Bump version 6.0.0-SNAPSHOT + Compatibility with Graylog 6.0.6 #278
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Continuous Integration | |
| on: push | |
| env: | |
| JAVA_VERSION: 17 | |
| jobs: | |
| build: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Check out repository code | |
| uses: actions/checkout@v3 | |
| with: | |
| path: plugin | |
| - name: Setup Java JDK ${{ env.JAVA_VERSION }} | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: ${{ env.JAVA_VERSION }} | |
| distribution: temurin | |
| cache: maven | |
| - name: Retrieve variables from pom | |
| id: requestPom | |
| working-directory: plugin | |
| run: | | |
| echo "GRAYLOG_VERSION=$(mvnw help:evaluate -Dexpression=project.parent.version -q -DforceStdout)" >> $GITHUB_OUTPUT | |
| NAME=$(mvnw help:evaluate -Dexpression=project.name -q -DforceStdout) | |
| VERSION=$(mvnw help:evaluate -Dexpression=project.version -q -DforceStdout) | |
| echo "VERSION=$(mvnw help:evaluate -Dexpression=project.version -q -DforceStdout)" >> $GITHUB_OUTPUT | |
| echo "JAR_PATH=target/$NAME-$VERSION.jar" >> $GITHUB_OUTPUT | |
| echo "RPM_PATH=target/rpm/$NAME/RPMS/noarch/$NAME-$VERSION-1.noarch.rpm" >> $GITHUB_OUTPUT | |
| echo "DEB_PATH=target/$NAME-$VERSION.deb" >> $GITHUB_OUTPUT | |
| - name: Cache Graylog | |
| uses: actions/cache@v3 | |
| id: cache | |
| with: | |
| path: graylog2-server | |
| key: ${{ steps.requestPom.outputs.GRAYLOG_VERSION }} | |
| - name: Check out Graylog ${{ steps.requestPom.outputs.GRAYLOG_VERSION }} | |
| if: steps.cache.outputs.cache-hit != 'true' | |
| uses: actions/checkout@v3 | |
| with: | |
| repository: Graylog2/graylog2-server | |
| ref: ${{ steps.requestPom.outputs.GRAYLOG_VERSION }} | |
| path: graylog2-server | |
| - name: Build Graylog | |
| if: steps.cache.outputs.cache-hit != 'true' | |
| working-directory: graylog2-server | |
| run: | | |
| mvnw compile -DskipTests=true --batch-mode | |
| - name: Cache node_modules | |
| uses: actions/cache@v3 | |
| with: | |
| path: plugin/node_modules | |
| key: ${{ hashFiles('plugin/yarn.lock') }} | |
| - name: Build plugin | |
| working-directory: plugin | |
| run: | | |
| mvnw package --batch-mode | |
| - name: Copy jar to backend tests runtime | |
| working-directory: plugin | |
| run: | | |
| mkdir runtime/graylog/plugin | |
| cp ${{ steps.requestPom.outputs.JAR_PATH }} runtime/graylog/plugin | |
| - name: Execute backend tests | |
| working-directory: plugin/validation | |
| run: | | |
| python -m venv venv | |
| source venv/bin/activate | |
| pip install -r requirements.txt | |
| docker compose --project-directory ../runtime pull | |
| PYTHONUNBUFFERED=true python -m unittest --verbose | |
| - name: Package signed .rpm | |
| if: endsWith(steps.requestPom.outputs.VERSION,'SNAPSHOT') == false | |
| working-directory: plugin | |
| env: | |
| GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
| PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
| run: | | |
| mvnw rpm:rpm | |
| echo -n "$GPG_PRIVATE_KEY" | gpg2 --batch --allow-secret-key-import --import | |
| rpm --define "_gpg_name Airbus CyberSecurity" --define "_gpg_sign_cmd_extra_args --pinentry-mode loopback --passphrase $PASSPHRASE" --addsign "${{ steps.requestPom.outputs.RPM_PATH }}" | |
| - name: Package signed .deb | |
| if: endsWith(steps.requestPom.outputs.VERSION,'SNAPSHOT') == false | |
| working-directory: plugin | |
| env: | |
| GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
| PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
| run: | | |
| echo -n "$GPG_PRIVATE_KEY" | gpg2 --batch --allow-secret-key-import --import | |
| gpg2 --export-secret-keys --batch --pinentry-mode loopback --passphrase "$PASSPHRASE" > $HOME/.gnupg/secring.gpg | |
| mvnw jdeb:jdeb --settings deployment/settings.xml | |
| - name: Check license headers | |
| working-directory: plugin | |
| run: | | |
| mvnw license:check | |
| - name: Archive .jar | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: jar | |
| path: plugin/${{ steps.requestPom.outputs.JAR_PATH }} | |
| if-no-files-found: error | |
| - name: Archive .rpm | |
| if: endsWith(steps.requestPom.outputs.VERSION,'SNAPSHOT') == false | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: rpm | |
| path: plugin/${{ steps.requestPom.outputs.RPM_PATH }} | |
| if-no-files-found: error | |
| - name: Archive .deb | |
| if: endsWith(steps.requestPom.outputs.VERSION,'SNAPSHOT') == false | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: deb | |
| path: plugin/${{ steps.requestPom.outputs.DEB_PATH }} | |
| if-no-files-found: error | |
| - name: Release | |
| if: startsWith(github.ref, 'refs/tags/') | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| files: | | |
| plugin/${{ steps.requestPom.outputs.JAR_PATH }} | |
| plugin/${{ steps.requestPom.outputs.RPM_PATH }} | |
| plugin/${{ steps.requestPom.outputs.DEB_PATH }} | |
| fail_on_unmatched_files: true | |
| - name: Deploy to Maven Central | |
| if: startsWith(github.ref, 'refs/tags/') || endsWith(steps.requestPom.outputs.VERSION,'SNAPSHOT') | |
| working-directory: plugin | |
| env: | |
| SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }} | |
| SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }} | |
| GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
| PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
| run: | | |
| echo -n "$GPG_PRIVATE_KEY" | gpg2 --batch --allow-secret-key-import --import | |
| mvnw clean deploy -DskipTests=true --settings deployment/settings.xml |