From 33328bc2894652fd342de13d27091d6b802ebe7c Mon Sep 17 00:00:00 2001 From: Szymon Bylica <142112966+sbylica-splunk@users.noreply.github.com> Date: Tue, 28 Oct 2025 14:23:06 +0100 Subject: [PATCH 1/7] fix: Fixed barracuda parser admitting to many headers (#2815) --- .../conflib/syslog/app-syslog-barracuda_waf.conf | 15 +++++++++------ .../conflib/syslog/app-syslog-barracuda_waf.conf | 15 +++++++++------ .../barracuda/app-syslog-barracuda_waf.conf | 15 +++++++++------ 3 files changed, 27 insertions(+), 18 deletions(-) diff --git a/package/enterprise/etc/conf.d/conflib/syslog/app-syslog-barracuda_waf.conf b/package/enterprise/etc/conf.d/conflib/syslog/app-syslog-barracuda_waf.conf index b85bfdcb8c..4622f3ab7a 100644 --- a/package/enterprise/etc/conf.d/conflib/syslog/app-syslog-barracuda_waf.conf +++ b/package/enterprise/etc/conf.d/conflib/syslog/app-syslog-barracuda_waf.conf @@ -46,11 +46,14 @@ block parser app-syslog-barracuda_waf() { application app-syslog-barracuda_waf[sc4s-syslog-pgm] { filter { - program('SYS' type(string)) - or program('WF' type(string)) - or program('TR' type(string)) - or program('AUDIT' type(string)) - or program('NF' type(string)) - }; + ( + program('SYS' type(string)) + or program('WF' type(string)) + or program('TR' type(string)) + or program('AUDIT' type(string)) + or program('NF' type(string)) + ) + and match('(SYS|WF|TR|AUDIT|NF) ?$', value("MSGHDR")) + }; parser { app-syslog-barracuda_waf(); }; }; diff --git a/package/etc/conf.d/conflib/syslog/app-syslog-barracuda_waf.conf b/package/etc/conf.d/conflib/syslog/app-syslog-barracuda_waf.conf index b85bfdcb8c..4622f3ab7a 100644 --- a/package/etc/conf.d/conflib/syslog/app-syslog-barracuda_waf.conf +++ b/package/etc/conf.d/conflib/syslog/app-syslog-barracuda_waf.conf @@ -46,11 +46,14 @@ block parser app-syslog-barracuda_waf() { application app-syslog-barracuda_waf[sc4s-syslog-pgm] { filter { - program('SYS' type(string)) - or program('WF' type(string)) - or program('TR' type(string)) - or program('AUDIT' type(string)) - or program('NF' type(string)) - }; + ( + program('SYS' type(string)) + or program('WF' type(string)) + or program('TR' type(string)) + or program('AUDIT' type(string)) + or program('NF' type(string)) + ) + and match('(SYS|WF|TR|AUDIT|NF) ?$', value("MSGHDR")) + }; parser { app-syslog-barracuda_waf(); }; }; diff --git a/package/lite/etc/addons/barracuda/app-syslog-barracuda_waf.conf b/package/lite/etc/addons/barracuda/app-syslog-barracuda_waf.conf index b85bfdcb8c..4622f3ab7a 100644 --- a/package/lite/etc/addons/barracuda/app-syslog-barracuda_waf.conf +++ b/package/lite/etc/addons/barracuda/app-syslog-barracuda_waf.conf @@ -46,11 +46,14 @@ block parser app-syslog-barracuda_waf() { application app-syslog-barracuda_waf[sc4s-syslog-pgm] { filter { - program('SYS' type(string)) - or program('WF' type(string)) - or program('TR' type(string)) - or program('AUDIT' type(string)) - or program('NF' type(string)) - }; + ( + program('SYS' type(string)) + or program('WF' type(string)) + or program('TR' type(string)) + or program('AUDIT' type(string)) + or program('NF' type(string)) + ) + and match('(SYS|WF|TR|AUDIT|NF) ?$', value("MSGHDR")) + }; parser { app-syslog-barracuda_waf(); }; }; From efd606b38d712ff8b8d5114613fff9311669aa11 Mon Sep 17 00:00:00 2001 From: Nikunj Joshi Date: Thu, 30 Oct 2025 14:29:47 +0530 Subject: [PATCH 2/7] docs: Updated the Epic EHR doc. (#2811) --- docs/sources/vendor/epic/epic_ehr.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/sources/vendor/epic/epic_ehr.md b/docs/sources/vendor/epic/epic_ehr.md index e278000e13..84321fa5d6 100644 --- a/docs/sources/vendor/epic/epic_ehr.md +++ b/docs/sources/vendor/epic/epic_ehr.md @@ -3,7 +3,9 @@ ## Key facts * Requires vendor product by source configuration +* MSG Format based filter * Legacy BSD Format default port 514 +* RFC 5424 Format default port 514 ## Links From 1f548533e85a4d6a124a62051fdbc358da55546f Mon Sep 17 00:00:00 2001 From: Szymon Bylica <142112966+sbylica-splunk@users.noreply.github.com> Date: Tue, 4 Nov 2025 09:26:03 +0100 Subject: [PATCH 3/7] feat: Added support for more dell powerstore events (#2818) --- .../etc/conf.d/conflib/syslog/app-syslog-dell_powerstore.conf | 4 ++-- .../etc/conf.d/conflib/syslog/app-syslog-dell_powerstore.conf | 4 ++-- package/lite/etc/addons/dell/app-syslog-dell_powerstore.conf | 4 ++-- tests/test_dell_powerstore.py | 3 ++- 4 files changed, 8 insertions(+), 7 deletions(-) diff --git a/package/enterprise/etc/conf.d/conflib/syslog/app-syslog-dell_powerstore.conf b/package/enterprise/etc/conf.d/conflib/syslog/app-syslog-dell_powerstore.conf index 7870a460ba..5ef9464153 100644 --- a/package/enterprise/etc/conf.d/conflib/syslog/app-syslog-dell_powerstore.conf +++ b/package/enterprise/etc/conf.d/conflib/syslog/app-syslog-dell_powerstore.conf @@ -12,7 +12,7 @@ block parser app-syslog-dell_powerstore() { }; application app-syslog-dell_powerstore[sc4s-network-source] { filter { - match('\[PowerStore_audit_event@1139' value("MESSAGE")); - }; + match('\[PowerStore_[A-Za-z_]+@1139' value("MESSAGE")); + }; parser { app-syslog-dell_powerstore(); }; }; \ No newline at end of file diff --git a/package/etc/conf.d/conflib/syslog/app-syslog-dell_powerstore.conf b/package/etc/conf.d/conflib/syslog/app-syslog-dell_powerstore.conf index 7870a460ba..5ef9464153 100644 --- a/package/etc/conf.d/conflib/syslog/app-syslog-dell_powerstore.conf +++ b/package/etc/conf.d/conflib/syslog/app-syslog-dell_powerstore.conf @@ -12,7 +12,7 @@ block parser app-syslog-dell_powerstore() { }; application app-syslog-dell_powerstore[sc4s-network-source] { filter { - match('\[PowerStore_audit_event@1139' value("MESSAGE")); - }; + match('\[PowerStore_[A-Za-z_]+@1139' value("MESSAGE")); + }; parser { app-syslog-dell_powerstore(); }; }; \ No newline at end of file diff --git a/package/lite/etc/addons/dell/app-syslog-dell_powerstore.conf b/package/lite/etc/addons/dell/app-syslog-dell_powerstore.conf index 7870a460ba..5ef9464153 100644 --- a/package/lite/etc/addons/dell/app-syslog-dell_powerstore.conf +++ b/package/lite/etc/addons/dell/app-syslog-dell_powerstore.conf @@ -12,7 +12,7 @@ block parser app-syslog-dell_powerstore() { }; application app-syslog-dell_powerstore[sc4s-network-source] { filter { - match('\[PowerStore_audit_event@1139' value("MESSAGE")); - }; + match('\[PowerStore_[A-Za-z_]+@1139' value("MESSAGE")); + }; parser { app-syslog-dell_powerstore(); }; }; \ No newline at end of file diff --git a/tests/test_dell_powerstore.py b/tests/test_dell_powerstore.py index 96bbc1430e..9f2fc33bc4 100644 --- a/tests/test_dell_powerstore.py +++ b/tests/test_dell_powerstore.py @@ -21,6 +21,7 @@ # <110>Jan 31 19:48:25 APM00243620939-B [358]: 2025-01-31T19:48:16 APM00243620939-B PSb8ad27c26647 358@HM3CTZ3 Authentication [PowerStore_audit_event@1139 id="2349" user="EncryptHTTP.PSb8ad27c26647" resource_type="login_session" action="None" client_ip="None" appliance="APM00243620939" status="success"] Successfully authenticated cert_account : Dell EMC PowerStore CA P9XEU8F5/EncryptHTTP.PSb8ad27c26647. # <110>Jan 31 19:49:05 APM00243620939-B [358]: 2025-01-31T19:48:49 APM00243620939-B PSb8ad27c26647 358@HM3CTZ3 Config [PowerStore_audit_event@1139 id="2351" user="admin" resource_type="system_health_check" action="create" client_ip="10.114.173.252" appliance="APM00243620939" status="failed"] Failed to perform system health check on pki-tech-ps-p01. # <110>Jan 31 19:58:46 APM00243620939-B [358]: 2025-01-31T19:58:22 APM00243620939-B PSb8ad27c26647 358@HM3CTZ3 Logout [PowerStore_audit_event@1139 