feat: Added support for ESCU test-type (#93)

Added support for ESCU test-type
splunk · Sep 5, 2022 · 31f938c · 31f938c
1 parent 67a810b
commit 31f938c
Showing 1 changed file with 189 additions and 0 deletions.
diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml
@@ -309,6 +309,7 @@ jobs:
  name: package-deployment
  path: build/package/deployment**
  if: always()
+
  security-virustotal:
  continue-on-error: true
  name: security-virustotal
@@ -326,6 +327,7 @@ jobs:
  vt_api_key: ${{ secrets.VT_API_KEY }}
  files: |
  build/package/*
+
  test-inventory:
  runs-on: ubuntu-latest
  # Map a step output to a job output
@@ -336,6 +338,7 @@ jobs:
  modinput_functional: ${{ steps.testset.outputs.modinput_functional }}
  requirement_test: ${{ steps.testset.outputs.requirement_test }}
  scripted_inputs: ${{ steps.testset.outputs.scripted_inputs }}
+ escu: ${{ steps.testset.outputs.escu }}
  steps:
  - uses: actions/checkout@v3
  - id: testset
@@ -1592,6 +1595,183 @@ jobs:
  path: "${{ needs.setup.outputs.directory-path }}/test-results/*.xml"
  reporter: java-junit
 
+ run-escu-tests:
+ if: ${{ needs.test-inventory.outputs.escu == 'true' && ( github.base_ref == 'main' || github.ref_name == 'main' || github.base_ref == 'develop' || github.ref_name == 'develop' ) }}
+ needs:
+ - build
+ - test-inventory
+ - setup
+ - meta
+ runs-on: ubuntu-latest
+ strategy:
+ fail-fast: false
+ matrix:
+ splunk: ${{ fromJson(needs.meta.outputs.matrix_latestSplunk) }}
+ container:
+ image: ghcr.io/splunk/workflow-engine-base:2.0.3
+ env:
+ ARGO_SERVER: ${{ needs.setup.outputs.argo-server }}
+ ARGO_HTTP1: ${{ needs.setup.outputs.argo-http1 }}
+ ARGO_SECURE: ${{ needs.setup.outputs.argo-secure }}
+ ARGO_BASE_HREF: ${{ needs.setup.outputs.argo-href }}
+ ARGO_NAMESPACE: ${{ needs.setup.outputs.argo-namespace }}
+ SPLUNK_VERSION_BASE: ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }}
+ TEST_TYPE: "escu"
+ steps:
+ - uses: actions/checkout@v3
+ with:
+ submodules: recursive
+ - name: Configure AWS credentials
+ uses: aws-actions/configure-aws-credentials@v1
+ with:
+ aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+ aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+ aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
+ - name: Read secrets from AWS Secrets Manager into environment variables
+ id: get-argo-token
+ run: |
+ ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString')
+ echo "::set-output name=argo-token::$ARGO_TOKEN"
+ - name: create job name
+ id: create-job-name
+ shell: bash
+ run: |
+ RANDOM_STRING=$(head -3 /dev/urandom | tr -cd '[:lower:]' | cut -c -4)
+ JOB_NAME=${{ needs.setup.outputs.job-name }}-${RANDOM_STRING}
+ JOB_NAME=${JOB_NAME//TEST-TYPE/${{ env.TEST_TYPE }}}
+ JOB_NAME=${JOB_NAME//[_.]/-}
+ JOB_NAME=$(echo "$JOB_NAME" | tr '[:upper:]' '[:lower:]')
+ echo "::set-output name=job-name::$JOB_NAME"
+ - name: get escu detections
+ id: get-escu-detections
+ run: |
+ RUN_TEST=false
+ # shellcheck disable=SC2002
+ DETECTIONS=$(cat tests/escu/.escu_detections | tr '\n' ',' | tr -d "[:space:]")
+ if [ -z "$DETECTIONS" ]
+ then
+ echo "Detection list is empty."
