Skip to content

Commit

Permalink
ci: move jenkins operations to GH (#10082)
Browse files Browse the repository at this point in the history 
* ci: move jenkins operations to GH

* ci: update token

* ci: adjust to allow building one resource at a time

* ci: adjust to allow building one resource at a time

* ci: adjust to allow building one resource at a time

* ci: initial organization of jans workdfloes
  • Loading branch information
@moabu
moabu authored Nov 14, 2024
1 parent 9801df4 commit f1b38fa
Show file tree
Hide file tree
Showing 53 changed files with 651 additions and 377 deletions.
9 changes: 9 additions & 0 deletions .github/maven-settings.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
<settings>
<servers>
<server>
<id>github</id>
<username>${env.GITHUB_ACTOR}</username>
<password>${env.JANS_TOKEN}</password>
</server>
</servers>
</settings>
0 .github/workflows/docker_build_image.yml → .github/workflows/build-docker-image.yml
View file
File renamed without changes.
0 .github/workflows/activate-nightly-build.yml → .github/workflows/build-nightly-build.yml
View file
File renamed without changes.
266 changes: 266 additions & 0 deletions .github/workflows/build-test.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,266 @@
name: Janssen Build & Test

on:
push:
branches:
- main
schedule:
- cron: '0 8 * * *'
pull_request:
branches:
- main
workflow_dispatch:
inputs:
project:
type: choice
options:
- "jans-bom"
- "jans-orm"
- "jans-core"
- "jans-lock/lock-server"
- "agama"
- "jans-auth-server"
- "jans-link"
- "jans-fido2"
- "jans-scim"
- "jans-keycloak-link"
- "jans-config-api"
- "jans-keycloak-integration"
- "jans-casa"
- "jans-bom jans-orm jans-core jans-lock/lock-server agama jans-auth-server jans-link jans-fido2 jans-scim jans-keycloak-link jans-config-api jans-keycloak-integration jans-casa"
description: 'Service'
required: true
default: "jans-bom jans-orm jans-core jans-lock/lock-server agama jans-auth-server jans-link jans-fido2 jans-scim jans-keycloak-link jans-config-api jans-keycloak-integration jans-casa"

jobs:
prep-matrix:
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
with:
egress-policy: audit
- id: set-matrix
run: |
projects="${{ github.event.inputs.project }}"
if [ -z "$projects" ]; then
projects="jans-bom jans-orm jans-core jans-lock/lock-server agama jans-auth-server jans-link jans-fido2 jans-scim jans-keycloak-link jans-config-api jans-keycloak-integration jans-casa"
fi
matrix="{\"include\":["
for project in $projects; do
matrix="$matrix{\"service\":\"$project\",\"maven_skip_tests\":true},"
done
matrix="${matrix%,}]}"
echo $matrix
echo "matrix=$matrix" >> $GITHUB_OUTPUT
build-with-disabled-tests:
runs-on: ubuntu-20.04
needs: prep-matrix
permissions:
contents: read
packages: write
env:
VERSION_NAME: main
MAVEN_SKIP_TESTS: true
PROFILE_NAME: "default"

strategy:
max-parallel: 1
matrix: ${{ fromJson(needs.prep-matrix.outputs.matrix) }}

steps:
- name: Harden Runner
uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
with:
egress-policy: audit
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ github.event.inputs.branch }}

- name: Set up Java 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'adopt'

- name: Set up Maven
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'adopt'
cache: 'maven'

- name: Build ${{ matrix.service }}
run: |
if [ "${{ github.event_name }}" == "pull_request" ]; then
mvn -f ${{ matrix.service }}/pom.xml -Dcfg=${{ env.PROFILE_NAME }} -Dmaven.test.skip=${{ matrix.maven_skip_tests }} clean install -Drevision=${{ github.head_ref }}-SNAPSHOT
else
mvn -f ${{ matrix.service }}/pom.xml -Dcfg=${{ env.PROFILE_NAME }} -Dmaven.test.skip=${{ matrix.maven_skip_tests }} clean install
fi
- name: Publish to GitHub Packages
run: mvn -B deploy -Dmaven.test.skip=${{ matrix.maven_skip_tests }} -Dcfg=${{ env.PROFILE_NAME }}
working-directory: ${{ matrix.service }}
env:
GITHUB_TOKEN: ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}

- name: Archive results
if: always()
uses: actions/upload-artifact@v4
with:
name: build-results
path: ${{ matrix.service }}/target

