-
Notifications
You must be signed in to change notification settings - Fork 971
/
Copy path.drone.yml
413 lines (400 loc) · 14.4 KB
/
.drone.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
---
kind: pipeline
name: opencti-tests
steps:
- name: dependencies-checkout
image: nikolaik/python-nodejs:python3.11-nodejs20-alpine
environment:
GITHUB_TOKEN:
from_secret: github_token
commands:
- apk add git github-cli
- chmod 777 scripts/*
- ./scripts/clone-dependencies.sh "${DRONE_SOURCE_BRANCH}" "${DRONE_TARGET_BRANCH}" "$(pwd)" "${DRONE_PULL_REQUEST}"
- ls -lart
- cd "$DRONE_WORKSPACE/client-python"
- echo "[INFO] using client-python on branch $(git branch --show-current)"
- git log -n 1
- name: api-tests
image: nikolaik/python-nodejs:python3.11-nodejs20-alpine
volumes:
- name: cache-node-backend
path: /drone/src/opencti-platform/opencti-graphql/node_modules
environment:
APP__BASE_URL: http://api-tests:4010/
APP__ADMIN__PASSWORD: admin
APP__SYNC_RAW_START_REMOTE_URI: http://opencti-raw-start:4100/graphql
APP__SYNC_LIVE_START_REMOTE_URI: http://opencti-live-start:4200/graphql
APP__SYNC_DIRECT_START_REMOTE_URI: http://opencti-direct-start:4300/graphql
APP__SYNC_RESTORE_START_REMOTE_URI: http://opencti-restore-start:4400/graphql
APP__ADMIN__TOKEN: bfa014e0-e02e-4aa6-a42b-603b19dcf159
REDIS__HOSTNAME: redis
ELASTICSEARCH__URL: http://elastic:9200
MINIO__ENDPOINT: minio
RABBITMQ__HOSTNAME: rabbitmq
EXPIRATION_SCHEDULER__ENABLED: false
SUBSCRIPTION_SCHEDULER__ENABLED: false
SMTP__HOSTNAME: smtp.ethereal.email
SMTP__PORT: 587
SMTP__USERNAME: [email protected]
SMTP__PASSWORD: frhJ2mSPTfaEutpbug
PYTHONUNBUFFERED: 1
commands:
- apk add build-base git libffi-dev cargo
- pip3 install --upgrade setuptools
- cd "$DRONE_WORKSPACE/client-python"
- pip install -r requirements.txt
- pip install -e .[dev,doc]
- cd "$DRONE_WORKSPACE/opencti-platform/opencti-graphql"
- yarn install
- yarn build
- yarn check-ts
- yarn lint
- NODE_OPTIONS=--max_old_space_size=8192 yarn test
depends_on:
- dependencies-checkout
- name: api-coverage
image: plugins/codecov
settings:
token:
from_secret: codecov_token
paths:
- opencti-platform/opencti-graphql/coverage
depends_on:
- api-tests
- name: frontend-tests
image: node:20-alpine
volumes:
- name: cache-node-frontend
path: /drone/src/opencti-platform/opencti-front/node_modules
commands:
- apk add git tini gcc g++ make musl-dev cargo python3 python3-dev postfix postfix-pcre
- npm install -g node-gyp
- cd opencti-platform/opencti-front
- yarn install
- yarn build
- yarn check-ts
- yarn lint
- NODE_OPTIONS=--max_old_space_size=8192 yarn test
- name: frontend-e2e-tests
image: node:20.18.1
volumes:
- name: cache-node-frontend-e2e
path: /drone/src/opencti-platform/opencti-front/node_modules
environment:
BACK_END_URL: http://opencti-e2e-start:4500
E2E_TEST: true
TEAMS_WEBHOOK: teams-webhook-url
commands:
- apt-get update
- apt-get -y install netcat-traditional
- cd opencti-platform/opencti-front
- yarn install
- npx playwright install --with-deps chromium
- yarn build
- yarn test:e2e
depends_on:
- frontend-tests
- name: upload-build-artefact
image: node:20.18.1
failure: ignore
when:
status:
- failure
- success
environment:
JFROG_TOKEN:
