From 92a7bdf9ad14417f4d73dc02fe43acf477b32137 Mon Sep 17 00:00:00 2001 From: mgrandys-splunk <153620320+mgrandys-splunk@users.noreply.github.com> Date: Thu, 6 Mar 2025 11:37:50 +0100 Subject: [PATCH 01/20] chore: run appinspect api on release branches (#376) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ### Description Run `appinspect api` job for `release/` branches in `build-test-release` pipeline Ticket: https://splunk.atlassian.net/browse/ADDON-77779 Tested in the following cases where appinspect api job is: - Running for PR with “release/“ base: https://github.com/splunk/splunk-add-on-for-microsoft-cloud-services/actions/runs/13626390125 - Running for manual trigger on “release/“ branch: https://github.com/splunk/splunk-add-on-for-microsoft-cloud-services/actions/runs/13626413937 - Not running for chore/ branch: https://github.com/splunk/splunk-add-on-for-microsoft-cloud-services/actions/runs/13626445165 ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done (for each selected checkbox, the corresponding test results link should be listed here) --- .github/workflows/reusable-build-test-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index 32848b8d..8e3bc4f3 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -881,7 +881,7 @@ jobs: if: | !cancelled() && needs.build.result == 'success' && - ( github.base_ref == 'main' || github.ref_name == 'main' ) + ( github.base_ref == 'main' || github.ref_name == 'main' || startsWith(github.base_ref, 'release/') || startsWith(github.ref_name, 'release/') ) runs-on: ubuntu-latest strategy: fail-fast: false From 8adf4a07b6760733d9a3dbfc15bc20e06f20c3bb Mon Sep 17 00:00:00 2001 From: Siddharth Khatsuriya <62132600+siddharth-khatsuriya@users.noreply.github.com> Date: Mon, 24 Mar 2025 17:37:03 +0530 Subject: [PATCH 02/20] feat: skip tests on docs only change (#389) ### Description [ [ADDON-78394](https://splunk.atlassian.net/browse/ADDON-78394) ] Added conditions skip tests, build, app-inspect and publish if the changes in PR are only related to documentation. Tests: https://docs.google.com/document/d/1IFxbIwzDM0lBkO3ciNxFrPlOPPE9YQhcaVStQg7lYEM/edit?usp=sharing ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done (for each selected checkbox, the corresponding test results link should be listed here) --- .../workflows/reusable-build-test-release.yml | 49 ++++++++++++++++--- 1 file changed, 43 insertions(+), 6 deletions(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index 8e3bc4f3..f9cf1bb7 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -122,8 +122,37 @@ jobs: exit 1 fi + check-docs-changes: + runs-on: ubuntu-latest + outputs: + docs-only: ${{ steps.check.outputs.docs-only }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Fetch all refs + run: git fetch --prune --unshallow + + - name: Check if the changes are only in docs/*, mkdocs.yml, or .github/workflows/docs.yml + id: check + run: | + set -o xtrace + # List all files modified in the commit or PR + changed_files=$(git diff --name-only --diff-filter=ACMRT ${{ github.event.pull_request.base.sha }} ${{ github.sha }}) + # changed_files=$(git diff --name-only ${{ github.event.before }} ${{ github.sha }}) + + # Check if any of the changed files are not in docs/*, mkdocs.yml, or .github/workflows/docs.yml + if echo "$changed_files" | grep -vqE '^(docs/|mkdocs.yml|.github/workflows/docs.yml)'; then + echo "docs-only=false" >> "$GITHUB_OUTPUT" + else + echo "Only documentation changes found." + echo "docs-only=true" >> "$GITHUB_OUTPUT" + fi + setup-workflow: runs-on: ubuntu-latest + needs: + - check-docs-changes outputs: execute-knowledge-labeled: ${{ steps.configure-tests-on-labels.outputs.execute_knowledge_labeled }} execute-spl2-labeled: ${{ steps.configure-tests-on-labels.outputs.execute_spl2_labeled }} @@ -169,7 +198,9 @@ jobs: case "${{ github.event_name }}" in "pull_request") labels=$(echo '${{ toJSON(github.event.pull_request.labels) }}' | jq -r '.[] | .name') - if ${{ github.base_ref == 'main' }} && ${{ contains(github.event.pull_request.labels.*.name, 'use_labels') }}; then + if ${{ needs.check-docs-changes.outputs.docs-only == 'true' }}; then + echo -e "\033[1;33m⚠️ Skipping tests as there are only documentation related changes ⚠️\033[0m" + elif ${{ github.base_ref == 'main' }} && ${{ contains(github.event.pull_request.labels.*.name, 'use_labels') }}; then for test_type in "${TESTSET[@]}"; do if [[ "$labels" =~ $test_type ]]; then EXECUTE_LABELED["$test_type"]="true" @@ -381,6 +412,8 @@ jobs: test-inventory: runs-on: ubuntu-latest + needs: + - check-docs-changes # Map a step output to a job output outputs: spl2: ${{ steps.testset.outputs.spl2 }} @@ -396,8 +429,8 @@ jobs: - id: testset name: Check available test types run: | - find tests -type d -maxdepth 1 -mindepth 1 | sed 's|^tests/||g' | while read -r TESTSET; do echo "$TESTSET=true" >> "$GITHUB_OUTPUT"; echo "$TESTSET::true"; done - find package/default/data -type d -name "spl2" -maxdepth 1 -mindepth 1 | sed 's|^package/default/data/||g' | while read -r TESTSET; do echo "$TESTSET=true" >> "$GITHUB_OUTPUT"; echo "$TESTSET::true"; done + find tests -type d -maxdepth 1 -mindepth 1 | sed 's|^tests/||g' | while read -r TESTSET; do echo "$TESTSET=${{ needs.check-docs-changes.outputs.docs-only == 'false' && 'true' || 'false' }}" >> "$GITHUB_OUTPUT"; echo "$TESTSET::${{ needs.check-docs-changes.outputs.docs-only == 'false' && 'true' || 'false' }}"; done + find package/default/data -type d -name "spl2" -maxdepth 1 -mindepth 1 | sed 's|^package/default/data/||g' | while read -r TESTSET; do echo "$TESTSET=${{ needs.check-docs-changes.outputs.docs-only == 'false' && 'true' || 'false' }}" >> "$GITHUB_OUTPUT"; echo "$TESTSET::${{ needs.check-docs-changes.outputs.docs-only == 'false' && 'true' || 'false' }}"; done run-unit-tests: name: test-unit-python3-${{ matrix.python-version }} @@ -540,6 +573,7 @@ jobs: build: runs-on: ubuntu-22.04 needs: + - check-docs-changes - validate-custom-version - setup-workflow - test-inventory @@ -550,7 +584,7 @@ jobs: - semgrep - run-unit-tests - fossa-scan - if: ${{ !cancelled() && (needs.run-unit-tests.result == 'success' || needs.run-unit-tests.result == 'skipped') && (needs.validate-custom-version.result == 'success' || needs.validate-custom-version.result == 'skipped') }} + if: ${{ !cancelled() && (needs.run-unit-tests.result == 'success' || needs.run-unit-tests.result == 'skipped') && (needs.validate-custom-version.result == 'success' || needs.validate-custom-version.result == 'skipped') && (needs.check-docs-changes.outputs.docs-only == 'false') }} outputs: buildname: ${{ steps.buildupload.outputs.name }} permissions: @@ -728,6 +762,7 @@ jobs: build-3_9: runs-on: ubuntu-latest needs: + - check-docs-changes - validate-custom-version - setup-workflow - test-inventory @@ -741,7 +776,8 @@ jobs: if: | always() && (needs.run-unit-tests-3_9.result == 'success' || needs.run-unit-tests-3_9.result == 'skipped') && - (needs.validate-custom-version.result == 'success' || needs.validate-custom-version.result == 'skipped') + (needs.validate-custom-version.result == 'success' || needs.validate-custom-version.result == 'skipped') && + (needs.check-docs-changes.outputs.docs-only == 'false') permissions: contents: write packages: read @@ -2903,6 +2939,7 @@ jobs: outputs: run-publish: ${{ steps.check.outputs.run-publish }} needs: + - check-docs-changes - validate-custom-version - meta - compliance-copyrights @@ -2928,7 +2965,7 @@ jobs: shell: bash run: | RUN_PUBLISH=$(echo "$NEEDS" | jq ".[] | select( ( .result != \"skipped\" ) and .result != \"success\" ) | length == 0") - if [[ "$RUN_PUBLISH" != *'false'* ]] + if [[ "$RUN_PUBLISH" != *'false'* ]] && [[ "${{ needs.check-docs-changes.outputs.docs-only }}" == 'false' ]] then echo "run-publish=true" >> "$GITHUB_OUTPUT" echo "Publish conditions are met." From e30a82125a96eb0c8010c5c81b133e95106ee06b Mon Sep 17 00:00:00 2001 From: Siddharth Khatsuriya <62132600+siddharth-khatsuriya@users.noreply.github.com> Date: Fri, 25 Apr 2025 17:25:34 +0530 Subject: [PATCH 03/20] feat: adding docs change validation step in reuseable CI (#390) ### Description Added a new job validate-docs-change. This job will attempt to serve the documentation and fail if there are any errors. If errors occur, they will be printed in the check logs step. Another stage, enforce-docs-changes, reviews the result of validate-docs-change and uses run metadata to determine whether the job should fail the pipeline. When the PR targets the main branch, enforce-docs-changes will enforce failure on broken documentation and block merge. For other branches, it serves as an indicator of documentation issues without blocking the merge. ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done (for each selected checkbox, the corresponding test results link should be listed here) --- .../workflows/reusable-build-test-release.yml | 44 +++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index f9cf1bb7..e5065342 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -321,6 +321,44 @@ jobs: splunk_version_list=$(echo '${{ steps.determine_splunk.outputs.matrixSplunk }}' | jq -r '.[].version') sc4s_version_list=$(echo '${{ steps.matrix.outputs.supportedSC4S }}' | jq -r '.[].version') echo -e "## Summary of Versions Used\n- **Splunk versions used:** (${splunk_version_list})\n- **SC4S versions used:** (${sc4s_version_list})\n- Browser: Chrome" >> "$GITHUB_STEP_SUMMARY" + + validate-docs-change: + runs-on: ubuntu-latest + container: + image: python:3.9 + outputs: + status: ${{ steps.validate.outputs.status }} + steps: + - uses: actions/checkout@v4 + with: + submodules: false + persist-credentials: false + - name: Installing requirements + run: | + pip install pip -U + pip install mkdocs==1.6.1 mkdocs-material==9.6.9 poetry + - name: validate + id: validate + run: | + if poetry run mkdocs build --strict; then + echo "status=success" >> "$GITHUB_OUTPUT" + echo "status :: success" + else + echo "status=failure" >> "$GITHUB_OUTPUT" + echo "status :: failure" + fi + + enforce-docs-checks: + runs-on: ubuntu-latest + needs: validate-docs-change + if: github.ref == 'refs/heads/main' || github.event_name == 'pull_request' + steps: + - name: Fail if validate-docs-change failed + run: | + if [ "${{ needs.validate-docs-change.outputs.status }}" == "failure" ]; then + exit 1 + fi + fossa-scan: runs-on: ubuntu-latest steps: @@ -2956,6 +2994,7 @@ jobs: - run-ucc-modinput-tests - run-ui-tests - validate-pr-title + - enforce-docs-checks runs-on: ubuntu-latest env: NEEDS: ${{ toJson(needs) }} @@ -2973,6 +3012,11 @@ jobs: echo "run-publish=false" >> "$GITHUB_OUTPUT" echo "Publish conditions are not met." fi + if ${{ github.base_ref == 'main' }} && ${{ needs.enforce-docs-checks.result != 'success' }}; + then + echo " There are documentation changes that break mkdocs deploy. please check validate-docs-change step." + exit 1 + fi publish: if: ${{ !cancelled() && needs.pre-publish.outputs.run-publish == 'true' && (github.event_name == 'push' || needs.validate-custom-version.result == 'success') }} From 67b4168e23b34e5ba42f47de3f339457bdb10cba Mon Sep 17 00:00:00 2001 From: dvarasani-crest <151819886+dvarasani-crest@users.noreply.github.com> Date: Tue, 6 May 2025 13:34:26 +0530 Subject: [PATCH 04/20] fix: hec token validation issue in scripted inputs (#393) ### Description This PR bumps the k8s-manifests-branch version from v3.3.2 to v3.4.1 related PR: https://github.com/splunk/ta-automation-k8s-manifests/pull/120 ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done - https://github.com/splunk/splunk-add-on-for-unix-and-linux/actions/runs/14701563721 --------- Co-authored-by: Dmytro Kvashnin --- .../workflows/reusable-build-test-release.yml | 2 +- README.md | 206 ++++++++++++++---- 2 files changed, 167 insertions(+), 41 deletions(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index e5065342..46b7ce0f 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -39,7 +39,7 @@ on: required: false description: "branch for k8s manifests to run the tests on" type: string - default: "v3.3.2" + default: "v3.4.1" scripted-inputs-os-list: required: false description: "list of OS used for scripted input tests" diff --git a/README.md b/README.md index 8e12e70a..f0b7bdf1 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,37 @@ + +* [Reusable workflow](#reusable-workflow) + * [TA Developer Git workflow best practices](#ta-developer-git-workflow-best-practices) + * [Git Branches](#git-branches) + * [Default flow. Independent work](#default-flow-independent-work) + * [Default flow. Dependent on develop](#default-flow-dependent-on-develop) + * [Backporting to old releases](#backporting-to-old-releases) + * [[Internal] Development flow](#internal-development-flow) +* [Spec reusable-build-test-release](#spec-reusable-build-test-release) + * [Workflow Inputs](#workflow-inputs) + * [General troubleshooting](#general-troubleshooting) + * [[Job] setup-workflow](#job-setup-workflow) + * [[Job] meta](#job-meta) + * [[Job] fossa-scan](#job-fossa-scan) + * [[Job] fossa-test](#job-fossa-test) + * [[Job] compliance-copyrights](#job-compliance-copyrights) + * [[Job] lint](#job-lint) + * [[Job] security-detect-secrets](#job-security-detect-secrets) + * [[Job] security-sast-semgrep](#job-security-sast-semgrep) + * [[Job] test-inventory](#job-test-inventory) + * [[Job] build](#job-build) + * [[Job] AppInspect](#job-appinspect) + * [[Job] AppInspect API](#job-appinspect-api) + * [[Job] setup](#job-setup) + * [[Job] test-unit-python3](#job-test-unit-python3) + * [[Job] run-btool-check](#job-run-btool-check) + * [[Job] run-knowledge-tests](#job-run-knowledge-tests) + * [[Job] run-ui-tests](#job-run-ui-tests-) + * [[Job] run-modinput-tests](#job-run-modinput-tests-) + * [[Job] run-ucc-modinput-tests](#job-run-ucc-modinput-tests-) + * [[Job] pre-publish](#job-pre-publish) + * [[Job] publish](#job-publish) + * [Vendor Addon Matrix tests](#vendor-addon-matrix-tests) + # Reusable workflow This repository stores reusable `build-test-release` workflow, which is used to build, test and release Splunk add-ons. @@ -6,7 +40,113 @@ Workflow is used by add-ons created and managed by [addonfactory repository temp Workflow defines jobs which perform security code scanning, execute different types of tests, build add-on package and make a GitHub release. -## Development flow +## TA Developer Git workflow best practices + +* Always prefer Fast Forward to Merge commit. Preference towards linear history. +* Never squash merge multiple independent features. i.e. never squash merge develop -> main. + +### Git Branches +* `main` - Latest released TA commit. Events: + * `merge` triggers TA build release (GitHub tag and release artifacts) +* `develop` - Next version `Work in Progress`. Can be created / removed at will, tracks `main` + * `merge` triggers TA `Beta` build release (GitHub tag and release artifacts) +* `release/{VERSION}` - Custom release scenario. **Example:** 2 releases in process, i.e. backport and next patch/minor/major. + + +### Default flow. Independent work +```mermaid +gitGraph + checkout main + commit id: "A" tag: "v1.0.0" + commit id: "B" tag: "v1.1.0" + + branch develop + checkout develop + commit id: "chore: pipeline-update" + commit id: "feat: feat-C" tag: "v1.2.0-Beta-1" + + checkout main + branch feat/my-feat-D + checkout feat/my-feat-D + commit id: "feat: feat-D" + + checkout develop + merge feat/my-feat-D tag: "v1.2.0-Beta-2" + + checkout main + commit id: "docs: docs-update" + + checkout develop + merge main + + checkout main + merge develop tag: "v1.2.0" + +``` + +### Default flow. Dependent on develop +When the feature is justifiably dependent on `develop`, for example: adding UI tests to an existing feature. +```mermaid +gitGraph + checkout main + commit id: "A" tag: "v1.0.0" + commit id: "B" tag: "v1.1.0" + + branch develop + checkout develop + commit id: "chore: pipeline-update" + commit id: "feat: feat-C" tag: "v1.2.0-Beta-1" + + branch test/my-feat-C-ui-tests + checkout test/my-feat-C-ui-tests + commit id: "test: my-feat-C-ui-tests" + + checkout develop + merge test/my-feat-C-ui-tests + + checkout main + commit id: "docs: docs-update" + commit id: "fix: important fix" tag: "v1.1.1" + + checkout develop + merge main + + checkout main + merge develop tag: "v1.2.0" +``` + +### Backporting to old releases +Bugfix needing a backport patch release `1.1.1` and releasing next `2.1.0`. For example there is a business reason to provide support for `1.1.0` +```mermaid + +gitGraph + checkout main + commit id: "A" tag: "v1.1.0" + branch release/v1.1.1 order: 4 + checkout main + commit id: "B" tag: "v2.0.0" + branch develop + + checkout develop + + + checkout main + branch fix/important-fix + checkout fix/important-fix + commit id: "fix: important fix" + + checkout develop + merge fix/important-fix tag: "v2.1.0-Beta-1" + + checkout main + merge develop tag: "v2.1.0" + + checkout release/v1.1.1 + cherry-pick id: "fix: important fix" tag: "v1.1.1" +``` + + +## [Internal] Development flow * All the changes should first go to the `develop` branch (using "squash commit"), `main` branch should contain stable code * Official releases are made from `main` branch (when it's time to rollout new template changes): @@ -26,9 +166,8 @@ Workflow defines jobs which perform security code scanning, execute different ty * backport the change back to the `develop` branch * new version of the workflow is going to be released (v4.17.0 (before) -> v4.17.1 (after)) and it will automatically applied to all the repositories -# Workflow jobs - -## Inputs +# Spec reusable-build-test-release +## Workflow Inputs * marker - list of markers used to paralelize modinput tests * ucc-modinput-marker - list of markers used to paralelize ucc modinput tests * ui_marker - list of markers used to paralelize ui tests @@ -44,7 +183,7 @@ Workflow defines jobs which perform security code scanning, execute different ty * Check if there is any similar issue reported to GitHub repo for the action by other users. * If you are not sure what to do, please use `go/addon/help`. -## setup-workflow +## [Job] setup-workflow Job that is scanning PR and based on PR body or included labels defining tests to be executed. @@ -61,15 +200,13 @@ Job that is scanning PR and based on PR body or included labels defining tests t * add to PR one or multiple labels, available choices can be found [here](https://github.com/splunk/addonfactory-workflow-addon-release/blob/4f3fa4d779b6ec7649f0dc6b973eb4d68e5fcc48/.github/workflows/reusable-build-test-release.yml#L153) * there is no need to add labels when PR's target branch is `main` -meta stage -======================= +## [Job] meta **Description:** - Determines which Splunk and SC4S versions to run tests with. -fossa-scan -======================= +## [Job] fossa-scan **Description:** @@ -92,8 +229,7 @@ fossa-scan THIRDPARTY ``` -fossa-test -======================= +## [Job] fossa-test **Description:** @@ -112,8 +248,7 @@ fossa-test - No additional Artifacts. -compliance-copyrights -===================== +## [Job] compliance-copyrights **Description** @@ -149,8 +284,7 @@ i.e license Date: Tue, 13 May 2025 11:32:25 +0530 Subject: [PATCH 06/20] fix: update AppInspect CLI action to v2.10 (#394) ### Description update appinspect-cli-action to 2.10 ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done (for each selected checkbox, the corresponding test results link should be listed here) --- .github/workflows/reusable-build-test-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index 46b7ce0f..a2536c06 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -930,7 +930,7 @@ jobs: name: package-splunkbase path: build/package/ - name: Scan - uses: splunk/appinspect-cli-action@v2.9 + uses: splunk/appinspect-cli-action@v2.10 with: app_path: build/package/ included_tags: ${{ matrix.tags }} From bddfb2bee9ece840cd6300dca13714363d3e6d97 Mon Sep 17 00:00:00 2001 From: Siddharth Khatsuriya <62132600+siddharth-khatsuriya@users.noreply.github.com> Date: Tue, 13 May 2025 12:33:54 +0530 Subject: [PATCH 07/20] chore: sync main into develop after conflict resolution (#399) ### The file `.github/workflows/reusable-build-test-release.yml` had merge conflicts when merging develop into main. This PR resolves those conflicts and syncs the changes accordingly. --------- Co-authored-by: mkolasinski-splunk <105011638+mkolasinski-splunk@users.noreply.github.com> Co-authored-by: Dmytro Kvashnin Co-authored-by: Dmytro Kvashnin <139753462+dkvashninsplunk@users.noreply.github.com> Co-authored-by: mgrandys-splunk <153620320+mgrandys-splunk@users.noreply.github.com> Co-authored-by: dvarasani-crest <151819886+dvarasani-crest@users.noreply.github.com> Co-authored-by: kdoroszko-splunk From 4c9a825c038e028cf12138fef87fe2cea0dcc802 Mon Sep 17 00:00:00 2001 From: mgrandys-splunk <153620320+mgrandys-splunk@users.noreply.github.com> Date: Thu, 6 Mar 2025 11:37:50 +0100 Subject: [PATCH 08/20] chore: run appinspect api on release branches (#376) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ### Description Run `appinspect api` job for `release/` branches in `build-test-release` pipeline Ticket: https://splunk.atlassian.net/browse/ADDON-77779 Tested in the following cases where appinspect api job is: - Running for PR with “release/“ base: https://github.com/splunk/splunk-add-on-for-microsoft-cloud-services/actions/runs/13626390125 - Running for manual trigger on “release/“ branch: https://github.com/splunk/splunk-add-on-for-microsoft-cloud-services/actions/runs/13626413937 - Not running for chore/ branch: https://github.com/splunk/splunk-add-on-for-microsoft-cloud-services/actions/runs/13626445165 ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done (for each selected checkbox, the corresponding test results link should be listed here) --- .github/workflows/reusable-build-test-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index f0980008..938c17b9 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -881,7 +881,7 @@ jobs: if: | !cancelled() && needs.build.result == 'success' && - ( github.base_ref == 'main' || github.ref_name == 'main' ) + ( github.base_ref == 'main' || github.ref_name == 'main' || startsWith(github.base_ref, 'release/') || startsWith(github.ref_name, 'release/') ) runs-on: ubuntu-latest strategy: fail-fast: false From 23c93f88a1daf572f95685502c7e54dca88e5824 Mon Sep 17 00:00:00 2001 From: Siddharth Khatsuriya <62132600+siddharth-khatsuriya@users.noreply.github.com> Date: Mon, 24 Mar 2025 17:37:03 +0530 Subject: [PATCH 09/20] feat: skip tests on docs only change (#389) ### Description [ [ADDON-78394](https://splunk.atlassian.net/browse/ADDON-78394) ] Added conditions skip tests, build, app-inspect and publish if the changes in PR are only related to documentation. Tests: https://docs.google.com/document/d/1IFxbIwzDM0lBkO3ciNxFrPlOPPE9YQhcaVStQg7lYEM/edit?usp=sharing ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done (for each selected checkbox, the corresponding test results link should be listed here) --- .../workflows/reusable-build-test-release.yml | 49 ++++++++++++++++--- 1 file changed, 43 insertions(+), 6 deletions(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index 938c17b9..3e2c22bd 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -122,8 +122,37 @@ jobs: exit 1 fi + check-docs-changes: + runs-on: ubuntu-latest + outputs: + docs-only: ${{ steps.check.outputs.docs-only }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Fetch all refs + run: git fetch --prune --unshallow + + - name: Check if the changes are only in docs/*, mkdocs.yml, or .github/workflows/docs.yml + id: check + run: | + set -o xtrace + # List all files modified in the commit or PR + changed_files=$(git diff --name-only --diff-filter=ACMRT ${{ github.event.pull_request.base.sha }} ${{ github.sha }}) + # changed_files=$(git diff --name-only ${{ github.event.before }} ${{ github.sha }}) + + # Check if any of the changed files are not in docs/*, mkdocs.yml, or .github/workflows/docs.yml + if echo "$changed_files" | grep -vqE '^(docs/|mkdocs.yml|.github/workflows/docs.yml)'; then + echo "docs-only=false" >> "$GITHUB_OUTPUT" + else + echo "Only documentation changes found." + echo "docs-only=true" >> "$GITHUB_OUTPUT" + fi + setup-workflow: runs-on: ubuntu-latest + needs: + - check-docs-changes outputs: execute-knowledge-labeled: ${{ steps.configure-tests-on-labels.outputs.execute_knowledge_labeled }} execute-spl2-labeled: ${{ steps.configure-tests-on-labels.outputs.execute_spl2_labeled }} @@ -169,7 +198,9 @@ jobs: case "${{ github.event_name }}" in "pull_request") labels=$(echo '${{ toJSON(github.event.pull_request.labels) }}' | jq -r '.