${{ matrix.test_suite }} | |
needs: | |
- meta | |
- build | |
runs-on: ubuntu-22.04 | |
if: | | |
!contains(github.event.issue.labels.*.name, 'skip-ui-tests') | |
permissions: | |
id-token: write | |
contents: read | |
checks: write | |
strategy: | |
fail-fast: false | |
matrix: | |
splunk: ${{ fromJson(needs.meta.outputs.matrix_supportedSplunk) }} | |
browser: ["chrome", "firefox"] | |
test_suite: [ | |
"test_splunk_ta_example_addon_logging", | |
"test_splunk_ta_example_addon_account", | |
"test_splunk_ta_example_addon_proxy", | |
"test_splunk_ta_example_addon_input_common", | |
"test_splunk_ta_example_addon_input_1", | |
"test_splunk_ta_example_addon_input_2", | |
"test_splunk_ta_example_addon_custom", | |
"test_splunk_ta_example_addon_alert_actions" | |
] | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: ${{ env.PYTHON_VERSION }} | |
- uses: actions/download-artifact@v3 | |
with: | |
name: output | |
path: output/ | |
- run: curl -sSL https://install.python-poetry.org | python3 - --version ${{ env.POETRY_VERSION }} | |
- id: cache-poetry | |
uses: actions/cache@v3 | |
with: | |
path: ~/.cache/pypoetry | |
key: poetry-${{ runner.os }}-${{ hashFiles('poetry.lock') }} | |
restore-keys: | | |
poetry-${{ runner.os }}- | |
- run: poetry install | |
if: ${{ steps.cache-poetry.outputs.cache-hit != 'true' }} | |
- name: Link chromedriver and geckodriver | |
# Use installed chromedriver https://github.com/actions/runner-images/blob/main/images/linux/Ubuntu2204-Readme.md | |
run: | | |
export PATH=$PATH:$CHROMEWEBDRIVER | |
chromedriver --version | |
export PATH=$PATH:$GECKOWEBDRIVER | |
geckodriver --version | |
- run: | | |
./run_splunk.sh ${{ matrix.splunk.version }} | |
until curl -Lsk "https://localhost:8088/services/collector/health" &>/dev/null ; do echo -n "Waiting for HEC-" && sleep 5 ; done | |
- run: poetry run pytest tests/ui -k "${{ matrix.test_suite }}" --headless --junitxml=test-results/junit.xml | |
- uses: actions/upload-artifact@v3 | |
if: always() | |
with: | |
name: test-results-${{ matrix.splunk.version }}_${{ matrix.python-version }}_${{ matrix.browser }}_${{ matrix.test_suite }} | |
path: test-results/* | |
- uses: dorny/test-reporter@v1 | |
if: always() | |
with: | |
name: test-report-${{ matrix.splunk.version }}_${{ matrix.python-version }}_${{ matrix.browser }}_${{ matrix.test_suite }} | |
path: "test-results/*.xml" | |
reporter: java-junit | |
publish: | |
needs: | |
- pre-commit | |
- build | |
- run-ui-tests | |
- run-unit-tests | |
runs-on: ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: false | |
persist-credentials: false | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: ${{ env.PYTHON_VERSION }} | |
- run: curl -sSL https://install.python-poetry.org | python3 - --version ${{ env.POETRY_VERSION }} | |
- id: semantic | |
uses: splunk/[email protected] | |
with: | |
git_committer_name: ${{ secrets.SA_GH_USER_NAME }} | |
git_committer_email: ${{ secrets.SA_GH_USER_EMAIL }} | |
gpg_private_key: ${{ secrets.SA_GPG_PRIVATE_KEY }} | |
passphrase: ${{ secrets.SA_GPG_PASSPHRASE }} | |
extra_plugins: | | |
semantic-release-replace-plugin | |
env: | |
GITHUB_TOKEN: ${{ secrets.GH_TOKEN_ADMIN }} | |
- if: ${{ steps.semantic.outputs.new_release_published == 'true' }} | |
run: | | |
poetry build | |
poetry publish -n -u ${{ secrets.PYPI_USERNAME }} -p ${{ secrets.PYPI_TOKEN }} |