Skip to content

OPSEXP-2403 Bump ATS and Sync tags in 7.3/7.2/7.1 to fix activemq CVE-2023-46604 #1092

OPSEXP-2403 Bump ATS and Sync tags in 7.3/7.2/7.1 to fix activemq CVE-2023-46604

OPSEXP-2403 Bump ATS and Sync tags in 7.3/7.2/7.1 to fix activemq CVE-2023-46604 #1092

---
name: Helm (Community)
on:
pull_request:
branches:
- master
- release/**
- next/**
paths:
- helm/**
- test/postman/helm/**
- .github/workflows/helm*
- test/community-integration-test-values.yaml
push:
branches:
- master
- release/**
concurrency:
group: helm-com-${{ github.head_ref || github.ref_name }}
cancel-in-progress: true
jobs:
community_charts:
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
- uses: azure/setup-helm@v3
with:
version: "3.12.1"
- name: Login to Docker Hub
uses: docker/login-action@v3
if: ${{ ! github.event.repository.fork }}
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Setup cluster
uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
with:
ingress-nginx-ref: controller-v1.8.2
- name: Set nginx ingress config
run: |
kubectl -n ingress-nginx patch cm ingress-nginx-controller \
-p '{"data": {"allow-snippet-annotations":"true"}}'
- name: Create registries auth secret
if: ${{ ! github.event.repository.fork }}
run: |
kubectl create secret generic regcred \
--from-file=.dockerconfigjson=$HOME/.docker/config.json \
--type=kubernetes.io/dockerconfigjson
- name: Helm install
run: |
helm dep up ./helm/alfresco-content-services
helm install acs ./helm/alfresco-content-services \
--set global.search.sharedSecret="$(openssl rand -hex 24)" \
--set global.known_urls=http://localhost \
--set global.alfrescoRegistryPullSecrets=regcred \
--wait --timeout 5m0s \
--values helm/alfresco-content-services/community_values.yaml \
--values test/community-integration-test-values.yaml
- name: Spit cluster status
if: always()
run: |
helm ls --all-namespaces
kubectl get all --all-namespaces
kubectl describe pod
- name: Wait ACS to warm up
run: sleep 60
- uses: nick-fields/retry@v2
id: newman
with:
timeout_minutes: 1
retry_wait_seconds: 30
max_attempts: 5
command: >-
docker run --network=host
-v $(pwd)/test/postman:/etc/postman
-t postman/newman run /etc/postman/helm/acs-test-helm-collection.json
--global-var protocol=http --global-var url=localhost
- name: Spit cluster status after tests
if: always() && steps.newman.outcome != 'skipped'
run: |
helm ls --all-namespaces
kubectl get all --all-namespaces
kubectl describe pod