Skip to content

Commit 67b4168

Browse files
fix: hec token validation issue in scripted inputs (#393)
### Description This PR bumps the k8s-manifests-branch version from v3.3.2 to v3.4.1 related PR: splunk/ta-automation-k8s-manifests#120 ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done - https://github.com/splunk/splunk-add-on-for-unix-and-linux/actions/runs/14701563721 --------- Co-authored-by: Dmytro Kvashnin <[email protected]>
1 parent e30a821 commit 67b4168

File tree

2 files changed

+167
-41
lines changed

2 files changed

+167
-41
lines changed

.github/workflows/reusable-build-test-release.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@ on:
3939
required: false
4040
description: "branch for k8s manifests to run the tests on"
4141
type: string
42-
default: "v3.3.2"
42+
default: "v3.4.1"
4343
scripted-inputs-os-list:
4444
required: false
4545
description: "list of OS used for scripted input tests"

README.md

Lines changed: 166 additions & 40 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,37 @@
1+
<!-- TOC -->
2+
* [Reusable workflow](#reusable-workflow)
3+
* [TA Developer Git workflow best practices](#ta-developer-git-workflow-best-practices)
4+
* [Git Branches](#git-branches)
5+
* [Default flow. Independent work](#default-flow-independent-work)
6+
* [Default flow. Dependent on develop](#default-flow-dependent-on-develop)
7+
* [Backporting to old releases](#backporting-to-old-releases)
8+
* [[Internal] Development flow](#internal-development-flow)
9+
* [Spec reusable-build-test-release](#spec-reusable-build-test-release)
10+
* [Workflow Inputs](#workflow-inputs)
11+
* [General troubleshooting](#general-troubleshooting)
12+
* [[Job] setup-workflow](#job-setup-workflow)
13+
* [[Job] meta](#job-meta)
14+
* [[Job] fossa-scan](#job-fossa-scan)
15+
* [[Job] fossa-test](#job-fossa-test)
16+
* [[Job] compliance-copyrights](#job-compliance-copyrights)
17+
* [[Job] lint](#job-lint)
18+
* [[Job] security-detect-secrets](#job-security-detect-secrets)
19+
* [[Job] security-sast-semgrep](#job-security-sast-semgrep)
20+
* [[Job] test-inventory](#job-test-inventory)
21+
* [[Job] build](#job-build)
22+
* [[Job] AppInspect](#job-appinspect)
23+
* [[Job] AppInspect API](#job-appinspect-api)
24+
* [[Job] setup](#job-setup)
25+
* [[Job] test-unit-python3](#job-test-unit-python3)
26+
* [[Job] run-btool-check](#job-run-btool-check)
27+
* [[Job] run-knowledge-tests](#job-run-knowledge-tests)
28+
* [[Job] run-ui-tests](#job-run-ui-tests-)
29+
* [[Job] run-modinput-tests](#job-run-modinput-tests-)
30+
* [[Job] run-ucc-modinput-tests](#job-run-ucc-modinput-tests-)
31+
* [[Job] pre-publish](#job-pre-publish)
32+
* [[Job] publish](#job-publish)
33+
* [Vendor Addon Matrix tests](#vendor-addon-matrix-tests)
34+
<!-- TOC -->
135
# Reusable workflow
236

337
This repository stores reusable `build-test-release` workflow, which is used to build, test and release Splunk add-ons.
@@ -6,7 +40,113 @@ Workflow is used by add-ons created and managed by [addonfactory repository temp
640

741
Workflow defines jobs which perform security code scanning, execute different types of tests, build add-on package and make a GitHub release.
842

