chore(deps): update all dependencies #968
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: | |
| push: | |
| branches: | |
| - "main" | |
| - "develop" | |
| tags: | |
| - "v[0-9]+.[0-9]+.[0-9]+" | |
| pull_request: | |
| branches: [main, develop] | |
| concurrency: | |
| group: ${{ github.head_ref || github.run_id }} | |
| cancel-in-progress: true | |
| env: | |
| PYTHON_VERSION: "3.7" | |
| POETRY_VERSION: "1.5.1" | |
| jobs: | |
| meta: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| matrix_supportedSplunk: ${{ steps.matrix.outputs.supportedSplunk }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - id: matrix | |
| uses: splunk/[email protected] | |
| fossa-scan: | |
| continue-on-error: true | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - run: | | |
| curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash | |
| fossa analyze --debug | |
| fossa report attribution --format text > /tmp/THIRDPARTY | |
| env: | |
| FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} | |
| - uses: actions/upload-artifact@v3 | |
| with: | |
| name: THIRDPARTY | |
| path: /tmp/THIRDPARTY | |
| - run: | | |
| fossa test --debug | |
| env: | |
| FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} | |
| compliance-copyrights: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: apache/[email protected] | |
| pre-commit: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: "3.12" | |
| - uses: pre-commit/[email protected] | |
| semgrep: | |
| uses: splunk/sast-scanning/.github/workflows/sast-scan.yml@main | |
| secrets: | |
| SEMGREP_KEY: ${{ secrets.SEMGREP_PUBLISH_TOKEN }} | |
| run-unit-tests: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - run: | | |
| curl -sSL https://install.python-poetry.org | python3 - --version ${{ env.POETRY_VERSION }} | |
| - id: cache-poetry | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.cache/pypoetry | |
| key: poetry-${{ runner.os }}-${{ hashFiles('poetry.lock') }} | |
| restore-keys: | | |
| poetry-${{ runner.os }}- | |
| - run: poetry install | |
| if: ${{ steps.cache-poetry.outputs.cache-hit != 'true' }} | |
| - run: poetry run pytest -v tests/unit | |
| build: | |
| name: build | |
| runs-on: ubuntu-22.04 | |
| needs: | |
| - fossa-scan | |
| - compliance-copyrights | |
| - pre-commit | |
| - run-unit-tests | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - run: curl -sSL https://install.python-poetry.org | python3 - --version ${{ env.POETRY_VERSION }} | |
| - id: cache-poetry | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.cache/pypoetry | |
| key: poetry-${{ runner.os }}-${{ hashFiles('poetry.lock') }} | |
| restore-keys: | | |
| poetry-${{ runner.os }}- | |
| - run: poetry install | |
| if: ${{ steps.cache-poetry.outputs.cache-hit != 'true' }} | |
| - run: poetry build | |
| - run: | | |
| poetry run ucc-gen build \ | |
| --source=tests/testdata/Splunk_TA_UCCExample/package \ | |
| --config=tests/testdata/Splunk_TA_UCCExample/globalConfig.json \ | |
| --ta-version=0.0.1 | |
| if: always() | |
| - uses: actions/upload-artifact@v3 | |
| with: | |
| name: output | |
| path: output/* | |
| run-ui-tests: | |
| name: test-ui Splunk ${{ matrix.splunk.version }} -k ${{ matrix.test_suite }} | |
| needs: | |
| - meta | |
| - build | |
| runs-on: ubuntu-22.04 | |
| if: | | |
| !contains(github.event.issue.labels.*.name, 'skip-ui-tests') | |
| permissions: | |
| id-token: write | |
| contents: read | |
| checks: write | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| splunk: ${{ fromJson(needs.meta.outputs.matrix_supportedSplunk) }} | |
| browser: ["chrome", "firefox"] | |
| test_suite: [ | |
| "test_splunk_ta_example_addon_logging", | |
| "test_splunk_ta_example_addon_account", | |
| "test_splunk_ta_example_addon_proxy", | |
| "test_splunk_ta_example_addon_input_common", | |
| "test_splunk_ta_example_addon_input_1", | |
| "test_splunk_ta_example_addon_input_2", | |
| "test_splunk_ta_example_addon_custom", | |
| "test_splunk_ta_example_addon_alert_actions" | |
| ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - uses: actions/download-artifact@v3 | |
| with: | |
| name: output | |
| path: output/ | |
| - run: curl -sSL https://install.python-poetry.org | python3 - --version ${{ env.POETRY_VERSION }} | |
| - id: cache-poetry | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.cache/pypoetry | |
| key: poetry-${{ runner.os }}-${{ hashFiles('poetry.lock') }} | |
| restore-keys: | | |
| poetry-${{ runner.os }}- | |
| - run: poetry install | |
| if: ${{ steps.cache-poetry.outputs.cache-hit != 'true' }} | |
| - name: Link chromedriver and geckodriver | |
| # Use installed chromedriver https://github.com/actions/runner-images/blob/main/images/linux/Ubuntu2204-Readme.md | |
| run: | | |
| export PATH=$PATH:$CHROMEWEBDRIVER | |
| chromedriver --version | |
| export PATH=$PATH:$GECKOWEBDRIVER | |
| geckodriver --version | |
| - run: | | |
| ./run_splunk.sh ${{ matrix.splunk.version }} | |
| until curl -Lsk "https://localhost:8088/services/collector/health" &>/dev/null ; do echo -n "Waiting for HEC-" && sleep 5 ; done | |
| - run: poetry run pytest tests/ui -k "${{ matrix.test_suite }}" --headless --junitxml=test-results/junit.xml | |
| - uses: actions/upload-artifact@v3 | |
| if: always() | |
| with: | |
| name: test-results-${{ matrix.splunk.version }}_${{ matrix.python-version }}_${{ matrix.browser }}_${{ matrix.test_suite }} | |
| path: test-results/* | |
| - uses: dorny/test-reporter@v1 | |
| if: always() | |
| with: | |
| name: test-report-${{ matrix.splunk.version }}_${{ matrix.python-version }}_${{ matrix.browser }}_${{ matrix.test_suite }} | |
| path: "test-results/*.xml" | |
| reporter: java-junit | |
| publish: | |
| needs: | |
| - pre-commit | |
| - build | |
| - run-ui-tests | |
| - run-unit-tests | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: false | |
| persist-credentials: false | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - run: curl -sSL https://install.python-poetry.org | python3 - --version ${{ env.POETRY_VERSION }} | |
| - id: semantic | |
| uses: splunk/[email protected] | |
| with: | |
| git_committer_name: ${{ secrets.SA_GH_USER_NAME }} | |
| git_committer_email: ${{ secrets.SA_GH_USER_EMAIL }} | |
| gpg_private_key: ${{ secrets.SA_GPG_PRIVATE_KEY }} | |
| passphrase: ${{ secrets.SA_GPG_PASSPHRASE }} | |
| extra_plugins: | | |
| semantic-release-replace-plugin | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GH_TOKEN_ADMIN }} | |
| - if: ${{ steps.semantic.outputs.new_release_published == 'true' }} | |
| run: | | |
| poetry build | |
| poetry publish -n -u ${{ secrets.PYPI_USERNAME }} -p ${{ secrets.PYPI_TOKEN }} |