Single Tenant Integration Test π #159
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Single Tenant Integration Test π | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| cf_space: | |
| description: 'Specify the Cloud Foundry space to run integration tests on' | |
| required: true | |
| branch_name: | |
| description: 'Specify the branch to use for integration tests' | |
| required: true | |
| jobs: | |
| integration-test: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| tokenFlow: [namedUser, technicalUser] | |
| testClass: | |
| - IntegrationTest_SingleFacet | |
| - IntegrationTest_MultipleFacet | |
| - IntegrationTest_Chapters_MultipleFacet | |
| env: | |
| FILE_URL: ${{ 'http://www.eicar.org/download/eicar.com.txt' }} | |
| DOWNLOAD_PATH: ${{ 'sdm/eicar.com.txt' }} | |
| steps: | |
| - name: Checkout repository π | |
| uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ github.event.inputs.branch_name }} | |
| - name: Set up Java 17 β | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: 17 | |
| distribution: 'temurin' | |
| cache: 'maven' | |
| - name: Cache CF CLI π¦ | |
| id: cache-cf-cli | |
| uses: actions/cache@v4 | |
| with: | |
| path: /usr/bin/cf8 | |
| key: cf-cli-v8-${{ runner.os }} | |
| - name: Install Cloud Foundry CLI π§ | |
| if: steps.cache-cf-cli.outputs.cache-hit != 'true' | |
| run: | | |
| echo "π Installing Cloud Foundry CLI..." | |
| wget -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key | sudo apt-key add - | |
| echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list | |
| sudo apt-get update | |
| sudo apt-get install cf8-cli | |
| - name: Install jq π¦ | |
| run: | | |
| if ! command -v jq &> /dev/null; then | |
| sudo apt-get update && sudo apt-get install -y jq | |
| fi | |
| - name: Determine Cloud Foundry Space π | |
| id: determine_space | |
| run: | | |
| if [ "${{ github.event.inputs.cf_space }}" == "developcap" ]; then | |
| space="${{ secrets.CF_SPACE }}" | |
| else | |
| space="${{ github.event.inputs.cf_space }}" | |
| fi | |
| echo "π Space determined: $space" | |
| echo "space=$space" >> $GITHUB_OUTPUT | |
| - name: Login to Cloud Foundry π | |
| run: | | |
| echo "π Logging in to Cloud Foundry..." | |
| echo "Space Name: ${{ steps.determine_space.outputs.space }}" | |
| cf login -a ${{ secrets.CF_API }} \ | |
| -u ${{ secrets.CF_USER }} \ | |
| -p ${{ secrets.CF_PASSWORD }} \ | |
| -o ${{ secrets.CF_ORG }} \ | |
| -s ${{ steps.determine_space.outputs.space }} | |
| echo "β Logged in successfully!" | |
| - name: Fetch and Escape Client Details for single tenant π | |
| id: fetch_credentials | |
| run: | | |
| echo "π Fetching client details for single tenant..." | |
| service_instance_guid=$(cf service demoappjava-public-uaa --guid) | |
| if [ -z "$service_instance_guid" ]; then | |
| echo "β Error: Unable to retrieve service instance GUID"; exit 1; | |
| fi | |
| bindings_response=$(cf curl "/v3/service_credential_bindings?service_instance_guids=${service_instance_guid}") | |
| binding_guid=$(echo "$bindings_response" | jq -r '.resources[0].guid') | |
| if [ -z "$binding_guid" ]; then | |
| echo "β Error: Unable to retrieve binding GUID"; exit 1; | |
| fi | |
| binding_details=$(cf curl "/v3/service_credential_bindings/${binding_guid}/details") | |
| clientSecret=$(echo "$binding_details" | jq -r '.credentials.clientsecret') | |
| if [ -z "$clientSecret" ] || [ "$clientSecret" == "null" ]; then | |
