Skip to content

Threat intel feed support for detector creation #1668

Threat intel feed support for detector creation

Threat intel feed support for detector creation #1668

name: Cypress integration tests workflow
on:
pull_request:
branches:
- "*"
push:
branches:
- "*"
env:
OPENSEARCH_DASHBOARDS_VERSION: 'main'
OPENSEARCH_VERSION: '3.0.0-SNAPSHOT'
SECURITY_ANALYTICS_BRANCH: 'main'
GRADLE_VERSION: '7.6.1'
# If this variable is not empty, the package.json, opensearch_dashboards.json, and yarn.lock files will be replaced
# with those files from the 'opensearch-project/security-analytics-dashboards-plugin' branch or commit specified.
OVERRIDE_REFERENCE: 'main'
jobs:
tests:
name: Run Cypress E2E tests
strategy:
matrix:
os: [ubuntu-latest, windows-latest]
include:
- os: windows-latest
cypress_cache_folder: ~/AppData/Local/Cypress/Cache
- os: ubuntu-latest
cypress_cache_folder: ~/.cache/Cypress
runs-on: ${{ matrix.os }}
env:
# prevents extra Cypress installation progress messages
CI: 1
# avoid warnings like "tput: No value for $TERM and no -T specified"
TERM: xterm
steps:
- name: Set up JDK
uses: actions/setup-java@v1
with:
# TODO: Parse this from security analytics plugin (https://github.com/opensearch-project/security-analytics/issues/170)
java-version: 11
- name: Enable longer filenames
if: ${{ matrix.os == 'windows-latest' }}
run: git config --system core.longpaths true
- name: Checkout security analytics
uses: actions/checkout@v2
with:
path: security-analytics
repository: opensearch-project/security-analytics
ref: ${{ env.SECURITY_ANALYTICS_BRANCH }}
- name: Set up Gradle
uses: gradle/gradle-build-action@v2
with:
gradle-version: ${{ env.GRADLE_VERSION }}
- name: Run opensearch with plugin
run: |
cd security-analytics
./gradlew run -Dopensearch.version=${{ env.OPENSEARCH_VERSION }} &
sleep 300
shell: bash
- name: Checkout OpenSearch-Dashboards
uses: actions/checkout@v2
with:
repository: opensearch-project/OpenSearch-Dashboards
path: OpenSearch-Dashboards
ref: ${{ env.OPENSEARCH_DASHBOARDS_VERSION }}
- name: Checkout Security Analytics Dashboards plugin
uses: actions/checkout@v2
with:
path: OpenSearch-Dashboards/plugins/security-analytics-dashboards-plugin
# This job replaces the package.json, opensearch_dashboards.json, and yarn.lock files from the
# 'opensearch-project/security-analytics-dashboards-plugin' branch or commit specified in env variable.
# This is most useful on the 'main' branch as it will enable us to specify which version to use for the build when
# one of this package's dependencies is not building reliably without having to adjust the actual version of this package.
- name: Override Package Version
if: ${{ env.OVERRIDE_REFERENCE != '' }}
run: |
cd OpenSearch-Dashboards/plugins/security-analytics-dashboards-plugin
git fetch --all
git checkout origin/${{ env.OVERRIDE_REFERENCE }} opensearch_dashboards.json
git checkout origin/${{ env.OVERRIDE_REFERENCE }} package.json
git checkout origin/${{ env.OVERRIDE_REFERENCE }} yarn.lock
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version-file: './OpenSearch-Dashboards/.nvmrc'
registry-url: 'https://registry.npmjs.org'
- name: Install Yarn
# Need to use bash to avoid having a windows/linux specific step
shell: bash
run: |
YARN_VERSION=$(node -p "require('./OpenSearch-Dashboards/package.json').engines.yarn")
echo "Installing yarn@$YARN_VERSION"
npm i -g yarn@$YARN_VERSION
- run: node -v
- run: yarn -v
- name: Bootstrap plugin/OpenSearch-Dashboards
run: |
cd OpenSearch-Dashboards/plugins/security-analytics-dashboards-plugin
yarn osd bootstrap
- name: Run OpenSearch-Dashboards server
run: |
cd OpenSearch-Dashboards
yarn start --no-base-path --no-watch --server.host="0.0.0.0" &
shell: bash
# Window is slow so wait longer
- name: Sleep until OSD server starts - windows
if: ${{ matrix.os == 'windows-latest' }}
run: Start-Sleep -s 450
shell: powershell
- name: Sleep until OSD server starts - non-windows
if: ${{ matrix.os != 'windows-latest' }}
run: sleep 450
shell: bash
- name: Install Cypress
run: |
cd OpenSearch-Dashboards/plugins/security-analytics-dashboards-plugin
# This will install Cypress in case the binary is missing which can happen on Windows and Mac
# If the binary exists, this will exit quickly so it should not be an expensive operation
npx cypress install
shell: bash
- name: Get Cypress version
id: cypress_version
run: |
cd OpenSearch-Dashboards/plugins/security-analytics-dashboards-plugin
echo "::set-output name=cypress_version::$(cat ./package.json | jq '.dependencies.cypress' | tr -d '"')"
- name: Cache Cypress
id: cache-cypress
uses: actions/cache@v2
with:
path: ${{ matrix.cypress_cache_folder }}
key: cypress-cache-v2-${{ runner.os }}-${{ hashFiles('**/package.json') }}
restore-keys: |
cypress-cache-v2-${{ runner.os }}-${{ hashFiles('**/package.json') }}
# for now just chrome, use matrix to do all browsers later
- name: Cypress tests
uses: cypress-io/github-action@v5
with:
working-directory: OpenSearch-Dashboards/plugins/security-analytics-dashboards-plugin
command: yarn run cypress run
wait-on: 'http://localhost:5601'
wait-on-timeout: 300
browser: chrome
env:
CYPRESS_CACHE_FOLDER: ${{ matrix.cypress_cache_folder }}
# Screenshots are only captured on failure, will change this once we do visual regression tests
- uses: actions/upload-artifact@v1
if: failure()
with:
name: cypress-screenshots-${{ matrix.os }}
path: OpenSearch-Dashboards/plugins/security-analytics-dashboards-plugin/cypress/screenshots
# Test run video was always captured, so this action uses "always()" condition
- uses: actions/upload-artifact@v1
if: always()
with:
name: cypress-videos-${{ matrix.os }}
path: OpenSearch-Dashboards/plugins/security-analytics-dashboards-plugin/cypress/videos