from_secret: jfrog_token
JFROG_BUILD_NAME: opencti-build
JFROG_REPOSITORY: opencti-drone
JFROG_URL: https://filigran.jfrog.io/artifactory
commands:
- apt-get update
# see https://docs.jfrog-applications.jfrog.io/jfrog-applications/jfrog-cli/cli-for-jfrog-artifactory
- npm install -g jfrog-cli-v2-jf
# Collect git info
- jf rt bag $JFROG_BUILD_NAME $DRONE_BUILD_NUMBER
# Archive and upload each artefact that we need
- tar -czvf frontend-test-results-$DRONE_BUILD_NUMBER.tar.gz opencti-platform/opencti-front/test-results
- jf rt u frontend-test-results-$DRONE_BUILD_NUMBER.tar.gz $JFROG_REPOSITORY --build-name=$JFROG_BUILD_NAME --build-number=$DRONE_BUILD_NUMBER --url=$JFROG_URL --access-token=$JFROG_TOKEN
- tar -czvf backend-test-results-$DRONE_BUILD_NUMBER.tar.gz opencti-platform/opencti-graphql/test-results
- jf rt u backend-test-results-$DRONE_BUILD_NUMBER.tar.gz $JFROG_REPOSITORY --build-name=$JFROG_BUILD_NAME --build-number=$DRONE_BUILD_NUMBER --url=$JFROG_URL --access-token=$JFROG_TOKEN
# Next line should be done only once at the end: it's recording and gathering build info
- jf rt bp $JFROG_BUILD_NAME $DRONE_BUILD_NUMBER --url=$JFROG_URL --access-token=$JFROG_TOKEN --build-url=$DRONE_BUILD_LINK
# Cleaning up old build in JFrog
- jf rt bdi $JFROG_BUILD_NAME --max-days=30 --url=$JFROG_URL --access-token=$JFROG_TOKEN
depends_on:
- frontend-e2e-tests
- name: frontend-verify-translation
image: node:20.18.1
commands:
- cd opencti-platform/opencti-front
- node script/verify-translation.js
- name: build-circleci
image: curlimages/curl
commands:
- curl -X POST --data "branch=$DRONE_COMMIT_BRANCH" https://circleci.com/api/v1.1/project/github/OpenCTI-Platform/opencti/build?circle-token=$CIRCLECI_TOKEN
environment:
CIRCLECI_TOKEN:
from_secret: circleci_token
when:
branch:
- master
- release/*
event:
exclude:
- pull_request
- tag
depends_on:
- api-tests
- frontend-tests
- frontend-e2e-tests
- name: build-circleci-release
image: curlimages/curl
commands:
- curl -X POST --data "tag=$DRONE_TAG" https://circleci.com/api/v1.1/project/github/OpenCTI-Platform/opencti/build?circle-token=$CIRCLECI_TOKEN
environment:
CIRCLECI_TOKEN:
from_secret: circleci_token
when:
event:
- tag
depends_on:
- api-tests
- frontend-tests
- frontend-e2e-tests
- name: slack
image: plugins/slack
settings:
webhook:
from_secret: slack_webhook
username: drone
channel: notifications
when:
status: [success, failure]
depends_on:
- api-tests
- frontend-tests
- frontend-e2e-tests
services:
- name: redis
image: redis:7.4.0
- name: elastic
image: docker.elastic.co/elasticsearch/elasticsearch:8.17.0
environment:
discovery.type: single-node
xpack.security.enabled: false
ES_JAVA_OPTS: -Xms2g -Xmx2g
- name: minio
image: minio/minio:RELEASE.2023-07-07T07-13-57Z
environment:
MINIO_ROOT_USER: ChangeMe
MINIO_ROOT_PASSWORD: ChangeMe
command: [server, /data]
- name: rabbitmq
image: rabbitmq:4.0-management
- name: opencti-raw-start
image: nikolaik/python-nodejs:python3.11-nodejs20-alpine
volumes:
- name: cache-node-raw-start-backend
path: /tmp/raw-start-platform/opencti-graphql/node_modules
environment:
APP__PORT: 4100
APP__ADMIN__PASSWORD: admin
APP__ADMIN__TOKEN: bfa014e0-e02e-4aa6-a42b-603b19dcf159
