Merge pull request #428 from elastic/renovate/docker.elastic.co-appex… #2474
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Main | |
on: | |
push: | |
tags: "v[0-9]+.[0-9]+.[0-9]+" | |
branches: "main" | |
pull_request: | |
branches: "*" | |
schedule: | |
# every Monday at 3:30 AM | |
- cron: "30 3 * * 1" | |
env: | |
TEST_VERBOSITY: 2 | |
jobs: | |
license-check: | |
name: License check | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
with: | |
persist-credentials: false | |
- name: License check | |
run: make license-check | |
lint-check: | |
name: Code lint check | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
with: | |
persist-credentials: false | |
- name: Setup Python | |
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5 | |
with: | |
python-version: "3.13" | |
- name: Install dependencies | |
run: make prereq | |
- name: Lint | |
run: make lint | |
unit-tests: | |
name: Unit tests (${{ matrix.os }}/py-${{ matrix.python-version }}) | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
stack-version: ["8.2.0"] | |
schema-uri: ["./etc/ecs-v8.2.1.tar.gz"] | |
python-version: ["3.8", "3.13"] | |
os: ["ubuntu-latest", "macos-latest"] | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
with: | |
persist-credentials: false | |
- name: Setup Python | |
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5 | |
with: | |
python-version: ${{ matrix.python-version }} | |
- name: Install dependencies | |
run: make prereq | |
- name: Run unit tests | |
env: | |
TEST_STACK_VERSION: ${{ matrix.stack-version }} | |
TEST_SCHEMA_URI: ${{ matrix.schema-uri }} | |
TEST_DETECTION_RULES_URI: "https://epr.elastic.co/search?package=security_detection_engine&kibana.version=${{ matrix.stack-version }}" | |
run: make tests | |
online-tests: | |
name: Online tests (${{ matrix.stack-version }}) | |
runs-on: "ubuntu-latest" | |
needs: | |
- unit-tests | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- stack-version: 8.17.0 | |
schema-uri: "./etc/ecs-v8.16.0.tar.gz" | |
- stack-version: 8.16.0 | |
schema-uri: "./etc/ecs-v8.16.0.tar.gz" | |
- stack-version: 8.15.0 | |
schema-uri: "./etc/ecs-v8.11.0.tar.gz" | |
- stack-version: 8.14.0 | |
schema-uri: "./etc/ecs-v8.11.0.tar.gz" | |
- stack-version: 8.13.0 | |
schema-uri: "./etc/ecs-v8.11.0.tar.gz" | |
- stack-version: 8.12.0 | |
schema-uri: "./etc/ecs-v8.11.0.tar.gz" | |
- stack-version: 8.11.0 | |
schema-uri: "./etc/ecs-v8.11.0.tar.gz" | |
- stack-version: 8.10.1 | |
schema-uri: "./etc/ecs-v8.10.0.tar.gz" | |
- stack-version: 8.9.0 | |
schema-uri: "./etc/ecs-v8.9.0.tar.gz" | |
- stack-version: 8.8.0 | |
schema-uri: "./etc/ecs-v8.8.0.tar.gz" | |
- stack-version: 8.7.0 | |
schema-uri: "./etc/ecs-v8.7.0.tar.gz" | |
- stack-version: 8.6.0 | |
schema-uri: "./etc/ecs-v8.6.1.tar.gz" | |
- stack-version: 8.5.0 | |
schema-uri: "./etc/ecs-v8.5.2.tar.gz" | |
- stack-version: 8.4.0 | |
schema-uri: "./etc/ecs-v8.4.0.tar.gz" | |
- stack-version: 8.3.0 | |
schema-uri: "./etc/ecs-v8.3.1.tar.gz" | |
- stack-version: 8.2.0 | |
schema-uri: "./etc/ecs-v8.2.1.tar.gz" | |
env: | |
TEST_ELASTICSEARCH_URL: "http://elastic:changeme@localhost:29650" | |
TEST_KIBANA_URL: "http://elastic:changeme@localhost:65290" | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
with: | |
persist-credentials: false | |
- name: Setup Python | |
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5 | |
with: | |
python-version: "3.8" | |
- name: Install dependencies | |
run: make prereq | |
- name: Setup cache | |
id: elastic-stack-cache | |
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4 | |
with: | |
key: elastic-stack-cache-${{ matrix.stack-version }} | |
path: ~/elastic-stack-cache | |
- name: Reuse Elastic Stack ${{ matrix.stack-version }} Docker images | |
if: steps.elastic-stack-cache.outputs.cache-hit == 'true' | |
run: | | |
docker load -i ~/elastic-stack-cache/elasticsearch-${{ matrix.stack-version }}.tar | |
docker load -i ~/elastic-stack-cache/kibana-${{ matrix.stack-version }}.tar | |
- name: Pull Elastic Stack ${{ matrix.stack-version }} Docker images | |
if: steps.elastic-stack-cache.outputs.cache-hit != 'true' | |
env: | |
TEST_STACK_VERSION: ${{ matrix.stack-version }} | |
run: | | |
mkdir ~/elastic-stack-cache | |
docker compose pull -q | |