id="2352" user="admin" resource_type="login_session" action="delete" client_ip="10.114.173.252" appliance="APM00243620939" status="success"] User "admin" was successfully logged out. +# <110>Jan 31 19:58:46 APM00243620939-B [358]: 2025-01-31T19:58:22 APM00243620939-B PSb8ad27c26647 358@HM3CTZ3 AlertEvent [PowerStore_remote_logging_alert@1139 sequence_number="52497" event_name="REMOTE_SUPPORT_CONNECTIVITY_STATUS_NORMAL" resource_type="remote_support" resource_name="SupportAssist" alert_id="ef7b021c-23a0-4821-8245-289cbdc7addd" alert_state="Cleared" appliance_name="rzpowerstore01-appliance-1" event_id="b320f9b7-c44e-bd39-ab56-8d278c69f6bb" event_code="0x00d00203" system_impact="None" repair_flow=""] Cluster connectivity is good. Appliance status: A1 Good. test_cases = [ "{{ mark }}{{ bsd }} {{ host }} [358]: {{ iso }} {{ host }} PSb8ad27c26647 358@HM3CTZ3 Authentication [PowerStore_audit_event@1139 id=\"2341\" user=\"admin\" resource_type=\"login_session\" action=\"None\" client_ip=\"10.114.173.252\" appliance=\"APM00243620939\" status=\"success\"] User \"admin\" logged in successfully.", @@ -29,7 +30,7 @@ "{{ mark }}{{ bsd }} {{ host }} [358]: {{ iso }} {{ host }} PSb8ad27c26647 358@HM3CTZ3 Authentication [PowerStore_audit_event@1139 id=\"2349\" user=\"EncryptHTTP.PSb8ad27c26647\" resource_type=\"login_session\" action=\"None\" client_ip=\"None\" appliance=\"APM00243620939\" status=\"success\"] Successfully authenticated cert_account : Dell EMC PowerStore CA P9XEU8F5/EncryptHTTP.PSb8ad27c26647.", "{{ mark }}{{ bsd }} {{ host }} [358]: {{ iso }} {{ host }} PSb8ad27c26647 358@HM3CTZ3 Config [PowerStore_audit_event@1139 id=\"2351\" user=\"admin\" resource_type=\"system_health_check\" action=\"create\" client_ip=\"10.114.173.252\" appliance=\"APM00243620939\" status=\"failed\"] Failed to perform system health check on pki-tech-ps-p01.", "{{ mark }}{{ bsd }} {{ host }} [358]: {{ iso }} {{ host }} PSb8ad27c26647 358@HM3CTZ3 Logout [PowerStore_audit_event@1139 id=\"2352\" user=\"admin\" resource_type=\"login_session\" action=\"delete\" client_ip=\"10.114.173.252\" appliance=\"APM00243620939\" status=\"success\"] User \"admin\" was successfully logged out." - + "{{ mark }}{{ bsd }} {{ host }} [358]: {{ iso }} {{ host }} PSb8ad27c26647 358@HM3CTZ3 AlertEvent [PowerStore_remote_logging_alert@1139 sequence_number=\"52497\" event_name=\"REMOTE_SUPPORT_CONNECTIVITY_STATUS_NORMAL\" resource_type=\"remote_support\" resource_name=\"SupportAssist\" alert_id=\"ef7b021c-23a0-4821-8245-289cbdc7addd\" alert_state=\"Cleared\" appliance_name=\"rzpowerstore01-appliance-1\" event_id=\"b320f9b7-c44e-bd39-ab56-8d278c69f6bb\" event_code=\"0x00d00203\" system_impact=\"None\" repair_flow=\"\"] Cluster connectivity is good. Appliance status: A1 Good." ] From 1086bb0b639777e6fd43be6defc3f877e882fee7 Mon Sep 17 00:00:00 2001 From: pdudhaiya-crest <69460835+pdudhaiya-crest@users.noreply.github.com> Date: Wed, 5 Nov 2025 12:10:20 +0530 Subject: [PATCH 4/7] test: (ADDON-81912) add docker and podman e2e tests (#2822) * ci: add e2e tests for docker and podman * chore: fix test failures in docker e2e * chore: make changes to fix issues in execution * chore: test * chore: test * chore: test * chore: update SC4S_IMAGE settings * chore: use sudo * chore: test without setting ENV * chore: test named cache * chore: test * chore: also update ci lite * chore: test * chore: Update artifacts name and use sed command to update SC4S image * chore: test * chore: debug things * chore: test * chore: test * chore: test * chore: Update ci enterprise * chore: test * chore: test * chore: test --- .github/workflows/ci-enterprise.yaml | 220 ++++++++++------- .github/workflows/ci-lite.yaml | 229 ++++++++++-------- .github/workflows/ci-main.yaml | 228 +++++++++-------- .../tasks/install_docker_debian.yml | 6 + ansible/tasks/docker/deploy_app.yml | 4 +- ansible/tasks/podman/deploy_app.yml | 4 +- 6 files changed, 384 insertions(+), 307 deletions(-) diff --git a/.github/workflows/ci-enterprise.yaml b/.github/workflows/ci-enterprise.yaml index 10afd7a00e..7222bdbfbc 100644 --- a/.github/workflows/ci-enterprise.yaml +++ b/.github/workflows/ci-enterprise.yaml @@ -184,12 +184,15 @@ jobs: scanners: "vuln" test-container: + strategy: + matrix: + deployment_type: ["docker", "podman"] runs-on: ubuntu-latest + continue-on-error: true needs: - meta - build_action - container: - image: python:3.9-buster + services: splunk: image: splunk/splunk:${{ fromJson(needs.meta.outputs.matrix_supportedSplunk)[0].version }} @@ -202,41 +205,68 @@ jobs: SPLUNK_PASSWORD: Changed@11 SPLUNK_START_ARGS: --accept-license SPLUNK_APPS_URL: https://github.com/splunk/splunk-configurations-base-indexes/releases/download/v1.0.0/splunk_configurations_base_indexes-1.0.0.tar.gz - sc4s: - image: ${{ needs.meta.outputs.container_base }} - ports: - - 514:514 - - 601:601 - - 5614:5514 - - 5601:5601 - - 6000:6000 - - 6002:6002 - - 9000:9000 - env: - SC4S_DEST_SPLUNK_HEC_DEFAULT_URL: https://splunk:8088 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN: 70b6ae71-76b3-4c38-9597-0c5b37ad9630 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY: "no" - SC4S_DEST_SPLUNK_HEC_DEFAULT_HTTP_COMPRESSION: "yes" - SC4S_LISTEN_PFSENSE_FIREWALL_TCP_PORT: 6000 - SC4S_LISTEN_SIMPLE_TEST_ONE_TCP_PORT: 5514 - SC4S_LISTEN_SIMPLE_TEST_ONE_UDP_PORT: 5514 - SC4S_LISTEN_SIMPLE_TEST_TWO_TCP_PORT: 5601 - SC4S_LISTEN_SPECTRACOM_NTP_TCP_PORT: 6002 - SC4S_LISTEN_CISCO_ESA_TCP_PORT: 9000 - SC4S_LISTEN_RARITAN_DSX_TCP_PORT: 9001 - SC4S_LISTEN_CHECKPOINT_SPLUNK_NOISE_CONTROL: "yes" - SC4S_SOURCE_RICOH_SYSLOG_FIXHOST: "yes" - TEST_SC4S_ACTIVATE_EXAMPLES: "yes" - SC4S_DEBUG_CONTAINER: "yes" - SC4S_SOURCE_VMWARE_VSPHERE_GROUPMSG: "yes" - SC4S_NETAPP_ONTAP_NEW_FORMAT: "yes" - SC4S_USE_VPS_CACHE: "yes" + steps: - name: Checkout uses: actions/checkout@v4 with: submodules: false persist-credentials: false + - name: Install Ansible and other dependencies as python package + run: | + pip install ansible~=6.1.0 --no-cache-dir \ + && pip install pywinrm>=0.4.2 --no-cache-dir \ + && pip install ansible-lint>=6.0.0 --no-cache-dir \ + && pip install docker + - name: Configure Ansible Environment Variables + env: + ANSIBLE_CONFIG: ansible.cfg + ANSIBLE_HOST_KEY_CHECKING: False + run: | + echo "ANSIBLE_CONFIG is set to: $ANSIBLE_CONFIG" + echo "ANSIBLE_HOST_KEY_CHECKING is set to: $ANSIBLE_HOST_KEY_CHECKING" + sudo systemctl set-environment SC4S_IMAGE=${{ needs.meta.outputs.container_base }} + - name: Update inventory file + run: | + cat << EOF > ansible/inventory/inventory.yaml + --- + all: + hosts: + children: + node: + hosts: + node_1: + ansible_host: 127.0.0.1 + ansible_connection: local + ansible_user: root + - name: Update env_file + run: | + echo "Updating ansible/inventory/inventory.yaml" + cat << EOF > ansible/resources/env_file + SC4S_DEST_SPLUNK_HEC_DEFAULT_URL=https://127.0.0.1:8088 + SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN=70b6ae71-76b3-4c38-9597-0c5b37ad9630 + SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY=no + SC4S_DEST_SPLUNK_HEC_DEFAULT_HTTP_COMPRESSION=yes + SC4S_LISTEN_PFSENSE_FIREWALL_TCP_PORT=6000 + SC4S_LISTEN_SIMPLE_TEST_ONE_TCP_PORT=5514 + SC4S_LISTEN_SIMPLE_TEST_ONE_UDP_PORT=5514 + SC4S_LISTEN_SIMPLE_TEST_TWO_TCP_PORT=5601 + SC4S_LISTEN_SPECTRACOM_NTP_TCP_PORT=6002 + SC4S_LISTEN_CISCO_ESA_TCP_PORT=9000 + SC4S_LISTEN_RARITAN_DSX_TCP_PORT=9001 + SC4S_LISTEN_CHECKPOINT_SPLUNK_NOISE_CONTROL=yes + SC4S_SOURCE_RICOH_SYSLOG_FIXHOST=yes + TEST_SC4S_ACTIVATE_EXAMPLES=yes + SC4S_DEBUG_CONTAINER=yes + SC4S_SOURCE_VMWARE_VSPHERE_GROUPMSG=yes + SC4S_NETAPP_ONTAP_NEW_FORMAT=yes + SC4S_USE_VPS_CACHE=yes + - name: Update current SC4S image in unit file + run: | + sed -i 's|Environment="SC4S_IMAGE=ghcr.io/splunk/splunk-connect-for-syslog/container3:latest"|Environment="SC4S_IMAGE=${{ needs.meta.outputs.container_base }}"|' ansible/resources/${{ matrix.deployment_type }}_sc4s.service + - name: Run Ansible Playbook + run: | + ansible-playbook --connection=local -i ansible/inventory/inventory.yaml ansible/playbooks/${{ matrix.deployment_type }}.yml - name: Run tests run: | pip3 install poetry @@ -245,22 +275,34 @@ jobs: poetry run pytest -v --tb=long \ --splunk_type=external \ --splunk_hec_token=70b6ae71-76b3-4c38-9597-0c5b37ad9630 \ - --splunk_host=splunk \ - --sc4s_host=sc4s \ + --splunk_host=127.0.0.1 \ + --sc4s_host=127.0.0.1 \ --junitxml=test-results/test.xml \ -n 14 \ -k 'not lite and not name_cache' - test-ipv4-name-cache: + - name: artifact-test-results + uses: actions/upload-artifact@v4 + with: + name: test-container-results_${{ matrix.deployment_type }}.xml + path: test-results/test.xml + if: ${{ !cancelled() }} + + test-name-cache: + strategy: + matrix: + deployment_type: ["docker", "podman"] + SC4S_IPV6_ENABLE: ["yes","no"] runs-on: ubuntu-latest + continue-on-error: true needs: - meta - build_action - container: - image: python:3.9-buster + services: splunk: image: splunk/splunk:${{ fromJson(needs.meta.outputs.matrix_supportedSplunk)[0].version }} ports: + - 8000:8000 - 8088:8088 - 8089:8089 env: @@ -268,70 +310,56 @@ jobs: SPLUNK_PASSWORD: Changed@11 SPLUNK_START_ARGS: --accept-license SPLUNK_APPS_URL: https://github.com/splunk/splunk-configurations-base-indexes/releases/download/v1.0.0/splunk_configurations_base_indexes-1.0.0.tar.gz - sc4s: - image: ${{ needs.meta.outputs.container_base }} - ports: - - 514:514 - env: - SC4S_DEST_SPLUNK_HEC_DEFAULT_URL: https://splunk:8088 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN: 70b6ae71-76b3-4c38-9597-0c5b37ad9630 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY: "no" - SC4S_USE_NAME_CACHE: "yes" - SC4S_CLEAR_NAME_CACHE: "yes" + steps: - name: Checkout uses: actions/checkout@v4 with: submodules: false persist-credentials: false - - name: Run tests + - name: Install Ansible and other dependencies as python package run: | - pip3 install poetry - poetry install - mkdir -p test-results || true - poetry run pytest -v --tb=long \ - --splunk_type=external \ - --splunk_hec_token=70b6ae71-76b3-4c38-9597-0c5b37ad9630 \ - --splunk_host=splunk \ - --sc4s_host=sc4s \ - --junitxml=test-results/test.xml \ - -n 1 \ - -m 'name_cache' - test-ipv6-name-cache: - runs-on: ubuntu-latest - needs: - - meta - - build_action - container: - image: python:3.9-buster - services: - splunk: - image: splunk/splunk:${{ fromJson(needs.meta.outputs.matrix_supportedSplunk)[0].version }} - ports: - - 8088:8088 - - 8089:8089 - env: - SPLUNK_HEC_TOKEN: 70b6ae71-76b3-4c38-9597-0c5b37ad9630 - SPLUNK_PASSWORD: Changed@11 - SPLUNK_START_ARGS: --accept-license - SPLUNK_APPS_URL: https://github.com/splunk/splunk-configurations-base-indexes/releases/download/v1.0.0/splunk_configurations_base_indexes-1.0.0.tar.gz - sc4s: - image: ${{ needs.meta.outputs.container_base }} - ports: - - 514:514 + pip install ansible~=6.1.0 --no-cache-dir \ + && pip install pywinrm>=0.4.2 --no-cache-dir \ + && pip install ansible-lint>=6.0.0 --no-cache-dir \ + && pip install docker + - name: Configure Ansible Environment Variables env: - SC4S_DEST_SPLUNK_HEC_DEFAULT_URL: https://splunk:8088 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN: 70b6ae71-76b3-4c38-9597-0c5b37ad9630 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY: "no" + ANSIBLE_CONFIG: ansible.cfg + ANSIBLE_HOST_KEY_CHECKING: False + run: | + echo "ANSIBLE_CONFIG is set to: $ANSIBLE_CONFIG" + echo "ANSIBLE_HOST_KEY_CHECKING is set to: $ANSIBLE_HOST_KEY_CHECKING" + sudo systemctl set-environment SC4S_IMAGE=${{ needs.meta.outputs.container_base }} + - name: Update inventory file + run: | + cat << EOF > ansible/inventory/inventory.yaml + --- + all: + hosts: + children: + node: + hosts: + node_1: + ansible_host: 127.0.0.1 + ansible_connection: local + ansible_user: root + - name: Update env_file + run: | + echo "Updating ansible/inventory/inventory.yaml" + cat << EOF > ansible/resources/env_file + SC4S_DEST_SPLUNK_HEC_DEFAULT_URL=https://127.0.0.1:8088 + SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN=70b6ae71-76b3-4c38-9597-0c5b37ad9630 + SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY=no SC4S_USE_NAME_CACHE: "yes" SC4S_CLEAR_NAME_CACHE: "yes" - SC4S_IPV6_ENABLE: "yes" - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - submodules: false - persist-credentials: false + SC4S_IPV6_ENABLE: "${{ matrix.SC4S_IPV6_ENABLE }}" + - name: Update current SC4S image in unit file + run: | + sed -i 's|Environment="SC4S_IMAGE=ghcr.io/splunk/splunk-connect-for-syslog/container3:latest"|Environment="SC4S_IMAGE=${{ needs.meta.outputs.container_base }}"|' ansible/resources/${{ matrix.deployment_type }}_sc4s.service + - name: Run Ansible Playbook + run: | + ansible-playbook --connection=local -i ansible/inventory/inventory.yaml ansible/playbooks/${{ matrix.deployment_type }}.yml - name: Run tests run: | pip3 install poetry @@ -340,11 +368,17 @@ jobs: poetry run pytest -v --tb=long \ --splunk_type=external \ --splunk_hec_token=70b6ae71-76b3-4c38-9597-0c5b37ad9630 \ - --splunk_host=splunk \ - --sc4s_host=sc4s \ + --splunk_host=127.0.0.1 \ + --sc4s_host=127.0.0.1 \ --junitxml=test-results/test.xml \ -n 1 \ -m 'name_cache' + - name: artifact-test-results + uses: actions/upload-artifact@v4 + with: + name: test-name-cache-results_${{ matrix.deployment_type }}_IPv6_${{ matrix.SC4S_IPV6_ENABLE }}.xml + path: test-results/test.xml + if: ${{ !cancelled() }} release: name: Release runs-on: ubuntu-latest @@ -352,7 +386,7 @@ jobs: - meta - build_action - test-container - - test-ipv4-name-cache + - test-name-cache steps: - uses: actions/checkout@v4 with: diff --git a/.github/workflows/ci-lite.yaml b/.github/workflows/ci-lite.yaml index 79c5066140..a477dba2b3 100644 --- a/.github/workflows/ci-lite.yaml +++ b/.github/workflows/ci-lite.yaml @@ -178,14 +178,14 @@ jobs: scanners: "vuln" test-container: + strategy: + matrix: + deployment_type: ["docker", "podman"] runs-on: ubuntu-latest + continue-on-error: true needs: - meta - build_action - # runs all of the steps inside the specified container rather than on the VM host. - # Because of this the network configuration changes from host based network to a container network. - container: - image: python:3.9-buster services: splunk: @@ -200,41 +200,67 @@ jobs: SPLUNK_START_ARGS: --accept-license SPLUNK_APPS_URL: https://github.com/splunk/splunk-configurations-base-indexes/releases/download/v1.0.0/splunk_configurations_base_indexes-1.0.0.tar.gz - sc4s: - image: ${{ needs.meta.outputs.container_base }} - ports: - - 514:514 - - 601:601 - - 5614:5514 - - 5601:5601 - - 6000:6000 - - 6002:6002 - - 9000:9000 - env: - SC4S_DEST_SPLUNK_HEC_DEFAULT_URL: https://splunk:8088 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN: 70b6ae71-76b3-4c38-9597-0c5b37ad9630 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY: "no" - SC4S_DEST_SPLUNK_HEC_DEFAULT_HTTP_COMPRESSION: "yes" - SC4S_LISTEN_PFSENSE_FIREWALL_TCP_PORT: 6000 - SC4S_LISTEN_SIMPLE_TEST_ONE_TCP_PORT: 5514 - SC4S_LISTEN_SIMPLE_TEST_ONE_UDP_PORT: 5514 - SC4S_LISTEN_SIMPLE_TEST_TWO_TCP_PORT: 5601 - SC4S_LISTEN_SPECTRACOM_NTP_TCP_PORT: 6002 - SC4S_LISTEN_CISCO_ESA_TCP_PORT: 