Skip to content

FIX test

FIX test #408

Workflow file for this run

name: Continuous Integration
on: push
env:
JAVA_VERSION: 17
jobs:
build:
runs-on: ubuntu-22.04
steps:
- name: Check out repository code
uses: actions/checkout@v3
with:
path: plugin
- name: Setup Java JDK ${{ env.JAVA_VERSION }}
uses: actions/setup-java@v3
with:
java-version: ${{ env.JAVA_VERSION }}
distribution: temurin
cache: maven
- name: Retrieve variables from pom
id: requestPom
working-directory: plugin
run: |
echo "GRAYLOG_VERSION=$(mvn help:evaluate -Dexpression=project.parent.version -q -DforceStdout)" >> $GITHUB_OUTPUT
NAME=$(mvn help:evaluate -Dexpression=project.name -q -DforceStdout)
VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)
echo "VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> $GITHUB_OUTPUT
echo "JAR_PATH=target/$NAME-$VERSION.jar" >> $GITHUB_OUTPUT
echo "RPM_PATH=target/rpm/$NAME/RPMS/noarch/$NAME-$VERSION-1.noarch.rpm" >> $GITHUB_OUTPUT
echo "DEB_PATH=target/$NAME-$VERSION.deb" >> $GITHUB_OUTPUT
- name: Cache Graylog
uses: actions/cache@v3
id: cache
with:
path: graylog2-server
key: ${{ steps.requestPom.outputs.GRAYLOG_VERSION }}
- name: Check out Graylog ${{ steps.requestPom.outputs.GRAYLOG_VERSION }}
if: steps.cache.outputs.cache-hit != 'true'
uses: actions/checkout@v3
with:
repository: Graylog2/graylog2-server
ref: ${{ steps.requestPom.outputs.GRAYLOG_VERSION }}
path: graylog2-server
- name: Build Graylog
if: steps.cache.outputs.cache-hit != 'true'
working-directory: graylog2-server
run: |
./mvnw compile -DskipTests=true --batch-mode
- name: Cache node_modules
uses: actions/cache@v3
with:
path: plugin/node_modules
key: ${{ hashFiles('plugin/yarn.lock') }}
- name: Build plugin
working-directory: plugin
run: |
./mvnw package --batch-mode
- name: Prepare backend tests runtime
working-directory: plugin
run: |
mkdir runtime/graylog/plugin
cp ${{ steps.requestPom.outputs.JAR_PATH }} runtime/graylog/plugin
echo GRAYLOG_VERSION=${{ steps.requestPom.outputs.GRAYLOG_VERSION }} > runtime/.env
- name: Cache backend tests python dependencies
uses: actions/cache@v3
with:
path: plugin/validation/server/venv
key: ${{ hashFiles('plugin/validation/server/requirements.txt') }}
- name: Execute backend tests
working-directory: plugin/validation/server
run: |
python -m venv venv
source venv/bin/activate
pip install -r requirements.txt
docker compose --project-directory ../../runtime pull
PYTHONUNBUFFERED=true PYTHONPATH=.. python -m unittest --verbose
# TODO improve this, see https://playwright.dev/python/docs/ci-intro (in particular, use setup-python?)
- name: Cache Playwright tests python dependencies
uses: actions/cache@v3
with:
path: plugin/validation/server/venv
key: ${{ hashFiles('plugin/validation/end_to_end/requirements.txt') }}
- name: Run Playwright tests
working-directory: plugin/validation/end_to_end
run: |
python -m venv venv
source venv/bin/activate
pip install -r requirements.txt
playwright install chromium
docker compose --project-directory ../../runtime pull
PYTHONPATH=.. pytest --tracing=retain-on-failure
- uses: actions/upload-artifact@v3
if: always()
with:
name: playwright-report
path: plugin/validation/end_to_end/test-results/
- name: Package signed .rpm
if: endsWith(steps.requestPom.outputs.VERSION,'SNAPSHOT') == false
working-directory: plugin
env:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
run: |
./mvnw rpm:rpm
echo -n "$GPG_PRIVATE_KEY" | gpg2 --batch --allow-secret-key-import --import
rpm --define "_gpg_name Airbus CyberSecurity" --define "_gpg_sign_cmd_extra_args --pinentry-mode loopback --passphrase $PASSPHRASE" --addsign "${{ steps.requestPom.outputs.RPM_PATH }}"
- name: Package signed .deb
if: endsWith(steps.requestPom.outputs.VERSION,'SNAPSHOT') == false
working-directory: plugin
env:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
run: |
echo -n "$GPG_PRIVATE_KEY" | gpg2 --batch --allow-secret-key-import --import
gpg2 --export-secret-keys --batch --pinentry-mode loopback --passphrase "$PASSPHRASE" > $HOME/.gnupg/secring.gpg
./mvnw jdeb:jdeb --settings deployment/settings.xml
- name: Check license headers
working-directory: plugin
run: |
./mvnw license:check
- name: Archive .jar
uses: actions/upload-artifact@v3
with:
name: jar
path: plugin/${{ steps.requestPom.outputs.JAR_PATH }}
if-no-files-found: error
- name: Archive .rpm
if: endsWith(steps.requestPom.outputs.VERSION,'SNAPSHOT') == false
uses: actions/upload-artifact@v3
with:
name: rpm
path: plugin/${{ steps.requestPom.outputs.RPM_PATH }}
if-no-files-found: error
- name: Archive .deb
if: endsWith(steps.requestPom.outputs.VERSION,'SNAPSHOT') == false
uses: actions/upload-artifact@v3
with:
name: deb
path: plugin/${{ steps.requestPom.outputs.DEB_PATH }}
if-no-files-found: error
- name: Release
if: startsWith(github.ref, 'refs/tags/')
uses: softprops/action-gh-release@v1
with:
files: |
plugin/${{ steps.requestPom.outputs.JAR_PATH }}
plugin/${{ steps.requestPom.outputs.RPM_PATH }}
plugin/${{ steps.requestPom.outputs.DEB_PATH }}
fail_on_unmatched_files: true
- name: Deploy to Maven Central
if: startsWith(github.ref, 'refs/tags/') || endsWith(steps.requestPom.outputs.VERSION,'SNAPSHOT')
working-directory: plugin
env:
SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }}
SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
run: |
echo -n "$GPG_PRIVATE_KEY" | gpg2 --batch --allow-secret-key-import --import
./mvnw clean deploy -DskipTests=true --settings deployment/settings.xml