feat: create automatic install policies for fleet-maintained apps #11128
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Test latest changes in fleetctl preview | |
# Tests the `fleetctl preview` command with latest changes in fleetctl and | |
# docs/01-Using-Fleet/standard-query-library/standard-query-library.yml | |
on: | |
push: | |
branches: | |
- main | |
- patch-* | |
- prepare-* | |
paths: | |
- 'cmd/fleetctl/**.go' | |
- 'pkg/**.go' | |
- 'server/service/**.go' | |
- 'server/context/**.go' | |
- 'orbit/**.go' | |
- 'ee/fleetctl/**.go' | |
- 'docs/01-Using-Fleet/standard-query-library/standard-query-library.yml' | |
- 'tools/osquery/in-a-box' | |
pull_request: | |
paths: | |
- 'cmd/fleetctl/**.go' | |
- 'pkg/**.go' | |
- 'server/service/**.go' | |
- 'server/context/**.go' | |
- 'orbit/**.go' | |
- 'ee/fleetctl/**.go' | |
- 'docs/01-Using-Fleet/standard-query-library/standard-query-library.yml' | |
- 'tools/osquery/in-a-box' | |
workflow_dispatch: # Manual | |
# This allows a subsequently queued workflow run to interrupt previous runs | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}} | |
cancel-in-progress: true | |
defaults: | |
run: | |
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference | |
shell: bash | |
permissions: | |
contents: read | |
jobs: | |
test-preview: | |
timeout-minutes: 60 | |
strategy: | |
matrix: | |
# Only run on Linux because: | |
# - Linux Docker containers are not supported in Windows. | |
# - Unattended installation of Docker on macOS fails. (see | |
# https://github.com/docker/for-mac/issues/6450) | |
os: [ubuntu-latest] | |
runs-on: ${{ matrix.os }} | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 | |
with: | |
egress-policy: audit | |
- name: Checkout Code | |
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
- name: Install Go | |
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 | |
with: | |
go-version-file: 'go.mod' | |
- name: Build Fleetctl | |
run: make fleetctl | |
- name: Run fleetctl preview | |
run: | | |
./build/fleetctl preview \ | |
--preview-config-path ./tools/osquery/in-a-box \ | |
--std-query-lib-file-path $(pwd)/docs/01-Using-Fleet/standard-query-library/standard-query-library.yml | |
sleep 10 | |
./build/fleetctl get hosts | tee hosts.txt | |
[ $( cat hosts.txt | grep online | wc -l) -eq 9 ] | |
- name: Get fleet logs | |
if: always() | |
run: | | |
FLEET_LICENSE_KEY=foo docker compose -f ~/.fleet/preview/docker-compose.yml logs fleet01 fleet02 > fleet-logs.txt | |
# Copying logs, otherwise the upload-artifact action uploads the logs in a hidden folder (.fleet) | |
# Old location of orbit logs before v4.43.0 | |
cp ~/.fleet/preview/orbit.log orbit.log || true | |
# New location of orbit logs since v4.43.0 | |
cp ~/.fleet/preview/orbit/orbit.log orbit.log || true | |
cp -r ~/.fleet/preview/logs osquery_result_status_logs | |
- name: Upload logs | |
if: always() | |
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v2 | |
with: | |
name: ${{ matrix.os }}-log | |
path: | | |
fleet-logs.txt | |
orbit.log | |
osquery_result_status_logs |