-
Notifications
You must be signed in to change notification settings - Fork 8.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' into flaky-tests-2024-02-06
- Loading branch information
Showing
979 changed files
with
9,178 additions
and
3,244 deletions.
There are no files selected for viewing
568 changes: 286 additions & 282 deletions
568
.buildkite/pipelines/security_solution/api_integration.yml
Large diffs are not rendered by default.
Oops, something went wrong.
184 changes: 105 additions & 79 deletions
184
.buildkite/pipelines/security_solution/security_solution_cypress.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,96 +1,122 @@ | ||
steps: | ||
- command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:explore | ||
label: 'Serverless MKI QA Explore - Security Solution Cypress Tests' | ||
- command: .buildkite/scripts/pipelines/security_solution_quality_gate/create_periodic_test_docker_image.sh | ||
label: Build kibana image | ||
key: build_image | ||
agents: | ||
queue: n2-4-spot | ||
# TODO : Revise the timeout when the pipeline will be officially integrated with the quality gate. | ||
timeout_in_minutes: 300 | ||
parallelism: 4 | ||
queue: n2-16-spot | ||
timeout_in_minutes: 60 | ||
retry: | ||
automatic: | ||
- exit_status: '*' | ||
limit: 1 | ||
- exit_status: "-1" | ||
limit: 3 | ||
|
||
- command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:investigations | ||
label: 'Serverless MKI QA Investigations - Security Solution Cypress Tests' | ||
- command: .buildkite/scripts/pipelines/security_solution_quality_gate/upload_image_metadata.sh | ||
label: "Upload runtime info" | ||
key: upload_runtime_info | ||
depends_on: build_image | ||
agents: | ||
queue: n2-4-spot | ||
# TODO : Revise the timeout when the pipeline will be officially integrated with the quality gate. | ||
timeout_in_minutes: 300 | ||
parallelism: 8 | ||
retry: | ||
automatic: | ||
- exit_status: '*' | ||
- exit_status: "*" | ||
limit: 1 | ||
|
||
- command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:rule_management | ||
label: 'Serverless MKI QA Rule Management - Security Solution Cypress Tests' | ||
agents: | ||
queue: n2-4-spot | ||
# TODO : Revise the timeout when the pipeline will be officially integrated with the quality gate. | ||
timeout_in_minutes: 300 | ||
parallelism: 8 | ||
retry: | ||
automatic: | ||
- exit_status: '*' | ||
limit: 1 | ||
- group: "Execute Tests" | ||
depends_on: build_image | ||
steps: | ||
# - command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:explore | ||
# label: 'Serverless MKI QA Explore - Security Solution Cypress Tests' | ||
# agents: | ||
# queue: n2-4-spot | ||
# # TODO : Revise the timeout when the pipeline will be officially integrated with the quality gate. | ||
# timeout_in_minutes: 300 | ||
# parallelism: 4 | ||
# retry: | ||
# automatic: | ||
# - exit_status: '*' | ||
# limit: 1 | ||
|
||
- command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:rule_management:prebuilt_rules | ||
label: 'Serverless MKI QA Rule Management - Prebuilt Rules - Security Solution Cypress Tests' | ||
agents: | ||
queue: n2-4-spot | ||
# TODO : Revise the timeout when the pipeline will be officially integrated with the quality gate. | ||
timeout_in_minutes: 300 | ||
parallelism: 2 | ||
retry: | ||
automatic: | ||
- exit_status: '*' | ||
limit: 1 | ||
# - command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:investigations | ||
# label: 'Serverless MKI QA Investigations - Security Solution Cypress Tests' | ||
# agents: | ||
# queue: n2-4-spot | ||
# # TODO : Revise the timeout when the pipeline will be officially integrated with the quality gate. | ||
# timeout_in_minutes: 300 | ||
# parallelism: 8 | ||
# retry: | ||
# automatic: | ||
# - exit_status: '*' | ||
# limit: 1 | ||
|
