feat(CS): EC key support for global configuration #1262
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and test | |
| on: | |
| # Capture this event so that gradle caches are updated when a PR is merged to develop | |
| # More information on why: https://github.com/gradle/gradle-build-action#using-the-caches-read-only | |
| push: | |
| branches: | |
| - develop | |
| paths: | |
| - 'src/**' | |
| - '.github/**' | |
| - 'ansible/**' | |
| - 'Docker/**' | |
| pull_request: | |
| types: [opened, synchronize, reopened] | |
| paths: | |
| - 'src/**' | |
| - '.github/**' | |
| - 'ansible/**' | |
| - 'Docker/**' | |
| permissions: | |
| contents: write # Required for https://github.com/gradle/actions/tree/main/setup-gradle#github-dependency-graph-support | |
| pull-requests: write # https://github.com/gradle/actions/tree/main/setup-gradle#adding-job-summary-as-a-pull-request-comment | |
| actions: read # Required for https://github.com/dorny/test-reporter | |
| checks: write # Required for https://github.com/dorny/test-reporter | |
| # Cancels previous workflow run on PR if a new one is started (does not affect push to develop). | |
| # This is because github.head_ref is empty on push events so defaults to the unique github.run_id. | |
| # More info: https://docs.github.com/en/actions/using-jobs/using-concurrency | |
| concurrency: | |
| group: ${{ github.head_ref || github.run_id }} | |
| cancel-in-progress: true | |
| jobs: | |
| BuildAndPackageWithUnitTests: | |
| name: Build, test and package code | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # SonarCloud: Shallow clones should be disabled for a better relevancy of analysis | |
| - name: Ensure required packages | |
| env: | |
| DEBIAN_FRONTEND: noninteractive # Less output to log | |
| run: sudo apt-get update && sudo apt-get install -y curl software-properties-common build-essential unzip debhelper devscripts | |
| - name: Set up JDK 21 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '21' | |
| distribution: 'temurin' | |
| - name: Cache SonarCloud packages | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.sonar/cache | |
| key: ${{ runner.os }}-sonar | |
| restore-keys: ${{ runner.os }}-sonar | |
| - name: Set up Gradle | |
| uses: gradle/actions/setup-gradle@v4 | |
| with: | |
| cache-read-only: ${{ github.ref != 'refs/heads/develop' }} | |
| gradle-home-cache-cleanup: true | |
| dependency-graph: generate-and-submit | |
| add-job-summary-as-pr-comment: always | |
| - name: Build and test source | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| working-directory: ./src | |
| run: ./gradlew -Dorg.gradle.jvmargs=-Xmx6g -PsonarqubeHost=https://sonarcloud.io -PsonarqubeProjectKey=nordic-institute_X-Road -PsonarqubeOrganization=nordic-institute -PxroadBuildType=RELEASE --stacktrace build sonar test intTest runProxyTest runMetaserviceTest runProxymonitorMetaserviceTest jacocoTestReport -Pfrontend-npm-audit | |
| - name: Test report | |
| env: | |
| NODE_OPTIONS: '--max-old-space-size=6144' | |
| uses: dorny/test-reporter@v1 | |
| if: success() || failure() | |
| with: | |
| name: Unit and integration tests | |
| path: src/**/build/test-results/**/TEST-*.xml | |
| reporter: java-junit | |
| list-suites: 'failed' | |
| list-tests: 'failed' | |
| - name: Build RHEL8 packages | |
| run: docker build -t rhel8 ${{ github.workspace }}/src/packages/docker/rpm-el8/ && docker run --rm -u $(id -u ${USER}):$(id -g ${USER}) -v /etc/passwd:/etc/passwd:ro -v /etc/group:/etc/group:ro -v ${{ github.workspace }}:/workspace rhel8 ./src/packages/build-rpm.sh | |
| - name: Build RHEL9 packages | |
