From 2af4f65811752cb1c7ee4fd0a17a953644c009c7 Mon Sep 17 00:00:00 2001 From: kdoroszko-splunk Date: Thu, 11 Jul 2024 17:06:42 +0200 Subject: [PATCH 01/21] chore: backport changes from main (#297) (#298) --- .../workflows/reusable-build-test-release.yml | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index c004baddd..d90f13dbe 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -544,19 +544,28 @@ jobs: id: slim run: | pip install splunk-packaging-toolkit + pip install semantic-version==2.6.0 INPUT_SOURCE=${{ steps.uccgen.outputs.OUTPUT }} SOURCE_REGEX='^.*/$' if [[ $INPUT_SOURCE =~ $SOURCE_REGEX ]];then echo Removing trailing / from INPUT_SOURCE slim is picky INPUT_SOURCE=$(echo $INPUT_SOURCE | sed 's/\(.*\)\//\1/') fi + slim generate-manifest "${INPUT_SOURCE}" --update >/tmp/app.manifest || true + cp /tmp/app.manifest "${INPUT_SOURCE}"/app.manifest mkdir -p build/package/splunkbase + mkdir -p build/package/deployment slim package -o build/package/splunkbase "${INPUT_SOURCE}" for f in build/package/splunkbase/*.tar.gz; do n=$(echo "${f}" | awk '{gsub("-[0-9]+.[0-9]+.[0-9]+-[a-f0-9]+-?", "");print}' | sed 's/.tar.gz/.spl/') mv "${f}" "${n}" done PACKAGE=$(ls build/package/splunkbase/*) + slim partition "${PACKAGE}" -o build/package/deployment/ || true + for f in build/package/deployment/*.tar.gz; do + n=$(echo "${f}" | awk '{gsub("-[0-9]+.[0-9]+.[0-9]+-[a-f0-9]+-?", "");print}' | sed 's/.tar.gz/.spl/') + mv "${f}" "${n}" + done slim validate "${PACKAGE}" chmod -R +r build echo "OUTPUT=$PACKAGE" >> "$GITHUB_OUTPUT" @@ -583,6 +592,12 @@ jobs: echo "name=$(basename "${{ steps.slim.outputs.OUTPUT }}")" >> "$GITHUB_OUTPUT" basename "${{ steps.slim.outputs.OUTPUT }}" aws s3 cp "${{ steps.slim.outputs.OUTPUT }}" "s3://${{ needs.setup-workflow.outputs.s3_bucket_k8s }}/ta-apps/" + - name: artifact-splunk-parts + uses: actions/upload-artifact@v4 + with: + name: package-deployment + path: build/package/deployment** + if: ${{ !cancelled() }} build-3_9: runs-on: ubuntu-latest @@ -2096,6 +2111,13 @@ jobs: git_committer_email: ${{ secrets.SA_GH_USER_EMAIL }} gpg_private_key: ${{ secrets.SA_GPG_PRIVATE_KEY }} passphrase: ${{ secrets.SA_GPG_PASSPHRASE }} + - name: Download package-deployment + if: ${{ steps.semantic.outputs.new_release_published == 'true' }} + uses: actions/download-artifact@v4 + id: download-package-deployment + with: + name: package-deployment + path: download/artifacts/ - name: Download package-splunkbase if: ${{ steps.semantic.outputs.new_release_published == 'true' }} uses: actions/download-artifact@v4 From 72497e5c03894369b8fbdd2a2c4134c233ba1b5d Mon Sep 17 00:00:00 2001 From: mkolasinski-splunk <105011638+mkolasinski-splunk@users.noreply.github.com> Date: Fri, 12 Jul 2024 10:26:25 +0200 Subject: [PATCH 02/21] fix: add input for scripted inputs os (#296) List of OSs for scripted inputes tests can be provided as an input to reusable workflow. Tested: https://github.com/splunk/splunk-add-on-for-unix-and-linux/pull/577 --- .github/workflows/reusable-build-test-release.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index d90f13dbe..50a68a488 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -24,6 +24,12 @@ on: description: "branch for k8s manifests to run the tests on" type: string default: "v3.0.2" + scripted-inputs-os-list: + required: false + description: "list of OS used for scripted input tests" + type: string + default: >- + ["ubuntu:14.04", "ubuntu:16.04","ubuntu:18.04","ubuntu:22.04", "ubuntu:24.04", "redhat:8.4", "redhat:8.5", "redhat:8.6", "redhat:8.8"] secrets: GH_TOKEN_ADMIN: description: Github admin token @@ -1831,7 +1837,7 @@ jobs: fail-fast: false matrix: splunk: ${{ fromJson(needs.meta.outputs.matrix_combinedSplunkversion) }} - os: [ "ubuntu:14.04", "ubuntu:16.04","ubuntu:18.04","ubuntu:22.04", "centos:7", "redhat:8.0", "redhat:8.2", "redhat:8.3", "redhat:8.4", "redhat:8.5" ] + os: ${{ fromJson(inputs.scripted-inputs-os-list) }} container: image: ghcr.io/splunk/workflow-engine-base:4.1.0 env: From a538fe31261f6b0dc7553f1901f658f192ae75e5 Mon Sep 17 00:00:00 2001 From: mkolasinski-splunk <105011638+mkolasinski-splunk@users.noreply.github.com> Date: Fri, 12 Jul 2024 11:15:05 +0200 Subject: [PATCH 03/21] docs: extend docker image documentation by unreleased splunk (#293) Add documentation regarding docker images used in reusable workflow with unreleased splunk. --- ...ry-workflow-addon-release-docker-images.md | 27 +++++++++++++++++++ ...lish_multiple_os_images_scripted_inputs.md | 12 --------- 2 files changed, 27 insertions(+), 12 deletions(-) create mode 100644 runbooks/addonfactory-workflow-addon-release-docker-images.md delete mode 100644 runbooks/publish_multiple_os_images_scripted_inputs.md diff --git a/runbooks/addonfactory-workflow-addon-release-docker-images.md b/runbooks/addonfactory-workflow-addon-release-docker-images.md new file mode 100644 index 000000000..66eae32cc --- /dev/null +++ b/runbooks/addonfactory-workflow-addon-release-docker-images.md @@ -0,0 +1,27 @@ +# Runbook to creating and publishing docker images used in reusable workflow +## Runbook to publish multiple images of different Linux flavors and versions for scripted inputs tests +Once there is new Splunk release, and [matrix](https://github.com/splunk/addonfactory-test-matrix-action) is updated, we need to make sure that Splunk images for scripted inputs tests are created and published. +### Steps + +#### Update OS images +- check what OSs are listed in definition of matrix for scripted inputs tests [here](https://github.com/splunk/addonfactory-workflow-addon-release/blob/72497e5c03894369b8fbdd2a2c4134c233ba1b5d/.github/workflows/reusable-build-test-release.yml#L27) +- if any is missing in [ta-automation-docker-images](https://cd.splunkdev.com/taautomation/ta-automation-docker-images/-/tree/main/dockerfiles) then add new Dockerfile + +#### Create images and publish them to ECR +- figure out what version of Splunk is needed (sha) using go/fetcher +- trigger [pipeline](https://cd.splunkdev.com/taautomation/ta-automation-docker-images/-/pipelines/new) for every OS flavor separately + +## Runbook to publish unreleased Splunk image for testing +Whenever there is a need for running tests with unreleased splunk, we need to create relevant Splunk docker image and publish it to aws ecr +### Steps +#### Build docker image and publish to artifactory +- Prior creating docker image it needs to be determined which revision of core Splunk repo is required. Splunk docker images are based on Splunk builds published to artifactory by CI in core repository. Their names match SHA of the commit in core repo: [develop builds artifactory](https://repo.splunkdev.net:443/artifactory/generic/splcore/builds/develop/) +- Docker image is built by [pipeline](https://cd.splunkdev.com/core-ee/docker-splunk-internal/-/pipelines/new) which required UNRELEASED_SPLUNK_SHA as an input variable - provide first 12 characters of desired revision on Splunk core repo. Once image is built, it is published to [artifactory](https://repo.splunkdev.net/ui/repos/tree/General/docker/docker-splunk-internal/unreleased/splunk-redhat-9). +#### Pull built image locally, tag and publish to ecr +- okta-artifactory-login -t docker +- docker pull docker.repo.splunkdev.net/docker-splunk-internal/unreleased/splunk-redhat-9:[image-tag] +- docker tag docker.repo.splunkdev.net/docker-splunk-internal/unreleased/splunk-redhat-9:[image-tag] "956110764581.dkr.ecr.us-west-2.amazonaws.com/splunk/splunk:[new-image-tag]" +- set AWS environment variables: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN +- aws ecr get-login-password --region us-west-2 | docker login --username AWS --password-stdin 956110764581.dkr.ecr.us-west-2.amazonaws.com +- docker push 956110764581.dkr.ecr.us-west-2.amazonaws.com/splunk/splunk:[new-image-tag] +- confirm that image is visible in AWS [ECR](https://us-west-2.console.aws.amazon.com/ecr/repositories/private/956110764581/splunk/splunk?region=us-west-2) \ No newline at end of file diff --git a/runbooks/publish_multiple_os_images_scripted_inputs.md b/runbooks/publish_multiple_os_images_scripted_inputs.md deleted file mode 100644 index 729ab7436..000000000 --- a/runbooks/publish_multiple_os_images_scripted_inputs.md +++ /dev/null @@ -1,12 +0,0 @@ -# Runbook to publish multiple images of different Linux flavors and versions for scripted inputs tests - -Once there is new Splunk release, and [matrix](https://github.com/splunk/addonfactory-test-matrix-action) is updated, we need to make sure that Splunk images for scripted inputs tests are created and published. -## Steps - -### Update OS images -- check what OS are listed in definition of matrix in scripted inputs tests [here](https://github.com/splunk/addonfactory-workflow-addon-release/blob/v4.16/.github/workflows/reusable-build-test-release.yml#L1966) -- if any is missing in [ta-automation-docker-images](https://cd.splunkdev.com/taautomation/ta-automation-docker-images/-/tree/main/dockerfiles) then add new Dockerfile - -### Create images and publish them to ECR -- figure out what version of Splunk is needed (sha) using go/fetcher -- trigger [pipeline](https://cd.splunkdev.com/taautomation/ta-automation-docker-images/-/pipelines/new) for every OS flavor separately From 1544130aa8a79b1996fd84897e0c2d2d7af26eba Mon Sep 17 00:00:00 2001 From: mkolasinski-splunk <105011638+mkolasinski-splunk@users.noreply.github.com> Date: Mon, 29 Jul 2024 13:47:02 +0200 Subject: [PATCH 04/21] docs: document Splunk docker image with java --- runbooks/addonfactory-workflow-addon-release-docker-images.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/runbooks/addonfactory-workflow-addon-release-docker-images.md b/runbooks/addonfactory-workflow-addon-release-docker-images.md index 66eae32cc..afc36ef4e 100644 --- a/runbooks/addonfactory-workflow-addon-release-docker-images.md +++ b/runbooks/addonfactory-workflow-addon-release-docker-images.md @@ -24,4 +24,5 @@ Whenever there is a need for running tests with unreleased splunk, we need to cr - set AWS environment variables: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN - aws ecr get-login-password --region us-west-2 | docker login --username AWS --password-stdin 956110764581.dkr.ecr.us-west-2.amazonaws.com - docker push 956110764581.dkr.ecr.us-west-2.amazonaws.com/splunk/splunk:[new-image-tag] -- confirm that image is visible in AWS [ECR](https://us-west-2.console.aws.amazon.com/ecr/repositories/private/956110764581/splunk/splunk?region=us-west-2) \ No newline at end of file +- confirm that image is visible in AWS [ECR](https://us-west-2.console.aws.amazon.com/ecr/repositories/private/956110764581/splunk/splunk?region=us-west-2) +- there are TAs which use Splunk images with installed java fot testing (e.g. JBOSS). Separate image with installed java has to be built, tagged and pushed to ECR. This [branch](https://cd.splunkdev.com/core-ee/workflow-engine/workflow-engine-images/-/tree/feat/unreleased_splunk_java/image-copy/ta-automation-k8s-apps/unreleased-splunk-java?ref_type=heads) can be used for this purpose. Existing CI/CD expects Splunk image with tag "956110764581.dkr.ecr.us-west-2.amazonaws.com/splunk/splunk:[new-image-tag]-java" From e3a7bc1d89f81eb01ca45547c0b28775079356e1 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 5 Aug 2024 16:19:26 +0200 Subject: [PATCH 05/21] chore(deps): update all dependencies (#287) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [amannn/action-semantic-pull-request](https://togithub.com/amannn/action-semantic-pull-request) | action | patch | `v5.5.2` -> `v5.5.3` | | [trufflesecurity/trufflehog](https://togithub.com/trufflesecurity/trufflehog) | action | minor | `v3.78.0` -> `v3.81.5` | --- ### Release Notes
amannn/action-semantic-pull-request (amannn/action-semantic-pull-request) ### [`v5.5.3`](https://togithub.com/amannn/action-semantic-pull-request/releases/tag/v5.5.3) [Compare Source](https://togithub.com/amannn/action-semantic-pull-request/compare/v5.5.2...v5.5.3) ##### Bug Fixes - Bump `braces` dependency ([#​269](https://togithub.com/amannn/action-semantic-pull-request/issues/269). by [@​EelcoLos](https://togithub.com/EelcoLos)) ([2d952a1](https://togithub.com/amannn/action-semantic-pull-request/commit/2d952a1bf90a6a7ab8f0293dc86f5fdf9acb1915))
trufflesecurity/trufflehog (trufflesecurity/trufflehog) ### [`v3.81.5`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.81.5) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.81.4...v3.81.5) #### What's Changed - Update README.md for github experimental by [@​joeleonjr](https://togithub.com/joeleonjr) in [https://github.com/trufflesecurity/trufflehog/pull/3160](https://togithub.com/trufflesecurity/trufflehog/pull/3160) - fix(deps): update module github.com/schollz/progressbar/v3 to v3.14.6 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3158](https://togithub.com/trufflesecurity/trufflehog/pull/3158) - \[analyze] Fix off-by-one error in generated data structures by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3162](https://togithub.com/trufflesecurity/trufflehog/pull/3162) - \[bug] - Create a new context with timeout per request by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/3163](https://togithub.com/trufflesecurity/trufflehog/pull/3163) - \[analyze] Use permission enum values in openai analyzer by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3165](https://togithub.com/trufflesecurity/trufflehog/pull/3165) - update pattern by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/3167](https://togithub.com/trufflesecurity/trufflehog/pull/3167) - Update Zulip detector by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2897](https://togithub.com/trufflesecurity/trufflehog/pull/2897) - fix(deps): update module golang.org/x/oauth2 to v0.22.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3168](https://togithub.com/trufflesecurity/trufflehog/pull/3168) - fix(deps): update module golang.org/x/sync to v0.8.