Skip to content

chore(deps): update all dependencies #1166

chore(deps): update all dependencies

chore(deps): update all dependencies #1166

name: Build Test Release
on:
push:
branches:
- "main"
- "develop"
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
pull_request:
branches:
- "**"
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
cancel-in-progress: true
jobs:
fossa-scan:
continue-on-error: true
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: run fossa anlyze and create report
run: |
curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash
fossa analyze --debug
fossa report attribution --format text > /tmp/THIRDPARTY
env:
FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
- name: upload THIRDPARTY file
uses: actions/upload-artifact@v3
with:
name: THIRDPARTY
path: /tmp/THIRDPARTY
- name: run fossa test
run: |
fossa test --debug
env:
FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
compliance-copyrights:
name: Compliance Copyright Headers
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Check License Header
uses: apache/[email protected]
pre-commit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: "3.7"
- uses: pre-commit/[email protected]
semgrep:
runs-on: ubuntu-latest
name: security-sast-semgrep
if: github.actor != 'dependabot[bot]'
steps:
- uses: actions/checkout@v3
- name: Semgrep
id: semgrep
uses: returntocorp/semgrep-action@v1
with:
publishToken: ${{ secrets.SEMGREP_PUBLISH_TOKEN }}
review_secrets:
name: security-detect-secrets
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
submodules: false
fetch-depth: "0"
- name: Trufflehog Actions Scan
uses: edplato/[email protected]
with:
scanArguments: "--max_dept 50 -x .github/workflows/exclude-patterns.txt"
test-splunk-unit:
name: Unit tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
submodules: true
- name: Install dependencies
run: |
curl -sSL https://install.python-poetry.org | python3 -
poetry install
poetry run coverage run --source=./pytest_splunk_addon/standard_lib -m pytest -v tests/unit
poetry run coverage xml
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3
with:
token: ${{ secrets.CODECOV_TOKEN }}
files: ./coverage.xml
directory: ./coverage/reports/
env_vars: OS,PYTHON
fail_ci_if_error: true
verbose: true
test-splunk-doc:
name: Test Docs
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
submodules: true
- uses: actions/setup-python@v4
with:
python-version: 3.7
- name: Install and run tests
run: |
curl -sSL https://install.python-poetry.org | python3 -
poetry install --with docs -E docker
poetry run pytest -v -m doc tests/e2e
test-splunk-external:
runs-on: ubuntu-latest
name: Test splunk external
needs:
- pre-commit
- fossa-scan
- compliance-copyrights
- test-splunk-doc
- test-splunk-unit
- review_secrets
strategy:
fail-fast: false
matrix:
splunk-version: ["8.1", "8.2", "9.0"]
steps:
- uses: actions/checkout@v3
with:
submodules: true
- name: Setup for testing
run: |
pip install git+https://github.com/pixelb/crudini
mkdir test-results-${{ matrix.splunk-version }}
- name: Splunk Up
run: |
export SPLUNK_APP_PACKAGE=./tests/e2e/addons/TA_fiction
export SPLUNK_ADDON=TA_fiction
export SPLUNK_APP_ID=TA_fiction
ls -l deps/build/addonfactory_test_matrix_splunk/splunk_matrix.conf
export SPLUNK_VERSION=$(crudini --get deps/build/addonfactory_test_matrix_splunk/splunk_matrix.conf ${{ matrix.splunk-version }} VERSION)
echo $SPLUNK_VERSION
docker-compose -f "docker-compose-ci.yml" build
SPLUNK_PASSWORD=Chang3d! docker-compose -f docker-compose-ci.yml up -d splunk
sleep 90
- name: Test
run: |
SPLUNK_PASSWORD=Chang3d! docker-compose -f docker-compose-ci.yml up --abort-on-container-exit
docker volume ls
- name: Collect Results
run: |
docker volume ls
docker container create --name dummy \
-v pytest-splunk-addon_results:/work/test-results \
registry.access.redhat.com/ubi7/ubi
docker cp dummy:/work/test-results/test.xml test-results-${{ matrix.splunk-version }}
- uses: actions/upload-artifact@v3
if: always()
with:
name: splunk ${{ matrix.splunk-version }} external test artifacts
path: |
test-results-${{ matrix.splunk-version }}
test-splunk-matrix:
name: Test Matrix
needs:
- pre-commit
- fossa-scan
- compliance-copyrights
- test-splunk-doc
- test-splunk-unit
- review_secrets
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
splunk-version: ["8.1", "8.2", "9.0"]
test-marker: [
"splunk_connection_docker",
"splunk_app_fiction",
"splunk_app_broken",
"splunk_app_cim_fiction",
"splunk_app_cim_broken",
"splunk_fiction_indextime",
"splunk_fiction_indextime_broken",
"splunk_setup_fixture",
"splunk_app_req",
"splunk_app_req_broken",
]
steps:
- uses: actions/checkout@v3
with:
submodules: true
- name: Set up OS=ubuntu-latest::Python=3.7::Splunk=${{ matrix.splunk-version }}
uses: actions/setup-python@v4
with:
python-version: 3.7
- name: Install and run tests
run: |
curl -sSL https://install.python-poetry.org | python3 -
poetry install -E docker
poetry run pytest -v --splunk-version=${{ matrix.splunk-version }} -m docker -m ${{ matrix.test-marker }} tests/e2e
publish:
name: publish
needs:
- test-splunk-external
- test-splunk-matrix
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
# Very Important semantic-release won't trigger a tagged
# build if this is not set false
submodules: false
persist-credentials: false
- name: Setup python
uses: actions/setup-python@v4
with:
python-version: "3.7"
- uses: actions/download-artifact@v3
with:
name: THIRDPARTY
- name: Update Notices
run: cp -f THIRDPARTY NOTICE
- name: Install Poetry
run: |
curl -sSL https://install.python-poetry.org | python3 -
- name: Semantic Release
uses: cycjimmy/[email protected]
with:
semantic_version: 19.0.2
extra_plugins: |
@semantic-release/exec
@semantic-release/git
@google/semantic-release-replace-plugin
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN_ADMIN }}
PYPI_USERNAME: ${{ secrets.PYPI_USERNAME }}
PYPI_TOKEN: ${{ secrets.PYPI_TOKEN }}