| echo "β Error: clientSecret is not set or is null"; exit 1; | |
| fi | |
| escapedClientSecret=$(echo "$clientSecret" | sed 's/\$/\\$/g') | |
| echo "::add-mask::$escapedClientSecret" | |
| clientID=$(echo "$binding_details" | jq -r '.credentials.clientid') | |
| if [ -z "$clientID" ] || [ "$clientID" == "null" ]; then | |
| echo "β Error: clientID is not set or is null"; exit 1; | |
| fi | |
| echo "::add-mask::$clientID" | |
| echo "CLIENT_SECRET=$escapedClientSecret" >> $GITHUB_OUTPUT | |
| echo "CLIENT_ID=$clientID" >> $GITHUB_OUTPUT | |
| echo "β Client details fetched successfully!" | |
| - name: Download virus test file π₯ | |
| run: | | |
| curl -fSL "$FILE_URL" -o "$DOWNLOAD_PATH" | |
| sleep 5 | |
| if [ -f "$DOWNLOAD_PATH" ]; then | |
| FILE_NAME=$(basename "$DOWNLOAD_PATH") | |
| FILE_SIZE=$(stat -c '%s' "$DOWNLOAD_PATH") | |
| echo "File exists β Name: $FILE_NAME, Size: $FILE_SIZE bytes" | |
| else | |
| echo "β File NOT found at path: $DOWNLOAD_PATH" | |
| exit 1 | |
| fi | |
| - name: Run integration tests π― (${{ matrix.tokenFlow }} - ${{ matrix.testClass }}) | |
| env: | |
| CLIENT_SECRET: ${{ steps.fetch_credentials.outputs.CLIENT_SECRET }} | |
| CLIENT_ID: ${{ steps.fetch_credentials.outputs.CLIENT_ID }} | |
| CMIS_CLIENT_ID: ${{ secrets.CMISCLIENTID }} | |
| CMIS_CLIENT_SECRET: ${{ secrets.CMISCLIENTSECRET }} | |
| run: | | |
| echo "π Starting integration tests for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}..." | |
| set -e | |
| PROPERTIES_FILE="sdm/src/test/resources/credentials.properties" | |
| appUrl="${{ secrets.CF_ORG }}-${{ steps.determine_space.outputs.space }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" | |
| authUrl="${{ secrets.CAPAUTH_URL }}" | |
| clientID="${{ env.CLIENT_ID }}" | |
| clientSecret="${{ env.CLIENT_SECRET }}" | |
| username="${{ secrets.CF_USER }}" | |
| password="${{ secrets.CF_PASSWORD }}" | |
| noSDMRoleUsername="${{ secrets.NOSDMROLEUSERNAME }}" | |
| noSDMRoleUserPassword="${{ secrets.NOSDMROLEUSERPASSWORD }}" | |
| versionedRepositoryID="${{ secrets.VERSIONEDREPOSITORYID }}" | |
| virusScanRepositoryID="${{ secrets.VIRUSSCANREPOSITORYID }}" | |
| defaultRepositoryID="${{ secrets.DEFAULTREPOSITORYID }}" | |
| CMIS_URL="${{ secrets.CMIS_URL }}" | |
| cmisClientID="$CMIS_CLIENT_ID" | |
| cmisClientSecret="$CMIS_CLIENT_SECRET" | |
| echo "::add-mask::$clientSecret" | |
| echo "::add-mask::$clientID" | |
| echo "::add-mask::$username" | |
| echo "::add-mask::$password" | |
| echo "::add-mask::$noSDMRoleUsername" | |
| echo "::add-mask::$noSDMRoleUserPassword" | |
| echo "::add-mask::$versionedRepositoryID" | |
| echo "::add-mask::$virusScanRepositoryID" | |
| echo "::add-mask::$defaultRepositoryID" | |
| echo "::add-mask::$CMIS_URL" | |
| echo "::add-mask::$cmisClientID" | |
| echo "::add-mask::$cmisClientSecret" | |
| if [ -z "$appUrl" ]; then echo "β Error: appUrl is not set"; exit 1; fi | |
| if [ -z "$authUrl" ]; then echo "β Error: authUrl is not set"; exit 1; fi | |
| if [ -z "$clientID" ]; then echo "β Error: clientID is not set"; exit 1; fi | |
| if [ -z "$clientSecret" ]; then echo "β Error: clientSecret is not set"; exit 1; fi | |
| if [ -z "$username" ]; then echo "β Error: username is not set"; exit 1; fi | |
| if [ -z "$password" ]; then echo "β Error: password is not set"; exit 1; fi | |
| if [ -z "$noSDMRoleUsername" ]; then echo "β Error: noSDMRoleUsername is not set"; exit 1; fi | |
