testing commit for runtime jdk 21 upgrade #3375
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ACS Packaging CI | |
on: | |
pull_request: | |
branches: | |
- feature/** | |
- fix/** | |
- master | |
- release/** | |
push: | |
branches: | |
- feature/** | |
- fix/** | |
workflow_call: | |
workflow_dispatch: | |
env: | |
AZURE_AUTHENTICATION_MODE: sharedKey | |
AZURE_STORAGE_ACCOUNT_NAME: acspackagingci | |
AZURE_STORAGE_ACCOUNT_KEY: ${{ secrets.AZURE_PACKAGING_STORAGE_ACCOUNT_KEY }} | |
DOCKERHUB_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | |
DOCKERHUB_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
GITHUB_ACTIONS_DEPLOY_TIMEOUT: 60 | |
GIT_USERNAME: ${{ secrets.BOT_GITHUB_USERNAME }} | |
GIT_EMAIL: ${{ secrets.BOT_GITHUB_EMAIL }} | |
GIT_PASSWORD: ${{ secrets.BOT_GITHUB_TOKEN }} | |
MAVEN_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} | |
MAVEN_USERNAME: ${{ secrets.NEXUS_USERNAME }} | |
QUAY_PASSWORD: ${{ secrets.QUAY_PASSWORD }} | |
QUAY_USERNAME: ${{ secrets.QUAY_USERNAME }} | |
CI_WORKSPACE: ${{ github.workspace }} | |
AWS_REGION: eu-west-1 | |
TAS_ENVIRONMENT: ./tests/environment | |
TAS_SCRIPTS: ../alfresco-community-repo/packaging/tests/scripts | |
ALF_LICENCE_S3_PATH: s3://acs-license/acs/alf23-allenabled.lic | |
ALF_LICENCE_LOCAL_PATH: /tmp/licence.lic | |
PYTHON_VERSION: 3.7.15 | |
DTAS_VERSION: v1.5.5 | |
jobs: | |
veracode_sca: | |
name: "Source Clear Scan (SCA)" | |
runs-on: ubuntu-latest | |
if: > | |
(github.ref_name == 'master' || startsWith(github.ref_name, 'release/') || github.event_name == 'pull_request') && | |
!contains(github.event.head_commit.message, '[skip tests]') | |
steps: | |
- uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.1 | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.1 | |
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.1 | |
- name: "Init" | |
run: bash ./scripts/ci/init.sh | |
- uses: Alfresco/alfresco-build-tools/.github/actions/veracode@v7.1.1 | |
continue-on-error: true | |
with: | |
srcclr-api-token: ${{ secrets.SRCCLR_API_TOKEN }} | |
- name: "Clean Maven cache" | |
run: bash ./scripts/ci/cleanup_cache.sh | |
veracode_sast_acs: | |
name: "Pipeline SAST Scan - ACS" | |
runs-on: ubuntu-latest | |
if: > | |
(github.ref_name == 'master' || startsWith(github.ref_name, 'release/') || github.event_name == 'pull_request') && | |
github.actor != 'dependabot[bot]' && | |
!contains(github.event.head_commit.message, '[skip tests]') | |
steps: | |
- uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.1 | |
- uses: actions/checkout@v4 | |
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.1 | |
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.1 | |
- uses: Alfresco/alfresco-build-tools/.github/actions/github-download-file@v7.1.1 | |
with: | |
token: ${{ secrets.BOT_GITHUB_TOKEN }} | |
repository: "Alfresco/veracode-baseline-archive" | |
file-path: "acs-packaging/acs-packaging-acs-baseline.json" | |
target: "baseline.json" | |
- name: "Build" | |
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} | |
run: | | |
bash ./scripts/ci/init.sh | |
bash ./scripts/ci/build.sh | |
- name: "Run SAST Scan" | |
uses: veracode/Veracode-pipeline-scan-action@v1.0.16 | |
with: | |
vid: '${{ secrets.VERACODE_API_ID }}' | |
vkey: '${{ secrets.VERACODE_API_KEY }}' | |
file: "distribution/target/alfresco.war" | |
fail_build: true | |
project_name: acs-packaging-acs | |
issue_details: true | |
veracode_policy_name: Alfresco Default | |
summary_output: true | |
summary_output_file: results.json | |
summary_display: true | |
baseline_file: baseline.json | |
- name: Upload scan result | |
if: success() || failure() | |
run: zip readable_output.zip results.json | |
- name: Upload Artifact | |
if: success() || failure() | |
uses: actions/upload-artifact@v4 | |
with: | |
