Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: move jenkins operations to GH #10082

Merged
merged 11 commits into from
Nov 14, 2024
9 changes: 9 additions & 0 deletions .github/maven-settings.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
<settings>
<servers>
<server>
<id>github</id>
<username>${env.GITHUB_ACTOR}</username>
<password>${env.JANS_TOKEN}</password>
</server>
</servers>
</settings>
266 changes: 266 additions & 0 deletions .github/workflows/build-test.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,266 @@
name: Janssen Build & Test

on:
push:
branches:
- main
schedule:
- cron: '0 8 * * *'
pull_request:
branches:
- main
workflow_dispatch:
inputs:
project:
type: choice
options:
- "jans-bom"
- "jans-orm"
- "jans-core"
- "jans-lock/lock-server"
- "agama"
- "jans-auth-server"
- "jans-link"
- "jans-fido2"
- "jans-scim"
- "jans-keycloak-link"
- "jans-config-api"
- "jans-keycloak-integration"
- "jans-casa"
- "jans-bom jans-orm jans-core jans-lock/lock-server agama jans-auth-server jans-link jans-fido2 jans-scim jans-keycloak-link jans-config-api jans-keycloak-integration jans-casa"
description: 'Service'
required: true
default: "jans-bom jans-orm jans-core jans-lock/lock-server agama jans-auth-server jans-link jans-fido2 jans-scim jans-keycloak-link jans-config-api jans-keycloak-integration jans-casa"

jobs:
prep-matrix:
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
with:
egress-policy: audit
- id: set-matrix
run: |
projects="${{ github.event.inputs.project }}"
if [ -z "$projects" ]; then
projects="jans-bom jans-orm jans-core jans-lock/lock-server agama jans-auth-server jans-link jans-fido2 jans-scim jans-keycloak-link jans-config-api jans-keycloak-integration jans-casa"
fi
matrix="{\"include\":["
for project in $projects; do
matrix="$matrix{\"service\":\"$project\",\"maven_skip_tests\":true},"
done
matrix="${matrix%,}]}"
echo $matrix
echo "matrix=$matrix" >> $GITHUB_OUTPUT

build-with-disabled-tests:
runs-on: ubuntu-20.04
needs: prep-matrix
permissions:
contents: read
packages: write
env:
VERSION_NAME: main
MAVEN_SKIP_TESTS: true
PROFILE_NAME: "default"

strategy:
max-parallel: 1
matrix: ${{ fromJson(needs.prep-matrix.outputs.matrix) }}

steps:
- name: Harden Runner
uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
with:
egress-policy: audit
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ github.event.inputs.branch }}

- name: Set up Java 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'adopt'

- name: Set up Maven
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'adopt'
cache: 'maven'

- name: Build ${{ matrix.service }}
run: |
if [ "${{ github.event_name }}" == "pull_request" ]; then
mvn -f ${{ matrix.service }}/pom.xml -Dcfg=${{ env.PROFILE_NAME }} -Dmaven.test.skip=${{ matrix.maven_skip_tests }} clean install -Drevision=${{ github.head_ref }}-SNAPSHOT
else
mvn -f ${{ matrix.service }}/pom.xml -Dcfg=${{ env.PROFILE_NAME }} -Dmaven.test.skip=${{ matrix.maven_skip_tests }} clean install
fi

- name: Publish to GitHub Packages
run: mvn -B deploy -Dmaven.test.skip=${{ matrix.maven_skip_tests }} -Dcfg=${{ env.PROFILE_NAME }}
working-directory: ${{ matrix.service }}
env:
GITHUB_TOKEN: ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}

- name: Archive results
if: always()
uses: actions/upload-artifact@v4
with:
name: build-results
path: ${{ matrix.service }}/target

- name: Send notification on failure
if: failure()
run: echo "Build failed"

cleanup:
if: github.event_name == 'push' && github.event.ref == 'refs/heads/main'
runs-on: ubuntu-20.04
steps:
- name: Harden Runner
uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
with:
egress-policy: audit
- name: Clean up PR assets
run: |
# List all SNAPSHOT versions
versions=$(curl -s -H "Authorization: token ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/maven-metadata.xml" | grep -oP '(?<=<version>)[^<]+')

for version in $versions; do
if [[ $version == *-SNAPSHOT ]]; then
# Delete the version from GitHub Packages
curl -X DELETE -H "Authorization: token ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/io/jans/${{ matrix.service.project }}/$version"
fi
done

