chore(deps): upgrade Alfresco/hxp-studio-services to version 7.19.0-a… #9022
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| push: | |
| branches: | |
| - develop | |
| pull_request: | |
| branches: | |
| - develop | |
| types: | |
| - opened | |
| - reopened | |
| - synchronize | |
| - labeled | |
| env: | |
| CHART_DIR: "helm/alfresco-process-infrastructure" | |
| HELM_REPO_BASE_URL: https://kubernetes-charts.alfresco.com | |
| HELM_REPO: Alfresco/charts | |
| HELM_REPO_BRANCH: master | |
| HELM_REPO_SUBFOLDER: incubator | |
| jobs: | |
| pre-checks: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
| - name: Check dependabot build | |
| uses: Activiti/Activiti/.github/actions/check-ext-build@7700f0283a9ff5181581a350d2520e55c61c1c60 # 8.6.0 | |
| - name: Setup Helm Docs | |
| uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@209bb4275688720e13dc0703dbd17826bf677c5c # v6.1.0 | |
| with: | |
| version: 1.13.1 | |
| - name: pre-commit | |
| uses: Alfresco/alfresco-build-tools/.github/actions/pre-commit@209bb4275688720e13dc0703dbd17826bf677c5c # v6.1.0 | |
| with: | |
| skip_checkout: true | |
| - name: Run Checkov | |
| uses: bridgecrewio/checkov-action@e1bb78184f5dd3690fb1089d6c4f51295f9dff48 # v12.1839.0 | |
| with: | |
| framework: kubernetes | |
| - name: Ensure SHA pinned actions | |
| uses: zgosalvez/github-actions-ensure-sha-pinned-actions@38608ef4fb69adae7f1eac6eeb88e67b7d083bfd # v3.0.16 | |
| validate: | |
| needs: pre-checks | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
| - uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 | |
| with: | |
| path: ~/.m2/repository | |
| key: ${{ runner.os }}-maven-validate-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-maven-validate- | |
| - uses: Alfresco/alfresco-build-tools/.github/actions/validate-maven-versions@209bb4275688720e13dc0703dbd17826bf677c5c # v6.1.0 | |
| with: | |
| maven-username: ${{ secrets.NEXUS_USERNAME }} | |
| maven-password: ${{ secrets.NEXUS_PASSWORD }} | |
| - name: Save maven cache | |
| uses: actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 | |
| if: github.event_name == 'push' | |
| with: | |
| path: ~/.m2/repository | |
| key: ${{ runner.os }}-maven-validate-${{ hashFiles('**/pom.xml') }} | |
| build: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - pre-checks | |
| - validate | |
| env: | |
| TARGET_CHARTS_PATH: charts | |
| steps: | |
| - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
| - name: Build | |
| uses: Alfresco/alfresco-build-tools/.github/actions/helm-build-chart@209bb4275688720e13dc0703dbd17826bf677c5c # v6.1.0 | |
| with: | |
| chart-dir: ${{ env.CHART_DIR }} | |
| - name: Setup Cluster | |
| uses: Alfresco/alfresco-build-tools/.github/actions/setup-kind@209bb4275688720e13dc0703dbd17826bf677c5c # v6.1.0 | |
| - name: Compute Keycloak Client Secret | |
| id: compute-keycloak-secret | |
| run: echo "result=$(uuidgen)" >> $GITHUB_OUTPUT | |
| - name: Execute helm upgrade dry-run | |
| env: | |
| CHART_DIR: ${{ env.CHART_DIR }} | |
| NAMESPACE: "test" | |
| DOMAIN: "example" | |
| KEYCLOAK_SECRET: ${{ steps.compute-keycloak-secret.outputs.result }} | |
| shell: bash | |
| run: | | |
| NAMESPACE_LOWERCASE=$(echo ${NAMESPACE} | tr "[:upper:]" "[:lower:]") | |
| helm upgrade $NAMESPACE_LOWERCASE $CHART_DIR \ | |
| --install \ | |
| --set global.gateway.domain=$DOMAIN \ | |
| --set global.keycloak.clientSecret=$KEYCLOAK_SECRET \ | |
| --namespace $NAMESPACE_LOWERCASE \ | |
| --wait \ | |
| --dry-run | |
| - name: Package Helm Chart | |
| id: package-helm-chart | |
| uses: Alfresco/alfresco-build-tools/.github/actions/helm-package-chart@209bb4275688720e13dc0703dbd17826bf677c5c # v6.1.0 | |
| with: | |
| chart-dir: ${{ env.CHART_DIR }} | |