9-
## Development flow
43+
## TA Developer Git workflow best practices
44+
45+
* Always prefer Fast Forward to Merge commit. Preference towards linear history.
46+
* Never squash merge multiple independent features. i.e. never squash merge develop -> main.
47+
48+
### Git Branches
49+
* `main` - Latest released TA commit. Events:
50+
* `merge` triggers TA build release (GitHub tag and release artifacts)
51+
* `develop` - Next version `Work in Progress`. Can be created / removed at will, tracks `main`
52+
* `merge` triggers TA `Beta` build release (GitHub tag and release artifacts)
53+
* `release/{VERSION}` - Custom release scenario. **Example:** 2 releases in process, i.e. backport and next patch/minor/major.
54+
55+
56+
### Default flow. Independent work
57+
```mermaid
58+
gitGraph
59+
checkout main
60+
commit id: "A" tag: "v1.0.0"
61+
commit id: "B" tag: "v1.1.0"
62+
63+
branch develop
64+
checkout develop
65+
commit id: "chore: pipeline-update"
66+
commit id: "feat: feat-C" tag: "v1.2.0-Beta-1"
67+
68+
checkout main
69+
branch feat/my-feat-D
70+
checkout feat/my-feat-D
71+
commit id: "feat: feat-D"
72+
73+
checkout develop
74+
merge feat/my-feat-D tag: "v1.2.0-Beta-2"
75+
76+
checkout main
77+
commit id: "docs: docs-update"
78+
79+
checkout develop
80+
merge main
81+
82+
checkout main
83+
merge develop tag: "v1.2.0"
84+
85+
```
86+
87+
### Default flow. Dependent on develop
88+
When the feature is justifiably dependent on `develop`, for example: adding UI tests to an existing feature.
89+
```mermaid
90+
gitGraph
91+
checkout main
92+
commit id: "A" tag: "v1.0.0"
93+
commit id: "B" tag: "v1.1.0"
94+
95+
branch develop
96+
checkout develop
97+
commit id: "chore: pipeline-update"
98+
commit id: "feat: feat-C" tag: "v1.2.0-Beta-1"
99+
100+
branch test/my-feat-C-ui-tests
101+
checkout test/my-feat-C-ui-tests
102+
commit id: "test: my-feat-C-ui-tests"
103+
104+
checkout develop
105+
merge test/my-feat-C-ui-tests
106+
107+
checkout main
108+
commit id: "docs: docs-update"
109+
commit id: "fix: important fix" tag: "v1.1.1"
110+
111+
checkout develop
112+
merge main
113+
114+
checkout main
115+
merge develop tag: "v1.2.0"
116+
```
117+
118+
### Backporting to old releases
119+
Bugfix needing a backport patch release `1.1.1` and releasing next `2.1.0`. For example there is a business reason to provide support for `1.1.0`
120+
```mermaid
121+
122+
gitGraph
123+
checkout main
124+
commit id: "A" tag: "v1.1.0"
125+
branch release/v1.1.1 order: 4
126+
checkout main
127+
commit id: "B" tag: "v2.0.0"
128+
branch develop
129+
130+
checkout develop
131+
132+
133+
checkout main
134+
branch fix/important-fix
135+
checkout fix/important-fix
136+
commit id: "fix: important fix"
137+
138+
checkout develop
139+
merge fix/important-fix tag: "v2.1.0-Beta-1"
140+
141+
checkout main
142+
merge develop tag: "v2.1.0"
143+
144+
checkout release/v1.1.1
145+
cherry-pick id: "fix: important fix" tag: "v1.1.1"
146+
```
147+
148+
149+
## [Internal] Development flow
10150

11151
* All the changes should first go to the `develop` branch (using "squash commit"), `main` branch should contain stable code
12152
* Official releases are made from `main` branch (when it's time to rollout new template changes):
@@ -26,9 +166,8 @@ Workflow defines jobs which perform security code scanning, execute different ty
26166
* backport the change back to the `develop` branch
27167
* new version of the workflow is going to be released (v4.17.0 (before) -> v4.17.1 (after)) and it will automatically applied to all the repositories
28168

29-
# Workflow jobs
30-
31-
## Inputs
169+
# Spec reusable-build-test-release
170+
## Workflow Inputs
32171
* marker - list of markers used to paralelize modinput tests
33172
* ucc-modinput-marker - list of markers used to paralelize ucc modinput tests
34173
* ui_marker - list of markers used to paralelize ui tests
@@ -44,7 +183,7 @@ Workflow defines jobs which perform security code scanning, execute different ty
44183
* Check if there is any similar issue reported to GitHub repo for the action by other users.
45184
* If you are not sure what to do, please use `go/addon/help`.
46185

47-
## setup-workflow
186+
## [Job] setup-workflow
48187

49188
Job that is scanning PR and based on PR body or included labels defining tests to be executed.
50189

@@ -61,15 +200,13 @@ Job that is scanning PR and based on PR body or included labels defining tests t
61200
* add to PR one or multiple labels, available choices can be found [here](https://github.com/splunk/addonfactory-workflow-addon-release/blob/4f3fa4d779b6ec7649f0dc6b973eb4d68e5fcc48/.github/workflows/reusable-build-test-release.yml#L153)
62201
* there is no need to add labels when PR's target branch is `main`
63202