+ else
+ RUN_TEST=true
+ fi
+ DETECTIONS="-tf $DETECTIONS"
+ echo "::set-output name=escu-detections::$DETECTIONS"
+ echo "::set-output name=escu-test-run::$RUN_TEST"
+ - name: run-tests
+ id: run-tests
+ if: ${{ steps.get-escu-detections.outputs.escu-test-run == 'true' }}
+ env:
+ ARGO_TOKEN: ${{ steps.get-argo-token.outputs.argo-token }}
+ uses: splunk/[email protected]
+ with:
+ splunk: ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }}
+ test-type: ${{ env.TEST_TYPE }}
+ test-args: ${{ steps.get-escu-detections.outputs.escu-detections }}
+ job-name: ${{ steps.create-job-name.outputs.job-name }}
+ labels: ${{ needs.setup.outputs.labels }}
+ workflow-tmpl-name: ${{ needs.setup.outputs.argo-workflow-tmpl-name }}
+ workflow-template-ns: ${{ needs.setup.outputs.argo-namespace }}
+ delay-destroy: "No"
+ addon-url: ${{ needs.setup.outputs.addon-upload-path }}
+ addon-name: ${{ needs.setup.outputs.addon-name }}
+ vendor-version: ${{ matrix.vendor-version.image }}
+ sc4s-version: "No"
+ - name: Check if pod was deleted
+ id: is-pod-deleted
+ if: ${{ steps.get-escu-detections.outputs.escu-test-run == 'true' }}
+ shell: bash
+ env:
+ ARGO_TOKEN: ${{ steps.get-argo-token.outputs.argo-token }}
+ run: |
+ set -o xtrace
+ if argo watch ${{ steps.run-tests.outputs.workflow-name }} -n workflows | grep "pod deleted"; then
+ echo "::set-output name=retry-workflow::true"
+ fi
+ - name: Retrying workflow
+ id: retry-wf
+ shell: bash
+ env:
+ ARGO_TOKEN: ${{ steps.get-argo-token.outputs.argo-token }}
+ if: ${{ steps.get-escu-detections.outputs.escu-test-run == 'true' }}
+ run: |
+ set -o xtrace
+ set +e
+ if [[ "${{ steps.is-pod-deleted.outputs.retry-workflow }}" == "true" ]]
+ then
+ WORKFLOW_NAME=$(argo resubmit -v -o json -n workflows "${{ steps.run-tests.outputs.workflow-name }}" | jq -r .metadata.name)
+ echo "::set-output name=workflow-name::$WORKFLOW_NAME"
+ argo logs --follow "${WORKFLOW_NAME}" -n workflows || echo "... there was an error fetching logs, the workflow is still in progress. please wait for the workflow to complete ..."
+ else
+ echo "No retry required"
+ argo wait "${{ steps.run-tests.outputs.workflow-name }}" -n workflows
+ argo watch "${{ steps.run-tests.outputs.workflow-name }}" -n workflows | grep "test-addon"
+ fi
+ - name: check if workflow completed
+ env:
+ ARGO_TOKEN: ${{ steps.get-argo-token.outputs.argo-token }}
+ if: ${{ steps.get-escu-detections.outputs.escu-test-run == 'true' }}
+ shell: bash
+ run: |
+ set +e
+ # shellcheck disable=SC2157
+ if [ -z "${{ steps.retry-wf.outputs.workflow-name }}" ]; then
+ WORKFLOW_NAME=${{ steps.run-tests.outputs.workflow-name }}
+ else
+ WORKFLOW_NAME="${{ steps.retry-wf.outputs.workflow-name }}"
+ fi
+ ARGO_STATUS=$(argo get "${WORKFLOW_NAME}" -n workflows -o json | jq -r '.status.phase')
+ echo "Status of workflow:" "$ARGO_STATUS"
+ while [ "$ARGO_STATUS" == "Running" ] || [ "$ARGO_STATUS" == "Pending" ]
+ do
+ echo "... argo Workflow ${WORKFLOW_NAME} is running, waiting for it to complete."
