feat: rate limit per service #3203
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Integration tests using JIB containers | |
on: | |
push: | |
branches: [ v2.x.x, v3.x.x ] | |
paths-ignore: | |
- '**.md' | |
pull_request: | |
branches: [ v2.x.x, v3.x.x ] | |
paths-ignore: | |
- '**.md' | |
workflow_dispatch: | |
env: | |
JOB_ID: ${{ github.run_id }}-${{ github.run_number }} | |
jobs: | |
PublishJibContainers: | |
runs-on: ubuntu-latest | |
timeout-minutes: 15 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- name: Build with Gradle | |
run: > | |
./gradlew clean jib -Djib.serialize=true -Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} -Pzowe.docker.password=${{ secrets.PERSONAL_JB_TOKEN }} -Pzowe.docker.username=balhar-jakub -Pzowe.docker.container=ghcr.io/balhar-jakub/ -Pzowe.docker.tag=${{ env.JOB_ID }} | |
- name: Standalone Catalog | |
run: > | |
./gradlew :api-catalog-services:jib -Djib.serialize=true -Pzowe.jib.image.suffix=standalone -Pzowe.jib.image.javaAgentPort=6304 -Pzowe.jib.image.debugPort=5125 -Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} -Pzowe.docker.password=${{ secrets.PERSONAL_JB_TOKEN }} -Pzowe.docker.username=balhar-jakub -Pzowe.docker.container=ghcr.io/balhar-jakub/ -Pzowe.docker.tag=${{ env.JOB_ID }} | |
- uses: ./.github/actions/teardown | |
CITests: | |
needs: PublishJibContainers | |
runs-on: ubuntu-latest | |
container: ubuntu:latest | |
timeout-minutes: 15 | |
services: | |
api-catalog-services-2: | |
image: ghcr.io/balhar-jakub/api-catalog-services-standalone:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
api-catalog-services: | |
image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
caching-service: | |
image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
discoverable-client: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
discovery-service: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
discovery-service-2: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_HOSTNAME: discovery-service-2 | |
gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_HOSTNAME: gateway-service | |
APIML_SECURITY_AUTH_JWT_CUSTOMAUTHHEADER: customJwtHeader | |
APIML_SECURITY_AUTH_PASSTICKET_CUSTOMUSERHEADER: customUserHeader | |
APIML_SECURITY_AUTH_PASSTICKET_CUSTOMAUTHHEADER: customPassticketHeader | |
ZWE_CONFIGS_APIML_SERVICE_ADDITIONALREGISTRATION_0_DISCOVERYSERVICEURLS: https://discovery-service-2:10011/eureka | |
SERVER_MAX_HTTP_REQUEST_HEADER_SIZE: 16348 | |
SERVER_WEBSOCKET_REQUESTBUFFERSIZE: 16348 | |
APIML_GATEWAY_ROUTING_SERVICESTOLIMITREQUESTRATE: discoverableclient | |
APIML_GATEWAY_ROUTING_COOKIENAMEFORRATELIMIT: apimlAuthenticationToken | |
zaas-service: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SECURITY_X509_ENABLED: true | |
APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
APIML_SECURITY_X509_CERTIFICATESURL: https://gateway-service:10010/gateway/certificates | |
mock-services: | |
image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- name: Run CI Tests | |
run: > | |
./gradlew :integration-tests:runContainerTests --info | |
-Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
- uses: ./.github/actions/dump-jacoco | |
if: always() | |
- name: Store results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: ContainerCITests-${{ env.JOB_ID }} | |
path: | | |
integration-tests/build/reports/** | |
results/** | |
- uses: ./.github/actions/teardown | |
Oauth2Integration: | |
needs: PublishJibContainers | |
runs-on: ubuntu-latest | |
container: ubuntu:latest | |
timeout-minutes: 10 | |
services: | |
gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
zaas-service: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SECURITY_OIDC_CLIENTID: ${{ secrets.OKTA_CLIENT_ID }} | |
APIML_SECURITY_OIDC_CLIENTSECRET: ${{ secrets.OKTA_CLIENT_PASSWORD }} | |
APIML_SECURITY_OIDC_ENABLED: true | |
APIML_SECURITY_OIDC_REGISTRY: zowe.okta.com | |
APIML_SECURITY_OIDC_JWKS_URI: ${{ secrets.OKTA_JWKSET_URI }} | |
APIML_SECURITY_OIDC_IDENTITYMAPPERUSER: APIMTST | |
APIML_SECURITY_OIDC_IDENTITYMAPPERURL: https://gateway-service:10010/zss/api/v1/certificate/dn | |
discovery-service: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
mock-services: | |
image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
discoverable-client: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- name: Run CI Tests | |
run: > | |
./gradlew :integration-tests:runOidcTests --info -Denvironment.config=-docker -Dokta.client.id=${{ secrets.OKTA_CLIENT_ID }} | |
-Doidc.test.user=${{ secrets.OIDC_TEST_USER }} -Doidc.test.pass=${{ secrets.OIDC_TEST_PASS }} | |
-Doidc.test.alt_user=${{ secrets.OKTA_WINNIE_USER }} -Doidc.test.alt_pass=${{ secrets.OKTA_WINNIE_PASS }} | |
-Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
- uses: ./.github/actions/teardown | |
GatewayProxy: | |
needs: PublishJibContainers | |
runs-on: ubuntu-latest | |
container: ubuntu:latest | |
timeout-minutes: 10 | |
services: | |
discovery-service: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_APIMLID: apiml1 | |
APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
APIML_SERVICE_FORWARDCLIENTCERTENABLED: true | |
APIML_SECURITY_X509_CERTIFICATESURL: https://central-gateway-service:10010/gateway/certificates | |
gateway-service-2: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_HOSTNAME: gateway-service-2 | |
APIML_SERVICE_APIMLID: apiml2 | |