| run: docker build -t rhel9 ${{ github.workspace }}/src/packages/docker/rpm-el9/ && docker run --rm -u $(id -u ${USER}):$(id -g ${USER}) -v /etc/passwd:/etc/passwd:ro -v /etc/group:/etc/group:ro -v ${{ github.workspace }}:/workspace rhel9 ./src/packages/build-rpm.sh | |
| - name: Build 22.04 (Jammy) packages | |
| env: | |
| DEBEMAIL: '[email protected]' | |
| DEBFULLNAME: 'NIIS' | |
| run: ./src/packages/build-deb.sh jammy -release | |
| - name: Build 24.04 (Noble) packages | |
| env: | |
| DEBEMAIL: '[email protected]' | |
| DEBFULLNAME: 'NIIS' | |
| run: ./src/packages/build-deb.sh noble -release | |
| - name: Store deb files for system tests | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: debian-packages | |
| path: src/packages/build/ubuntu22.04/*.deb | |
| compression-level: 0 #No point in compressing these | |
| RunCSSystemTests: | |
| name: Run Central Server system tests | |
| needs: BuildAndPackageWithUnitTests | |
| runs-on: ubuntu-22.04 | |
| services: | |
| registry: | |
| image: registry:2 | |
| ports: | |
| - 5000:5000 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK 21 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '21' | |
| distribution: 'temurin' | |
| - name: Set up Gradle | |
| uses: gradle/actions/setup-gradle@v4 | |
| with: | |
| cache-read-only: true | |
| - name: Initialize docker setup | |
| working-directory: ./Docker/centralserver | |
| run: ./init_context.sh | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| driver-opts: network=host | |
| - name: Download debian packages | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: debian-packages | |
| path: ./Docker/centralserver/build/packages/ | |
| - name: List docker build files | |
| run: ls -lah ./Docker/centralserver/build | |
| - name: Build CS docker image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: ./Docker/centralserver/ | |
| push: true | |
| build-args: | | |
| PACKAGE_SOURCE=internal | |
| tags: localhost:5000/xrd-centralserver:${{ github.sha }} | |
| - name: Run Central Server system tests | |
| working-directory: ./src | |
| run: ./gradlew -Dorg.gradle.jvmargs=-Xmx1g :central-server:admin-service:ui-system-test:systemTest -PsystemTestCsImageName=localhost:5000/xrd-centralserver:${{ github.sha }} | |
| - name: Test report | |
| env: | |
| NODE_OPTIONS: '--max-old-space-size=6144' | |
| uses: dorny/test-reporter@v1 | |
| if: success() || failure() | |
| with: | |
| name: Central Server system test | |
| path: src/central-server/admin-service/ui-system-test/build/test-results/**/TEST-*.xml | |
| reporter: java-junit | |
| - name: Upload CS screenshots | |
| if: failure() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: CS System Test screenshots | |
| path: src/central-server/admin-service/ui-system-test/build/reports/test-automation/selenide-failures/*.png | |
| RunSSSystemTests: | |
| name: Run Security Server system tests | |
| needs: BuildAndPackageWithUnitTests | |
| runs-on: ubuntu-22.04 | |
| services: | |
| registry: | |
| image: registry:2 | |
| ports: | |
| - 5000:5000 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK 21 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '21' | |
| distribution: 'temurin' | |
| - name: Set up Gradle | |
| uses: gradle/actions/setup-gradle@v4 | |
| with: | |
| cache-read-only: true | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| driver-opts: network=host | |
| - name: Initialize docker setup | |
| working-directory: ./Docker/securityserver | |
| run: ./init_context.sh | |
| - name: Download debian packages | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: debian-packages | |
| path: ./Docker/securityserver/build/packages/ | |
| - name: Build SS docker image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: ./Docker/securityserver/ | |
| push: true | |
| build-args: | | |
| PACKAGE_SOURCE=internal | |
