Skip to content

OPSEXP-2739: bump Alfresco components and third parties #2273

OPSEXP-2739: bump Alfresco components and third parties

OPSEXP-2739: bump Alfresco components and third parties #2273

Workflow file for this run

name: "enterprise"
on:
pull_request:
branches: [master]
paths-ignore:
- "docs/**"
- "*.md"
- .github/workflows/docs.yml
- .pre-commit-config.yaml
push:
branches: [master]
paths-ignore:
- "docs/**"
- "*.md"
- .github/workflows/docs.yml
- .pre-commit-config.yaml
env:
DTAS_VERSION: v1.5.4
BUILD_NUMBER: ${{ github.run_id }}
PY_COLORS: 1
PYTHONUNBUFFERED: 1
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.ref_name }}
cancel-in-progress: false
jobs:
check-nexus-secrets:
name: Ensure required nexus secrets are available
runs-on: ubuntu-latest
outputs:
secrets-available: ${{ steps.check-secrets.outputs.secrets-available }}
steps:
- name: Check secrets
id: check-secrets
run: | # pragma: allowlist secret
if [ -z "${{ secrets.nexus_username }}" ] || [-z "${{ secrets.nexus_password }}"]; then
echo "nexus_username or nexus_password is missing"
echo "secrets-available=false" >> $GITHUB_OUTPUT
exit 0
fi
echo "secrets-available=true" >> $GITHUB_OUTPUT
docker:
name: Test ${{ matrix.role.name }} role on ${{ matrix.molecule_distro.image }}
runs-on: ubuntu-latest
needs: check-nexus-secrets
if: needs.check-nexus-secrets.outputs.secrets-available == 'true'
outputs:
dtas_version: ${{ steps.jobvars.outputs.dtas_version }}
strategy:
fail-fast: true
matrix:
molecule_distro:
- image: ubuntu:22.04
- image: rockylinux/rockylinux:9.4
role:
- name: adf_app
- name: search_enterprise
- name: repository
- name: sfs
- name: sync
- name: trouter
steps:
- name: Share var with further reusable workflows
id: jobvars
run: echo "dtas_version=$DTAS_VERSION" >> $GITHUB_OUTPUT
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Set up Python
uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
id: setup-python
with:
python-version-file: .python-version
cache: pipenv
- name: Install python packages
uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
with:
python-version: ${{ steps.setup-python.outputs.python-version }}
- name: Install and cache ansible galaxy dependencies
uses: ./.github/actions/galaxy
with:
cache-name: enterprise
- name: Setup workspace
uses: ./.github/actions/setup-workspace
- name: Run tests
env:
MOLECULE_ROLE_IMAGE: ${{ matrix.molecule_distro.image }}
NEXUS_USERNAME: ${{ secrets.nexus_username }}
NEXUS_PASSWORD: ${{ secrets.nexus_password }}
uses: nick-fields/retry@v3
with:
timeout_minutes: 60
max_attempts: 3
retry_wait_seconds: 10
command: cd roles/${{ matrix.role.name }} && pipenv run molecule test
docker_integration:
name: Test ${{ matrix.scenario.name }} scenario on ${{ matrix.molecule_distro.image }}
needs:
- docker
strategy:
fail-fast: false
matrix:
molecule_distro:
- image: ubuntu:22.04
- image: rockylinux/rockylinux:9.4
scenario:
- name: pki
- name: elasticsearch
include:
- scenario:
name: identity
molecule_distro:
image: rockylinux/rockylinux:9.4
uses: ./.github/workflows/docker.yml
with:
scenario: ${{ matrix.scenario.name }}
os_distribution: ${{ matrix.molecule_distro.image }}
galaxy_cache: enterprise
dtas_version: ${{ needs.docker.outputs.dtas_version }}
secrets:
nexus_username: ${{ secrets.NEXUS_USERNAME }}
nexus_password: ${{ secrets.NEXUS_PASSWORD }}
dtas_token: ${{ secrets.BOT_GITHUB_TOKEN || secrets.DEPENDABOT_GITHUB_TOKEN }}
ec2:
name: ${{ matrix.molecule_scenario.desc }}
if: github.actor != 'dependabot[bot]'
needs:
- docker
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
molecule_scenario:
- name: default
vars: vars-ubuntu20-73.yml
desc: EC2 ACS 7.3 (Ubuntu 20.04)
- name: default
vars: vars-rocky8.yml
desc: EC2 ACS 7.4 (Rocky Linux 8.9)
- name: default
vars: vars-rhel8.yml
desc: EC2 ACS 7.4 (RHEL 8.9)
- name: default
vars: vars-ubuntu-community.yml
desc: EC2 ACS 23.x Community (Ubuntu 22.04)
- name: default
vars: vars-rocky9.yml
desc: EC2 ACS 23.x (Rocky Linux 9.4)
- name: multimachine
vars: vars.yml
desc: EC2 ACS 23.x clustered (RHEL 9.4)
- name: opensearch
vars: vars.yml
desc: EC2 ACS 23.x opensearch (RHEL 9.4)
env:
AWS_REGION: eu-west-1
MOLECULE_IT_AWS_VPC_SUBNET_ID: subnet-6bdd4223
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
# avoid auth conflict when cloning DTAS during verify step
persist-credentials: false
- name: Run tests on push
timeout-minutes: 185
uses: ./.github/actions/molecule_integration_ec2
with:
matrix_name: ${{ matrix.molecule_scenario.name }}
matrix_vars: ${{ matrix.molecule_scenario.vars }}
matrix_desc: ${{ matrix.molecule_scenario.desc }}
nexus_username: ${{ secrets.NEXUS_USERNAME }}
nexus_password: ${{ secrets.NEXUS_PASSWORD }}
aws_access_key_id: ${{ secrets.aws_access_key_id }}
aws_secret_access_key: ${{ secrets.aws_secret_access_key }}
pat: ${{ secrets.BOT_GITHUB_TOKEN }}