-
Notifications
You must be signed in to change notification settings - Fork 20
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #199 from jfrog/migrate-to-tests-to-github-workflow
Add GitHub workflow for acceptance tests
- Loading branch information
Showing
5 changed files
with
196 additions
and
131 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,170 @@ | ||
| on: | ||
| pull_request: | ||
| branches: | ||
| - master | ||
| types: [opened,synchronize] | ||
| paths: | ||
| - '**.go' | ||
| workflow_dispatch: | ||
|
|
||
| name: Vault Acceptance Tests | ||
|
|
||
| jobs: | ||
| acceptance-tests: | ||
| runs-on: ubuntu-latest | ||
| continue-on-error: false | ||
| environment: development | ||
| outputs: | ||
| vault_version: ${{ steps.get_vault_cli_version.outputs.version }} | ||
| artifactory_version: ${{ steps.run_artifactory_container.outputs.version }} | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
| - name: Unshallow | ||
| run: git fetch --prune --unshallow | ||
| - name: Set up Go | ||
| uses: actions/setup-go@v5 | ||
| with: | ||
| go-version: 1.21 | ||
| - name: Install Helm | ||
| uses: azure/[email protected] | ||
| - name: Install Vault CLI | ||
| uses: eLco/setup-vault@v1 | ||
| - name: Get Vault CLI version | ||
| id: get_vault_cli_version | ||
| run: | | ||
| VAULT_VERSION=$(vault version | grep -o -E "v\d+\.\d+\.\d+") | ||
| echo "version=$VAULT_VERSION" >> "$GITHUB_OUTPUT" | ||
| - name: Install GoReleaser | ||
| uses: goreleaser/goreleaser-action@v6 | ||
| with: | ||
| install-only: true | ||
| - name: Create Artifactory data directories and copy data | ||
| env: | ||
| ARTIFACTORY_LICENSE: ${{ secrets.ARTIFACTORY_LICENSE }} | ||
| run: | | ||
| mkdir -p ${{ runner.temp }}/artifactory/extra_conf | ||
| mkdir -p ${{ runner.temp }}/artifactory/var/etc | ||
| echo $ARTIFACTORY_LICENSE > ${{ runner.temp }}/artifactory/extra_conf/artifactory.lic | ||
| cp ${{ github.workspace }}/scripts/system.yaml ${{ runner.temp }}/artifactory/var/etc/system.yaml | ||
| sudo chown -R 1030:1030 ${{ runner.temp }}/artifactory/var | ||
| - name: Run Artifactory container | ||
| id: run_artifactory_container | ||
| run: | | ||
| echo "Get latest Artifactory image tag" | ||
| helm repo add artifactory https://charts.jfrog.io | ||
| helm repo update | ||
| ARTIFACTORY_VERSION=$(helm search repo | grep "artifactory " | awk '{$1=$1};1' | cut -f3 -d " ") | ||
| echo "version=$ARTIFACTORY_VERSION" >> "$GITHUB_OUTPUT" | ||
| echo "Start up Artifactory container" | ||
| docker run -i --name artifactory -d --rm \ | ||
| -v ${{ runner.temp }}/artifactory/extra_conf:/artifactory_extra_conf \ | ||
| -v ${{ runner.temp }}/artifactory/var:/var/opt/jfrog/artifactory \ | ||
| -p 8081:8081 -p 8082:8082 \ | ||
| releases-docker.jfrog.io/jfrog/artifactory-pro:${ARTIFACTORY_VERSION} | ||
| echo "Set localhost to a container IP address, since we run docker inside of docker" | ||
| export LOCALHOST=$(docker inspect -f '{{range.NetworkSettings.Networks}}{{.Gateway}}{{end}}' artifactory) | ||
| export JFROG_URL="http://${LOCALHOST}:8082" | ||
| echo "JFROG_URL=$JFROG_URL" >> "$GITHUB_ENV" | ||
| echo "Waiting for Artifactory services to start at ${JFROG_URL}" | ||
| until $(curl -sf -o /dev/null -m 5 ${JFROG_URL}/artifactory/api/system/ping/); do | ||
| printf '.' | ||
| sleep 5 | ||
| done | ||
| echo "Waiting for Artifactory UI to start" | ||
| until $(curl -sf -o /dev/null -m 5 ${JFROG_URL}/ui/login/); do | ||
| printf '.' | ||
| sleep 5 | ||