zaas-service: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
APIML_SECURITY_X509_CERTIFICATESURL: https://gateway-service:10010/gateway/certificates | |
zaas-service-2: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
APIML_SECURITY_X509_CERTIFICATESURL: https://gateway-service-2:10010/gateway/certificates | |
APIML_SERVICE_HOSTNAME: zaas-service-2 | |
central-gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_APIMLID: centralapiml | |
APIML_CONNECTION_TIMEOUT: 2000 | |
APIML_SERVICE_FORWARDCLIENTCERTENABLED: true | |
APIML_SERVICE_HOSTNAME: central-gateway-service | |
discoverable-client: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
mock-services: | |
image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- name: Run CI Tests | |
run: > | |
./gradlew :integration-tests:runGatewayProxyTest --info -Denvironment.config=-docker | |
-Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
- name: Dump CGW jacoco data | |
run: > | |
java -jar ./scripts/jacococli.jar dump --address gateway-service --port 6300 --destfile ./results/gateway-service.exec | |
- name: Store results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: GatewayProxy-${{ env.JOB_ID }} | |
path: | | |
integration-tests/build/reports/** | |
results/** | |
- uses: ./.github/actions/teardown | |
GatewayServiceRouting: | |
needs: PublishJibContainers | |
runs-on: ubuntu-latest | |
container: ubuntu:latest | |
timeout-minutes: 10 | |
services: | |
discovery-service: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_APIMLID: apiml1 | |
zaas-service: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
central-gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
discoverable-client: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
mock-services: | |
image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- name: Run CI Tests | |
run: > | |
./gradlew :integration-tests:runGatewayServiceRoutingTest --info -Denvironment.config=-docker | |
-Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
- name: Dump CGW jacoco data | |
run: > | |
java -jar ./scripts/jacococli.jar dump --address gateway-service --port 6300 --destfile ./results/gateway-service.exec | |
- name: Store results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: GatewayServiceRouting-${{ env.JOB_ID }} | |
path: | | |
integration-tests/build/reports/** | |
results/** | |
- uses: ./.github/actions/teardown | |
GatewayCentralRegistry: | |
needs: PublishJibContainers | |
runs-on: ubuntu-latest | |
container: ubuntu:latest | |
timeout-minutes: 10 | |
services: | |
# First group of services represents central apiml instance with central gateway registry | |
discovery-service: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_APIMLID: central-apiml | |
APIML_SERVICE_HOSTNAME: gateway-service | |
zaas-service: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SECURITY_X509_ENABLED: true | |
APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
APIML_SECURITY_X509_CERTIFICATESURL: https://gateway-service:10010/gateway/certificates | |
central-gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_APIMLID: central-apiml | |
APIML_SERVICE_HOSTNAME: central-gateway-service | |
APIML_GATEWAY_REGISTRY_ENABLED: true | |
APIML_SECURITY_X509_REGISTRY_ALLOWEDUSERS: USER,UNKNOWNUSER | |
# Second group of services represents domain apiml instance which registers it's gateway in central's discovery service | |
discovery-service-2: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
env: | |
APIML_SERVICE_HOSTNAME: discovery-service-2 | |
APIML_SERVICE_PORT: 10031 | |
gateway-service-2: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_APIMLID: domain-apiml | |
APIML_SERVICE_HOSTNAME: gateway-service-2 | |
APIML_SERVICE_PORT: 10037 | |
APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service-2:10031/eureka/ | |
ZWE_CONFIGS_APIML_SERVICE_ADDITIONALREGISTRATION_0_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka | |
ZWE_CONFIGS_APIML_SERVICE_ADDITIONALREGISTRATION_0_ROUTES_GATEWAYURL: / | |
ZWE_CONFIGS_APIML_SERVICE_ADDITIONALREGISTRATION_0_ROUTES_SERVICEURL: / | |
zaas-service-2: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SECURITY_X509_ENABLED: true | |
APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
APIML_SECURITY_X509_CERTIFICATESURL: https://gateway-service:10010/gateway/certificates | |
APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service-2:10031/eureka/ | |
central-gateway-service-2: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_APIMLID: domain-apiml | |
APIML_SERVICE_HOSTNAME: central-gateway-service-2 | |
APIML_GATEWAY_REGISTRY_ENABLED: false | |
APIML_SECURITY_X509_REGISTRY_ALLOWEDUSERS: USER,UNKNOWNUSER | |
APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service-2:10031/eureka/ | |
ZWE_CONFIGS_APIML_SERVICE_ADDITIONALREGISTRATION_0_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka | |
ZWE_CONFIGS_APIML_SERVICE_ADDITIONALREGISTRATION_0_ROUTES_GATEWAYURL: / | |
ZWE_CONFIGS_APIML_SERVICE_ADDITIONALREGISTRATION_0_ROUTES_SERVICEURL: / | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- name: Run CI Tests | |
run: > | |
./gradlew :integration-tests:runGatewayCentralRegistryTest --info -Denvironment.config=-docker | |
-Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
- name: Dump CGW jacoco data | |
run: > | |
java -jar ./scripts/jacococli.jar dump --address gateway-service --port 6300 --destfile ./results/gateway-service.exec | |
