Update to v8.10.1 #810
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: [ tls ] | |
pull_request: | |
branches: [ tls ] | |
jobs: | |
test: | |
name: Test suite | |
# List of supported runners: | |
# https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners | |
runs-on: ubuntu-22.04 | |
env: | |
COMPOSE_PROJECT_NAME: docker-elk | |
steps: | |
- uses: actions/checkout@v3 | |
##################################################### | |
# # | |
# Install all dependencies required by test suites. # | |
# # | |
##################################################### | |
- name: Pre-build container images | |
run: >- | |
docker compose | |
--profile=setup | |
-f docker-compose.yml | |
-f extensions/logspout/logspout-compose.yml | |
-f extensions/fleet/fleet-compose.yml | |
-f extensions/fleet/agent-apmserver-compose.yml | |
-f extensions/metricbeat/metricbeat-compose.yml | |
-f extensions/filebeat/filebeat-compose.yml | |
-f extensions/heartbeat/heartbeat-compose.yml | |
-f extensions/enterprise-search/enterprise-search-compose.yml | |
build | |
- name: Generate X.509 assets for TLS communications | |
run: | | |
echo '::group::Generate certificates and private keys' | |
docker compose up tls | |
echo '::endgroup::' | |
echo '::group::Provide CA fingerprint for Fleet output' | |
declare ca_fingerprint | |
ca_fingerprint="$(openssl x509 -fingerprint -sha256 -noout -in tls/certs/ca/ca.crt \ | |
| cut -d '=' -f2 \ | |
| tr -d ':' \ | |
| tr '[:upper:]' '[:lower:]' | |
)" | |
sed -i "s/#\(ca_trusted_fingerprint:\).*/\1 ${ca_fingerprint}/g" kibana/config/kibana.yml | |
git diff | |
echo '::endgroup::' | |
######################################################## | |
# # | |
# Ensure §"Initial setup" of the README remains valid. # | |
# # | |
######################################################## | |
- name: Set password of every built-in user to 'testpasswd' | |
run: | | |
sed -i -e 's/\(ELASTIC_PASSWORD=\)'\''changeme'\''/\1testpasswd/g' \ | |
-e 's/\(LOGSTASH_INTERNAL_PASSWORD=\)'\''changeme'\''/\1testpasswd/g' \ | |
-e 's/\(KIBANA_SYSTEM_PASSWORD=\)'\''changeme'\''/\1testpasswd/g' \ | |
-e 's/\(METRICBEAT_INTERNAL_PASSWORD=\)'\'\''/\1testpasswd/g' \ | |
-e 's/\(FILEBEAT_INTERNAL_PASSWORD=\)'\'\''/\1testpasswd/g' \ | |
-e 's/\(HEARTBEAT_INTERNAL_PASSWORD=\)'\'\''/\1testpasswd/g' \ | |
-e 's/\(MONITORING_INTERNAL_PASSWORD=\)'\'\''/\1testpasswd/g' \ | |
-e 's/\(BEATS_SYSTEM_PASSWORD=\)'\'\''/\1testpasswd/g' .env | |
########################################################## | |
# # | |
# Test core components: Elasticsearch, Logstash, Kibana. # | |
# # | |
########################################################## | |
- name: Run the stack | |
run: | | |
docker compose up setup | |
docker compose up -d | |
- name: Execute core test suite | |
run: .github/workflows/scripts/run-tests-core.sh | |
############################## | |
# # | |
# Test supported extensions. # | |
# # | |
############################## | |
# | |
# Logspout | |
# | |
- name: Execute Logspout test suite | |
run: | | |
# Set mandatory Logstash settings | |
sed -i '$ a input { udp { port => 50000 codec => json } }' logstash/pipeline/logstash.conf | |
# Restart Logstash for changes to take effect | |
docker compose restart logstash | |
# Run Logspout and execute tests. | |
docker compose -f docker-compose.yml -f extensions/logspout/logspout-compose.yml up --remove-orphans -d logspout | |
.github/workflows/scripts/run-tests-logspout.sh | |
# Revert changes to Logstash configuration | |
sed -i '/input { udp { port => 50000 codec => json } }/d' logstash/pipeline/logstash.conf | |
docker compose restart logstash | |
# next steps don't need Logstash | |
docker compose stop logstash | |
# | |
# Fleet | |
# | |
- name: Execute Fleet test suite | |