| if [ -z "$noSDMRoleUserPassword" ]; then echo "β Error: noSDMRoleUserPassword is not set"; exit 1; fi | |
| if [ -z "$versionedRepositoryID" ]; then echo "β Error: versionedRepositoryID is not set"; exit 1; fi | |
| if [ -z "$virusScanRepositoryID" ]; then echo "β Error: virusScanRepositoryID is not set"; exit 1; fi | |
| if [ -z "$defaultRepositoryID" ]; then echo "β Error: defaultRepositoryID is not set"; exit 1; fi | |
| if [ -z "$CMIS_URL" ]; then echo "β Error: CMIS_URL is not set"; exit 1; fi | |
| if [ -z "$cmisClientID" ]; then echo "β Error: cmisClientID is not set"; exit 1; fi | |
| if [ -z "$cmisClientSecret" ]; then echo "β Error: cmisClientSecret is not set"; exit 1; fi | |
| cat > "$PROPERTIES_FILE" <<EOL | |
| appUrl=$appUrl | |
| authUrl=$authUrl | |
| clientID=$clientID | |
| clientSecret=$clientSecret | |
| username=$username | |
| password=$password | |
| noSDMRoleUsername=$noSDMRoleUsername | |
| noSDMRoleUserPassword=$noSDMRoleUserPassword | |
| versionedRepositoryID=$versionedRepositoryID | |
| virusScanRepositoryID=$virusScanRepositoryID | |
| defaultRepositoryID=$defaultRepositoryID | |
| CMIS_URL=$CMIS_URL | |
| cmisClientID=$cmisClientID | |
| cmisClientSecret=$cmisClientSecret | |
| EOL | |
| echo "π― Running Maven integration tests for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}..." | |
| mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java" | |
| versioned-repo-setup: | |
| runs-on: ubuntu-latest | |
| needs: integration-test | |
| if: always() | |
| steps: | |
| - name: Cache CF CLI π¦ | |
| id: cache-cf-cli | |
| uses: actions/cache@v4 | |
| with: | |
| path: /usr/bin/cf8 | |
| key: cf-cli-v8-${{ runner.os }} | |
| - name: Install Cloud Foundry CLI π§ | |
| if: steps.cache-cf-cli.outputs.cache-hit != 'true' | |
| run: | | |
| echo "π Installing Cloud Foundry CLI..." | |
| wget -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key | sudo apt-key add - | |
| echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list | |
| sudo apt-get update | |
| sudo apt-get install cf8-cli | |
| - name: Determine Cloud Foundry Space π | |
| id: determine_space | |
| run: | | |
| if [ "${{ github.event.inputs.cf_space }}" == "developcap" ]; then | |
| space="${{ secrets.CF_SPACE }}" | |
| else | |
| space="${{ github.event.inputs.cf_space }}" | |
| fi | |
| echo "space=$space" >> $GITHUB_OUTPUT | |
| - name: Login to Cloud Foundry π | |
| run: | | |
| cf login -a ${{ secrets.CF_API }} \ | |
| -u ${{ secrets.CF_USER }} \ | |
| -p ${{ secrets.CF_PASSWORD }} \ | |
| -o ${{ secrets.CF_ORG }} \ | |
| -s ${{ steps.determine_space.outputs.space }} | |
| - name: Switch to Versioned Repository π | |
| run: | | |
| echo "π Switching REPOSITORY_ID to versioned repository..." | |
| cf set-env demoappjava-srv REPOSITORY_ID "${{ secrets.VERSIONEDREPOSITORYID }}" | |
| echo "π Restaging application..." | |
| cf restage demoappjava-srv | |
| echo "β Switched to versioned repository!" | |
| versioned-integration-test: | |
| runs-on: ubuntu-latest | |
| needs: versioned-repo-setup | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| tokenFlow: [namedUser, technicalUser] | |
| testClass: | |
| - IntegrationTest_SingleFacet_VersionedRepository | |
| - IntegrationTest_MultipleFacet_VersionedRepository | |
| - IntegrationTest_Chapters_MultipleFacet_VersionedRepository | |
| steps: | |
| - name: Checkout repository π | |
| uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ github.event.inputs.branch_name }} | |