APP__APP_LOG__EXTENDED_ERROR_MESSAGE: true
REDIS__HOSTNAME: redis
REDIS__NAMESPACE: raw-start
ELASTICSEARCH__URL: http://elastic:9200
ELASTICSEARCH__INDEX_PREFIX: raw-start
MINIO__ENDPOINT: minio
MINIO__BUCKET_NAME: raw-start-bucket
RABBITMQ__HOSTNAME: rabbitmq
RABBITMQ__QUEUE_PREFIX: raw-start
EXPIRATION_SCHEDULER__ENABLED: false
SUBSCRIPTION_SCHEDULER__ENABLED: false
commands:
- sleep 10
- ls -lart
- cp -a opencti-platform/* /tmp/raw-start-platform/
- apk add build-base git libffi-dev cargo
- cd "$DRONE_WORKSPACE/client-python"
- pip install -r requirements.txt
- pip install -e .[dev,doc]
- cd /tmp/raw-start-platform/opencti-graphql
- yarn install
- yarn install:python
- NODE_OPTIONS=--max_old_space_size=8192 yarn start
- name: opencti-live-start
image: nikolaik/python-nodejs:python3.11-nodejs20-alpine
volumes:
- name: cache-node-live-start-backend
path: /tmp/live-start-platform/opencti-graphql/node_modules
environment:
APP__PORT: 4200
APP__ADMIN__PASSWORD: admin
APP__ADMIN__TOKEN: bfa014e0-e02e-4aa6-a42b-603b19dcf159
APP__APP_LOG__EXTENDED_ERROR_MESSAGE: true
REDIS__HOSTNAME: redis
REDIS__NAMESPACE: live-start
ELASTICSEARCH__URL: http://elastic:9200
ELASTICSEARCH__INDEX_PREFIX: live-start
MINIO__ENDPOINT: minio
MINIO__BUCKET_NAME: live-start-bucket
RABBITMQ__HOSTNAME: rabbitmq
RABBITMQ__QUEUE_PREFIX: live-start
EXPIRATION_SCHEDULER__ENABLED: false
SUBSCRIPTION_SCHEDULER__ENABLED: false
commands:
- sleep 10
- cp -a opencti-platform/* /tmp/live-start-platform/
- apk add build-base git libffi-dev cargo
- cd "$DRONE_WORKSPACE/client-python"
- pip install -r requirements.txt
- pip install -e .[dev,doc]
- cd /tmp/live-start-platform/opencti-graphql
- yarn install
- yarn install:python
- NODE_OPTIONS=--max_old_space_size=8192 yarn start
- name: opencti-direct-start
image: nikolaik/python-nodejs:python3.11-nodejs20-alpine
volumes:
- name: cache-node-direct-start-backend
path: //tmp/direct-start-platform/opencti-graphql/node_modules
environment:
APP__PORT: 4300
APP__ADMIN__PASSWORD: admin
APP__ADMIN__TOKEN: bfa014e0-e02e-4aa6-a42b-603b19dcf159
APP__APP_LOG__EXTENDED_ERROR_MESSAGE: true
REDIS__HOSTNAME: redis
REDIS__NAMESPACE: direct-start
ELASTICSEARCH__URL: http://elastic:9200
ELASTICSEARCH__INDEX_PREFIX: direct-start
MINIO__ENDPOINT: minio
MINIO__BUCKET_NAME: direct-start-bucket
RABBITMQ__HOSTNAME: rabbitmq
RABBITMQ__QUEUE_PREFIX: direct-start
EXPIRATION_SCHEDULER__ENABLED: false
SUBSCRIPTION_SCHEDULER__ENABLED: false
commands:
- sleep 10
- cp -a opencti-platform/* /tmp/direct-start-platform/
- apk add build-base git libffi-dev cargo
- cd "$DRONE_WORKSPACE/client-python"
- pip install -r requirements.txt
- pip install -e .[dev,doc]
- cd /tmp/direct-start-platform/opencti-graphql
- yarn install
- yarn install:python
- NODE_OPTIONS=--max_old_space_size=8192 yarn start
- name: opencti-direct-worker
image: nikolaik/python-nodejs:python3.11-nodejs20-alpine
volumes:
- name: cache-node-direct-start-backend
path: /tmp/direct-start-platform/node_modules
environment:
OPENCTI_URL: http://opencti-direct-start:4300
OPENCTI_TOKEN: bfa014e0-e02e-4aa6-a42b-603b19dcf159
WORKER_LOG_LEVEL: info
commands:
- sleep 10
- cp -a opencti-worker /tmp/direct-start-worker
- apk add build-base git libffi-dev cargo
