-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: Added support for ESCU test-type (#93)
Added support for ESCU test-type
- Loading branch information
1 parent
67a810b
commit 31f938c
Showing
1 changed file
with
189 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -309,6 +309,7 @@ jobs: | |
name: package-deployment | ||
path: build/package/deployment** | ||
if: always() | ||
|
||
security-virustotal: | ||
continue-on-error: true | ||
name: security-virustotal | ||
|
@@ -326,6 +327,7 @@ jobs: | |
vt_api_key: ${{ secrets.VT_API_KEY }} | ||
files: | | ||
build/package/* | ||
test-inventory: | ||
runs-on: ubuntu-latest | ||
# Map a step output to a job output | ||
|
@@ -336,6 +338,7 @@ jobs: | |
modinput_functional: ${{ steps.testset.outputs.modinput_functional }} | ||
requirement_test: ${{ steps.testset.outputs.requirement_test }} | ||
scripted_inputs: ${{ steps.testset.outputs.scripted_inputs }} | ||
escu: ${{ steps.testset.outputs.escu }} | ||
steps: | ||
- uses: actions/checkout@v3 | ||
- id: testset | ||
|
@@ -1592,6 +1595,183 @@ jobs: | |
path: "${{ needs.setup.outputs.directory-path }}/test-results/*.xml" | ||
reporter: java-junit | ||
|
||
run-escu-tests: | ||
if: ${{ needs.test-inventory.outputs.escu == 'true' && ( github.base_ref == 'main' || github.ref_name == 'main' || github.base_ref == 'develop' || github.ref_name == 'develop' ) }} | ||
needs: | ||
- build | ||
- test-inventory | ||
- setup | ||
- meta | ||
runs-on: ubuntu-latest | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
splunk: ${{ fromJson(needs.meta.outputs.matrix_latestSplunk) }} | ||
container: | ||
image: ghcr.io/splunk/workflow-engine-base:2.0.3 | ||
env: | ||
ARGO_SERVER: ${{ needs.setup.outputs.argo-server }} | ||
ARGO_HTTP1: ${{ needs.setup.outputs.argo-http1 }} | ||
ARGO_SECURE: ${{ needs.setup.outputs.argo-secure }} | ||
ARGO_BASE_HREF: ${{ needs.setup.outputs.argo-href }} | ||
ARGO_NAMESPACE: ${{ needs.setup.outputs.argo-namespace }} | ||
SPLUNK_VERSION_BASE: ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} | ||
TEST_TYPE: "escu" | ||
steps: | ||
- uses: actions/checkout@v3 | ||
with: | ||
submodules: recursive | ||
- name: Configure AWS credentials | ||
uses: aws-actions/configure-aws-credentials@v1 | ||
with: | ||
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||
aws-region: ${{ secrets.AWS_DEFAULT_REGION }} | ||
- name: Read secrets from AWS Secrets Manager into environment variables | ||
id: get-argo-token | ||
run: | | ||
ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString') | ||
echo "::set-output name=argo-token::$ARGO_TOKEN" | ||
- name: create job name | ||
id: create-job-name | ||
shell: bash | ||
run: | | ||
RANDOM_STRING=$(head -3 /dev/urandom | tr -cd '[:lower:]' | cut -c -4) | ||
JOB_NAME=${{ needs.setup.outputs.job-name }}-${RANDOM_STRING} | ||
JOB_NAME=${JOB_NAME//TEST-TYPE/${{ env.TEST_TYPE }}} | ||
JOB_NAME=${JOB_NAME//[_.]/-} | ||
JOB_NAME=$(echo "$JOB_NAME" | tr '[:upper:]' '[:lower:]') | ||
echo "::set-output name=job-name::$JOB_NAME" | ||
- name: get escu detections | ||
id: get-escu-detections | ||
run: | | ||
RUN_TEST=false | ||
# shellcheck disable=SC2002 | ||
DETECTIONS=$(cat tests/escu/.escu_detections | tr '\n' ',' | tr -d "[:space:]") | ||
if [ -z "$DETECTIONS" ] | ||
then | ||
echo "Detection list is empty." | ||
else | ||
RUN_TEST=true | ||
fi | ||
DETECTIONS="-tf $DETECTIONS" | ||