name: Veracode Pipeline-Scan Results - ACS (Human Readable) | |
path: readable_output.zip | |
- name: "Clean Maven cache" | |
run: bash ./scripts/ci/cleanup_cache.sh | |
### TODO: Implement SAST scan for Share when it starts working, since currently scanning Share crashes the Veracode engine | |
pmd_scan: | |
name: "PMD Scan" | |
runs-on: ubuntu-latest | |
if: > | |
github.event_name == 'pull_request' && | |
!contains(github.event.head_commit.message, '[skip pmd]') && | |
!contains(github.event.head_commit.message, '[skip tests]') | |
steps: | |
- uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.1 | |
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.1 | |
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.1 | |
- uses: Alfresco/ya-pmd-scan@v4.1.0 | |
with: | |
classpath-build-command: "bash ./scripts/ci/init.sh && bash ./scripts/ci/build.sh" | |
tas_tests: | |
name: ${{ matrix.testSuite }} TAS tests | |
runs-on: ubuntu-latest | |
if: > | |
contains(github.event.head_commit.message, '[tas]') && | |
!contains(github.event.head_commit.message, '[skip tests]') | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- testSuite: REST API part1 | |
pom-dir: tests/tas-restapi | |
profiles: all-tas-tests,run-restapi-part1 | |
compose-file: docker-compose-rest-api-tests.yml | |
deploy-timeout: 60 | |
- testSuite: REST API part2 | |
pom-dir: tests/tas-restapi | |
profiles: all-tas-tests,run-restapi-part2 | |
compose-file: docker-compose-rest-api-tests.yml | |
deploy-timeout: 60 | |
- testSuite: REST API part3 | |
pom-dir: tests/tas-restapi | |
profiles: all-tas-tests,run-restapi-part3 | |
compose-file: docker-compose-rest-api-tests.yml | |
deploy-timeout: 60 | |
- testSuite: CMIS (BROWSER binding) | |
pom-dir: tests/tas-cmis | |
profiles: all-tas-tests,run-cmis-browser | |
compose-file: docker-compose-cmis-tests.yml | |
deploy-timeout: 60 | |
- testSuite: CMIS (ATOM binding) | |
pom-dir: tests/tas-cmis | |
profiles: all-tas-tests,run-cmis-atom | |
compose-file: docker-compose-cmis-tests.yml | |
deploy-timeout: 60 | |
- testSuite: CMIS (WEBSERVICES binding) | |
pom-dir: tests/tas-cmis | |
profiles: all-tas-tests,run-cmis-webservices | |
compose-file: docker-compose-cmis-tests.yml | |
deploy-timeout: 60 | |
- testSuite: Email | |
pom-dir: tests/tas-email | |
profiles: all-tas-tests | |
compose-file: docker-compose-email-tests.yml | |
deploy-timeout: 30 | |
- testSuite: WebDAV | |
pom-dir: tests/tas-webdav | |
profiles: all-tas-tests | |
compose-file: docker-compose-minimal.yml | |
deploy-timeout: 20 | |
- testSuite: Integration | |
pom-dir: tests/tas-integration | |
profiles: all-tas-tests | |
compose-file: docker-compose-integration-tests.yml | |
deploy-timeout: 30 | |
- testSuite: LDAP | |
pom-dir: tests/tas-integration | |
profiles: run-ldap | |
compose-file: docker-compose-with-ldap.yml | |
deploy-timeout: 10 | |
steps: | |
- uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.1 | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.1 | |
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.1 | |
- name: "Build" | |
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} | |
run: | | |
bash ./scripts/ci/init.sh | |
bash ./scripts/ci/build.sh | |
- name: "Set up the environment" | |
run: | | |
${{ env.TAS_SCRIPTS }}/start-compose.sh ${{ env.TAS_ENVIRONMENT }}/${{ matrix.compose-file }} | |
${{ env.TAS_SCRIPTS }}/wait-for-alfresco-start.sh "http://localhost:8082/alfresco" | |
- name: "Run tests" | |
id: tests | |
timeout-minutes: ${{ matrix.deploy-timeout }} | |
run: mvn -B install -ntp -f ${{ matrix.pom-dir }}/pom.xml -P${{ matrix.profiles }} -Denvironment=default -DrunBugs=false | |
- name: "Print output after failure" | |
if: ${{ always() && steps.tests.outcome == 'failure' }} | |
run: ${TAS_SCRIPTS}/output_logs_for_failures.sh "${{ matrix.pom-dir }}" | |
