Skip to content

Add Support for Multiple Kibana Security Detection Rule Types #4717

Add Support for Multiple Kibana Security Detection Rule Types

Add Support for Multiple Kibana Security Detection Rule Types #4717

Workflow file for this run

name: Build/Lint/Test
on:
push:
paths-ignore:
- 'README.md'
- 'CHANGELOG.md'
pull_request:
paths-ignore:
- 'README.md'
- 'CHANGELOG.md'
permissions:
contents: read
jobs:
build:
name: Build
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
- uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5
with:
go-version-file: 'go.mod'
cache: true
- name: Get dependencies
run: make vendor
- name: Build
run: make build-ci
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
- uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5
with:
go-version-file: 'go.mod'
cache: true
cache-dependency-path: go.sum
- uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3
with:
terraform_wrapper: false
- name: Lint
run: make lint
test:
name: Matrix Acceptance Test
needs: build
runs-on: ubuntu-latest
env:
ELASTIC_PASSWORD: password
KIBANA_SYSTEM_USERNAME: kibana_system
KIBANA_SYSTEM_PASSWORD: password
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:${{ matrix.version }}
env:
discovery.type: single-node
xpack.security.enabled: true
xpack.security.authc.api_key.enabled: true
xpack.security.authc.token.enabled: true
xpack.watcher.enabled: true
xpack.license.self_generated.type: trial
repositories.url.allowed_urls: https://example.com/*
path.repo: /tmp
ELASTIC_PASSWORD: ${{ env.ELASTIC_PASSWORD }}
ports:
- 9200:9200
options: --health-cmd="curl http://localhost:9200/_cluster/health" --health-interval=10s --health-timeout=5s --health-retries=10
kibana:
image: docker.elastic.co/kibana/kibana:${{ matrix.version }}
env:
SERVER_NAME: kibana
ELASTICSEARCH_HOSTS: http://elasticsearch:9200
ELASTICSEARCH_USERNAME: ${{ env.KIBANA_SYSTEM_USERNAME }}
ELASTICSEARCH_PASSWORD: ${{ env.KIBANA_SYSTEM_PASSWORD }}
XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY: a7a6311933d3503b89bc2dbc36572c33a6c10925682e591bffcab6911c06786d
# LOGGING_ROOT_LEVEL: debug
ports:
- 5601:5601
options: --health-cmd="curl http://localhost:5601/api/status" --health-interval=10s --health-timeout=5s --health-retries=10
fleet:
image: elastic/elastic-agent:${{ matrix.version }}
env:
SERVER_NAME: fleet
FLEET_ENROLL: "1"
FLEET_URL: https://fleet:8220
FLEET_INSECURE: "true"
FLEET_SERVER_ENABLE: "1"
FLEET_SERVER_POLICY_ID: fleet-server
FLEET_SERVER_ELASTICSEARCH_HOST: http://elasticsearch:9200
FLEET_SERVER_ELASTICSEARCH_INSECURE: "true"
FLEET_SERVER_INSECURE_HTTP: "true"
KIBANA_HOST: http://kibana:5601
KIBANA_FLEET_SETUP: "1"
KIBANA_FLEET_PASSWORD: ${{ env.ELASTIC_PASSWORD }}
ports:
- 8220:8220
options: --restart="unless-stopped"
timeout-minutes: 15
strategy:
fail-fast: false
matrix:
version:
- '7.17.13'
- '8.0.1'
- '8.1.3'
- '8.2.3'
- '8.3.3'
- '8.4.3'
- '8.5.3'
- '8.6.2'
- '8.7.1'
- '8.8.2'
- '8.9.2'
- '8.10.3'
- '8.11.4'
- '8.12.2'
- '8.13.4'
- '8.14.3'
- '8.15.5'
- '8.16.2'
- '8.17.0'
- '8.18.3'
- '9.0.3'
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
- uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5
with:
go-version-file: 'go.mod'
cache: true
- uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3
with:
terraform_wrapper: false
- name: Get dependencies
run: make vendor
- name: Setup Kibana user
run: make set-kibana-password
env:
ELASTICSEARCH_PASSWORD: ${{ env.ELASTIC_PASSWORD }}
KIBANA_SYSTEM_USERNAME: ${{ env.KIBANA_SYSTEM_USERNAME }}
KIBANA_SYSTEM_PASSWORD: ${{ env.KIBANA_SYSTEM_PASSWORD }}
- id: get-api-key
name: Get ES API key
run: |-
echo "apikey=$(make create-es-api-key | jq -r .encoded)" >> "$GITHUB_OUTPUT"
env:
ELASTICSEARCH_PASSWORD: ${{ env.ELASTIC_PASSWORD }}
- id: setup-fleet
name: Setup Fleet
if: matrix.version == '8.10.3' || matrix.version == '8.11.4' || matrix.version == '8.12.2' || matrix.version == '8.13.4' || matrix.version == '8.14.3' || matrix.version == '8.15.5' || matrix.version == '8.16.2' || matrix.version == '8.17.0' || matrix.version == '9.0.3'
run: |-
make setup-kibana-fleet
env:
ELASTICSEARCH_PASSWORD: ${{ env.ELASTIC_PASSWORD }}
FLEET_NAME: "fleet"
- id: force-install-synthetics
name: Force install synthetics
if: matrix.version == '8.14.3' || matrix.version == '8.15.5' || matrix.version == '8.16.2' || matrix.version == '8.17.0'
run: |-
for i in {1..5}; do curl -s -H "Authorization: ApiKey ${{ steps.get-api-key.outputs.apikey }}" --header "Content-Type: application/json" --header "kbn-xsrf: true" --request POST --data '{ "force": true }' http://localhost:5601/api/fleet/epm/packages/synthetics/1.2.2 && break || sleep 15; done
- name: TF acceptance tests
timeout-minutes: 10
run: make testacc
env:
TF_ACC: "1"
STACK_VERSION: ${{ matrix.version }}
ELASTICSEARCH_ENDPOINTS: "http://localhost:9200"
ELASTICSEARCH_USERNAME: "elastic"
ELASTICSEARCH_PASSWORD: ${{ env.ELASTIC_PASSWORD }}
KIBANA_ENDPOINT: "http://localhost:5601"
KIBANA_USERNAME: "elastic"
KIBANA_PASSWORD: ${{ env.ELASTIC_PASSWORD }}