Skip to content

v5.7.3 into main

v5.7.3 into main #112

Workflow file for this run

name: Lint and Test
on:
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: psf/[email protected]
- name: Run ruff
run: |
pip install ruff==0.0.283
ruff .
matrix-prep-config:
runs-on: ubuntu-latest
steps:
- id: release
if: ${{ startsWith(github.head_ref, 'release/') || contains( github.event.pull_request.labels.*.name, 'run-all-versions') }}
run: |
echo "config={\"python-version\": [\"3.8\", \"3.9\", \"3.10\", \"3.11\"]}" >> $GITHUB_OUTPUT
- id: not-release
if: ${{ !startsWith(github.head_ref, 'release/') }}
run: |
echo "config={\"python-version\": [\"3.8\", \"3.11\"]}" >> $GITHUB_OUTPUT
outputs:
config: ${{ steps.release.outputs.config || steps.not-release.outputs.config }}
test:
needs:
- matrix-prep-config
- lint
timeout-minutes: 30
runs-on: ubuntu-latest
name: Test Python ${{ matrix.python-version }}
strategy:
matrix: ${{ fromJson(needs.matrix-prep-config.outputs.config) }}
steps:
- uses: actions/checkout@v3
if: ${{ github.repository == 'BC-SECURITY/Empire' }}
with:
submodules: 'recursive'
# token is only needed in sponsors repo because of private submodules
# don't use token in public repo because prs from forks cannot access secrets
- uses: actions/checkout@v3
if: ${{ github.repository == 'BC-SECURITY/Empire-Sponsors' }}
with:
submodules: 'recursive'
token: ${{ secrets.RELEASE_TOKEN }}
- name: Install Poetry
run: |
curl -sL https://install.python-poetry.org | python - -y
# Poetry cache depends on OS, Python version and Poetry version.
# https://gist.github.com/gh640/233a6daf68e9e937115371c0ecd39c61
- name: Setup Python
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
cache: 'poetry'
- name: Set up MySQL
run: |
sudo systemctl start mysql
mysql -u root -proot -e "CREATE USER IF NOT EXISTS 'empire_user'@'localhost' IDENTIFIED BY 'empire_password';" || true
mysql -u root -proot -e "GRANT ALL PRIVILEGES ON *.* TO 'empire_user'@'localhost' WITH GRANT OPTION;" || true
mysql -u root -proot -e "FLUSH PRIVILEGES;" || true
- name: Install dependencies
run: |
poetry env use ${{ matrix.python-version }}
poetry install
- name: Run test suite - mysql
run: |
set -o pipefail
if [ "${{ matrix.python-version }}" = "3.11" ]; then
DATABASE_USE=mysql poetry run pytest -v --runslow --cov=empire/server --junitxml=pytest.xml --cov-report=term-missing:skip-covered . | tee pytest-coverage.txt
else
DATABASE_USE=mysql poetry run pytest -v --runslow .
fi
- name: Run test suite - sqlite
if: ${{ startsWith(github.head_ref, 'release/') || contains(github.event.pull_request.labels.*.name, 'test-sqlite') }}
run: |
DATABASE_USE=sqlite poetry run pytest . -v --runslow
- name: Pytest coverage comment
if: ${{ matrix.python-version == '3.11' }}
uses: MishaKav/[email protected]
with:
pytest-coverage-path: ./pytest-coverage.txt
junitxml-path: ./pytest.xml
test_image:
# To save CI time, only run these tests on the release PRs
if: ${{ startsWith(github.head_ref, 'release/') }}
timeout-minutes: 30
runs-on: ubuntu-latest
name: Test Docker Image
steps:
- uses: actions/checkout@v3
with:
submodules: 'recursive'
token: ${{ secrets.RELEASE_TOKEN }}
- name: Build docker image
run: docker-compose -f .github/docker-compose.yml build
- name: Run tests on docker image
run: docker-compose -f .github/docker-compose.yml run test
- name: run structure tests base
uses: plexsystems/[email protected]
with:
image: bcsecurity/empire-test:latest
config: .github/cst-config-base.yaml
- name: run structure tests docker
uses: plexsystems/[email protected]
with:
image: bcsecurity/empire-test:latest
config: .github/cst-config-docker.yaml
test_install_script:
needs: test
timeout-minutes: 45
runs-on: ubuntu-latest
name: Test Install Script
steps:
- uses: actions/checkout@v3
with:
submodules: 'recursive'
depth: 0
token: ${{ secrets.RELEASE_TOKEN }}
# To save CI time, only run these tests when the install script or deps changed
- name: Get changed files using defaults
id: changed-files
uses: tj-actions/[email protected]
- name: Build images
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock')
run: docker-compose -f .github/install_tests/docker-compose-install-tests.yml build --parallel
- name: run structure tests base Ubuntu 20.04
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock')
uses: plexsystems/[email protected]
with:
image: docker.io/bcsecurity/empire-test-ubuntu2004:latest
config: .github/cst-config-base.yaml
- name: run structure tests Ubuntu 20.04
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock')
uses: plexsystems/[email protected]
with:
image: docker.io/bcsecurity/empire-test-ubuntu2004:latest
config: .github/install_tests/cst-config-ubuntu2004.yaml
- name: run structure tests base Ubuntu 22.04
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock')
uses: plexsystems/[email protected]
with:
image: docker.io/bcsecurity/empire-test-ubuntu2204:latest
config: .github/cst-config-base.yaml
- name: run structure tests Ubuntu 22.04
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock')
uses: plexsystems/[email protected]
with:
image: docker.io/bcsecurity/empire-test-ubuntu2204:latest
config: .github/install_tests/cst-config-ubuntu2204.yaml
- name: run structure tests base Debian 10
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock')
uses: plexsystems/[email protected]
with:
image: docker.io/bcsecurity/empire-test-debian10:latest
config: .github/cst-config-base.yaml
- name: run structure tests Debian 10
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock')
uses: plexsystems/[email protected]
with:
image: docker.io/bcsecurity/empire-test-debian10:latest
config: .github/install_tests/cst-config-debian10.yaml
- name: run structure tests base Debian 11
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock')
uses: plexsystems/[email protected]
with:
image: docker.io/bcsecurity/empire-test-debian11:latest
config: .github/cst-config-base.yaml
- name: run structure tests Debian 11
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock')
uses: plexsystems/[email protected]
with:
image: docker.io/bcsecurity/empire-test-debian11:latest
config: .github/install_tests/cst-config-debian11.yaml
- name: run structure tests Kali base
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock')
uses: plexsystems/[email protected]
with:
image: docker.io/bcsecurity/empire-test-kalirolling:latest
config: .github/cst-config-base.yaml
- name: run structure tests Kali
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock')
uses: plexsystems/[email protected]
with:
image: docker.io/bcsecurity/empire-test-kalirolling:latest
config: .github/install_tests/cst-config-kalirolling.yaml
- name: run structure tests Parrot base
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock')
uses: plexsystems/[email protected]
with:
image: docker.io/bcsecurity/empire-test-parrotrolling:latest
config: .github/cst-config-base.yaml
- name: run structure tests Parrot
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock')
uses: plexsystems/[email protected]
with:
image: docker.io/bcsecurity/empire-test-parrotrolling:latest
config: .github/install_tests/cst-config-parrotrolling.yaml