echo "::set-output name=escu-detections::$DETECTIONS" | ||
echo "::set-output name=escu-test-run::$RUN_TEST" | ||
- name: run-tests | ||
id: run-tests | ||
if: ${{ steps.get-escu-detections.outputs.escu-test-run == 'true' }} | ||
env: | ||
ARGO_TOKEN: ${{ steps.get-argo-token.outputs.argo-token }} | ||
uses: splunk/[email protected] | ||
with: | ||
splunk: ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} | ||
test-type: ${{ env.TEST_TYPE }} | ||
test-args: ${{ steps.get-escu-detections.outputs.escu-detections }} | ||
job-name: ${{ steps.create-job-name.outputs.job-name }} | ||
labels: ${{ needs.setup.outputs.labels }} | ||
workflow-tmpl-name: ${{ needs.setup.outputs.argo-workflow-tmpl-name }} | ||
workflow-template-ns: ${{ needs.setup.outputs.argo-namespace }} | ||
delay-destroy: "No" | ||
addon-url: ${{ needs.setup.outputs.addon-upload-path }} | ||
addon-name: ${{ needs.setup.outputs.addon-name }} | ||
vendor-version: ${{ matrix.vendor-version.image }} | ||
sc4s-version: "No" | ||
- name: Check if pod was deleted | ||
id: is-pod-deleted | ||
if: ${{ steps.get-escu-detections.outputs.escu-test-run == 'true' }} | ||
shell: bash | ||
env: | ||
ARGO_TOKEN: ${{ steps.get-argo-token.outputs.argo-token }} | ||
run: | | ||
set -o xtrace | ||
if argo watch ${{ steps.run-tests.outputs.workflow-name }} -n workflows | grep "pod deleted"; then | ||
echo "::set-output name=retry-workflow::true" | ||
fi | ||
- name: Retrying workflow | ||
id: retry-wf | ||
shell: bash | ||
env: | ||
ARGO_TOKEN: ${{ steps.get-argo-token.outputs.argo-token }} | ||
if: ${{ steps.get-escu-detections.outputs.escu-test-run == 'true' }} | ||
run: | | ||
set -o xtrace | ||
set +e | ||
if [[ "${{ steps.is-pod-deleted.outputs.retry-workflow }}" == "true" ]] | ||
then | ||
WORKFLOW_NAME=$(argo resubmit -v -o json -n workflows "${{ steps.run-tests.outputs.workflow-name }}" | jq -r .metadata.name) | ||
echo "::set-output name=workflow-name::$WORKFLOW_NAME" | ||
argo logs --follow "${WORKFLOW_NAME}" -n workflows || echo "... there was an error fetching logs, the workflow is still in progress. please wait for the workflow to complete ..." | ||
else | ||
echo "No retry required" | ||
argo wait "${{ steps.run-tests.outputs.workflow-name }}" -n workflows | ||
argo watch "${{ steps.run-tests.outputs.workflow-name }}" -n workflows | grep "test-addon" | ||
fi | ||
- name: check if workflow completed | ||
env: | ||
ARGO_TOKEN: ${{ steps.get-argo-token.outputs.argo-token }} | ||
if: ${{ steps.get-escu-detections.outputs.escu-test-run == 'true' }} | ||
shell: bash | ||
run: | | ||
set +e | ||
# shellcheck disable=SC2157 | ||
if [ -z "${{ steps.retry-wf.outputs.workflow-name }}" ]; then | ||
WORKFLOW_NAME=${{ steps.run-tests.outputs.workflow-name }} | ||
else | ||
WORKFLOW_NAME="${{ steps.retry-wf.outputs.workflow-name }}" | ||
fi | ||
ARGO_STATUS=$(argo get "${WORKFLOW_NAME}" -n workflows -o json | jq -r '.status.phase') | ||
echo "Status of workflow:" "$ARGO_STATUS" | ||
while [ "$ARGO_STATUS" == "Running" ] || [ "$ARGO_STATUS" == "Pending" ] | ||
do | ||
echo "... argo Workflow ${WORKFLOW_NAME} is running, waiting for it to complete." | ||
argo wait "${WORKFLOW_NAME}" -n workflows || true | ||
ARGO_STATUS=$(argo get "${WORKFLOW_NAME}" -n workflows -o json | jq -r '.status.phase') | ||
done | ||
- name: pull artifacts from s3 bucket | ||
