-
Notifications
You must be signed in to change notification settings - Fork 24
126 lines (106 loc) · 5.73 KB
/
httpsUnitTests.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
name: https unit tests
on:
pull_request:
branches:
- "master"
- "candidate-*"
workflow_dispatch:
jobs:
test-against-platform:
runs-on: ubuntu-latest
steps:
- name: Setup JDK 11
uses: actions/setup-java@v1
with:
java-version: 11
- name: Install K8s
uses: balchua/[email protected]
with:
channel: '1.26/stable'
devMode: 'true'
addons: '["dns", "rbac", "hostpath-storage", "registry"]'
# Note: IP Address range below is the IP address range that will be made available for load balancers
# on the host machine, they aren't actual load balancers so they will not be accessible externally
- name: Enable LoadBalancers
run: |
sudo microk8s enable metallb:10.64.140.43-10.64.140.49
- name: Install JetStack Cert Manager
run: |
helm repo add jetstack https://charts.jetstack.io
helm repo update
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.11.0/cert-manager.crds.yaml
helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --version v1.11.0
- name: Create Root Certificates
run: |
echo "[req]
default_bits = 2048
default_keyfile = ca.key
distinguished_name = dn
prompt = no
x509_extensions = x509_ca
[dn]
C = US
ST = GA
L = Alparetta
O = Lexis Nexis Risk
OU = Platform Development
CN = TestCluster
emailAddress = [email protected]
[x509_ca]
basicConstraints=CA:true,pathlen:1" > ca-req.cfg
openssl req -x509 -newkey rsa:2048 -nodes -keyout ca.key -sha256 -days 1825 -out ca.crt -config ca-req.cfg
kubectl create secret tls hpcc-signing-issuer-key-pair --cert=ca.crt --key=ca.key
kubectl create secret tls hpcc-local-issuer-key-pair --cert=ca.crt --key=ca.key
sudo keytool -import -trustcacerts -cacerts -storepass changeit -noprompt -alias hpcc-local-issuer -file ca.crt
- name: Install HPCC Cluster
run: |
echo -e "certificates:\n enabled: true\ndafilesrv:\n - name: rowservice\n disabled: false\n application: stream\n service:\n servicePort: 7600\n visibility: global" > values.yaml
helm repo add hpcc https://hpcc-systems.github.io/helm-chart
helm repo update
helm install myhpcc hpcc/hpcc -f values.yaml
- uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 0
- name: Rebase
run: |
git config user.email '[email protected]'
git config user.name 'hpccsystems development'
git rebase origin/${{ github.event.pull_request.base.ref }}
git log --pretty=one -n 15
- name: Wait for ECLWatch Startup
run: |
echo "Waiting for ECLWatch startup" && kubectl wait --for=condition=ready pod --timeout=180s -l app=eclwatch
echo "Waiting for Rowservice startup" && kubectl wait --for=condition=ready pod --timeout=180s -l server=rowservice
echo "Waiting for SQL2ECL startup" && kubectl wait --for=condition=ready pod --timeout=180s -l app=sql2ecl
echo "ECLWATCH_IP=$(kubectl get svc eclwatch -o jsonpath='{.spec.clusterIP}')" >> $GITHUB_ENV
echo "ROWSERVICE_IP=$(kubectl get svc rowservice -o jsonpath='{.spec.clusterIP}')" >> $GITHUB_ENV
echo "SQL_TO_ECL_IP=$(kubectl get svc sql2ecl -o jsonpath='{.spec.clusterIP}')" >> $GITHUB_ENV
kubectl get pods
kubectl get svc
- name: Add Host File Entries
run: |
sudo -- sh -c -e "echo '${{ env.ECLWATCH_IP }} eclwatch.default' >> /etc/hosts";
sudo -- sh -c -e "echo '${{ env.ROWSERVICE_IP }} rowservice.default' >> /etc/hosts";
sudo -- sh -c -e "echo '${{ env.SQL_TO_ECL_IP }} sql2ecl.default' >> /etc/hosts";
# Notes:
# Using keytool -import -cacerts doesn't work as expected, need to specify the cacerts path explicitly
# Path changed between JDK 8 & 11, Command for JDK 8:
# sudo keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -alias eclwatch-tls -file cert.der
- name: Trust Certs
run: |
openssl s_client -showcerts -connect eclwatch.default:8010 < /dev/null | openssl x509 -outform DER > cert.der
sudo keytool -import -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt -alias eclwatch-tls -file cert.der
openssl s_client -showcerts -connect rowservice.default:7600 < /dev/null | openssl x509 -outform DER > cert.der
sudo keytool -import -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt -alias dafilesrv-tls -file cert.der
openssl s_client -showcerts -connect sql2ecl.default:8510 < /dev/null | openssl x509 -outform DER > cert.der
sudo keytool -import -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt -alias sqltoecl-tls -file cert.der
# speed things up with caching from https://docs.github.com/en/actions/guides/building-and-testing-java-with-maven
- name: Cache Maven packages
uses: actions/cache@v2
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
- name: Build with Maven
run: mvn -B --activate-profiles jenkins-on-demand -Dmaven.gpg.skip=true -Dmaven.javadoc.skip=true -Dmaven.test.failure.ignore=false -Dhpccconn=https://eclwatch.default:8010 -Dwssqlconn=https://sql2ecl.default:8510 -DHPCC30117=open install