- name: "Clean Maven cache" | |
run: bash ./scripts/ci/cleanup_cache.sh | |
tas_tests_with_aims: | |
name: ${{ matrix.testSuite }} TAS tests with AIMS | |
runs-on: ubuntu-latest | |
if: > | |
!contains(github.event.head_commit.message, '[skip tas]') && | |
!contains(github.event.head_commit.message, '[skip tests]') | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- testSuite: REST API | |
pom: tests/tas-restapi/pom.xml | |
profiles: all-tas-tests,run-restapi-aims | |
log-folder: tests/tas-restapi | |
deploy-timeout: 60 | |
- testSuite: CMIS - BROWSER binding | |
pom: tests/tas-cmis/pom.xml | |
profiles: all-tas-tests,run-cmis-browser-with-aims | |
log-folder: tests/tas-cmis | |
deploy-timeout: 40 | |
- testSuite: CMIS - ATOM binding | |
pom: tests/tas-cmis/pom.xml | |
profiles: all-tas-tests,run-cmis-atom-with-aims | |
log-folder: tests/tas-cmis | |
deploy-timeout: 40 | |
steps: | |
- uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.1 | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.1 | |
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.1 | |
- name: "Build" | |
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} | |
run: | | |
bash ./scripts/ci/init.sh | |
bash ./scripts/ci/build.sh | |
- name: "Set up the environment" | |
id: env | |
run: | | |
${{ env.TAS_SCRIPTS }}/start-compose.sh ${{ env.TAS_ENVIRONMENT }}/docker-compose-aims.yml | |
${{ env.TAS_SCRIPTS }}/wait-for-alfresco-start.sh "http://localhost:8082/alfresco" 180 | |
- name: "Run tests" | |
id: tests | |
timeout-minutes: ${{ matrix.deploy-timeout }} | |
run: | | |
HOST_IP=$(hostname -I | cut -f1 -d' ') | |
mvn -B install -ntp -f ${{ matrix.pom }} -P${{ matrix.profiles }} -Denvironment=aims-environment -DrunBugs=false "-Didentity-service.auth-server-url=http://${HOST_IP}:8999/auth" | |
- name: "Print output after failure" | |
if: ${{ always() && steps.tests.outcome == 'failure' }} | |
run: ${TAS_SCRIPTS}/output_logs_for_failures.sh ${{ matrix.log-folder }} | |
- name: "Dump all Docker containers logs" | |
uses: Alfresco/alfresco-build-tools/.github/actions/docker-dump-containers-logs@v7.1.1 | |
if: failure() && (steps.tests.outcome == 'failure' || steps.env.outcome == 'failure') | |
- name: "Clean Maven cache" | |
run: bash ./scripts/ci/cleanup_cache.sh | |
cmis_tas_tests_elasticsearch: | |
name: CMIS TAS tests - Elastic Search | ${{ matrix.testSuite }} (CMIS API) | |
runs-on: ubuntu-latest | |
if: > | |
!contains(github.event.head_commit.message, '[skip search]') && | |
!contains(github.event.head_commit.message, '[skip tests]') | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- testSuite: postgreSQL | |
db-properties: -Ddb.driver=org.postgresql.Driver -Ddb.username=alfresco -Ddb.password=alfresco -Ddb.url=jdbc:postgresql://database:5432/alfresco | |
compose-file: docker-compose-postgres.yml | |
- testSuite: MySQL | |
db-properties: -Ddb.driver=com.mysql.cj.jdbc.Driver -Ddb.username=alfresco -Ddb.password=alfresco -Ddb.url=jdbc:mysql://database:3306/alfresco | |
compose-file: docker-compose-mysql.yml | |
- testSuite: MariaDB 10.6 | |
db-properties: -Ddb.driver=org.mariadb.jdbc.Driver -Ddb.username=alfresco -Ddb.password=alfresco -Ddb.url=jdbc:mariadb://database:3306/alfresco | |
compose-file: docker-compose-mariadb.yml | |
- testSuite: MS SQL | |
db-properties: -Ddb.driver=com.microsoft.sqlserver.jdbc.SQLServerDriver -Ddb.username=sa -Ddb.password=Alfresco1 -Ddb.url=jdbc:sqlserver://database:1433 -Ddb.txn.isolation=4096 -Ddb.pool.max=275 | |
compose-file: docker-compose-mssql.yml | |
- testSuite: Oracle 19.3.0-ee | |
db-properties: -Ddb.driver=oracle.jdbc.OracleDriver -Ddb.name=alfresco -Ddb.url=jdbc:oracle:thin:@database:1521/PDB1 -Ddb.username=alfresco -Ddb.password=alfresco | |
compose-file: docker-compose-oracle.yml | |
