v5.7.3 into main #112
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Lint and Test | |
on: | |
pull_request: | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
cancel-in-progress: true | |
jobs: | |
lint: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: psf/[email protected] | |
- name: Run ruff | |
run: | | |
pip install ruff==0.0.283 | |
ruff . | |
matrix-prep-config: | |
runs-on: ubuntu-latest | |
steps: | |
- id: release | |
if: ${{ startsWith(github.head_ref, 'release/') || contains( github.event.pull_request.labels.*.name, 'run-all-versions') }} | |
run: | | |
echo "config={\"python-version\": [\"3.8\", \"3.9\", \"3.10\", \"3.11\"]}" >> $GITHUB_OUTPUT | |
- id: not-release | |
if: ${{ !startsWith(github.head_ref, 'release/') }} | |
run: | | |
echo "config={\"python-version\": [\"3.8\", \"3.11\"]}" >> $GITHUB_OUTPUT | |
outputs: | |
config: ${{ steps.release.outputs.config || steps.not-release.outputs.config }} | |
test: | |
needs: | |
- matrix-prep-config | |
- lint | |
timeout-minutes: 30 | |
runs-on: ubuntu-latest | |
name: Test Python ${{ matrix.python-version }} | |
strategy: | |
matrix: ${{ fromJson(needs.matrix-prep-config.outputs.config) }} | |
steps: | |
- uses: actions/checkout@v3 | |
if: ${{ github.repository == 'BC-SECURITY/Empire' }} | |
with: | |
submodules: 'recursive' | |
# token is only needed in sponsors repo because of private submodules | |
# don't use token in public repo because prs from forks cannot access secrets | |
- uses: actions/checkout@v3 | |
if: ${{ github.repository == 'BC-SECURITY/Empire-Sponsors' }} | |
with: | |
submodules: 'recursive' | |
token: ${{ secrets.RELEASE_TOKEN }} | |
- name: Install Poetry | |
run: | | |
curl -sL https://install.python-poetry.org | python - -y | |
# Poetry cache depends on OS, Python version and Poetry version. | |
# https://gist.github.com/gh640/233a6daf68e9e937115371c0ecd39c61 | |
- name: Setup Python | |
uses: actions/setup-python@v4 | |
with: | |
python-version: ${{ matrix.python-version }} | |
cache: 'poetry' | |
- name: Set up MySQL | |
run: | | |
sudo systemctl start mysql | |
mysql -u root -proot -e "CREATE USER IF NOT EXISTS 'empire_user'@'localhost' IDENTIFIED BY 'empire_password';" || true | |
mysql -u root -proot -e "GRANT ALL PRIVILEGES ON *.* TO 'empire_user'@'localhost' WITH GRANT OPTION;" || true | |
mysql -u root -proot -e "FLUSH PRIVILEGES;" || true | |
- name: Install dependencies | |
run: | | |
poetry env use ${{ matrix.python-version }} | |
poetry install | |
- name: Run test suite - mysql | |
run: | | |
set -o pipefail | |
if [ "${{ matrix.python-version }}" = "3.11" ]; then | |
DATABASE_USE=mysql poetry run pytest -v --runslow --cov=empire/server --junitxml=pytest.xml --cov-report=term-missing:skip-covered . | tee pytest-coverage.txt | |
else | |
DATABASE_USE=mysql poetry run pytest -v --runslow . | |
fi | |
- name: Run test suite - sqlite | |
if: ${{ startsWith(github.head_ref, 'release/') || contains(github.event.pull_request.labels.*.name, 'test-sqlite') }} | |
run: | | |
DATABASE_USE=sqlite poetry run pytest . -v --runslow | |
- name: Pytest coverage comment | |
if: ${{ matrix.python-version == '3.11' }} | |
uses: MishaKav/[email protected] | |
with: | |
pytest-coverage-path: ./pytest-coverage.txt | |
junitxml-path: ./pytest.xml | |
test_image: | |
# To save CI time, only run these tests on the release PRs | |
if: ${{ startsWith(github.head_ref, 'release/') }} | |
timeout-minutes: 30 | |
runs-on: ubuntu-latest | |
name: Test Docker Image | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
submodules: 'recursive' | |
token: ${{ secrets.RELEASE_TOKEN }} | |
- name: Build docker image | |
run: docker-compose -f .github/docker-compose.yml build | |
- name: Run tests on docker image | |
run: docker-compose -f .github/docker-compose.yml run test | |
- name: run structure tests base | |
uses: plexsystems/[email protected] | |
with: | |
image: bcsecurity/empire-test:latest | |
config: .github/cst-config-base.yaml | |
- name: run structure tests docker | |