[] | .name') - if ${{ github.base_ref == 'main' }} && ${{ contains(github.event.pull_request.labels.*.name, 'use_labels') }}; then + if ${{ needs.check-docs-changes.outputs.docs-only == 'true' }}; then + echo -e "\033[1;33m⚠️ Skipping tests as there are only documentation related changes ⚠️\033[0m" + elif ${{ github.base_ref == 'main' }} && ${{ contains(github.event.pull_request.labels.*.name, 'use_labels') }}; then for test_type in "${TESTSET[@]}"; do if [[ "$labels" =~ $test_type ]]; then EXECUTE_LABELED["$test_type"]="true" @@ -381,6 +412,8 @@ jobs: test-inventory: runs-on: ubuntu-latest + needs: + - check-docs-changes # Map a step output to a job output outputs: spl2: ${{ steps.testset.outputs.spl2 }} @@ -396,8 +429,8 @@ jobs: - id: testset name: Check available test types run: | - find tests -type d -maxdepth 1 -mindepth 1 | sed 's|^tests/||g' | while read -r TESTSET; do echo "$TESTSET=true" >> "$GITHUB_OUTPUT"; echo "$TESTSET::true"; done - find package/default/data -type d -name "spl2" -maxdepth 1 -mindepth 1 | sed 's|^package/default/data/||g' | while read -r TESTSET; do echo "$TESTSET=true" >> "$GITHUB_OUTPUT"; echo "$TESTSET::true"; done + find tests -type d -maxdepth 1 -mindepth 1 | sed 's|^tests/||g' | while read -r TESTSET; do echo "$TESTSET=${{ needs.check-docs-changes.outputs.docs-only == 'false' && 'true' || 'false' }}" >> "$GITHUB_OUTPUT"; echo "$TESTSET::${{ needs.check-docs-changes.outputs.docs-only == 'false' && 'true' || 'false' }}"; done + find package/default/data -type d -name "spl2" -maxdepth 1 -mindepth 1 | sed 's|^package/default/data/||g' | while read -r TESTSET; do echo "$TESTSET=${{ needs.check-docs-changes.outputs.docs-only == 'false' && 'true' || 'false' }}" >> "$GITHUB_OUTPUT"; echo "$TESTSET::${{ needs.check-docs-changes.outputs.docs-only == 'false' && 'true' || 'false' }}"; done run-unit-tests: name: test-unit-python3-${{ matrix.python-version }} @@ -540,6 +573,7 @@ jobs: build: runs-on: ubuntu-22.04 needs: + - check-docs-changes - validate-custom-version - setup-workflow - test-inventory @@ -550,7 +584,7 @@ jobs: - semgrep - run-unit-tests - fossa-scan - if: ${{ !cancelled() && (needs.run-unit-tests.result == 'success' || needs.run-unit-tests.result == 'skipped') && (needs.validate-custom-version.result == 'success' || needs.validate-custom-version.result == 'skipped') }} + if: ${{ !cancelled() && (needs.run-unit-tests.result == 'success' || needs.run-unit-tests.result == 'skipped') && (needs.validate-custom-version.result == 'success' || needs.validate-custom-version.result == 'skipped') && (needs.check-docs-changes.outputs.docs-only == 'false') }} outputs: buildname: ${{ steps.buildupload.outputs.name }} permissions: @@ -728,6 +762,7 @@ jobs: build-3_9: runs-on: ubuntu-latest needs: + - check-docs-changes - validate-custom-version - setup-workflow - test-inventory @@ -741,7 +776,8 @@ jobs: if: | always() && (needs.run-unit-tests-3_9.result == 'success' || needs.run-unit-tests-3_9.result == 'skipped') && - (needs.validate-custom-version.result == 'success' || needs.validate-custom-version.result == 'skipped') + (needs.validate-custom-version.result == 'success' || needs.validate-custom-version.result == 'skipped') && + (needs.check-docs-changes.outputs.docs-only == 'false') permissions: contents: write packages: read @@ -2903,6 +2939,7 @@ jobs: outputs: run-publish: ${{ steps.check.outputs.run-publish }} needs: + - check-docs-changes - validate-custom-version - meta - compliance-copyrights @@ -2928,7 +2965,7 @@ jobs: shell: bash run: | RUN_PUBLISH=$(echo "$NEEDS" | jq ".[] | select( ( .result != \"skipped\" ) and .result != \"success\" ) | length == 0") - if [[ "$RUN_PUBLISH" != *'false'* ]] + if [[ "$RUN_PUBLISH" != *'false'* ]] && [[ "${{ needs.check-docs-changes.outputs.docs-only }}" == 'false' ]] then echo "run-publish=true" >> "$GITHUB_OUTPUT" echo "Publish conditions are met." From 5e17b2819377d710b2002d3a14754715a686c796 Mon Sep 17 00:00:00 2001 From: Siddharth Khatsuriya <62132600+siddharth-khatsuriya@users.noreply.github.com> Date: Fri, 25 Apr 2025 17:25:34 +0530 Subject: [PATCH 10/20] feat: adding docs change validation step in reuseable CI (#390) ### Description Added a new job validate-docs-change. This job will attempt to serve the documentation and fail if there are any errors. If errors occur, they will be printed in the check logs step. Another stage, enforce-docs-changes, reviews the result of validate-docs-change and uses run metadata to determine whether the job should fail the pipeline. When the PR targets the main branch, enforce-docs-changes will enforce failure on broken documentation and block merge. For other branches, it serves as an indicator of documentation issues without blocking the merge. ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done (for each selected checkbox, the corresponding test results link should be listed here) --- .../workflows/reusable-build-test-release.yml | 44 +++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index 3e2c22bd..e7d57b66 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -321,6 +321,44 @@ jobs: splunk_version_list=$(echo '${{ steps.determine_splunk.outputs.matrixSplunk }}' | jq -r '.[].version') sc4s_version_list=$(echo '${{ steps.matrix.outputs.supportedSC4S }}' | jq -r '.