| - name: Set up Java 17 β | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: 17 | |
| distribution: 'temurin' | |
| cache: 'maven' | |
| - name: Cache CF CLI π¦ | |
| id: cache-cf-cli | |
| uses: actions/cache@v4 | |
| with: | |
| path: /usr/bin/cf8 | |
| key: cf-cli-v8-${{ runner.os }} | |
| - name: Install Cloud Foundry CLI π§ | |
| if: steps.cache-cf-cli.outputs.cache-hit != 'true' | |
| run: | | |
| echo "π Installing Cloud Foundry CLI..." | |
| wget -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key | sudo apt-key add - | |
| echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list | |
| sudo apt-get update | |
| sudo apt-get install cf8-cli | |
| - name: Install jq π¦ | |
| run: | | |
| if ! command -v jq &> /dev/null; then | |
| sudo apt-get update && sudo apt-get install -y jq | |
| fi | |
| - name: Determine Cloud Foundry Space π | |
| id: determine_space | |
| run: | | |
| if [ "${{ github.event.inputs.cf_space }}" == "developcap" ]; then | |
| space="${{ secrets.CF_SPACE }}" | |
| else | |
| space="${{ github.event.inputs.cf_space }}" | |
| fi | |
| echo "space=$space" >> $GITHUB_OUTPUT | |
| - name: Login to Cloud Foundry π | |
| run: | | |
| cf login -a ${{ secrets.CF_API }} \ | |
| -u ${{ secrets.CF_USER }} \ | |
| -p ${{ secrets.CF_PASSWORD }} \ | |
| -o ${{ secrets.CF_ORG }} \ | |
| -s ${{ steps.determine_space.outputs.space }} | |
| - name: Fetch and Escape Client Details for single tenant π | |
| id: fetch_credentials | |
| run: | | |
| echo "π Fetching client details for single tenant..." | |
| service_instance_guid=$(cf service demoappjava-public-uaa --guid) | |
| if [ -z "$service_instance_guid" ]; then | |
| echo "β Error: Unable to retrieve service instance GUID"; exit 1; | |
| fi | |
| bindings_response=$(cf curl "/v3/service_credential_bindings?service_instance_guids=${service_instance_guid}") | |
| binding_guid=$(echo "$bindings_response" | jq -r '.resources[0].guid') | |
| if [ -z "$binding_guid" ]; then | |
| echo "β Error: Unable to retrieve binding GUID"; exit 1; | |
| fi | |
| binding_details=$(cf curl "/v3/service_credential_bindings/${binding_guid}/details") | |
| clientSecret=$(echo "$binding_details" | jq -r '.credentials.clientsecret') | |
| if [ -z "$clientSecret" ] || [ "$clientSecret" == "null" ]; then | |
| echo "β Error: clientSecret is not set or is null"; exit 1; | |
| fi | |
| escapedClientSecret=$(echo "$clientSecret" | sed 's/\$/\\$/g') | |
| echo "::add-mask::$escapedClientSecret" | |
| clientID=$(echo "$binding_details" | jq -r '.credentials.clientid') | |
| if [ -z "$clientID" ] || [ "$clientID" == "null" ]; then | |
| echo "β Error: clientID is not set or is null"; exit 1; | |
| fi | |
| echo "::add-mask::$clientID" | |
| echo "CLIENT_SECRET=$escapedClientSecret" >> $GITHUB_OUTPUT | |
| echo "CLIENT_ID=$clientID" >> $GITHUB_OUTPUT | |
| echo "β Client details fetched successfully!" | |
| - name: Run versioned integration tests π― (${{ matrix.tokenFlow }} - ${{ matrix.testClass }}) | |
| env: | |
| CLIENT_SECRET: ${{ steps.fetch_credentials.outputs.CLIENT_SECRET }} | |
| CLIENT_ID: ${{ steps.fetch_credentials.outputs.CLIENT_ID }} | |
| CMIS_CLIENT_ID: ${{ secrets.CMISCLIENTID }} | |
| CMIS_CLIENT_SECRET: ${{ secrets.CMISCLIENTSECRET }} | |
| run: | | |
| echo "π Starting versioned integration tests for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}..." | |
| set -e | |
| PROPERTIES_FILE="sdm/src/test/resources/credentials.properties" | |
