Skip to content

Commit dc4cec4

Browse files
maximpnmaximpn
committed
test out the OOM testing pipeline integration
1 parent d264ed4 commit dc4cec4

File tree

4 files changed

+205
-17
lines changed

4 files changed

+205
-17
lines changed

.buildkite/scripts/packages/security_detection_engine.sh

Lines changed: 109 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,109 @@
1+
#!/bin/bash
2+
3+
set -euo pipefail
4+
5+
PACKAGE_VERSION=$(yq -r '.version' ./packages/security_detection_engine/manifest.yml)
6+
EPR_INSTANCE_NAME="bk-epr-prebuilt-rules-oom-testing-$BUILDKITE_BUILD_NUMBER"
7+
GCP_ZONE="us-west2-a"
8+
9+
buildkite-agent pipeline upload ./.buildkite/scripts/packages/security_detection_engine/pipeline.yml
10+
11+
# gcloud compute instances create "$EPR_INSTANCE_NAME" \
12+
# --zone=us-west2-a \
13+
# --machine-type=e2-small \
14+
# --network-interface=network-tier=PREMIUM,stack-type=IPV4_ONLY,subnet=default \
15+
# # --maintenance-policy=MIGRATE \
16+
# --provisioning-model=STANDARD \
17+
# # --scopes=https://www.googleapis.com/auth/devstorage.read_only,https://www.googleapis.com/auth/logging.write,https://www.googleapis.com/auth/monitoring.write,https://www.googleapis.com/auth/service.management.readonly,https://www.googleapis.com/auth/servicecontrol,https://www.googleapis.com/auth/trace.append \
18+
# --tags=https-server \
19+
# --create-disk=auto-delete=yes,boot=yes,device-name=instance-20251031-131502,image="$EPR_VM_IMAGE",mode=rw,size=10,type=pd-standard \
20+
# --no-shielded-secure-boot \
21+
# --no-shielded-vtpm \
22+
# --no-shielded-integrity-monitoring \
23+
# --labels=goog-ec-src=vm_add-gcloud \
24+
# --reservation-affinity=any
25+
# --quiet
26+
# echo "--- Deploy EPR instance: $EPR_INSTANCE_NAME (Mock)"
27+
28+
# Save and upload cloud-init configuration
29+
# cat <<YAML > cloud-init.yaml
30+
# package_update: true
31+
# package_upgrade: true
32+
# packages:
33+
# - docker.io
34+
# - openssl
35+
36+
# runcmd:
37+
# - mkdir -p /etc/package-registry/packages
38+
# - chmod 0777 /etc/package-registry/packages
39+
40+
# - mkdir -p /etc/package-registry/certs
41+
# - openssl req -x509 -nodes -newkey rsa:4096 -keyout /etc/package-registry/certs/package-registry.key -out /etc/package-registry/certs/package-registry.crt -subj "/CN=$(curl -s ifconfig.me)" -days 3650
42+
43+
# - docker pull docker.elastic.co/package-registry/package-registry:main
44+
# - docker run -d --name package-registry --restart always -p 443:8443 -v /etc/package-registry/packages:/packages/package-registry:ro -v /etc/package-registry/certs:/etc/package-registry/certs:ro docker.elastic.co/package-registry/package-registry:main --address=0.0.0.0:8443 --tls-key=/etc/package-registry/certs/package-registry.key --tls-cert=/etc/package-registry/certs/package-registry.crt
45+
# YAML
46+
47+
# buildkite-agent artifact upload cloud-init.yaml
48+
49+
50+
# # Trigger the OOM testing pipeline
51+
# cat <<YAML | buildkite-agent pipeline upload
52+
# steps:
53+
# - key: 'deploy-epr-instance-$BUILDKITE_BUILD_NUMBER'
54+
# label: ':package::sparkles: [security_detection_engine] Deploying EPR instance'
55+
# agents:
56+
# provider: gcp
57+
# image: ${IMAGE_UBUNTU_X86_64}
58+
# plugins:
59+
# - elastic/oblt-google-auth#v1.3.0:
60+
# lifetime: 10800 # seconds
61+
# project-id: "elastic-kibana-184716"
62+
# project-number: "261553193300"
63+
# commands:
64+
# - buildkite-agent artifact download cloud-init.yaml .
65+
# - |
66+
# gcloud compute instances create "$EPR_INSTANCE_NAME" \
67+
# --zone="$GCP_ZONE" \
68+
# --machine-type=e2-micro \
69+
# --network-interface=network-tier=PREMIUM,stack-type=IPV4_ONLY,subnet=default \
70+
# --provisioning-model=STANDARD \
71+
# --tags=https-server \
72+
# --create-disk=auto-delete=yes,boot=yes,device-name="$EPR_INSTANCE_NAME",image=projects/cos-cloud/global/images/cos-109-17800-570-50,mode=rw,size=10,type=pd-standard \
73+
# --labels=goog-ec-src=vm_add-gcloud \
74+
# --reservation-affinity=any \
75+
# --metadata-from-file=user-data=cloud-init.yaml \
76+
# --quiet
77+
# - (cd ./packages && zip -r ../security_detection_engine.zip ./security_detection_engine)
78+
# - while :; do sleep 1m && gcloud compute scp --recurse ./security_detection_engine.zip maxim_palenov@maximpn-epr-docker:/etc/package-registry/packages/ --zone "$GCP_ZONE" done
79+
# - buildkite-agent env set EC_PLAN_PROP_FLEET_REGISTRY_URL \$(gcloud compute instances describe "$EPR_INSTANCE_NAME" --zone="$GCP_ZONE" --format='get(networkInterfaces[0].accessConfigs[0].natIP)')
80+
# - key: 'run-oom-testing-$BUILDKITE_BUILD_NUMBER'
81+
# label: ":bar_chart: [security_detection_engine] Trigger OOM testing pipeline"
82+
# depends_on:
83+
# - step: 'deploy-epr-instance-$BUILDKITE_BUILD_NUMBER'
84+
# allow_failure: false
85+
# trigger: "appex-qa-stateful-security-prebuilt-rules-ftr-oom-testing"
86+
# async: false
87+
# build:
88+
# env:
89+
# EC_PLAN_PROP_FLEET_REGISTRY_URL: unknown
90+
# EC_PLAN_PROP_PREBUILT_RULES_PACKAGE_VERSION: "$PACKAGE_VERSION"
91+
# - key: 'remove-epr-instance-$BUILDKITE_BUILD_NUMBER'
92+
# label: ":broom::sparkles: [security_detection_engine] Removing EPR instance"
93+
# depends_on:
94+
# - step: 'run-oom-testing-$BUILDKITE_BUILD_NUMBER'
95+
# allow_failure: true
96+
# agents:
97+
# provider: gcp
98+
# image: ${IMAGE_UBUNTU_X86_64}
99+
# plugins:
100+
# - elastic/oblt-google-auth#v1.3.0:
101+
# lifetime: 10800 # seconds
102+
# project-id: "elastic-kibana-184716"
103+
# project-number: "261553193300"
104+
# command: |
105+
# gcloud compute instances delete $EPR_INSTANCE_NAME --zone=us-west2-a --delete-disks=all --quiet
106+
# YAML
107+
108+
# echo "--- :broom::sparkles: Remove EPR instance: $EPR_INSTANCE_NAME (Mock)"
109+
# gcloud compute instances delete $EPR_INSTANCE_NAME --zone=us-west2-a --delete-disks=all --quiet

