From 9e313606b7a2e1ceebefec046ca08bb05b25da39 Mon Sep 17 00:00:00 2001 From: "ONBASE\\pwesolowski" Date: Tue, 21 Jan 2025 11:23:52 +0100 Subject: [PATCH] feat: checked nightly pipeline --- .github/workflows/ci.yml | 664 ++++++++---------- ...est.yml => nightly_tests_and_veracode.yml} | 0 2 files changed, 292 insertions(+), 372 deletions(-) rename .github/workflows/{test.yml => nightly_tests_and_veracode.yml} (100%) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0076c584a..9e0805f6f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -13,8 +13,6 @@ on: - fix/** - master - release/** - schedule: - - cron: "0 0 * * *" # Runs every night at midnight env: # Both variables are required to be set before the release process starts . @@ -31,389 +29,311 @@ env: S3_BUCKET_REGION: "eu-west-1" jobs: - # pre_commit: - # runs-on: ubuntu-latest - # outputs: - # java_version: ${{ env.JAVA_VERSION }} - # java_version_supported_by_repo: ${{ env.JAVA_VERSION_SUPPORTED_BY_REPO }} - # steps: - # - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 - # - uses: actions/checkout@v4 - # with: - # fetch-depth: 0 - # - id: changed-files - # uses: Alfresco/alfresco-build-tools/.github/actions/github-list-changes@v8.8.0 - # with: - # write-list-to-env: true - # - uses: Alfresco/alfresco-build-tools/.github/actions/pre-commit@v8.8.0 + pre_commit: + runs-on: ubuntu-latest + outputs: + java_version: ${{ env.JAVA_VERSION }} + java_version_supported_by_repo: ${{ env.JAVA_VERSION_SUPPORTED_BY_REPO }} + steps: + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - id: changed-files + uses: Alfresco/alfresco-build-tools/.github/actions/github-list-changes@v8.8.0 + with: + write-list-to-env: true + - uses: Alfresco/alfresco-build-tools/.github/actions/pre-commit@v8.8.0 - veracode_sca: - name: "TESTTTTT Veracode - Source Clear Scan (SCA)" - # needs: - # - pre_commit + pmd_scan: + name: "PMD Scan" runs-on: ubuntu-latest if: > - (github.ref_name == 'master' || startsWith(github.ref_name, 'release/') || github.event_name == 'schedule' || github.event_name == 'pull_request' || github.actor == 'dependabot[bot]') && - !contains(github.event.head_commit.message, '[skip build]') + github.event_name == 'pull_request' && + !contains(github.event.head_commit.message, '[skip pmd]') && + !contains(github.event.head_commit.message, '[skip tests]') steps: - uses: actions/checkout@v4 - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.8.0 - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 - - uses: Alfresco/alfresco-build-tools/.github/actions/veracode@v8.8.0 - continue-on-error: true - with: - srcclr-api-token: ${{ secrets.SRCCLR_API_TOKEN }} - - # veracode_sast: - # name: "Pipeline SAST Scan" - # # needs: - # # - pre_commit - # runs-on: ubuntu-latest - # if: > - # (github.ref_name == 'master' || startsWith(github.ref_name, 'release/') || github.event_name == 'pull_request' || github.event_name == 'schedule') && - # github.actor != 'dependabot[bot]' && - # !contains(github.event.head_commit.message, '[skip build]') - # steps: - # - uses: actions/checkout@v4 - # - id: changed-files - # uses: Alfresco/alfresco-build-tools/.github/actions/github-list-changes@v8.8.0 - # with: - # write-list-to-env: true - # - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 - # - uses: Alfresco/alfresco-build-tools/.github/actions/github-download-file@v8.8.0 - # with: - # token: ${{ secrets.BOT_GITHUB_TOKEN }} - # repository: "Alfresco/veracode-baseline-archive" - # file-path: "hxinsight-connector/hxinsight-connector-baseline.json" - # target: "baseline.json" - # - name: "Build application" - # run: mvn ${{ env.MAVEN_CLI_OPTS }} clean install -DskipTests - # - name: "Run SAST Scan" - # uses: veracode/Veracode-pipeline-scan-action@v1.0.17 - # with: - # vid: ${{ secrets.VERACODE_API_ID }} - # vkey: ${{ secrets.VERACODE_API_KEY }} - # file: "distribution/target/alfresco-hxinsight-connector-distribution-*.zip" - # fail_build: false - # project_name: hxinsight-connector - # issue_details: true - # veracode_policy_name: Alfresco Default - # summary_output: true - # summary_output_file: results.json - # summary_display: true - # baseline_file: baseline.json - # - name: "Clean Maven cache" - # run: bash ./scripts/ci/cleanup_cache.sh - - # pmd_scan: - # name: "PMD Scan" - # runs-on: ubuntu-latest - # if: > - # github.event_name == 'pull_request' && - # !contains(github.event.head_commit.message, '[skip pmd]') && - # !contains(github.event.head_commit.message, '[skip tests]') - # steps: - # - uses: actions/checkout@v4 - # - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.8.0 - # - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 - # - uses: Alfresco/ya-pmd-scan@v4.2.0 + - uses: Alfresco/ya-pmd-scan@v4.2.0 - # test_application: - # name: "Build and test application" - # runs-on: ubuntu-latest - # needs: - # - pre_commit - # if: > - # (github.event_name == 'push' || github.actor == 'dependabot[bot]') && - # !contains(github.event.head_commit.message, '[skip tests]') && - # !contains(github.event.head_commit.message, '[skip build]') - # strategy: - # fail-fast: false - # matrix: - # subproject: [ "bulk-ingester", "common", "common-authentication", "common-test", - # "live-ingester", "prediction-applier", "hxinsight-extension" ] - # steps: - # - uses: actions/checkout@v4 - # - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.8.0 - # - name: "Login to Quay.io" - # uses: docker/login-action@v3 - # with: - # registry: quay.io - # username: ${{ secrets.QUAY_USERNAME }} - # password: ${{ secrets.QUAY_PASSWORD }} - # - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 - # - name: "Test application" - # run: mvn ${{ env.MAVEN_CLI_OPTS }} clean verify -pl '${{ matrix.subproject }}' -am - - # test_distribution: - # name: "Build application with distribution profile" - # runs-on: ubuntu-latest - # needs: - # - pre_commit - # if: > - # (github.event_name == 'push' || github.actor == 'dependabot[bot]') && - # !contains(github.event.head_commit.message, '[skip tests]') && - # !contains(github.event.head_commit.message, '[skip build]') - # strategy: - # fail-fast: false - # matrix: - # repoVersion: [ 7.3.2, 7.4.2, 23.3.0 ] - # steps: - # - uses: actions/checkout@v4 - # - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.8.0 - # - name: "Login to Quay.io" - # uses: docker/login-action@v3 - # with: - # registry: quay.io - # username: ${{ secrets.QUAY_USERNAME }} - # password: ${{ secrets.QUAY_PASSWORD }} - # - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 - # - name: "Build application with distribution profile" - # run: mvn ${{ env.MAVEN_CLI_OPTS }} clean install -DskipTests -Dalfresco-platform.version=${{ matrix.repoVersion }} + test_application: + name: "Build and test application" + runs-on: ubuntu-latest + needs: + - pre_commit + if: > + (github.event_name == 'push' || github.actor == 'dependabot[bot]') && + !contains(github.event.head_commit.message, '[skip tests]') && + !contains(github.event.head_commit.message, '[skip build]') + strategy: + fail-fast: false + matrix: + subproject: [ "bulk-ingester", "common", "common-authentication", "common-test", + "live-ingester", "prediction-applier", "hxinsight-extension" ] + steps: + - uses: actions/checkout@v4 + - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.8.0 + - name: "Login to Quay.io" + uses: docker/login-action@v3 + with: + registry: quay.io + username: ${{ secrets.QUAY_USERNAME }} + password: ${{ secrets.QUAY_PASSWORD }} + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 + - name: "Test application" + run: mvn ${{ env.MAVEN_CLI_OPTS }} clean verify -pl '${{ matrix.subproject }}' -am - # run_e2e_test: - # name: "Run e2e tests using ACS ${{ matrix.repoVersion }}" - # runs-on: ubuntu-latest - # needs: - # - pre_commit - # if: > - # (github.event_name == 'push' || github.actor == 'dependabot[bot]') && - # !contains(github.event.head_commit.message, '[skip build]') && - # !contains(github.event.head_commit.message, '[skip tests]') && - # !contains(github.event.head_commit.message, '[skip e2es]') - # strategy: - # fail-fast: false - # matrix: - # repoVersion: [ 7.3.2, 7.4.2, 23.3.0 ] - # steps: - # - uses: actions/checkout@v4 - # - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.8.0 - # - name: "Login to Quay.io" - # uses: docker/login-action@v3 - # with: - # registry: quay.io - # username: ${{ secrets.QUAY_USERNAME }} - # password: ${{ secrets.QUAY_PASSWORD }} - # - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 - # - name: "Build application" - # run: mvn ${{ env.MAVEN_CLI_OPTS }} clean install -DskipTests -Dalfresco-platform.version=${{ matrix.repoVersion }} - # - name: "Build docker images" - # run: bash ./scripts/ci/buildDockerImages.sh - # - name: "Run e2e tests" - # run: mvn ${{ env.MAVEN_CLI_OPTS }} verify -pl 'hxinsight-extension,e2e-test' -am -DskipUnitTests -DskipIntegrationTests -Dalfresco-platform.version=${{ matrix.repoVersion }} + test_distribution: + name: "Build application with distribution profile" + runs-on: ubuntu-latest + needs: + - pre_commit + if: > + (github.event_name == 'push' || github.actor == 'dependabot[bot]') && + !contains(github.event.head_commit.message, '[skip tests]') && + !contains(github.event.head_commit.message, '[skip build]') + strategy: + fail-fast: false + matrix: + repoVersion: [ 7.3.2, 7.4.2, 23.3.0 ] + steps: + - uses: actions/checkout@v4 + - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.8.0 + - name: "Login to Quay.io" + uses: docker/login-action@v3 + with: + registry: quay.io + username: ${{ secrets.QUAY_USERNAME }} + password: ${{ secrets.QUAY_PASSWORD }} + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 + - name: "Build application with distribution profile" + run: mvn ${{ env.MAVEN_CLI_OPTS }} clean install -DskipTests -Dalfresco-platform.version=${{ matrix.repoVersion }} - # run_e2e_test_using_older_java: - # name: "Run e2e tests using ACS ${{ matrix.repoVersion }} on Java ${{ needs.pre_commit.outputs.java_version_supported_by_repo }}" - # runs-on: ubuntu-latest - # needs: - # - pre_commit - # if: > - # needs.pre_commit.outputs.java_version_supported_by_repo != needs.pre_commit.outputs.java_version && - # github.event_name != 'pull_request' && - # (github.ref_name == 'master' || startsWith(github.ref_name, 'release/')) && - # !contains(github.event.head_commit.message, '[skip build]') && - # !contains(github.event.head_commit.message, '[skip tests]') && - # !contains(github.event.head_commit.message, '[skip e2es]') - # strategy: - # fail-fast: false - # matrix: - # repoVersion: [ 7.3.2, 7.4.2 ] - # steps: - # - uses: actions/checkout@v4 - # - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.8.0 - # - name: "Login to Quay.io" - # uses: docker/login-action@v3 - # with: - # registry: quay.io - # username: ${{ secrets.QUAY_USERNAME }} - # password: ${{ secrets.QUAY_PASSWORD }} - # - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 - # - name: "Build application" - # run: mvn ${{ env.MAVEN_CLI_OPTS }} clean install -DskipTests -Dalfresco-platform.version=${{ matrix.repoVersion }} -Dalfresco-platform.java.version=${{ env.JAVA_VERSION_SUPPORTED_BY_REPO }} - # - name: "Build docker images" - # run: JAVA_VERSION=${{ env.JAVA_VERSION_SUPPORTED_BY_REPO }} && bash ./scripts/ci/buildDockerImages.sh - # - name: "Run e2e tests" - # run: mvn ${{ env.MAVEN_CLI_OPTS }} verify -pl 'hxinsight-extension,e2e-test' -am -DskipUnitTests -DskipIntegrationTests -Dalfresco-platform.version=${{ matrix.repoVersion }} -Dalfresco-platform.java.version=${{ env.JAVA_VERSION_SUPPORTED_BY_REPO }} + run_e2e_test: + name: "Run e2e tests using ACS ${{ matrix.repoVersion }}" + runs-on: ubuntu-latest + needs: + - pre_commit + if: > + (github.event_name == 'push' || github.actor == 'dependabot[bot]') && + !contains(github.event.head_commit.message, '[skip build]') && + !contains(github.event.head_commit.message, '[skip tests]') && + !contains(github.event.head_commit.message, '[skip e2es]') + strategy: + fail-fast: false + matrix: + repoVersion: [ 7.3.2, 7.4.2, 23.3.0 ] + steps: + - uses: actions/checkout@v4 + - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.8.0 + - name: "Login to Quay.io" + uses: docker/login-action@v3 + with: + registry: quay.io + username: ${{ secrets.QUAY_USERNAME }} + password: ${{ secrets.QUAY_PASSWORD }} + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 + - name: "Build application" + run: mvn ${{ env.MAVEN_CLI_OPTS }} clean install -DskipTests -Dalfresco-platform.version=${{ matrix.repoVersion }} + - name: "Build docker images" + run: bash ./scripts/ci/buildDockerImages.sh + - name: "Run e2e tests" + run: mvn ${{ env.MAVEN_CLI_OPTS }} verify -pl 'hxinsight-extension,e2e-test' -am -DskipUnitTests -DskipIntegrationTests -Dalfresco-platform.version=${{ matrix.repoVersion }} - # nightly_tests: - # name: "Run nightly tests" - # runs-on: ubuntu-latest - # if: github.event_name == 'schedule' && github.ref_name == 'master' - # steps: - # - name: "Checkout repository" - # uses: actions/checkout@v4 - # - name: "Set up JDK" - # uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 - # - name: "Build application" - # run: mvn clean install -DskipTests -pl live-ingester - # - name: "Run OpenApi Specification tests" - # run: mvn test -Dtest=OpenApiRequestValidationTest -pl live-ingester - # - name: "Notify on failure" - # if: failure() - # uses: Alfresco/alfresco-build-tools/.github/actions/send-teams-notification@v8.8.0 - # with: - # webhook-url: ${{ secrets.MS_TEAMS_WEBHOOK_URL }} - # message: "Nightly tests failed" + run_e2e_test_using_older_java: + name: "Run e2e tests using ACS ${{ matrix.repoVersion }} on Java ${{ needs.pre_commit.outputs.java_version_supported_by_repo }}" + runs-on: ubuntu-latest + needs: + - pre_commit + if: > + needs.pre_commit.outputs.java_version_supported_by_repo != needs.pre_commit.outputs.java_version && + github.event_name != 'pull_request' && + (github.ref_name == 'master' || startsWith(github.ref_name, 'release/')) && + !contains(github.event.head_commit.message, '[skip build]') && + !contains(github.event.head_commit.message, '[skip tests]') && + !contains(github.event.head_commit.message, '[skip e2es]') + strategy: + fail-fast: false + matrix: + repoVersion: [ 7.3.2, 7.4.2 ] + steps: + - uses: actions/checkout@v4 + - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.8.0 + - name: "Login to Quay.io" + uses: docker/login-action@v3 + with: + registry: quay.io + username: ${{ secrets.QUAY_USERNAME }} + password: ${{ secrets.QUAY_PASSWORD }} + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 + - name: "Build application" + run: mvn ${{ env.MAVEN_CLI_OPTS }} clean install -DskipTests -Dalfresco-platform.version=${{ matrix.repoVersion }} -Dalfresco-platform.java.version=${{ env.JAVA_VERSION_SUPPORTED_BY_REPO }} + - name: "Build docker images" + run: JAVA_VERSION=${{ env.JAVA_VERSION_SUPPORTED_BY_REPO }} && bash ./scripts/ci/buildDockerImages.sh + - name: "Run e2e tests" + run: mvn ${{ env.MAVEN_CLI_OPTS }} verify -pl 'hxinsight-extension,e2e-test' -am -DskipUnitTests -DskipIntegrationTests -Dalfresco-platform.version=${{ matrix.repoVersion }} -Dalfresco-platform.java.version=${{ env.JAVA_VERSION_SUPPORTED_BY_REPO }} - # push_docker_images: - # name: "Push docker images" - # runs-on: ubuntu-latest - # needs: - # - test_application - # - test_distribution - # - run_e2e_test - # if: > - # github.event_name == 'push' && - # (github.ref_name == 'master' || startsWith(github.ref_name, 'release/')) && - # !