+ argo wait "${WORKFLOW_NAME}" -n workflows || true
+ ARGO_STATUS=$(argo get "${WORKFLOW_NAME}" -n workflows -o json | jq -r '.status.phase')
+ done
+ - name: pull artifacts from s3 bucket
+ if: ${{ steps.get-escu-detections.outputs.escu-test-run == 'true' }}
+ run: |
+ echo "pulling artifacts"
+ aws s3 cp s3://${{ needs.setup.outputs.s3-bucket }}/artifacts-${{ steps.create-job-name.outputs.job-name }}/${{ steps.create-job-name.outputs.job-name }}.tgz ${{ needs.setup.outputs.directory-path }}/
+ tar -xf ${{ needs.setup.outputs.directory-path }}/${{ steps.create-job-name.outputs.job-name }}.tgz -C ${{ needs.setup.outputs.directory-path }}
+ - name: pull logs from s3 bucket
+ if: ${{ steps.get-escu-detections.outputs.escu-test-run == 'true' }}
+ run: |
+ # shellcheck disable=SC2157
+ if [ -z "${{ steps.retry-wf.outputs.workflow-name }}" ]; then
+ WORKFLOW_NAME=${{ steps.run-tests.outputs.workflow-name }}
+ else
+ WORKFLOW_NAME="${{ steps.retry-wf.outputs.workflow-name }}"
+ fi
+ echo "pulling logs"
+ mkdir -p ${{ needs.setup.outputs.directory-path }}/argo-logs
+ aws s3 cp s3://${{ needs.setup.outputs.s3-bucket }}/${WORKFLOW_NAME}/ ${{ needs.setup.outputs.directory-path }}/argo-logs/ --recursive
+ - uses: actions/upload-artifact@v3
+ if: ${{ steps.get-escu-detections.outputs.escu-test-run == 'true' }}
+ with:
+ name: archive splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ matrix.vendor-version.image }} ${{ steps.os-name-version.outputs.os-name }} ${{ steps.os-name-version.outputs.os-version }} tests artifacts
+ path: |
+ ${{ needs.setup.outputs.directory-path }}/test-results
+ - uses: actions/upload-artifact@v3
+ if: ${{ steps.get-escu-detections.outputs.escu-test-run == 'true' }}
+ with:
+ name: archive splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ matrix.vendor-version.image }} ${{ steps.os-name-version.outputs.os-name }} ${{ steps.os-name-version.outputs.os-version }} tests logs
+ path: |
+ ${{ needs.setup.outputs.directory-path }}/argo-logs
+ - name: Upload results
+ if: ${{ steps.get-escu-detections.outputs.escu-test-run == 'true' }}
+ uses: actions/upload-artifact@v3
+ with:
+ name: escu-test-result
+ path: |
+ ${{ needs.setup.outputs.directory-path }}/test-results/escu-result.xml
+ - name: Test Report
+ uses: dorny/test-reporter@v1
+ if: ${{ steps.get-escu-detections.outputs.escu-test-run == 'true' }}
+ with:
+ name: splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ matrix.vendor-version.image }} test report
+ path: "${{ needs.setup.outputs.directory-path }}/test-results/*.xml"
+ reporter: java-junit
+
  validate-pr-title:
  name: Validate PR title
  if: github.event_name == 'pull_request'
@@ -1650,6 +1830,7 @@ jobs:
  if: always() && needs.pre-publish.result == 'success' && github.event_name != 'pull_request' && github.event_name != 'schedule'
  needs:
  - pre-publish
+ - run-escu-tests
  runs-on: ubuntu-latest
  steps:
  - name: Checkout
@@ -1703,6 +1884,14 @@ jobs:
  with:
  name: cim-field-report
  path: download/artifacts/deployment
+ - name: Download escu-test-results
+ id: download-escu-xml
+ if: ${{ steps.semantic.outputs.new_release_published == 'true' }}
+ continue-on-error: true
+ uses: actions/download-artifact@v3
+ with:
+ name: escu-test-result
+ path: download/artifacts/deployment
  - name: List of assets
  if: ${{ steps.semantic.outputs.new_release_published == 'true' }}
  run: |