.buildkite/scripts/packages/security_detection_engine/pipeline.yml

Lines changed: 68 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,68 @@
1+
steps:
2+
- key: 'deploy-epr-instance-$BUILDKITE_BUILD_NUMBER'
3+
label: ':package::sparkles: [security_detection_engine] Deploying EPR instance'
4+
agents:
5+
provider: gcp
6+
image: ${IMAGE_UBUNTU_X86_64}
7+
env:
8+
EPR_INSTANCE_NAME: 'security-detection-engine-oom-testing-epr-$BUILDKITE_BUILD_NUMBER'
9+
GCP_ZONE: 'us-west2-a'
10+
commands:
11+
- |
12+
cat <<YAML > cloud-init.yaml
13+
package_update: true
14+
package_upgrade: true
15+
packages:
16+
- docker.io
17+
- openssl
18+
19+
runcmd:
20+
- mkdir -p /etc/package-registry/packages
21+
- chmod 0777 /etc/package-registry/packages
22+
23+
- mkdir -p /etc/package-registry/certs
24+
- openssl req -x509 -nodes -newkey rsa:4096 -keyout /etc/package-registry/certs/package-registry.key -out /etc/package-registry/certs/package-registry.crt -subj "/CN=\$(curl -s ifconfig.me)" -days 3650
25+
26+
- docker pull docker.elastic.co/package-registry/package-registry:main
27+
- docker run -d --name package-registry --restart always -p 443:8443 -v /etc/package-registry/packages:/packages/package-registry:ro -v /etc/package-registry/certs:/etc/package-registry/certs:ro docker.elastic.co/package-registry/package-registry:main --address=0.0.0.0:8443 --tls-key=/etc/package-registry/certs/package-registry.key --tls-cert=/etc/package-registry/certs/package-registry.crt
28+
YAML
29+
- |
30+
gcloud compute instances create "\$EPR_INSTANCE_NAME" \
31+
--project=elastic-observability-ci \
32+
--zone="\$GCP_ZONE" \
33+
--machine-type=e2-micro \
34+
--network-interface=network-tier=PREMIUM,stack-type=IPV4_ONLY,subnet=default \
35+
--provisioning-model=STANDARD \
36+
--tags=https-server \
37+
--create-disk=auto-delete=yes,boot=yes,device-name="\$EPR_INSTANCE_NAME",image=projects/cos-cloud/global/images/cos-109-17800-570-50,mode=rw,size=10,type=pd-standard \
38+
--labels=goog-ec-src=vm_add-gcloud \
39+
--reservation-affinity=any \
40+
--metadata-from-file=user-data=cloud-init.yaml \
41+
--quiet
42+
- (cd ./packages && zip -r ../security_detection_engine.zip ./security_detection_engine)
43+
- while :; do sleep 1m && gcloud compute scp --recurse ./security_detection_engine.zip \$EPR_INSTANCE_NAME:/etc/package-registry/packages/ --zone "\$GCP_ZONE" done
44+
- buildkite-agent env set EC_PLAN_PROP_FLEET_REGISTRY_URL \$(gcloud compute instances describe "\$EPR_INSTANCE_NAME" --zone="\$GCP_ZONE" --format='get(networkInterfaces[0].accessConfigs[0].natIP)')
45+
- key: 'run-oom-testing-$BUILDKITE_BUILD_NUMBER'
46+
label: ':bar_chart: [security_detection_engine] Trigger OOM testing pipeline'
47+
depends_on:
48+
- step: 'deploy-epr-instance-$BUILDKITE_BUILD_NUMBER'
49+
allow_failure: false
50+
trigger: 'appex-qa-stateful-security-prebuilt-rules-ftr-oom-testing'
51+
async: false
52+
build:
53+
env:
54+
EC_PLAN_PROP_FLEET_REGISTRY_URL: unknown
55+
EC_PLAN_PROP_PREBUILT_RULES_PACKAGE_VERSION: '$PACKAGE_VERSION'
56+
- key: 'remove-epr-instance-$BUILDKITE_BUILD_NUMBER'
57+
label: ':broom::sparkles: [security_detection_engine] Removing EPR instance'
58+
depends_on:
59+
- step: 'run-oom-testing-$BUILDKITE_BUILD_NUMBER'
60+
allow_failure: true
61+
agents:
62+
provider: gcp
63+
image: ${IMAGE_UBUNTU_X86_64}
64+
command: |
65+
gcloud compute instances delete \$EPR_INSTANCE_NAME \
66+
--project=elastic-observability-ci \
67+
--zone="\$GCP_ZONE" \
68+
--delete-disks=all --quiet

