Skip to content

Bumped version to 2.9.0 #1431

Bumped version to 2.9.0

Bumped version to 2.9.0 #1431

Workflow file for this run

name: CWS CI Camunda
# Triggers the workflow on push
on:
push:
schedule:
# trigger a build and test of CWS weekly on Monday at 5 AM PST / 12 PM UTC
- cron: '0 12 * * 1'
env:
TEAM: ("jamesfwood" "jl-0")
jobs:
build-and-test-cws:
runs-on: ubuntu-latest
env:
SECURITY: "CAMUNDA"
WORKERS: 1
services:
mdb1011:
image: mariadb:10.11
ports:
- 3306:3306
env:
MYSQL_DATABASE: cws_dev
MYSQL_ROOT_PASSWORD: adminpw
options: >-
--name mdb1011
steps:
- uses: actions/checkout@v6
- name: Set up JDK 17
uses: actions/setup-java@v5
with:
java-version: '17'
distribution: 'temurin'
# Configure Maven security (master password)
- name: Configure Maven security
run: |
mkdir -p ~/.m2
echo "<settingsSecurity>
<master>${{ secrets.MAVEN_MASTER_PASSWORD }}</master>
</settingsSecurity>" > ~/.m2/settings-security.xml
# Configure Maven settings (encrypted repo password)
- name: Configure Maven settings
run: |
echo "<settings>
<servers>
<server>
<id>${{ secrets.MAVEN_REPO_ID }}</id>
<username>${{ secrets.MAVEN_USERNAME }}</username>
<password>${{ secrets.MAVEN_ENCRYPTED_PASSWORD }}</password>
</server>
</servers>
</settings>" > ~/.m2/settings.xml
- name: Cache Maven packages
uses: actions/cache@v5
with:
path: ~/.m2/repository
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-m2-
- name: Configure Camunda Download Credentials
run: |
echo "machine downloads.camunda.cloud
login ${{ secrets.CAMUNDA_DOWNLOAD_LOGIN }}
password ${{ secrets.CAMUNDA_DOWNLOAD_PASSWORD }}" > ~/.netrc
chmod 400 ~/.netrc
- name: Create open-source certs
run: |
cd cws-certs
chmod +x generate-certs.sh
./generate-certs.sh
- name: Set up Keystore storepass
run: |
mkdir ~/.cws/
chmod 700 ~/.cws/
echo ${{ secrets.KEYSTORE_PASSWORD }} > ~/.cws/creds
chmod 400 ~/.cws/creds
- name: Write license to file
run: |
mkdir -p ~/.camunda
chmod 700 ~/.camunda
cat <<'EOF' > ~/.camunda/license.txt
${{ secrets.CAMUNDA_LICENSE }}
EOF
chmod 400 ~/.camunda/license.txt
- name: Download Logstash
run: |
curl -o install/logging/logstash-8.12.0.zip https://artifacts.elastic.co/downloads/logstash/logstash-8.12.0-windows-x86_64.zip
- name: Check for Logstash
run: |
cd install/logging/
ls -l
- name: Set up Elasticsearch
run: |
cd install/docker/es-only
docker compose up -d
- name: Show Docker containers
run: |
sleep 5s
docker ps -a
- name: Cache Dependency-Check data
uses: actions/cache@v5
with:
path: ~/.dependency-check-data
key: ${{ runner.os }}-dependency-check
restore-keys: |
${{ runner.os }}-dependency-check
- name: Run Dependency Check
run: mvn clean dependency-check:aggregate
shell: bash
env:
NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
- name: Upload Dependency Check Report
uses: actions/upload-artifact@v7
with:
name: dependency-check-report
path: target/dependency-check-reports/dependency-check-report.html
- name: Build and Start CWS
id: build
run: |
cd ci
chmod +x run_ci.sh
./run_ci.sh $SECURITY $WORKERS
shell: bash
- name: List CWS Logs
run: |
cd "dist/console-only/cws/server/apache-tomcat-11.0.20/logs"
ls -al
- name: Set up Google Chrome
run: |
sudo apt update
sudo apt install -y google-chrome-stable
- name: Display Google Chrome version
run: google-chrome --version
- name: Run Unit Tests
id: unit
run: mvn -Dmaven.compiler.debug=true -Dmaven.compiler.debuglevel=lines,vars,source clean test jacoco:report-aggregate
shell: bash
- name: Run Integration Tests
id: integration
run: mvn -Dmaven.compiler.debug=true -Dmaven.compiler.debuglevel=lines,vars,source integration-test verify -DskipTests
