Skip to content

[deps]: Update lint-staged to v17 (#203) #1125

[deps]: Update lint-staged to v17 (#203)

[deps]: Update lint-staged to v17 (#203) #1125

Workflow file for this run

name: Build
on:
push:
workflow_dispatch:
schedule:
# Splunk App Inspect checks - https://dev.splunk.com/enterprise/docs/whatsnew/#AppInspect-updates
- cron: "0 0 1 * *"
permissions: {}
jobs:
cloc:
name: CLOC
runs-on: ubuntu-22.04-arm
permissions:
contents: read
steps:
- name: Checkout repo
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false
- name: Install cloc
run: |
sudo apt-get update
sudo apt-get -y install cloc
- name: Print lines of code
run: cloc --include-lang CSS,JavaScript,XML,Python --vcs git
build-ui:
name: Build UI
runs-on: ubuntu-22.04-arm
defaults:
run:
working-directory: ./ui
steps:
- name: Checkout repo
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false
- name: Get Node version
id: retrieve-node-version
run: |
NODE_NVMRC=$(cat .nvmrc)
NODE_VERSION=${NODE_NVMRC/v/''}
echo "node_version=$NODE_VERSION" >> "$GITHUB_OUTPUT"
- name: Set up Node
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
with:
cache: "npm"
cache-dependency-path: "**/package-lock.json"
node-version: ${{ steps.retrieve-node-version.outputs.node_version }}
- name: Install dependencies
run: npm ci
- name: Build
run: npm run build
- name: Upload artifact
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with:
name: bitwarden_event_logs_ui
path: ui/dist/setup/*
if-no-files-found: error
build-artifacts:
name: Build artifacts
# Splunk AppInspect requires aarch64/arm64 binaries, the easiest way to comply with this is to build on an arm64 runner.
# This is most important here, but we use it in all jobs in this workflow for consistency.
runs-on: ubuntu-22.04-arm
needs: build-ui
permissions:
contents: read
steps:
- name: Checkout repo
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false
- name: Install poetry
run: pipx install poetry
- name: Set up Python 3.13
uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # 6.1.0
with:
python-version: "3.13"
- name: Print environment
run: |
poetry env info
echo "GitHub ref: $GITHUB_REF"
echo "GitHub event: $GITHUB_EVENT"
- name: Pull dependencies
run: |
poetry env use 3.13
poetry install --no-cache --no-root
poetry self add poetry-plugin-export
mkdir package/lib
poetry export -f requirements.txt --output package/lib/requirements.txt
poetry install --no-cache --no-root --with dev,test,splunkslim
- name: Tests
run: poetry run pytest
- name: Prepare UI
run: mkdir -p package/appserver/static/setup
- name: Download UI
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
name: bitwarden_event_logs_ui
path: package/appserver/static/setup
- name: Build Splunk App
run: |
mkdir package/bin
cp -R src/* package/bin/
APP_VERSION=$(poetry version | awk -F ' ' '{print $2}')
poetry run ucc-gen build --ta-version "${APP_VERSION}"
# cleanup python files
rm -rf output/bitwarden_event_logs/{bin,lib}/__pycache__
rm -rf output/bitwarden_event_logs/bin/{bitwarden_event_logs_rh_settings.py,import_declare_test.py}
# remove ucc-gen not used files
rm -rf output/bitwarden_event_logs/appserver/static/{css,js,openapi.json}
rm -rf output/bitwarden_event_logs/appserver/templates/base.html
rm -rf output/bitwarden_event_logs/default/{restmap.conf,web.conf,bitwarden_event_logs_settings.conf}
rm -rf output/bitwarden_event_logs/README/bitwarden_event_logs_settings.conf.spec
poetry run ucc-gen package --path output/bitwarden_event_logs -o output/
mv output/bitwarden_event_logs*.tar.gz output/bitwarden_event_logs.tar.gz
- name: Validate artifact
run: |
poetry run slim validate output/bitwarden_event_logs.tar.gz 2>&1 | tee output.txt
if grep -q "\[ERROR\]" "output.txt"; then
echo "ERROR(s) found."
exit 1
fi
rm -f output.txt
poetry run splunk-appinspect inspect --mode precert output/bitwarden_event_logs.tar.gz 2>&1 | tee output.txt
if ! grep -q -E "error:[ \t]+0" "output.txt"; then
echo "ERRORS(s) found."
exit 1
fi
if ! grep -q -E "failure:[ \t]+0" "output.txt"; then
echo "ERRORS(s) found."
exit 1
fi
- name: Upload artifact
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with:
name: bitwarden_event_logs.tar.gz
path: output/bitwarden_event_logs.tar.gz
if-no-files-found: error