Add app inspect workflow (#12)

* Add app inspect workflow Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
crowdsecurity · Mar 21, 2023 · 31dac35 · 31dac35
1 parent 2fc806d
commit 31dac35
Showing 1 changed file with 57 additions and 0 deletions.
diff --git a/.github/workflows/appinspect.yaml b/.github/workflows/appinspect.yaml
@@ -0,0 +1,57 @@
+name: App inspect tests
+on:
+  push:
+  pull_request:
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Set up Python
+        uses: actions/setup-python@v2
+        with:
+          python-version: '3.9.16'
+
+      - name: Install Splunk Packaging Toolkit
+        run: |
+          curl https://download.splunk.com/misc/packaging-toolkit/splunk-packaging-toolkit-1.0.1.tar.gz -o /tmp/spl.tar.gz
+          pip install /tmp/spl.tar.gz
+      
+      - name: Create Splunk App Package
+        run: |
+          rm -rf .git .github .gitignore
+          slim package .
+          cp crowdsec-splunk-app-*.tar.gz  /tmp/crowdsec-splunk-app.tar.gz
+      
+      - name: Retrieve App Inspect Report
+        run: |
+          TOKEN=$(curl -u '${{ secrets.SPLUNKBASE_USERNAME }}:${{ secrets.SPLUNKBASE_PASSWORD }}' --url 'https://api.splunk.com/2.0/rest/login/splunk' | jq -r .data.token)
+          echo "::add-mask::$TOKEN"
+          REPORT_HREF=$(curl -X POST \
+          -H "Authorization: bearer $TOKEN" \
+          -H "Cache-Control: no-cache" \
+          -F "app_package=@/tmp/crowdsec-splunk-app.tar.gz" \
+          --url "https://appinspect.splunk.com/v1/app/validate"| jq -r .links[1].href)
+          REPORT_URL="https://appinspect.splunk.com$REPORT_HREF"
+          sleep 10
+          curl -X GET \
+          -H "Authorization: bearer $TOKEN" \
+          --url $REPORT_URL > /tmp/report
+      
+      - name: Upload App Inspect Report
+        uses: actions/upload-artifact@v2
+        with:
+          name: report
+          path: /tmp/report
+
+      - name: Check App Inspect Report Results
+        run: |
+          if grep -q '"result": "failure"' /tmp/report; then
+              echo "::error::App inspect check failed"
+              exit 1
+          else
+              exit 0
+          fi