Skip to content
CI

ci: fix dorny/test-reporter permissions #1732

Sign in to view logs

ci: fix dorny/test-reporter permissions

ci: fix dorny/test-reporter permissions #1732

Workflow file for this run

.github/workflows/build-test-release.yml at 900245a
name: CI
on:
push:
branches:
- "main"
- "develop"
- "release/**"
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
pull_request:
branches: [main, develop, "release/**"]
jobs:
meta:
runs-on: ubuntu-latest
outputs:
matrix_supportedSplunk: ${{ steps.matrix.outputs.supportedSplunk }}
steps:
- uses: actions/checkout@v4
- id: matrix
uses: splunk/addonfactory-test-matrix-action@v1
fossa-scan:
continue-on-error: true
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: |
curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash
fossa analyze --debug
fossa report attribution --format text > /tmp/THIRDPARTY
env:
FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
- uses: actions/upload-artifact@v3
with:
name: THIRDPARTY
path: /tmp/THIRDPARTY
- run: |
fossa test --debug
env:
FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
docs-build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: "3.7"
- run: curl -sSL https://install.python-poetry.org | python3 - --version 1.5.1
- run: poetry install
- run: poetry run mkdocs build --strict
compliance-copyrights:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: apache/skywalking-eyes@v0.5.0
test-smoke:
name: test-smoke ${{ matrix.python-version }}
runs-on: ubuntu-latest
continue-on-error: true
strategy:
matrix:
python-version:
- "3.7"
- "3.8"
- "3.9"
- "3.10"
- "3.11"
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
- run: curl -sSL https://install.python-poetry.org | python3 - --version 1.5.1
- run: |
./get-ucc-ui.sh
# Puts package and schema subdirs along with NOTICE (THIRDPARTY.npm)
tar -zxf splunk-ucc-ui.tgz -C splunk_add_on_ucc_framework/
poetry install
poetry build
- name: Ensure all UCC UI files are in the final package
run: ./.github/workflows/check_ucc_ui_files.sh
- run: poetry run pytest tests/smoke
test-unit:
name: test-unit ${{ matrix.python-version }}
runs-on: ubuntu-latest
continue-on-error: true
strategy:
matrix:
python-version:
- "3.7"
- "3.8"
- "3.9"
- "3.10"
- "3.11"
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
- run: curl -sSL https://install.python-poetry.org | python3 - --version 1.5.1
- run: |
./get-ucc-ui.sh
# Puts package and schema subdirs along with NOTICE (THIRDPARTY.npm)
tar -zxf splunk-ucc-ui.tgz -C splunk_add_on_ucc_framework/
poetry install
poetry build
- run: ./.github/workflows/check_ucc_ui_files.sh
- run: poetry run pytest --cov=splunk_add_on_ucc_framework --cov-report=xml tests/unit
build-test-addon:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: "3.7"
- run: curl -sSL https://install.python-poetry.org | python3 - --version 1.5.1
- run: poetry install
- run: |
./get-ucc-ui.sh
tar -zxf splunk-ucc-ui.tgz -C splunk_add_on_ucc_framework/
- run: poetry run ucc-gen build --source tests/testdata/test_addons/package_global_config_everything/package
- run: poetry run ucc-gen package --path output/Splunk_TA_UCCExample
- uses: actions/upload-artifact@v3
with:
name: Splunk_TA_UCCExample-raw-output
path: output/*
- uses: actions/upload-artifact@v3
with:
name: Splunk_TA_UCCExample-packaged
path: Splunk_TA_UCCExample*.tar.gz
test-ui:
name: test-ui Splunk ${{ matrix.splunk.version }} -m ${{ matrix.test-mark }}
if: |
github.base_ref == 'main' ||
github.ref_name == 'main' ||
contains(github.event.pull_request.labels.*.name, 'run-ui-tests')
permissions:
id-token: write
contents: read
checks: write
runs-on: ubuntu-latest
continue-on-error: true
needs:
- meta
- build-test-addon
- test-unit
- test-smoke
strategy:
matrix:
splunk: ${{ fromJson(needs.meta.outputs.matrix_supportedSplunk) }}
test-mark:
- "logging"
- "proxy"
- "account"
- "custom"
- "alert"
- "input"
