chore(deps): update all dependencies #1160
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD | |
| on: | |
| push: | |
| branches: | |
| - "main" | |
| - "develop" | |
| tags: | |
| - "v[0-9]+.[0-9]+.[0-9]+" | |
| pull_request: | |
| branches: [main, develop] | |
| concurrency: | |
| group: ${{ github.head_ref || github.run_id }} | |
| cancel-in-progress: true | |
| env: | |
| PYTHON_VERSION: "3.7" | |
| POETRY_VERSION: "1.5.1" | |
| jobs: | |
| meta: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| matrix_supportedSplunk: ${{ steps.matrix.outputs.supportedSplunk }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - id: matrix | |
| uses: splunk/[email protected] | |
| fossa-scan: | |
| continue-on-error: true | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - run: | | |
| curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash | |
| fossa analyze --debug | |
| fossa report attribution --format text > /tmp/THIRDPARTY | |
| env: | |
| FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} | |
| - uses: actions/upload-artifact@v5 | |
| with: | |
| name: THIRDPARTY | |
| path: /tmp/THIRDPARTY | |
| - run: | | |
| fossa test --debug | |
| env: | |
| FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} | |
| compliance-copyrights: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: apache/[email protected] | |
| pre-commit: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-python@v6 | |
| with: | |
| python-version: "3.14" | |
| - uses: pre-commit/[email protected] | |
| semgrep: | |
| uses: splunk/sast-scanning/.github/workflows/sast-scan.yml@main | |
| secrets: | |
| SEMGREP_KEY: ${{ secrets.SEMGREP_PUBLISH_TOKEN }} | |
| run-unit-tests: | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - run: | | |
| curl -sSL https://install.python-poetry.org | python3 - --version ${{ env.POETRY_VERSION }} | |
| - id: cache-poetry | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.cache/pypoetry | |
| key: poetry-${{ runner.os }}-${{ hashFiles('poetry.lock') }} | |
| restore-keys: | | |
| poetry-${{ runner.os }}- | |
| - run: poetry install | |
| if: ${{ steps.cache-poetry.outputs.cache-hit != 'true' }} | |
| - run: poetry run pytest -v tests/unit | |
| build: | |
| name: build | |
| runs-on: ubuntu-24.04 | |
| needs: | |
| # marking fossa-scan as optional due to pre-existing failures | |
| # - fossa-scan | |
| - compliance-copyrights | |
| - pre-commit | |
| - run-unit-tests | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| persist-credentials: false | |
| - uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - run: curl -sSL https://install.python-poetry.org | python3 - --version ${{ env.POETRY_VERSION }} | |
| - id: cache-poetry | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.cache/pypoetry | |
| key: poetry-${{ runner.os }}-${{ hashFiles('poetry.lock') }} | |
| restore-keys: | | |
| poetry-${{ runner.os }}- | |
| - run: poetry install | |
| if: ${{ steps.cache-poetry.outputs.cache-hit != 'true' }} | |
| - run: poetry build | |
| - run: | | |
| poetry run ucc-gen build \ | |
| --source=tests/testdata/Splunk_TA_UCCExample/package \ | |
| --config=tests/testdata/Splunk_TA_UCCExample/globalConfig.json \ | |
| --ta-version=0.0.1 | |
| if: always() | |
| - uses: actions/upload-artifact@v5 | |
| with: | |
| name: output | |
| path: output/* | |
| run-ui-tests: | |
| name: test-ui Splunk ${{ matrix.splunk.version }} -k ${{ matrix.test_suite }} | |
| needs: | |
| - meta | |
| - build | |
| runs-on: ubuntu-24.04 | |
| if: | | |
| !contains(github.event.issue.labels.*.name, 'skip-ui-tests') | |
| permissions: | |
| id-token: write | |
| contents: read | |
| checks: write | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| splunk: ${{ fromJson(needs.meta.outputs.matrix_supportedSplunk) }} | |
| browser: ["chrome", "firefox"] | |
| test_suite: [ | |
| "test_splunk_ta_example_addon_logging", | |
| "test_splunk_ta_example_addon_account", | |
| "test_splunk_ta_example_addon_proxy", | |
| "test_splunk_ta_example_addon_input_common", | |
| "test_splunk_ta_example_addon_input_1", | |
| "test_splunk_ta_example_addon_input_2", | |
| "test_splunk_ta_example_addon_custom", | |
| "test_splunk_ta_example_addon_alert_actions" | |
| ] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - uses: actions/download-artifact@v6 | |
| with: | |
| name: output | |
| path: output/ | |
| - run: curl -sSL https://install.python-poetry.org | python3 - --version ${{ env.POETRY_VERSION }} | |
| - id: cache-poetry | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.cache/pypoetry | |
| key: poetry-${{ runner.os }}-${{ hashFiles('poetry.lock') }} | |
| restore-keys: | | |
| poetry-${{ runner.os }}- | |
| - run: poetry install | |
| if: ${{ steps.cache-poetry.outputs.cache-hit != 'true' }} | |
| - name: Link chromedriver and geckodriver | |
| # Use installed chromedriver https://github.com/actions/runner-images/blob/main/images/linux/Ubuntu2204-Readme.md | |
| run: | | |
| export PATH=$PATH:$CHROMEWEBDRIVER | |
| chromedriver --version | |
| export PATH=$PATH:$GECKOWEBDRIVER | |
| geckodriver --version | |
| - run: | | |
| ./run_splunk.sh ${{ matrix.splunk.version }} | |
| until curl -Lsk "https://localhost:8088/services/collector/health" &>/dev/null ; do echo -n "Waiting for HEC-" && sleep 5 ; done | |
| - run: poetry run pytest tests/ui -k "${{ matrix.test_suite }}" --headless --junitxml=test-results/junit.xml | |
| - uses: actions/upload-artifact@v5 | |
| if: always() | |
| with: | |
| name: test-results-${{ matrix.splunk.version }}_${{ matrix.python-version }}_${{ matrix.browser }}_${{ matrix.test_suite }} | |
| path: test-results/* | |
| - uses: dorny/test-reporter@v2 | |
| if: always() | |
| with: | |
| name: test-report-${{ matrix.splunk.version }}_${{ matrix.python-version }}_${{ matrix.browser }}_${{ matrix.test_suite }} | |
| path: "test-results/*.xml" | |
| reporter: java-junit | |
| publish: | |
| needs: | |
| - pre-commit | |
| - build | |
| - run-ui-tests | |
| - run-unit-tests | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| submodules: false | |
| persist-credentials: false | |
| - uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - run: curl -sSL https://install.python-poetry.org | python3 - --version ${{ env.POETRY_VERSION }} | |
| - id: semantic | |
| uses: splunk/[email protected] | |
| with: | |
| git_committer_name: ${{ secrets.SA_GH_USER_NAME }} | |
| git_committer_email: ${{ secrets.SA_GH_USER_EMAIL }} | |
| gpg_private_key: ${{ secrets.SA_GPG_PRIVATE_KEY }} | |
| passphrase: ${{ secrets.SA_GPG_PASSPHRASE }} | |
| extra_plugins: | | |
| semantic-release-replace-plugin | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GH_TOKEN_ADMIN }} | |
| - if: ${{ steps.semantic.outputs.new_release_published == 'true' }} | |
| run: | | |
| poetry build | |
| poetry publish -n -u ${{ secrets.PYPI_USERNAME }} -p ${{ secrets.PYPI_TOKEN }} |