steps: | |
- uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.1 | |
with: | |
merge-disk-volumes: true | |
root-reserve-mb: 16384 | |
remove-android: 'true' | |
remove-codeql: 'true' | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.1 | |
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.1 | |
- name: "Build" | |
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} | |
run: | | |
bash ./scripts/ci/init.sh | |
bash ./scripts/ci/build.sh | |
- name: "Set up the environment configuration" | |
run: | | |
echo "CMIS_ALFRESCO_IMAGE=alfresco-repository-databases:latest" >> $GITHUB_ENV | |
echo "DATABASE_ENV_PROPERTIES=${{matrix.db-properties}}" >> $GITHUB_ENV | |
- name: "Run the environment" | |
id: env | |
run: | | |
${{ env.TAS_SCRIPTS }}/start-compose.sh ${{ env.TAS_ENVIRONMENT }}/docker-compose-cmis-elastic-tests.yml ${{ env.TAS_ENVIRONMENT }}/${{matrix.compose-file}} | |
${{ env.TAS_SCRIPTS }}/wait-for-alfresco-start.sh "http://localhost:8082/alfresco" | |
- name: "Run tests" | |
id: tests | |
timeout-minutes: 40 | |
run: mvn -B install -ntp -f tests/tas-cmis/pom.xml -Pall-tas-tests,run-cmis-with-elastic -Denvironment=default -DrunBugs=false | |
- name: "Print output after failure" | |
if: failure() && (steps.tests.outcome == 'failure' || steps.env.outcome == 'failure') | |
run: ${TAS_SCRIPTS}/output_logs_for_failures.sh "tests/tas-cmis" | |
- name: "Dump all Docker containers logs" | |
uses: Alfresco/alfresco-build-tools/.github/actions/docker-dump-containers-logs@v7.1.1 | |
if: failure() && (steps.tests.outcome == 'failure' || steps.env.outcome == 'failure') | |
- name: "Clean Maven cache" | |
run: bash ./scripts/ci/cleanup_cache.sh | |
cmis_tas_tests_opensearch: | |
name: "CMIS TAS tests - Open Search (CMIS API)" | |
runs-on: ubuntu-latest | |
if: > | |
!contains(github.event.head_commit.message, '[skip search]') && | |
!contains(github.event.head_commit.message, '[skip tests]') | |
steps: | |
- uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.1 | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.1 | |
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.1 | |
- name: "Build" | |
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} | |
run: | | |
bash ./scripts/ci/init.sh | |
bash ./scripts/ci/build.sh | |
- name: "Set up the environment" | |
run: | | |
${{ env.TAS_SCRIPTS }}/start-compose.sh ${{ env.TAS_ENVIRONMENT }}/docker-compose-cmis-opensearch-tests.yml | |
${{ env.TAS_SCRIPTS }}/wait-for-alfresco-start.sh "http://localhost:8082/alfresco" | |
- name: "Run tests" | |
id: tests | |
timeout-minutes: 40 | |
run: mvn -B install -ntp -f tests/tas-cmis/pom.xml -Pall-tas-tests,run-cmis-with-elastic -Denvironment=default -DrunBugs=false | |
- name: "Print output after failure" | |
if: ${{ always() && steps.tests.outcome == 'failure' }} | |
run: ${TAS_SCRIPTS}/output_logs_for_failures.sh "tests/tas-cmis" | |
- name: "Clean Maven cache" | |
run: bash ./scripts/ci/cleanup_cache.sh | |
tas_tests_search_api: | |
name: ${{ matrix.testSuite }} | TAS tests (Search API) | |
runs-on: alfrescoPub-ubuntu2204-16G-4CPU | |
if: > | |
(github.ref_name == 'master' || startsWith(github.ref_name, 'release/') || github.event_name == 'pull_request') && | |
!contains(github.event.head_commit.message, '[skip search]') && | |
!contains(github.event.head_commit.message, '[skip tests]') | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- testSuite: Elasticsearch postgreSQL | |
profiles: all-tas-tests,elastic | |
search-engine-type: elasticsearch | |
db-type: postgresql | |
- testSuite: Elasticsearch MySQL | |
profiles: all-tas-tests,elastic | |
search-engine-type: elasticsearch | |
db-type: mysql | |
- testSuite: Elasticsearch Maria DB 10.6 | |
profiles: all-tas-tests,elastic | |
search-engine-type: elasticsearch | |
db-type: mariadb | |