(failure() || cancelled()) && - # !contains(github.event.head_commit.message, '[skip build]') - # steps: - # - uses: actions/checkout@v4 - # - uses: docker/setup-qemu-action@v3 - # - uses: docker/setup-buildx-action@v3 - # - name: "Login to Quay.io" - # uses: docker/login-action@v3 - # with: - # registry: quay.io - # username: ${{ secrets.QUAY_USERNAME }} - # password: ${{ secrets.QUAY_PASSWORD }} - # - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.8.0 - # - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 - # - name: "Build application" - # run: mvn ${{ env.MAVEN_CLI_OPTS }} clean install -DskipTests -Dalfresco-platform.java.version=${{ env.JAVA_VERSION_SUPPORTED_BY_REPO }} - # - name: "Push docker images" - # run: bash ./scripts/ci/buildDockerImages.sh -p - # env: - # COMMIT_MESSAGE: ${{ github.sha }} - # - name: "Clean Maven cache" - # run: bash ./scripts/ci/cleanup_cache.sh + push_docker_images: + name: "Push docker images" + runs-on: ubuntu-latest + needs: + - test_application + - test_distribution + - run_e2e_test + if: > + github.event_name == 'push' && + (github.ref_name == 'master' || startsWith(github.ref_name, 'release/')) && + !(failure() || cancelled()) && + !contains(github.event.head_commit.message, '[skip build]') + steps: + - uses: actions/checkout@v4 + - uses: docker/setup-qemu-action@v3 + - uses: docker/setup-buildx-action@v3 + - name: "Login to Quay.io" + uses: docker/login-action@v3 + with: + registry: quay.io + username: ${{ secrets.QUAY_USERNAME }} + password: ${{ secrets.QUAY_PASSWORD }} + - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.8.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 + - name: "Build application" + run: mvn ${{ env.MAVEN_CLI_OPTS }} clean install -DskipTests -Dalfresco-platform.java.version=${{ env.JAVA_VERSION_SUPPORTED_BY_REPO }} + - name: "Push docker images" + run: bash ./scripts/ci/buildDockerImages.sh -p + env: + COMMIT_MESSAGE: ${{ github.sha }} + - name: "Clean Maven cache" + run: bash ./scripts/ci/cleanup_cache.sh - # publish_snapshot_artifacts: - # name: "Publish SNAPSHOT artifacts" - # runs-on: ubuntu-latest - # needs: - # - test_application - # - test_distribution - # - run_e2e_test - # if: > - # !(failure() || cancelled()) && - # (github.ref_name == 'master' || startsWith(github.ref_name, 'release/')) && - # github.event_name != 'pull_request' && - # !contains(github.event.head_commit.message, '[skip build]') - # steps: - # - uses: actions/checkout@v4 - # - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.8.0 - # - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.8.0 - # - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 - # - name: "Publish SNAPSHOT artifacts" - # timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} - # run: mvn ${{ env.MAVEN_CLI_OPTS }} deploy -DskipTests -Dalfresco-platform.java.version=${{ env.JAVA_VERSION_SUPPORTED_BY_REPO }} - # - name: "Clean Maven cache" - # run: bash ./scripts/ci/cleanup_cache.sh + publish_snapshot_artifacts: + name: "Publish SNAPSHOT artifacts" + runs-on: ubuntu-latest + needs: + - test_application + - test_distribution + - run_e2e_test + if: > + !(failure() || cancelled()) && + (github.ref_name == 'master' || startsWith(github.ref_name, 'release/')) && + github.event_name != 'pull_request' && + !contains(github.event.head_commit.message, '[skip build]') + steps: + - uses: actions/checkout@v4 + - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.8.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.8.