uses: plexsystems/[email protected] | |
with: | |
image: bcsecurity/empire-test:latest | |
config: .github/cst-config-docker.yaml | |
test_install_script: | |
needs: test | |
timeout-minutes: 45 | |
runs-on: ubuntu-latest | |
name: Test Install Script | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
submodules: 'recursive' | |
depth: 0 | |
token: ${{ secrets.RELEASE_TOKEN }} | |
# To save CI time, only run these tests when the install script or deps changed | |
- name: Get changed files using defaults | |
id: changed-files | |
uses: tj-actions/[email protected] | |
- name: Build images | |
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock') | |
run: docker-compose -f .github/install_tests/docker-compose-install-tests.yml build --parallel | |
- name: run structure tests base Ubuntu 20.04 | |
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock') | |
uses: plexsystems/[email protected] | |
with: | |
image: docker.io/bcsecurity/empire-test-ubuntu2004:latest | |
config: .github/cst-config-base.yaml | |
- name: run structure tests Ubuntu 20.04 | |
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock') | |
uses: plexsystems/[email protected] | |
with: | |
image: docker.io/bcsecurity/empire-test-ubuntu2004:latest | |
config: .github/install_tests/cst-config-ubuntu2004.yaml | |
- name: run structure tests base Ubuntu 22.04 | |
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock') | |
uses: plexsystems/[email protected] | |
with: | |
image: docker.io/bcsecurity/empire-test-ubuntu2204:latest | |
config: .github/cst-config-base.yaml | |
- name: run structure tests Ubuntu 22.04 | |
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock') | |
uses: plexsystems/[email protected] | |
with: | |
image: docker.io/bcsecurity/empire-test-ubuntu2204:latest | |
config: .github/install_tests/cst-config-ubuntu2204.yaml | |
- name: run structure tests base Debian 10 | |
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock') | |
uses: plexsystems/[email protected] | |
with: | |
image: docker.io/bcsecurity/empire-test-debian10:latest | |
config: .github/cst-config-base.yaml | |
- name: run structure tests Debian 10 | |
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock') | |
uses: plexsystems/[email protected] | |
with: | |
image: docker.io/bcsecurity/empire-test-debian10:latest | |
config: .github/install_tests/cst-config-debian10.yaml | |
- name: run structure tests base Debian 11 | |
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock') | |
uses: plexsystems/[email protected] | |
with: | |
image: docker.io/bcsecurity/empire-test-debian11:latest | |
config: .github/cst-config-base.yaml | |
- name: run structure tests Debian 11 | |
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock') | |
uses: plexsystems/[email protected] | |
with: | |
image: docker.io/bcsecurity/empire-test-debian11:latest | |
config: .github/install_tests/cst-config-debian11.yaml | |
- name: run structure tests Kali base | |
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock') | |
uses: plexsystems/[email protected] | |
with: | |
image: docker.io/bcsecurity/empire-test-kalirolling:latest | |
config: .github/cst-config-base.yaml | |
- name: run structure tests Kali | |
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock') | |
uses: plexsystems/[email protected] | |
with: | |
image: docker.io/bcsecurity/empire-test-kalirolling:latest | |
config: .github/install_tests/cst-config-kalirolling.yaml | |
- name: run structure tests Parrot base | |
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock') | |
uses: plexsystems/[email protected] | |
with: | |
image: docker.io/bcsecurity/empire-test-parrotrolling:latest | |
config: .github/cst-config-base.yaml | |
- name: run structure tests Parrot | |
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock') | |
uses: plexsystems/[email protected] | |
with: | |
image: docker.io/bcsecurity/empire-test-parrotrolling:latest | |
config: .github/install_tests/cst-config-parrotrolling.yaml |