| appUrl="${{ secrets.CF_ORG }}-${{ steps.determine_space.outputs.space }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" | |
| authUrl="${{ secrets.CAPAUTH_URL }}" | |
| clientID="${{ env.CLIENT_ID }}" | |
| clientSecret="${{ env.CLIENT_SECRET }}" | |
| username="${{ secrets.CF_USER }}" | |
| password="${{ secrets.CF_PASSWORD }}" | |
| noSDMRoleUsername="${{ secrets.NOSDMROLEUSERNAME }}" | |
| noSDMRoleUserPassword="${{ secrets.NOSDMROLEUSERPASSWORD }}" | |
| versionedRepositoryID="${{ secrets.VERSIONEDREPOSITORYID }}" | |
| virusScanRepositoryID="${{ secrets.VIRUSSCANREPOSITORYID }}" | |
| defaultRepositoryID="${{ secrets.DEFAULTREPOSITORYID }}" | |
| CMIS_URL="${{ secrets.CMIS_URL }}" | |
| cmisClientID="$CMIS_CLIENT_ID" | |
| cmisClientSecret="$CMIS_CLIENT_SECRET" | |
| echo "::add-mask::$clientSecret" | |
| echo "::add-mask::$clientID" | |
| echo "::add-mask::$username" | |
| echo "::add-mask::$password" | |
| echo "::add-mask::$noSDMRoleUsername" | |
| echo "::add-mask::$noSDMRoleUserPassword" | |
| echo "::add-mask::$versionedRepositoryID" | |
| echo "::add-mask::$virusScanRepositoryID" | |
| echo "::add-mask::$defaultRepositoryID" | |
| echo "::add-mask::$CMIS_URL" | |
| echo "::add-mask::$cmisClientID" | |
| echo "::add-mask::$cmisClientSecret" | |
| if [ -z "$appUrl" ]; then echo "β Error: appUrl is not set"; exit 1; fi | |
| if [ -z "$authUrl" ]; then echo "β Error: authUrl is not set"; exit 1; fi | |
| if [ -z "$clientID" ]; then echo "β Error: clientID is not set"; exit 1; fi | |
| if [ -z "$clientSecret" ]; then echo "β Error: clientSecret is not set"; exit 1; fi | |
| if [ -z "$username" ]; then echo "β Error: username is not set"; exit 1; fi | |
| if [ -z "$password" ]; then echo "β Error: password is not set"; exit 1; fi | |
| if [ -z "$noSDMRoleUsername" ]; then echo "β Error: noSDMRoleUsername is not set"; exit 1; fi | |
| if [ -z "$noSDMRoleUserPassword" ]; then echo "β Error: noSDMRoleUserPassword is not set"; exit 1; fi | |
| if [ -z "$versionedRepositoryID" ]; then echo "β Error: versionedRepositoryID is not set"; exit 1; fi | |
| if [ -z "$virusScanRepositoryID" ]; then echo "β Error: virusScanRepositoryID is not set"; exit 1; fi | |
| if [ -z "$defaultRepositoryID" ]; then echo "β Error: defaultRepositoryID is not set"; exit 1; fi | |
| if [ -z "$CMIS_URL" ]; then echo "β Error: CMIS_URL is not set"; exit 1; fi | |
| if [ -z "$cmisClientID" ]; then echo "β Error: cmisClientID is not set"; exit 1; fi | |
| if [ -z "$cmisClientSecret" ]; then echo "β Error: cmisClientSecret is not set"; exit 1; fi | |
| cat > "$PROPERTIES_FILE" <<EOL | |
| appUrl=$appUrl | |
| authUrl=$authUrl | |
| clientID=$clientID | |
| clientSecret=$clientSecret | |
| username=$username | |
| password=$password | |
| noSDMRoleUsername=$noSDMRoleUsername | |
| noSDMRoleUserPassword=$noSDMRoleUserPassword | |
| versionedRepositoryID=$versionedRepositoryID | |
| virusScanRepositoryID=$virusScanRepositoryID | |
| defaultRepositoryID=$defaultRepositoryID | |
| CMIS_URL=$CMIS_URL | |
| cmisClientID=$cmisClientID | |
| cmisClientSecret=$cmisClientSecret | |
| EOL | |
| echo "π― Running Maven versioned integration tests for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}..." | |
| mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java" | |
| virusscan-repo-setup: | |
| runs-on: ubuntu-latest | |
| needs: versioned-integration-test | |
| if: always() | |
| steps: | |