shell: bash
- name: Upload Jacoco report
uses: actions/upload-artifact@v7
with:
name: jacoco-report
path: jacoco-reports/aggregate/index.html
- name: Upload test screenshots
if: ${{ always() && steps.build.outcome == 'success' }}
uses: actions/upload-artifact@v7
with:
name: test-screenshots
path: test-screenshots/
- name: Show CWS Log for Console
if: always()
working-directory: dist/console-only/cws/server/apache-tomcat-11.0.20/logs
run: |
cat cws.log
- name: Show Catalina Log for Console
if: always()
working-directory: dist/console-only/cws/server/apache-tomcat-11.0.20/logs
run: |
cat catalina.out
- name: Show CWS Log for Worker1
if: always()
working-directory: dist/worker1/cws/server/apache-tomcat-11.0.20/logs
run: |
cat cws.log
- name: Show Catalina Log for Worker1
if: always()
working-directory: dist/worker1/cws/server/apache-tomcat-11.0.20/logs
run: |
cat catalina.out
- name: Cleanup Private files
if: always()
run: |
rm -rf ~/.camunda
rm -f ~/.netrc
- name: Send custom JSON data to Slack workflow
if: ${{ always() && contains(env.TEAM, github.actor) }}
id: slack
uses: slackapi/slack-github-action@v3
with:
webhook-type: incoming-webhook
webhook: ${{ secrets.SLACK_WEBHOOK_URL }}
# This data can be any valid JSON from a previous step in the GitHub Action
payload: |
{
"status": "CWS CI Camunda build and test result: ${{ job.status }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}\nBuild result: ${{ steps.build.outcome }}\nUnit test result: ${{ steps.unit.outcome }}\nIntegration test result: ${{ steps.integration.outcome }}",
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "CWS CI Camunda build and test result: ${{ job.status }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}\nBuild result: ${{ steps.build.outcome }}\nUnit test result: ${{ steps.unit.outcome }}\nIntegration test result: ${{ steps.integration.outcome }}"
}
}
]
}
advanced-test:
runs-on: ubuntu-latest
env:
SECURITY: "CAMUNDA"
WORKERS: 2
services:
mdb1011:
image: mariadb:10.11
ports:
- 3306:3306
env:
MYSQL_DATABASE: cws_dev
MYSQL_ROOT_PASSWORD: adminpw
options: >-
--name mdb1011
steps:
- uses: actions/checkout@v6
- name: Set up JDK 17
uses: actions/setup-java@v5
with:
java-version: '17'
distribution: 'temurin'
# Configure Maven security (master password)
- name: Configure Maven security
run: |
mkdir -p ~/.m2
echo "<settingsSecurity>
<master>${{ secrets.MAVEN_MASTER_PASSWORD }}</master>
</settingsSecurity>" > ~/.m2/settings-security.xml
# Configure Maven settings (encrypted repo password)
- name: Configure Maven settings
run: |
echo "<settings>
<servers>
<server>
<id>${{ secrets.MAVEN_REPO_ID }}</id>
<username>${{ secrets.MAVEN_USERNAME }}</username>
<password>${{ secrets.MAVEN_ENCRYPTED_PASSWORD }}</password>
</server>
</servers>
</settings>" > ~/.m2/settings.xml
- name: Cache Maven packages
uses: actions/cache@v5
with:
path: ~/.m2/repository
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-m2-
- name: Configure Camunda Download Credentials
run: |
echo "machine downloads.camunda.cloud
login ${{ secrets.CAMUNDA_DOWNLOAD_LOGIN }}
password ${{ secrets.CAMUNDA_DOWNLOAD_PASSWORD }}" > ~/.netrc
chmod 400 ~/.netrc
- name: Create open-source certs
run: |
cd cws-certs
chmod +x generate-certs.sh
./generate-certs.sh
- name: Set up Keystore storepass
run: |
mkdir ~/.cws/
chmod 700 ~/.cws/
echo ${{ secrets.KEYSTORE_PASSWORD }} > ~/.cws/creds
chmod 400 ~/.cws/creds
- name: Write license to file
run: |
mkdir -p ~/.camunda
chmod 700 ~/.camunda
cat <<'EOF' > ~/.camunda/license.txt
${{ secrets.CAMUNDA_LICENSE }}
EOF
chmod 400 ~/.camunda/license.txt
- name: Download Logstash
