Skip to content

Updates on self-assesment, security-insights, and security.md file or passing CLOMonitor checks #5496

Updates on self-assesment, security-insights, and security.md file or passing CLOMonitor checks

Updates on self-assesment, security-insights, and security.md file or passing CLOMonitor checks #5496

name: CIT Elasticsearch
on:
push:
branches: [main]
pull_request:
branches: [main]
concurrency:
group: ${{ github.workflow }}-${{ (github.event.pull_request && github.event.pull_request.number) || github.ref || github.run_id }}
cancel-in-progress: true
# See https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
permissions: # added using https://github.com/step-security/secure-workflows
contents: read
jobs:
elasticsearch:
runs-on: ubuntu-latest
strategy:
matrix:
version:
- major: 5.x
image: 5.6.16
distribution: elasticsearch
- major: 6.x
image: 6.8.18
distribution: elasticsearch
- major: 7.x
image: 7.14.0
distribution: elasticsearch
name: ${{ matrix.version.distribution }} ${{ matrix.version.major }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
with:
submodules: true
- name: Fetch git tags
run: |
git fetch --prune --unshallow --tags
- uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe
with:
go-version: 1.21.x
- name: Install tools
run: make install-ci
- uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3
- name: Run elasticsearch integration tests
run: bash scripts/es-integration-test.sh ${{ matrix.version.distribution }} ${{ matrix.version.image }}