9000 - SC4S_LISTEN_RARITAN_DSX_TCP_PORT: 9001 - SC4S_LISTEN_CHECKPOINT_SPLUNK_NOISE_CONTROL: "yes" - SC4S_SOURCE_RICOH_SYSLOG_FIXHOST: "yes" - TEST_SC4S_ACTIVATE_EXAMPLES: "yes" - SC4S_DEBUG_CONTAINER: "yes" - SC4S_SOURCE_VMWARE_VSPHERE_GROUPMSG: "yes" - SC4S_NETAPP_ONTAP_NEW_FORMAT: "yes" - SC4S_USE_VPS_CACHE: "yes" steps: - name: Checkout uses: actions/checkout@v4 with: submodules: false persist-credentials: false + - name: Install Ansible and other dependencies as python package + run: | + pip install ansible~=6.1.0 --no-cache-dir \ + && pip install pywinrm>=0.4.2 --no-cache-dir \ + && pip install ansible-lint>=6.0.0 --no-cache-dir \ + && pip install docker + - name: Configure Ansible Environment Variables + env: + ANSIBLE_CONFIG: ansible.cfg + ANSIBLE_HOST_KEY_CHECKING: False + run: | + echo "ANSIBLE_CONFIG is set to: $ANSIBLE_CONFIG" + echo "ANSIBLE_HOST_KEY_CHECKING is set to: $ANSIBLE_HOST_KEY_CHECKING" + sudo systemctl set-environment SC4S_IMAGE=${{ needs.meta.outputs.container_base }} + - name: Update inventory file + run: | + cat << EOF > ansible/inventory/inventory.yaml + --- + all: + hosts: + children: + node: + hosts: + node_1: + ansible_host: 127.0.0.1 + ansible_connection: local + ansible_user: root + - name: Update env_file + run: | + echo "Updating ansible/inventory/inventory.yaml" + cat << EOF > ansible/resources/env_file + SC4S_DEST_SPLUNK_HEC_DEFAULT_URL=https://127.0.0.1:8088 + SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN=70b6ae71-76b3-4c38-9597-0c5b37ad9630 + SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY=no + SC4S_DEST_SPLUNK_HEC_DEFAULT_HTTP_COMPRESSION=yes + SC4S_LISTEN_PFSENSE_FIREWALL_TCP_PORT=6000 + SC4S_LISTEN_SIMPLE_TEST_ONE_TCP_PORT=5514 + SC4S_LISTEN_SIMPLE_TEST_ONE_UDP_PORT=5514 + SC4S_LISTEN_SIMPLE_TEST_TWO_TCP_PORT=5601 + SC4S_LISTEN_SPECTRACOM_NTP_TCP_PORT=6002 + SC4S_LISTEN_CISCO_ESA_TCP_PORT=9000 + SC4S_LISTEN_RARITAN_DSX_TCP_PORT=9001 + SC4S_LISTEN_CHECKPOINT_SPLUNK_NOISE_CONTROL=yes + SC4S_SOURCE_RICOH_SYSLOG_FIXHOST=yes + TEST_SC4S_ACTIVATE_EXAMPLES=yes + SC4S_DEBUG_CONTAINER=yes + SC4S_SOURCE_VMWARE_VSPHERE_GROUPMSG=yes + SC4S_NETAPP_ONTAP_NEW_FORMAT=yes + SC4S_USE_VPS_CACHE=yes + - name: Update current SC4S image in unit file + run: | + sed -i 's|Environment="SC4S_IMAGE=ghcr.io/splunk/splunk-connect-for-syslog/container3:latest"|Environment="SC4S_IMAGE=${{ needs.meta.outputs.container_base }}"|' ansible/resources/${{ matrix.deployment_type }}_sc4s.service + - name: Run Ansible Playbook + run: | + ansible-playbook --connection=local -i ansible/inventory/inventory.yaml ansible/playbooks/${{ matrix.deployment_type }}.yml - name: Run tests run: | pip3 install poetry @@ -243,24 +269,33 @@ jobs: poetry run pytest -v --tb=long \ --splunk_type=external \ --splunk_hec_token=70b6ae71-76b3-4c38-9597-0c5b37ad9630 \ - --splunk_host=splunk \ - --sc4s_host=sc4s \ + --splunk_host=127.0.0.1 \ + --sc4s_host=127.0.0.1 \ --junitxml=test-results/test.xml \ -n 14 -m "lite or addons" - - test-ipv4-name-cache: + - name: artifact-test-results + uses: actions/upload-artifact@v4 + with: + name: test-container-results_${{ matrix.deployment_type }}.xml + path: test-results/test.xml + if: ${{ !cancelled() }} + + test-name-cache: + strategy: + matrix: + deployment_type: ["docker", "podman"] + SC4S_IPV6_ENABLE: ["yes","no"] runs-on: ubuntu-latest + continue-on-error: true needs: - meta - build_action - # runs all of the steps inside the specified container rather than on the VM host. - # Because of this the network configuration changes from host based network to a container network. - container: - image: python:3.9-buster + services: splunk: image: splunk/splunk:${{ fromJson(needs.meta.outputs.matrix_supportedSplunk)[0].version }} ports: + - 8000:8000 - 8088:8088 - 8089:8089 env: @@ -269,76 +304,55 @@ jobs: SPLUNK_START_ARGS: --accept-license SPLUNK_APPS_URL: https://github.com/splunk/splunk-configurations-base-indexes/releases/download/v1.0.0/splunk_configurations_base_indexes-1.0.0.tar.gz - sc4s: - image: ${{ needs.meta.outputs.container_base }} - ports: - - 514:514 - env: - SC4S_DEST_SPLUNK_HEC_DEFAULT_URL: https://splunk:8088 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN: 70b6ae71-76b3-4c38-9597-0c5b37ad9630 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY: "no" - SC4S_USE_NAME_CACHE: "yes" - SC4S_CLEAR_NAME_CACHE: "yes" - steps: - name: Checkout uses: actions/checkout@v4 with: submodules: false persist-credentials: false - - name: Run tests + - name: Install Ansible and other dependencies as python package run: | - pip3 install poetry - poetry install - mkdir -p test-results || true - poetry run pytest -v --tb=long \ - --splunk_type=external \ - --splunk_hec_token=70b6ae71-76b3-4c38-9597-0c5b37ad9630 \ - --splunk_host=splunk \ - --sc4s_host=sc4s \ - --junitxml=test-results/test.xml \ - -n 1 \ - -m 'name_cache' - - test-ipv6-name-cache: - runs-on: ubuntu-latest - needs: - - meta - - build_action - # runs all of the steps inside the specified container rather than on the VM host. - # Because of this the network configuration changes from host based network to a container network. - container: - image: python:3.9-buster - services: - splunk: - image: splunk/splunk:${{ fromJson(needs.meta.outputs.matrix_supportedSplunk)[0].version }} - ports: - - 8088:8088 - - 8089:8089 - env: - SPLUNK_HEC_TOKEN: 70b6ae71-76b3-4c38-9597-0c5b37ad9630 - SPLUNK_PASSWORD: Changed@11 - SPLUNK_START_ARGS: --accept-license - SPLUNK_APPS_URL: https://github.com/splunk/splunk-configurations-base-indexes/releases/download/v1.0.0/splunk_configurations_base_indexes-1.0.0.tar.gz - - sc4s: - image: ${{ needs.meta.outputs.container_base }} - ports: - - 514:514 + pip install ansible~=6.1.0 --no-cache-dir \ + && pip install pywinrm>=0.4.2 --no-cache-dir \ + && pip install ansible-lint>=6.0.0 --no-cache-dir \ + && pip install docker + - name: Configure Ansible Environment Variables env: - SC4S_DEST_SPLUNK_HEC_DEFAULT_URL: https://splunk:8088 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN: 70b6ae71-76b3-4c38-9597-0c5b37ad9630 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY: "no" + ANSIBLE_CONFIG: ansible.cfg + ANSIBLE_HOST_KEY_CHECKING: False + run: | + echo "ANSIBLE_CONFIG is set to: $ANSIBLE_CONFIG" + echo "ANSIBLE_HOST_KEY_CHECKING is set to: $ANSIBLE_HOST_KEY_CHECKING" + sudo systemctl set-environment SC4S_IMAGE=${{ needs.meta.outputs.container_base }} + - name: Update inventory file + run: | + cat << EOF > ansible/inventory/inventory.yaml + --- + all: + hosts: + children: + node: + hosts: + node_1: + ansible_host: 127.0.0.1 + ansible_connection: local + ansible_user: root + - name: Update env_file + run: | + echo "Updating ansible/inventory/inventory.yaml" + cat << EOF > ansible/resources/env_file + SC4S_DEST_SPLUNK_HEC_DEFAULT_URL=https://127.0.0.1:8088 + SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN=70b6ae71-76b3-4c38-9597-0c5b37ad9630 + SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY=no SC4S_USE_NAME_CACHE: "yes" SC4S_CLEAR_NAME_CACHE: "yes" - SC4S_IPV6_ENABLE: "yes" - - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - submodules: false - persist-credentials: false + SC4S_IPV6_ENABLE: "${{ matrix.SC4S_IPV6_ENABLE }}" + - name: Update current SC4S image in unit file + run: | + sed -i 's|Environment="SC4S_IMAGE=ghcr.io/splunk/splunk-connect-for-syslog/container3:latest"|Environment="SC4S_IMAGE=${{ needs.meta.outputs.container_base }}"|' ansible/resources/${{ matrix.deployment_type }}_sc4s.service + - name: Run Ansible Playbook + run: | + ansible-playbook --connection=local -i ansible/inventory/inventory.yaml ansible/playbooks/${{ matrix.deployment_type }}.yml - name: Run tests run: | pip3 install poetry @@ -347,11 +361,17 @@ jobs: poetry run pytest -v --tb=long \ --splunk_type=external \ --splunk_hec_token=70b6ae71-76b3-4c38-9597-0c5b37ad9630 \ - --splunk_host=splunk \ - --sc4s_host=sc4s \ + --splunk_host=127.0.0.1 \ + --sc4s_host=127.0.0.1 \ --junitxml=test-results/test.xml \ -n 1 \ -m 'name_cache' + - name: artifact-test-results + uses: actions/upload-artifact@v4 + with: + name: test-name-cache-results_${{ matrix.deployment_type }}_IPv6_${{ matrix.SC4S_IPV6_ENABLE }}.xml + path: test-results/test.xml + if: ${{ !cancelled() }} test-healthcheck: runs-on: ubuntu-latest @@ -412,8 +432,7 @@ jobs: - meta - build_action - test-container - - test-ipv4-name-cache - - test-ipv6-name-cache + - test-name-cache - test-healthcheck - test-healthcheck-unit-tests steps: diff --git a/.github/workflows/ci-main.yaml b/.github/workflows/ci-main.yaml index a2cdbb3280..c403920499 100644 --- a/.github/workflows/ci-main.yaml +++ b/.github/workflows/ci-main.yaml @@ -178,14 +178,14 @@ jobs: scanners: "vuln" test-container: + strategy: + matrix: + deployment_type: ["docker", "podman"] runs-on: ubuntu-latest + continue-on-error: true needs: - meta - build_action - # runs all of the steps inside the specified container rather than on the VM host. - # Because of this the network configuration changes from host based network to a container network. - container: - image: python:3.9-buster services: splunk: @@ -200,42 +200,67 @@ jobs: SPLUNK_START_ARGS: --accept-license SPLUNK_APPS_URL: https://github.com/splunk/splunk-configurations-base-indexes/releases/download/v1.0.0/splunk_configurations_base_indexes-1.0.0.tar.gz - sc4s: - image: ${{ needs.meta.outputs.container_base }} - ports: - - 514:514 - - 601:601 - - 5614:5514 - - 5601:5601 - - 6000:6000 - - 6002:6002 - - 9000:9000 - env: - SC4S_DEST_SPLUNK_HEC_DEFAULT_URL: https://splunk:8088 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN: 70b6ae71-76b3-4c38-9597-0c5b37ad9630 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY: "no" - SC4S_DEST_SPLUNK_HEC_DEFAULT_HTTP_COMPRESSION: "yes" - SC4S_LISTEN_PFSENSE_FIREWALL_TCP_PORT: 6000 - SC4S_LISTEN_SIMPLE_TEST_ONE_TCP_PORT: 5514 - SC4S_LISTEN_SIMPLE_TEST_ONE_UDP_PORT: 5514 - SC4S_LISTEN_SIMPLE_TEST_TWO_TCP_PORT: 5601 - SC4S_LISTEN_SPECTRACOM_NTP_TCP_PORT: 6002 - SC4S_LISTEN_CISCO_ESA_TCP_PORT: 9000 - SC4S_LISTEN_RARITAN_DSX_TCP_PORT: 9001 - SC4S_LISTEN_CHECKPOINT_SPLUNK_NOISE_CONTROL: "yes" - SC4S_SOURCE_RICOH_SYSLOG_FIXHOST: "yes" - TEST_SC4S_ACTIVATE_EXAMPLES: "yes" - SC4S_DEBUG_CONTAINER: "yes" - SC4S_SOURCE_VMWARE_VSPHERE_GROUPMSG: "yes" - SC4S_NETAPP_ONTAP_NEW_FORMAT: "yes" - SC4S_USE_VPS_CACHE: "yes" - steps: - name: Checkout uses: actions/checkout@v4 with: submodules: false persist-credentials: false + - name: Install Ansible and other dependencies as python package + run: | + pip install ansible~=6.1.0 --no-cache-dir \ + && pip install pywinrm>=0.4.2 --no-cache-dir \ + && pip install ansible-lint>=6.0.0 --no-cache-dir \ + && pip install docker + - name: Configure Ansible Environment Variables + env: + ANSIBLE_CONFIG: ansible.cfg + ANSIBLE_HOST_KEY_CHECKING: False + run: | + echo "ANSIBLE_CONFIG is set to: $ANSIBLE_CONFIG" + echo "ANSIBLE_HOST_KEY_CHECKING is set to: $ANSIBLE_HOST_KEY_CHECKING" + sudo systemctl set-environment SC4S_IMAGE=${{ needs.meta.outputs.container_base }} + - name: Update inventory file + run: | + cat << EOF > ansible/inventory/inventory.yaml + --- + all: + hosts: + children: + node: + hosts: + node_1: + ansible_host: 127.0.0.1 + ansible_connection: local + ansible_user: root + - name: Update env_file + run: | + echo "Updating ansible/inventory/inventory.yaml" + cat << EOF > ansible/resources/env_file + SC4S_DEST_SPLUNK_HEC_DEFAULT_URL=https://127.0.0.1:8088 + SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN=70b6ae71-76b3-4c38-9597-0c5b37ad9630 + SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY=no + SC4S_DEST_SPLUNK_HEC_DEFAULT_HTTP_COMPRESSION=yes + SC4S_LISTEN_PFSENSE_FIREWALL_TCP_PORT=6000 + SC4S_LISTEN_SIMPLE_TEST_ONE_TCP_PORT=5514 + SC4S_LISTEN_SIMPLE_TEST_ONE_UDP_PORT=5514 + SC4S_LISTEN_SIMPLE_TEST_TWO_TCP_PORT=5601 + SC4S_LISTEN_SPECTRACOM_NTP_TCP_PORT=6002 + SC4S_LISTEN_CISCO_ESA_TCP_PORT=9000 + SC4S_LISTEN_RARITAN_DSX_TCP_PORT=9001 + SC4S_LISTEN_CHECKPOINT_SPLUNK_NOISE_CONTROL=yes + SC4S_SOURCE_RICOH_SYSLOG_FIXHOST=yes + TEST_SC4S_ACTIVATE_EXAMPLES=yes + SC4S_DEBUG_CONTAINER=yes + SC4S_SOURCE_VMWARE_VSPHERE_GROUPMSG=yes + SC4S_NETAPP_ONTAP_NEW_FORMAT=yes + SC4S_USE_VPS_CACHE=yes + - name: Update current SC4S image in unit file + run: | + sed -i 's|Environment="SC4S_IMAGE=ghcr.io/splunk/splunk-connect-for-syslog/container3:latest"|Environment="SC4S_IMAGE=${{ needs.meta.outputs.container_base }}"|' ansible/resources/${{ matrix.deployment_type }}_sc4s.service + - name: Run Ansible Playbook + run: | + ansible-playbook --connection=local -i ansible/inventory/inventory.yaml ansible/playbooks/${{ matrix.deployment_type }}.yml - name: Run tests run: | pip3 install poetry @@ -244,25 +269,34 @@ jobs: poetry run pytest -v --tb=long \ --splunk_type=external \ --splunk_hec_token=70b6ae71-76b3-4c38-9597-0c5b37ad9630 \ - --splunk_host=splunk \ - --sc4s_host=sc4s \ + --splunk_host=127.0.0.1 \ + --sc4s_host=127.0.0.1 \ --junitxml=test-results/test.xml \ -n 14 \ -k 'not lite and not name_cache' + - name: artifact-test-results + uses: actions/upload-artifact@v4 + with: + name: test-container-results_${{ matrix.deployment_type }}.xml + path: test-results/test.xml + if: ${{ !cancelled() }} - test-ipv4-name-cache: + test-name-cache: + strategy: + matrix: + deployment_type: ["docker", "podman"] + SC4S_IPV6_ENABLE: ["yes","no"] runs-on: ubuntu-latest + continue-on-error: true needs: - meta - build_action - # runs all of the steps inside the specified container rather than on the VM host. - # Because of this the network configuration changes from host based network to a container network. - container: - image: python:3.9-buster + services: splunk: image: splunk/splunk:${{ fromJson(needs.meta.outputs.matrix_supportedSplunk)[0].version }} ports: + - 8000:8000 - 8088:8088 - 8089:8089 env: @@ -271,76 +305,55 @@ jobs: SPLUNK_START_ARGS: --accept-license SPLUNK_APPS_URL: https://github.com/splunk/splunk-configurations-base-indexes/releases/download/v1.0.0/splunk_configurations_base_indexes-1.0.0.tar.gz - sc4s: - image: ${{ needs.meta.outputs.container_base }} - ports: - - 514:514 - env: - SC4S_DEST_SPLUNK_HEC_DEFAULT_URL: https://splunk:8088 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN: 70b6ae71-76b3-4c38-9597-0c5b37ad9630 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY: "no" - SC4S_USE_NAME_CACHE: "yes" - SC4S_CLEAR_NAME_CACHE: "yes" - steps: - name: Checkout uses: actions/checkout@v4 with: submodules: false persist-credentials: false - - name: Run tests + - name: Install Ansible and other dependencies as python package run: | - pip3 install poetry - poetry install - mkdir -p test-results || true - poetry run pytest -v --tb=long \ - --splunk_type=external \ - --splunk_hec_token=70b6ae71-76b3-4c38-9597-0c5b37ad9630 \ - --splunk_host=splunk \ - --sc4s_host=sc4s \ - --junitxml=test-results/test.xml \ - -n 1 \ - -m 'name_cache' - - test-ipv6-name-cache: - runs-on: ubuntu-latest - needs: - - meta - - build_action - # runs all of the steps inside the specified container rather than on the VM host. - # Because of this the network configuration changes from