- name: Store results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: GatewayCentralRegistry-${{ env.JOB_ID }} | |
path: | | |
integration-tests/build/reports/** | |
results/** | |
- uses: ./.github/actions/teardown | |
CITestsRegistration: | |
needs: PublishJibContainers | |
runs-on: ubuntu-latest | |
container: ubuntu:latest | |
timeout-minutes: 15 | |
services: | |
api-catalog-services: | |
image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
caching-service: | |
image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
discoverable-client: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
discovery-service: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
zaas-service: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
mock-services: | |
image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- name: Run CI Tests | |
run: > | |
./gradlew :integration-tests:runRegistrationTests --info -Denvironment.config=-docker | |
-Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
# Coverage results are not stored in this job as it would not provide much additional data | |
- name: Store results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: ContainerCITestsRegistration-${{ env.JOB_ID }} | |
path: | | |
integration-tests/build/reports/** | |
- uses: ./.github/actions/teardown | |
CITestsZaas: | |
needs: PublishJibContainers | |
runs-on: ubuntu-latest | |
container: ubuntu:latest | |
timeout-minutes: 15 | |
services: | |
caching-service: | |
image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
ZWE_CACHING_SERVICE_PERSISTENT: 'infinispan' | |
CACHING_STORAGE_MODE: "infinispan" | |
JGROUPS_BIND_ADDRESS: "caching-service" | |
JGROUPS_BIND_PORT: "7099" | |
central-gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
discoverable-client: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
api-catalog-services: | |
image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
discovery-service: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
zaas-service: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SECURITY_PERSONALACCESSTOKEN_ENABLED: true | |
APIML_SECURITY_OIDC_CLIENTID: ${{ secrets.OKTA_CLIENT_ID }} | |
APIML_SECURITY_OIDC_CLIENTSECRET: ${{ secrets.OKTA_CLIENT_PASSWORD }} | |
APIML_SECURITY_OIDC_ENABLED: true | |
APIML_SECURITY_OIDC_REGISTRY: zowe.okta.com | |
APIML_SECURITY_OIDC_JWKS_URI: ${{ secrets.OKTA_JWKSET_URI }} | |
APIML_SECURITY_OIDC_IDENTITYMAPPERUSER: APIMTST | |
APIML_SECURITY_OIDC_IDENTITYMAPPERURL: https://gateway-service:10010/zss/api/v1/certificate/dn | |
APIML_SECURITY_X509_ENABLED: true | |
APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
APIML_SECURITY_X509_CERTIFICATESURL: https://gateway-service:10010/gateway/certificates | |
gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SECURITY_X509_ENABLED: true | |
APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
APIML_SECURITY_X509_CERTIFICATESURL: https://gateway-service:10010/gateway/certificates | |
mock-services: | |
image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- name: Build with Gradle | |
run: > | |
./gradlew :integration-tests:runZaasTest --info -Denvironment.config=-docker | |
-Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
-Dokta.client.id=${{ secrets.OKTA_CLIENT_ID }} -Doidc.test.user=${{ secrets.OIDC_TEST_USER }} | |
-Doidc.test.pass=${{ secrets.OIDC_TEST_PASS }} -Doidc.test.alt_user=${{ secrets.OKTA_WINNIE_USER }} | |
-Doidc.test.alt_pass=${{ secrets.OKTA_WINNIE_PASS }} | |
- name: Dump DC jacoco data | |
run: > | |
java -jar ./scripts/jacococli.jar dump --address zaas-service --port 6301 --destfile ./results/zaas-service.exec | |
- name: Store results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: ContainerCITestsZaas-${{ env.JOB_ID }} | |
path: | | |
integration-tests/build/reports/** | |
results/** | |
- uses: ./.github/actions/teardown | |
CITestsZosmfWithoutJwt: | |
needs: PublishJibContainers | |
runs-on: ubuntu-latest | |
container: ubuntu:latest | |
timeout-minutes: 15 | |
services: | |
api-catalog-services: | |
image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
caching-service: | |
image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
discoverable-client: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
discovery-service: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
zaas-service: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SECURITY_X509_ENABLED: true | |
APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
APIML_SECURITY_X509_CERTIFICATESURL: https://gateway-service:10010/gateway/certificates | |
APIML_SECURITY_AUTH_ZOSMF_JWTAUTOCONFIGURATION: ltpa | |
gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SECURITY_AUTH_JWT_CUSTOMAUTHHEADER: customJwtHeader | |
APIML_SECURITY_AUTH_PASSTICKET_CUSTOMUSERHEADER: customUserHeader | |
APIML_SECURITY_AUTH_PASSTICKET_CUSTOMAUTHHEADER: customPassticketHeader | |
mock-services: | |
image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- name: Build with Gradle | |
run: > | |
./gradlew :integration-tests:runZosmfAuthTest --info -Denvironment.config=-docker | |
-Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
# Coverage results are not stored in this job as it would not provide much additional data | |
- name: Store results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: ContainerCITestsZosmfWithoutJwt-${{ env.JOB_ID }} | |
