Add windows-specific test cases to findNew #3320
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ci | |
on: | |
workflow_dispatch: | |
push: | |
branches: [main, master] | |
tags: '*' | |
pull_request: | |
branches: '**' | |
merge_group: | |
types: [checks_requested] | |
jobs: | |
build_and_test: | |
name: launcher | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false # Consider changing this sometime | |
matrix: | |
os: | |
- ubuntu-20.04 | |
- macos-12 | |
- windows-latest | |
steps: | |
- name: Check out code | |
id: checkout | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 # need a full checkout for `git describe` | |
- name: Setup Go | |
uses: actions/setup-go@v3 | |
with: | |
go-version-file: './go.mod' | |
check-latest: true | |
id: go | |
# use bash, because the powershell syntax is different and this is a cross platform workflow | |
- id: go-cache-paths | |
shell: bash | |
run: | | |
echo "go-build=$(go env GOCACHE)" >> "$GITHUB_OUTPUT" | |
echo "go-mod=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT" | |
- name: Go Build Cache | |
uses: actions/cache@v3 | |
with: | |
path: ${{ steps.go-cache-paths.outputs.go-build }} | |
key: ${{ runner.os }}-go-build-${{ hashFiles('**/go.sum') }} | |
- name: Go Mod Cache | |
uses: actions/cache@v3 | |
with: | |
path: ${{ steps.go-cache-paths.outputs.go-mod }} | |
key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }} | |
- name: Get dependencies | |
run: make deps | |
- name: Run govulncheck | |
run: go install golang.org/x/vuln/cmd/govulncheck@latest; govulncheck ./... | |
- name: Set up zig | |
if: ${{ contains(matrix.os, 'ubuntu') }} | |
uses: goto-bus-stop/setup-zig@v2 | |
- name: Build | |
run: make -j2 github-build | |
- name: Check macOS build target | |
if: contains(matrix.os, 'macos') | |
# this uses grep's exit code | |
run: otool -l build/launcher | grep -A1 "minos 11" | |
- name: Lipo | |
run: make github-lipo | |
if: ${{ contains(matrix.os, 'macos') }} | |
- name: App Bundle | |
run: make github-launcherapp | |
if: ${{ contains(matrix.os, 'macos') }} | |
- name: Test | |
run: make test | |
- name: Cache build output | |
uses: actions/cache@v3 | |
with: | |
path: ./build | |
key: ${{ runner.os }}-${{ github.run_id }} | |
enableCrossOsArchive: true | |
# upload coverage here, because we don't cache it with the build | |
- name: Upload coverage | |
uses: actions/upload-artifact@v3 | |
with: | |
name: ${{ runner.os }}-coverage.out | |
path: coverage.out | |
exec_testing: | |
name: Exec Test | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: | |
# See https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners#supported-software | |
- ubuntu-20.04 | |
- ubuntu-22.04 | |
- macos-11 | |
- macos-12 | |
- macos-13 | |
- windows-2019 | |
- windows-2022 | |
needs: build_and_test | |
steps: | |
- name: cache restore build output | |
uses: actions/cache/restore@v3 | |
with: | |
path: ./build | |
key: ${{ runner.os }}-${{ github.run_id }} | |
enableCrossOsArchive: true | |
- name: Launcher Version | |
working-directory: build | |
run: ./launcher --version | |
- name: Download Osquery | |
working-directory: build | |
run: ./launcher download-osquery --directory . | |
- name: Osquery Version | |
working-directory: build | |
run: ./osqueryd --version | |
- name: Launcher Doctor | |
working-directory: build | |
run: ./launcher doctor | |
# If the prior exec tests suceeded, this grabs the cached things, and moves them to artifacts. We ought | |
# be able to do this entirely on ubuntu, so let's try! | |
store_artifacts: | |
name: Store Artifacts | |
runs-on: ubuntu-20.04 | |
strategy: | |
fail-fast: false | |
matrix: | |
artifactos: | |
# artifactos needs to match the runner.os set by the builds. (Which is not quite the same as matrix.os) | |
- linux | |
- macos | |
- windows | |
needs: exec_testing | |
steps: | |
- name: cache restore build output | |
uses: actions/cache/restore@v3 | |
with: | |
path: ./build | |
key: ${{ matrix.artifactos }}-${{ github.run_id }} | |
enableCrossOsArchive: true | |
- name: Upload Build | |
uses: actions/upload-artifact@v3 | |
with: | |
name: ${{ matrix.artifactos }}-build | |
path: build/ | |
if-no-files-found: error | |
package_builder_test: | |
name: package_builder | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: true | |
matrix: | |
os: | |
- ubuntu-20.04 | |
- macos-12 | |
- windows-latest | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 # need a full checkout for `git describe` | |
- uses: actions/setup-go@v3 | |
with: | |
go-version-file: './go.mod' | |
check-latest: true | |
id: go | |
- id: go-cache-paths | |
shell: bash | |
run: | | |
echo "go-build=$(go env GOCACHE)" >> "$GITHUB_OUTPUT" | |
echo "go-mod=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT" | |
- name: Go Build Cache | |
uses: actions/cache@v3 | |
with: | |
path: ${{ steps.go-cache-paths.outputs.go-build }} | |
key: ${{ runner.os }}-go-build-${{ hashFiles('**/go.sum') }} | |
- name: Go Mod Cache | |
uses: actions/cache@v3 | |
with: | |
path: ${{ steps.go-cache-paths.outputs.go-mod }} | |
key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }} | |
- run: make deps | |
- id: build | |
run: make package-builder | |
- name: package | |
id: run-package-builder | |
run: ${{ steps.build.outputs.binary }} make -debug --hostname=localhost --enroll_secret=secret --launcher_version=nightly --output_dir=./ | |
- name: Test install macOS | |
if: ${{ contains(matrix.os, 'macos') }} | |
run: | | |
# Check that we can install | |
sudo installer -dumplog -pkg ./launcher.darwin-launchd-pkg.pkg -target / | |
# Quick check that at least a couple of the files we expect now exist | |
if [ ! -f /Library/LaunchDaemons/com.launcher.launcher.plist ]; then echo "missing launchd entry" && exit 1; fi | |
if [ ! -f /usr/local/launcher/bin/osqueryd ]; then echo "missing osquery binary" && exit 1; fi | |
if [ ! -f /usr/local/launcher/Kolide.app/Contents/MacOS/launcher ]; then echo "missing launcher binary" && exit 1; fi | |
if [ ! -L /usr/local/launcher/bin/launcher ]; then echo "missing launcher symlink" && exit 1; fi | |
if [ ! -e /usr/local/launcher/bin/launcher ]; then echo "launcher symlink is present but broken" && exit 1; fi | |
# This job is here as a github status check -- it allows us to move | |
# the merge dependency from being on all the jobs to this single | |
# one. | |
ci_mergeable: | |
runs-on: ubuntu-latest | |
steps: | |
- run: true | |
needs: | |
- build_and_test | |
- package_builder_test | |
- exec_testing |