||
- command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:detection_engine | ||
label: 'Serverless MKI QA Detection Engine - Security Solution Cypress Tests' | ||
agents: | ||
queue: n2-4-spot | ||
# TODO : Revise the timeout when the pipeline will be officially integrated with the quality gate. | ||
timeout_in_minutes: 300 | ||
parallelism: 8 | ||
retry: | ||
automatic: | ||
- exit_status: '*' | ||
limit: 1 | ||
# - command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:rule_management | ||
# label: 'Serverless MKI QA Rule Management - Security Solution Cypress Tests' | ||
# agents: | ||
# queue: n2-4-spot | ||
# # TODO : Revise the timeout when the pipeline will be officially integrated with the quality gate. | ||
# timeout_in_minutes: 300 | ||
# parallelism: 8 | ||
# retry: | ||
# automatic: | ||
# - exit_status: '*' | ||
# limit: 1 | ||
|
||
- command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:detection_engine:exceptions | ||
label: 'Serverless MKI QA Detection Engine - Exceptions - Security Solution Cypress Tests' | ||
agents: | ||
queue: n2-4-spot | ||
# TODO : Revise the timeout when the pipeline will be officially integrated with the quality gate. | ||
timeout_in_minutes: 300 | ||
parallelism: 6 | ||
retry: | ||
automatic: | ||
- exit_status: '*' | ||
limit: 1 | ||
# - command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:rule_management:prebuilt_rules | ||
# label: 'Serverless MKI QA Rule Management - Prebuilt Rules - Security Solution Cypress Tests' | ||
# agents: | ||
# queue: n2-4-spot | ||
# # TODO : Revise the timeout when the pipeline will be officially integrated with the quality gate. | ||
# timeout_in_minutes: 300 | ||
# parallelism: 2 | ||
# retry: | ||
# automatic: | ||
# - exit_status: '*' | ||
# limit: 1 | ||
|
||
- command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:ai_assistant | ||
label: 'Serverless MKI QA AI Assistant - Security Solution Cypress Tests' | ||
agents: | ||
queue: n2-4-spot | ||
# TODO : Revise the timeout when the pipeline will be officially integrated with the quality gate. | ||
timeout_in_minutes: 300 | ||
parallelism: 1 | ||
retry: | ||
automatic: | ||
- exit_status: '*' | ||
limit: 1 | ||
# - command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:detection_engine | ||
# label: 'Serverless MKI QA Detection Engine - Security Solution Cypress Tests' | ||
# agents: | ||
# queue: n2-4-spot | ||
# # TODO : Revise the timeout when the pipeline will be officially integrated with the quality gate. | ||
# timeout_in_minutes: 300 | ||
# parallelism: 8 | ||
# retry: | ||
# automatic: | ||
# - exit_status: '*' | ||
# limit: 1 | ||
|
||
- command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:entity_analytics | ||
label: 'Serverless MKI QA Entity Analytics - Security Solution Cypress Tests' | ||
agents: | ||
queue: n2-4-spot | ||
# TODO : Revise the timeout when the pipeline will be officially integrated with the quality gate. | ||
timeout_in_minutes: 300 | ||
parallelism: 2 | ||
retry: | ||
automatic: | ||
- exit_status: '*' | ||
limit: 1 | ||
# - command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:detection_engine:exceptions | ||
# label: 'Serverless MKI QA Detection Engine - Exceptions - Security Solution Cypress Tests' | ||
# agents: | ||
# queue: n2-4-spot | ||
# # TODO : Revise the timeout when the pipeline will be officially integrated with the quality gate. | ||
# timeout_in_minutes: 300 | ||
# parallelism: 6 | ||
# retry: | ||
# automatic: | ||
# - exit_status: '*' | ||
# limit: 1 | ||
|
||
- command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:ai_assistant | ||
label: 'Serverless MKI QA AI Assistant - Security Solution Cypress Tests' | ||
agents: | ||
queue: n2-4-spot | ||