path: | | |
integration-tests/build/reports/** | |
- uses: ./.github/actions/teardown | |
CITestsWithRedisReplica: | |
needs: PublishJibContainers | |
runs-on: ubuntu-latest | |
timeout-minutes: 15 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- name: Run APIML and Redis Containers | |
run: | | |
cd docker/redis | |
chmod +x run-redis.sh | |
./run-redis.sh -l -t -a ${{ env.JOB_ID }} | |
- uses: ./.github/actions/validate-apiml-healthy | |
with: | |
caching-service: "true" | |
- name: Run Caching Service tests | |
run: > | |
./gradlew :integration-tests:runCachingServiceTests --info | |
-DtlsConfiguration.clientKeyStore=../docker/redis/redis-containers/keystore/all-services.keystore.p12 | |
-DtlsConfiguration.keyAlias=apimtst | |
-DtlsConfiguration.keyStore=../docker/redis/redis-containers/keystore/all-services.keystore.p12 | |
-DtlsConfiguration.trustStore=../docker/redis/redis-containers/keystore/all-services.truststore.p12 | |
-Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
- name: Output Redis logs | |
if: always() | |
run: | | |
echo "Redis Master" | |
docker logs redis-master | |
echo "Redis Replica" | |
docker logs redis-replica | |
- name: Output Caching Service container logs | |
if: always() | |
run: docker logs caching-service | |
- name: Output Gateway container logs | |
if: always() | |
run: docker logs gateway-service | |
- name: Output ZAAS container logs | |
if: always() | |
run: docker logs zaas-service | |
- name: Output Discovery container logs | |
if: always() | |
run: docker logs discovery-service | |
# Coverage results are not stored in this job as it would not provide much additional data | |
- name: Store results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: ContainerCITestsWithRedisReplica-${{ env.JOB_ID }} | |
path: | | |
integration-tests/build/reports/** | |
- uses: ./.github/actions/teardown | |
CITestsWithRedisSentinel: | |
needs: PublishJibContainers | |
runs-on: ubuntu-latest | |
timeout-minutes: 15 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- name: Run APIML and Redis Containers | |
run: | | |
cd docker/redis | |
chmod +x run-redis.sh | |
./run-redis.sh -l -s -t -a ${{ env.JOB_ID }} | |
- uses: ./.github/actions/validate-apiml-healthy | |
with: | |
caching-service: "true" | |
- name: Run Caching Service tests | |
run: > | |
./gradlew :integration-tests:runCachingServiceTests --info | |
-DtlsConfiguration.clientKeyStore=../docker/redis/redis-containers/keystore/all-services.keystore.p12 | |
-DtlsConfiguration.keyAlias=apimtst | |
-DtlsConfiguration.keyStore=../docker/redis/redis-containers/keystore/all-services.keystore.p12 | |
-DtlsConfiguration.trustStore=../docker/redis/redis-containers/keystore/all-services.truststore.p12 | |
-Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
- name: Output Redis logs | |
if: always() | |
run: | | |
echo "Redis Master" | |
docker logs redis-master | |
echo "Redis Replica" | |
docker logs redis-replica | |
echo "Redis Sentinel 1" | |
docker logs redis-sentinel-1 | |
echo "Redis Sentinel 2" | |
docker logs redis-sentinel-2 | |
echo "Redis Sentinel 3" | |
docker logs redis-sentinel-3 | |
- name: Output Caching Service container logs | |
if: always() | |
run: docker logs caching-service | |
- name: Output Gateway container logs | |
if: always() | |
run: docker logs gateway-service | |
- name: Output ZAAS container logs | |
if: always() | |
run: docker logs zaas-service | |
- name: Output Discovery container logs | |
if: always() | |
run: docker logs discovery-service | |
# Coverage results are not stored in this job as it would not provide much additional data | |
- name: Store results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: ContainerCITestsWithRedisSentinel-${{ env.JOB_ID }} | |
path: | | |
integration-tests/build/reports/** | |
- uses: ./.github/actions/teardown | |
CITestsHA: | |
needs: PublishJibContainers | |
container: ubuntu:latest | |
runs-on: ubuntu-latest | |
timeout-minutes: 15 | |
services: | |
api-catalog-services: | |
image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
env: | |
APIML_HEALTH_PROTECTED: false | |
api-catalog-services-2: | |
image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
env: | |
APIML_SERVICE_HOSTNAME: api-catalog-services-2 | |
APIML_HEALTH_PROTECTED: false | |
caching-service: | |
image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
discoverable-client: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
discoverable-client-2: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_HOSTNAME: discoverable-client-2 | |
mock-services: | |
image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
discovery-service: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
env: | |
APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service:10011/eureka,https://discovery-service-2:10011/eureka | |
discovery-service-2: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
env: | |
APIML_SERVICE_HOSTNAME: discovery-service-2 | |
APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service-2:10011/eureka,https://discovery-service:10011/eureka | |
zaas-service: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
zaas-service-2: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
gateway-service-2: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_HOSTNAME: gateway-service-2 | |
APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- name: Run HA Tests | |