run: | | |
docker compose -f docker-compose.yml -f extensions/fleet/fleet-compose.yml -f extensions/fleet/agent-apmserver-compose.yml up --remove-orphans -d fleet-server apm-server | |
.github/workflows/scripts/run-tests-fleet.sh | |
# | |
# Metricbeat | |
# | |
- name: Execute Metricbeat test suite | |
run: | | |
docker compose -f docker-compose.yml -f extensions/metricbeat/metricbeat-compose.yml up --remove-orphans -d metricbeat | |
.github/workflows/scripts/run-tests-metricbeat.sh | |
# | |
# Filebeat | |
# | |
- name: Execute Filebeat test suite | |
run: | | |
docker compose -f docker-compose.yml -f extensions/filebeat/filebeat-compose.yml up --remove-orphans -d filebeat | |
.github/workflows/scripts/run-tests-filebeat.sh | |
# | |
# Heartbeat | |
# | |
- name: Execute Heartbeat test suite | |
run: | | |
docker compose -f docker-compose.yml -f extensions/heartbeat/heartbeat-compose.yml up --remove-orphans -d heartbeat | |
.github/workflows/scripts/run-tests-heartbeat.sh | |
# | |
# Enterprise Search | |
# | |
- name: Execute Enterprise Search test suite | |
run: | | |
# Set mandatory Elasticsearch settings | |
sed -i '$ a xpack.security.authc.api_key.enabled: true' elasticsearch/config/elasticsearch.yml | |
# Restart Elasticsearch for changes to take effect | |
docker compose restart elasticsearch | |
# Run Enterprise Search and execute tests | |
sed -i 's/\(secret_management.encryption_keys:\)/\1 [test-encrypt]/g' extensions/enterprise-search/config/enterprise-search.yml | |
docker compose -f docker-compose.yml -f extensions/enterprise-search/enterprise-search-compose.yml up --remove-orphans -d enterprise-search | |
.github/workflows/scripts/run-tests-enterprise-search.sh | |
# Revert changes to Elasticsearch configuration | |
sed -i '/xpack.security.authc.api_key.enabled: true/d' elasticsearch/config/elasticsearch.yml | |
docker compose restart elasticsearch | |
- name: Collect troubleshooting data | |
id: debug-data | |
if: failure() | |
run: | | |
declare debug_data_dir="$(mktemp -d)" | |
docker compose \ | |
-f docker-compose.yml \ | |
-f extensions/logspout/logspout-compose.yml \ | |
-f extensions/fleet/fleet-compose.yml \ | |
-f extensions/fleet/agent-apmserver-compose.yml \ | |
-f extensions/metricbeat/metricbeat-compose.yml \ | |
-f extensions/filebeat/filebeat-compose.yml \ | |
-f extensions/heartbeat/heartbeat-compose.yml \ | |
-f extensions/enterprise-search/enterprise-search-compose.yml \ | |
ps >"$debug_data_dir"/docker_ps.log | |
docker compose \ | |
-f docker-compose.yml \ | |
-f extensions/logspout/logspout-compose.yml \ | |
-f extensions/fleet/fleet-compose.yml \ | |
-f extensions/fleet/agent-apmserver-compose.yml \ | |
-f extensions/metricbeat/metricbeat-compose.yml \ | |
-f extensions/filebeat/filebeat-compose.yml \ | |
-f extensions/heartbeat/heartbeat-compose.yml \ | |
-f extensions/enterprise-search/enterprise-search-compose.yml \ | |
logs >"$debug_data_dir"/docker_logs.log | |
echo "path=${debug_data_dir}" >>"$GITHUB_OUTPUT" | |
- name: Upload collected troubleshooting data | |
if: always() && steps.debug-data.outputs.path | |
uses: actions/upload-artifact@v3 | |
with: | |
name: debug-data | |
path: ${{ steps.debug-data.outputs.path }}/*.* | |
############## | |
# # | |
# Tear down. # | |
# # | |
############## | |
- name: Terminate all components | |
if: always() | |
run: >- | |
docker compose | |
-f docker-compose.yml | |
-f extensions/logspout/logspout-compose.yml | |
-f extensions/fleet/fleet-compose.yml | |
-f extensions/fleet/agent-apmserver-compose.yml | |
-f extensions/metricbeat/metricbeat-compose.yml | |
-f extensions/filebeat/filebeat-compose.yml | |
-f extensions/heartbeat/heartbeat-compose.yml | |
-f extensions/enterprise-search/enterprise-search-compose.yml | |
down -v |