- testSuite: Elasticsearch MS SQL | |
profiles: all-tas-tests,elastic | |
search-engine-type: elasticsearch | |
db-type: mssql | |
- testSuite: Elasticsearch Oracle 19.3.0-ee | |
profiles: all-tas-tests,elastic | |
search-engine-type: elasticsearch | |
db-type: oracle | |
- testSuite: Opensearch | |
profiles: all-tas-tests,elastic | |
search-engine-type: opensearch | |
db-type: postgresql | |
- testSuite: Elasticsearch Basic Auth postgreSQL | |
profiles: all-tas-tests,elastic-basic-auth | |
search-engine-type: elasticsearch | |
db-type: postgresql | |
- testSuite: Elasticsearch Basic Auth MySQL | |
profiles: all-tas-tests,elastic-basic-auth | |
search-engine-type: elasticsearch | |
db-type: mysql | |
- testSuite: Elasticsearch Basic Auth MariaDB 10.6 | |
profiles: all-tas-tests,elastic-basic-auth | |
search-engine-type: elasticsearch | |
db-type: mariadb | |
- testSuite: Elasticsearch Basic Auth MS SQL | |
profiles: all-tas-tests,elastic-basic-auth | |
search-engine-type: elasticsearch | |
db-type: mssql | |
- testSuite: Elasticsearch Basic Auth Oracle 19.3.0-ee | |
profiles: all-tas-tests,elastic-basic-auth | |
search-engine-type: elasticsearch | |
db-type: oracle | |
- testSuite: Opensearch Basic Auth | |
profiles: all-tas-tests,elastic-basic-auth | |
search-engine-type: opensearch | |
db-type: postgresql | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.1 | |
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.1 | |
- name: "Build" | |
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} | |
run: | | |
bash ./scripts/ci/init.sh | |
bash ./scripts/ci/build.sh | |
- name: "Run tests" | |
id: tests | |
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} | |
run: mvn -B install -ntp -pl ":content-repository-elasticsearch-test" -am -P${{ matrix.profiles }} -Denvironment=default -DrunBugs=false "-Dsearch.engine.type=${{ matrix.search-engine-type }}" "-Ddatabase.type=${{ matrix.db-type }}" -Dindeximage="alfresco-es-indexing-jdbc:latest" -Dreindeximage="alfresco-es-reindexing-jdbc:latest" -Drepoimage="alfresco-repository-databases:latest" | |
- name: "Dump all Docker containers logs" | |
uses: Alfresco/alfresco-build-tools/.github/actions/docker-dump-containers-logs@v7.1.1 | |
if: failure() && steps.tests.outcome == 'failure' | |
- name: "Clean Maven cache" | |
run: bash ./scripts/ci/cleanup_cache.sh | |
upgrade_tas_tests: | |
name: ${{ matrix.testSuite }} Upgrade TAS tests | |
runs-on: alfrescoPub-ubuntu2204-16G-4CPU | |
if: > | |
(github.ref_name == 'master' || startsWith(github.ref_name, 'release/') || github.event_name == 'pull_request') && | |
!contains(github.event.head_commit.message, '[skip search]') && | |
!contains(github.event.head_commit.message, '[skip tests]') | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- testSuite: Elasticsearch | |
search-engine-type: elasticsearch | |
- testSuite: Opensearch | |
search-engine-type: opensearch | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.1 | |
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.1 | |
- name: "Build" | |
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} | |
run: | | |
bash ./scripts/ci/init.sh | |
bash ./scripts/ci/build.sh | |
- name: "Configure AWS credentials" | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_S3_ACSLICENSE_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_S3_ACSLICENSE_SECRET_ACCESS_KEY }} | |
aws-region: ${{ env.AWS_REGION }} | |
- name: "Copy Licence" | |
run: aws s3 cp ${ALF_LICENCE_S3_PATH} ${ALF_LICENCE_LOCAL_PATH} | |
- name: "Run tests" | |
id: tests | |
timeout-minutes: 30 | |
run: mvn -B install -ntp -pl ":content-repository-elasticsearch-test" -am -Pall-tas-tests,elastic-upgrade -Denvironment=default -DrunBugs=false "-Dsearch.engine.type=${{ matrix.search-engine-type }}" "-Ddatabase.type=postgresql" "-Dindeximage=alfresco-es-indexing-jdbc:latest" "-Dreindeximage=alfresco-es-reindexing-jdbc:latest" "-Drepoimage=alfresco-repository-databases:latest" | |