run: > | |
./gradlew runHATests --info -Denvironment.config=-ha | |
-Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD | |
env: | |
ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
- name: Correct Permisions | |
run: | | |
chmod 755 -R .gradle | |
# Coverage results are not stored in this job as it would not provide much additional data | |
- name: Store results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: CITestsHA-${{ env.JOB_ID }} | |
path: | | |
integration-tests/build/reports/** | |
- uses: ./.github/actions/teardown | |
DeterministicHALoadBalancing: | |
needs: PublishJibContainers | |
container: ubuntu:latest | |
runs-on: ubuntu-latest | |
timeout-minutes: 15 | |
services: | |
api-catalog-services: | |
image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
caching-service: | |
image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
discoverable-client: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
discoverable-client-2: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_HOSTNAME: discoverable-client-2 | |
mock-services: | |
image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
discovery-service: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
env: | |
APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service:10011/eureka,https://discovery-service-2:10011/eureka | |
discovery-service-2: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
env: | |
APIML_SERVICE_HOSTNAME: discovery-service-2 | |
APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service-2:10011/eureka,https://discovery-service:10011/eureka | |
zaas-service: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
zaas-service-2: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
APIML_ROUTING_INSTANCEIDHEADER: true | |
gateway-service-2: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_HOSTNAME: gateway-service-2 | |
APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
APIML_ROUTING_INSTANCEIDHEADER: true | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- name: Setup Docker | |
if: ${{ false }} # Debug of containers | |
run: | | |
apt update | |
apt install -y apt-transport-https ca-certificates curl software-properties-common | |
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - | |
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable" | |
apt update | |
apt-cache policy docker-ce | |
apt install -y docker-ce | |
- name: Run HA Tests | |
run: > | |
./gradlew runDeterministicLbHaTests --info -Denvironment.config=-ha | |
-Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD | |
env: | |
ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
- name: Get Container Logs | |
if: ${{ false }} # Debug of containers | |
run: | | |
docker ps -a | |
docker ps -q | xargs -L 1 docker logs | |
- name: Correct Permisions | |
run: | | |
chmod 755 -R .gradle | |
# Coverage results are not stored in this job as it would not provide much additional data | |
- name: Store results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: DeterministicLbHaTest-${{ env.JOB_ID }} | |
path: | | |
integration-tests/build/reports/** | |
- uses: ./.github/actions/teardown | |
StickySessionHALoadBalancing: | |
needs: PublishJibContainers | |
container: ubuntu:latest | |
runs-on: ubuntu-latest | |
timeout-minutes: 15 | |
services: | |
api-catalog-services: | |
image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
caching-service: | |
image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
discoverable-client: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_CUSTOMMETADATA_APIML_LB_TYPE: authentication | |
discoverable-client-2: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_HOSTNAME: discoverable-client-2 | |
APIML_SERVICE_CUSTOMMETADATA_APIML_LB_TYPE: authentication | |
mock-services: | |
image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
discovery-service: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
env: | |
APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service:10011/eureka,https://discovery-service-2:10011/eureka | |
discovery-service-2: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
env: | |
APIML_SERVICE_HOSTNAME: discovery-service-2 | |
APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service-2:10011/eureka,https://discovery-service:10011/eureka | |
zaas-service: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
zaas-service-2: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
APIML_SERVICE_CUSTOMMETADATA_APIML_LB_TYPE: authentication | |
gateway-service-2: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_HOSTNAME: gateway-service-2 | |
APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
APIML_SERVICE_CUSTOMMETADATA_APIML_LB_TYPE: authentication | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- name: Setup Docker | |
if: ${{ false }} # Debug of containers | |
run: | | |
apt update | |
apt install -y apt-transport-https ca-certificates curl software-properties-common | |
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - | |
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable" | |
apt update | |
apt-cache policy docker-ce | |
apt install -y docker-ce | |
- name: Run HA Tests | |
run: > | |
./gradlew runStickySessionLbHaTests --info -Denvironment.config=-ha | |
-Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD | |
env: | |
ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
