-
Notifications
You must be signed in to change notification settings - Fork 16
184 lines (179 loc) · 6.62 KB
/
ci-main.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
# ########################################################################
# Copyright 2021 Splunk Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# ########################################################################
name: ci-main
on:
push:
branches:
- "main"
- "develop"
- "next"
tags-ignore:
- "v*"
pull_request:
branches:
- "main"
- "develop"
- "next"
workflow_call:
secrets:
FOSSA_API_KEY:
description: API token for FOSSA app
required: true
jobs:
fossa-scan:
name: fossa
continue-on-error: true
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: run fossa analyze and create report
run: |
curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash
fossa analyze --debug
fossa report attribution --format text > /tmp/THIRDPARTY
env:
FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
- name: upload THIRDPARTY file
uses: actions/upload-artifact@v4
with:
name: THIRDPARTY
path: /tmp/THIRDPARTY
- name: run fossa test
run: |
fossa test --debug
env:
FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
semgrep-scan:
name: semgrep
if: (github.actor != 'dependabot[bot]')
uses: splunk/sast-scanning/.github/workflows/sast-scan.yml@main
secrets: inherit
with:
block_mode: "on"
pre-commit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.10"
- uses: pre-commit/[email protected]
test-unit:
name: Test Unit Python ${{ matrix.python-version }}
runs-on: ubuntu-latest
strategy:
matrix:
python-version:
- "3.10"
steps:
- uses: actions/checkout@v4
- name: Setup python
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Install Poetry
run: |
curl -sSL https://install.python-poetry.org | python3 -
poetry install
- name: Run Pytest with coverage
run: |
poetry run pytest --cov=./splunk_connect_for_snmp --cov-report=xml --junitxml=test-results/junit.xml
# - name: Upload coverage to Codecov
# uses: codecov/codecov-action@v3
# with:
# token: ${{ secrets.CODECOV_TOKEN }}
# files: ./coverage.xml
# directory: ./coverage/reports/
# env_vars: OS,PYTHON
# fail_ci_if_error: true
# path_to_write_report: ./coverage/codecov_report.txt
# verbose: true
- uses: actions/upload-artifact@v4 # upload test results
if: success() || failure() # run this step even if previous step failed
with:
name: test-results-unit-python_${{ matrix.python-version }}
path: test-results/*
integration-tests-check:
name: Check if run integration tests
runs-on: ubuntu-latest
steps:
- name: Checkout Project
uses: actions/checkout@v4
with:
fetch-depth: 2
- name: Get commit message
id: get_commit_message
run: |
if [[ '${{ github.event_name }}' == 'push' ]]; then
echo ::set-output name=commit_message::$(git log --format=%B -n 1 HEAD)
elif [[ '${{ github.event_name }}' == 'pull_request' ]]; then
echo ::set-output name=commit_message::$(git log --format=%B -n 1 HEAD^2)
fi
outputs:
commit_message:
echo "${{ steps.get_commit_message.outputs.commit_message }}"
test-integration-microk8s:
name: Run integration tests in microk8s deployment
needs:
- integration-tests-check
runs-on: ubuntu-latest
if: "contains(needs.integration-tests-check.outputs.commit_message, '[run-int-tests]')"
timeout-minutes: 120
steps:
- name: Checkout Project
uses: actions/checkout@v4
- name: run install_microk8s.sh
run: |
sudo snap install microk8s --classic --channel=1.30/stable
sudo apt-get install snmp -y
sudo apt-get install python3-dev -y
- name: run automatic_setup_microk8s.sh
run: integration_tests/automatic_setup_microk8s.sh integration
- name: run tests
working-directory: integration_tests
run: |
poetry run pytest --splunk_host="localhost" --splunk_password="changeme2" --trap_external_ip="$(hostname -I | cut -d " " -f1)" --sc4snmp_deployment="microk8s"
test-integration-compose:
name: Run integration tests in docker compose deployment
needs:
- integration-tests-check
runs-on: ubuntu-latest
if: "contains(needs.integration-tests-check.outputs.commit_message, '[run-int-tests]')"
timeout-minutes: 120
steps:
- name: Checkout Project
uses: actions/checkout@v4
- name: Install docker compose
run: |
# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
# Add the repository to Apt sources:
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
- name: run automatic_setup_compose.sh
run: integration_tests/automatic_setup_compose.sh integration
- name: run tests
working-directory: integration_tests
run: |
poetry run pytest --splunk_host="localhost" --splunk_password="changeme2" --trap_external_ip="$(hostname -I | cut -d " " -f1)" --sc4snmp_deployment="docker-compose"