- name: Send notification on failure
if: failure()
run: echo "Build failed"

cleanup:
if: github.event_name == 'push' && github.event.ref == 'refs/heads/main'
runs-on: ubuntu-20.04
steps:
- name: Harden Runner
uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
with:
egress-policy: audit
- name: Clean up PR assets
run: |
# List all SNAPSHOT versions
versions=$(curl -s -H "Authorization: token ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/maven-metadata.xml" | grep -oP '(?<=<version>)[^<]+')
for version in $versions; do
if [[ $version == *-SNAPSHOT ]]; then
# Delete the version from GitHub Packages
curl -X DELETE -H "Authorization: token ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/io/jans/${{ matrix.service.project }}/$version"
fi
done
run-tests:
if: github.event_name == 'push' || github.event_name == 'pull_request' || (github.event_name == 'workflow_dispatch' && github.event.inputs.project == 'jans-bom, jans-orm, jans-core, jans-lock/lock-server, agama, jans-auth-server, jans-link, jans-fido2, jans-scim, jans-keycloak-link, jans-config-api, jans-keycloak-integration, jans-casa')
permissions: write-all
runs-on: ubuntu-20.04
env:
MAVEN_SKIP_TESTS: false
CONTAINER_NAME_SPANNER: ubuntu20-spanner
CONTAINER_NAME_CB: ubuntu20-couchbase
CONTAINER_NAME_LDAP: ubuntu20-ldap
CONTAINER_NAME_MYSQL: ubuntu20-mysql
CONTAINER_NAME_POSTGRESQL: ubuntu20-postgresql
DEVELOPMENT_BUILD: true
SKIP_FINDBUGS: true
DEPENDENCY_CHECK: true
VERSION_NAME: main
PROFILE_NAME: default
strategy:
max-parallel: 5
matrix:
persistence:
- "MYSQL"
- "PGSQL"
fail-fast: false
steps:
- name: Harden Runner
uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
with:
egress-policy: audit
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ github.event.inputs.branch }}

- name: Set up Java 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'adopt'

- name: Set up Maven
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'adopt'
cache: 'maven'

- name: Set up Go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: 1.18

- name: Import GPG key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0
with:
gpg_private_key: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY_PASSPHRASE }}
git_user_signingkey: true
git_commit_gpgsign: true

- name: Configure Git
run: |
git config --global user.name "mo-auto"
git config --global user.email "[email protected]"
git config --global user.signingkey "${{ steps.import_gpg.outputs.keyid }}"
echo "${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" | gh auth login --with-token
- name: Run Jans Monolith
env:
JANS_FQDN: demoexample.jans.io
EXT_IP: $(ifconfig eth0 | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1')
JANS_BUILD_COMMIT: main
run: |
export ip=$(ifconfig eth0 | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1')
sudo chmod a+x automation/startjanssenmonolithdemo.sh
sudo RUN_TESTS=true bash ./automation/startjanssenmonolithdemo.sh "demoexample.jans.io" "${{ matrix.persistence }}" "$ip" "${{ github.sha }}"
echo "generating rdbms docs for ${{ matrix.persistence-backends }}..."
git clone https://mo-auto:${{ secrets.MOAUTO_WORKFLOW_TOKEN }}@github.com/JanssenProject/jans.git
cd jans
git config pull.rebase true
git checkout -b cn-jans-update-${{ matrix.persistence-backends }}-auto-generated-docs || echo "Branch exists"
git pull origin cn-jans-update-${{ matrix.persistence-backends }}-auto-generated-docs || echo "Nothing to pull"
sudo bash ./automation/docs/generate-rdbms-docs.sh "$persistence" || echo "generating rdbms docs failed for ${{ matrix.persistence-backends }}!!!"
git add . || echo "generating rdbms docs failed !!!"
git commit -a -S -m "docs: auto-generated ${{ matrix.persistence-backends }} docs" || echo "Nothing to commit"
git push --set-upstream origin cn-jans-update-${{ matrix.persistence-backends }}-auto-generated-docs || echo "generating rdbms docs failed !!!"
MESSAGE="fix(docs): autogenerate ${{ matrix.persistence-backends }} RDBMS docs"
gh pr create --body "Auto generated RDBMS docs" --title "${MESSAGE}" || echo "PR exists"
cd ..
echo "generating rdbms docs for ${{ matrix.persistence-backends }} done"
export JANS_URL=https://demoexample.jans.io
export JANS_CLIENT_ID=9876baac-de39-4c23-8a78-674b59df8c09
export JANS_CLIENT_SECRET=1t5Fin3#security
export JANS_INSECURE_CLIENT=true
export TF_ACC=1
cd terraform-provider-jans
go install github.com/jstemmer/go-junit-report/v2@latest
go test -v 2>&1 ./... | go-junit-report > /tmp/reports/${{ matrix.persistence-backends }}report.xml
cd ..
- name: List Reports
run: |
ls /tmp/reports/
- name: Upload Test Results
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.persistence }}-test-results
path: /tmp/reports

- name: Publish Test Report ${{ matrix.persistence }}
uses: starburstdata/action-testng-report@v1
with:
report_paths: /tmp/reports/${{ matrix.persistence }}*.xml
github_token: ${{ github.token }}
fail_if_empty: false

# - name: Publish Test Report Surefire
# uses: scacap/action-surefire-report@v1
# if: success() || failure()
# with:
# github_token: ${{ github.token }}
# report_paths: /tmp/reports/**.xml
100 changes: 0 additions & 100 deletions .github/workflows/build-wars.yml
View file

This file was deleted.

Loading

0 comments on commit f1b38fa

Please sign in to comment.