host based network to a container network. - container: - image: python:3.9-buster - services: - splunk: - image: splunk/splunk:${{ fromJson(needs.meta.outputs.matrix_supportedSplunk)[0].version }} - ports: - - 8088:8088 - - 8089:8089 - env: - SPLUNK_HEC_TOKEN: 70b6ae71-76b3-4c38-9597-0c5b37ad9630 - SPLUNK_PASSWORD: Changed@11 - SPLUNK_START_ARGS: --accept-license - SPLUNK_APPS_URL: https://github.com/splunk/splunk-configurations-base-indexes/releases/download/v1.0.0/splunk_configurations_base_indexes-1.0.0.tar.gz - - sc4s: - image: ${{ needs.meta.outputs.container_base }} - ports: - - 514:514 + pip install ansible~=6.1.0 --no-cache-dir \ + && pip install pywinrm>=0.4.2 --no-cache-dir \ + && pip install ansible-lint>=6.0.0 --no-cache-dir \ + && pip install docker + - name: Configure Ansible Environment Variables env: - SC4S_DEST_SPLUNK_HEC_DEFAULT_URL: https://splunk:8088 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN: 70b6ae71-76b3-4c38-9597-0c5b37ad9630 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY: "no" + ANSIBLE_CONFIG: ansible.cfg + ANSIBLE_HOST_KEY_CHECKING: False + run: | + echo "ANSIBLE_CONFIG is set to: $ANSIBLE_CONFIG" + echo "ANSIBLE_HOST_KEY_CHECKING is set to: $ANSIBLE_HOST_KEY_CHECKING" + sudo systemctl set-environment SC4S_IMAGE=${{ needs.meta.outputs.container_base }} + - name: Update inventory file + run: | + cat << EOF > ansible/inventory/inventory.yaml + --- + all: + hosts: + children: + node: + hosts: + node_1: + ansible_host: 127.0.0.1 + ansible_connection: local + ansible_user: root + - name: Update env_file + run: | + echo "Updating ansible/inventory/inventory.yaml" + cat << EOF > ansible/resources/env_file + SC4S_DEST_SPLUNK_HEC_DEFAULT_URL=https://127.0.0.1:8088 + SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN=70b6ae71-76b3-4c38-9597-0c5b37ad9630 + SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY=no SC4S_USE_NAME_CACHE: "yes" SC4S_CLEAR_NAME_CACHE: "yes" - SC4S_IPV6_ENABLE: "yes" - - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - submodules: false - persist-credentials: false + SC4S_IPV6_ENABLE: "${{ matrix.SC4S_IPV6_ENABLE }}" + - name: Update current SC4S image in unit file + run: | + sed -i 's|Environment="SC4S_IMAGE=ghcr.io/splunk/splunk-connect-for-syslog/container3:latest"|Environment="SC4S_IMAGE=${{ needs.meta.outputs.container_base }}"|' ansible/resources/${{ matrix.deployment_type }}_sc4s.service + - name: Run Ansible Playbook + run: | + ansible-playbook --connection=local -i ansible/inventory/inventory.yaml ansible/playbooks/${{ matrix.deployment_type }}.yml - name: Run tests run: | pip3 install poetry @@ -349,11 +362,17 @@ jobs: poetry run pytest -v --tb=long \ --splunk_type=external \ --splunk_hec_token=70b6ae71-76b3-4c38-9597-0c5b37ad9630 \ - --splunk_host=splunk \ - --sc4s_host=sc4s \ + --splunk_host=127.0.0.1 \ + --sc4s_host=127.0.0.1 \ --junitxml=test-results/test.xml \ -n 1 \ -m 'name_cache' + - name: artifact-test-results + uses: actions/upload-artifact@v4 + with: + name: test-name-cache-results_${{ matrix.deployment_type }}_IPv6_${{ matrix.SC4S_IPV6_ENABLE }}.xml + path: test-results/test.xml + if: ${{ !cancelled() }} test-healthcheck: runs-on: ubuntu-latest @@ -437,8 +456,7 @@ jobs: - meta - build_action - test-container - - test-ipv4-name-cache - - test-ipv6-name-cache + - test-name-cache - test-healthcheck - test-healthcheck-unit-tests - mike diff --git a/ansible/roles/install_docker/tasks/install_docker_debian.yml b/ansible/roles/install_docker/tasks/install_docker_debian.yml index 21a517907d..d3d434a774 100644 --- a/ansible/roles/install_docker/tasks/install_docker_debian.yml +++ b/ansible/roles/install_docker/tasks/install_docker_debian.yml @@ -23,10 +23,16 @@ repo: deb https://download.docker.com/linux/ubuntu focal stable state: present +- name: Check if 'docker' command exists + ansible.builtin.command: which docker + register: docker_command_check + ignore_errors: true + - name: Install docker-ce apt: name: docker-ce state: latest + when: docker_command_check.rc != 0 - name: Install Docker Module for Python pip: diff --git a/ansible/tasks/docker/deploy_app.yml b/ansible/tasks/docker/deploy_app.yml index 50462fac88..85ad163724 100644 --- a/ansible/tasks/docker/deploy_app.yml +++ b/ansible/tasks/docker/deploy_app.yml @@ -12,7 +12,7 @@ - name: Copying unit file on the server copy: - src: "/opt/ansible/resources/docker_sc4s.service" + src: "../../../ansible/resources/docker_sc4s.service" dest: "/lib/systemd/system/sc4s.service" owner: "{{ ansible_user }}" group: "{{ ansible_user }}" @@ -20,7 +20,7 @@ - name: Copying env_file file on the server copy: - src: "/opt/ansible/resources/env_file" + src: "../../../ansible/resources/env_file" dest: "/opt/sc4s/env_file" owner: "{{ ansible_user }}" group: "{{ ansible_user }}" diff --git a/ansible/tasks/podman/deploy_app.yml b/ansible/tasks/podman/deploy_app.yml index 07632d8eaa..f74fe85807 100644 --- a/ansible/tasks/podman/deploy_app.yml +++ b/ansible/tasks/podman/deploy_app.yml @@ -12,7 +12,7 @@ - name: Copying unit file on the server copy: - src: "/opt/ansible/resources/podman_sc4s.service" + src: "../../../ansible/resources/podman_sc4s.service" dest: "/lib/systemd/system/sc4s.service" owner: "{{ ansible_user }}" group: "{{ ansible_user }}" @@ -20,7 +20,7 @@ - name: Copying env_file file on the server copy: - src: "/opt/ansible/resources/env_file" + src: "../../../ansible/resources/env_file" dest: "/opt/sc4s/env_file" owner: "{{ ansible_user }}" group: "{{ ansible_user }}" From 46957215c3a5483d5bfa8093652421ecadbd1c73 Mon Sep 17 00:00:00 2001 From: pdudhaiya-crest Date: Thu, 6 Nov 2025 12:23:31 +0530 Subject: [PATCH 5/7] chore: add no cache for docker as well --- .github/workflows/ci-enterprise.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci-enterprise.yaml b/.github/workflows/ci-enterprise.yaml index 7222bdbfbc..83e472b93c 100644 --- a/.github/workflows/ci-enterprise.yaml +++ b/.github/workflows/ci-enterprise.yaml @@ -217,7 +217,7 @@ jobs: pip install ansible~=6.1.0 --no-cache-dir \ && pip install pywinrm>=0.4.2 --no-cache-dir \ && pip install ansible-lint>=6.0.0 --no-cache-dir \ - && pip install docker + && pip install docker --no-cache-dir - name: Configure Ansible Environment Variables env: ANSIBLE_CONFIG: ansible.cfg From 8cfef834fd6253157a05fda5ae4a7163471e569d Mon Sep 17 00:00:00 2001 From: pdudhaiya-crest Date: Wed, 12 Nov 2025 11:06:18 +0530 Subject: [PATCH 6/7] chore: fix name cache tests --- .github/workflows/ci-enterprise.yaml | 6 +++--- .github/workflows/ci-lite.yaml | 6 +++--- .github/workflows/ci-main.yaml | 6 +++--- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/ci-enterprise.yaml b/.github/workflows/ci-enterprise.yaml index 83e472b93c..7f42771140 100644 --- a/.github/workflows/ci-enterprise.yaml +++ b/.github/workflows/ci-enterprise.yaml @@ -351,9 +351,9 @@ jobs: SC4S_DEST_SPLUNK_HEC_DEFAULT_URL=https://127.0.0.1:8088 SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN=70b6ae71-76b3-4c38-9597-0c5b37ad9630 SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY=no - SC4S_USE_NAME_CACHE: "yes" - SC4S_CLEAR_NAME_CACHE: "yes" - SC4S_IPV6_ENABLE: "${{ matrix.SC4S_IPV6_ENABLE }}" + SC4S_USE_NAME_CACHE=yes + SC4S_CLEAR_NAME_CACHE=yes + SC4S_IPV6_ENABLE=${{ matrix.SC4S_IPV6_ENABLE }} - name: Update current SC4S image in unit file run: | sed -i 's|Environment="SC4S_IMAGE=ghcr.io/splunk/splunk-connect-for-syslog/container3:latest"|Environment="SC4S_IMAGE=${{ needs.meta.outputs.container_base }}"|' ansible/resources/${{ matrix.deployment_type }}_sc4s.service