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: "3.7"
- run: curl -sSL https://install.python-poetry.org | python3 - --version 1.5.1
- run: poetry install
- name: Link chromedriver
# Use installed chromedriver https://github.com/actions/runner-images/blob/main/images/linux/Ubuntu2204-Readme.md
run: |
export PATH=$PATH:$CHROMEWEBDRIVER
chromedriver --version
- uses: actions/download-artifact@v3
with:
name: Splunk_TA_UCCExample-raw-output
path: output/
- run: |
./run_splunk.sh ${{ matrix.splunk.version }}
until curl -Lsk "https://localhost:8088/services/collector/health" &>/dev/null ; do echo -n "Waiting for HEC-" && sleep 5 ; done
timeout-minutes: 5
- run: poetry run pytest tests/ui -m "${{ matrix.test-mark }}" --headless --junitxml=test-results/junit.xml
- uses: actions/upload-artifact@v3
if: always()
with:
name: test-results-ui-${{ matrix.splunk.version }}-${{ matrix.test-mark }}
path: test-results/*
- uses: dorny/test-reporter@v1
if: always()
with:
name: test-report-ui-${{ matrix.splunk.version }}-${{ matrix.test-mark }}
path: "test-results/*.xml"
reporter: java-junit
appinspect-for-expected-outputs:
name: splunk-appinspect ${{ matrix.tags }} tests/testdata/expected_addons/expected_output_global_config_everything/Splunk_TA_UCCExample
runs-on: ubuntu-latest
continue-on-error: true
strategy:
matrix:
tags:
- "cloud"
- "appapproval"
- "deprecated_feature"
- "developer_guidance"
- "future"
- "self-service"
- "splunk_appinspect"
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: "3.7"
- run: curl -sSL https://install.python-poetry.org | python3 - --version 1.5.1
- name: Package tests/expected_output_global_config_everything/Splunk_TA_UCCExample
run: |
poetry install
mkdir tests/packaged
poetry run ucc-gen package --path tests/testdata/expected_addons/expected_output_global_config_everything/Splunk_TA_UCCExample -o tests/packaged
- uses: splunk/appinspect-cli-action@v1.12
with:
app_path: tests/packaged
included_tags: ${{ matrix.tags }}
appinspect_manual_checks: tests/testdata/expected_addons/expected_output_global_config_everything/.appinspect.manualcheck.yaml
appinspect_expected_failures: tests/testdata/expected_addons/expected_output_global_config_everything/.appinspect.expect.yaml
pre-commit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: "3.7"
- uses: pre-commit/action@v3.0.0
semgrep:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- id: semgrep
uses: returntocorp/semgrep-action@v1
with:
publishToken: ${{ secrets.SEMGREP_PUBLISH_TOKEN }}
build:
needs:
- docs-build
- compliance-copyrights
- fossa-scan
- test-unit
- test-smoke
- pre-commit
- appinspect-for-expected-outputs
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
# Very important: semantic-release won't trigger a tagged
# build if this is not set false
persist-credentials: false
- uses: actions/setup-python@v4
with:
python-version: "3.7"
- run: curl -sSL https://install.python-poetry.org | python3 - --version 1.5.1
- run: |
./get-ucc-ui.sh
# Puts package and schema subdirs along with NOTICE (THIRDPARTY.npm)
tar -zxf splunk-ucc-ui.tgz -C splunk_add_on_ucc_framework/
poetry build
- name: Ensure all UCC UI files are in the final package
run: ./.github/workflows/check_ucc_ui_files.sh
- uses: actions/download-artifact@v3
with:
name: THIRDPARTY
- run: cp -f THIRDPARTY NOTICE
- id: semantic
uses: splunk/semantic-release-action@v1.3
with:
git_committer_name: ${{ secrets.SA_GH_USER_NAME }}
git_committer_email: ${{ secrets.SA_GH_USER_EMAIL }}
gpg_private_key: ${{ secrets.SA_GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.SA_GPG_PASSPHRASE }}
extra_plugins: |
@google/semantic-release-replace-plugin
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN_ADMIN }}
- if: ${{ steps.semantic.outputs.new_release_published == 'true' }}
uses: splunk/pypi-publish-action@v1.0
with:
pypi_username: ${{ secrets.PYPI_USERNAME }}
pypi_token: ${{ secrets.PYPI_TOKEN }}