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3169](https://togithub.com/trufflesecurity/trufflehog/pull/3169) - fix(deps): update github.com/tailscale/depaware digest to [`585336c`](https://togithub.com/trufflesecurity/trufflehog/commit/585336c) by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3166](https://togithub.com/trufflesecurity/trufflehog/pull/3166) - Change log verbosity for detection errors by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/3171](https://togithub.com/trufflesecurity/trufflehog/pull/3171) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.81.4...v3.81.5 ### [`v3.81.4`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.81.4) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.81.3...v3.81.4) #### What's Changed - \[bug] - add context timeout to ssh verification by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/3161](https://togithub.com/trufflesecurity/trufflehog/pull/3161) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.81.3...v3.81.4 ### [`v3.81.3`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.81.3) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.81.2...v3.81.3) #### What's Changed - \[chore] - log detector type on error by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/3159](https://togithub.com/trufflesecurity/trufflehog/pull/3159) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.81.2...v3.81.3 ### [`v3.81.2`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.81.2) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.81.1...v3.81.2) #### What's Changed - \[chore] - set custom transport for the Docker client by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/3156](https://togithub.com/trufflesecurity/trufflehog/pull/3156) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.81.1...v3.81.2 ### [`v3.81.1`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.81.1) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.81.0...v3.81.1) #### What's Changed - \[chore] - enable block and mutex profiles by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/3154](https://togithub.com/trufflesecurity/trufflehog/pull/3154) - Add Analyzers interface for Square by [@​abmussani](https://togithub.com/abmussani) in [https://github.com/trufflesecurity/trufflehog/pull/3141](https://togithub.com/trufflesecurity/trufflehog/pull/3141) - Update module google.golang.org/api to v0.190.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3146](https://togithub.com/trufflesecurity/trufflehog/pull/3146) - quick patch for cfor enumeration by [@​joeleonjr](https://togithub.com/joeleonjr) in [https://github.com/trufflesecurity/trufflehog/pull/3155](https://togithub.com/trufflesecurity/trufflehog/pull/3155) - Add Analyzers interface for HuggingFace by [@​abmussani](https://togithub.com/abmussani) in [https://github.com/trufflesecurity/trufflehog/pull/3140](https://togithub.com/trufflesecurity/trufflehog/pull/3140) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.81.0...v3.81.1 ### [`v3.81.0`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.81.0) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.80.6...v3.81.0) #### What's Changed - Add progress bar to CFOR by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/3151](https://togithub.com/trufflesecurity/trufflehog/pull/3151) - \[fix] Always configure the engine with the default detectors by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3152](https://togithub.com/trufflesecurity/trufflehog/pull/3152) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.80.6...v3.81.0 ### [`v3.80.6`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.80.6) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.80.5...v3.80.6) #### What's Changed - Add Analyze interface to Stripe by [@​abmussani](https://togithub.com/abmussani) in [https://github.com/trufflesecurity/trufflehog/pull/3132](https://togithub.com/trufflesecurity/trufflehog/pull/3132) - \[analyze] Combine access level into permission value by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3144](https://togithub.com/trufflesecurity/trufflehog/pull/3144) - \[chore] - move automaxprocs to init by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/3143](https://togithub.com/trufflesecurity/trufflehog/pull/3143) - add twilio analyze relationships by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/3148](https://togithub.com/trufflesecurity/trufflehog/pull/3148) - \[chore] Only set default detectors if none are provided by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3147](https://togithub.com/trufflesecurity/trufflehog/pull/3147) - CFOR Commit Scanner by [@​joeleonjr](https://togithub.com/joeleonjr) in [https://github.com/trufflesecurity/trufflehog/pull/3145](https://togithub.com/trufflesecurity/trufflehog/pull/3145) - \[perf] - Leverage pgzip for Parallel decompression by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/3149](https://togithub.com/trufflesecurity/trufflehog/pull/3149) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.80.5...v3.80.6 ### [`v3.80.5`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.80.5) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/3.80.4...v3.80.5) #### What's Changed - Add permissions lookup tables by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/3125](https://togithub.com/trufflesecurity/trufflehog/pull/3125) - Export maps from permission generation by [@​hxnyk](https://togithub.com/hxnyk) in [https://github.com/trufflesecurity/trufflehog/pull/3137](https://togithub.com/trufflesecurity/trufflehog/pull/3137) - \[chore] - Set GOMAXPROCS by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/3136](https://togithub.com/trufflesecurity/trufflehog/pull/3136) - \[chore] - address linter by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/3133](https://togithub.com/trufflesecurity/trufflehog/pull/3133) - \[refactor] - Improve Performance by Shifting Concurrency from Image to Layer Level by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/3135](https://togithub.com/trufflesecurity/trufflehog/pull/3135) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/3.80.4...v3.80.5 ### [`v3.80.4`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/3.80.4) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.80.3...3.80.4) #### What's Changed - Analyzer partial implementations by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3114](https://togithub.com/trufflesecurity/trufflehog/pull/3114) - fix(deps): update module github.com/aws/aws-sdk-go to v1.55.5 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3116](https://togithub.com/trufflesecurity/trufflehog/pull/3116) - Separate out printing statements with anlayzer logic for Shopify by [@​abmussani](https://togithub.com/abmussani) in [https://github.com/trufflesecurity/trufflehog/pull/3123](https://togithub.com/trufflesecurity/trufflehog/pull/3123) - Separate out printing statements with anlayzer logic for Square by [@​abmussani](https://togithub.com/abmussani) in [https://github.com/trufflesecurity/trufflehog/pull/3122](https://togithub.com/trufflesecurity/trufflehog/pull/3122) - Separate out printing statements with anlayzer logic for twilio by [@​abmussani](https://togithub.com/abmussani) in [https://github.com/trufflesecurity/trufflehog/pull/3118](https://togithub.com/trufflesecurity/trufflehog/pull/3118) - Add new canary ID by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/3117](https://togithub.com/trufflesecurity/trufflehog/pull/3117) - Update GitHub integration tests by [@​rosecodym](https://togithub.com/rosecodym) in [https://github.com/trufflesecurity/trufflehog/pull/3124](https://togithub.com/trufflesecurity/trufflehog/pull/3124) - Separate out printing statements with anlayzer logic for Slack by [@​abmussani](https://togithub.com/abmussani) in [https://github.com/trufflesecurity/trufflehog/pull/3121](https://togithub.com/trufflesecurity/trufflehog/pull/3121) - Separate out printing statements with anlayzer logic for Stripe by [@​abmussani](https://togithub.com/abmussani) in [https://github.com/trufflesecurity/trufflehog/pull/3120](https://togithub.com/trufflesecurity/trufflehog/pull/3120) - nitro detector was removed and needs to be deprecated by [@​0x1](https://togithub.com/0x1) in [https://github.com/trufflesecurity/trufflehog/pull/3102](https://togithub.com/trufflesecurity/trufflehog/pull/3102) - Separate out printing statements with anlayzer logic for SourceGraph by [@​abmussani](https://togithub.com/abmussani) in [https://github.com/trufflesecurity/trufflehog/pull/3119](https://togithub.com/trufflesecurity/trufflehog/pull/3119) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.80.3...3.80.4 ### [`v3.80.3`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.80.3) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.80.2...v3.80.3) #### What's Changed - fix(deps): update module github.com/gabriel-vasile/mimetype to v1.4.5 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3108](https://togithub.com/trufflesecurity/trufflehog/pull/3108) - \[chore] Move openai log message to proper function by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3105](https://togithub.com/trufflesecurity/trufflehog/pull/3105) - fix(deps): update module github.com/aws/aws-sdk-go to v1.55.3 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3107](https://togithub.com/trufflesecurity/trufflehog/pull/3107) - \[analyze] Implement Analyzer interface for github by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3110](https://togithub.com/trufflesecurity/trufflehog/pull/3110) - Support openai project and fine grained tokens by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/3112](https://togithub.com/trufflesecurity/trufflehog/pull/3112) - \[analyze] Add description and user to openai metadata by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3111](https://togithub.com/trufflesecurity/trufflehog/pull/3111) - \[chore] - Manually update Depedencies by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/3106](https://togithub.com/trufflesecurity/trufflehog/pull/3106) - Use non-canary credentials for AWS tests by [@​rosecodym](https://togithub.com/rosecodym) in [https://github.com/trufflesecurity/trufflehog/pull/3109](https://togithub.com/trufflesecurity/trufflehog/pull/3109) - Include default detectors when using a config that contains detectors by [@​harmonherring-pro](https://togithub.com/harmonherring-pro) in [https://github.com/trufflesecurity/trufflehog/pull/3115](https://togithub.com/trufflesecurity/trufflehog/pull/3115) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.80.2...v3.80.3 ### [`v3.80.2`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.80.2) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.80.1...v3.80.2) #### What's Changed - Added Twitter v2 Detector by [@​abmussani](https://togithub.com/abmussani) in [https://github.com/trufflesecurity/trufflehog/pull/3016](https://togithub.com/trufflesecurity/trufflehog/pull/3016) - fix(deps): update module github.com/aws/aws-sdk-go to v1.54.20 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3077](https://togithub.com/trufflesecurity/trufflehog/pull/3077) - \[bug] - add verify check by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/3079](https://togithub.com/trufflesecurity/trufflehog/pull/3079) - \[chore] - Reduce `VerificationOverlapWorker`s by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/3082](https://togithub.com/trufflesecurity/trufflehog/pull/3082) - fix(deps): update module github.com/couchbase/gocb/v2 to v2.9.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3078](https://togithub.com/trufflesecurity/trufflehog/pull/3078) - fix(deps): update golang.org/x/exp digest to [`8a7402a`](https://togithub.com/trufflesecurity/trufflehog/commit/8a7402a) by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3083](https://togithub.com/trufflesecurity/trufflehog/pull/3083) - fix(deps): update module github.com/googleapis/gax-go/v2 to v2.13.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3085](https://togithub.com/trufflesecurity/trufflehog/pull/3085) - fix(deps): update module google.golang.org/api to v0.189.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3086](https://togithub.com/trufflesecurity/trufflehog/pull/3086) - implemented a netsuite detector by [@​abmussani](https://togithub.com/abmussani) in [https://github.com/trufflesecurity/trufflehog/pull/3068](https://togithub.com/trufflesecurity/trufflehog/pull/3068) - Remove onwater detector by [@​trufflesteeeve](https://togithub.com/trufflesteeeve) in [https://github.com/trufflesecurity/trufflehog/pull/3088](https://togithub.com/trufflesecurity/trufflehog/pull/3088) - Fixed Crash issue in atlassian V2 if data in response is empty array by [@​abmussani](https://togithub.com/abmussani) in [https://github.com/trufflesecurity/trufflehog/pull/3091](https://togithub.com/trufflesecurity/trufflehog/pull/3091) - fix(deps): update module github.com/aws/aws-sdk-go to v1.55.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3087](https://togithub.com/trufflesecurity/trufflehog/pull/3087) - fix(deps): update module github.com/aws/aws-sdk-go to v1.55.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3094](https://togithub.com/trufflesecurity/trufflehog/pull/3094) - \[chore] - remove deps from docker image by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/3097](https://togithub.com/trufflesecurity/trufflehog/pull/3097) - \[bug]- Invalid Seek for Non-Seekable Readers by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/3095](https://togithub.com/trufflesecurity/trufflehog/pull/3095) - chore: fix some comments by [@​shangchenglumetro](https://togithub.com/shangchenglumetro) in [https://github.com/trufflesecurity/trufflehog/pull/3098](https://togithub.com/trufflesecurity/trufflehog/pull/3098) - Analyze by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3099](https://togithub.com/trufflesecurity/trufflehog/pull/3099) - fix(deps): update module cloud.google.com/go/secretmanager to v1.13.5 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3096](https://togithub.com/trufflesecurity/trufflehog/pull/3096) - \[chore] Fix Versioner interface for twitter by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3104](https://togithub.com/trufflesecurity/trufflehog/pull/3104) - Implement Analyzer interface for openai by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3101](https://togithub.com/trufflesecurity/trufflehog/pull/3101) #### New Contributors - [@​shangchenglumetro](https://togithub.com/shangchenglumetro) made their first contribution in [https://github.com/trufflesecurity/trufflehog/pull/3098](https://togithub.com/trufflesecurity/trufflehog/pull/3098) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.80.1...v3.80.2 ### [`v3.80.1`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.80.1) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.80.0...v3.80.1) #### What's Changed - fix(deps): update golang.org/x/exp digest to [`e3f2596`](https://togithub.com/trufflesecurity/trufflehog/commit/e3f2596) by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3071](https://togithub.com/trufflesecurity/trufflehog/pull/3071) - chore: fix goreleaser config and command line options for goreleaser v2 by [@​suzuki-shunsuke](https://togithub.com/suzuki-shunsuke) in [https://github.com/trufflesecurity/trufflehog/pull/3073](https://togithub.com/trufflesecurity/trufflehog/pull/3073) #### New Contributors - [@​suzuki-shunsuke](https://togithub.com/suzuki-shunsuke) made their first contribution in [https://github.com/trufflesecurity/trufflehog/pull/3073](https://togithub.com/trufflesecurity/trufflehog/pull/3073) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.80.0...v3.80.1 ### [`v3.80.0`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.80.0) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.79.0...v3.80.0) #### What's Changed - Add endorlabs detector by [@​shreyas-sriram](https://togithub.com/shreyas-sriram) in [https://github.com/trufflesecurity/trufflehog/pull/3015](https://togithub.com/trufflesecurity/trufflehog/pull/3015) - New Source: HuggingFace by [@​joeleonjr](https://togithub.com/joeleonjr) in [https://github.com/trufflesecurity/trufflehog/pull/3000](https://togithub.com/trufflesecurity/trufflehog/pull/3000) - Update README.md by [@​joeleonjr](https://togithub.com/joeleonjr) in [https://github.com/trufflesecurity/trufflehog/pull/3019](https://togithub.com/trufflesecurity/trufflehog/pull/3019) - fixing docs by [@​dylanTruffle](https://togithub.com/dylanTruffle) in [https://github.com/trufflesecurity/trufflehog/pull/3022](https://togithub.com/trufflesecurity/trufflehog/pull/3022) - fix(deps): update module github.com/charmbracelet/bubbletea to v0.26.6 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2998](https://togithub.com/trufflesecurity/trufflehog/pull/2998) - fix(deps): update module github.com/aws/aws-sdk-go to v1.54.11 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3025](https://togithub.com/trufflesecurity/trufflehog/pull/3025) - fix(deps): update module cloud.google.com/go/secretmanager to v1.13.