| tags: localhost:5000/xrd-securityserver:${{ github.sha }} | |
| - name: Run Security Server system tests | |
| working-directory: ./src | |
| run: ./gradlew -Dorg.gradle.jvmargs=-Xmx1g :security-server:system-test:systemTest -PsystemTestSsImageName=localhost:5000/xrd-securityserver:${{ github.sha }} | |
| - name: Test report | |
| env: | |
| NODE_OPTIONS: '--max-old-space-size=6144' | |
| uses: dorny/test-reporter@v1 | |
| if: success() || failure() | |
| with: | |
| name: Security Server system tests | |
| path: src/security-server/system-test/build/test-results/**/TEST-*.xml | |
| reporter: java-junit | |
| - name: Fix system-test build dir permissions | |
| run: sudo chown -R $USER src/security-server/system-test/build/ss-container-logs/ && sudo chown -R $USER src/security-server/system-test/build/ca-container-logs/ | |
| if: failure() | |
| - name: Upload SS report | |
| uses: actions/upload-artifact@v4 | |
| if: failure() | |
| with: | |
| name: SS System Test report | |
| path: | | |
| src/security-server/system-test/build/allure-report/ | |
| src/security-server/system-test/build/ss-container-logs/ | |
| src/security-server/system-test/build/ca-container-logs/ | |
| src/security-server/system-test/build/reports/test-automation/selenide-failures/*.png | |
| RunE2ETests: | |
| name: Run E2E tests | |
| needs: BuildAndPackageWithUnitTests | |
| runs-on: ubuntu-22.04 | |
| services: | |
| registry: | |
| image: registry:2 | |
| ports: | |
| - 5000:5000 | |
| steps: | |
| # Setup | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK 21 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '21' | |
| distribution: 'temurin' | |
| - name: Set up Gradle | |
| uses: gradle/actions/setup-gradle@v4 | |
| with: | |
| cache-read-only: true | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| driver-opts: network=host | |
| # Build Central Server | |
| - name: Initialize CS docker setup | |
| working-directory: ./Docker/centralserver | |
| run: ./init_context.sh | |
| - name: Download debian packages for CS | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: debian-packages | |
| path: ./Docker/centralserver/build/packages/ | |
| - name: Build CS docker image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: ./Docker/centralserver/ | |
| push: true | |
| build-args: | | |
| PACKAGE_SOURCE=internal | |
| tags: localhost:5000/xrd-centralserver:${{ github.sha }} | |
| # Build Security Server | |
| - name: Initialize SS docker setup | |
| working-directory: ./Docker/securityserver | |
| run: ./init_context.sh | |
| - name: Copy debian packages for SS | |
| run: cp ./Docker/centralserver/build/packages/* ./Docker/securityserver/build/packages/ | |
| - name: Build SS docker image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: ./Docker/securityserver/ | |
| push: true | |
| build-args: | | |
| PACKAGE_SOURCE=internal | |
| tags: localhost:5000/xrd-securityserver:${{ github.sha }} | |
| # Execute and report | |
| - name: Run E2E tests | |
| working-directory: ./src | |
| run: > | |
| ./gradlew -Dorg.gradle.jvmargs=-Xmx1g :security-server:e2e-test:e2eTest | |
| -Pe2eTestCSImage=localhost:5000/xrd-centralserver:${{ github.sha }} | |
| -Pe2eTestSSImage=localhost:5000/xrd-securityserver:${{ github.sha }} | |
| - name: Test report | |
| env: | |
| NODE_OPTIONS: '--max-old-space-size=6144' | |
| uses: dorny/test-reporter@v1 | |
| if: success() || failure() | |
| with: | |
| name: E2E tests | |
| path: src/security-server/e2e-test/build/test-results/**/TEST-*.xml | |
| reporter: java-junit | |
| - name: Upload E2E report | |
| uses: actions/upload-artifact@v4 | |
| if: failure() | |
| with: | |
| name: E2E report | |
| path: | | |
| src/security-server/e2e-test/build/allure-report/ |