- name: "Dump all Docker containers logs" | |
uses: Alfresco/alfresco-build-tools/.github/actions/docker-dump-containers-logs@v7.1.1 | |
if: failure() && steps.tests.outcome == 'failure' | |
- name: "Clean Maven cache" | |
run: bash ./scripts/ci/cleanup_cache.sh | |
all_amps_tests: | |
name: "All AMPs tests" | |
runs-on: ubuntu-latest | |
if: > | |
!contains(github.event.head_commit.message, '[skip tests]') | |
steps: | |
- uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.1 | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.1 | |
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.1 | |
- name: "Build" | |
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} | |
run: | | |
bash ./scripts/ci/init.sh | |
bash ./scripts/ci/build.sh | |
- name: "Set up the environment" | |
run: mvn -B -q install -ntp -f tests/tas-all-amps/pom.xml -DskipTests -Pall-tas-tests,prepare-wars-with-amps | |
- name: "Check duplicate libraries" | |
run: ./tests/scripts/checkLibraryDuplicates.sh ./tests/tas-all-amps/target/war/alfresco/WEB-INF/lib | |
- name: "Run the environment" | |
id: env | |
env: | |
AWS_ACCESS_KEY: ${{ secrets.AWS_S3_PIPELINE_AMPS_ACCESS_KEY_ID }} | |
AWS_SECRET_KEY: ${{ secrets.AWS_S3_PIPELINE_AMPS_SECRET_ACCESS_KEY }} | |
run: | | |
${{ env.TAS_SCRIPTS }}/start-compose.sh ${{ env.TAS_ENVIRONMENT }}/docker-compose-all-amps-test.yml | |
${{ env.TAS_SCRIPTS }}/wait-for-alfresco-start.sh "http://localhost:8082/alfresco" | |
- name: "Run tests" | |
id: tests | |
timeout-minutes: 20 | |
run: mvn -B install -ntp -f tests/tas-all-amps/pom.xml -Pall-tas-tests -Denvironment=default -DrunBugs=false | |
- name: "Print output after failure" | |
if: failure() && steps.tests.outcome == 'failure' | |
run: ${TAS_SCRIPTS}/output_logs_for_failures.sh "tests/tas-all-amps" | |
- name: "Dump all Docker containers logs" | |
uses: Alfresco/alfresco-build-tools/.github/actions/docker-dump-containers-logs@v7.1.1 | |
if: failure() && (steps.tests.outcome == 'failure' || steps.env.outcome == 'failure') | |
- name: "Clean Maven cache" | |
run: bash ./scripts/ci/cleanup_cache.sh | |
tas_test_with_mtls: | |
name: ${{ matrix.testSuite }} TAS tests with mutal TLS | |
runs-on: ubuntu-latest | |
if: > | |
!contains(github.event.head_commit.message, '[skip mtls]') && | |
!contains(github.event.head_commit.message, '[skip tests]') | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- testSuite: Transform Service Mutal TLS | |
pom-dir: tests/tas-mtls | |
profiles: run-mtls | |
compose-file: docker-compose-mtls.yml | |
mtls: true | |
disabledHostnameVerification: false | |
deploy-timeout: 10 | |
- testSuite: Transform Service Mutal TLS Disabled Hostname Verification | |
pom-dir: tests/tas-mtls | |
profiles: run-mtls | |
compose-file: docker-compose-mtls.yml | |
mtls: true | |
disabledHostnameVerification: true | |
deploy-timeout: 10 | |
steps: | |
- uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.1 | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.1 | |
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.1 | |
- name: "Generate Keystores and Truststores for Mutual TLS configuration" | |
if: ${{ matrix.mtls }} | |
run: | | |
git clone -b "master" --depth=1 "https://${{ secrets.BOT_GITHUB_USERNAME }}:${{ secrets.BOT_GITHUB_TOKEN }}@github.com/Alfresco/alfresco-ssl-generator.git" | |
if ${{ matrix.disabledHostnameVerification }} ; then | |
bash ${{ env.CI_WORKSPACE }}/alfresco-ssl-generator/scripts/ci/generate_keystores_wrong_hostnames.sh | |
echo "HOSTNAME_VERIFICATION_DISABLED=true" >> "$GITHUB_ENV" | |
else | |
bash ${{ env.CI_WORKSPACE }}/alfresco-ssl-generator/scripts/ci/generate_keystores.sh | |