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3024](https://togithub.com/trufflesecurity/trufflehog/pull/3024) - fix(deps): update module github.com/brianvoe/gofakeit/v7 to v7.0.4 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3026](https://togithub.com/trufflesecurity/trufflehog/pull/3026) - fix(deps): update module github.com/couchbase/gocb/v2 to v2.9.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3030](https://togithub.com/trufflesecurity/trufflehog/pull/3030) - update LaunchDarkly detector to use the caller-identity API by [@​pkaeding](https://togithub.com/pkaeding) in [https://github.com/trufflesecurity/trufflehog/pull/3018](https://togithub.com/trufflesecurity/trufflehog/pull/3018) - fix(deps): update module github.com/wasilibs/go-re2 to v1.6.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3033](https://togithub.com/trufflesecurity/trufflehog/pull/3033) - fix(deps): update module github.com/xanzy/go-gitlab to v0.106.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3035](https://togithub.com/trufflesecurity/trufflehog/pull/3035) - \[chore] - remove launchdarkly dep by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/3034](https://togithub.com/trufflesecurity/trufflehog/pull/3034) - Fix race in `caflou` and `ldap` detectors by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/3028](https://togithub.com/trufflesecurity/trufflehog/pull/3028) - Elevenlabs detector by [@​dylanTruffle](https://togithub.com/dylanTruffle) in [https://github.com/trufflesecurity/trufflehog/pull/3023](https://togithub.com/trufflesecurity/trufflehog/pull/3023) - fix(deps): update module go.mongodb.org/mongo-driver to v1.16.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3036](https://togithub.com/trufflesecurity/trufflehog/pull/3036) - fix(deps): update module cloud.google.com/go/secretmanager to v1.13.3 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3037](https://togithub.com/trufflesecurity/trufflehog/pull/3037) - fix(deps): update module github.com/aws/aws-sdk-go to v1.54.14 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3042](https://togithub.com/trufflesecurity/trufflehog/pull/3042) - fix(deps): update module cloud.google.com/go/storage to v1.43.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3043](https://togithub.com/trufflesecurity/trufflehog/pull/3043) - fix(deps): update module golang.org/x/net to v0.27.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3046](https://togithub.com/trufflesecurity/trufflehog/pull/3046) - fix(deps): update module golang.org/x/crypto to v0.25.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3045](https://togithub.com/trufflesecurity/trufflehog/pull/3045) - fix(deps): update module github.com/aws/aws-sdk-go to v1.54.15 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3049](https://togithub.com/trufflesecurity/trufflehog/pull/3049) - fix(deps): update testcontainers-go monorepo to v0.32.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3050](https://togithub.com/trufflesecurity/trufflehog/pull/3050) - \[chore] - remove dead Chunker code by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/3044](https://togithub.com/trufflesecurity/trufflehog/pull/3044) - chore(deps): update goreleaser/goreleaser-action action to v6 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3051](https://togithub.com/trufflesecurity/trufflehog/pull/3051) - fix(deps): update golang.org/x/exp digest to [`46b0784`](https://togithub.com/trufflesecurity/trufflehog/commit/46b0784) by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3053](https://togithub.com/trufflesecurity/trufflehog/pull/3053) - fix(deps): update module github.com/aws/aws-sdk-go to v1.54.16 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3054](https://togithub.com/trufflesecurity/trufflehog/pull/3054) - fix(deps): update module github.com/google/go-containerregistry to v0.20.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3055](https://togithub.com/trufflesecurity/trufflehog/pull/3055) - Order GitLab repos consistently by [@​rosecodym](https://togithub.com/rosecodym) in [https://github.com/trufflesecurity/trufflehog/pull/3047](https://togithub.com/trufflesecurity/trufflehog/pull/3047) - Log more GitLab stuff by [@​rosecodym](https://togithub.com/rosecodym) in [https://github.com/trufflesecurity/trufflehog/pull/3040](https://togithub.com/trufflesecurity/trufflehog/pull/3040) - update package name by [@​0x1](https://togithub.com/0x1) in [https://github.com/trufflesecurity/trufflehog/pull/3020](https://togithub.com/trufflesecurity/trufflehog/pull/3020) - fix(deps): update module github.com/aws/aws-sdk-go to v1.54.17 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3057](https://togithub.com/trufflesecurity/trufflehog/pull/3057) - fix(deps): update module cloud.google.com/go/secretmanager to v1.13.4 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3059](https://togithub.com/trufflesecurity/trufflehog/pull/3059) - fix(deps): update module github.com/aws/aws-sdk-go to v1.54.18 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3062](https://togithub.com/trufflesecurity/trufflehog/pull/3062) - fix(deps): update module github.com/aws/aws-sdk-go to v1.54.19 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3064](https://togithub.com/trufflesecurity/trufflehog/pull/3064) - fix(deps): update module github.com/xanzy/go-gitlab to v0.107.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3069](https://togithub.com/trufflesecurity/trufflehog/pull/3069) - fix(deps): update golang.org/x/exp digest to [`1d5bc16`](https://togithub.com/trufflesecurity/trufflehog/commit/1d5bc16) by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3070](https://togithub.com/trufflesecurity/trufflehog/pull/3070) - Atlassian Token Detector by [@​ankushgoel27](https://togithub.com/ankushgoel27) in [https://github.com/trufflesecurity/trufflehog/pull/3065](https://togithub.com/trufflesecurity/trufflehog/pull/3065) - fix(deps): update module github.com/google/go-containerregistry to v0.20.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3072](https://togithub.com/trufflesecurity/trufflehog/pull/3072) - \[feat] - Streamlined File Handling with BufferedReaderSeeker by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/3041](https://togithub.com/trufflesecurity/trufflehog/pull/3041) - \[perf] - Optimize MIME Type Detection to Reduce Allocations by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/3048](https://togithub.com/trufflesecurity/trufflehog/pull/3048) #### New Contributors - [@​pkaeding](https://togithub.com/pkaeding) made their first contribution in [https://github.com/trufflesecurity/trufflehog/pull/3018](https://togithub.com/trufflesecurity/trufflehog/pull/3018) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.79.0...v3.80.0 ### [`v3.79.0`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.79.0) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.78.2...v3.79.0) #### What's Changed - fix(deps): update module github.com/aws/aws-sdk-go to v1.54.6 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2996](https://togithub.com/trufflesecurity/trufflehog/pull/2996) - Return targeted scan errors by [@​rosecodym](https://togithub.com/rosecodym) in [https://github.com/trufflesecurity/trufflehog/pull/2995](https://togithub.com/trufflesecurity/trufflehog/pull/2995) - Set GIT_DIR based on ScanOptions.Bare by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/3004](https://togithub.com/trufflesecurity/trufflehog/pull/3004) - Adding Larksuite Detectors + Tests by [@​abmussani](https://togithub.com/abmussani) in [https://github.com/trufflesecurity/trufflehog/pull/3008](https://togithub.com/trufflesecurity/trufflehog/pull/3008) - Pin STARRY-S/zip by [@​rosecodym](https://togithub.com/rosecodym) in [https://github.com/trufflesecurity/trufflehog/pull/2999](https://togithub.com/trufflesecurity/trufflehog/pull/2999) - Ensure that `detector-tests` workflow runs detector tests by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2994](https://togithub.com/trufflesecurity/trufflehog/pull/2994) - added "example" to detector badlist by [@​orionooooo](https://togithub.com/orionooooo) in [https://github.com/trufflesecurity/trufflehog/pull/3010](https://togithub.com/trufflesecurity/trufflehog/pull/3010) #### New Contributors - [@​orionooooo](https://togithub.com/orionooooo) made their first contribution in [https://github.com/trufflesecurity/trufflehog/pull/3010](https://togithub.com/trufflesecurity/trufflehog/pull/3010) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.78.2...v3.79.0 ### [`v3.78.2`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.78.2) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.78.1...v3.78.2) #### What's Changed - fix(deps): update golang.org/x/exp digest to [`fc45aab`](https://togithub.com/trufflesecurity/trufflehog/commit/fc45aab) by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2931](https://togithub.com/trufflesecurity/trufflehog/pull/2931) - adding twitter + Consumer key detector by [@​abmussani](https://togithub.com/abmussani) in [https://github.com/trufflesecurity/trufflehog/pull/2963](https://togithub.com/trufflesecurity/trufflehog/pull/2963) - Fix test compilation errors by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2964](https://togithub.com/trufflesecurity/trufflehog/pull/2964) - Modularize scanning engine by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2887](https://togithub.com/trufflesecurity/trufflehog/pull/2887) - adding eraser ai detector by [@​0x1](https://togithub.com/0x1) in [https://github.com/trufflesecurity/trufflehog/pull/2961](https://togithub.com/trufflesecurity/trufflehog/pull/2961) - \[feat] - add metrics to the Engine by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2968](https://togithub.com/trufflesecurity/trufflehog/pull/2968) - Double archive `maxDepth` until bug is fixed by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2965](https://togithub.com/trufflesecurity/trufflehog/pull/2965) - Return match/reason from `detectors.IsKnownFalsePositive` by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2969](https://togithub.com/trufflesecurity/trufflehog/pull/2969) - Fix integration tests by [@​rosecodym](https://togithub.com/rosecodym) in [https://github.com/trufflesecurity/trufflehog/pull/2970](https://togithub.com/trufflesecurity/trufflehog/pull/2970) - \[fix] - implement MaxSecretSizeProvider for `auth0managementapitoken` detector by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2953](https://togithub.com/trufflesecurity/trufflehog/pull/2953) - Patch archived dependency by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/2971](https://togithub.com/trufflesecurity/trufflehog/pull/2971) - fix(deps): update module github.com/aws/aws-sdk-go to v1.54.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2962](https://togithub.com/trufflesecurity/trufflehog/pull/2962) - fix(deps): update golang.org/x/exp digest to [`7f521ea`](https://togithub.com/trufflesecurity/trufflehog/commit/7f521ea) by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2972](https://togithub.com/trufflesecurity/trufflehog/pull/2972) - fix(deps): update module github.com/google/go-containerregistry to v0.19.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2973](https://togithub.com/trufflesecurity/trufflehog/pull/2973) - fix(deps): update module go.mongodb.org/mongo-driver to v1.15.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2975](https://togithub.com/trufflesecurity/trufflehog/pull/2975) - fix(deps): update module cloud.google.com/go/storage to v1.42.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2977](https://togithub.com/trufflesecurity/trufflehog/pull/2977) - fix(deps): update module github.com/bradleyfalzon/ghinstallation/v2 to v2.11.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2980](https://togithub.com/trufflesecurity/trufflehog/pull/2980) - fix(deps): update module github.com/elastic/go-elasticsearch/v8 to v8.14.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2981](https://togithub.com/trufflesecurity/trufflehog/pull/2981) - fix(deps): update module github.com/getsentry/sentry-go to v0.28.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2986](https://togithub.com/trufflesecurity/trufflehog/pull/2986) - \[feat] - Add Option to Retain False Positives During Detection by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2967](https://togithub.com/trufflesecurity/trufflehog/pull/2967) - fix(deps): update module google.golang.org/api to v0.185.