-
Notifications
You must be signed in to change notification settings - Fork 24
134 lines (114 loc) · 6.28 KB
/
httpsUnitTests.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
name: https unit tests
on:
pull_request:
branches:
- "master"
- "candidate-*"
workflow_dispatch:
jobs:
test-against-platform:
runs-on: ubuntu-latest
steps:
- name: Setup JDK 11
uses: actions/setup-java@v1
with:
java-version: 11
- name: Install K8s
uses: balchua/[email protected]
with:
channel: '1.26/stable'
devMode: 'true'
addons: '["dns", "rbac", "hostpath-storage", "registry"]'
# Note: IP Address range below is the IP address range that will be made available for load balancers
# on the host machine, they aren't actual load balancers so they will not be accessible externally
- name: Enable LoadBalancers
run: |
sudo microk8s enable metallb:10.64.140.43-10.64.140.49
- name: Install JetStack Cert Manager
run: |
helm repo add jetstack https://charts.jetstack.io
helm repo update
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.11.0/cert-manager.crds.yaml
helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --version v1.11.0
- name: Create Root Certificates
run: |
echo "[req]
default_bits = 2048
default_keyfile = ca.key
distinguished_name = dn
prompt = no
x509_extensions = x509_ca
[dn]
C = US
ST = GA
L = Alparetta
O = Lexis Nexis Risk
OU = Platform Development
CN = TestCluster
emailAddress = [email protected]
[x509_ca]
basicConstraints=CA:true,pathlen:1" > ca-req.cfg
openssl req -x509 -newkey rsa:2048 -nodes -keyout ca.key -sha256 -days 1825 -out ca.crt -config ca-req.cfg
kubectl create secret tls hpcc-signing-issuer-key-pair --cert=ca.crt --key=ca.key
kubectl create secret tls hpcc-local-issuer-key-pair --cert=ca.crt --key=ca.key
sudo keytool -import -trustcacerts -cacerts -storepass changeit -noprompt -alias hpcc-local-issuer -file ca.crt
- name: Install HPCC Cluster
run: |
echo -e "certificates:\n enabled: true\ndafilesrv:\n - name: rowservice\n disabled: false\n application: stream\n service:\n servicePort: 7600\n visibility: global" > values.yaml
helm repo add hpcc https://hpcc-systems.github.io/helm-chart
helm repo update
helm install myhpcc hpcc/hpcc --set global.image.version=latest -f values.yaml
- uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 0
- name: Rebase
run: |
git config user.email '[email protected]'
git config user.name 'hpccsystems development'
git rebase origin/${{ github.event.pull_request.base.ref }}
git log --pretty=one -n 15
- name: Wait for ECLWatch Startup
run: |
echo "Waiting for ECLWatch startup" && kubectl wait --for=condition=ready pod --timeout=180s -l app=eclwatch
echo "Waiting for Rowservice startup" && kubectl wait --for=condition=ready pod --timeout=180s -l server=rowservice
echo "Waiting for SQL2ECL startup" && kubectl wait --for=condition=ready pod --timeout=180s -l app=sql2ecl
echo "ECLWATCH_IP=$(kubectl get svc eclwatch -o jsonpath='{.spec.clusterIP}')" >> $GITHUB_ENV
echo "ROWSERVICE_IP=$(kubectl get svc rowservice -o jsonpath='{.spec.clusterIP}')" >> $GITHUB_ENV
echo "SQL_TO_ECL_IP=$(kubectl get svc sql2ecl -o jsonpath='{.spec.clusterIP}')" >> $GITHUB_ENV
kubectl get pods
kubectl get svc
- name: Add Host File Entries
run: |
sudo -- sh -c -e "echo '${{ env.ECLWATCH_IP }} eclwatch.default' >> /etc/hosts";
sudo -- sh -c -e "echo '${{ env.ROWSERVICE_IP }} rowservice.default' >> /etc/hosts";
sudo -- sh -c -e "echo '${{ env.SQL_TO_ECL_IP }} sql2ecl.default' >> /etc/hosts";
# Notes:
# Using keytool -import -cacerts doesn't work as expected, need to specify the cacerts path explicitly
# Path changed between JDK 8 & 11, Command for JDK 8:
# sudo keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -alias eclwatch-tls -file cert.der
- name: Trust Certs
run: |
openssl s_client -showcerts -connect eclwatch.default:8010 < /dev/null | openssl x509 -outform DER > cert.der
sudo keytool -import -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt -alias eclwatch-tls -file cert.der
openssl s_client -showcerts -connect rowservice.default:7600 < /dev/null | openssl x509 -outform DER > cert.der
sudo keytool -import -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt -alias dafilesrv-tls -file cert.der
openssl s_client -showcerts -connect sql2ecl.default:8510 < /dev/null | openssl x509 -outform DER > cert.der
sudo keytool -import -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt -alias sqltoecl-tls -file cert.der
# speed things up with caching from https://docs.github.com/en/actions/guides/building-and-testing-java-with-maven
- name: Cache Maven packages
uses: actions/cache@v2
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
- name: Build with Maven
env:
CUSTOM_MVN_OPTIONS_SECRET : ${{ secrets.CUSTOM_MVN_OPTIONS }}
CUSTOM_MVN_OPTIONS_ENV : ${{ vars.CUSTOM_MVN_OPTIONS }}
#run: mvn -B --activate-profiles jenkins-on-demand -Dmaven.gpg.skip=true -Dmaven.javadoc.skip=true -Dmaven.test.failure.ignore=false -Dhpccconn=https://eclwatch.default:8010 -Dwssqlconn=https://sql2ecl.default:8510 ${{ env.CUSTOM_MVN_OPTIONS }} install
run: |
echo "VARIABLE: env.CUSTOM_MVN_OPTIONS_SECRET: ${{ env.CUSTOM_MVN_OPTIONS_SECRET }}"
echo "VARIABLE: env.CUSTOM_MVN_OPTIONS_ENV: ${{ env.CUSTOM_MVN_OPTIONS_ENV }}"
echo "direct: vars.CUSTOM_MVN_OPTIONS: ${{ vars.CUSTOM_MVN_OPTIONS }}"
echo "direct: secrets.CUSTOM_MVN_OPTIONS: ${{ secrets.CUSTOM_MVN_OPTIONS }}"