echo "HOSTNAME_VERIFICATION_DISABLED=false" >> "$GITHUB_ENV" | |
fi | |
bash ${{ env.CI_WORKSPACE }}/alfresco-ssl-generator/scripts/ci/convert_testclient_keystore_to_pem.sh "${{ env.CI_WORKSPACE }}" | |
- name: "Build" | |
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} | |
run: | | |
bash ./scripts/ci/init.sh | |
bash ./scripts/ci/build.sh | |
- name: "Set up the environment" | |
run: | | |
${{ env.TAS_SCRIPTS }}/start-compose.sh ${{ env.TAS_ENVIRONMENT }}/${{ matrix.compose-file }} | |
${{ env.TAS_SCRIPTS }}/wait-for-alfresco-start.sh "https://localhost:8443/alfresco" | |
- name: "Run tests" | |
id: tests | |
timeout-minutes: ${{ matrix.deploy-timeout }} | |
run: mvn -B install -ntp -f ${{ matrix.pom-dir }}/pom.xml -P${{ matrix.profiles }} -Denvironment=default -DrunBugs=false | |
- name: "Print output after failure" | |
if: ${{ always() && steps.tests.outcome == 'failure' }} | |
run: ${TAS_SCRIPTS}/output_logs_for_failures.sh "${{ matrix.pom-dir }}" | |
- name: "Clean Maven cache" | |
run: bash ./scripts/ci/cleanup_cache.sh | |
distribution_zip_content_tests: | |
name: "Distribution Zip content tests (Java ${{ matrix.java-version }})" | |
runs-on: ubuntu-latest | |
if: > | |
!contains(github.event.head_commit.message, '[skip tests]') | |
strategy: | |
fail-fast: false | |
matrix: | |
java-version: [17, 21] | |
steps: | |
- uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.1 | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.1 | |
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.1 | |
- name: "Build" | |
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} | |
run: | | |
bash ./scripts/ci/init.sh | |
bash ./scripts/ci/build.sh | |
- name: "Set up the environment" | |
run: mvn -B -V clean install -ntp -Pags -DskipTests -Dmaven.javadoc.skip=true | |
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.1 | |
with: | |
java-version: ${{ matrix.java-version }} | |
- name: "Run tests" | |
id: tests | |
timeout-minutes: 20 | |
run: mvn -B install -ntp -f tests/tas-distribution-zip/pom.xml -Prun-distribution-zip-contents-check -DrunBugs=false | |
- name: "Print output after failure" | |
if: ${{ always() && steps.tests.outcome == 'failure' }} | |
run: ${TAS_SCRIPTS}/output_logs_for_failures.sh "tests/tas-distribution-zip" | |
- name: "Clean Maven cache" | |
run: bash ./scripts/ci/cleanup_cache.sh | |
single_pipeline_image_tests: | |
name: "Single Pipeline image tests (Java ${{ matrix.java-version }})" | |
runs-on: ubuntu-latest | |
if: > | |
github.event_name != 'pull_request' && | |
!contains(github.event.head_commit.message, '[skip tests]') | |
strategy: | |
fail-fast: false | |
matrix: | |
java-version: [DEFAULT, 21] | |
steps: | |
- uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.1 | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.1 | |
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.1 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ env.PYTHON_VERSION }} | |
- name: "Build" | |
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} | |
run: | | |
bash ./scripts/ci/init.sh | |
bash ./scripts/ci/build.sh | |
- name: "Set up the environment" | |
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} | |
env: | |
AWS_ACCESS_KEY: ${{ secrets.AWS_S3_PIPELINE_AMPS_ACCESS_KEY_ID }} | |
AWS_SECRET_KEY: ${{ secrets.AWS_S3_PIPELINE_AMPS_SECRET_ACCESS_KEY }} | |
run: | | |
mvn -B clean install -ntp -Ppipeline,build-docker-images \ | |
$(mvn -B -q help:evaluate "-Dexpression=dependency.alfresco-enterprise-repo.version" -DforceStdout | grep -q '\-SNAPSHOT$' && echo '-Drepo.image.tag=latest') $(mvn -B -q help:evaluate "-Dexpression=dependency.alfresco-enterprise-share.version" -DforceStdout | grep -q '\-SNAPSHOT$' && echo '-Dshare.image.tag=latest') \ | |
-Dimage.java.version=${{ matrix.java-version }} | |