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 + - name: "Publish SNAPSHOT artifacts" + timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} + run: mvn ${{ env.MAVEN_CLI_OPTS }} deploy -DskipTests -Dalfresco-platform.java.version=${{ env.JAVA_VERSION_SUPPORTED_BY_REPO }} + - name: "Clean Maven cache" + run: bash ./scripts/ci/cleanup_cache.sh - # release_and_deploy_to_nexus_and_s3: - # name: "Make release and deploy to Nexus and S3 Staging Bucket" - # runs-on: ubuntu-latest - # needs: - # - test_application - # - test_distribution - # - run_e2e_test - # if: > - # !(failure() || cancelled()) && - # (github.ref_name == 'master' || startsWith(github.ref_name, 'release/')) && - # github.event_name != 'pull_request' && - # contains(github.event.head_commit.message, '[release]') - # steps: - # - uses: actions/checkout@v4 - # with: - # persist-credentials: false - # - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.8.0 - # - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 - # - uses: Alfresco/alfresco-build-tools/.github/actions/configure-git-author@v8.8.0 - # with: - # username: ${{ secrets.BOT_GITHUB_USERNAME }} - # email: ${{ secrets.BOT_GITHUB_EMAIL }} - # - name: "Build application" - # run: mvn ${{ env.MAVEN_CLI_OPTS }} clean install -DskipTests -Dproject.revision.key=${{ github.sha }} -Dalfresco-platform.java.version=${{ env.JAVA_VERSION_SUPPORTED_BY_REPO }} - # - name: "Make release and deploy to Nexus" - # timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} - # run: mvn ${{ env.MAVEN_CLI_OPTS }} -DreleaseVersion="${{ env.RELEASE_VERSION }}" -DdevelopmentVersion="${{ env.DEVELOPMENT_VERSION }}" -Dtag="${{ env.RELEASE_VERSION }}" -Dusername="${{ secrets.BOT_GITHUB_USERNAME }}" -Dpassword="${{ secrets.BOT_GITHUB_TOKEN }}" -DscmCommentPrefix="[maven-release-plugin][skip ci]" -DskipTests -Dproject.revision.key=${{ github.sha }} "-Darguments=-DskipTests -Dadditionalparam=-Xdoclint:none -Dproject.revision.key=${{ github.sha }} -Dalfresco-platform.java.version=${{ env.JAVA_VERSION_SUPPORTED_BY_REPO }}" release:prepare release:perform - # - run: mkdir -p deploy_dir/community/hxinsight-connector/${{ env.RELEASE_VERSION }} - # - name: "Move the final artifacts to a single folder (deploy_dir) to be copied to S3" - # run: mv "distribution/target/alfresco-hxinsight-connector-distribution-${{ env.RELEASE_VERSION }}.zip" "deploy_dir/community/hxinsight-connector/${{ env.RELEASE_VERSION }}/" - # - name: "Clone Alfresco/third-party-license-overrides" - # run: git clone --depth=1 https://github.com/Alfresco/third-party-license-overrides.git - # - uses: actions/setup-python@v5 - # - name: "Create third party license csv file and add it to the deploy directory" - # run: python3 ./third-party-license-overrides/thirdPartyLicenseCSVCreator.py --project "${{ github.workspace }}" --version "${{ env.RELEASE_VERSION }}" --combined --output "deploy_dir/community/hxinsight-connector/${{ env.RELEASE_VERSION }}" - # - name: "Configure AWS credentials" - # uses: aws-actions/configure-aws-credentials@v4 - # with: - # aws-access-key-id: ${{ secrets.AWS_S3_STAGING_ACCESS_KEY }} - # aws-secret-access-key: ${{ secrets.AWS_S3_STAGING_SECRET_KEY }} - # aws-region: ${{ env.S3_BUCKET_REGION }} - # - name: "Deploy to S3 Staging Bucket" - # run: aws s3 cp --recursive --acl private ./deploy_dir s3://alfresco-artefacts-staging - # - name: "Clean Maven cache" - # run: bash ./scripts/ci/cleanup_cache.sh + release_and_deploy_to_nexus_and_s3: + name: "Make release and deploy to Nexus and S3 Staging Bucket" + runs-on: ubuntu-latest + needs: + - test_application + - test_distribution + - run_e2e_test + if: > + !(failure() || cancelled()) && + (github.ref_name == 'master' || startsWith(github.ref_name, 'release/')) && + github.event_name != 'pull_request' && + contains(github.event.head_commit.message, '[release]') + steps: + - uses: actions/checkout@v4 + with: + persist-credentials: false + - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.8.