common-workflow-service/.github/workflows/ldap.yml at develop · NASA-AMMOS/common-workflow-service · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
name: CWS CI LDAP

# Workflow disabled - manual trigger only
on:
  workflow_dispatch:

env:
  TEAM: ("jamesfwood" "jl-0")

jobs:

  build-and-test-cws:

    runs-on: ubuntu-latest
    env:
      SECURITY: "LDAP"
      WORKERS: 1

    services:
      mdb1011:
        image: mariadb:10.11
        ports:
          - 3306:3306
        env:
          MYSQL_DATABASE: cws_dev
          MYSQL_ROOT_PASSWORD: adminpw
        options: >-
          --name mdb1011

    steps:
      - uses: actions/checkout@v6

      - name: Set up JDK 17
        uses: actions/setup-java@v5
        with:
          java-version: '17'
          distribution: 'temurin'

      # Configure Maven security (master password)
      - name: Configure Maven security
        run: |
          mkdir -p ~/.m2
          echo "<settingsSecurity>
                  <master>${{ secrets.MAVEN_MASTER_PASSWORD }}</master>
                </settingsSecurity>" > ~/.m2/settings-security.xml

      # Configure Maven settings (encrypted repo password)
      - name: Configure Maven settings
        run: |
          echo "<settings>
               <servers>
                 <server>
                   <id>${{ secrets.MAVEN_REPO_ID }}</id>
                   <username>${{ secrets.MAVEN_USERNAME }}</username>
                   <password>${{ secrets.MAVEN_ENCRYPTED_PASSWORD }}</password>
                 </server>
               </servers>
             </settings>" > ~/.m2/settings.xml

      - name: Configure Camunda Download Credentials
        run: |
          echo "machine downloads.camunda.cloud
              login ${{ secrets.CAMUNDA_DOWNLOAD_LOGIN }}
              password ${{ secrets.CAMUNDA_DOWNLOAD_PASSWORD }}" > ~/.netrc
          chmod 400 ~/.netrc

      - name: Cache Maven packages
        uses: actions/cache@v5
        with:
          path: ~/.m2/repository
          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
          restore-keys: |
            ${{ runner.os }}-m2-

      - name: Create open-source certs
        run: |
          cd cws-certs
          chmod +x generate-certs.sh
          ./generate-certs.sh

      - name: Set up Keystore storepass
        run: |
          mkdir ~/.cws/
          chmod 700 ~/.cws/
          echo ${{ secrets.KEYSTORE_PASSWORD }} > ~/.cws/creds
          chmod 400 ~/.cws/creds

      - name: Download Logstash
        run: |
          curl -o install/logging/logstash-8.12.0.zip https://artifacts.elastic.co/downloads/logstash/logstash-8.12.0-windows-x86_64.zip

      - name: Check for Logstash
        run: |
          cd install/logging/
          ls -l

      - name: Set up Elasticsearch
        run: |
          cd install/docker/es-only
          docker compose up -d

      - name: Set up CWS LDAP Server
        run: |
          cd cws-opensource-ldap
          docker compose up -d

      - name: Show Docker containers
        run: |
          sleep 5s
          docker ps -a

      - name: Build and Start CWS
        id: build
        run:  |
          cd ci
          chmod +x run_ci.sh
          ./run_ci.sh $SECURITY $WORKERS
        shell: bash

      - name: List CWS Logs
        run: |
          cd dist/console-only/cws/server/apache-tomcat-11.0.20/logs
          ls -al

      - name: Set up Google Chrome
        run:  |
          sudo apt update
          sudo apt install -y google-chrome-stable

      - name: Display Google Chrome version
        run: google-chrome --version

      - name: Run LDAP Integration Tests
        id: ldap
        run: mvn -Dmaven.compiler.debug=true -Dmaven.compiler.debuglevel=lines,vars, -Dit.test=LdapTestIT verify -DskipTests
        shell: bash

      - name: Show CWS Log for Console
        if: always()
        working-directory: dist/console-only/cws/server/apache-tomcat-11.0.20/logs
        run: |
          cat cws.log

      - name: Show Catalina Log for Console
        if: always()
        working-directory: dist/console-only/cws/server/apache-tomcat-11.0.20/logs
        run: |
          cat catalina.out

      - name: Show CWS Log for Worker1
        if: always()
        working-directory: dist/worker1/cws/server/apache-tomcat-11.0.20/logs
        run: |
          cat cws.log

      - name: Show Catalina Log for Worker1
        if: always()
        working-directory: dist/worker1/cws/server/apache-tomcat-11.0.20/logs
        run: |
          cat catalina.out

      - name: Send custom JSON data to Slack workflow
        if: ${{ always() && contains(env.TEAM, github.actor) }}
        id: slack
        uses: slackapi/slack-github-action@v3
        with:
          webhook-type: incoming-webhook
          webhook: ${{ secrets.SLACK_WEBHOOK_URL }}
          # This data can be any valid JSON from a previous step in the GitHub Action
          payload: |
            {
              "status": "CWS CI LDAP build and test result: ${{ job.status }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}\nBuild result: ${{ steps.build.outcome }}\nLDAP integration test result: ${{ steps.ldap.outcome }}",
              "blocks": [
                {
                  "type": "section",
                  "text": {
                    "type": "mrkdwn",
                    "text": "CWS CI LDAP build and test result: ${{ job.status }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}\nBuild result: ${{ steps.build.outcome }}\nLDAP integration test result: ${{ steps.ldap.outcome }}"
                  }
                }
              ]
            }