run-tests:
if: github.event_name == 'push' || github.event_name == 'pull_request' || (github.event_name == 'workflow_dispatch' && github.event.inputs.project == 'jans-bom, jans-orm, jans-core, jans-lock/lock-server, agama, jans-auth-server, jans-link, jans-fido2, jans-scim, jans-keycloak-link, jans-config-api, jans-keycloak-integration, jans-casa')
permissions: write-all
runs-on: ubuntu-20.04
env:
MAVEN_SKIP_TESTS: false
CONTAINER_NAME_SPANNER: ubuntu20-spanner
CONTAINER_NAME_CB: ubuntu20-couchbase
CONTAINER_NAME_LDAP: ubuntu20-ldap
CONTAINER_NAME_MYSQL: ubuntu20-mysql
CONTAINER_NAME_POSTGRESQL: ubuntu20-postgresql
DEVELOPMENT_BUILD: true
SKIP_FINDBUGS: true
DEPENDENCY_CHECK: true
VERSION_NAME: main
PROFILE_NAME: default
strategy:
max-parallel: 5
matrix:
persistence:
- "MYSQL"
- "PGSQL"
fail-fast: false
steps:
- name: Harden Runner
uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
with:
egress-policy: audit
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ github.event.inputs.branch }}

- name: Set up Java 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'adopt'

- name: Set up Maven
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'adopt'
cache: 'maven'

- name: Set up Go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: 1.18

- name: Import GPG key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0
with:
gpg_private_key: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY_PASSPHRASE }}
git_user_signingkey: true
git_commit_gpgsign: true

- name: Configure Git
run: |
git config --global user.name "mo-auto"
git config --global user.email "[email protected]"
git config --global user.signingkey "${{ steps.import_gpg.outputs.keyid }}"
echo "${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" | gh auth login --with-token

- name: Run Jans Monolith
env:
JANS_FQDN: demoexample.jans.io
EXT_IP: $(ifconfig eth0 | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1')
JANS_BUILD_COMMIT: main
run: |
export ip=$(ifconfig eth0 | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1')
sudo chmod a+x automation/startjanssenmonolithdemo.sh
sudo RUN_TESTS=true bash ./automation/startjanssenmonolithdemo.sh "demoexample.jans.io" "${{ matrix.persistence }}" "$ip" "${{ github.sha }}"

echo "generating rdbms docs for ${{ matrix.persistence-backends }}..."
git clone https://mo-auto:${{ secrets.MOAUTO_WORKFLOW_TOKEN }}@github.com/JanssenProject/jans.git
cd jans
git config pull.rebase true
git checkout -b cn-jans-update-${{ matrix.persistence-backends }}-auto-generated-docs || echo "Branch exists"
git pull origin cn-jans-update-${{ matrix.persistence-backends }}-auto-generated-docs || echo "Nothing to pull"
sudo bash ./automation/docs/generate-rdbms-docs.sh "$persistence" || echo "generating rdbms docs failed for ${{ matrix.persistence-backends }}!!!"
git add . || echo "generating rdbms docs failed !!!"
git commit -a -S -m "docs: auto-generated ${{ matrix.persistence-backends }} docs" || echo "Nothing to commit"
git push --set-upstream origin cn-jans-update-${{ matrix.persistence-backends }}-auto-generated-docs || echo "generating rdbms docs failed !!!"
MESSAGE="fix(docs): autogenerate ${{ matrix.persistence-backends }} RDBMS docs"
gh pr create --body "Auto generated RDBMS docs" --title "${MESSAGE}" || echo "PR exists"
cd ..
echo "generating rdbms docs for ${{ matrix.persistence-backends }} done"

export JANS_URL=https://demoexample.jans.io
export JANS_CLIENT_ID=9876baac-de39-4c23-8a78-674b59df8c09
export JANS_CLIENT_SECRET=1t5Fin3#security
export JANS_INSECURE_CLIENT=true
export TF_ACC=1
cd terraform-provider-jans
go install github.com/jstemmer/go-junit-report/v2@latest
go test -v 2>&1 ./... | go-junit-report > /tmp/reports/${{ matrix.persistence-backends }}report.xml
cd ..

- name: List Reports
run: |
ls /tmp/reports/

- name: Upload Test Results
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.persistence }}-test-results
path: /tmp/reports

- name: Publish Test Report ${{ matrix.persistence }}
uses: starburstdata/action-testng-report@v1
with:
report_paths: /tmp/reports/${{ matrix.persistence }}*.xml
github_token: ${{ github.token }}
fail_if_empty: false

# - name: Publish Test Report Surefire
# uses: scacap/action-surefire-report@v1
# if: success() || failure()
# with:
# github_token: ${{ github.token }}
# report_paths: /tmp/reports/**.xml
100 changes: 0 additions & 100 deletions .github/workflows/build-wars.yml

This file was deleted.

Loading