| - name: Cache CF CLI π¦ | |
| id: cache-cf-cli | |
| uses: actions/cache@v4 | |
| with: | |
| path: /usr/bin/cf8 | |
| key: cf-cli-v8-${{ runner.os }} | |
| - name: Install Cloud Foundry CLI π§ | |
| if: steps.cache-cf-cli.outputs.cache-hit != 'true' | |
| run: | | |
| echo "π Installing Cloud Foundry CLI..." | |
| wget -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key | sudo apt-key add - | |
| echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list | |
| sudo apt-get update | |
| sudo apt-get install cf8-cli | |
| - name: Determine Cloud Foundry Space π | |
| id: determine_space | |
| run: | | |
| if [ "${{ github.event.inputs.cf_space }}" == "developcap" ]; then | |
| space="${{ secrets.CF_SPACE }}" | |
| else | |
| space="${{ github.event.inputs.cf_space }}" | |
| fi | |
| echo "space=$space" >> $GITHUB_OUTPUT | |
| - name: Login to Cloud Foundry π | |
| run: | | |
| cf login -a ${{ secrets.CF_API }} \ | |
| -u ${{ secrets.CF_USER }} \ | |
| -p ${{ secrets.CF_PASSWORD }} \ | |
| -o ${{ secrets.CF_ORG }} \ | |
| -s ${{ steps.determine_space.outputs.space }} | |
| - name: Switch to Virus Scan Repository π | |
| run: | | |
| echo "π Switching REPOSITORY_ID to virus scan repository..." | |
| cf set-env demoappjava-srv REPOSITORY_ID "${{ secrets.VIRUSSCANREPOSITORYID }}" | |
| echo "π Restaging application..." | |
| cf restage demoappjava-srv | |
| echo "β Switched to virus scan repository!" | |
| virusscan-integration-test: | |
| runs-on: ubuntu-latest | |
| needs: virusscan-repo-setup | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| tokenFlow: [namedUser, technicalUser] | |
| testClass: | |
| - IntegrationTest_SingleFacet_Virus | |
| - IntegrationTest_MultipleFacet_Virus | |
| - IntegrationTest_Chapters_MultipleFacet_Virus | |
| env: | |
| FILE_URL: ${{ 'http://www.eicar.org/download/eicar.com.txt' }} | |
| DOWNLOAD_PATH: ${{ 'sdm/eicar.com.txt' }} | |
| steps: | |
| - name: Checkout repository π | |
| uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ github.event.inputs.branch_name }} | |
| - name: Set up Java 17 β | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: 17 | |
| distribution: 'temurin' | |
| cache: 'maven' | |
| - name: Cache CF CLI π¦ | |
| id: cache-cf-cli | |
| uses: actions/cache@v4 | |
| with: | |
| path: /usr/bin/cf8 | |
| key: cf-cli-v8-${{ runner.os }} | |
| - name: Install Cloud Foundry CLI π§ | |
| if: steps.cache-cf-cli.outputs.cache-hit != 'true' | |
| run: | | |
| echo "π Installing Cloud Foundry CLI..." | |
| wget -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key | sudo apt-key add - | |
| echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list | |
| sudo apt-get update | |
| sudo apt-get install cf8-cli | |
| - name: Install jq π¦ | |
| run: | | |
| if ! command -v jq &> /dev/null; then | |
| sudo apt-get update && sudo apt-get install -y jq | |
| fi | |
| - name: Determine Cloud Foundry Space π | |
| id: determine_space | |
| run: | | |
| if [ "${{ github.event.inputs.cf_space }}" == "developcap" ]; then | |
| space="${{ secrets.CF_SPACE }}" | |
| else | |
| space="${{ github.event.inputs.cf_space }}" | |
| fi | |
| echo "space=$space" >> $GITHUB_OUTPUT | |
| - name: Login to Cloud Foundry π | |
| run: | | |
| cf login -a ${{ secrets.CF_API }} \ | |
| -u ${{ secrets.CF_USER }} \ | |
| -p ${{ secrets.CF_PASSWORD }} \ | |
| -o ${{ secrets.CF_ORG }} \ | |
| -s ${{ steps.determine_space.outputs.space }} | |