cat tests/pipeline-all-amps/repo/target/dtas/dtas-config.json | |
pip install requests pytest==6.2.4 pytest-testinfra==6.3.0 jmespath==0.10.0 | |
git clone --depth 1 --branch $DTAS_VERSION https://${GIT_USERNAME}:${GIT_PASSWORD}@github.com/Alfresco/alfresco-deployment-test-automation-scripts.git dtas | |
docker images | grep pipeline | |
${TAS_SCRIPTS}/start-compose.sh ${TAS_ENVIRONMENT}/docker-compose-pipeline-all-amps.yml | |
${TAS_SCRIPTS}/wait-for-alfresco-start.sh "http://localhost:8080/alfresco/" 180 | |
docker ps | |
curl -v --user admin.pipeline@alfresco.com:admin http://localhost:8080/alfresco/api/discovery | |
- name: "Run tests" | |
run: | | |
cd dtas | |
pytest --configuration ../tests/pipeline-all-amps/repo/target/dtas/dtas-config.json tests/ -s | |
- name: "Clean Maven cache" | |
run: bash ./scripts/ci/cleanup_cache.sh | |
test_tomcat_deployment: | |
name: "Test Tomcat deployment" | |
runs-on: ubuntu-latest | |
if: > | |
!contains(github.event.head_commit.message, '[skip tests]') | |
steps: | |
- uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.1 | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.1 | |
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.1 | |
- name: "Build" | |
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} | |
run: | | |
bash ./scripts/ci/init.sh | |
bash ./scripts/ci/build.sh | |
- name: "Set up the environment" | |
run: | | |
${{ env.TAS_SCRIPTS }}/start-compose.sh ./dev/docker-compose.yml | |
${{ env.TAS_SCRIPTS }}/wait-for-alfresco-start.sh "http://localhost:8983/solr" | |
- name: "Run tomcat, verify it starts" | |
id: tests | |
run: | | |
(mvn -B clean install -Prun -rf dev &) | |
curl --retry 60 --retry-max-time 300 --retry-delay 5 --retry-all-errors --fail "http://localhost:8080/alfresco/api/-default-/public/alfresco/versions/1/probes/-ready-" | |
echo "Test Alfresco Repository availability" | |
curl -Ls -o /dev/null --fail "http://localhost:8080/alfresco" | |
echo "Test Share availability" | |
curl -Ls -o /dev/null --fail "http://localhost:8080/share" | |
pipeline_test_docker_release: | |
name: "Upload docker images needed for pipeline tests: <acs.version>-<PIPELINE_TAG_TEXT_INSERT>-<build>" | |
runs-on: ubuntu-latest | |
if: > | |
contains(github.event.head_commit.message, '[pipeline_docker]') | |
services: | |
registry: | |
image: registry:2 | |
ports: | |
- 5000:5000 | |
steps: | |
- uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.1 | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.1 | |
- uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.1 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
with: | |
platforms: linux/amd64,linux/arm64 | |
- name: Pipeline Tag text insert (modify for your needs) | |
run: | | |
echo "PIPELINE_TAG_TEXT_INSERT=INSERT-TEXT" >> $GITHUB_ENV | |
- name: Compute final build number | |
run: | | |
echo "COMPUTED_BUILD_NUMBER=$(( $BASE_BUILD_NUMBER + $BUILD_NUMBER ))" >> $GITHUB_ENV | |
- name: Determine ACS Image Tag | |
run: | | |
ACS_VERSION=23.1.0 | |
echo "IMAGE_TAG=${ACS_VERSION}-${PIPELINE_TAG_TEXT_INSERT}-${COMPUTED_BUILD_NUMBER}" >> $GITHUB_ENV | |
- name: "Build: uses IMAGE_TAG variable, requires Repo and Share snapshot versions in main pom.xml" | |
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} | |
run: | | |
bash ./scripts/ci/init.sh | |
bash ./scripts/ci/build.sh -m | |
- name: "Update images" | |
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} | |
run: mvn -B -V clean install -ntp -DskipTests -Dmaven.javadoc.skip=true -Ppush-docker-images,pipeline,release-branch -Drepo.image.tag=latest -Dshare.image.tag=latest -Dimage.tag=${IMAGE_TAG} -Ddocker.quay-expires.value=1w -Drepo.skipDockerImage=false -Dshare.skipDockerImage=false | |
- name: "Clean Maven cache" | |
run: bash ./scripts/ci/cleanup_cache.sh |