64-
meta stage
65-
=======================
203+
## [Job] meta
66204

67205
**Description:**
68206

69207
- Determines which Splunk and SC4S versions to run tests with.
70208

71-
fossa-scan
72-
=======================
209+
## [Job] fossa-scan
73210

74211
**Description:**
75212

@@ -92,8 +229,7 @@ fossa-scan
92229
THIRDPARTY
93230
```
94231

95-
fossa-test
96-
=======================
232+
## [Job] fossa-test
97233

98234
**Description:**
99235

@@ -112,8 +248,7 @@ fossa-test
112248
- No additional Artifacts.
113249

114250

115-
compliance-copyrights
116-
=====================
251+
## [Job] compliance-copyrights
117252

118253
**Description**
119254

@@ -149,8 +284,7 @@ i.e <img src="images/compliance-copyrights/license.png" alt="license" style="wid
149284
- No additional Artifacts.
150285

151286

152-
lint
153-
=======================
287+
## [Job] lint
154288

155289
**Description:**
156290

@@ -175,8 +309,7 @@ lint
175309
- No additional artifacts, failure details are available in the logs.
176310

177311

178-
security-detect-secrets
179-
=======================
312+
## [Job] security-detect-secrets
180313

181314
**Description:**
182315

@@ -207,8 +340,7 @@ security-detect-secrets
207340
- No additional artifacts, the commit info and secrets details are available in the logs.
208341

209342

210-
security-sast-semgrep
211-
=======================
343+
## [Job] security-sast-semgrep
212344

213345
**Description:**
214346

@@ -248,8 +380,7 @@ security-sast-semgrep
248380

249381
- Findings can be observed in the console logs of the stage and also at Semgrep link for which is provided in the end.
250382

251-
test-inventory
252-
=======================
383+
## [Job] test-inventory
253384

254385
**Description**
255386

@@ -265,8 +396,7 @@ modinput_functional::true
265396
ucc_modinput_functional::true
266397
```
267398

268-
build
269-
=======================
399+
## [Job] build
270400

271401
**Description**
272402

@@ -300,8 +430,7 @@ installation-update.json
300430
- package-splunkbase includes Splunkbase equivalent package code
301431

302432

303-
AppInspect
304-
=======================
433+
## [Job] AppInspect
305434

306435
**Description**
307436

@@ -357,8 +486,7 @@ appinspect_splunk_appinspect_checks.json
357486
```
358487

359488

360-
AppInspect API
361-
=======================
489+
## [Job] AppInspect API
362490

363491
**Description**
364492

@@ -403,15 +531,15 @@ appinspect-api-html-report-self-service
403531
```
404532

405533

406-
# setup
534+
## [Job] setup
407535

408536
**Description:**
409537

410538
- This stage does sets the required env variables before the test execution stage
411539

412540
**Action used:** NA
413541

414-
# test-unit-python3
542+
## [Job] test-unit-python3
415543

416544
**Description:**
417545

@@ -431,7 +559,7 @@ appinspect-api-html-report-self-service
431559

432560
- Junit Test result xml file
433561

434-
# run-btool-check
562+
## [Job] run-btool-check
435563

436564
**Description:**
437565

@@ -456,7 +584,7 @@ appinspect-api-html-report-self-service
456584
btool-output.txt
457585
```
458586

459-
# run-knowledge-tests
587+
## [Job] run-knowledge-tests
460588

461589
**Description:**
462590

@@ -493,7 +621,7 @@ pytest_splunk_addon.log
493621
cim-compliance-report
494622
```
495623

496-
# run-ui-tests
624+
## [Job] run-ui-tests
497625

498626
**Description**
499627

@@ -535,7 +663,7 @@ Screenshots for failed tests under assets folder
535663
Junit XML file
536664
```
537665

538-
# run-modinput-tests
666+
## [Job] run-modinput-tests
539667

540668
**Description**
541669

@@ -576,7 +704,7 @@ helmut.log
576704
Junit XML file
577705
```
578706

579-
# run-ucc-modinput-tests
707+
## [Job] run-ucc-modinput-tests
580708

581709
**Description**
582710

@@ -615,8 +743,7 @@ splunk-add-on-ucc-modinput-test-functional.log
615743
Junit XML file
616744
```
617745

618-
pre-publish
619-
===========
746+
## [Job] pre-publish
620747

621748
**Description:**
622749

@@ -643,8 +770,8 @@ pre-publish
643770
- No additional artifacts
644771

645772

646-
publish
647-
=======
773+
## [Job] publish
774+
648775
**Description**
649776
- This stage only executes for main and develop branch.
650777

@@ -677,8 +804,7 @@ source_code.zip
677804
source_code.tar.gz
678805
```
679806

680-
Vendor Addon Matrix tests
681-
=========================
807+
## Vendor Addon Matrix tests
682808

683809
- For addons like Tomcat, JMX, Nginx where multiple versions are supported for the Vendor platform currently only a single version of Vendor platform was configured while testing which is now parameterised to support test execution against different version of vendor platforms in Github Actions.
684810

0 commit comments

Comments
 (0)