| - name: Fetch and Escape Client Details for single tenant π | |
| id: fetch_credentials | |
| run: | | |
| echo "π Fetching client details for single tenant..." | |
| service_instance_guid=$(cf service demoappjava-public-uaa --guid) | |
| if [ -z "$service_instance_guid" ]; then | |
| echo "β Error: Unable to retrieve service instance GUID"; exit 1; | |
| fi | |
| bindings_response=$(cf curl "/v3/service_credential_bindings?service_instance_guids=${service_instance_guid}") | |
| binding_guid=$(echo "$bindings_response" | jq -r '.resources[0].guid') | |
| if [ -z "$binding_guid" ]; then | |
| echo "β Error: Unable to retrieve binding GUID"; exit 1; | |
| fi | |
| binding_details=$(cf curl "/v3/service_credential_bindings/${binding_guid}/details") | |
| clientSecret=$(echo "$binding_details" | jq -r '.credentials.clientsecret') | |
| if [ -z "$clientSecret" ] || [ "$clientSecret" == "null" ]; then | |
| echo "β Error: clientSecret is not set or is null"; exit 1; | |
| fi | |
| escapedClientSecret=$(echo "$clientSecret" | sed 's/\$/\\$/g') | |
| echo "::add-mask::$escapedClientSecret" | |
| clientID=$(echo "$binding_details" | jq -r '.credentials.clientid') | |
| if [ -z "$clientID" ] || [ "$clientID" == "null" ]; then | |
| echo "β Error: clientID is not set or is null"; exit 1; | |
| fi | |
| echo "::add-mask::$clientID" | |
| echo "CLIENT_SECRET=$escapedClientSecret" >> $GITHUB_OUTPUT | |
| echo "CLIENT_ID=$clientID" >> $GITHUB_OUTPUT | |
| echo "β Client details fetched successfully!" | |
| - name: Download virus test file π₯ | |
| run: | | |
| curl -fSL "$FILE_URL" -o "$DOWNLOAD_PATH" | |
| sleep 5 | |
| if [ -f "$DOWNLOAD_PATH" ]; then | |
| FILE_NAME=$(basename "$DOWNLOAD_PATH") | |
| FILE_SIZE=$(stat -c '%s' "$DOWNLOAD_PATH") | |
| echo "File exists β Name: $FILE_NAME, Size: $FILE_SIZE bytes" | |
| else | |
| echo "β File NOT found at path: $DOWNLOAD_PATH" | |
| exit 1 | |
| fi | |
| - name: Run virus scan integration tests π― (${{ matrix.tokenFlow }} - ${{ matrix.testClass }}) | |
| env: | |
| CLIENT_SECRET: ${{ steps.fetch_credentials.outputs.CLIENT_SECRET }} | |
| CLIENT_ID: ${{ steps.fetch_credentials.outputs.CLIENT_ID }} | |
| CMIS_CLIENT_ID: ${{ secrets.CMISCLIENTID }} | |
| CMIS_CLIENT_SECRET: ${{ secrets.CMISCLIENTSECRET }} | |
| run: | | |
| echo "π Starting virus scan integration tests for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}..." | |
| set -e | |
| PROPERTIES_FILE="sdm/src/test/resources/credentials.properties" | |
| appUrl="${{ secrets.CF_ORG }}-${{ steps.determine_space.outputs.space }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" | |
| authUrl="${{ secrets.CAPAUTH_URL }}" | |
| clientID="${{ env.CLIENT_ID }}" | |
| clientSecret="${{ env.CLIENT_SECRET }}" | |
| username="${{ secrets.CF_USER }}" | |
| password="${{ secrets.CF_PASSWORD }}" | |
| noSDMRoleUsername="${{ secrets.NOSDMROLEUSERNAME }}" | |
| noSDMRoleUserPassword="${{ secrets.NOSDMROLEUSERPASSWORD }}" | |
| versionedRepositoryID="${{ secrets.VERSIONEDREPOSITORYID }}" | |
| virusScanRepositoryID="${{ secrets.VIRUSSCANREPOSITORYID }}" | |
| defaultRepositoryID="${{ secrets.DEFAULTREPOSITORYID }}" | |
| CMIS_URL="${{ secrets.CMIS_URL }}" | |
| cmisClientID="$CMIS_CLIENT_ID" | |
| cmisClientSecret="$CMIS_CLIENT_SECRET" | |
| echo "::add-mask::$clientSecret" | |
| echo "::add-mask::$clientID" | |
| echo "::add-mask::$username" | |
| echo "::add-mask::$password" | |
| echo "::add-mask::$noSDMRoleUsername" | |
