Fixed name of browser to install #333
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Continuous Integration | |
on: push | |
env: | |
JAVA_VERSION: 17 | |
jobs: | |
build: | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Check out repository code | |
uses: actions/checkout@v3 | |
with: | |
path: plugin | |
- name: Setup Java JDK ${{ env.JAVA_VERSION }} | |
uses: actions/setup-java@v3 | |
with: | |
java-version: ${{ env.JAVA_VERSION }} | |
distribution: temurin | |
cache: maven | |
- name: Retrieve variables from pom | |
id: requestPom | |
working-directory: plugin | |
run: | | |
echo "GRAYLOG_VERSION=$(mvn help:evaluate -Dexpression=project.parent.version -q -DforceStdout)" >> $GITHUB_OUTPUT | |
NAME=$(mvn help:evaluate -Dexpression=project.name -q -DforceStdout) | |
VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout) | |
echo "JAR_PATH=target/$NAME-$VERSION.jar" >> $GITHUB_OUTPUT | |
echo "RPM_PATH=target/rpm/$NAME/RPMS/noarch/$NAME-$VERSION-1.noarch.rpm" >> $GITHUB_OUTPUT | |
echo "DEB_PATH=target/$NAME-$VERSION.deb" >> $GITHUB_OUTPUT | |
- name: Cache Graylog | |
uses: actions/cache@v3 | |
id: cache | |
with: | |
path: graylog2-server | |
key: ${{ steps.requestPom.outputs.GRAYLOG_VERSION }} | |
- name: Check out Graylog ${{ steps.requestPom.outputs.GRAYLOG_VERSION }} | |
if: steps.cache.outputs.cache-hit != 'true' | |
uses: actions/checkout@v3 | |
with: | |
repository: Graylog2/graylog2-server | |
ref: ${{ steps.requestPom.outputs.GRAYLOG_VERSION }} | |
path: graylog2-server | |
- name: Build Graylog | |
if: steps.cache.outputs.cache-hit != 'true' | |
working-directory: graylog2-server | |
run: | | |
mvn compile -DskipTests=true --batch-mode | |
- name: Cache node_modules | |
uses: actions/cache@v3 | |
with: | |
path: plugin/node_modules | |
key: ${{ hashFiles('plugin/yarn.lock') }} | |
- name: Build plugin | |
working-directory: plugin | |
run: | | |
mvn package --batch-mode | |
- name: Copy jar to backend tests runtime | |
working-directory: plugin | |
run: | | |
mkdir runtime/graylog/plugin | |
cp ${{ steps.requestPom.outputs.JAR_PATH }} runtime/graylog/plugin | |
- name: Execute backend tests | |
working-directory: plugin/validation | |
run: | | |
python -m venv venv | |
source venv/bin/activate | |
pip install -r requirements.txt | |
docker-compose --project-directory ../runtime pull | |
PYTHONUNBUFFERED=true python -m unittest --verbose | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: 18 | |
cache: 'npm' | |
cache-dependency-path: plugin/end_to_end/package-lock.json | |
- name: Install dependencies | |
working-directory: plugin/end_to_end | |
run: | | |
npm ci | |
npx playwright install chromium | |
- name: Run Playwright tests | |
working-directory: plugin/end_to_end | |
run: npx playwright test | |
- name: Package signed .rpm | |
working-directory: plugin | |
env: | |
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
run: | | |
mvn rpm:rpm | |
echo -n "$GPG_PRIVATE_KEY" | gpg2 --batch --allow-secret-key-import --import | |
rpm --define "_gpg_name Airbus CyberSecurity" --define "_gpg_sign_cmd_extra_args --pinentry-mode loopback --passphrase $PASSPHRASE" --addsign "${{ steps.requestPom.outputs.RPM_PATH }}" | |
- name: Package signed .deb | |
working-directory: plugin | |
env: | |
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
run: | | |
echo -n "$GPG_PRIVATE_KEY" | gpg2 --batch --allow-secret-key-import --import | |
gpg2 --export-secret-keys --batch --pinentry-mode loopback --passphrase "$PASSPHRASE" > $HOME/.gnupg/secring.gpg | |
mvn jdeb:jdeb --settings deployment/settings.xml | |
- name: Check license headers | |
working-directory: plugin | |
run: | | |
mvn license:check | |
- name: Archive .jar | |
uses: actions/upload-artifact@v3 | |
with: | |
name: jar | |
path: plugin/${{ steps.requestPom.outputs.JAR_PATH }} | |
if-no-files-found: error | |
- name: Archive .rpm | |
uses: actions/upload-artifact@v3 | |
with: | |
name: rpm | |
path: plugin/${{ steps.requestPom.outputs.RPM_PATH }} | |
if-no-files-found: error | |
- name: Archive .deb | |
uses: actions/upload-artifact@v3 | |
with: | |
name: deb | |
path: plugin/${{ steps.requestPom.outputs.DEB_PATH }} | |
if-no-files-found: error | |
- name: Release | |
if: startsWith(github.ref, 'refs/tags/') | |
uses: softprops/action-gh-release@v1 | |
with: | |
files: | | |
plugin/${{ steps.requestPom.outputs.JAR_PATH }} | |
plugin/${{ steps.requestPom.outputs.RPM_PATH }} | |
plugin/${{ steps.requestPom.outputs.DEB_PATH }} | |
fail_on_unmatched_files: true | |
- name: Deploy to Maven Central | |
if: startsWith(github.ref, 'refs/tags/') | |
working-directory: plugin | |
env: | |
SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }} | |
SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }} | |
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
run: | | |
echo -n "$GPG_PRIVATE_KEY" | gpg2 --batch --allow-secret-key-import --import | |
mvn clean deploy -DskipTests=true --settings deployment/settings.xml |