| done | ||
| export COOKIES=$(curl -s -c - "${JFROG_URL}/ui/api/v1/ui/auth/login?_spring_security_remember_me=false" \ | ||
| --header "accept: application/json, text/plain, */*" \ | ||
| --header "content-type: application/json;charset=UTF-8" \ | ||
| --header "x-requested-with: XMLHttpRequest" \ | ||
| -d '{"user":"admin","password":"'"${{ secrets.ARTIFACTORY_PASSWORD }}"'","type":"login"}' | grep FALSE) | ||
| export REFRESHTOKEN=$(echo $COOKIES | grep REFRESHTOKEN | awk '{print $7}') | ||
| export ACCESSTOKEN=$(echo $COOKIES | grep ACCESSTOKEN | awk '{print $14}') | ||
| export JFROG_ACCESS_TOKEN=$(curl -s -g --request GET "${JFROG_URL}/ui/api/v1/system/security/token?services[]=all" \ | ||
| --header "accept: application/json, text/plain, */*" \ | ||
| --header "x-requested-with: XMLHttpRequest" \ | ||
| --header "cookie: ACCESSTOKEN=${ACCESSTOKEN}; REFRESHTOKEN=${REFRESHTOKEN}") | ||
| echo "::add-mask::$JFROG_ACCESS_TOKEN" | ||
| echo "JFROG_ACCESS_TOKEN=$JFROG_ACCESS_TOKEN" >> "$GITHUB_ENV" | ||
| - name: Execute acceptance tests | ||
| run: make acceptance | ||
| - name: Clean up Docker container | ||
| if: always() && ${{ steps.run_artifactory_container.outcome == 'success' }} | ||
| run: docker stop artifactory | ||
| - name: Send workflow status to Slack | ||
| uses: slackapi/[email protected] | ||
| if: always() | ||
| with: | ||
| payload: | | ||
| { | ||
| "text": "${{ github.workflow }} https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}/job/${{ github.job }} GitHub Action result: ${{ job.status == 'success' && ':white_check_mark:' || ':x:' }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}", | ||
| "blocks": [ | ||
| { | ||
| "type": "section", | ||
| "text": { | ||
| "type": "mrkdwn", | ||
| "text": "${{ github.workflow }} <https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}/job/${{ github.job }}| GitHub Action result>: ${{ job.status == 'success' && ':white_check_mark:' || ':x:' }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}" | ||
| } | ||
| } | ||
| ] | ||
| } | ||
| env: | ||
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_PR_WEBHOOK }} | ||
| SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK | ||
|
|
||
| update-changelog: | ||
| runs-on: ubuntu-latest | ||
| needs: acceptance-tests | ||
| if: ${{ github.event_name == 'pull_request' }} && ${{ needs.acceptance-tests.result == 'success' }} | ||
| permissions: | ||
| contents: write | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 | ||
| ref: ${{ github.event.pull_request.head.ref }} | ||
| - name: Update CHANGELOG and push commit | ||
| env: | ||
| ARTIFACTORY_VERSION: ${{ needs.acceptance-tests.outputs.artifactory_version }} | ||
| VAULT_VERSION: ${{ needs.acceptance-tests.outputs.vault_version }} | ||
| run: | | ||
| echo "Adding Artifactory version to CHANGELOG.md" | ||
| sed -i -E "0,/(##\s.+\..+\..+\s\(.+\)).*/ s/(##\s.+\..+\..+\s\(.+\)).*/\1. Tested on Artifactory $ARTIFACTORY_VERSION with Vault $VAULT_VERSION/" CHANGELOG.md | ||
| head -10 CHANGELOG.md | ||
| git add CHANGELOG.md | ||
| export REGEX="Changes to be committed*" | ||
| export GIT_STATUS=$(git status) | ||
| if [[ ${GIT_STATUS} =~ ${REGEX} ]]; then | ||
| echo "Commiting changes" | ||
| git config --global user.name 'JFrog CI' | ||
| git config --global user.email '[email protected]' | ||
| git config --get user.name | ||
| git config --get user.email | ||
| git commit --author="JFrog CI <[email protected]>" -m "JFrog Pipelines - Add Artifactory version to CHANGELOG.md" | ||