- name: Get Container Logs | |
if: ${{ false }} # Debug of containers | |
run: | | |
docker ps -a | |
docker ps -q | xargs -L 1 docker logs | |
- name: Correct Permisions | |
run: | | |
chmod 755 -R .gradle | |
# Coverage results are not stored in this job as it would not provide much additional data | |
- name: Store results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: StickySessionLbHaTest-${{ env.JOB_ID }} | |
path: | | |
integration-tests/build/reports/** | |
- uses: ./.github/actions/teardown | |
CITestsDiscoveryChaoticHA: | |
needs: PublishJibContainers | |
container: ubuntu:latest | |
runs-on: ubuntu-latest | |
timeout-minutes: 15 | |
services: | |
api-catalog-services: | |
image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
caching-service: | |
image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
discoverable-client: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
mock-services: | |
image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
discovery-service: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
env: | |
APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service:10011/eureka,https://discovery-service-2:10011/eureka | |
discovery-service-2: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
env: | |
APIML_SERVICE_HOSTNAME: discovery-service-2 | |
APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service-2:10011/eureka,https://discovery-service:10011/eureka | |
zaas-service: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
zaas-service-2: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
gateway-service-2: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_HOSTNAME: gateway-service-2 | |
APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- name: Run Discovery Service Chaotic HA Tests | |
run: > | |
./gradlew :integration-tests:runChaoticHATests --tests org.zowe.apiml.integration.ha.DiscoveryChaoticTest | |
--info -Denvironment.config=-ha | |
-Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD | |
env: | |
ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
- name: Correct Permisions | |
run: | | |
chmod 755 -R .gradle | |
# Coverage results are not stored in this job as it would not provide much additional data | |
- name: Store results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: CITestsDiscoveryChaoticHA-${{ env.JOB_ID }} | |
path: | | |
integration-tests/build/reports/** | |
- uses: ./.github/actions/teardown | |
CITestsGatewayChaoticHA: | |
needs: PublishJibContainers | |
container: ubuntu:latest | |
runs-on: ubuntu-latest | |
timeout-minutes: 15 | |
services: | |
api-catalog-services: | |
image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
caching-service: | |
image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
discoverable-client: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
mock-services: | |
image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
discovery-service: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
env: | |
APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service:10011/eureka,https://discovery-service-2:10011/eureka | |
discovery-service-2: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
env: | |
APIML_SERVICE_HOSTNAME: discovery-service-2 | |
APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service-2:10011/eureka,https://discovery-service:10011/eureka | |
zaas-service: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
zaas-service-2: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
gateway-service-2: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_HOSTNAME: gateway-service-2 | |
APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- name: Run Gateway Service Chaotic HA Tests | |
run: > | |
./gradlew :integration-tests:runChaoticHATests --tests org.zowe.apiml.integration.ha.GatewayChaoticTest | |
--info -Denvironment.config=-ha | |
-Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD | |
env: | |
ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
- name: Correct Permisions | |
run: | | |
chmod 755 -R .gradle | |
# Coverage results are not stored in this job as it would not provide much additional data | |
- name: Store results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: CITestsGatewayChaoticHA-${{ env.JOB_ID }} | |
path: | | |
integration-tests/build/reports/** | |
- uses: ./.github/actions/teardown | |
CITestsDicoverableClientChaoticHA: | |
needs: PublishJibContainers | |
container: ubuntu:latest | |
runs-on: ubuntu-latest | |
timeout-minutes: 15 | |
services: | |
api-catalog-services: | |
image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
caching-service: | |
image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
discoverable-client: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
discoverable-client-2: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_HOSTNAME: discoverable-client-2 | |
mock-services: | |
image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
discovery-service: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
env: | |
APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service:10011/eureka,https://discovery-service-2:10011/eureka | |
discovery-service-2: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
env: | |
APIML_SERVICE_HOSTNAME: discovery-service-2 | |
APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service-2:10011/eureka,https://discovery-service:10011/eureka | |
