Added health check to graylog test docker #1129
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Continuous Integration | |
| on: push | |
| env: | |
| JAVA_VERSION: 17 | |
| jobs: | |
| build: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Check out repository code | |
| uses: actions/checkout@v4 | |
| with: | |
| path: plugin | |
| - name: Setup Java JDK ${{ env.JAVA_VERSION }} | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: ${{ env.JAVA_VERSION }} | |
| distribution: temurin | |
| cache: maven | |
| - name: Retrieve variables from pom | |
| id: requestPom | |
| working-directory: plugin | |
| run: | | |
| echo "GRAYLOG_VERSION=$(mvn help:evaluate -Dexpression=project.parent.version -q -DforceStdout)" >> $GITHUB_OUTPUT | |
| NAME=$(mvn help:evaluate -Dexpression=project.name -q -DforceStdout) | |
| VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout) | |
| echo "VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> $GITHUB_OUTPUT | |
| echo "JAR_PATH=target/$NAME-$VERSION.jar" >> $GITHUB_OUTPUT | |
| echo "RPM_PATH=target/rpm/$NAME/RPMS/noarch/$NAME-$VERSION-1.noarch.rpm" >> $GITHUB_OUTPUT | |
| echo "DEB_PATH=target/$NAME-$VERSION.deb" >> $GITHUB_OUTPUT | |
| - name: Cache Graylog | |
| uses: actions/cache@v4 | |
| id: cache | |
| with: | |
| path: graylog2-server | |
| key: ${{ steps.requestPom.outputs.GRAYLOG_VERSION }} | |
| - name: Check out Graylog ${{ steps.requestPom.outputs.GRAYLOG_VERSION }} | |
| if: steps.cache.outputs.cache-hit != 'true' | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: Graylog2/graylog2-server | |
| ref: ${{ steps.requestPom.outputs.GRAYLOG_VERSION }} | |
| path: graylog2-server | |
| - name: Build Graylog | |
| if: steps.cache.outputs.cache-hit != 'true' | |
| working-directory: graylog2-server | |
| run: | | |
| ./mvnw compile -DskipTests=true --batch-mode | |
| - name: Cache node_modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: plugin/node_modules | |
| key: ${{ hashFiles('plugin/yarn.lock') }} | |
| - name: Build plugin | |
| working-directory: plugin | |
| run: | | |
| ./mvnw package --batch-mode | |
| - name: Copy jar to backend tests runtime | |
| working-directory: plugin | |
| run: | | |
| mkdir runtime/graylog/plugin | |
| cp ${{ steps.requestPom.outputs.JAR_PATH }} runtime/graylog/plugin | |
| - name: Preparing backend tests | |
| working-directory: plugin/validation | |
| run: | | |
| python -m venv venv | |
| source venv/bin/activate | |
| pip install -r requirements.txt | |
| docker compose --project-directory ../runtime pull | |
| - name: Execute brittle tests | |
| working-directory: plugin/validation | |
| run: | | |
| PYTHONUNBUFFERED=true python -m unittest test_brittle --verbose | |
| - name: Execute backend tests | |
| working-directory: plugin/validation | |
| run: | | |
| PYTHONUNBUFFERED=true python -m unittest --verbose | |
| - name: Package signed .rpm | |
| if: endsWith(steps.requestPom.outputs.VERSION,'SNAPSHOT') == false | |
| working-directory: plugin | |
| env: | |
| GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
| PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
| run: | | |
| ./mvnw rpm:rpm | |
| echo -n "$GPG_PRIVATE_KEY" | gpg2 --batch --allow-secret-key-import --import | |
| rpm --define "_gpg_name Airbus CyberSecurity" --define "_gpg_sign_cmd_extra_args --pinentry-mode loopback --passphrase $PASSPHRASE" --addsign "${{ steps.requestPom.outputs.RPM_PATH }}" | |
| - name: Package signed .deb | |
| if: endsWith(steps.requestPom.outputs.VERSION,'SNAPSHOT') == false | |
| working-directory: plugin | |
| env: | |
| GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
| PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
| run: | | |
| echo -n "$GPG_PRIVATE_KEY" | gpg2 --batch --allow-secret-key-import --import | |
| gpg2 --export-secret-keys --batch --pinentry-mode loopback --passphrase "$PASSPHRASE" > $HOME/.gnupg/secring.gpg | |
| ./mvnw org.vafer:jdeb:jdeb --settings deployment/settings.xml | |
| - name: Check license headers | |
| working-directory: plugin | |
| run: | | |
| mvn license:check | |
| - name: Archive .jar | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: jar | |
| path: plugin/${{ steps.requestPom.outputs.JAR_PATH }} | |
| if-no-files-found: error | |
| - name: Archive .rpm | |
| if: endsWith(steps.requestPom.outputs.VERSION,'SNAPSHOT') == false | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: rpm | |
| path: plugin/${{ steps.requestPom.outputs.RPM_PATH }} | |
| if-no-files-found: error | |
| - name: Archive .deb | |
| if: endsWith(steps.requestPom.outputs.VERSION,'SNAPSHOT') == false | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: deb | |
| path: plugin/${{ steps.requestPom.outputs.DEB_PATH }} | |
| if-no-files-found: error | |
| - name: Release | |
| if: startsWith(github.ref, 'refs/tags/') | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| files: | | |
| plugin/${{ steps.requestPom.outputs.JAR_PATH }} | |
| plugin/${{ steps.requestPom.outputs.RPM_PATH }} | |
| plugin/${{ steps.requestPom.outputs.DEB_PATH }} | |
| fail_on_unmatched_files: true | |
| - name: Deploy to Maven Central | |
| if: startsWith(github.ref, 'refs/tags/') | |
| working-directory: plugin | |
| env: | |
| SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }} | |
| SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }} | |
| GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
| PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
| run: | | |
| echo -n "$GPG_PRIVATE_KEY" | gpg2 --batch --allow-secret-key-import --import | |
| ./mvnw clean deploy -DskipTests=true --settings deployment/settings.xml |