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/configure-git-author@v8.8.0 + with: + username: ${{ secrets.BOT_GITHUB_USERNAME }} + email: ${{ secrets.BOT_GITHUB_EMAIL }} + - name: "Build application" + run: mvn ${{ env.MAVEN_CLI_OPTS }} clean install -DskipTests -Dproject.revision.key=${{ github.sha }} -Dalfresco-platform.java.version=${{ env.JAVA_VERSION_SUPPORTED_BY_REPO }} + - name: "Make release and deploy to Nexus" + timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} + run: mvn ${{ env.MAVEN_CLI_OPTS }} -DreleaseVersion="${{ env.RELEASE_VERSION }}" -DdevelopmentVersion="${{ env.DEVELOPMENT_VERSION }}" -Dtag="${{ env.RELEASE_VERSION }}" -Dusername="${{ secrets.BOT_GITHUB_USERNAME }}" -Dpassword="${{ secrets.BOT_GITHUB_TOKEN }}" -DscmCommentPrefix="[maven-release-plugin][skip ci]" -DskipTests -Dproject.revision.key=${{ github.sha }} "-Darguments=-DskipTests -Dadditionalparam=-Xdoclint:none -Dproject.revision.key=${{ github.sha }} -Dalfresco-platform.java.version=${{ env.JAVA_VERSION_SUPPORTED_BY_REPO }}" release:prepare release:perform + - run: mkdir -p deploy_dir/community/hxinsight-connector/${{ env.RELEASE_VERSION }} + - name: "Move the final artifacts to a single folder (deploy_dir) to be copied to S3" + run: mv "distribution/target/alfresco-hxinsight-connector-distribution-${{ env.RELEASE_VERSION }}.zip" "deploy_dir/community/hxinsight-connector/${{ env.RELEASE_VERSION }}/" + - name: "Clone Alfresco/third-party-license-overrides" + run: git clone --depth=1 https://github.com/Alfresco/third-party-license-overrides.git + - uses: actions/setup-python@v5 + - name: "Create third party license csv file and add it to the deploy directory" + run: python3 ./third-party-license-overrides/thirdPartyLicenseCSVCreator.py --project "${{ github.workspace }}" --version "${{ env.RELEASE_VERSION }}" --combined --output "deploy_dir/community/hxinsight-connector/${{ env.RELEASE_VERSION }}" + - name: "Configure AWS credentials" + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_S3_STAGING_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.AWS_S3_STAGING_SECRET_KEY }} + aws-region: ${{ env.S3_BUCKET_REGION }} + - name: "Deploy to S3 Staging Bucket" + run: aws s3 cp --recursive --acl private ./deploy_dir s3://alfresco-artefacts-staging + - name: "Clean Maven cache" + run: bash ./scripts/ci/cleanup_cache.sh - # deploy_release_version_to_quay: - # name: "Deploy release version to quay.io" - # runs-on: ubuntu-latest - # needs: - # - test_application - # - test_distribution - # - run_e2e_test - # if: > - # !(failure() || cancelled()) && - # (github.ref_name == 'master' || startsWith(github.ref_name, 'release/')) && - # github.event_name != 'pull_request' && - # contains(github.event.head_commit.message, '[release]') - # steps: - # - uses: actions/checkout@v4 - # - uses: docker/setup-qemu-action@v3 - # - uses: docker/setup-buildx-action@v3 - # - name: "Login to Quay.io" - # uses: docker/login-action@v3 - # with: - # registry: quay.io - # username: ${{ secrets.QUAY_USERNAME }} - # password: ${{ secrets.QUAY_PASSWORD }} - # - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.8.0 - # - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 - # - name: "Build application" - # run: mvn ${{ env.MAVEN_CLI_OPTS }} clean install -DskipTests -Dproject.revision.key=${{ github.sha }} -Dalfresco-platform.java.version=${{ env.JAVA_VERSION_SUPPORTED_BY_REPO }} - # - name: "Deploy release version to quay.io" - # run: bash ./scripts/ci/releaseDockerImage.sh -v ${{ env.RELEASE_VERSION }} - # env: - # COMMIT_MESSAGE: ${{ github.sha }} - # - name: "Clean Maven cache" - # run: bash ./scripts/ci/cleanup_cache.sh + deploy_release_version_to_quay: + name: "Deploy release version to quay.io" + runs-on: ubuntu-latest + needs: + - test_application + - test_distribution + - run_e2e_test + if: > + !