zaas-service: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
zaas-service-2: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
gateway-service-2: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_HOSTNAME: gateway-service-2 | |
APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- name: Run Discoverable Client Chaotic HA Tests | |
run: > | |
./gradlew :integration-tests:runChaoticHATests --tests org.zowe.apiml.integration.ha.SouthboundServiceChaoticTest | |
--info -Denvironment.config=-ha | |
-Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD | |
env: | |
ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
- name: Correct Permisions | |
run: | | |
chmod 755 -R .gradle | |
# Coverage results are not stored in this job as it would not provide much additional data | |
- name: Store results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: CITestsDicoverableClientChaoticHA-${{ env.JOB_ID }} | |
path: | | |
integration-tests/build/reports/** | |
- uses: ./.github/actions/teardown | |
CITestsWebSocketChaoticHA: | |
needs: PublishJibContainers | |
container: ubuntu:latest | |
runs-on: ubuntu-latest | |
timeout-minutes: 15 | |
services: | |
api-catalog-services: | |
image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
caching-service: | |
image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
discoverable-client: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
discoverable-client-2: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_HOSTNAME: discoverable-client-2 | |
mock-services: | |
image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
discovery-service: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
env: | |
APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service:10011/eureka,https://discovery-service-2:10011/eureka | |
discovery-service-2: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
env: | |
APIML_SERVICE_HOSTNAME: discovery-service-2 | |
APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service-2:10011/eureka,https://discovery-service:10011/eureka | |
zaas-service: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
zaas-service-2: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
gateway-service-2: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SERVICE_HOSTNAME: gateway-service-2 | |
APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- name: Run WebSocket Chaotic HA Tests | |
run: > | |
./gradlew :integration-tests:runChaoticHATests --tests org.zowe.apiml.integration.ha.WebSocketChaoticTest | |
--info -Denvironment.config=-ha | |
-Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD | |
env: | |
ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
- uses: ./.github/actions/dump-jacoco | |
if: always() | |
- name: Dump DC jacoco data | |
run: > | |
java -jar ./scripts/jacococli.jar dump --address discoverable-client --port 6303 --destfile ./results/discoverable-client.exec | |
- name: Correct Permisions | |
run: | | |
chmod 755 -R .gradle | |
# Coverage results are not stored in this job as it would not provide much additional data | |
- name: Store results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: CITestsWebSocketChaoticHA-${{ env.JOB_ID }} | |
path: | | |
integration-tests/build/reports/** | |
results/** | |
- uses: ./.github/actions/teardown | |
CITestsWithInfinispan: | |
needs: PublishJibContainers | |
runs-on: ubuntu-latest | |
container: ubuntu:latest | |
timeout-minutes: 15 | |
services: | |
api-catalog-services: | |
image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
caching-service: | |
image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
ZWE_CACHING_SERVICE_PERSISTENT: 'infinispan' | |
JGROUPS_BIND_PORT: "7099" | |
SERVER_SSL_KEYSTORETYPE: "PKCS12" | |
CACHING_STORAGE_INFINISPAN_PERSISTENCE_DATALOCATION: "data_replica" | |
CACHING_STORAGE_INFINISPAN_INITIALHOSTS: "caching-service-2[7098]" | |
CACHING_STORAGE_MODE: "infinispan" | |
APIML_SERVICE_PORT: "10022" | |
JGROUPS_BIND_ADDRESS: "caching-service" | |
caching-service-2: | |
image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
ZWE_CACHING_SERVICE_PERSISTENT: 'infinispan' | |
JGROUPS_BIND_PORT: "7098" | |
SERVER_SSL_KEYSTORETYPE: "PKCS12" | |
CACHING_STORAGE_INFINISPAN_PERSISTENCE_DATALOCATION: "data" | |
CACHING_STORAGE_INFINISPAN_INITIALHOSTS: "caching-service[7099]" | |
CACHING_STORAGE_MODE: "infinispan" | |
JGROUPS_BIND_ADDRESS: "caching-service-2" | |
APIML_SERVICE_HOSTNAME: "caching-service-2" | |
discoverable-client: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
discovery-service: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
zaas-service: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
APIML_SECURITY_X509_ENABLED: true | |
APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
APIML_SECURITY_X509_CERTIFICATESURL: https://gateway-service:10010/gateway/certificates | |
mock-services: | |
image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- name: Build with Gradle | |
run: > | |
./gradlew :integration-tests:runInfinispanServiceTests --info -Denvironment.config=-docker | |
-Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
- uses: ./.github/actions/dump-jacoco | |
if: always() | |
- name: Store results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: CITestsWithInfinispan-${{ env.JOB_ID }} | |
path: | | |
integration-tests/build/reports/** | |
results/** | |