docker save -o ~/elastic-stack-cache/elasticsearch-${{ matrix.stack-version }}.tar \ | |
docker.elastic.co/elasticsearch/elasticsearch:${{ matrix.stack-version }} | |
docker save -o ~/elastic-stack-cache/kibana-${{ matrix.stack-version }}.tar \ | |
docker.elastic.co/kibana/kibana:${{ matrix.stack-version }} | |
- name: Start Elastic Stack ${{ matrix.stack-version }} | |
env: | |
TEST_STACK_VERSION: ${{ matrix.stack-version }} | |
run: make up | |
- name: Run online tests | |
env: | |
TEST_STACK_VERSION: ${{ matrix.stack-version }} | |
TEST_SCHEMA_URI: ${{ matrix.schema-uri }} | |
TEST_SIGNALS_QUERIES: 1 | |
TEST_SIGNALS_RULES: 1 | |
run: make online-tests | |
- name: Explain shards allocation | |
if: always() | |
run: curl -s $TEST_ELASTICSEARCH_URL/_cat/shards?v | |
- name: Print Stack logs | |
if: always() | |
run: docker compose logs | |
- name: Stop Elastic Stack ${{ matrix.stack-version }} | |
if: always() | |
run: | | |
docker logs geneve-test-es-1 >es-${{ matrix.stack-version }}.log | |
docker logs geneve-test-kbn-1 >kbn-${{ matrix.stack-version }}.log | |
make down | |
- name: Upload logs | |
if: always() | |
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4 | |
with: | |
name: logs-${{ matrix.stack-version }} | |
path: | | |
es-*.log | |
kbn-*.log | |
- name: Upload reports | |
if: always() | |
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4 | |
with: | |
name: test-reports-${{ matrix.stack-version }} | |
path: tests/reports/*.new.md | |
package-build: | |
name: Package build (${{ matrix.os }}/py-${{ matrix.python-version }}) | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
python-version: ["3.8", "3.13"] | |
os: ["ubuntu-latest", "macos-latest"] | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
with: | |
persist-credentials: false | |
- name: Setup Python | |
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5 | |
with: | |
python-version: ${{ matrix.python-version }} | |
- name: Install dependencies | |
run: make prereq | |
- name: Check versions | |
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') | |
run: "set -x; [ \"${{ github.ref }}\" = \"refs/tags/v$(python3 -c 'import geneve; print(geneve.version)')\" ]" | |
- name: Build package | |
run: make package | |
- name: Upload artifacts | |
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4 | |
with: | |
name: python-package-${{ matrix.python-version }}-${{ matrix.os }} | |
path: dist/* | |
package-tests: | |
name: Package tests (${{ matrix.os }}/py-${{ matrix.python-version }}) | |
runs-on: ${{ matrix.os }} | |
needs: package-build | |
strategy: | |
fail-fast: false | |
matrix: | |
python-version: ["3.8", "3.13"] | |
os: ["ubuntu-latest", "macos-latest"] | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
with: | |
path: code | |
- name: Setup Python | |
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5 | |
with: | |
python-version: ${{ matrix.python-version }} | |
- name: Download artifacts | |
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 | |
with: | |
name: python-package-${{ matrix.python-version }}-${{ matrix.os }} | |
path: dist | |
- name: Install package | |
run: make -f code/Makefile pkg-install | |
publish: | |
name: Publish | |
runs-on: ubuntu-latest | |
needs: | |
- license-check | |
- lint-check | |
- unit-tests | |
- online-tests | |
- package-tests | |
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') | |
steps: | |
- name: Setup Python | |
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5 | |
with: | |
python-version: "3.8" | |
- name: Download artifacts | |
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 | |
with: | |
name: python-package-3.8-ubuntu-latest | |
path: dist | |
- name: Publish to TestPyPI | |
uses: pypa/gh-action-pypi-publish@67339c736fd9354cd4f8cb0b744f2b82a74b5c70 # v1.12.3 | |
if: github.repository != 'elastic/geneve' | |
with: | |
password: ${{ secrets.TEST_PYPI_API_TOKEN }} | |
print_hash: true | |
repository_url: https://test.pypi.org/legacy/ | |
skip_existing: true | |
- name: Publish to PyPI | |
uses: pypa/gh-action-pypi-publish@67339c736fd9354cd4f8cb0b744f2b82a74b5c70 # v1.12.3 | |
if: github.repository == 'elastic/geneve' | |
with: | |
password: ${{ secrets.PYPI_API_TOKEN }} | |
print_hash: true |