Skip to content

fix(deps): update dependency io.camunda:zeebe-process-test-extension to v8.6.4 #1072

fix(deps): update dependency io.camunda:zeebe-process-test-extension to v8.6.4

fix(deps): update dependency io.camunda:zeebe-process-test-extension to v8.6.4 #1072

Workflow file for this run

---
name: build
on:
push:
branches:
- main
- stable/*
- release-*
- trying
- staging
pull_request: {}
workflow_dispatch:
inputs:
deployToDev:
description: 'Click here if you want to test a feature in the development environment prior to merge'
type: boolean
required: false
default: 'false'
defaults:
run:
# use bash shell by default to ensure pipefail behavior is the default
# see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference
shell: bash
# variables for later use
env:
vault_secret_path: ${{ inputs.deployToDev && 'secret/data/products/zeebe/ci/testbench-secrets-1.x-dev' || 'secret/data/products/zeebe/ci/testbench-secrets-1.x-prod' }}
docker_tag: ${{ inputs.deployToDev && '1.x-dev' || '1.x-prod' }}
should_deploy_infra: ${{ (github.repository == 'zeebe-io/zeebe-cluster-testbench' && (github.ref == 'refs/heads/main' || contains(github.ref, 'ref/heads/stable/') || inputs.deployToDev)) && 'true' || 'false' }}
jobs:
build:
runs-on: ubuntu-latest
permissions:
checks: write
pull-requests: write
contents: 'read'
id-token: 'write'
steps:
- name: Echo inputs
run: |
echo "Inputs"
echo "-----"
echo "Deploy to dev?: ${{ inputs.deployToDev }}"
- uses: actions/checkout@v4
- name: Import Secrets
id: secrets # important to refer to it in later steps
uses: hashicorp/[email protected]
with:
url: ${{ secrets.VAULT_ADDR }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
exportEnv: false # we rely on step outputs, no need for environment variables
secrets: |
secret/data/products/zeebe/ci/zeebe ARTIFACTS_USR;
secret/data/products/zeebe/ci/zeebe ARTIFACTS_PSW;
${{ env.vault_secret_path }} clientSecret;
${{ env.vault_secret_path }} cloudClientSecret;
${{ env.vault_secret_path }} contactPoint;
${{ env.vault_secret_path }} internalCloudClientSecret;
${{ env.vault_secret_path }} internalCloudPassword;
${{ env.vault_secret_path }} slackWebhookUrl;
- name: Setup Maven
uses: s4u/[email protected]
with:
java-version: '21'
distribution: 'temurin'
# Use CI Nexus as co-located pull-through cache for Maven artifacts via ~/.m2/settings.xml
- name: Create Maven Settings
uses: s4u/[email protected]
with:
githubServer: false
servers: |
[{
"id": "camunda-nexus",
"username": "${{ steps.secrets.outputs.ARTIFACTS_USR }}",
"password": "${{ steps.secrets.outputs.ARTIFACTS_PSW }}"
}]
mirrors: '[{"url": "https://repository.nexus.camunda.cloud/content/groups/internal/", "id": "camunda-nexus", "mirrorOf": "zeebe,zeebe-snapshots", "name": "camunda Nexus"}]'
- name: Run Tests
run: |
mvn -B install -Dsurefire.rerunFailingTestsCount=5
env:
MAVEN_USERNAME: ${{ steps.secrets.outputs.ARTIFACTS_USR }}
MAVEN_PASSWORD: ${{ steps.secrets.outputs.ARTIFACTS_PSW }}
- name: Publish Test Results
uses: EnricoMi/publish-unit-test-result-action@v2
if: always() # Publish results even if the job fails or is canceled
with:
files: |
**/target/surefire-reports/*.xml
**/target/failsafe-reports/TEST-*.xml
- name: Deploy Snapshot Artifacts
if: env.should_deploy_infra == 'true'
run: |
mvn -B -DskipTests generate-sources source:jar javadoc:jar deploy
env:
MAVEN_USERNAME: ${{ steps.secrets.outputs.ARTIFACTS_USR }}
MAVEN_PASSWORD: ${{ steps.secrets.outputs.ARTIFACTS_PSW }}
- uses: google-github-actions/auth@v2
if: env.should_deploy_infra == 'true'
name: GCP Login
id: auth
with:
token_format: 'access_token'
workload_identity_provider: 'projects/628707732411/locations/global/workloadIdentityPools/testbench-identity-pool/providers/testbench-identity-provider'
service_account: '[email protected]'
- name: Login to GCR
if: env.should_deploy_infra == 'true'
uses: docker/login-action@v3
with:
registry: gcr.io
username: oauth2accesstoken
password: ${{ steps.auth.outputs.access_token }}
- name: Build (and optionally Push) to Docker Registry
uses: docker/build-push-action@v6
with:
push: '${{ env.should_deploy_infra }}'
context: .
tags: 'gcr.io/zeebe-io/zeebe-cluster-testbench:${{ env.docker_tag }}'
- uses: google-github-actions/[email protected]
if: env.should_deploy_infra == 'true'
with:
cluster_name: 'zeebe-cluster'
location: 'europe-west1-b'
- name: Deploy Infrastructure
if: env.should_deploy_infra == 'true'
run: |
.ci/scripts/deploy.sh "${{ env.docker_tag }}"
env:
CLIENT_SECRET: ${{ steps.secrets.outputs.clientSecret }}
CLOUD_CLIENT_SECRET: ${{ steps.secrets.outputs.cloudClientSecret }}
CONTACT_POINT: ${{ steps.secrets.outputs.contactPoint }}
INTERNAL_CLOUD_CLIENT_SECRET: ${{ steps.secrets.outputs.internalCloudClientSecret }}
INTERNAL_CLOUD_PASSWORD: ${{ steps.secrets.outputs.internalCloudPassword }}
SLACK_WEBHOOK_URL: ${{ steps.secrets.outputs.slackWebhookUrl }}
TESTBENCH_REST_ADDRESS: ${{ steps.secrets.outputs.testbenchRestAddress }}
# DRY_RUN: 'true'
- name: Send Slack notification
# only runs if there's a failure in the workflow
if: failure() && github.repository == 'zeebe-io/zeebe-cluster-testbench' && (github.ref == 'refs/heads/main' || contains(github.ref, 'ref/heads/stable/'))
uses: 8398a7/action-slack@v3
with:
status: failure
channel: '#zeebe-ci'
fields: repo,action,eventName,ref,workflow
env:
SLACK_WEBHOOK_URL: ${{ steps.secrets.outputs.slackWebhookUrl }}
test-summary:
# Check all tests, including the unit test matrix.
# New test jobs must be added to the `needs` lists!
name: Test summary
runs-on: ubuntu-latest
needs:
- build
steps:
- run: exit 0
auto-merge:
name: Auto-merge dependabot PRs
runs-on: ubuntu-latest
needs: [ build ]
if: github.repository == 'zeebe-io/zeebe-cluster-testbench' && github.actor == 'dependabot[bot]'
permissions:
checks: read
pull-requests: write
steps:
- uses: actions/checkout@v4
- id: metadata
name: Fetch dependency metadata
uses: dependabot/[email protected]
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
- id: merge
name: Merge PR
if: steps.metadata.outputs.update-type != 'version-update:semver-major'
run: gh pr merge ${{ github.event.pull_request.number }} --merge
env:
GITHUB_TOKEN: "${{secrets.AUTO_MERGE_GITHUB_TOKEN}}"