(failure() || cancelled()) && + (github.ref_name == 'master' || startsWith(github.ref_name, 'release/')) && + github.event_name != 'pull_request' && + contains(github.event.head_commit.message, '[release]') + steps: + - uses: actions/checkout@v4 + - uses: docker/setup-qemu-action@v3 + - uses: docker/setup-buildx-action@v3 + - name: "Login to Quay.io" + uses: docker/login-action@v3 + with: + registry: quay.io + username: ${{ secrets.QUAY_USERNAME }} + password: ${{ secrets.QUAY_PASSWORD }} + - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.8.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.8.0 + - name: "Build application" + run: mvn ${{ env.MAVEN_CLI_OPTS }} clean install -DskipTests -Dproject.revision.key=${{ github.sha }} -Dalfresco-platform.java.version=${{ env.JAVA_VERSION_SUPPORTED_BY_REPO }} + - name: "Deploy release version to quay.io" + run: bash ./scripts/ci/releaseDockerImage.sh -v ${{ env.RELEASE_VERSION }} + env: + COMMIT_MESSAGE: ${{ github.sha }} + - name: "Clean Maven cache" + run: bash ./scripts/ci/cleanup_cache.sh - # deploy_release: - # name: "Copy to S3 Downloads Bucket" - # runs-on: ubuntu-latest - # needs: - # - deploy_release_version_to_quay - # - release_and_deploy_to_nexus_and_s3 - # - publish_snapshot_artifacts - # - push_docker_images - # if: > - # !(failure() || cancelled()) && - # (github.ref_name == 'master' || startsWith(github.ref_name, 'release/')) && - # github.event_name != 'pull_request' && - # contains(github.event.head_commit.message, '[release]') - # steps: - # - uses: actions/checkout@v4 - # - name: "Configure AWS credentials" - # uses: aws-actions/configure-aws-credentials@v4 - # with: - # aws-access-key-id: ${{ secrets.AWS_S3_RELEASE_ACCESS_KEY_ID }} - # aws-secret-access-key: ${{ secrets.AWS_S3_RELEASE_SECRET_ACCESS_KEY }} - # aws-region: ${{ env.S3_BUCKET_REGION }} - # - run: set -x - # - name: "Check release version and copy to S3 Downloads Bucket" - # run: | - # if [[ ${{ env.RELEASE_VERSION }} =~ ^[0-9]+\.[0-9]+\.[0-9]+(\.[0-9]+)?$ ]]; then - # aws s3 cp --recursive --acl private --copy-props none "s3://alfresco-artefacts-staging/community/hxinsight-connector/${{ env.RELEASE_VERSION }}/" "s3://eu.dl.alfresco.com/release/community/hxinsight-connector/${{ env.RELEASE_VERSION }}/" - # fi + deploy_release: + name: "Copy to S3 Downloads Bucket" + runs-on: ubuntu-latest + needs: + - deploy_release_version_to_quay + - release_and_deploy_to_nexus_and_s3 + - publish_snapshot_artifacts + - push_docker_images + if: > + !(failure() || cancelled()) && + (github.ref_name == 'master' || startsWith(github.ref_name, 'release/')) && + github.event_name != 'pull_request' && + contains(github.event.head_commit.message, '[release]') + steps: + - uses: actions/checkout@v4 + - name: "Configure AWS credentials" + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_S3_RELEASE_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_S3_RELEASE_SECRET_ACCESS_KEY }} + aws-region: ${{ env.S3_BUCKET_REGION }} + - run: set -x + - name: "Check release version and copy to S3 Downloads Bucket" + run: | + if [[ ${{ env.RELEASE_VERSION }} =~ ^[0-9]+\.[0-9]+\.[0-9]+(\.[0-9]+)?$ ]]; then + aws s3 cp --recursive --acl private --copy-props none "s3://alfresco-artefacts-staging/community/hxinsight-connector/${{ env.RELEASE_VERSION }}/" "s3://eu.dl.alfresco.com/release/community/hxinsight-connector/${{ env.RELEASE_VERSION }}/" + fi diff --git a/.github/workflows/test.yml b/.github/workflows/nightly_tests_and_veracode.yml similarity index 100% rename from .github/workflows/test.yml rename to .github/workflows/nightly_tests_and_veracode.yml