test out the OOM testing pipeline integration

Author: maximpn

.buildkite/scripts/packages/security_detection_engine.sh

@@ -0,0 +1,86 @@
+#!/bin/bash
+
+set -euo pipefail
+
+PACKAGE_VERSION=$(yq -r '.version' ./packages/security_detection_engine/manifest.yml)
+EPR_INSTANCE_NAME="bk-epr-prebuilt-rules-oom-testing-$BUILDKITE_BUILD_NUMBER"
+EPR_VM_IMAGE="projects/elastic-kibana-184716/global/images/rule-management-epr-oct-28"
+
+# gcloud compute instances create "$EPR_INSTANCE_NAME" \
+#     --zone=us-west2-a \
+#     --machine-type=e2-small \
+#     --network-interface=network-tier=PREMIUM,stack-type=IPV4_ONLY,subnet=default \
+#     # --maintenance-policy=MIGRATE \
+#     --provisioning-model=STANDARD \
+#     # --scopes=https://www.googleapis.com/auth/devstorage.read_only,https://www.googleapis.com/auth/logging.write,https://www.googleapis.com/auth/monitoring.write,https://www.googleapis.com/auth/service.management.readonly,https://www.googleapis.com/auth/servicecontrol,https://www.googleapis.com/auth/trace.append \
+#     --tags=https-server \
+#     --create-disk=auto-delete=yes,boot=yes,device-name=instance-20251031-131502,image="$EPR_VM_IMAGE",mode=rw,size=10,type=pd-standard \
+#     --no-shielded-secure-boot \
+#     --no-shielded-vtpm \
+#     --no-shielded-integrity-monitoring \
+#     --labels=goog-ec-src=vm_add-gcloud \
+#     --reservation-affinity=any
+#     --quiet
+# echo "--- Deploy EPR instance: $EPR_INSTANCE_NAME (Mock)"
+
+# Upload the tested package
+
+# Trigger the OOM testing pipeline
+cat <<YAML | buildkite-agent pipeline upload
+steps:
+  - key: 'deploy-epr-instance-$BUILDKITE_BUILD_NUMBER'
+    label: ':package::sparkles: [security_detection_engine] Deploying EPR instance'
+    agents:
+      provider: gcp
+      image: ${IMAGE_UBUNTU_X86_64}
+    plugins:
+      # This plugin authenticates to Google Cloud using the OIDC token.
+      - elastic/oblt-google-auth#v1.3.0:
+          lifetime: 10800 # seconds
+          project-id: "elastic-kibana-184716"
+          project-number: "261553193300"
+    command: |
+      gcloud compute instances create "$EPR_INSTANCE_NAME" \
+      --zone=us-west2-a \
+      --machine-type=e2-small \
+      --network-interface=network-tier=PREMIUM,stack-type=IPV4_ONLY,subnet=default \
+      --provisioning-model=STANDARD \
+      --tags=https-server \
+      --create-disk=auto-delete=yes,boot=yes,device-name=instance-20251031-131502,image="$EPR_VM_IMAGE",mode=rw,size=10,type=pd-standard \
+      --no-shielded-secure-boot \
+      --no-shielded-vtpm \
+      --no-shielded-integrity-monitoring \
+      --labels=goog-ec-src=vm_add-gcloud \
+      --reservation-affinity=any
+      --quiet
+  - key: 'run-oom-testing-$BUILDKITE_BUILD_NUMBER'
+    label: ":bar_chart: [security_detection_engine] Trigger OOM testing pipeline"
+    depends_on:
+      - step: 'deploy-epr-instance-$BUILDKITE_BUILD_NUMBER'
+        allow_failure: false
+    trigger: "appex-qa-stateful-security-prebuilt-rules-ftr-oom-testing"
+    async: false
+    build:
+      env:
+        EC_PLAN_PROP_FLEET_REGISTRY_URL: unknown
+        EC_PLAN_PROP_PREBUILT_RULES_PACKAGE_VERSION: unknown
+  - key: 'remove-epr-instance-$BUILDKITE_BUILD_NUMBER'
+    label: ":broom::sparkles: [security_detection_engine] Removing EPR instance"
+    depends_on:
+      - step: 'run-oom-testing-$BUILDKITE_BUILD_NUMBER'
+        allow_failure: true
+    agents:
+      provider: gcp
+      image: ${IMAGE_UBUNTU_X86_64}
+    plugins:
+      # This plugin authenticates to Google Cloud using the OIDC token.
+      - elastic/oblt-google-auth#v1.3.0:
+          lifetime: 10800 # seconds
+          project-id: "elastic-kibana-184716"
+          project-number: "261553193300"
+    command: |
+      gcloud compute instances delete $EPR_INSTANCE_NAME --zone=us-west2-a --delete-disks=all --quiet
+YAML
+
+# echo "--- :broom::sparkles: Remove EPR instance: $EPR_INSTANCE_NAME (Mock)"
+# gcloud compute instances delete $EPR_INSTANCE_NAME --zone=us-west2-a --delete-disks=all --quiet

.buildkite/scripts/test_one_package.sh

@@ -19,20 +19,28 @@ add_bin_path
 
 with_yq
 with_mage
-with_docker
-with_docker_compose_plugin
-with_kubernetes
+# with_docker
+# with_docker_compose_plugin
+# with_kubernetes
 
 use_elastic_package
 
-pushd packages > /dev/null
-exit_code=0
-if ! process_package "${package}" ; then
-    # keep this message as a collapsed group in Buildkite, so it
-    # is not hidden by the previous collapsed group.
-    echo "--- [${package}] failed"
-    exit_code=1
+# pushd packages > /dev/null
+# exit_code=0
+# if ! process_package "${package}" ; then
+#     # keep this message as a collapsed group in Buildkite, so it
+#     # is not hidden by the previous collapsed group.
+#     echo "--- [${package}] failed"
+#     exit_code=1
+# fi
+# popd > /dev/null
+
+if [ -x "./.buildkite/scripts/packages/$package.sh" ]; then
+  echo "--- [${package}] Run individual package checker"
+  "./.buildkite/scripts/packages/$package.sh"
+else
+  echo "--- [${package}] Individual package checker ./packages/$package.sh is not found, continuing..."
 fi
-popd > /dev/null
 
+exit_code=0
 exit "${exit_code}"

.buildkite/scripts/trigger_integrations_in_parallel.sh

@@ -51,18 +51,21 @@ fi
 
 packages_to_test=0
 
+PACKAGE_LIST="security_detection_engine"
+
 for package in ${PACKAGE_LIST}; do
     # check if needed to create an step for this package
     echo "--- [$package] check if it is required to be tested"
     pushd "packages/${package}" > /dev/null
     skip_package="false"
     failure="false"
-    if ! reason=$(is_pr_affected "${package}" "${from}" "${to}") ; then
-        skip_package="true"
-        if [[ "${reason}" == "${FATAL_ERROR}" ]]; then
-            failure=true
-        fi
-    fi
+    reason="-"
+    # if ! reason=$(is_pr_affected "${package}" "${from}" "${to}") ; then
+    #     skip_package="true"
+    #     if [[ "${reason}" == "${FATAL_ERROR}" ]]; then
+    #         failure=true
+    #     fi
+    # fi
     popd > /dev/null
     if [[ "${failure}" == "true" ]]; then
         echo "Unexpected failure checking ${package}"