diff --git a/.github/workflows/ci-lite.yaml b/.github/workflows/ci-lite.yaml index a477dba2b3..b6fefd8a5e 100644 --- a/.github/workflows/ci-lite.yaml +++ b/.github/workflows/ci-lite.yaml @@ -344,9 +344,9 @@ jobs: SC4S_DEST_SPLUNK_HEC_DEFAULT_URL=https://127.0.0.1:8088 SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN=70b6ae71-76b3-4c38-9597-0c5b37ad9630 SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY=no - SC4S_USE_NAME_CACHE: "yes" - SC4S_CLEAR_NAME_CACHE: "yes" - SC4S_IPV6_ENABLE: "${{ matrix.SC4S_IPV6_ENABLE }}" + SC4S_USE_NAME_CACHE=yes + SC4S_CLEAR_NAME_CACHE=yes + SC4S_IPV6_ENABLE=${{ matrix.SC4S_IPV6_ENABLE }} - name: Update current SC4S image in unit file run: | sed -i 's|Environment="SC4S_IMAGE=ghcr.io/splunk/splunk-connect-for-syslog/container3:latest"|Environment="SC4S_IMAGE=${{ needs.meta.outputs.container_base }}"|' ansible/resources/${{ matrix.deployment_type }}_sc4s.service diff --git a/.github/workflows/ci-main.yaml b/.github/workflows/ci-main.yaml index c403920499..ea545ebbb1 100644 --- a/.github/workflows/ci-main.yaml +++ b/.github/workflows/ci-main.yaml @@ -345,9 +345,9 @@ jobs: SC4S_DEST_SPLUNK_HEC_DEFAULT_URL=https://127.0.0.1:8088 SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN=70b6ae71-76b3-4c38-9597-0c5b37ad9630 SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY=no - SC4S_USE_NAME_CACHE: "yes" - SC4S_CLEAR_NAME_CACHE: "yes" - SC4S_IPV6_ENABLE: "${{ matrix.SC4S_IPV6_ENABLE }}" + SC4S_USE_NAME_CACHE=yes + SC4S_CLEAR_NAME_CACHE=yes + SC4S_IPV6_ENABLE=${{ matrix.SC4S_IPV6_ENABLE }} - name: Update current SC4S image in unit file run: | sed -i 's|Environment="SC4S_IMAGE=ghcr.io/splunk/splunk-connect-for-syslog/container3:latest"|Environment="SC4S_IMAGE=${{ needs.meta.outputs.container_base }}"|' ansible/resources/${{ matrix.deployment_type }}_sc4s.service From c4e997097239b446b5c5e755fee0838d3ceffe62 Mon Sep 17 00:00:00 2001 From: pdudhaiya-crest <69460835+pdudhaiya-crest@users.noreply.github.com> Date: Thu, 20 Nov 2025 11:55:19 +0530 Subject: [PATCH 7/7] revert Update test_checkpoint.py Update ci-main.yaml update Update ci-lite.yaml Update docker_sc4s.service Update test_name_cache.py Update splunkutils.py Update conftest.py --- .github/workflows/ci-enterprise.yaml | 69 +++++++------------------- .github/workflows/ci-lite.yaml | 69 +++++++------------------- .github/workflows/ci-main.yaml | 71 ++++++++------------------- ansible/resources/docker_sc4s.service | 2 +- tests/conftest.py | 2 +- 5 files changed, 60 insertions(+), 153 deletions(-) diff --git a/.github/workflows/ci-enterprise.yaml b/.github/workflows/ci-enterprise.yaml index 7f42771140..00eca74571 100644 --- a/.github/workflows/ci-enterprise.yaml +++ b/.github/workflows/ci-enterprise.yaml @@ -290,19 +290,19 @@ jobs: test-name-cache: strategy: matrix: - deployment_type: ["docker", "podman"] SC4S_IPV6_ENABLE: ["yes","no"] runs-on: ubuntu-latest - continue-on-error: true needs: - meta - build_action - + # runs all of the steps inside the specified container rather than on the VM host. + # Because of this the network configuration changes from host based network to a container network. + container: + image: python:3.9-buster services: splunk: image: splunk/splunk:${{ fromJson(needs.meta.outputs.matrix_supportedSplunk)[0].version }} ports: - - 8000:8000 - 8088:8088 - 8089:8089 env: @@ -311,55 +311,24 @@ jobs: SPLUNK_START_ARGS: --accept-license SPLUNK_APPS_URL: https://github.com/splunk/splunk-configurations-base-indexes/releases/download/v1.0.0/splunk_configurations_base_indexes-1.0.0.tar.gz + sc4s: + image: ${{ needs.meta.outputs.container_base }} + ports: + - 514:514 + env: + SC4S_DEST_SPLUNK_HEC_DEFAULT_URL: https://splunk:8088 + SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN: 70b6ae71-76b3-4c38-9597-0c5b37ad9630 + SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY: "no" + SC4S_USE_NAME_CACHE: "yes" + SC4S_CLEAR_NAME_CACHE: "yes" + SC4S_IPV6_ENABLE: "${{ matrix.SC4S_IPV6_ENABLE }}" + steps: - name: Checkout uses: actions/checkout@v4 with: submodules: false persist-credentials: false - - name: Install Ansible and other dependencies as python package - run: | - pip install ansible~=6.1.0 --no-cache-dir \ - && pip install pywinrm>=0.4.2 --no-cache-dir \ - && pip install ansible-lint>=6.0.0 --no-cache-dir \ - && pip install docker - - name: Configure Ansible Environment Variables - env: - ANSIBLE_CONFIG: ansible.cfg - ANSIBLE_HOST_KEY_CHECKING: False - run: | - echo "ANSIBLE_CONFIG is set to: $ANSIBLE_CONFIG" - echo "ANSIBLE_HOST_KEY_CHECKING is set to: $ANSIBLE_HOST_KEY_CHECKING" - sudo systemctl set-environment SC4S_IMAGE=${{ needs.meta.outputs.container_base }} - - name: Update inventory file - run: | - cat << EOF > ansible/inventory/inventory.yaml - --- - all: - hosts: - children: - node: - hosts: - node_1: - ansible_host: 127.0.0.1 - ansible_connection: local - ansible_user: root - - name: Update env_file - run: | - echo "Updating ansible/inventory/inventory.yaml" - cat << EOF > ansible/resources/env_file - SC4S_DEST_SPLUNK_HEC_DEFAULT_URL=https://127.0.0.1:8088 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN=70b6ae71-76b3-4c38-9597-0c5b37ad9630 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY=no - SC4S_USE_NAME_CACHE=yes - SC4S_CLEAR_NAME_CACHE=yes - SC4S_IPV6_ENABLE=${{ matrix.SC4S_IPV6_ENABLE }} - - name: Update current SC4S image in unit file - run: | - sed -i 's|Environment="SC4S_IMAGE=ghcr.io/splunk/splunk-connect-for-syslog/container3:latest"|Environment="SC4S_IMAGE=${{ needs.meta.outputs.container_base }}"|' ansible/resources/${{ matrix.deployment_type }}_sc4s.service - - name: Run Ansible Playbook - run: | - ansible-playbook --connection=local -i ansible/inventory/inventory.yaml ansible/playbooks/${{ matrix.deployment_type }}.yml - name: Run tests run: | pip3 install poetry @@ -368,15 +337,15 @@ jobs: poetry run pytest -v --tb=long \ --splunk_type=external \ --splunk_hec_token=70b6ae71-76b3-4c38-9597-0c5b37ad9630 \ - --splunk_host=127.0.0.1 \ - --sc4s_host=127.0.0.1 \ + --splunk_host=splunk \ + --sc4s_host=sc4s \ --junitxml=test-results/test.xml \ -n 1 \ -m 'name_cache' - name: artifact-test-results uses: actions/upload-artifact@v4 with: - name: test-name-cache-results_${{ matrix.deployment_type }}_IPv6_${{ matrix.SC4S_IPV6_ENABLE }}.xml + name: test-name-cache-results_IPv6_${{ matrix.SC4S_IPV6_ENABLE }}.xml path: test-results/test.xml if: ${{ !cancelled() }} release: diff --git a/.github/workflows/ci-lite.yaml b/.github/workflows/ci-lite.yaml index b6fefd8a5e..b254734ee7 100644 --- a/.github/workflows/ci-lite.yaml +++ b/.github/workflows/ci-lite.yaml @@ -283,19 +283,19 @@ jobs: test-name-cache: strategy: matrix: - deployment_type: ["docker", "podman"] SC4S_IPV6_ENABLE: ["yes","no"] runs-on: ubuntu-latest - continue-on-error: true needs: - meta - build_action - + # runs all of the steps inside the specified container rather than on the VM host. + # Because of this the network configuration changes from host based network to a container network. + container: + image: python:3.9-buster services: splunk: image: splunk/splunk:${{ fromJson(needs.meta.outputs.matrix_supportedSplunk)[0].version }} ports: - - 8000:8000 - 8088:8088 - 8089:8089 env: @@ -304,55 +304,24 @@ jobs: SPLUNK_START_ARGS: --accept-license SPLUNK_APPS_URL: https://github.com/splunk/splunk-configurations-base-indexes/releases/download/v1.0.0/splunk_configurations_base_indexes-1.0.0.tar.gz + sc4s: + image: ${{ needs.meta.outputs.container_base }} + ports: + - 514:514 + env: + SC4S_DEST_SPLUNK_HEC_DEFAULT_URL: https://splunk:8088 + SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN: 70b6ae71-76b3-4c38-9597-0c5b37ad9630 + SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY: "no" + SC4S_USE_NAME_CACHE: "yes" + SC4S_CLEAR_NAME_CACHE: "yes" + SC4S_IPV6_ENABLE: "${{ matrix.SC4S_IPV6_ENABLE }}" + steps: - name: Checkout uses: actions/checkout@v4 with: submodules: false persist-credentials: false - - name: Install Ansible and other dependencies as python package - run: | - pip install ansible~=6.1.0 --no-cache-dir \ - && pip install pywinrm>=0.4.2 --no-cache-dir \ - && pip install ansible-lint>=6.0.0 --no-cache-dir \ - && pip install docker - - name: Configure Ansible Environment Variables - env: - ANSIBLE_CONFIG: ansible.cfg - ANSIBLE_HOST_KEY_CHECKING: False - run: | - echo "ANSIBLE_CONFIG is set to: $ANSIBLE_CONFIG" - echo "ANSIBLE_HOST_KEY_CHECKING is set to: $ANSIBLE_HOST_KEY_CHECKING" - sudo systemctl set-environment SC4S_IMAGE=${{ needs.meta.outputs.container_base }} - - name: Update inventory file - run: | - cat << EOF > ansible/inventory/inventory.yaml - --- - all: - hosts: - children: - node: - hosts: - node_1: - ansible_host: 127.0.0.1 - ansible_connection: local - ansible_user: root - - name: Update env_file - run: | - echo "Updating ansible/inventory/inventory.yaml" - cat << EOF > ansible/resources/env_file - SC4S_DEST_SPLUNK_HEC_DEFAULT_URL=https://127.0.0.1:8088 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN=70b6ae71-76b3-4c38-9597-0c5b37ad9630 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY=no - SC4S_USE_NAME_CACHE=yes - SC4S_CLEAR_NAME_CACHE=yes - SC4S_IPV6_ENABLE=${{ matrix.SC4S_IPV6_ENABLE }} - - name: Update current SC4S image in unit file - run: | - sed -i 's|Environment="SC4S_IMAGE=ghcr.io/splunk/splunk-connect-for-syslog/container3:latest"|Environment="SC4S_IMAGE=${{ needs.meta.outputs.container_base }}"|' ansible/resources/${{ matrix.deployment_type }}_sc4s.service - - name: Run Ansible Playbook - run: | - ansible-playbook --connection=local -i ansible/inventory/inventory.yaml ansible/playbooks/${{ matrix.deployment_type }}.yml - name: Run tests run: | pip3 install poetry @@ -361,15 +330,15 @@ jobs: poetry run pytest -v --tb=long \ --splunk_type=external \ --splunk_hec_token=70b6ae71-76b3-4c38-9597-0c5b37ad9630 \ - --splunk_host=127.0.0.1 \ - --sc4s_host=127.0.0.1 \ + --splunk_host=splunk \ + --sc4s_host=sc4s \ --junitxml=test-results/test.xml \ -n 1 \ -m 'name_cache' - name: artifact-test-results uses: actions/upload-artifact@v4 with: - name: test-name-cache-results_${{ matrix.deployment_type }}_IPv6_${{ matrix.SC4S_IPV6_ENABLE }}.xml + name: test-name-cache-results_IPv6_${{ matrix.SC4S_IPV6_ENABLE }}.xml path: test-results/test.xml if: ${{ !cancelled() }} diff --git a/.github/workflows/ci-main.yaml b/.github/workflows/ci-main.yaml index ea545ebbb1..8f80566db1 100644 --- a/.github/workflows/ci-main.yaml +++ b/.github/workflows/ci-main.yaml @@ -273,7 +273,7 @@ jobs: --sc4s_host=127.0.0.1 \ --junitxml=test-results/test.xml \ -n 14 \ - -k 'not lite and not name_cache' + -k 'checkpoint or not lite and not name_cache' - name: artifact-test-results uses: actions/upload-artifact@v4 with: @@ -284,19 +284,19 @@ jobs: test-name-cache: strategy: matrix: - deployment_type: ["docker", "podman"] SC4S_IPV6_ENABLE: ["yes","no"] runs-on: ubuntu-latest - continue-on-error: true needs: - meta - build_action - + # runs all of the steps inside the specified container rather than on the VM host. + # Because of this the network configuration changes from host based network to a container network. + container: + image: python:3.9-buster services: splunk: image: splunk/splunk:${{ fromJson(needs.meta.outputs.matrix_supportedSplunk)[0].version }} ports: - - 8000:8000 - 8088:8088 - 8089:8089 env: @@ -305,55 +305,24 @@ jobs: SPLUNK_START_ARGS: --accept-license SPLUNK_APPS_URL: https://github.com/splunk/splunk-configurations-base-indexes/releases/download/v1.0.0/splunk_configurations_base_indexes-1.0.0.tar.gz + sc4s: + image: ${{ needs.meta.outputs.container_base }} + ports: + - 514:514 + env: + SC4S_DEST_SPLUNK_HEC_DEFAULT_URL: https://splunk:8088 + SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN: 70b6ae71-76b3-4c38-9597-0c5b37ad9630 + SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY: "no" + SC4S_USE_NAME_CACHE: "yes" + SC4S_CLEAR_NAME_CACHE: "yes" + SC4S_IPV6_ENABLE: "${{ matrix.SC4S_IPV6_ENABLE }}" + steps: - name: Checkout uses: actions/checkout@v4 with: submodules: false persist-credentials: false - - name: Install Ansible and other dependencies as python package - run: | - pip install ansible~=6.1.0 --no-cache-dir \ - && pip install pywinrm>=0.4.2 --no-cache-dir \ - && pip install ansible-lint>=6.0.0 --no-cache-dir \ - && pip install docker - - name: Configure Ansible Environment Variables - env: - ANSIBLE_CONFIG: ansible.cfg - ANSIBLE_HOST_KEY_CHECKING: False - run: | - echo "ANSIBLE_CONFIG is set to: $ANSIBLE_CONFIG" - echo "ANSIBLE_HOST_KEY_CHECKING is set to: $ANSIBLE_HOST_KEY_CHECKING" - sudo systemctl set-environment SC4S_IMAGE=${{ needs.meta.outputs.container_base }} - - name: Update inventory file - run: | - cat << EOF > ansible/inventory/inventory.yaml - --- - all: - hosts: - children: - node: - hosts: - node_1: - ansible_host: 127.0.0.1 - ansible_connection: local - ansible_user: root - - name: Update env_file - run: | - echo "Updating ansible/inventory/inventory.yaml" - cat << EOF > ansible/resources/env_file - SC4S_DEST_SPLUNK_HEC_DEFAULT_URL=https://127.0.0.1:8088 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN=70b6ae71-76b3-4c38-9597-0c5b37ad9630 - SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY=no - SC4S_USE_NAME_CACHE=yes - SC4S_CLEAR_NAME_CACHE=yes - SC4S_IPV6_ENABLE=${{ matrix.SC4S_IPV6_ENABLE }} - - name: Update current SC4S image in unit file - run: | - sed -i 's|Environment="SC4S_IMAGE=ghcr.io/splunk/splunk-connect-for-syslog/container3:latest"|Environment="SC4S_IMAGE=${{ needs.meta.outputs.container_base }}"|' ansible/resources/${{ matrix.deployment_type }}_sc4s.service - - name: Run Ansible Playbook - run: | - ansible-playbook --connection=local -i ansible/inventory/inventory.yaml ansible/playbooks/${{ matrix.deployment_type }}.yml - name: Run tests run: | pip3 install poetry @@ -362,15 +331,15 @@ jobs: poetry run pytest -v --tb=long \ --splunk_type=external \ --splunk_hec_token=70b6ae71-76b3-4c38-9597-0c5b37ad9630 \ - --splunk_host=127.0.0.1 \ - --sc4s_host=127.0.0.1 \ + --splunk_host=splunk \ + --sc4s_host=sc4s \ --junitxml=test-results/test.xml \ -n 1 \ -m 'name_cache' - name: artifact-test-results uses: actions/upload-artifact@v4 with: - name: test-name-cache-results_${{ matrix.deployment_type }}_IPv6_${{ matrix.SC4S_IPV6_ENABLE }}.xml + name: test-name-cache-results_IPv6_${{ matrix.SC4S_IPV6_ENABLE }}.xml path: test-results/test.xml if: ${{ !cancelled() }} diff --git a/ansible/resources/docker_sc4s.service b/ansible/resources/docker_sc4s.service index 6b18a46cfd..667fff51d3 100644 --- a/ansible/resources/docker_sc4s.service +++ b/ansible/resources/docker_sc4s.service @@ -43,4 +43,4 @@ ExecStart=/usr/bin/docker run \ --name SC4S \ --rm $SC4S_IMAGE -Restart=on-failure \ No newline at end of file +Restart=on-failure diff --git a/tests/conftest.py b/tests/conftest.py index 7141695854..709cfaaf22 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -22,7 +22,7 @@ def get_host_key(): @pytest.fixture(scope="function") def get_pid(): - return random.randint(1000, 32000) # NOSONAR + return random.randint(1000, 32000) # NOSONAR def pytest_addoption(parser):