From 8ccd3bd7f9ca8ec04b512e43aa120a3d8229ccc6 Mon Sep 17 00:00:00 2001 From: rfaircloth-splunk Date: Mon, 10 Feb 2020 17:51:39 -0500 Subject: [PATCH 1/5] Update config.yml --- .circleci/config.yml | 95 +++++++++++++++++++++----------------------- 1 file changed, 45 insertions(+), 50 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 959b8b0..0e946a8 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -70,7 +70,7 @@ test: &test - run: name: test command: | - docker-compose -f tests/docker-compose-ci.yml pull + docker-compose -f tests/docker-compose-ci.yml build docker-compose -f tests/docker-compose-ci.yml up --abort-on-container-exit no_output_timeout: 1h - run: @@ -87,7 +87,6 @@ test: &test - store_test_results: path: test-results - publish: &publish steps: - setup_remote_docker: @@ -99,7 +98,7 @@ publish: &publish docker login -u $DOCKER_USER -p $DOCKER_PASS docker login -u $GITHUB_USER -p $GITHUB_TOKEN docker.pkg.github.com - run: docker pull docker.pkg.github.com/splunk/splunk-connect-for-syslog/stg-splunk-connect-for-syslog:sc4s-${SYSLOG}-${CIRCLE_SHA1} - + - run: name: Docker Save command: | @@ -112,8 +111,8 @@ publish: &publish tar rvf /tmp/workspace/baremetal.tar -C package/sbin entrypoint.sh - run: command: | - if [ -n "${CIRCLE_TAG}" ]; then VERSION=${CIRCLE_TAG}; else VERSION="${VERSION_TAG}"; fi - docker tag docker.pkg.github.com/splunk/splunk-connect-for-syslog/stg-splunk-connect-for-syslog:sc4s-${SYSLOG}-${CIRCLE_SHA1} splunk/scs:${VERSION} + if [ -n "${CIRCLE_TAG}" ]; then VERSION=${CIRCLE_TAG}; else VERSION="${VERSION_TAG}"; fi + docker tag docker.pkg.github.com/splunk/splunk-connect-for-syslog/stg-splunk-connect-for-syslog:sc4s-${SYSLOG}-${CIRCLE_SHA1} splunk/scs:${VERSION} - docker/push: image: splunk/scs tag: $DOCKER_TAG @@ -141,115 +140,111 @@ jobs: docker: - image: circleci/buildpack-deps:18.04 environment: - SYSLOG: '3.25.1' + SYSLOG: "3.25.1" steps: - - checkout - - setup_remote_docker: - docker_layer_caching: true - - run: - name: Docker Login - command: | - docker login -u $DOCKER_USER -p $DOCKER_PASS - docker login -u $GITHUB_USER -p $GITHUB_TOKEN docker.pkg.github.com - - run: - name: Build Splunk - command: | - docker build tests \ - -t docker.pkg.github.com/splunk/splunk-connect-for-syslog/stg-splunk-connect-for-syslog:tests-${CIRCLE_SHA1} - - run: - name: Push Splunk - command: | - docker push \ - docker.pkg.github.com/splunk/splunk-connect-for-syslog/stg-splunk-connect-for-syslog:tests-${CIRCLE_SHA1} + - checkout + - setup_remote_docker: + docker_layer_caching: true + - run: + name: Docker Login + command: | + docker login -u $DOCKER_USER -p $DOCKER_PASS + docker login -u $GITHUB_USER -p $GITHUB_TOKEN docker.pkg.github.com + - run: + name: Build Splunk + command: | + docker build tests \ + -t docker.pkg.github.com/splunk/splunk-connect-for-syslog/stg-splunk-connect-for-syslog:tests-${CIRCLE_SHA1} + - run: + name: Push Splunk + command: | + docker push \ + docker.pkg.github.com/splunk/splunk-connect-for-syslog/stg-splunk-connect-for-syslog:tests-${CIRCLE_SHA1} -#JOB SC4S + #JOB SC4S build-sc4s-3-25-1: docker: - image: circleci/buildpack-deps:18.04 environment: - SYSLOG: 'syslog-ng-3.25.1' + SYSLOG: "syslog-ng-3.25.1" <<: *build-sc4s build-sc4s-master: docker: - image: circleci/buildpack-deps:18.04 environment: - SYSLOG: 'master' + SYSLOG: "master" <<: *build-sc4s -#JOB SPLUNK + #JOB SPLUNK build-splunk-7-2: docker: - image: circleci/buildpack-deps:18.04 environment: - SPLUNK: '7.2' + SPLUNK: "7.2" <<: *build-splunk build-splunk-7-3: docker: - image: circleci/buildpack-deps:18.04 environment: - SPLUNK: '7.3' + SPLUNK: "7.3" <<: *build-splunk build-splunk-8-0: docker: - image: circleci/buildpack-deps:18.04 environment: - SPLUNK: '8.0' + SPLUNK: "8.0" <<: *build-splunk test-sc4s-3-25-1-splunk-8-0: docker: - image: circleci/python:3.7 environment: - SYSLOG: '3.25.1' - SPLUNK: '8.0' + SYSLOG: "3.25.1" + SPLUNK: "8.0" <<: *test test-sc4s-master-splunk-8-0: docker: - image: circleci/python:3.7 environment: - SYSLOG: 'master' - SPLUNK: '8.0' + SYSLOG: "master" + SPLUNK: "8.0" <<: *test test-sc4s-3-25-1-splunk-7-3: docker: - image: circleci/python:3.7 environment: - SYSLOG: '3.25.1' - SPLUNK: '7.3' + SYSLOG: "3.25.1" + SPLUNK: "7.3" <<: *test test-sc4s-3-25-1-splunk-7-2: - docker: - image: circleci/python:3.7 environment: - SYSLOG: '3.25.1' - SPLUNK: '7-2' + SYSLOG: "3.25.1" + SPLUNK: "7-2" <<: *test publish-edge: - docker: - image: circleci/python:3.7 environment: - SYSLOG: '3.25.1' - SPLUNK: '8.0' + SYSLOG: "3.25.1" + SPLUNK: "8.0" VERSION_TAG: edge GHR_FLAGS: -prerelease <<: *publish publish-latest: - docker: - image: circleci/python:3.7 environment: - SYSLOG: '3.25.1' - SPLUNK: '8.0' + SYSLOG: "3.25.1" + SPLUNK: "8.0" VERSION_TAG: latest <<: *publish publish-tag: - docker: - image: circleci/python:3.7 environment: - SYSLOG: '3.25.1' - SPLUNK: '8.0' + SYSLOG: "3.25.1" + SPLUNK: "8.0" <<: *publish workflows: version: 2 @@ -314,4 +309,4 @@ workflows: ignore: /.*/ - publish-tag: requires: - - publish-pre-gh-tag \ No newline at end of file + - publish-pre-gh-tag From 361fd396dac33be95bc819c89a44ddcd68ccfb25 Mon Sep 17 00:00:00 2001 From: rfaircloth-splunk Date: Mon, 10 Feb 2020 18:10:47 -0500 Subject: [PATCH 2/5] Update pytest.ini --- pytest.ini | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pytest.ini b/pytest.ini index b587d06..4fce685 100644 --- a/pytest.ini +++ b/pytest.ini @@ -5,7 +5,7 @@ addopts = --splunk_type=docker --keepalive --splunk_hec_token=1ec3c8ac-74b3-46f2-ba44-a7c96b6ab236 - #-n=4 + -n=6 filterwarnings = ignore::DeprecationWarning junit_family=xunit1 \ No newline at end of file From 817cbbbe8ccbe88114d87b52b5d8a52987be58fe Mon Sep 17 00:00:00 2001 From: rfaircloth-splunk Date: Mon, 10 Feb 2020 18:31:22 -0500 Subject: [PATCH 3/5] Update config.yml --- .circleci/config.yml | 151 ++++--------------------------------------- 1 file changed, 13 insertions(+), 138 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 0e946a8..d2e4a11 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -8,65 +8,17 @@ #work. If not, see . version: 2.1 -build-sc4s: &build-sc4s - steps: - - checkout - - setup_remote_docker: - docker_layer_caching: true - - run: - name: Docker Login - command: | - docker login -u $DOCKER_USER -p $DOCKER_PASS - docker login -u $GITHUB_USER -p $GITHUB_TOKEN docker.pkg.github.com - - semver-orb/export-tag - - run: - name: Build SC4S - command: | - echo $SEMVER_VERSION >package/VERSION - docker build --build-arg BRANCH=${SYSLOG} package \ - -t docker.pkg.github.com/splunk/splunk-connect-for-syslog/stg-splunk-connect-for-syslog:sc4s-${SYSLOG}-${CIRCLE_SHA1} - - run: - name: Push SC4S - command: | - docker push \ - docker.pkg.github.com/splunk/splunk-connect-for-syslog/stg-splunk-connect-for-syslog:sc4s-${SYSLOG}-${CIRCLE_SHA1} - -build-splunk: &build-splunk - steps: - - checkout - - setup_remote_docker: - docker_layer_caching: true - - run: - name: Docker Login - command: | - docker login -u $DOCKER_USER -p $DOCKER_PASS - docker login -u $GITHUB_USER -p $GITHUB_TOKEN docker.pkg.github.com - - run: - name: Build Splunk - command: | - docker build --build-arg SPLUNK_VERSION=${SPLUNK} splunk \ - -t docker.pkg.github.com/splunk/splunk-connect-for-syslog/stg-splunk-connect-for-syslog:splunk-${SPLUNK}-${CIRCLE_SHA1} - - run: - name: Push Splunk - command: | - docker push \ - docker.pkg.github.com/splunk/splunk-connect-for-syslog/stg-splunk-connect-for-syslog:splunk-${SPLUNK}-${CIRCLE_SHA1} - test: &test steps: - checkout - setup_remote_docker: docker_layer_caching: true - - run: - name: Docker Login - command: | - docker login -u $DOCKER_USER -p $DOCKER_PASS - docker login -u $GITHUB_USER -p $GITHUB_TOKEN docker.pkg.github.com - run: name: Setup for testing command: | pip install -r tests/requirements.txt mkdir test-results + - semver-orb/export-tag - run: name: test command: | @@ -96,23 +48,25 @@ publish: &publish name: Docker Login command: | docker login -u $DOCKER_USER -p $DOCKER_PASS - docker login -u $GITHUB_USER -p $GITHUB_TOKEN docker.pkg.github.com - - run: docker pull docker.pkg.github.com/splunk/splunk-connect-for-syslog/stg-splunk-connect-for-syslog:sc4s-${SYSLOG}-${CIRCLE_SHA1} - + - semver-orb/export-tag + - run: + name: Build SC4S + command: | + echo $SEMVER_VERSION >package/VERSION + if [ -n "${CIRCLE_TAG}" ]; then VERSION=${CIRCLE_TAG}; else VERSION="${DOCKER_TAG}"; fi + docker build --build-arg BRANCH=${SYSLOG} package \ + -t splunk/scs:${VERSION} - run: name: Docker Save command: | mkdir -p /tmp/workspace/ - docker save docker.pkg.github.com/splunk/splunk-connect-for-syslog/stg-splunk-connect-for-syslog:sc4s-${SYSLOG}-${CIRCLE_SHA1} | gzip -c > /tmp/workspace/oci_container.tar.gz + if [ -n "${CIRCLE_TAG}" ]; then VERSION=${CIRCLE_TAG}; else VERSION="${DOCKER_TAG}"; fi + docker save splunk/scs:${VERSION} | gzip -c > /tmp/workspace/oci_container.tar.gz - run: name: BYOE Config command: | tar rvf /tmp/workspace/baremetal.tar -C package/etc . tar rvf /tmp/workspace/baremetal.tar -C package/sbin entrypoint.sh - - run: - command: | - if [ -n "${CIRCLE_TAG}" ]; then VERSION=${CIRCLE_TAG}; else VERSION="${VERSION_TAG}"; fi - docker tag docker.pkg.github.com/splunk/splunk-connect-for-syslog/stg-splunk-connect-for-syslog:sc4s-${SYSLOG}-${CIRCLE_SHA1} splunk/scs:${VERSION} - docker/push: image: splunk/scs tag: $DOCKER_TAG @@ -136,63 +90,6 @@ orbs: semver-orb: tv2norge/semver-orb@0.0.1 jobs: - build-tests: - docker: - - image: circleci/buildpack-deps:18.04 - environment: - SYSLOG: "3.25.1" - steps: - - checkout - - setup_remote_docker: - docker_layer_caching: true - - run: - name: Docker Login - command: | - docker login -u $DOCKER_USER -p $DOCKER_PASS - docker login -u $GITHUB_USER -p $GITHUB_TOKEN docker.pkg.github.com - - run: - name: Build Splunk - command: | - docker build tests \ - -t docker.pkg.github.com/splunk/splunk-connect-for-syslog/stg-splunk-connect-for-syslog:tests-${CIRCLE_SHA1} - - run: - name: Push Splunk - command: | - docker push \ - docker.pkg.github.com/splunk/splunk-connect-for-syslog/stg-splunk-connect-for-syslog:tests-${CIRCLE_SHA1} - - #JOB SC4S - build-sc4s-3-25-1: - docker: - - image: circleci/buildpack-deps:18.04 - environment: - SYSLOG: "syslog-ng-3.25.1" - <<: *build-sc4s - build-sc4s-master: - docker: - - image: circleci/buildpack-deps:18.04 - environment: - SYSLOG: "master" - <<: *build-sc4s - #JOB SPLUNK - build-splunk-7-2: - docker: - - image: circleci/buildpack-deps:18.04 - environment: - SPLUNK: "7.2" - <<: *build-splunk - build-splunk-7-3: - docker: - - image: circleci/buildpack-deps:18.04 - environment: - SPLUNK: "7.3" - <<: *build-splunk - build-splunk-8-0: - docker: - - image: circleci/buildpack-deps:18.04 - environment: - SPLUNK: "8.0" - <<: *build-splunk test-sc4s-3-25-1-splunk-8-0: docker: - image: circleci/python:3.7 @@ -228,7 +125,7 @@ jobs: environment: SYSLOG: "3.25.1" SPLUNK: "8.0" - VERSION_TAG: edge + DOCKER_TAG: edge GHR_FLAGS: -prerelease <<: *publish publish-latest: @@ -237,7 +134,7 @@ jobs: environment: SYSLOG: "3.25.1" SPLUNK: "8.0" - VERSION_TAG: latest + DOCKER_TAG: latest <<: *publish publish-tag: docker: @@ -250,32 +147,10 @@ workflows: version: 2 build_and_deploy: jobs: - - build-tests - - build-sc4s-3-25-1 - - build-sc4s-master - - build-splunk-7-2 - - build-splunk-7-3 - - build-splunk-8-0 - test-sc4s-3-25-1-splunk-8-0: - requires: - - build-sc4s-3-25-1 - - build-splunk-8-0 - - build-tests - test-sc4s-master-splunk-8-0: - requires: - - build-sc4s-master - - build-splunk-8-0 - - build-tests - test-sc4s-3-25-1-splunk-7-3: - requires: - - build-sc4s-3-25-1 - - build-splunk-7-3 - - build-tests - test-sc4s-3-25-1-splunk-7-2: - requires: - - build-sc4s-3-25-1 - - build-splunk-7-2 - - build-tests - publish-pre-gh-edge: type: approval requires: From 21cf64216be6d469b1f4ddc659a4c099c76d34c7 Mon Sep 17 00:00:00 2001 From: rfaircloth-splunk Date: Mon, 10 Feb 2020 18:33:40 -0500 Subject: [PATCH 4/5] Update config.yml --- .circleci/config.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index d2e4a11..6be7f68 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -147,10 +147,10 @@ workflows: version: 2 build_and_deploy: jobs: - - test-sc4s-3-25-1-splunk-8-0: - - test-sc4s-master-splunk-8-0: - - test-sc4s-3-25-1-splunk-7-3: - - test-sc4s-3-25-1-splunk-7-2: + - test-sc4s-3-25-1-splunk-8-0 + - test-sc4s-master-splunk-8-0 + - test-sc4s-3-25-1-splunk-7-3 + - test-sc4s-3-25-1-splunk-7-2 - publish-pre-gh-edge: type: approval requires: From fa8ec62cb2d9c4bfe6f5a41a9c4614895ea9fee3 Mon Sep 17 00:00:00 2001 From: rfaircloth-splunk Date: Mon, 10 Feb 2020 18:39:54 -0500 Subject: [PATCH 5/5] Update test_cisco_asa.py --- tests/test_cisco_asa.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/test_cisco_asa.py b/tests/test_cisco_asa.py index db8d3ac..32d0c00 100644 --- a/tests/test_cisco_asa.py +++ b/tests/test_cisco_asa.py @@ -41,7 +41,7 @@ def test_cisco_asa_traditional_nohost(record_property, setup_wordlist, setup_spl host = "{}-{}".format(random.choice(setup_wordlist), random.choice(setup_wordlist)) mt = env.from_string( - "{{ mark }} {% now 'utc', '%b %d %H:%M:%S' %}: %ASA-4-402119: IPSEC: Received an ESP packet (SPI= 0x0C190BF9, sequence number= 0x598243) from {host} (user= 192.0.0.1) to 192.0.0.2 that failed anti-replay checking.\n") + "{{ mark }} {% now 'utc', '%b %d %H:%M:%S' %}: %ASA-4-402119: IPSEC: Received an ESP packet (SPI= 0x0C190BF9, sequence number= 0x598243) from {{host}} (user= 192.0.0.1) to 192.0.0.2 that failed anti-replay checking.\n") message = mt.render(mark="<111>", host=host) sendsingle(message, setup_sc4s[0], setup_sc4s[1][514])