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2987](https://togithub.com/trufflesecurity/trufflehog/pull/2987) - clone more refs by [@​zricethezav](https://togithub.com/zricethezav) in [https://github.com/trufflesecurity/trufflehog/pull/2988](https://togithub.com/trufflesecurity/trufflehog/pull/2988) - fix(deps): update module github.com/aws/aws-sdk-go to v1.54.5 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2992](https://togithub.com/trufflesecurity/trufflehog/pull/2992) - Disambiguate step names in `detector-tests` workflow by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2989](https://togithub.com/trufflesecurity/trufflehog/pull/2989) - fix(deps): update module github.com/googleapis/gax-go/v2 to v2.12.5 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2993](https://togithub.com/trufflesecurity/trufflehog/pull/2993) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.78.1...v3.78.2 ### [`v3.78.1`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.78.1) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.78.0...v3.78.1) #### What's Changed - fix(deps): update module github.com/aws/aws-sdk-go to v1.53.15 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2911](https://togithub.com/trufflesecurity/trufflehog/pull/2911) - fix(deps): update module github.com/microsoft/go-mssqldb to v1.7.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2912](https://togithub.com/trufflesecurity/trufflehog/pull/2912) - Add elasticsearch to tui by [@​hxnyk](https://togithub.com/hxnyk) in [https://github.com/trufflesecurity/trufflehog/pull/2915](https://togithub.com/trufflesecurity/trufflehog/pull/2915) - Improve GitHub wiki scan errs by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2917](https://togithub.com/trufflesecurity/trufflehog/pull/2917) - Update OpenAI detector by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2863](https://togithub.com/trufflesecurity/trufflehog/pull/2863) - Add flag to get information if trufflehog being ran from TUI by [@​hxnyk](https://togithub.com/hxnyk) in [https://github.com/trufflesecurity/trufflehog/pull/1644](https://togithub.com/trufflesecurity/trufflehog/pull/1644) - \[feat] - Introduce `channelmetrics` Package for Channel Metrics Collection by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2889](https://togithub.com/trufflesecurity/trufflehog/pull/2889) - \[feat] - Optimize detector performance by reducing data passed to regex by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2812](https://togithub.com/trufflesecurity/trufflehog/pull/2812) - Go should be installed before codeql initializes by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/2919](https://togithub.com/trufflesecurity/trufflehog/pull/2919) - \[fix] - continue on error by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2921](https://togithub.com/trufflesecurity/trufflehog/pull/2921) - Update Jenkins in tui by [@​hxnyk](https://togithub.com/hxnyk) in [https://github.com/trufflesecurity/trufflehog/pull/2925](https://togithub.com/trufflesecurity/trufflehog/pull/2925) - \[chore] - remove stutter in naming by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2926](https://togithub.com/trufflesecurity/trufflehog/pull/2926) - \[fix] - Correctly calculate EntireSpanChunkCalculator span by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2924](https://togithub.com/trufflesecurity/trufflehog/pull/2924) - Improve Git scaning logs by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2923](https://togithub.com/trufflesecurity/trufflehog/pull/2923) - \[chore] - address comments by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2920](https://togithub.com/trufflesecurity/trufflehog/pull/2920) - Make `cache.Cache` typed by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2930](https://togithub.com/trufflesecurity/trufflehog/pull/2930) - fix(deps): update module github.com/aws/aws-sdk-go to v1.53.17 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2914](https://togithub.com/trufflesecurity/trufflehog/pull/2914) - \[chore] Polish channelmetrics package by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/2938](https://togithub.com/trufflesecurity/trufflehog/pull/2938) - Add `*.dia` to ignored extensions list by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2939](https://togithub.com/trufflesecurity/trufflehog/pull/2939) - Make the github action work with a path as input by [@​benbridts](https://togithub.com/benbridts) in [https://github.com/trufflesecurity/trufflehog/pull/2908](https://togithub.com/trufflesecurity/trufflehog/pull/2908) - fix(deps): update module github.com/snowflakedb/gosnowflake to v1.10.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2913](https://togithub.com/trufflesecurity/trufflehog/pull/2913) - fix(deps): update module github.com/aws/aws-sdk-go to v1.53.19 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2944](https://togithub.com/trufflesecurity/trufflehog/pull/2944) - fix(deps): update module github.com/launchdarkly/go-server-sdk/v7 to v7.4.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2947](https://togithub.com/trufflesecurity/trufflehog/pull/2947) - \[bug] - Ensure BufferedFileWriter Flushes Buffer Contents to File Correctly by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2943](https://togithub.com/trufflesecurity/trufflehog/pull/2943) - Change filesystem symlink err handling by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2941](https://togithub.com/trufflesecurity/trufflehog/pull/2941) - Fix panic in MaxMind detector by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2948](https://togithub.com/trufflesecurity/trufflehog/pull/2948) - \[chore] - Update `discordwebhook` detector keyword by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2954](https://togithub.com/trufflesecurity/trufflehog/pull/2954) - \[fix] - Refactor Filtering Logic to Fix Known False Positive Handling in Overlapping Cases by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2946](https://togithub.com/trufflesecurity/trufflehog/pull/2946) - \[feat] - Update span calculation logic to use offset magnitude by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2957](https://togithub.com/trufflesecurity/trufflehog/pull/2957) - \[chore] - pin archiver dependency by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2958](https://togithub.com/trufflesecurity/trufflehog/pull/2958) - \[chore] - Remove replace by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2959](https://togithub.com/trufflesecurity/trufflehog/pull/2959) #### New Contributors - [@​benbridts](https://togithub.com/benbridts) made their first contribution in [https://github.com/trufflesecurity/trufflehog/pull/2908](https://togithub.com/trufflesecurity/trufflehog/pull/2908) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.78.0...v3.78.1
--- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View the [repository job log](https://developer.mend.io/github/splunk/addonfactory-workflow-addon-release). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/reusable-build-test-release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index abc58eaec..3be35f712 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -172,7 +172,7 @@ jobs: pull-requests: read statuses: write steps: - - uses: amannn/action-semantic-pull-request@v5.5.2 + - uses: amannn/action-semantic-pull-request@v5.5.3 with: wip: true validateSingleCommit: true @@ -265,7 +265,7 @@ jobs: fetch-depth: "0" ref: ${{ github.head_ref }} - name: Secret Scanning Trufflehog - uses: trufflesecurity/trufflehog@v3.78.0 + uses: trufflesecurity/trufflehog@v3.81.5 with: extra_args: -x .github/workflows/exclude-patterns.txt --json --only-verified version: 3.77.0 From ec19fcf101730b1716c6b17cfd5079a6683edd21 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 22 Aug 2024 11:18:38 +0200 Subject: [PATCH 06/21] chore(deps): update trufflesecurity/trufflehog action to v3.81.9 (#308) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [trufflesecurity/trufflehog](https://togithub.com/trufflesecurity/trufflehog) | action | patch | `v3.81.5` -> `v3.81.9` | --- ### Release Notes
trufflesecurity/trufflehog (trufflesecurity/trufflehog) ### [`v3.81.9`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.81.9) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.81.8...v3.81.9) #### What's Changed - Capture decoding time metric by [@​rosecodym](https://togithub.com/rosecodym) in [https://github.com/trufflesecurity/trufflehog/pull/3209](https://togithub.com/trufflesecurity/trufflehog/pull/3209) - fix(deps): update module cloud.google.com/go/secretmanager to v1.13.6 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3208](https://togithub.com/trufflesecurity/trufflehog/pull/3208) - remove two letter keyword by [@​0x1](https://togithub.com/0x1) in [https://github.com/trufflesecurity/trufflehog/pull/3210](https://togithub.com/trufflesecurity/trufflehog/pull/3210) - Add metrics for command invocation by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3185](https://togithub.com/trufflesecurity/trufflehog/pull/3185) - chore(deps): update sigstore/cosign-installer action to v3.6.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3211](https://togithub.com/trufflesecurity/trufflehog/pull/3211) - \[analyze] Capture the hierarchy of GitHub permissions by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3127](https://togithub.com/trufflesecurity/trufflehog/pull/3127) - \[analyze] Fix GitHub token expiration parsing by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3205](https://togithub.com/trufflesecurity/trufflehog/pull/3205) - \[chore] Fix lint errors by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3218](https://togithub.com/trufflesecurity/trufflehog/pull/3218) - \[chore] Ignore analyzer implementation tests in test-community by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3219](https://togithub.com/trufflesecurity/trufflehog/pull/3219) - Support for kebab case and dot notation in permission generation tool by [@​abmussani](https://togithub.com/abmussani) in [https://github.com/trufflesecurity/trufflehog/pull/3222](https://togithub.com/trufflesecurity/trufflehog/pull/3222) - Improve domain / url handling in detectors by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/3221](https://togithub.com/trufflesecurity/trufflehog/pull/3221) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.81.8...v3.81.9 ### [`v3.81.8`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.81.8) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.81.7...v3.81.8) #### What's Changed - \[analyze] Deduplicate finegrained GitHub permissions by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3196](https://togithub.com/trufflesecurity/trufflehog/pull/3196) - fix(deps): update module golang.org/x/net to v0.28.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3187](https://togithub.com/trufflesecurity/trufflehog/pull/3187) - \[analyze] Fix double-print in postgres analyzer by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3199](https://togithub.com/trufflesecurity/trufflehog/pull/3199) - fix(deps): update module go.mongodb.org/mongo-driver to v1.16.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3197](https://togithub.com/trufflesecurity/trufflehog/pull/3197) - Log when a detector ignores the timeout by [@​rosecodym](https://togithub.com/rosecodym) in [https://github.com/trufflesecurity/trufflehog/pull/3201](https://togithub.com/trufflesecurity/trufflehog/pull/3201) - \[bug] - Correctly Handle Large Files in BufferedReadSeeker by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/3203](https://togithub.com/trufflesecurity/trufflehog/pull/3203) - fix(deps): update module github.com/google/go-containerregistry to v0.20.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3184](https://togithub.com/trufflesecurity/trufflehog/pull/3184) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.81.7...v3.81.8 ### [`v3.81.7`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.81.7) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.81.6...v3.81.7) #### What's Changed - fix(deps): update module golang.org/x/crypto to v0.26.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3182](https://togithub.com/trufflesecurity/trufflehog/pull/3182) - fix(deps): update module golang.org/x/text to v0.17.0 - autoclosed by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3183](https://togithub.com/trufflesecurity/trufflehog/pull/3183) - \[analyze] Add analyze option to main TUI and unhide subcommand by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3186](https://togithub.com/trufflesecurity/trufflehog/pull/3186) - Analyzer capitalization by [@​hxnyk](https://togithub.com/hxnyk) in [https://github.com/trufflesecurity/trufflehog/pull/3188](https://togithub.com/trufflesecurity/trufflehog/pull/3188) - \[analyze] Bandaid solution for occasional slow startups by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3191](https://togithub.com/trufflesecurity/trufflehog/pull/3191) - \[analyze] Add basic section to README by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3190](https://togithub.com/trufflesecurity/trufflehog/pull/3190) - Fixes for a few finegrained token issues by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/3194](https://togithub.com/trufflesecurity/trufflehog/pull/3194) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.81.6...v3.81.7 ### [`v3.81.6`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.81.6) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.81.5...v3.81.6) #### What's Changed - Auth GitHub in Init by [@​rosecodym](https://togithub.com/rosecodym) in [https://github.com/trufflesecurity/trufflehog/pull/3131](https://togithub.com/trufflesecurity/trufflehog/pull/3131) - fix(deps): update module github.com/envoyproxy/protoc-gen-validate to v1.1.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3176](https://togithub.com/trufflesecurity/trufflehog/pull/3176) - Analyze TUI by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3172](https://togithub.com/trufflesecurity/trufflehog/pull/3172) - \[analyze] Separate SID from token in twilio analyzer by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3177](https://togithub.com/trufflesecurity/trufflehog/pull/3177) - \[chore] Use custom HTTP client in sendgrid analyzer by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/3178](https://togithub.com/trufflesecurity/trufflehog/pull/3178) - Improve finegrained token support by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/3179](https://togithub.com/trufflesecurity/trufflehog/pull/3179) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.81.5...v3.81.6
--- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View the [repository job log](https://developer.mend.io/github/splunk/addonfactory-workflow-addon-release). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/reusable-build-test-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index 3be35f712..1ebe41a39 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -265,7 +265,7 @@ jobs: fetch-depth: "0" ref: ${{ github.head_ref }} - name: Secret Scanning Trufflehog - uses: trufflesecurity/trufflehog@v3.81.5 + uses: trufflesecurity/trufflehog@v3.81.9 with: extra_args: -x .github/workflows/exclude-patterns.txt --json --only-verified version: 3.77.0 From efb57ff3a6148aad25cda912c3d0511ee783eaef Mon Sep 17 00:00:00 2001 From: kgwizdz-splunk <163291633+kgwizdz-splunk@users.noreply.github.com> Date: Mon, 12 Aug 2024 15:14:20 +0200 Subject: [PATCH 07/21] feat: add publish for custom version --- .../workflows/reusable-build-test-release.yml | 95 ++++++++++++++++--- 1 file changed, 80 insertions(+), 15 deletions(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index 3be35f712..1356e623a 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -14,6 +14,21 @@ on: type: string default: >- [""] + custom-version: + required: false + description: 'Version of release in the form of "x.x.x" string, specified by user instead of automatically generated semantic release' + type: string + default: "" + execute-tests-on-push-to-develop: + required: false + description: 'Flag to run all tests on push to develop branch' + type: string + default: 'false' + execute-tests-on-push-to-release: + required: false + description: 'Flag to run all tests on push to release branch' + type: string + default: 'false' k8s-environment: required: false description: Specifies which environment to use for k8s testing. ["production", "staging"] @@ -77,6 +92,24 @@ concurrency: group: ${{ github.head_ref || github.run_id }} cancel-in-progress: true jobs: + validate-custom-version: + runs-on: ubuntu-latest + if: ${{ github.event.inputs.custom-version != '' }} + steps: + - uses: actions/checkout@v4 + - name: Validate custom version + run: | + if [[ ! ${{ github.event.inputs.custom-version }} =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then + echo "Invalid custom version provided. Please provide a valid semver version." + exit 1 + fi + + git fetch --tags + if [ "$(git tag -l 'v${{ github.event.inputs.custom-version }}')" ]; then + echo "The provided version already exists. Please provide a unique version." + exit 1 + fi + setup-workflow: runs-on: ubuntu-latest outputs: @@ -140,7 +173,10 @@ jobs: fi ;; "push") - if ${{ github.ref_name == 'main' }} || ${{ github.ref_name == 'develop' }} || ${{ github.ref_type == 'tag' }} ; then + if ${{ github.ref_name == 'main' }} || + ${{ github.ref_name == 'develop' && inputs.execute-tests-on-push-to-develop == 'true' }} || + ${{ startsWith(github.ref_name, 'release/') && inputs.execute-tests-on-push-to-release == 'true' }} || + ${{ github.ref_type == 'tag' }} ; then for test_type in "${TESTSET[@]}"; do EXECUTE_LABELED["$test_type"]="true" done @@ -151,6 +187,13 @@ jobs: EXECUTE_LABELED["$test_type"]="true" done ;; + "workflow_dispatch") + if ${{ inputs.custom-version != '' }} ; then + for test_type in "${TESTSET[@]}"; do + EXECUTE_LABELED["$test_type"]="true" + done + fi + ;; *) echo "No tests were labeled for execution!" ;; @@ -415,6 +458,7 @@ jobs: build: runs-on: ubuntu-latest needs: + - validate-custom-version - setup-workflow - test-inventory - meta @@ -424,7 +468,7 @@ jobs: - semgrep - run-unit-tests - fossa-scan - if: ${{ !cancelled() && (needs.run-unit-tests.result == 'success' || needs.run-unit-tests.result == 'skipped') }} + if: ${{ !cancelled() && (needs.run-unit-tests.result == 'success' || needs.run-unit-tests.result == 'skipped') && (needs.validate-custom-version.result == 'success' || needs.validate-custom-version.result == 'skipped') }} outputs: buildname: ${{ steps.buildupload.outputs.name }} permissions: @@ -495,7 +539,7 @@ jobs: - name: Determine the version to build id: BuildVersion run: | - INPUT_SEMVER="${{ steps.semantic.outputs.new_release_version }}" + INPUT_SEMVER="${{ github.event.inputs.custom-version != '' && github.event.inputs.custom-version || steps.semantic.outputs.new_release_version }}" echo "Initial semver ${INPUT_SEMVER}" INPUT_PRNUMBER="${{ github.event.number }}" SEMVER_REGEX='^v?[0-9]+\.[0-9]+\.[0-9]+$' @@ -602,6 +646,7 @@ jobs: build-3_9: runs-on: ubuntu-latest needs: + - validate-custom-version - setup-workflow - test-inventory - meta @@ -613,7 +658,8 @@ jobs: - fossa-scan if: | always() && - (needs.run-unit-tests-3_9.result == 'success' || needs.run-unit-tests-3_9.result == 'skipped') + (needs.run-unit-tests-3_9.result == 'success' || needs.run-unit-tests-3_9.result == 'skipped') && + (needs.validate-custom-version.result == 'success' || needs.validate-custom-version.result == 'skipped') permissions: contents: write packages: read @@ -673,7 +719,7 @@ jobs: GITHUB_TOKEN: ${{ github.token }} - id: BuildVersion run: | - INPUT_SEMVER="${{ steps.semantic.outputs.new_release_version }}" + INPUT_SEMVER="${{ github.event.inputs.custom-version != '' && github.event.inputs.custom-version || steps.semantic.outputs.new_release_version }}" echo "Initial semver ${INPUT_SEMVER}" INPUT_PRNUMBER="${{ github.event.number }}" SEMVER_REGEX='^v?[0-9]+\.[0-9]+\.[0-9]+$' @@ -1819,7 +1865,10 @@ jobs: ${{ needs.setup.outputs.directory-path }}/diag* run-scripted-input-tests-full-matrix: - if: ${{ !cancelled() && needs.build.result == 'success' && needs.test-inventory.outputs.scripted_inputs == 'true' && ( github.base_ref == 'main' || github.ref_name == 'main' ) && needs.setup-workflow.outputs.execute-scripted_inputs-labeled == 'true' }} + if: | + ( !cancelled() && needs.build.result == 'success' && needs.test-inventory.outputs.scripted_inputs == 'true' ) && + ( github.base_ref == 'main' || github.ref_name == 'main' || ( github.ref_name == 'develop' && inputs.execute-tests-on-push-to-develop == 'true' ) || ( startsWith(github.ref_name, 'release/') && inputs.execute-tests-on-push-to-release == 'true' ) ) && + ( needs.setup-workflow.outputs.execute-scripted_inputs-labeled == 'true' ) needs: - build - test-inventory @@ -2044,12 +2093,13 @@ jobs: ${{ needs.setup.outputs.directory-path }}/diag* pre-publish: - if: ${{ !cancelled() }} + if: ${{ !cancelled() && needs.validate-custom-version.result == 'success' }} # The following line will rename 'pre-publish' to 'pre-publish-not_main_pr' when PR is created towards main branch # It is necessary to avoid confusion caused by githubactions considering pre-publish for both push to develop branch # and pull_request to main branch events. name: ${{ github.event_name == 'pull_request' && github.base_ref == 'main' && 'pre-publish' || 'pre-publish-not_main_pr' }} needs: + - validate-custom-version - meta - compliance-copyrights - lint @@ -2086,9 +2136,14 @@ jobs: exit 1 publish: - if: ${{ !cancelled() && needs.pre-publish.result == 'success' && github.event_name != 'pull_request' && github.event_name != 'schedule' }} + if: | + (!cancelled() && needs.pre-publish.result == 'success' && github.event_name != 'pull_request' && github.event_name != 'schedule') || + (!cancelled() && needs.pre-publish.result == 'success' && github.event.inputs.custom-version != '' && needs.validate-custom-version.result == 'success') + name: ${{ github.event.inputs.custom-version == '' && 'publish' || 'publish-custom-version' }} + needs: - pre-publish + - validate-custom-version runs-on: ubuntu-latest permissions: contents: write @@ -2102,6 +2157,7 @@ jobs: submodules: false persist-credentials: false - name: Semantic Release + if: ${{ github.event.inputs.custom-version == '' }} id: semantic uses: splunk/semantic-release-action@v1.3 env: @@ -2111,15 +2167,24 @@ jobs: git_committer_email: ${{ secrets.SA_GH_USER_EMAIL }} gpg_private_key: ${{ secrets.SA_GPG_PRIVATE_KEY }} passphrase: ${{ secrets.SA_GPG_PASSPHRASE }} + - name: Release custom version + if: ${{ github.event.inputs.custom-version != '' }} + id: custom + uses: "softprops/action-gh-release@v2" + with: + token: "${{ secrets.GH_TOKEN_ADMIN }}" + tag_name: v${{ github.event.inputs.custom-version }} + target_commitish: "${{github.ref_name}}" + make_latest: false - name: Download package-deployment - if: ${{ steps.semantic.outputs.new_release_published == 'true' }} + if: ${{ steps.semantic.outputs.new_release_published == 'true' || steps.custom.outputs.upload_url != '' }} uses: actions/download-artifact@v4 id: download-package-deployment with: name: package-deployment path: download/artifacts/ - name: Download package-splunkbase - if: ${{ steps.semantic.outputs.new_release_published == 'true' }} + if: ${{ steps.semantic.outputs.new_release_published == 'true' || steps.custom.outputs.upload_url != '' }} uses: actions/download-artifact@v4 id: download-package-splunkbase with: @@ -2127,7 +2192,7 @@ jobs: path: download/artifacts/deployment - name: Download cim-compliance-report id: download-cim-compliance-report - if: ${{ steps.semantic.outputs.new_release_published == 'true' }} + if: ${{ steps.semantic.outputs.new_release_published == 'true' || steps.custom.outputs.upload_url != '' }} continue-on-error: true uses: actions/download-artifact@v4 with: @@ -2135,22 +2200,22 @@ jobs: path: download/artifacts/deployment - name: Download cim-field-report id: download-cim-field-report - if: ${{ steps.semantic.outputs.new_release_published == 'true' }} + if: ${{ steps.semantic.outputs.new_release_published == 'true' || steps.custom.outputs.upload_url != '' }} continue-on-error: true uses: actions/download-artifact@v4 with: name: cim-field-report path: download/artifacts/deployment - name: List of assets - if: ${{ steps.semantic.outputs.new_release_published == 'true' }} + if: ${{ steps.semantic.outputs.new_release_published == 'true'|| steps.custom.outputs.upload_url != '' }} run: | ls -la ${{ steps.download-package-splunkbase.outputs.download-path }} - name: Upload assets to release - if: ${{ steps.semantic.outputs.new_release_published == 'true' }} + if: ${{ steps.semantic.outputs.new_release_published == 'true' || steps.custom.outputs.upload_url != '' }} uses: svenstaro/upload-release-action@v2 with: repo_token: ${{ github.token }} file: ${{ steps.download-package-splunkbase.outputs.download-path }}/* overwrite: true file_glob: true - tag: v${{ steps.semantic.outputs.new_release_version }} + tag: v${{ github.event.inputs.custom-version != '' && github.event.inputs.custom-version || steps.semantic.outputs.new_release_version }} From f135b1b0396afad7d11544bd8d37106a66a5004d Mon Sep 17 00:00:00 2001 From: dvarasani-crest <151819886+dvarasani-crest@users.noreply.github.com> Date: Thu, 29 Aug 2024 15:39:17 +0530 Subject: [PATCH 08/21] fix: remove cim-field-report (#310) This PR removes steps `Upload cim-field-report` from `run-knowledge-tests` and `Download cim-field-report` from `publish` stage. fixes: https://splunk.atlassian.net/browse/ADDON-73385 --- .../workflows/reusable-build-test-release.yml | 17 +---------------- README.md | 1 - 2 files changed, 1 insertion(+), 17 deletions(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index 2966fb17a..55be6e2b8 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -38,7 +38,7 @@ on: required: false description: "branch for k8s manifests to run the tests on" type: string - default: "v3.0.3" + default: "v3.0.4" scripted-inputs-os-list: required: false description: "list of OS used for scripted input tests" @@ -1161,13 +1161,6 @@ jobs: name: cim-compliance-report path: | ${{ needs.setup.outputs.directory-path }}/test-results/cim-compliance-report.md - - name: Upload cim-field-report for ${{ matrix.splunk.version }} - uses: actions/upload-artifact@v4 - if: ${{ matrix.splunk.islatest == true }} - with: - name: cim-field-report - path: | - ${{ needs.setup.outputs.directory-path }}/test-results/cim_field_report.json - name: Test Report id: test_report uses: dorny/test-reporter@v1.9.1 @@ -2198,14 +2191,6 @@ jobs: with: name: cim-compliance-report path: download/artifacts/deployment - - name: Download cim-field-report - id: download-cim-field-report - if: ${{ steps.semantic.outputs.new_release_published == 'true' || steps.custom.outputs.upload_url != '' }} - continue-on-error: true - uses: actions/download-artifact@v4 - with: - name: cim-field-report - path: download/artifacts/deployment - name: List of assets if: ${{ steps.semantic.outputs.new_release_published == 'true'|| steps.custom.outputs.upload_url != '' }} run: | diff --git a/README.md b/README.md index 59825e734..8dc77b6d4 100644 --- a/README.md +++ b/README.md @@ -472,7 +472,6 @@ test_check_unicode_output.txt ``` Junit XML file pytest_splunk_addon.log -cim-field-report cim-compliance-report ``` From 806fb1cdcd587a2263016354126420532232d683 Mon Sep 17 00:00:00 2001 From: Marcin Bruzda <94437843+mbruzda-splunk@users.noreply.github.com> Date: Thu, 29 Aug 2024 16:14:43 +0200 Subject: [PATCH 09/21] feat: update appinpsect_cli_action to 2.8 --- .github/workflows/reusable-build-test-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index 55be6e2b8..d3691d864 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -806,7 +806,7 @@ jobs: name: package-splunkbase path: build/package/ - name: Scan - uses: splunk/appinspect-cli-action@v2.7 + uses: splunk/appinspect-cli-action@v2.8 with: app_path: build/package/ included_tags: ${{ matrix.tags }} From 309101f6ebe059bb2445c4aec0efd34f696d0b23 Mon Sep 17 00:00:00 2001 From: Adam Wownysz <150446614+awownysz-splunk@users.noreply.github.com> Date: Thu, 29 Aug 2024 17:45:04 +0200 Subject: [PATCH 10/21] chore: adjust workflow trigger on develop (#317) Adjusting workflow trigger on `develop` branch to revert unnecessary change in https://github.com/splunk/addonfactory-workflow-addon-release/pull/309 --- .../workflows/reusable-build-test-release.yml | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index d3691d864..3d522ed8c 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -19,11 +19,6 @@ on: description: 'Version of release in the form of "x.x.x" string, specified by user instead of automatically generated semantic release' type: string default: "" - execute-tests-on-push-to-develop: - required: false - description: 'Flag to run all tests on push to develop branch' - type: string - default: 'false' execute-tests-on-push-to-release: required: false description: 'Flag to run all tests on push to release branch' @@ -173,10 +168,8 @@ jobs: fi ;; "push") - if ${{ github.ref_name == 'main' }} || - ${{ github.ref_name == 'develop' && inputs.execute-tests-on-push-to-develop == 'true' }} || - ${{ startsWith(github.ref_name, 'release/') && inputs.execute-tests-on-push-to-release == 'true' }} || - ${{ github.ref_type == 'tag' }} ; then + if ${{ github.ref_name == 'main' }} || ${{ github.ref_name == 'develop' }} || ${{ github.ref_type == 'tag' }} || + ${{ startsWith(github.ref_name, 'release/') && inputs.execute-tests-on-push-to-release == 'true' }} ; then for test_type in "${TESTSET[@]}"; do EXECUTE_LABELED["$test_type"]="true" done @@ -1858,10 +1851,7 @@ jobs: ${{ needs.setup.outputs.directory-path }}/diag* run-scripted-input-tests-full-matrix: - if: | - ( !cancelled() && needs.build.result == 'success' && needs.test-inventory.outputs.scripted_inputs == 'true' ) && - ( github.base_ref == 'main' || github.ref_name == 'main' || ( github.ref_name == 'develop' && inputs.execute-tests-on-push-to-develop == 'true' ) || ( startsWith(github.ref_name, 'release/') && inputs.execute-tests-on-push-to-release == 'true' ) ) && - ( needs.setup-workflow.outputs.execute-scripted_inputs-labeled == 'true' ) + if: ${{ !cancelled() && needs.build.result == 'success' && needs.test-inventory.outputs.scripted_inputs == 'true' && ( github.base_ref == 'main' || github.ref_name == 'main' ) && needs.setup-workflow.outputs.execute-scripted_inputs-labeled == 'true' }} needs: - build - test-inventory From 171543f1a9d7adacede6a26386d8e9f581543a67 Mon Sep 17 00:00:00 2001 From: mkolasinski-splunk <105011638+mkolasinski-splunk@users.noreply.github.com> Date: Fri, 30 Aug 2024 10:32:30 +0200 Subject: [PATCH 11/21] chore: remove branch conditions from scripted-inputs-tests (#319) --- .github/workflows/reusable-build-test-release.yml | 2 +- .gitignore | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index 3d522ed8c..e4caa7756 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -1851,7 +1851,7 @@ jobs: ${{ needs.setup.outputs.directory-path }}/diag* run-scripted-input-tests-full-matrix: - if: ${{ !cancelled() && needs.build.result == 'success' && needs.test-inventory.outputs.scripted_inputs == 'true' && ( github.base_ref == 'main' || github.ref_name == 'main' ) && needs.setup-workflow.outputs.execute-scripted_inputs-labeled == 'true' }} + if: ${{ !cancelled() && needs.build.result == 'success' && needs.test-inventory.outputs.scripted_inputs == 'true' && needs.setup-workflow.outputs.execute-scripted_inputs-labeled == 'true' }} needs: - build - test-inventory diff --git a/.gitignore b/.gitignore index ebd5b9e61..0d01ccd8e 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ actionlint +.idea From 30fa54adc8b5495aa66ea0b15633e88724ea1df2 Mon Sep 17 00:00:00 2001 From: mkolasinski-splunk <105011638+mkolasinski-splunk@users.noreply.github.com> Date: Fri, 30 Aug 2024 10:59:05 +0200 Subject: [PATCH 12/21] fix: unique name for diag artifacts for marker runs (#322) Test run: https://github.com/splunk/splunk-add-on-for-google-cloud-platform/pull/757 --- .github/workflows/reusable-build-test-release.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index e4caa7756..caa4c1efc 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -1615,7 +1615,7 @@ jobs: - uses: actions/upload-artifact@v4 if: ${{ failure() && steps.test_report.outputs.conclusion == 'failure' }} with: - name: archive splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ matrix.browser }} ${{ matrix.vendor-version.image }} tests diag + name: archive splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ matrix.browser }} ${{ matrix.vendor-version.image }} ${{ matrix.marker }} tests diag path: | ${{ needs.setup.outputs.directory-path }}/diag* @@ -1835,7 +1835,7 @@ jobs: uses: dorny/test-reporter@v1.9.1 if: ${{ !cancelled() }} with: - name: splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ matrix.vendor-version.image }} test report + name: splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ matrix.vendor-version.image }} ${{ matrix.marker }} test report path: "${{ needs.setup.outputs.directory-path }}/test-results/*.xml" reporter: java-junit - name: pull diag from s3 bucket @@ -1846,7 +1846,7 @@ jobs: - uses: actions/upload-artifact@v4 if: ${{ failure() && steps.test_report.outputs.conclusion == 'failure' }} with: - name: archive splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ matrix.vendor-version.image }} tests diag + name: archive splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ matrix.vendor-version.image }} ${{ matrix.marker }} tests diag path: | ${{ needs.setup.outputs.directory-path }}/diag* From fb4c2f82089a05161a592dfb8df81ad1d448d765 Mon Sep 17 00:00:00 2001 From: mkolasinski-splunk <105011638+mkolasinski-splunk@users.noreply.github.com> Date: Fri, 30 Aug 2024 11:00:04 +0200 Subject: [PATCH 13/21] deps: bump k8s-manifests version (#320) --- .github/workflows/reusable-build-test-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index caa4c1efc..e6e70bcb8 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -33,7 +33,7 @@ on: required: false description: "branch for k8s manifests to run the tests on" type: string - default: "v3.0.4" + default: "v3.0.5" scripted-inputs-os-list: required: false description: "list of OS used for scripted input tests" From 273675b1d45780621f8a464e6a557dac4c326799 Mon Sep 17 00:00:00 2001 From: mkolasinski-splunk <105011638+mkolasinski-splunk@users.noreply.github.com> Date: Fri, 30 Aug 2024 11:26:29 +0200 Subject: [PATCH 14/21] fix: update path for argo logs pull from s3 (#321) tests: https://github.com/splunk/splunk-add-on-for-google-cloud-platform/actions/runs/10619286231 --- .github/workflows/reusable-build-test-release.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index e6e70bcb8..58469a67d 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -1134,7 +1134,7 @@ jobs: fi echo "pulling logs" mkdir -p ${{ needs.setup.outputs.directory-path }}/argo-logs - aws s3 cp s3://${{ needs.setup.outputs.s3-bucket }}/${WORKFLOW_NAME}/ ${{ needs.setup.outputs.directory-path }}/argo-logs/ --recursive + aws s3 cp s3://${{ needs.setup.outputs.s3-bucket }}/workflows/${WORKFLOW_NAME}/ ${{ needs.setup.outputs.directory-path }}/argo-logs/ --recursive - uses: actions/upload-artifact@v4 if: ${{ !cancelled() }} with: @@ -1353,7 +1353,7 @@ jobs: fi echo "pulling logs" mkdir -p ${{ needs.setup.outputs.directory-path }}/argo-logs - aws s3 cp s3://${{ needs.setup.outputs.s3-bucket }}/${WORKFLOW_NAME}/ ${{ needs.setup.outputs.directory-path }}/argo-logs/ --recursive + aws s3 cp s3://${{ needs.setup.outputs.s3-bucket }}/workflows/${WORKFLOW_NAME}/ ${{ needs.setup.outputs.directory-path }}/argo-logs/ --recursive - uses: actions/upload-artifact@v4 if: ${{ !cancelled() }} with: @@ -1586,7 +1586,7 @@ jobs: fi echo "pulling logs" mkdir -p ${{ needs.setup.outputs.directory-path }}/argo-logs - aws s3 cp s3://${{ needs.setup.outputs.s3-bucket }}/${WORKFLOW_NAME}/ ${{ needs.setup.outputs.directory-path }}/argo-logs/ --recursive + aws s3 cp s3://${{ needs.setup.outputs.s3-bucket }}/workflows/${WORKFLOW_NAME}/ ${{ needs.setup.outputs.directory-path }}/argo-logs/ --recursive - uses: actions/upload-artifact@v4 if: ${{ !cancelled() }} with: @@ -1817,7 +1817,7 @@ jobs: fi echo "pulling logs" mkdir -p ${{ needs.setup.outputs.directory-path }}/argo-logs - aws s3 cp s3://${{ needs.setup.outputs.s3-bucket }}/${WORKFLOW_NAME}/ ${{ needs.setup.outputs.directory-path }}/argo-logs/ --recursive + aws s3 cp s3://${{ needs.setup.outputs.s3-bucket }}/workflows/${WORKFLOW_NAME}/ ${{ needs.setup.outputs.directory-path }}/argo-logs/ --recursive - uses: actions/upload-artifact@v4 if: ${{ !cancelled() }} with: @@ -2042,7 +2042,7 @@ jobs: fi echo "pulling logs" mkdir -p ${{ needs.setup.outputs.directory-path }}/argo-logs - aws s3 cp s3://${{ needs.setup.outputs.s3-bucket }}/${WORKFLOW_NAME}/ ${{ needs.setup.outputs.directory-path }}/argo-logs/ --recursive + aws s3 cp s3://${{ needs.setup.outputs.s3-bucket }}/workflows/${WORKFLOW_NAME}/ ${{ needs.setup.outputs.directory-path }}/argo-logs/ --recursive - uses: actions/upload-artifact@v4 if: ${{ !cancelled() }} with: From d875027d91a7c3a24d1d68a4d4136f780d5d10e9 Mon Sep 17 00:00:00 2001 From: dvarasani-crest <151819886+dvarasani-crest@users.noreply.github.com> Date: Fri, 30 Aug 2024 15:05:30 +0530 Subject: [PATCH 15/21] refactor: use reusable workflow for semgrep (#311) Updated the build-test-release workflow to use [sast-scan](https://github.com/splunk/sast-scanning) owned by product security team instead of using custom implementation. Ref: https://splunk.atlassian.net/browse/ADDON-72309 Test workflow run: https://github.com/splunk/splunk-add-on-for-servicenow/actions/runs/10596615468 Tested on PR: https://github.com/splunk/splunk-add-on-for-servicenow/pull/751 Workflow is not tested for the failure scenario because we need to have blocker findings by the semgrep in order to fail the workflow. Currently all rules are in monitor mode so any findings by the semgrep will be non-blocker resulting in semgrep stage to pass everytime. Discussion with the semgrep team: https://splunk.slack.com/archives/C011ELTV7FG/p1724923496371529 --- .../workflows/reusable-build-test-release.yml | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index 58469a67d..689508152 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -305,19 +305,11 @@ jobs: with: extra_args: -x .github/workflows/exclude-patterns.txt --json --only-verified version: 3.77.0 - + semgrep: - runs-on: ubuntu-latest - name: security-sast-semgrep - container: - image: returntocorp/semgrep - steps: - - uses: actions/checkout@v4 - - name: Semgrep - id: semgrep - run: semgrep ci - env: - SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_PUBLISH_TOKEN }} + uses: splunk/sast-scanning/.github/workflows/sast-scan.yml@main + secrets: + SEMGREP_KEY: ${{ secrets.SEMGREP_PUBLISH_TOKEN }} test-inventory: runs-on: ubuntu-latest From 2e92f1f6b44577939c26fa0a1555d8d3111a5909 Mon Sep 17 00:00:00 2001 From: kdoroszko-splunk Date: Fri, 30 Aug 2024 12:51:23 +0200 Subject: [PATCH 16/21] docs: update setup-workflow description in README.md (#315) Updating README.md to be aligned with the latest changes (https://github.com/splunk/addonfactory-workflow-addon-release/pull/309). --------- Co-authored-by: mkolasinski-splunk <105011638+mkolasinski-splunk@users.noreply.github.com> --- .github/workflows/reusable-build-test-release.yml | 2 +- README.md | 7 ++++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index 689508152..f9fa2fb41 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -168,7 +168,7 @@ jobs: fi ;; "push") - if ${{ github.ref_name == 'main' }} || ${{ github.ref_name == 'develop' }} || ${{ github.ref_type == 'tag' }} || + if ${{ github.ref_name == 'main' }} || ${{ github.ref_name == 'develop' }} || ${{ startsWith(github.ref_name, 'release/') && inputs.execute-tests-on-push-to-release == 'true' }} ; then for test_type in "${TESTSET[@]}"; do EXECUTE_LABELED["$test_type"]="true" diff --git a/README.md b/README.md index 8dc77b6d4..3a801f20c 100644 --- a/README.md +++ b/README.md @@ -37,7 +37,12 @@ Job that is scanning PR and based on PR body or included labels defining tests t * All tests are executed by default when (controlled from [here](https://github.com/splunk/addonfactory-repository-template/blob/main/enforce/.github/workflows/build-test-release.yml)) * PR target branch is `main` (unless `use_labels` label is used then specific test labels (see below) should be added to execute specific test types) - * push event on branches `main`, `develop` and on `tags` (on release) + * triggering event is push to `main` branch + * triggering event is push to `develop` branch + * triggering event is push event to `release/*` branch + * only when `execute-tests-on-push-to-release` is set to 'true' + * when `execute-tests-on-push-to-release` is set to 'false' tests will not be triggered + * triggering event is workflow_dispatch (used to create custom release version) * schedule event (controlled from [here](https://github.com/splunk/addonfactory-repository-template/blob/main/tools/jinja_parameters.yml)) * To trigger specific test type * add to PR one or multiple labels, available choices can be found [here](https://github.com/splunk/addonfactory-workflow-addon-release/blob/4f3fa4d779b6ec7649f0dc6b973eb4d68e5fcc48/.github/workflows/reusable-build-test-release.yml#L153) From c35feae9840590e9e4182a89fd7df649bb84e5f6 Mon Sep 17 00:00:00 2001 From: harshilgajera-crest <69803385+harshilgajera-crest@users.noreply.github.com> Date: Fri, 30 Aug 2024 17:43:57 +0530 Subject: [PATCH 17/21] feat: adding job summaries (#312) Added job summaries to relevant jobs to provide better accessibility. GA link : https://github.com/splunk/splunk-add-on-for-google-cloud-platform/actions/runs/10597121787 --- .../workflows/reusable-build-test-release.yml | 294 +++++++++++++++++- 1 file changed, 280 insertions(+), 14 deletions(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index f9fa2fb41..713d05c1e 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -233,16 +233,26 @@ jobs: persist-credentials: false - id: matrix uses: splunk/addonfactory-test-matrix-action@v2.1 - + - name: job summary + run: | + splunk_version_list=$(echo '${{ steps.matrix.outputs.supportedSplunk }}' | jq -r '.[].version') + sc4s_version_list=$(echo '${{ steps.matrix.outputs.supportedSC4S }}' | jq -r '.