run: |
curl -o install/logging/logstash-8.12.0.zip https://artifacts.elastic.co/downloads/logstash/logstash-8.12.0-windows-x86_64.zip
- name: Check for Logstash
run: |
cd install/logging/
ls -l
- name: Set up Elasticsearch
run: |
cd install/docker/es-only
docker compose up -d
- name: Show Docker containers
run: |
sleep 5s
docker ps -a
- name: Build and Start CWS
id: build
run: |
cd ci
chmod +x run_ci.sh
./run_ci.sh $SECURITY $WORKERS
shell: bash
- name: List CWS Logs
run: |
cd dist/console-only/cws/server/apache-tomcat-11.0.20/logs
ls -al
- name: Set up Google Chrome
run: |
sudo apt update
sudo apt install -y google-chrome-stable
- name: Display Google Chrome version
run: google-chrome --version
- name: Run Load Integration Test
id: load
run: mvn -Dmaven.compiler.debug=true -Dmaven.compiler.debuglevel=lines,vars, -Dit.test=LoadTestIT verify -DskipTests
shell: bash
- name: Upload test screenshots
if: ${{ always() && steps.build.outcome == 'success' }}
uses: actions/upload-artifact@v7
with:
name: test-screenshots-advanced
path: test-screenshots/
- name: Show CWS Log for Console
if: always()
working-directory: dist/console-only/cws/server/apache-tomcat-11.0.20/logs
run: |
cat cws.log
- name: Show Catalina Log for Console
if: always()
working-directory: dist/console-only/cws/server/apache-tomcat-11.0.20/logs
run: |
cat catalina.out
- name: Show CWS Log for Worker1
if: always()
working-directory: dist/worker1/cws/server/apache-tomcat-11.0.20/logs
run: |
cat cws.log
- name: Show Catalina Log for Worker1
if: always()
working-directory: dist/worker1/cws/server/apache-tomcat-11.0.20/logs
run: |
cat catalina.out
- name: Show CWS Log for Worker2
if: always()
working-directory: dist/worker2/cws/server/apache-tomcat-11.0.20/logs
run: |
cat cws.log
- name: Show Catalina Log for Worker2
if: always()
working-directory: dist/worker2/cws/server/apache-tomcat-11.0.20/logs
run: |
cat catalina.out
- name: Cleanup Private files
if: always()
run: |
rm -rf ~/.camunda
rm -f ~/.netrc
- name: Send custom JSON data to Slack workflow
if: ${{ always() && contains(env.TEAM, github.actor) }}
id: slack
uses: slackapi/slack-github-action@v3
with:
webhook-type: incoming-webhook
webhook: ${{ secrets.SLACK_WEBHOOK_URL }}
# This data can be any valid JSON from a previous step in the GitHub Action
payload: |
{
"status": "CWS CI Camunda advanced test result: ${{ job.status }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}\nBuild result: ${{ steps.build.outcome }}\nLoad integration test result: ${{ steps.load.outcome }}",
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "CWS CI Camunda advanced test result: ${{ job.status }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}\nBuild result: ${{ steps.build.outcome }}\nLoad integration test result: ${{ steps.load.outcome }}"
}
}
]
}
publish-cws-image:
if: ${{ github.ref_type == 'tag' }}
needs: [build-and-test-cws, advanced-test]
runs-on: ubuntu-latest
steps:
- name: Check out the repo
uses: actions/checkout@v6
- name: Set up JDK 17
uses: actions/setup-java@v5
with:
java-version: '17'
distribution: 'temurin'
cache: maven
- name: Log in to Docker Hub
uses: docker/login-action@v4
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Generate CWS Docker image
run: |
cd install/docker/cws-image
./build.sh
- name: Re-Tag CWS Docker image for open source
run: docker tag nasa-ammos/common-workflow-service:${{ github.ref_name }} ${{ secrets.DOCKER_USERNAME }}/common-workflow-service:${{ github.ref_name }}
- name: Push CWS Docker image
run: docker push ${{ secrets.DOCKER_USERNAME }}/common-workflow-service:${{ github.ref_name }}