# TODO : Revise the timeout when the pipeline will be officially integrated with the quality gate. | ||
timeout_in_minutes: 300 | ||
parallelism: 1 | ||
retry: | ||
automatic: | ||
- exit_status: '*' | ||
limit: 1 | ||
|
||
# - command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:entity_analytics | ||
# label: 'Serverless MKI QA Entity Analytics - Security Solution Cypress Tests' | ||
# agents: | ||
# queue: n2-4-spot | ||
# # TODO : Revise the timeout when the pipeline will be officially integrated with the quality gate. | ||
# timeout_in_minutes: 300 | ||
# parallelism: 2 | ||
# retry: | ||
# automatic: | ||
# - exit_status: '*' | ||
# limit: 1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,85 @@ | ||
#!/usr/bin/env bash | ||
|
||
set -euo pipefail | ||
|
||
source "$(dirname "${BASH_SOURCE[0]}")/vault_fns.sh" | ||
|
||
BUCKET_OR_EMAIL="${1:-}" | ||
GCLOUD_EMAIL_POSTFIX="elastic-kibana-ci.iam.gserviceaccount.com" | ||
GCLOUD_SA_PROXY_EMAIL="kibana-ci-sa-proxy@$GCLOUD_EMAIL_POSTFIX" | ||
|
||
if [[ -z "$BUCKET_OR_EMAIL" ]]; then | ||
echo "Usage: $0 <bucket_name|email>" | ||
exit 1 | ||
elif [[ "$BUCKET_OR_EMAIL" == "--unset-impersonation" ]]; then | ||
echo "Unsetting impersonation" | ||
gcloud config unset auth/impersonate_service_account | ||
exit 0 | ||
elif [[ "$BUCKET_OR_EMAIL" == "--logout-gcloud" ]]; then | ||
echo "Logging out of gcloud" | ||
if [[ -x "$(command -v gcloud)" ]] && [[ "$(gcloud auth list 2>/dev/null | grep $GCLOUD_SA_PROXY_EMAIL)" != "" ]]; then | ||
gcloud auth revoke $GCLOUD_SA_PROXY_EMAIL --no-user-output-enabled | ||
fi | ||
exit 0 | ||
fi | ||
|
||
CURRENT_GCLOUD_USER=$(gcloud auth list --filter="status=ACTIVE" --format="value(account)") | ||
|
||
# Verify that the service account proxy is activated | ||
if [[ "$CURRENT_GCLOUD_USER" != "$GCLOUD_SA_PROXY_EMAIL" ]]; then | ||
if [[ -x "$(command -v gcloud)" ]]; then | ||
if [[ -z "${KIBANA_SERVICE_ACCOUNT_PROXY_KEY:-}" ]]; then | ||
echo "KIBANA_SERVICE_ACCOUNT_PROXY_KEY is not set, cannot activate service account $GCLOUD_SA_PROXY_EMAIL." | ||
exit 1 | ||
fi | ||
|
||
AUTH_RESULT=$(gcloud auth activate-service-account --key-file="$KIBANA_SERVICE_ACCOUNT_PROXY_KEY" || "FAILURE") | ||
if [[ "$AUTH_RESULT" == "FAILURE" ]]; then | ||
echo "Failed to activate service account $GCLOUD_SA_PROXY_EMAIL." | ||
exit 1 | ||
else | ||
echo "Activated service account $GCLOUD_SA_PROXY_EMAIL" | ||
fi | ||
else | ||
echo "gcloud is not installed, cannot activate service account $GCLOUD_SA_PROXY_EMAIL." | ||
exit 1 | ||
fi | ||
fi | ||
|
||
# Check if the arg is a service account e-mail or a bucket name | ||
EMAIL="" | ||
if [[ "$BUCKET_OR_EMAIL" =~ ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ ]]; then | ||
EMAIL="$BUCKET_OR_EMAIL" | ||
elif [[ "$BUCKET_OR_EMAIL" =~ ^gs://* ]]; then | ||
BUCKET_NAME="${BUCKET_OR_EMAIL:5}" | ||
else | ||
BUCKET_NAME="$BUCKET_OR_EMAIL" | ||
fi | ||
|
||
if [[ -z "$EMAIL" ]]; then | ||
case "$BUCKET_NAME" in | ||
"elastic-kibana-coverage-live") | ||
EMAIL="kibana-ci-access-coverage@$GCLOUD_EMAIL_POSTFIX" | ||
;; | ||
"kibana-ci-es-snapshots-daily") | ||
EMAIL="kibana-ci-access-es-snapshots@$GCLOUD_EMAIL_POSTFIX" | ||
;; | ||
"kibana-so-types-snapshots") | ||
EMAIL="kibana-ci-access-so-snapshots@$GCLOUD_EMAIL_POSTFIX" | ||
;; | ||
"kibana-performance") | ||
EMAIL="kibana-ci-access-perf-stats@$GCLOUD_EMAIL_POSTFIX" | ||
;; | ||
"ci-artifacts.kibana.dev") | ||
EMAIL="kibana-ci-access-artifacts@$GCLOUD_EMAIL_POSTFIX" | ||
;; | ||
*) | ||
EMAIL="$BUCKET_NAME@$GCLOUD_EMAIL_POSTFIX" | ||
;; | ||
esac | ||
fi | ||
|
||
# Activate the service account | ||
echo "Impersonating $EMAIL" | ||
gcloud config set auth/impersonate_service_account "$EMAIL" | ||
echo "Activated service account $EMAIL" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.