/pytest-splunk-addon

A Dynamic test tool for Splunk Technology Add-ons

Primary LanguagePythonOtherNOASSERTION

pytest-splunk-addon

PyPI version Python versions

A Dynamic test tool for Splunk Apps and Add-ons

Features

  • Generate tests for Splunk Knowledge objects in your Splunk Technology Add-ons
  • Validate your add-ons using Splunk + Docker and this test tool

Requirements

  • Docker or an external single instance Splunk deployment

Installation

You can install "pytest-splunk-addon" via pip from PyPI:

$ pip install pytest-splunk-addon

Developing

Note: Must install docker desktop, vscode or pycharm pro optional

Note2: Appinspect requires libmagic verify this has been installed correctly each time a new workstation/vm is used https://dev.splunk.com/enterprise/docs/releaseapps/appinspect/splunkappinspectclitool/installappinspect

$ #setup python venv must be 3.7 $ git clone --recurse-submodules -j8 git@github.com:splunk/pytest-splunk-addon.git

$ /Library/Frameworks/Python.framework/Versions/3.7/bin/python3 -m venv .venv

$ source .venv/bin/activate

$ pip3 install -r requirements_dev.txt

$ pip3 install https://download.splunk.com/misc/appinspect/splunk-appinspect-latest.tar.gz

$ python setup.py develop

Usage

Installation for external Splunk

pip install pytest-splunk-addon

Installation with built in docker orchestration

pip install pytest-splunk-addon[docker]

Basic project structure

The tool assumes the Splunk Add-on is located in a folder "package" in the project root

Triggering the tool:

Create a test file in the tests folder

from pytest_splunk_addon.standard_lib.addon_basic import Basic
    class Test_App(Basic):
        def empty_method():
            pass

Create a Dockerfile-splunk file

ARG SPLUNK_VERSION=latest
FROM splunk/splunk:$SPLUNK_VERSION
ARG SPLUNK_APP=TA_UNKNOWN
ARG SOURCE_PACKAGE=package
COPY deps/apps /opt/splunk/etc/apps/

COPY $SOURCE_PACKAGE /opt/splunk/etc/apps/$SPLUNK_APP

Create a docker-compose.yml update the value of SPLUNK_APP

version: "3.7"
services:
splunk:
    build:
    context: .
    dockerfile: Dockerfile-splunk
    args:
        - SPLUNK_APP=xxxxxxx
    ports:
    - "8000"
    - "8089"
    environment:
    - SPLUNK_PASSWORD=Changed@11
    - SPLUNK_START_ARGS=--accept-license

Run pytest with the add-on and SA-eventgen installed and enabled in an external Splunk deployment

Run pytest with the add-on and SA-eventgen installed and enabled in docker

Contributing

Contributions are very welcome. Tests can be run with pytest, please ensure the coverage at least stays the same before you submit a pull request.

License

Distributed under the terms of the Apache Software License 2.0 license, "pytest-splunk-addon" is free and open source software

Issues

If you encounter any problems, please file an issue along with a detailed description.