[].version') echo -e "## Summary of Versions Used\n- **Splunk versions used:** (${splunk_version_list})\n- **SC4S versions used:** (${sc4s_version_list})\n- Browser: Chrome" >> "$GITHUB_STEP_SUMMARY" + + validate-docs-change: + runs-on: ubuntu-latest + container: + image: python:3.9 + outputs: + status: ${{ steps.validate.outputs.status }} + steps: + - uses: actions/checkout@v4 + with: + submodules: false + persist-credentials: false + - name: Installing requirements + run: | + pip install pip -U + pip install mkdocs==1.6.1 mkdocs-material==9.6.9 poetry + - name: validate + id: validate + run: | + if poetry run mkdocs build --strict; then + echo "status=success" >> "$GITHUB_OUTPUT" + echo "status :: success" + else + echo "status=failure" >> "$GITHUB_OUTPUT" + echo "status :: failure" + fi + + enforce-docs-checks: + runs-on: ubuntu-latest + needs: validate-docs-change + if: github.ref == 'refs/heads/main' || github.event_name == 'pull_request' + steps: + - name: Fail if validate-docs-change failed + run: | + if [ "${{ needs.validate-docs-change.outputs.status }}" == "failure" ]; then + exit 1 + fi + fossa-scan: runs-on: ubuntu-latest steps: @@ -2956,6 +2994,7 @@ jobs: - run-ucc-modinput-tests - run-ui-tests - validate-pr-title + - enforce-docs-checks runs-on: ubuntu-latest env: NEEDS: ${{ toJson(needs) }} @@ -2973,6 +3012,11 @@ jobs: echo "run-publish=false" >> "$GITHUB_OUTPUT" echo "Publish conditions are not met." fi + if ${{ github.base_ref == 'main' }} && ${{ needs.enforce-docs-checks.result != 'success' }}; + then + echo " There are documentation changes that break mkdocs deploy. please check validate-docs-change step." + exit 1 + fi publish: if: ${{ !cancelled() && needs.pre-publish.outputs.run-publish == 'true' && (github.event_name == 'push' || needs.validate-custom-version.result == 'success') }} From cd697b4911ea31ceb075cb833351193171bd0297 Mon Sep 17 00:00:00 2001 From: dvarasani-crest <151819886+dvarasani-crest@users.noreply.github.com> Date: Tue, 6 May 2025 13:34:26 +0530 Subject: [PATCH 11/20] fix: hec token validation issue in scripted inputs (#393) This PR bumps the k8s-manifests-branch version from v3.3.2 to v3.4.1 related PR: https://github.com/splunk/ta-automation-k8s-manifests/pull/120 - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed - https://github.com/splunk/splunk-add-on-for-unix-and-linux/actions/runs/14701563721 --------- Co-authored-by: Dmytro Kvashnin --- .github/workflows/reusable-build-test-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index e7d57b66..46b7ce0f 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -39,7 +39,7 @@ on: required: false description: "branch for k8s manifests to run the tests on" type: string - default: "v3.3.3" + default: "v3.4.1" scripted-inputs-os-list: required: false description: "list of OS used for scripted input tests" From b93e398fafdef8f05e0bb319c7eeb111ab51beae Mon Sep 17 00:00:00 2001 From: kdoroszko-splunk Date: Tue, 6 May 2025 12:11:02 +0200 Subject: [PATCH 12/20] docs: change the runbok for appinspect update (#395) ### Description I think it makes more sense to make a fix release each time we update appinspect version. We'd prevent ourselves from rolling out the template each time there is a feat release of appinspect. ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done No tests are needed --- runbooks/update_appinspect_cli_action.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/runbooks/update_appinspect_cli_action.md b/runbooks/update_appinspect_cli_action.md index 2a4f2743..41911cc5 100644 --- a/runbooks/update_appinspect_cli_action.md +++ b/runbooks/update_appinspect_cli_action.md @@ -22,10 +22,8 @@ Once Splunk AppInspect team releases AppInspect CLI - we need to make sure that - create a PR in this repository with a new version of the action ([example PR](https://github.com/splunk/addonfactory-workflow-addon-release/pull/247)) - make sure that PR is towards `main` branch + - make sure the tile of the PR follows the format: "fix: update AppInspect CLI action to v.X.Y" - make sure that the pipeline is green - - determine which version of `appinspect-cli-action` needs to be released based on the PR - - if it is a bug fix or dependecnies update - "fix" in the title of the PR - - if it is a feature release - "feat" in the title of the PR - attach a link to a test run of reusable workflow - get review from the team - "Squash and merge" the PR From a8eb995c41de09d069c16b95a8e0c6664a9cfca4 Mon Sep 17 00:00:00 2001 From: Siddharth Khatsuriya <62132600+siddharth-khatsuriya@users.noreply.github.com> Date: Tue, 13 May 2025 11:32:25 +0530 Subject: [PATCH 13/20] fix: update AppInspect CLI action to v2.10 (#394) ### Description update appinspect-cli-action to 2.10 ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done (for each selected checkbox, the corresponding test results link should be listed here) --- .github/workflows/reusable-build-test-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index 46b7ce0f..a2536c06 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -930,7 +930,7 @@ jobs: name: package-splunkbase path: build/package/ - name: Scan - uses: splunk/appinspect-cli-action@v2.9 + uses: splunk/appinspect-cli-action@v2.10 with: app_path: build/package/ included_tags: ${{ matrix.tags }} From e53353a2a0ed50bf68257141e70ac7e0f71b6a24 Mon Sep 17 00:00:00 2001 From: Siddharth Khatsuriya <62132600+siddharth-khatsuriya@users.noreply.github.com> Date: Tue, 13 May 2025 12:33:54 +0530 Subject: [PATCH 14/20] chore: sync main into develop after conflict resolution (#399) ### The file `.github/workflows/reusable-build-test-release.yml` had merge conflicts when merging develop into main. This PR resolves those conflicts and syncs the changes accordingly. --------- Co-authored-by: mkolasinski-splunk <105011638+mkolasinski-splunk@users.noreply.github.com> Co-authored-by: Dmytro Kvashnin Co-authored-by: Dmytro Kvashnin <139753462+dkvashninsplunk@users.noreply.github.com> Co-authored-by: mgrandys-splunk <153620320+mgrandys-splunk@users.noreply.github.com> Co-authored-by: dvarasani-crest <151819886+dvarasani-crest@users.noreply.github.com> Co-authored-by: kdoroszko-splunk From 90cd8ec20c0f94c6b5f9c8bbdbd22c3da0b0c024 Mon Sep 17 00:00:00 2001 From: Siddharth Khatsuriya <62132600+siddharth-khatsuriya@users.noreply.github.com> Date: Mon, 26 May 2025 18:12:57 +0530 Subject: [PATCH 15/20] Revert "feat: adding docs change validation step in reuseable CI (#390)" (#404) This reverts commit e30a82125a96eb0c8010c5c81b133e95106ee06b. ### Description This PR reverts the previous implementation of documentation validation and enforcement, and reintroduces those capabilities using a **reusable GitHub Actions workflow** along with a **template `validate-deploy-docs.yml` workflow file** in the template repository. ## Changes with PR reference - Removes the hardcoded docs validation logic. - Changes related to document validation and deployment is made in this PR: https://github.com/splunk/addonfactory-repository-template/pull/743 ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done (for each selected checkbox, the corresponding test results link should be listed here) --- .../workflows/reusable-build-test-release.yml | 44 ------------------- 1 file changed, 44 deletions(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index a2536c06..a4f08eb7 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -321,44 +321,6 @@ jobs: splunk_version_list=$(echo '${{ steps.determine_splunk.outputs.matrixSplunk }}' | jq -r '.