- cd "$DRONE_WORKSPACE/client-python"
- pip install -r requirements.txt
- pip install -e .[dev,doc]
- while ! nc -z opencti-direct-start 4300 ; do sleep 1 ; done
- cd /tmp/direct-start-worker
- pip3 install -r src/requirements.txt
- python3 src/worker.py
- name: opencti-restore-start
image: nikolaik/python-nodejs:python3.11-nodejs20-alpine
volumes:
- name: cache-node-restore-start-backend
path: /tmp/restore-start-platform/node_modules
environment:
APP__PORT: 4400
APP__ADMIN__PASSWORD: admin
APP__ADMIN__TOKEN: bfa014e0-e02e-4aa6-a42b-603b19dcf159
APP__APP_LOG__EXTENDED_ERROR_MESSAGE: true
REDIS__HOSTNAME: redis
REDIS__NAMESPACE: restore-start
ELASTICSEARCH__URL: http://elastic:9200
ELASTICSEARCH__INDEX_PREFIX: restore-start
MINIO__ENDPOINT: minio
MINIO__BUCKET_NAME: restore-start-bucket
RABBITMQ__HOSTNAME: rabbitmq
RABBITMQ__QUEUE_PREFIX: restore-start
EXPIRATION_SCHEDULER__ENABLED: false
SUBSCRIPTION_SCHEDULER__ENABLED: false
commands:
- sleep 10
- cp -a opencti-platform/* /tmp/restore-start-platform/
- apk add build-base git libffi-dev cargo
- cd "$DRONE_WORKSPACE/client-python"
- pip install -r requirements.txt
- pip install -e .[dev,doc]
- cd /tmp/restore-start-platform/opencti-graphql
- yarn install
- yarn install:python
- NODE_OPTIONS=--max_old_space_size=8192 yarn start
- name: opencti-e2e-start
image: nikolaik/python-nodejs:python3.11-nodejs20-alpine
volumes:
- name: cache-node-e2e-start-backend
path: /tmp/e2e-start-platform/node_modules
environment:
APP__PORT: 4500
APP__ENABLED_DEV_FEATURES: '["*"]'
APP__ADMIN__PASSWORD: admin
APP__ADMIN__TOKEN: bfa014e0-e02e-4aa6-a42b-603b19dcf159
APP__APP_LOG__EXTENDED_ERROR_MESSAGE: true
REDIS__HOSTNAME: redis
REDIS__NAMESPACE: e2e-start
ELASTICSEARCH__URL: http://elastic:9200
ELASTICSEARCH__INDEX_PREFIX: e2e-start
MINIO__ENDPOINT: minio
MINIO__BUCKET_NAME: e2e-start-bucket
RABBITMQ__HOSTNAME: rabbitmq
RABBITMQ__QUEUE_PREFIX: e2e-start
EXPIRATION_SCHEDULER__ENABLED: false
SUBSCRIPTION_SCHEDULER__ENABLED: false
PUBLISHER_MANAGER__ENABLED: false
commands:
- cp -a opencti-platform/* /tmp/e2e-start-platform/
- apk add build-base git libffi-dev cargo
- cd "$DRONE_WORKSPACE/client-python"
- pip install -r requirements.txt
- pip install -e .[dev,doc]
- cd /tmp/e2e-start-platform/opencti-graphql
- yarn install
- yarn install:python
- BRANCH=$(echo $DRONE_COMMIT_BRANCH | cut -d "/" -f 2)
- yarn build:dev
- yarn wait-api && node build/script-insert-dataset.js --datasets=DATA-TEST-STIX2_v2,data-test-stix-e2e,poisonivy &
- NODE_OPTIONS=--max_old_space_size=8192 yarn start
volumes:
- name: cache-node-backend
host:
path: /tmp/cache-node-backend
- name: cache-node-raw-start-backend
host:
path: /tmp/cache-node-raw-start-backend
- name: cache-node-live-start-backend
host:
path: /tmp/cache-node-live-start-backend
- name: cache-node-direct-start-backend
host:
path: /tmp/cache-node-direct-start-backend
- name: cache-node-restore-start-backend
host:
path: /tmp/cache-node-restore-start-backend
- name: cache-node-e2e-start-backend
host:
path: /tmp/cache-node-e2e-start-backend
- name: cache-node-frontend
host:
path: /tmp/cache-node-frontend
- name: cache-node-frontend-e2e
host:
path: /tmp/cache-node-frontend-e2e