| release: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| outputs: | |
| version: ${{ steps.calculate-next-internal-version.outputs.next-prerelease }} | |
| steps: | |
| - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
| - name: Parse next release | |
| id: helm-parse-next-release | |
| uses: Alfresco/alfresco-build-tools/.github/actions/helm-parse-next-release@209bb4275688720e13dc0703dbd17826bf677c5c # v6.1.0 | |
| with: | |
| chart-dir: ${{ env.CHART_DIR }} | |
| - id: calculate-next-internal-version | |
| name: Calculate next internal release | |
| uses: Alfresco/alfresco-build-tools/.github/actions/calculate-next-internal-version@209bb4275688720e13dc0703dbd17826bf677c5c # v6.1.0 | |
| with: | |
| next-version: ${{ steps.helm-parse-next-release.outputs.next-release }} | |
| - id: helm-release-and-publish | |
| name: Release and publish helm chart | |
| uses: Alfresco/alfresco-build-tools/.github/actions/helm-release-and-publish@209bb4275688720e13dc0703dbd17826bf677c5c # v6.1.0 | |
| with: | |
| version: ${{ steps.calculate-next-internal-version.outputs.next-prerelease }} | |
| chart-dir: ${{ env.CHART_DIR }} | |
| helm-repository: ${{ env.HELM_REPO }} | |
| helm-repository-branch: ${{ env.HELM_REPO_BRANCH }} | |
| helm-repository-subfolder: ${{ env.HELM_REPO_SUBFOLDER }} | |
| helm-repository-base-url: ${{ env.HELM_REPO_BASE_URL }} | |
| helm-repository-token: ${{ secrets.BOT_GITHUB_TOKEN }} | |
| git-username: ${{ secrets.BOT_GITHUB_USERNAME }} | |
| do-push: ${{ github.event_name == 'push' }} | |
| promote: | |
| runs-on: ubuntu-latest | |
| needs: release | |
| if: github.event_name == 'push' | |
| env: | |
| VERSION: ${{ needs.release.outputs.version }} | |
| DEVELOPMENT_BRANCH: ${{ github.ref_name }} | |
| steps: | |
| - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
| - id: get-versions | |
| working-directory: helm/alfresco-process-infrastructure | |
| run: | | |
| CHART_VERSION=`yq '.dependencies | map(select(.name == "common")) | .[0].version' Chart.yaml` | |
| echo ${CHART_VERSION} | |
| echo "chart=${CHART_VERSION}" >> $GITHUB_OUTPUT | |
| DEPLOYMENT_VERSION=`yq '.alfresco-deployment-service.image.tag' values.yaml` | |
| echo ${DEPLOYMENT_VERSION} | |
| echo "deployment=${DEPLOYMENT_VERSION}" >> $GITHUB_OUTPUT | |
| MODELING_VERSION=`yq '.alfresco-modeling-service.image.tag' values.yaml` | |
| echo ${MODELING_VERSION} | |
| echo "modeling=${MODELING_VERSION}" >> $GITHUB_OUTPUT | |
| - uses: Alfresco/alfresco-build-tools/.github/actions/jx-updatebot-pr@209bb4275688720e13dc0703dbd17826bf677c5c # v6.1.0 | |
| env: | |
| ACTIVITI_CLOUD_COMMON_CHART_VERSION: ${{ steps.get-versions.outputs.chart }} | |
| ALFRESCO_DEPLOYMENT_SERVICE_VERSION: ${{ steps.get-versions.outputs.deployment }} | |
| ALFRESCO_MODELING_SERVICE_VERSION: ${{ steps.get-versions.outputs.modeling }} | |
| with: | |
| version: ${{ env.VERSION }} | |
| auto-merge: 'true' | |
| labels: 'be-propagation,${{ env.DEVELOPMENT_BRANCH }}' | |
| base-branch-name: ${{ env.DEVELOPMENT_BRANCH }} | |
| git-username: ${{ secrets.BOT_GITHUB_USERNAME }} | |
| git-token: ${{ secrets.BOT_GITHUB_TOKEN }} | |
| git-author-name: ${{ secrets.BOT_GITHUB_USERNAME }} | |
| notify: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - release | |
| - promote | |
| if: always() && failure() && github.event_name == 'push' | |
| steps: | |
| - name: Slack Notification | |
| uses: Alfresco/alfresco-build-tools/.github/actions/send-slack-notification@209bb4275688720e13dc0703dbd17826bf677c5c # v6.1.0 | |
| with: | |
| channel-id: 'C03PMT6APFU' # eng-hxp-studio-activiti-gh-notifs, to be renamed eng-automate-activiti-gh-notifs | |
| token: ${{ secrets.SLACK_NOTIFICATION_BOT_TOKEN }} |