[].version') sc4s_version_list=$(echo '${{ steps.matrix.outputs.supportedSC4S }}' | jq -r '.[].version') echo -e "## Summary of Versions Used\n- **Splunk versions used:** (${splunk_version_list})\n- **SC4S versions used:** (${sc4s_version_list})\n- Browser: Chrome" >> "$GITHUB_STEP_SUMMARY" - - validate-docs-change: - runs-on: ubuntu-latest - container: - image: python:3.9 - outputs: - status: ${{ steps.validate.outputs.status }} - steps: - - uses: actions/checkout@v4 - with: - submodules: false - persist-credentials: false - - name: Installing requirements - run: | - pip install pip -U - pip install mkdocs==1.6.1 mkdocs-material==9.6.9 poetry - - name: validate - id: validate - run: | - if poetry run mkdocs build --strict; then - echo "status=success" >> "$GITHUB_OUTPUT" - echo "status :: success" - else - echo "status=failure" >> "$GITHUB_OUTPUT" - echo "status :: failure" - fi - - enforce-docs-checks: - runs-on: ubuntu-latest - needs: validate-docs-change - if: github.ref == 'refs/heads/main' || github.event_name == 'pull_request' - steps: - - name: Fail if validate-docs-change failed - run: | - if [ "${{ needs.validate-docs-change.outputs.status }}" == "failure" ]; then - exit 1 - fi - fossa-scan: runs-on: ubuntu-latest steps: @@ -2994,7 +2956,6 @@ jobs: - run-ucc-modinput-tests - run-ui-tests - validate-pr-title - - enforce-docs-checks runs-on: ubuntu-latest env: NEEDS: ${{ toJson(needs) }} @@ -3012,11 +2973,6 @@ jobs: echo "run-publish=false" >> "$GITHUB_OUTPUT" echo "Publish conditions are not met." fi - if ${{ github.base_ref == 'main' }} && ${{ needs.enforce-docs-checks.result != 'success' }}; - then - echo " There are documentation changes that break mkdocs deploy. please check validate-docs-change step." - exit 1 - fi publish: if: ${{ !cancelled() && needs.pre-publish.outputs.run-publish == 'true' && (github.event_name == 'push' || needs.validate-custom-version.result == 'success') }} From f4d267f438967a522a9253f4e3f1764be2850c88 Mon Sep 17 00:00:00 2001 From: dvarasani-crest <151819886+dvarasani-crest@users.noreply.github.com> Date: Thu, 5 Jun 2025 13:19:48 +0530 Subject: [PATCH 16/20] fix: update os versions for scripted input tests (#407) ### Description This PR removes the deprecated version (ubuntu 14.04) and add support of Ubuntu 20.04 and redhat 9.5 for scripted inputs. ### Checklist - [x] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [x] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done Test run: https://github.com/splunk/splunk-add-on-for-unix-and-linux/actions/runs/15417614522 --- .github/workflows/reusable-build-test-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index a4f08eb7..a17b007d 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -45,7 +45,7 @@ on: description: "list of OS used for scripted input tests" type: string default: >- - ["ubuntu:14.04", "ubuntu:16.04","ubuntu:18.04","ubuntu:22.04", "ubuntu:24.04", "redhat:8.4", "redhat:8.5", "redhat:8.6", "redhat:8.8"] + ["ubuntu:16.04", "ubuntu:18.04", "ubuntu:20.04", "ubuntu:22.04", "ubuntu:24.04", "redhat:8.4", "redhat:8.5", "redhat:8.6", "redhat:8.8", "redhat:9.5"] upgrade-tests-ta-versions: required: false description: "List with TA versions (in 'X.X.X' format) that should be used as starting points for upgrade tests. Example: ['7.6.0', '7.7.0']" From f63c2cb8e4dd9ab6ab5260063ead7d6978bb9487 Mon Sep 17 00:00:00 2001 From: Siddharth Khatsuriya <62132600+siddharth-khatsuriya@users.noreply.github.com> Date: Tue, 17 Jun 2025 16:03:04 +0530 Subject: [PATCH 17/20] Resolve merge conflict (#409) ### Description Resolving develop -> main conflict ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done (for each selected checkbox, the corresponding test results link should be listed here) --------- Co-authored-by: harshilgajera-crest <69803385+harshilgajera-crest@users.noreply.github.com> Co-authored-by: kdoroszko-splunk Co-authored-by: mkolasinski-splunk <105011638+mkolasinski-splunk@users.noreply.github.com> Co-authored-by: Dmytro Kvashnin Co-authored-by: Dmytro Kvashnin <139753462+dkvashninsplunk@users.noreply.github.com> Co-authored-by: mgrandys-splunk <153620320+mgrandys-splunk@users.noreply.github.com> Co-authored-by: dvarasani-crest <151819886+dvarasani-crest@users.noreply.github.com> --- .github/workflows/reusable-build-test-release.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index a17b007d..47d95f3f 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -377,7 +377,7 @@ jobs: - uses: actions/checkout@v4 - uses: actions/setup-python@v5 with: - python-version: "3.7" + python-version: "3.9" - uses: pre-commit/action@v3.0.1 review_secrets: @@ -1036,9 +1036,9 @@ jobs: run: | poetry install --only modinput if [ -f "tests/ucc_modinput_functional/tmp/openapi.json" ]; then - poetry run ucc-test-modinput -o tests/ucc_modinput_functional/tmp/openapi.json -t ${{ steps.download-openapi.outputs.download-path }}/tmp/ + poetry run ucc-test-modinput gen -o tests/ucc_modinput_functional/tmp/openapi.json -t ${{ steps.download-openapi.outputs.download-path }}/tmp/ else - poetry run ucc-test-modinput -o ${{ steps.download-openapi.outputs.download-path }}/openapi.json -t ${{ steps.download-openapi.outputs.download-path }}/tmp/ + poetry run ucc-test-modinput gen -o ${{ steps.download-openapi.outputs.download-path }}/openapi.json -t ${{ steps.download-openapi.outputs.download-path }}/tmp/ fi - name: upload-libs-to-s3 id: upload-libs-to-s3 From 8057ca3f9a08a371b310d8c93d7913ff51a231b0 Mon Sep 17 00:00:00 2001 From: Siddharth Khatsuriya <62132600+siddharth-khatsuriya@users.noreply.github.com> Date: Tue, 24 Jun 2025 14:34:45 +0530 Subject: [PATCH 18/20] chore: resolving review comments of dev to main pr (398) (#415) ### Description Resolving review comments of PR: https://github.com/splunk/addonfactory-workflow-addon-release/pull/398 - This PR addresses [this comment](https://github.com/splunk/addonfactory-workflow-addon-release/pull/398#discussion_r2149744957) by removing redundant updates to both test-inventory and setup-workflow for docs-only changes. Updating both is unnecessary since failure in either prevents tests from running. - Test runs: https://github.com/splunk/splunk-add-on-for-amazon-web-services/actions/runs/15754544427/job/44407048288?pr=1486 - A few minor review comment changes were also made; they don't require testing. ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done (for each selected checkbox, the corresponding test results link should be listed here) --- .github/workflows/reusable-build-test-release.yml | 7 ++----- runbooks/update_appinspect_cli_action.md | 2 +- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index 47d95f3f..083d421e 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -39,7 +39,7 @@ on: required: false description: "branch for k8s manifests to run the tests on" type: string - default: "v3.4.1" + default: "v3.5.0" scripted-inputs-os-list: required: false description: "list of OS used for scripted input tests" @@ -139,7 +139,6 @@ jobs: set -o xtrace # List all files modified in the commit or PR changed_files=$(git diff --name-only --diff-filter=ACMRT ${{ github.event.pull_request.base.sha }} ${{ github.sha }}) - # changed_files=$(git diff --name-only ${{ github.event.before }} ${{ github.sha }}) # Check if any of the changed files are not in docs/*, mkdocs.yml, or .github/workflows/docs.yml if echo "$changed_files" | grep -vqE '^(docs/|mkdocs.yml|.github/workflows/docs.yml)'; then @@ -198,9 +197,7 @@ jobs: case "${{ github.event_name }}" in "pull_request") labels=$(echo '${{ toJSON(github.event.pull_request.labels) }}' | jq -r '.[] | .name') - if ${{ needs.check-docs-changes.outputs.docs-only == 'true' }}; then - echo -e "\033[1;33m⚠️ Skipping tests as there are only documentation related changes ⚠️\033[0m" - elif ${{ github.base_ref == 'main' }} && ${{ contains(github.event.pull_request.labels.*.name, 'use_labels') }}; then + if ${{ github.base_ref == 'main' }} && ${{ contains(github.event.pull_request.labels.*.name, 'use_labels') }}; then for test_type in "${TESTSET[@]}"; do if [[ "$labels" =~ $test_type ]]; then EXECUTE_LABELED["$test_type"]="true" diff --git a/runbooks/update_appinspect_cli_action.md b/runbooks/update_appinspect_cli_action.md index 41911cc5..3670962b 100644 --- a/runbooks/update_appinspect_cli_action.md +++ b/runbooks/update_appinspect_cli_action.md @@ -22,7 +22,7 @@ Once Splunk AppInspect team releases AppInspect CLI - we need to make sure that - create a PR in this repository with a new version of the action ([example PR](https://github.com/splunk/addonfactory-workflow-addon-release/pull/247)) - make sure that PR is towards `main` branch - - make sure the tile of the PR follows the format: "fix: update AppInspect CLI action to v.X.Y" + - make sure the title of the PR follows the format: "fix: update AppInspect CLI action to v.X.Y" - make sure that the pipeline is green - attach a link to a test run of reusable workflow - get review from the team From eab87eaa50d06f53f83879a2d31c379f7bf57f87 Mon Sep 17 00:00:00 2001 From: mkolasinski-splunk <105011638+mkolasinski-splunk@users.noreply.github.com> Date: Fri, 27 Jun 2025 12:16:24 +0200 Subject: [PATCH 19/20] chore: merge main (#419) ### Description (PR description goes here) ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done (for each selected checkbox, the corresponding test results link should be listed here) --- .github/workflows/reusable-build-test-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index 083d421e..149cf692 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -39,7 +39,7 @@ on: required: false description: "branch for k8s manifests to run the tests on" type: string - default: "v3.5.0" + default: "v3.5.1" scripted-inputs-os-list: required: false description: "list of OS used for scripted input tests" From 450dad05634c2f93cbb189ffd8e630e44170202c Mon Sep 17 00:00:00 2001 From: Siddharth Khatsuriya <62132600+siddharth-khatsuriya@users.noreply.github.com> Date: Wed, 2 Jul 2025 18:48:07 +0530 Subject: [PATCH 20/20] fix: skip running tests on changes in validate-deploy-docs.yaml (#416) ### Description - Since we now have a new validate-deploy-docs.yaml workflow for documentation, we are including it in the list of files considered as documentation-only changes. This ensures that test cases will not be triggered when only documentation workflows are modified. ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done for test addon repo https://github.com/splunk/test-addonfactory-repo/actions/runs/15874408448/job/44758591172?pr=349 --- .github/workflows/reusable-build-test-release.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index 149cf692..8d4be648 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -133,15 +133,15 @@ jobs: - name: Fetch all refs run: git fetch --prune --unshallow - - name: Check if the changes are only in docs/*, mkdocs.yml, or .github/workflows/docs.yml + - name: Check if the changes are only in docs/*, mkdocs.yml or .github/workflows/validate-deploy-docs.yaml id: check run: | set -o xtrace # List all files modified in the commit or PR changed_files=$(git diff --name-only --diff-filter=ACMRT ${{ github.event.pull_request.base.sha }} ${{ github.sha }}) - # Check if any of the changed files are not in docs/*, mkdocs.yml, or .github/workflows/docs.yml - if echo "$changed_files" | grep -vqE '^(docs/|mkdocs.yml|.github/workflows/docs.yml)'; then + # Check if any of the changed files are not in docs/*, mkdocs.yml, or .github/workflows/validate-deploy-docs.yaml + if echo "$changed_files" | grep -vqE '^(docs/|mkdocs.yml|.github/workflows/validate-deploy-docs.yaml)'; then echo "docs-only=false" >> "$GITHUB_OUTPUT" else echo "Only documentation changes found."