[].version') + echo -e "## Summary of Versions Used\n- **Splunk versions used:** (${splunk_version_list})\n- **SC4S versions used:** (${sc4s_version_list})\n- Browser: Chrome" >> "$GITHUB_STEP_SUMMARY" fossa-scan: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: run fossa analyze and create report + id: fossa-scan run: | curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash - fossa analyze --debug + fossa analyze --debug 2>&1 | tee /tmp/fossa_analyze_output.txt + exit_code="${PIPESTATUS[0]}" + FOSSA_REPORT_URL=$(grep -o 'https://app.fossa.com[^ ]*' /tmp/fossa_analyze_output.txt || true) + echo "url=$FOSSA_REPORT_URL" + echo "FOSSA_REPORT_URL=$FOSSA_REPORT_URL" >> "$GITHUB_OUTPUT" fossa report attribution --format text --timeout 600 > /tmp/THIRDPARTY + exit "$exit_code" env: FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} - name: upload THIRDPARTY file @@ -250,6 +260,10 @@ jobs: with: name: THIRDPARTY path: /tmp/THIRDPARTY + - name: job summary + if: success() || failure() + run: | + echo "FOSSA Report: ${{ steps.fossa-scan.outputs.FOSSA_REPORT_URL }}" >> "$GITHUB_STEP_SUMMARY" fossa-test: continue-on-error: true @@ -337,7 +351,7 @@ jobs: ucc_modinput_tests="false" fi echo "ucc_modinput_tests=$ucc_modinput_tests" >> "$GITHUB_OUTPUT" - + run-unit-tests: name: test-unit-python3-${{ matrix.python-version }} if: ${{ needs.test-inventory.outputs.unit == 'true' }} @@ -349,7 +363,7 @@ jobs: matrix: python-version: - "3.7" - permissions: + permissions: actions: read deployments: read contents: read @@ -383,6 +397,23 @@ jobs: run: cp tests/unit/pytest-ci.ini pytest.ini - name: Run Pytest with coverage run: poetry run pytest --cov=./ --cov-report=xml --junitxml=test-results/junit.xml tests/unit + - name : Job summary + continue-on-error: true + run: | + sudo apt-get install -y libxml2-utils + junit_xml_file=$(find "test-results" -name "*.xml" -type f 2>/dev/null | head -n 1) + + if [ -n "$junit_xml_file" ]; then + total_tests=$(xmllint --xpath 'sum(//testsuite/@tests)' "$junit_xml_file") + failures=$(xmllint --xpath 'sum(//testsuite/@failures)' "$junit_xml_file") + errors=$(xmllint --xpath 'sum(//testsuite/@errors)' "$junit_xml_file") + skipped=$(xmllint --xpath 'sum(//testsuite/@skipped)' "$junit_xml_file") + passed=$((total_tests - failures - errors - skipped)) + echo -e "| Total Tests | Passed Tests | Failed Tests | Errored Tests | Skipped Tests |\n| ----------- | ------------ | ------------ | ------------- | ------------- |\n| $total_tests | $passed | $failures | $errors | $skipped |" >> "$GITHUB_STEP_SUMMARY" + else + echo "no XML File found, exiting" + exit 1 + fi - uses: actions/upload-artifact@v4 if: success() || failure() with: @@ -400,7 +431,7 @@ jobs: matrix: python-version: - "3.9" - permissions: + permissions: actions: read deployments: read contents: read @@ -434,6 +465,23 @@ jobs: run: cp tests/unit/pytest-ci.ini pytest.ini - name: Run Pytest with coverage run: poetry run pytest --cov=./ --cov-report=xml --junitxml=test-results/junit.xml tests/unit + - name : Job summary + continue-on-error: true + run: | + sudo apt-get install -y libxml2-utils + junit_xml_file=$(find "test-results" -name "*.xml" -type f 2>/dev/null | head -n 1) + + if [ -n "$junit_xml_file" ]; then + total_tests=$(xmllint --xpath 'sum(//testsuite/@tests)' "$junit_xml_file") + failures=$(xmllint --xpath 'sum(//testsuite/@failures)' "$junit_xml_file") + errors=$(xmllint --xpath 'sum(//testsuite/@errors)' "$junit_xml_file") + skipped=$(xmllint --xpath 'sum(//testsuite/@skipped)' "$junit_xml_file") + passed=$((total_tests - failures - errors - skipped)) + echo -e "| Total Tests | Passed Tests | Failed Tests | Errored Tests | Skipped Tests |\n| ----------- | ------------ | ------------ | ------------- | ------------- |\n| $total_tests | $passed | $failures | $errors | $skipped |" >> "$GITHUB_STEP_SUMMARY" + else + echo "no XML File found, exiting" + exit 1 + fi - uses: actions/upload-artifact@v4 if: success() || failure() with: @@ -742,7 +790,7 @@ jobs: - build - test-inventory if: ${{ !cancelled() && needs.build.result == 'success' && needs.test-inventory.outputs.requirement_test == 'true' }} - permissions: + permissions: actions: read deployments: read contents: read @@ -894,7 +942,7 @@ jobs: echo "argo-server=${{ needs.setup-workflow.outputs.argo_server_domain_k8s }}:443" echo "argo-http1=true" echo "argo-secure=true" - echo "argo-base-href=\'\'" + echo -e "argo-base-href=\'\'" echo "argo-namespace=workflows" echo "argo-workflow-tmpl-name=ta-workflow" echo "argo-cancel-workflow-tmpl-name=cancel-workflow" @@ -955,7 +1003,6 @@ jobs: matrix: splunk: ${{ fromJson(needs.meta.outputs.matrix_supportedSplunk) }} sc4s: ${{ fromJson(needs.meta.outputs.matrix_supportedSC4S) }} - container: image: ghcr.io/splunk/workflow-engine-base:4.1.0 env: @@ -967,7 +1014,7 @@ jobs: SPLUNK_VERSION_BASE: ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} TEST_TYPE: "knowledge" TEST_ARGS: "" - permissions: + permissions: actions: read deployments: read contents: read @@ -1154,6 +1201,29 @@ jobs: name: splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} test report path: "${{ needs.setup.outputs.directory-path }}/test-results/*.xml" reporter: java-junit + - name: Parse JUnit XML + if: ${{ !cancelled() }} + run: | + apt-get install -y libxml2-utils + junit_xml_path="${{ needs.setup.outputs.directory-path }}/test-results" + junit_xml_file=$(find "$junit_xml_path" -name "*.xml" -type f 2>/dev/null | head -n 1) + if [ -n "$junit_xml_file" ]; then + total_tests=$(xmllint --xpath 'sum(//testsuite/@tests)' "$junit_xml_file") + failures=$(xmllint --xpath 'sum(//testsuite/@failures)' "$junit_xml_file") + errors=$(xmllint --xpath 'sum(//testsuite/@errors)' "$junit_xml_file") + skipped=$(xmllint --xpath 'sum(//testsuite/@skipped)' "$junit_xml_file") + passed=$((total_tests - failures - errors - skipped)) + echo "splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} |$total_tests |$passed |$failures |$errors | $skipped |${{steps.test_report.outputs.url_html}}" > job_summary.txt + else + echo "no XML File found, exiting" + exit 1 + fi + - name: Upload-artifact-for-github-summary + uses: actions/upload-artifact@v4 + if: ${{ !cancelled() }} + with: + name: summary-ko-${{ matrix.splunk.version }}-${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} + path: job_summary.txt - name: pull diag from s3 bucket if: ${{ failure() && steps.test_report.outputs.conclusion == 'failure' }} run: | @@ -1166,6 +1236,26 @@ jobs: path: | ${{ needs.setup.outputs.directory-path }}/diag* + knowledge-tests-report: + needs: run-knowledge-tests + runs-on: ubuntu-latest + if: ${{ !cancelled() && needs.run-knowledge-tests.result != 'skipped' }} + steps: + - name: Download all summaries + uses: actions/download-artifact@v4 + with: + pattern: summary-ko* + - name: Combine summaries into a table + run: | + echo "| Job | Total Tests | Passed Tests | Failed Tests | Errored Tests | Skipped Tests | Report Link" >> "$GITHUB_STEP_SUMMARY" + echo "| ---------- | ----------- | ------ | ------ | ------ | ------- | ------ |" >> "$GITHUB_STEP_SUMMARY" + for file in summary-ko*/job_summary.txt; do + cat "$file" >> "$GITHUB_STEP_SUMMARY" + done + - uses: geekyeggo/delete-artifact@v5 + with: + name: | + summary-ko* run-requirement-tests: if: ${{ !cancelled() && needs.build.result == 'success' && needs.test-inventory.outputs.requirement_test == 'true' && needs.setup-workflow.outputs.execute-requirement-labeled == 'true' }} @@ -1192,7 +1282,7 @@ jobs: ARGO_NAMESPACE: ${{ needs.setup.outputs.argo-namespace }} TEST_TYPE: "requirement_test" TEST_ARGS: "" - permissions: + permissions: actions: read deployments: read contents: read @@ -1213,7 +1303,7 @@ jobs: - name: capture start time id: capture-start-time run: | - echo "start_time=$(date +%s)" >> "$GITHUB_OUTPUT" + echo "start_time=$(date +%s)" >> "$GITHUB_OUTPUT" - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -1287,7 +1377,7 @@ jobs: else echo "Workflow ${{ steps.run-tests.outputs.workflow-name }} didn't stop" exit 1 - fi + fi - name: Retrying workflow id: retry-wf shell: bash @@ -1366,6 +1456,29 @@ jobs: name: splunk ${{ matrix.splunk.version }} ${{ env.TEST_TYPE }} test report path: "${{ needs.setup.outputs.directory-path }}/test-results/*.xml" reporter: java-junit + - name: Parse JUnit XML + if: ${{ !cancelled() }} + run: | + apt-get install -y libxml2-utils + junit_xml_path="${{ needs.setup.outputs.directory-path }}/test-results" + junit_xml_file=$(find "$junit_xml_path" -name "*.xml" -type f 2>/dev/null | head -n 1) + if [ -n "$junit_xml_file" ]; then + total_tests=$(xmllint --xpath 'sum(//testsuite/@tests)' "$junit_xml_file") + failures=$(xmllint --xpath 'sum(//testsuite/@failures)' "$junit_xml_file") + errors=$(xmllint --xpath 'sum(//testsuite/@errors)' "$junit_xml_file") + skipped=$(xmllint --xpath 'sum(//testsuite/@skipped)' "$junit_xml_file") + passed=$((total_tests - failures - errors - skipped)) + echo "splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} |$total_tests |$passed |$failures |$errors |$skipped |${{steps.test_report.outputs.url_html}}" > job_summary.txt + else + echo "no XML File found, exiting" + exit 1 + fi + - name: Upload-artifact-for-github-summary + uses: actions/upload-artifact@v4 + if: ${{ !cancelled() }} + with: + name: summary-requirement-${{ matrix.splunk.version }}-${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} + path: job_summary.txt - name: pull diag from s3 bucket if: ${{ failure() && steps.test_report.outputs.conclusion == 'failure' }} run: | @@ -1378,6 +1491,27 @@ jobs: path: | ${{ needs.setup.outputs.directory-path }}/diag* + Requirement-input-tests-report: + needs: run-requirement-tests + runs-on: ubuntu-latest + if: ${{ !cancelled() && needs.run-requirement-tests.result != 'skipped' }} + steps: + - name: Download all summaries + uses: actions/download-artifact@v4 + with: + pattern: summary-requirement* + - name: Combine summaries into a table + run: | + echo "| Job | Total Tests | Passed Tests | Failed Tests | Errored Tests | Skipped Tests | Report Link" >> "$GITHUB_STEP_SUMMARY" + echo "| ---------- | ----------- | ------ | ------ | ------ | ------- | ------ |" >> "$GITHUB_STEP_SUMMARY" + for file in summary-requirement*/job_summary.txt; do + cat "$file" >> "$GITHUB_STEP_SUMMARY" + done + - uses: geekyeggo/delete-artifact@v5 + with: + name: | + summary-requirement* + run-ui-tests: if: ${{ !cancelled() && needs.build.result == 'success' && needs.test-inventory.outputs.ui == 'true' && needs.setup-workflow.outputs.execute-ui-labeled == 'true' }} needs: @@ -1599,6 +1733,29 @@ jobs: name: splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ matrix.browser }} ${{ matrix.vendor-version.image }} test report path: "${{ needs.setup.outputs.directory-path }}/test-results/*.xml" reporter: java-junit + - name: Parse JUnit XML + if: ${{ !cancelled() }} + run: | + apt-get install -y libxml2-utils + junit_xml_path="${{ needs.setup.outputs.directory-path }}/test-results" + junit_xml_file=$(find "$junit_xml_path" -name "*.xml" -type f 2>/dev/null | head -n 1) + if [ -n "$junit_xml_file" ]; then + total_tests=$(xmllint --xpath 'sum(//testsuite/@tests)' "$junit_xml_file") + failures=$(xmllint --xpath 'sum(//testsuite/@failures)' "$junit_xml_file") + errors=$(xmllint --xpath 'sum(//testsuite/@errors)' "$junit_xml_file") + skipped=$(xmllint --xpath 'sum(//testsuite/@skipped)' "$junit_xml_file") + passed=$((total_tests - failures - errors - skipped)) + echo "splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ matrix.browser }} ${{ matrix.vendor-version.image }} ${{ matrix.marker }} |$total_tests |$passed |$failures |$errors |$skipped |${{steps.test_report.outputs.url_html}}" > job_summary.txt + else + echo "no XML File found, exiting" + exit 1 + fi + - name: Upload-artifact-for-github-summary + uses: actions/upload-artifact@v4 + if: ${{ !cancelled() }} + with: + name: summary-${{ env.TEST_TYPE }}-${{ matrix.splunk.version }}-${{ secrets.OTHER_TA_REQUIRED_CONFIGS }}-${{ matrix.browser }}-${{ matrix.vendor-version.image }}-${{ matrix.marker }}-artifact + path: job_summary.txt - name: pull diag from s3 bucket if: ${{ failure() && steps.test_report.outputs.conclusion == 'failure' }} run: | @@ -1611,6 +1768,27 @@ jobs: path: | ${{ needs.setup.outputs.directory-path }}/diag* + UI-tests-report: + needs: run-ui-tests + runs-on: ubuntu-latest + if: ${{ !cancelled() && needs.run-ui-tests.result != 'skipped' }} + steps: + - name: Download all summaries + uses: actions/download-artifact@v4 + with: + pattern: summary-ui* + - name: Combine summaries into a table + run: | + echo "| Job | Total Tests | Passed Tests | Failed Tests | Errored Tests | Skipped Tests | Report Link" >> "$GITHUB_STEP_SUMMARY" + echo "| ---------- | ----------- | ------ | ------ | ------ | ------- | ------ |" >> "$GITHUB_STEP_SUMMARY" + for file in summary-ui-*/job_summary.txt; do + cat "$file" >> "$GITHUB_STEP_SUMMARY" + done + - uses: geekyeggo/delete-artifact@v5 + with: + name: | + summary-ui* + run-modinput-tests: if: ${{ !cancelled() && needs.build.result == 'success' && needs.test-inventory.outputs.modinput_functional == 'true' && needs.setup-workflow.outputs.execute-modinput-labeled == 'true' }} needs: @@ -1638,7 +1816,7 @@ jobs: SPLUNK_VERSION_BASE: ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} TEST_TYPE: "modinput_functional" TEST_ARGS: "" - permissions: + permissions: actions: read deployments: read contents: read @@ -1830,6 +2008,29 @@ jobs: name: splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ matrix.vendor-version.image }} ${{ matrix.marker }} test report path: "${{ needs.setup.outputs.directory-path }}/test-results/*.xml" reporter: java-junit + - name: Parse JUnit XML + if: ${{ !cancelled() }} + run: | + apt-get install -y libxml2-utils + junit_xml_path="${{ needs.setup.outputs.directory-path }}/test-results" + junit_xml_file=$(find "$junit_xml_path" -name "*.xml" -type f 2>/dev/null | head -n 1) + if [ -n "$junit_xml_file" ]; then + total_tests=$(xmllint --xpath 'sum(//testsuite/@tests)' "$junit_xml_file") + failures=$(xmllint --xpath 'sum(//testsuite/@failures)' "$junit_xml_file") + errors=$(xmllint --xpath 'sum(//testsuite/@errors)' "$junit_xml_file") + skipped=$(xmllint --xpath 'sum(//testsuite/@skipped)' "$junit_xml_file") + passed=$((total_tests - failures - errors - skipped)) + echo "splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ matrix.marker }} ${{ matrix.vendor-version.image }} |$total_tests |$passed |$failures |$errors | $skipped |${{steps.test_report.outputs.url_html}}" > job_summary.txt + else + echo "no XML File found, exiting" + exit 1 + fi + - name: Upload-artifact-for-github-summary + uses: actions/upload-artifact@v4 + if: ${{ !cancelled() }} + with: + name: summary-${{ env.TEST_TYPE }}-${{ matrix.splunk.version }}-${{ secrets.OTHER_TA_REQUIRED_CONFIGS }}-${{ matrix.vendor-version.image }}-${{ matrix.marker }}-artifact + path: job_summary.txt - name: pull diag from s3 bucket if: ${{ failure() && steps.test_report.outputs.conclusion == 'failure' }} run: | @@ -1842,6 +2043,27 @@ jobs: path: | ${{ needs.setup.outputs.directory-path }}/diag* + Modinput-tests-report: + needs: run-modinput-tests + runs-on: ubuntu-latest + if: ${{ !cancelled() && needs.run-modinput-tests.result != 'skipped' }} + steps: + - name: Download all summaries + uses: actions/download-artifact@v4 + with: + pattern: summary-modinput* + - name: Combine summaries into a table + run: | + echo "| Job | Total Tests | Passed Tests | Failed Tests | Errored Tests | Skipped Tests | Report Link" >> "$GITHUB_STEP_SUMMARY" + echo "| ---------- | ----------- | ------ | ------ | ------ | ------- | ------ |" >> "$GITHUB_STEP_SUMMARY" + for file in summary-modinput-*/job_summary.txt; do + cat "$file" >> "$GITHUB_STEP_SUMMARY" + done + - uses: geekyeggo/delete-artifact@v5 + with: + name: | + summary-modinput* + run-scripted-input-tests-full-matrix: if: ${{ !cancelled() && needs.build.result == 'success' && needs.test-inventory.outputs.scripted_inputs == 'true' && needs.setup-workflow.outputs.execute-scripted_inputs-labeled == 'true' }} needs: @@ -1866,7 +2088,7 @@ jobs: ARGO_NAMESPACE: ${{ needs.setup.outputs.argo-namespace }} SPLUNK_VERSION_BASE: ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} TEST_TYPE: "scripted_inputs" - permissions: + permissions: actions: read deployments: read contents: read @@ -2055,6 +2277,29 @@ jobs: name: splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ matrix.vendor-version.image }} ${{ steps.os-name-version.outputs.os-name }} ${{ steps.os-name-version.outputs.os-version }} test report path: "${{ needs.setup.outputs.directory-path }}/test-results/*.xml" reporter: java-junit + - name: Parse JUnit XML + if: ${{ !cancelled() }} + run: | + apt-get install -y libxml2-utils + junit_xml_path="${{ needs.setup.outputs.directory-path }}/test-results" + junit_xml_file=$(find "$junit_xml_path" -name "*.xml" -type f 2>/dev/null | head -n 1) + if [ -n "$junit_xml_file" ]; then + total_tests=$(xmllint --xpath 'sum(//testsuite/@tests)' "$junit_xml_file") + failures=$(xmllint --xpath 'sum(//testsuite/@failures)' "$junit_xml_file") + errors=$(xmllint --xpath 'sum(//testsuite/@errors)' "$junit_xml_file") + skipped=$(xmllint --xpath 'sum(//testsuite/@skipped)' "$junit_xml_file") + passed=$((total_tests - failures - errors - skipped)) + echo "splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ matrix.vendor-version.image }} ${{ steps.os-name-version.outputs.os-name }} ${{ steps.os-name-version.outputs.os-version }} |$total_tests |$passed |$failures |$errors |${{steps.test_report.outputs.url_html}}" > job_summary.txt + else + echo "no XML File found, exiting" + exit 1 + fi + - name: Upload-artifact-for-github-summary + uses: actions/upload-artifact@v4 + if: ${{ !cancelled() }} + with: + name: summary-${{ env.TEST_TYPE }}-${{ matrix.splunk.version }}-${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} + path: job_summary.txt - name: pull diag from s3 bucket if: ${{ failure() && steps.test_report.outputs.conclusion == 'failure' }} run: | @@ -2067,6 +2312,27 @@ jobs: path: | ${{ needs.setup.outputs.directory-path }}/diag* + scripted-input-tests-report: + needs: run-scripted-input-tests-full-matrix + runs-on: ubuntu-latest + if: ${{ !cancelled() && needs.run-scripted-input-tests-full-matrix.result != 'skipped' }} + steps: + - name: Download all summaries + uses: actions/download-artifact@v4 + with: + pattern: summary-scripted* + - name: Combine summaries into a table + run: | + echo "| Job | Total Tests | Passed Tests | Failed Tests | Errored Tests | Skipped Tests | Report Link" >> "$GITHUB_STEP_SUMMARY" + echo "| ---------- | ----------- | ------ | ------ | ------ | ------- | ------ |" >> "$GITHUB_STEP_SUMMARY" + for file in summary-scripted*/job_summary.txt; do + cat "$file" >> "$GITHUB_STEP_SUMMARY" + done + - uses: geekyeggo/delete-artifact@v5 + with: + name: | + summary-scripted* + pre-publish: if: ${{ !cancelled() && needs.validate-custom-version.result == 'success' }} # The following line will rename 'pre-publish' to 'pre-publish-not_main_pr' when PR is created towards main branch From ae3f3bd261ae6f186a4295770d4fb39801101b7f Mon Sep 17 00:00:00 2001 From: mkolasinski-splunk <105011638+mkolasinski-splunk@users.noreply.github.com> Date: Fri, 30 Aug 2024 17:07:23 +0200 Subject: [PATCH 18/21] fix: scripted inputs summary (#323) fix: ga summary report scripted input filename fix --- .github/workflows/reusable-build-test-release.yml | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index 713d05c1e..0efb9c5fc 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -2161,7 +2161,6 @@ jobs: workflow-template-ns: ${{ needs.setup.outputs.argo-namespace }} addon-url: ${{ needs.setup.outputs.addon-upload-path }} addon-name: ${{ needs.setup.outputs.addon-name }} - vendor-version: ${{ matrix.vendor-version.image }} sc4s-version: "No" os-name: ${{ steps.os-name-version.outputs.os-name }} os-version: ${{ steps.os-name-version.outputs.os-version }} @@ -2260,13 +2259,13 @@ jobs: - uses: actions/upload-artifact@v4 if: ${{ !cancelled() }} with: - name: archive splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ matrix.vendor-version.image }} ${{ steps.os-name-version.outputs.os-name }} ${{ steps.os-name-version.outputs.os-version }} tests artifacts + name: archive splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ steps.os-name-version.outputs.os-name }} ${{ steps.os-name-version.outputs.os-version }} tests artifacts path: | ${{ needs.setup.outputs.directory-path }}/test-results - uses: actions/upload-artifact@v4 if: ${{ !cancelled() }} with: - name: archive splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ matrix.vendor-version.image }} ${{ steps.os-name-version.outputs.os-name }} ${{ steps.os-name-version.outputs.os-version }} tests logs + name: archive splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ steps.os-name-version.outputs.os-name }} ${{ steps.os-name-version.outputs.os-version }} tests logs path: | ${{ needs.setup.outputs.directory-path }}/argo-logs - name: Test Report @@ -2274,7 +2273,7 @@ jobs: uses: dorny/test-reporter@v1.9.1 if: ${{ !cancelled() }} with: - name: splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ matrix.vendor-version.image }} ${{ steps.os-name-version.outputs.os-name }} ${{ steps.os-name-version.outputs.os-version }} test report + name: splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ steps.os-name-version.outputs.os-name }} ${{ steps.os-name-version.outputs.os-version }} test report path: "${{ needs.setup.outputs.directory-path }}/test-results/*.xml" reporter: java-junit - name: Parse JUnit XML @@ -2289,7 +2288,7 @@ jobs: errors=$(xmllint --xpath 'sum(//testsuite/@errors)' "$junit_xml_file") skipped=$(xmllint --xpath 'sum(//testsuite/@skipped)' "$junit_xml_file") passed=$((total_tests - failures - errors - skipped)) - echo "splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ matrix.vendor-version.image }} ${{ steps.os-name-version.outputs.os-name }} ${{ steps.os-name-version.outputs.os-version }} |$total_tests |$passed |$failures |$errors |${{steps.test_report.outputs.url_html}}" > job_summary.txt + echo "splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ steps.os-name-version.outputs.os-name }} ${{ steps.os-name-version.outputs.os-version }} |$total_tests |$passed |$failures |$errors |${{steps.test_report.outputs.url_html}}" > job_summary.txt else echo "no XML File found, exiting" exit 1 @@ -2298,7 +2297,7 @@ jobs: uses: actions/upload-artifact@v4 if: ${{ !cancelled() }} with: - name: summary-${{ env.TEST_TYPE }}-${{ matrix.splunk.version }}-${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} + name: summary-${{ env.TEST_TYPE }}-${{ matrix.splunk.version }}-${{ secrets.OTHER_TA_REQUIRED_CONFIGS }}-${{ steps.os-name-version.outputs.os-name }}-${{ steps.os-name-version.outputs.os-version }} path: job_summary.txt - name: pull diag from s3 bucket if: ${{ failure() && steps.test_report.outputs.conclusion == 'failure' }} @@ -2308,7 +2307,7 @@ jobs: - uses: actions/upload-artifact@v4 if: ${{ failure() && steps.test_report.outputs.conclusion == 'failure' }} with: - name: archive splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ matrix.vendor-version.image }} ${{ steps.os-name-version.outputs.os-name }} ${{ steps.os-name-version.outputs.os-version }} tests diag + name: archive splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ env.TEST_TYPE }} ${{ steps.os-name-version.outputs.os-name }} ${{ steps.os-name-version.outputs.os-version }} tests diag path: | ${{ needs.setup.outputs.directory-path }}/diag* From 9f90369464b499e7ed47f49f0071b91bbed9edbd Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 2 Sep 2024 11:19:19 +0200 Subject: [PATCH 19/21] chore(deps): update trufflesecurity/trufflehog action to v3.81.10 (#325) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [trufflesecurity/trufflehog](https://redirect.github.com/trufflesecurity/trufflehog) | action | patch | `v3.81.9` -> `v3.81.10` | --- ### Release Notes
trufflesecurity/trufflehog (trufflesecurity/trufflehog) ### [`v3.81.10`](https://redirect.github.com/trufflesecurity/trufflehog/releases/tag/v3.81.10) [Compare Source](https://redirect.github.com/trufflesecurity/trufflehog/compare/v3.81.9...v3.81.10) #### What's Changed - fix(deps): update module github.com/sendgrid/sendgrid-go to v3.15.0+incompatible by [@​renovate](https://redirect.github.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3214](https://redirect.github.com/trufflesecurity/trufflehog/pull/3214) - fix(deps): update module github.com/charmbracelet/bubbletea to v0.27.0 by [@​renovate](https://redirect.github.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3229](https://redirect.github.com/trufflesecurity/trufflehog/pull/3229) - chore(deps): update golang docker tag to v1.23 by [@​renovate](https://redirect.github.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3228](https://redirect.github.com/trufflesecurity/trufflehog/pull/3228) - fix(deps): update module github.com/prometheus/client_golang to v1.20.1 by [@​renovate](https://redirect.github.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3236](https://redirect.github.com/trufflesecurity/trufflehog/pull/3236) - fix(deps): update module google.golang.org/api to v0.192.0 by [@​renovate](https://redirect.github.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3237](https://redirect.github.com/trufflesecurity/trufflehog/pull/3237) - fix(deps): update module google.golang.org/api to v0.193.0 by [@​renovate](https://redirect.github.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3238](https://redirect.github.com/trufflesecurity/trufflehog/pull/3238) - fix(deps): update testcontainers-go monorepo to v0.33.0 by [@​renovate](https://redirect.github.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3239](https://redirect.github.com/trufflesecurity/trufflehog/pull/3239) - fix(deps): update module cloud.google.com/go/secretmanager to v1.14.0 by [@​renovate](https://redirect.github.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/3240](https://redirect.github.com/trufflesecurity/trufflehog/pull/3240) - Customize results cleaning (using smuggled interface) by [@​rosecodym](https://redirect.github.com/rosecodym) in [https://github.com/trufflesecurity/trufflehog/pull/3235](https://redirect.github.com/trufflesecurity/trufflehog/pull/3235) - Skip filtration for targeted scans by [@​rosecodym](https://redirect.github.com/rosecodym) in [https://github.com/trufflesecurity/trufflehog/pull/3243](https://redirect.github.com/trufflesecurity/trufflehog/pull/3243) - Strip leading +/- from GitHub target diffs by [@​rosecodym](https://redirect.github.com/rosecodym) in [https://github.com/trufflesecurity/trufflehog/pull/3244](https://redirect.github.com/trufflesecurity/trufflehog/pull/3244) - Th 899 postman panic issue by [@​LaraCroftDev](https://redirect.github.com/LaraCroftDev) in [https://github.com/trufflesecurity/trufflehog/pull/3245](https://redirect.github.com/trufflesecurity/trufflehog/pull/3245) - Update rotation guide link for teams by [@​hxnyk](https://redirect.github.com/hxnyk) in [https://github.com/trufflesecurity/trufflehog/pull/3248](https://redirect.github.com/trufflesecurity/trufflehog/pull/3248) - Download files when reverifying by [@​rosecodym](https://redirect.github.com/rosecodym) in [https://github.com/trufflesecurity/trufflehog/pull/3252](https://redirect.github.com/trufflesecurity/trufflehog/pull/3252) - \[chore] - Update buffer by [@​ahrav](https://redirect.github.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/3255](https://redirect.github.com/trufflesecurity/trufflehog/pull/3255) #### New Contributors - [@​LaraCroftDev](https://redirect.github.com/LaraCroftDev) made their first contribution in [https://github.com/trufflesecurity/trufflehog/pull/3245](https://redirect.github.com/trufflesecurity/trufflehog/pull/3245) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.81.9...v3.81.10
--- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/splunk/addonfactory-workflow-addon-release). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/reusable-build-test-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index 0efb9c5fc..1e691fcae 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -315,7 +315,7 @@ jobs: fetch-depth: "0" ref: ${{ github.head_ref }} - name: Secret Scanning Trufflehog - uses: trufflesecurity/trufflehog@v3.81.9 + uses: trufflesecurity/trufflehog@v3.81.10 with: extra_args: -x .github/workflows/exclude-patterns.txt --json --only-verified version: 3.77.0 From 5093156351100561b24f7b71f430fe5bb2a2335a Mon Sep 17 00:00:00 2001 From: harshilgajera-crest <69803385+harshilgajera-crest@users.noreply.github.com> Date: Mon, 2 Sep 2024 14:49:35 +0530 Subject: [PATCH 20/21] fix: modinput issues (#324) test run: https://github.com/splunk/splunk-add-on-for-google-cloud-platform/actions/runs/10643905753 --- .github/workflows/reusable-build-test-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index 1e691fcae..3582bb070 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -2056,7 +2056,7 @@ jobs: run: | echo "| Job | Total Tests | Passed Tests | Failed Tests | Errored Tests | Skipped Tests | Report Link" >> "$GITHUB_STEP_SUMMARY" echo "| ---------- | ----------- | ------ | ------ | ------ | ------- | ------ |" >> "$GITHUB_STEP_SUMMARY" - for file in summary-modinput-*/job_summary.txt; do + for file in summary-modinput*/job_summary.txt; do cat "$file" >> "$GITHUB_STEP_SUMMARY" done - uses: geekyeggo/delete-artifact@v5 From 1551fcc9cb815d1d32c5ec283fefa21faa468564 Mon Sep 17 00:00:00 2001 From: harshilgajera-crest <69803385+harshilgajera-crest@users.noreply.github.com> Date: Tue, 3 Sep 2024 13:17:32 +0530 Subject: [PATCH 21/21] chore: fixing table for scripted input report (#326) --- .github/workflows/reusable-build-test-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index 3582bb070..5a0f81e44 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -2288,7 +2288,7 @@ jobs: errors=$(xmllint --xpath 'sum(//testsuite/@errors)' "$junit_xml_file") skipped=$(xmllint --xpath 'sum(//testsuite/@skipped)' "$junit_xml_file") passed=$((total_tests - failures - errors - skipped)) - echo "splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ steps.os-name-version.outputs.os-name }} ${{ steps.os-name-version.outputs.os-version }} |$total_tests |$passed |$failures |$errors |${{steps.test_report.outputs.url_html}}" > job_summary.txt + echo "splunk ${{ matrix.splunk.version }}${{ secrets.OTHER_TA_REQUIRED_CONFIGS }} ${{ steps.os-name-version.outputs.os-name }} ${{ steps.os-name-version.outputs.os-version }} |$total_tests |$passed |$failures |$errors |$skipped |${{steps.test_report.outputs.url_html}}" > job_summary.txt else echo "no XML File found, exiting" exit 1