- uses: ./.github/actions/teardown | |
E2EUITests: | |
needs: PublishJibContainers | |
runs-on: ubuntu-latest | |
container: cypress/browsers:node-20.11.0-chrome-121.0.6167.85-1-ff-120.0-edge-121.0.2277.83-1 | |
timeout-minutes: 30 | |
services: | |
api-catalog-services: | |
image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
discoverable-client: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
discovery-service: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
env: | |
SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OKTA_CLIENTID: ${{ secrets.OKTA_CLIENT_ID }} | |
SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OKTA_CLIENTSECRET: ${{ secrets.OKTA_CLIENT_PASSWORD }} | |
SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_ISSUER: ${{ secrets.OKTA_ISSUER }} | |
SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_AUTHORIZATIONURI: ${{ secrets.OKTA_AUTH_URI }} | |
SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_TOKENURI: ${{ secrets.OKTA_TOKEN_URI }} | |
SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_USERINFOURI: ${{ secrets.OKTA_USER_INFO_URI }} | |
SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_USERNAMEATTRIBUTE: sub | |
SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_JWKSETURI: ${{ secrets.OKTA_JWKSET_URI }} | |
APIML_SECURITY_OIDC_COOKIE_SAMESITE: None | |
zaas-service: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
mock-services: | |
image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- name: Install npm dependencies API Catalog | |
uses: bahmutov/npm-install@v1 | |
with: | |
install-command: npm ci --legacy-peer-deps | |
working-directory: api-catalog-ui/frontend | |
- name: Cache NPM and Cypress 📦 | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cache/Cypress | |
api-catalog-ui/frontend/node_modules | |
key: my-cache-${{ runner.os }}-${{ hashFiles('api-catalog-ui/frontend/*.json') }} | |
- name: Cypress run API Catalog | |
run: | | |
cd api-catalog-ui/frontend | |
export CYPRESS_OKTA_USERNAME=${{ secrets.OKTA_WINNIE_USER }} | |
export CYPRESS_OKTA_PASSWORD=${{ secrets.OKTA_WINNIE_PASS }} | |
npm run cy:e2e:ci | |
- name: Dump CGW jacoco data | |
run: > | |
java -jar ./scripts/jacococli.jar dump --address gateway-service --port 6300 --destfile ./results/gateway-service.exec | |
- name: Store results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: E2EUITests-${{ env.JOB_ID }} | |
path: | | |
results/** | |
- name: Upload screenshots API Catalog | |
uses: actions/upload-artifact@v4 | |
if: ${{ !cancelled() }} | |
with: | |
name: cypress-snapshots | |
path: api-catalog-ui/frontend/cypress/screenshots | |
- uses: ./.github/actions/teardown | |
CITestsServicePrefixReplacer: | |
needs: PublishJibContainers | |
container: ubuntu:latest | |
runs-on: ubuntu-latest | |
timeout-minutes: 15 | |
services: | |
api-catalog-services: | |
image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
discoverable-client: | |
image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
discovery-service: | |
image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
volumes: | |
- /api-defs:/api-defs | |
env: | |
APIML_DISCOVERY_SERVICEIDPREFIXREPLACER: "discoverable*,sample" | |
gateway-service: | |
image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
zaas-service: | |
image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
mock-services: | |
image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- name: Run Service ID Prefix Replacer Tests | |
run: > | |
./gradlew :integration-tests:runIdPrefixReplacerTests --info -Denvironment.config=-docker | |
-Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
- name: Store results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: CITestsServicePrefixReplacer-${{ env.JOB_ID }} | |
path: | | |
integration-tests/build/reports/** | |
results/** | |
- uses: ./.github/actions/teardown | |
PublishResults: | |
needs: [ CITests,CITestsWithInfinispan,CITestsZaas,GatewayProxy,GatewayServiceRouting ] | |
runs-on: ubuntu-latest | |
timeout-minutes: 20 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
ref: ${{ github.head_ref }} | |
- uses: ./.github/actions/setup | |
- uses: actions/download-artifact@v4 | |
with: | |
name: ContainerCITests-${{ env.JOB_ID }} | |
path: containercitests | |
- uses: actions/download-artifact@v4 | |
with: | |
name: CITestsWithInfinispan-${{ env.JOB_ID }} | |
path: citestswithinfinispan | |
- uses: actions/download-artifact@v4 | |
with: | |
name: GatewayProxy-${{ env.JOB_ID }} | |
path: GatewayProxy | |
- uses: actions/download-artifact@v4 | |
with: | |
name: ContainerCITestsZaas-${{ env.JOB_ID }} | |
path: ContainerCITestsZaas | |
- uses: actions/download-artifact@v4 | |
with: | |
name: CITestsWebSocketChaoticHA-${{ env.JOB_ID }} | |
path: citestswebsocketchaoticha | |
- uses: actions/download-artifact@v4 | |
with: | |
name: GatewayServiceRouting-${{ env.JOB_ID }} | |
path: GatewayServiceRouting | |
- name: Code coverage and publish results | |
run: > | |
./gradlew --info coverage sonar -Dresults="containercitests/results,citestswithinfinispan/results,GatewayProxy/results,citestswebsocketchaoticha/results,GatewayServiceRouting/results,ContainerCITestsZaas/results" | |
-Psonar.host.url=$SONAR_HOST_URL -Dsonar.token=$SONAR_TOKEN -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD | |
env: | |
ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- uses: ./.github/actions/teardown |