Add Support for Multiple Kibana Security Detection Rule Types #4721
Workflow file for this run
  
    
      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
      Learn more about bidirectional Unicode characters
    
  
  
    
  | name: Build/Lint/Test | |
| on: | |
| push: | |
| paths-ignore: | |
| - 'README.md' | |
| - 'CHANGELOG.md' | |
| pull_request: | |
| paths-ignore: | |
| - 'README.md' | |
| - 'CHANGELOG.md' | |
| permissions: | |
| contents: read | |
| jobs: | |
| build: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| steps: | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 | |
| - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| cache: true | |
| - name: Get dependencies | |
| run: make vendor | |
| - name: Build | |
| run: make build-ci | |
| lint: | |
| name: Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 | |
| - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| cache: true | |
| cache-dependency-path: go.sum | |
| - uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3 | |
| with: | |
| terraform_wrapper: false | |
| - name: Lint | |
| run: make lint | |
| test: | |
| name: Matrix Acceptance Test | |
| needs: build | |
| runs-on: ubuntu-latest | |
| env: | |
| ELASTIC_PASSWORD: password | |
| KIBANA_SYSTEM_USERNAME: kibana_system | |
| KIBANA_SYSTEM_PASSWORD: password | |
| services: | |
| elasticsearch: | |
| image: docker.elastic.co/elasticsearch/elasticsearch:${{ matrix.version }} | |
| env: | |
| discovery.type: single-node | |
| xpack.security.enabled: true | |
| xpack.security.authc.api_key.enabled: true | |
| xpack.security.authc.token.enabled: true | |
| xpack.watcher.enabled: true | |
| xpack.license.self_generated.type: trial | |
| repositories.url.allowed_urls: https://example.com/* | |
| path.repo: /tmp | |
| ELASTIC_PASSWORD: ${{ env.ELASTIC_PASSWORD }} | |
| ports: | |
| - 9200:9200 | |
| options: --health-cmd="curl http://localhost:9200/_cluster/health" --health-interval=10s --health-timeout=5s --health-retries=10 | |
| kibana: | |
| image: docker.elastic.co/kibana/kibana:${{ matrix.version }} | |
| env: | |
| SERVER_NAME: kibana | |
| ELASTICSEARCH_HOSTS: http://elasticsearch:9200 | |
| ELASTICSEARCH_USERNAME: ${{ env.KIBANA_SYSTEM_USERNAME }} | |
| ELASTICSEARCH_PASSWORD: ${{ env.KIBANA_SYSTEM_PASSWORD }} | |
| XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY: a7a6311933d3503b89bc2dbc36572c33a6c10925682e591bffcab6911c06786d | |
| # LOGGING_ROOT_LEVEL: debug | |
| ports: | |
| - 5601:5601 | |
| options: --health-cmd="curl http://localhost:5601/api/status" --health-interval=10s --health-timeout=5s --health-retries=10 | |
| fleet: | |
| image: elastic/elastic-agent:${{ matrix.version }} | |
| env: | |
| SERVER_NAME: fleet | |
| FLEET_ENROLL: "1" | |
| FLEET_URL: https://fleet:8220 | |
| FLEET_INSECURE: "true" | |
| FLEET_SERVER_ENABLE: "1" | |
| FLEET_SERVER_POLICY_ID: fleet-server | |
| FLEET_SERVER_ELASTICSEARCH_HOST: http://elasticsearch:9200 | |
| FLEET_SERVER_ELASTICSEARCH_INSECURE: "true" | |
| FLEET_SERVER_INSECURE_HTTP: "true" | |
| KIBANA_HOST: http://kibana:5601 | |
| KIBANA_FLEET_SETUP: "1" | |
| KIBANA_FLEET_PASSWORD: ${{ env.ELASTIC_PASSWORD }} | |
| ports: | |
| - 8220:8220 | |
| options: --restart="unless-stopped" | |
| timeout-minutes: 15 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| version: | |
| - '7.17.13' | |
| - '8.0.1' | |
| - '8.1.3' | |
| - '8.2.3' | |
| - '8.3.3' | |
| - '8.4.3' | |
| - '8.5.3' | |
| - '8.6.2' | |
| - '8.7.1' | |
| - '8.8.2' | |
| - '8.9.2' | |
| - '8.10.3' | |
| - '8.11.4' | |
| - '8.12.2' | |
| - '8.13.4' | |
| - '8.14.3' | |
| - '8.15.5' | |
| - '8.16.2' | |
| - '8.17.0' | |
| - '8.18.3' | |
| - '9.0.3' | |
| steps: | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 | |
| - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| cache: true | |
| - uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3 | |
| with: | |
| terraform_wrapper: false | |
| - name: Get dependencies | |
| run: make vendor | |
| - name: Setup Kibana user | |
| run: make set-kibana-password | |
| env: | |
| ELASTICSEARCH_PASSWORD: ${{ env.ELASTIC_PASSWORD }} | |
| KIBANA_SYSTEM_USERNAME: ${{ env.KIBANA_SYSTEM_USERNAME }} | |
| KIBANA_SYSTEM_PASSWORD: ${{ env.KIBANA_SYSTEM_PASSWORD }} | |
| - id: get-api-key | |
| name: Get ES API key | |
| run: |- | |
| echo "apikey=$(make create-es-api-key | jq -r .encoded)" >> "$GITHUB_OUTPUT" | |
| env: | |
| ELASTICSEARCH_PASSWORD: ${{ env.ELASTIC_PASSWORD }} | |
| - id: setup-fleet | |
| name: Setup Fleet | |
| if: matrix.version == '8.10.3' || matrix.version == '8.11.4' || matrix.version == '8.12.2' || matrix.version == '8.13.4' || matrix.version == '8.14.3' || matrix.version == '8.15.5' || matrix.version == '8.16.2' || matrix.version == '8.17.0' || matrix.version == '9.0.3' | |
| run: |- | |
| make setup-kibana-fleet | |
| env: | |
| ELASTICSEARCH_PASSWORD: ${{ env.ELASTIC_PASSWORD }} | |
| FLEET_NAME: "fleet" | |
| - id: force-install-synthetics | |
| name: Force install synthetics | |
| if: matrix.version == '8.14.3' || matrix.version == '8.15.5' || matrix.version == '8.16.2' || matrix.version == '8.17.0' | |
| run: |- | |
| for i in {1..5}; do curl -s -H "Authorization: ApiKey ${{ steps.get-api-key.outputs.apikey }}" --header "Content-Type: application/json" --header "kbn-xsrf: true" --request POST --data '{ "force": true }' http://localhost:5601/api/fleet/epm/packages/synthetics/1.2.2 && break || sleep 15; done | |
| - name: TF acceptance tests | |
| timeout-minutes: 10 | |
| run: make testacc | |
| env: | |
| TF_ACC: "1" | |
| STACK_VERSION: ${{ matrix.version }} | |
| ELASTICSEARCH_ENDPOINTS: "http://localhost:9200" | |
| ELASTICSEARCH_USERNAME: "elastic" | |
| ELASTICSEARCH_PASSWORD: ${{ env.ELASTIC_PASSWORD }} | |
| KIBANA_ENDPOINT: "http://localhost:5601" | |
| KIBANA_USERNAME: "elastic" | |
| KIBANA_PASSWORD: ${{ env.ELASTIC_PASSWORD }} |