fix(setup): Set curl --resolve flag conditionally #1263
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [ tls ] | |
| pull_request: | |
| branches: [ tls ] | |
| jobs: | |
| test: | |
| name: Test suite | |
| # List of supported runners: | |
| # https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners | |
| runs-on: ubuntu-22.04 | |
| env: | |
| COMPOSE_PROJECT_NAME: docker-elk | |
| steps: | |
| - uses: actions/checkout@v6 | |
| ######################################################## | |
| # # | |
| # Ensure §"Initial setup" of the README remains valid. # | |
| # # | |
| ######################################################## | |
| - name: Set password of every built-in user to 'testpasswd' | |
| run: >- | |
| sed -i | |
| -e 's/\(ELASTIC_PASSWORD=\)'\''changeme'\''/\1testpasswd/g' | |
| -e 's/\(LOGSTASH_INTERNAL_PASSWORD=\)'\''changeme'\''/\1testpasswd/g' | |
| -e 's/\(KIBANA_SYSTEM_PASSWORD=\)'\''changeme'\''/\1testpasswd/g' | |
| -e 's/\(METRICBEAT_INTERNAL_PASSWORD=\)'\'\''/\1testpasswd/g' | |
| -e 's/\(FILEBEAT_INTERNAL_PASSWORD=\)'\'\''/\1testpasswd/g' | |
| -e 's/\(HEARTBEAT_INTERNAL_PASSWORD=\)'\'\''/\1testpasswd/g' | |
| -e 's/\(MONITORING_INTERNAL_PASSWORD=\)'\'\''/\1testpasswd/g' | |
| -e 's/\(BEATS_SYSTEM_PASSWORD=\)'\'\''/\1testpasswd/g' | |
| .env | |
| - name: Generate X.509 assets for TLS communications | |
| run: | | |
| echo '::group::Generate certificates and private keys' | |
| docker compose up tls | |
| echo '::endgroup::' | |
| echo '::group::Provide CA fingerprint for Fleet output' | |
| declare ca_fingerprint | |
| ca_fingerprint="$(openssl x509 -fingerprint -sha256 -noout -in tls/certs/ca/ca.crt \ | |
| | cut -d '=' -f2 \ | |
| | tr -d ':' \ | |
| | tr '[:upper:]' '[:lower:]' | |
| )" | |
| sed -i "s/#\(ca_trusted_fingerprint:\).*/\1 ${ca_fingerprint}/g" kibana/config/kibana.yml | |
| git diff | |
| echo '::endgroup::' | |
| # Elasticsearch's high disk watermark gets regularly exceeded on GitHub Actions runners. | |
| # https://www.elastic.co/guide/en/elasticsearch/reference/current/fix-watermark-errors.html | |
| - name: Disable Elasticsearch disk allocation decider | |
| run: | | |
| docker compose up -d elasticsearch | |
| .github/workflows/scripts/disable-disk-alloc-decider.sh | |
| - name: Pre-build container images | |
| run: >- | |
| docker compose | |
| -f docker-compose.yml | |
| -f extensions/fleet/fleet-compose.yml | |
| -f extensions/fleet/agent-apmserver-compose.yml | |
| -f extensions/metricbeat/metricbeat-compose.yml | |
| -f extensions/filebeat/filebeat-compose.yml | |
| -f extensions/heartbeat/heartbeat-compose.yml | |
| build | |
| - name: Generate Kibana encryption keys | |
| run: docker container run --rm docker-elk-kibana bin/kibana-encryption-keys generate -q >>kibana/config/kibana.yml | |
| - name: Set up users and roles | |
| run: docker compose up --exit-code-from=setup setup | |
| ############################# | |
| # # | |
| # Test core and extensions. # | |
| # # | |
| ############################# | |
| # | |
| # Core components: Elasticsearch, Logstash, Kibana | |
| # | |
| - name: Execute core test suite | |
| run: | | |
| docker compose up -d | |
| .github/workflows/scripts/run-tests-core.sh | |
| # next steps don't need Logstash | |
| docker compose stop logstash | |
| # | |
| # Fleet | |
| # | |
| - name: Execute Fleet test suite | |
| run: | | |
| docker compose -f docker-compose.yml -f extensions/fleet/fleet-compose.yml -f extensions/fleet/agent-apmserver-compose.yml up --remove-orphans -d fleet-server apm-server | |
| .github/workflows/scripts/run-tests-fleet.sh | |
| # | |
| # Metricbeat | |
| # | |
| - name: Execute Metricbeat test suite | |
| run: | | |
| docker compose -f docker-compose.yml -f extensions/metricbeat/metricbeat-compose.yml up --remove-orphans -d metricbeat | |
| .github/workflows/scripts/run-tests-metricbeat.sh | |
| # | |
| # Filebeat | |
| # | |
| - name: Execute Filebeat test suite | |
| run: | | |
| docker compose -f docker-compose.yml -f extensions/filebeat/filebeat-compose.yml up --remove-orphans -d filebeat | |
| .github/workflows/scripts/run-tests-filebeat.sh | |
| # | |
| # Heartbeat | |
| # | |
| - name: Execute Heartbeat test suite | |
| run: | | |
| docker compose -f docker-compose.yml -f extensions/heartbeat/heartbeat-compose.yml up --remove-orphans -d heartbeat | |
| .github/workflows/scripts/run-tests-heartbeat.sh | |
| - name: Collect troubleshooting data | |
| id: debug-data | |
| if: failure() | |
| run: | | |
| declare debug_data_dir="$(mktemp -d)" | |
| docker compose \ | |
| -f docker-compose.yml \ | |
| -f extensions/fleet/fleet-compose.yml \ | |
| -f extensions/fleet/agent-apmserver-compose.yml \ | |
| -f extensions/metricbeat/metricbeat-compose.yml \ | |
| -f extensions/filebeat/filebeat-compose.yml \ | |
| -f extensions/heartbeat/heartbeat-compose.yml \ | |
| ps >"$debug_data_dir"/docker_ps.log | |
| docker compose \ | |
| -f docker-compose.yml \ | |
| -f extensions/fleet/fleet-compose.yml \ | |
| -f extensions/fleet/agent-apmserver-compose.yml \ | |
| -f extensions/metricbeat/metricbeat-compose.yml \ | |
| -f extensions/filebeat/filebeat-compose.yml \ | |
| -f extensions/heartbeat/heartbeat-compose.yml \ | |
| logs >"$debug_data_dir"/docker_logs.log | |
| echo "path=${debug_data_dir}" >>"$GITHUB_OUTPUT" | |
| - name: Upload collected troubleshooting data | |
| if: always() && steps.debug-data.outputs.path | |
| uses: actions/upload-artifact@v6 | |
| with: | |
| name: debug-data | |
| path: ${{ steps.debug-data.outputs.path }}/*.* | |
| ############## | |
| # # | |
| # Tear down. # | |
| # # | |
| ############## | |
| - name: Terminate all components | |
| if: always() | |
| run: >- | |
| docker compose | |
| -f docker-compose.yml | |
| -f extensions/fleet/fleet-compose.yml | |
| -f extensions/fleet/agent-apmserver-compose.yml | |
| -f extensions/metricbeat/metricbeat-compose.yml | |
| -f extensions/filebeat/filebeat-compose.yml | |
| -f extensions/heartbeat/heartbeat-compose.yml | |
| down -v |