A Dynamic test tool for Splunk Apps and Add-ons
- Generate tests for Splunk Knowledge objects in your Splunk Technology Add-ons
- Validate your add-ons using Splunk + Docker and this test tool
- Docker or an external single instance Splunk deployment
You can install "pytest-splunk-addon" via pip from PyPI:
$ pip install pytest-splunk-addon
Note: Must install docker desktop, vscode or pycharm pro optional
Note2: Appinspect requires libmagic verify this has been installed correctly each time a new workstation/vm is used https://dev.splunk.com/enterprise/docs/releaseapps/appinspect/splunkappinspectclitool/installappinspect
$ #setup python venv must be 3.7 $ git clone --recurse-submodules -j8 git@github.com:splunk/pytest-splunk-addon.git
$ /Library/Frameworks/Python.framework/Versions/3.7/bin/python3 -m venv .venv
$ source .venv/bin/activate
$ pip3 install -r requirements_dev.txt
$ pip3 install https://download.splunk.com/misc/appinspect/splunk-appinspect-latest.tar.gz
$ python setup.py develop
Installation for external Splunk
pip install pytest-splunk-addon
Installation with built in docker orchestration
pip install pytest-splunk-addon[docker]
Basic project structure
The tool assumes the Splunk Add-on is located in a folder "package" in the project root
Triggering the tool:
Create a test file in the tests folder
from pytest_splunk_addon.standard_lib.addon_basic import Basic
class Test_App(Basic):
def empty_method():
pass
Create a Dockerfile-splunk file
ARG SPLUNK_VERSION=latest
FROM splunk/splunk:$SPLUNK_VERSION
ARG SPLUNK_APP=TA_UNKNOWN
ARG SOURCE_PACKAGE=package
COPY deps/apps /opt/splunk/etc/apps/
COPY $SOURCE_PACKAGE /opt/splunk/etc/apps/$SPLUNK_APP
Create a docker-compose.yml update the value of SPLUNK_APP
version: "3.7"
services:
splunk:
build:
context: .
dockerfile: Dockerfile-splunk
args:
- SPLUNK_APP=xxxxxxx
ports:
- "8000"
- "8089"
environment:
- SPLUNK_PASSWORD=Changed@11
- SPLUNK_START_ARGS=--accept-license
Run pytest with the add-on and SA-eventgen installed and enabled in an external Splunk deployment
Run pytest with the add-on and SA-eventgen installed and enabled in docker
Contributions are very welcome. Tests can be run with pytest, please ensure the coverage at least stays the same before you submit a pull request.
Distributed under the terms of the Apache Software License 2.0 license, "pytest-splunk-addon" is free and open source software
If you encounter any problems, please file an issue along with a detailed description.