.buildkite/scripts/test_one_package.sh

Lines changed: 19 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -19,20 +19,28 @@ add_bin_path
1919

2020
with_yq
2121
with_mage
22-
with_docker
23-
with_docker_compose_plugin
24-
with_kubernetes
22+
# with_docker
23+
# with_docker_compose_plugin
24+
# with_kubernetes
2525

2626
use_elastic_package
2727

28-
pushd packages > /dev/null
29-
exit_code=0
30-
if ! process_package "${package}" ; then
31-
# keep this message as a collapsed group in Buildkite, so it
32-
# is not hidden by the previous collapsed group.
33-
echo "--- [${package}] failed"
34-
exit_code=1
28+
# pushd packages > /dev/null
29+
# exit_code=0
30+
# if ! process_package "${package}" ; then
31+
# # keep this message as a collapsed group in Buildkite, so it
32+
# # is not hidden by the previous collapsed group.
33+
# echo "--- [${package}] failed"
34+
# exit_code=1
35+
# fi
36+
# popd > /dev/null
37+
38+
if [ -x "./.buildkite/scripts/packages/$package.sh" ]; then
39+
echo "--- [${package}] Run individual package checker"
40+
"./.buildkite/scripts/packages/$package.sh"
41+
else
42+
echo "--- [${package}] Individual package checker ./packages/$package.sh is not found, continuing..."
3543
fi
36-
popd > /dev/null
3744

45+
exit_code=0
3846
exit "${exit_code}"

.buildkite/scripts/trigger_integrations_in_parallel.sh

Lines changed: 9 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -51,18 +51,21 @@ fi
5151

5252
packages_to_test=0
5353

54+
PACKAGE_LIST="security_detection_engine"
55+
5456
for package in ${PACKAGE_LIST}; do
5557
# check if needed to create an step for this package
5658
echo "--- [$package] check if it is required to be tested"
5759
pushd "packages/${package}" > /dev/null
5860
skip_package="false"
5961
failure="false"
60-
if ! reason=$(is_pr_affected "${package}" "${from}" "${to}") ; then
61-
skip_package="true"
62-
if [[ "${reason}" == "${FATAL_ERROR}" ]]; then
63-
failure=true
64-
fi
65-
fi
62+
reason="-"
63+
# if ! reason=$(is_pr_affected "${package}" "${from}" "${to}") ; then
64+
# skip_package="true"
65+
# if [[ "${reason}" == "${FATAL_ERROR}" ]]; then
66+
# failure=true
67+
# fi
68+
# fi
6669
popd > /dev/null
6770
if [[ "${failure}" == "true" ]]; then
6871
echo "Unexpected failure checking ${package}"

0 commit comments

Comments
 (0)