if: ${{ steps.get-escu-detections.outputs.escu-test-run == 'true' }} | ||
run: | | ||
echo "pulling artifacts" | ||
aws s3 cp s3://${{ needs.setup.outputs.s3-bucket }}/artifacts-${{ steps.create-job-name.outputs.job-name }}/${{ steps.create-job-name.outputs.job-name }}.tgz ${{ needs.setup.outputs.directory-path }}/ | ||
tar -xf ${{ needs.setup.outputs.directory-path }}/${{ steps.create-job-name.outputs.job-name }}.tgz -C ${{ needs.setup.outputs.directory-path }} | ||
- name: pull logs from s3 bucket | ||
if: ${{ steps.get-escu-detections.outputs.escu-test-run == 'true' }} | ||
run: | | ||
# shellcheck disable=SC2157 | ||
if [ -z "${{ steps.retry-wf.outputs.workflow-name }}" ]; then | ||
WORKFLOW_NAME=${{ steps.run-tests.outputs.workflow-name }} | ||
else | ||
WORKFLOW_NAME="${{ steps.retry-wf.outputs.workflow-name }}" | ||
fi | ||
echo "pulling logs" | ||
mkdir -p ${{ needs.setup.outputs.directory-path }}/argo-logs | ||
aws s3 cp s3://${{ needs.setup.outputs.s3-bucket }}/${WORKFLOW_NAME}/ ${{ needs.setup.outputs.directory-path }}/argo-logs/ --recursive | ||
- uses: actions/upload-artifact@v3 | ||
if: ${{ steps.get-escu-detections.outputs.escu-test-run == 'true' }} | ||
with: | ||
name: archive splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ matrix.vendor-version.image }} ${{ steps.os-name-version.outputs.os-name }} ${{ steps.os-name-version.outputs.os-version }} tests artifacts | ||
path: | | ||
${{ needs.setup.outputs.directory-path }}/test-results | ||
- uses: actions/upload-artifact@v3 | ||
if: ${{ steps.get-escu-detections.outputs.escu-test-run == 'true' }} | ||
with: | ||
name: archive splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ matrix.vendor-version.image }} ${{ steps.os-name-version.outputs.os-name }} ${{ steps.os-name-version.outputs.os-version }} tests logs | ||
path: | | ||
${{ needs.setup.outputs.directory-path }}/argo-logs | ||
- name: Upload results | ||
if: ${{ steps.get-escu-detections.outputs.escu-test-run == 'true' }} | ||
uses: actions/upload-artifact@v3 | ||
with: | ||
name: escu-test-result | ||
path: | | ||
${{ needs.setup.outputs.directory-path }}/test-results/escu-result.xml | ||
- name: Test Report | ||
uses: dorny/test-reporter@v1 | ||
if: ${{ steps.get-escu-detections.outputs.escu-test-run == 'true' }} | ||
with: | ||
name: splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ matrix.vendor-version.image }} test report | ||
path: "${{ needs.setup.outputs.directory-path }}/test-results/*.xml" | ||
reporter: java-junit | ||
|
||
validate-pr-title: | ||
name: Validate PR title | ||
if: github.event_name == 'pull_request' | ||
|
@@ -1650,6 +1830,7 @@ jobs: | |
if: always() && needs.pre-publish.result == 'success' && github.event_name != 'pull_request' && github.event_name != 'schedule' | ||
needs: | ||
- pre-publish | ||
- run-escu-tests | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Checkout | ||
|
@@ -1703,6 +1884,14 @@ jobs: | |
with: | ||
name: cim-field-report | ||
path: download/artifacts/deployment | ||
- name: Download escu-test-results | ||
id: download-escu-xml | ||
if: ${{ steps.semantic.outputs.new_release_published == 'true' }} | ||
continue-on-error: true | ||
uses: actions/download-artifact@v3 | ||
with: | ||
name: escu-test-result | ||
path: download/artifacts/deployment | ||
- name: List of assets | ||
if: ${{ steps.semantic.outputs.new_release_published == 'true' }} | ||
run: | | ||
|