| git push | ||
| else | ||
| echo "There is nothing to commit: Artifactory version hadn't changed." | ||
| fi | ||
| - name: Send workflow status to Slack | ||
| uses: slackapi/[email protected] | ||
| if: success() | ||
| with: | ||
| payload: | | ||
| { | ||
| "text": "Vault Artifactory Secrets Plugin. A new PR was submitted by ${{ github.event.pull_request.user.login }} - ${{ github.event.pull_request.html_url }}, branch ${{ github.event.pull_request.base.ref }}. Changes tested successfully. <@U01H1SLSPA8> or <@UNDRUL1EU> please, review and merge.", | ||
| "blocks": [ | ||
| { | ||
| "type": "section", | ||
| "text": { | ||
| "type": "mrkdwn", | ||
| "text": "<http://github.com/${{ github.repository }}|Vault Artifactory Secrets Plugin>. A new PR was submitted by *${{ github.event.pull_request.user.login }}* - <${{ github.event.pull_request.html_url }}|${{ github.event.pull_request.title }}>, branch *${{ github.event.pull_request.base.ref }}*. Changes tested successfully. <@U01H1SLSPA8> or <@UNDRUL1EU> please, review and merge." | ||
| } | ||
| } | ||
| ] | ||
| } | ||
| env: | ||
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_PR_WEBHOOK }} | ||
| SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -6,33 +6,30 @@ on: | |
| push: | ||
| tags: | ||
| - 'v*' | ||
|
|
||
| jobs: | ||
| goreleaser: | ||
| runs-on: ubuntu-latest | ||
| if: startsWith(github.ref, 'refs/tags/') | ||
| if: startsWith(github.ref, 'refs/tags/') && github.event.base_ref == 'refs/heads/master' | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/[email protected] | ||
|
|
||
| uses: actions/checkout@v4 | ||
| - name: Unshallow | ||
| run: git fetch --prune --unshallow | ||
|
|
||
| - name: Set up Go | ||
| uses: actions/setup-go@v5 | ||
| with: | ||
| go-version: 1.21 | ||
|
|
||
| - name: Import GPG key | ||
| id: import_gpg | ||
| uses: crazy-max/ghaction-import-gpg@v5.0.0 | ||
| uses: crazy-max/ghaction-import-gpg@v6 | ||
| with: | ||
| gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} | ||
| passphrase: ${{ secrets.PASSPHRASE }} | ||
|
|
||
| passphrase: ${{ secrets.GPG_PASSPHRASE }} | ||
| - name: Run GoReleaser | ||
| uses: goreleaser/goreleaser-action@v4 | ||
| uses: goreleaser/goreleaser-action@v6 | ||
| with: | ||
| version: latest | ||
| version: ${{ github.event.inputs.tag }} | ||
| args: release --clean | ||
| env: | ||
| GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} | ||
|
|
||
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| ## @formatter:off | ||
| ## JFROG ARTIFACTORY SYSTEM CONFIGURATION FILE | ||
| ## HOW TO USE: comment-out any field and keep the correct yaml indentation by deleting only the leading '#' character. | ||
| configVersion: 1 | ||
| ## NOTE: JFROG_HOME is a place holder for the JFrog root directory containing the deployed product, the home directory for all JFrog products. | ||
| ## Replace JFROG_HOME with the real path! For example, in RPM install, JFROG_HOME=/opt/jfrog | ||
|
|
||
| ## NOTE: Sensitive information such as passwords and join key are encrypted on first read. | ||
| ## NOTE: The provided commented key and value is the default. | ||
|
|
||
| ## SHARED CONFIGURATIONS | ||
| ## A shared section for keys across all services in this config | ||
| shared: | ||
| extraJavaOpts: "-Dartifactory.policy.cleanup.package.enabled=true" | ||
| database: | ||
| ## To run Artifactory with any database other than PostgreSQL allowNonPostgresql set to true. | ||
| allowNonPostgresql: true |