| echo "::add-mask::$noSDMRoleUserPassword" | |
| echo "::add-mask::$versionedRepositoryID" | |
| echo "::add-mask::$virusScanRepositoryID" | |
| echo "::add-mask::$defaultRepositoryID" | |
| echo "::add-mask::$CMIS_URL" | |
| echo "::add-mask::$cmisClientID" | |
| echo "::add-mask::$cmisClientSecret" | |
| if [ -z "$appUrl" ]; then echo "β Error: appUrl is not set"; exit 1; fi | |
| if [ -z "$authUrl" ]; then echo "β Error: authUrl is not set"; exit 1; fi | |
| if [ -z "$clientID" ]; then echo "β Error: clientID is not set"; exit 1; fi | |
| if [ -z "$clientSecret" ]; then echo "β Error: clientSecret is not set"; exit 1; fi | |
| if [ -z "$username" ]; then echo "β Error: username is not set"; exit 1; fi | |
| if [ -z "$password" ]; then echo "β Error: password is not set"; exit 1; fi | |
| if [ -z "$noSDMRoleUsername" ]; then echo "β Error: noSDMRoleUsername is not set"; exit 1; fi | |
| if [ -z "$noSDMRoleUserPassword" ]; then echo "β Error: noSDMRoleUserPassword is not set"; exit 1; fi | |
| if [ -z "$versionedRepositoryID" ]; then echo "β Error: versionedRepositoryID is not set"; exit 1; fi | |
| if [ -z "$virusScanRepositoryID" ]; then echo "β Error: virusScanRepositoryID is not set"; exit 1; fi | |
| if [ -z "$defaultRepositoryID" ]; then echo "β Error: defaultRepositoryID is not set"; exit 1; fi | |
| if [ -z "$CMIS_URL" ]; then echo "β Error: CMIS_URL is not set"; exit 1; fi | |
| if [ -z "$cmisClientID" ]; then echo "β Error: cmisClientID is not set"; exit 1; fi | |
| if [ -z "$cmisClientSecret" ]; then echo "β Error: cmisClientSecret is not set"; exit 1; fi | |
| cat > "$PROPERTIES_FILE" <<EOL | |
| appUrl=$appUrl | |
| authUrl=$authUrl | |
| clientID=$clientID | |
| clientSecret=$clientSecret | |
| username=$username | |
| password=$password | |
| noSDMRoleUsername=$noSDMRoleUsername | |
| noSDMRoleUserPassword=$noSDMRoleUserPassword | |
| versionedRepositoryID=$versionedRepositoryID | |
| virusScanRepositoryID=$virusScanRepositoryID | |
| defaultRepositoryID=$defaultRepositoryID | |
| CMIS_URL=$CMIS_URL | |
| cmisClientID=$cmisClientID | |
| cmisClientSecret=$cmisClientSecret | |
| EOL | |
| echo "π― Running Maven virus scan integration tests for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}..." | |
| mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Deicar.file.path=eicar.com.txt -Dfailsafe.includes="**/${{ matrix.testClass }}.java" | |
| virusscan-repo-cleanup: | |
| runs-on: ubuntu-latest | |
| needs: virusscan-integration-test | |
| if: always() | |
| steps: | |
| - name: Cache CF CLI π¦ | |
| id: cache-cf-cli | |
| uses: actions/cache@v4 | |
| with: | |
| path: /usr/bin/cf8 | |
| key: cf-cli-v8-${{ runner.os }} | |
| - name: Install Cloud Foundry CLI π§ | |
| if: steps.cache-cf-cli.outputs.cache-hit != 'true' | |
| run: | | |
| echo "π Installing Cloud Foundry CLI..." | |
| wget -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key | sudo apt-key add - | |
| echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list | |
| sudo apt-get update | |
| sudo apt-get install cf8-cli | |
| - name: Determine Cloud Foundry Space π | |
| id: determine_space | |
| run: | | |
| if [ "${{ github.event.inputs.cf_space }}" == "developcap" ]; then | |
| space="${{ secrets.CF_SPACE }}" | |
| else | |
| space="${{ github.event.inputs.cf_space }}" | |
| fi | |
| echo "space=$space" >> $GITHUB_OUTPUT | |
| - name: Login to Cloud Foundry π | |
| run: | | |
| cf login -a ${{ secrets.CF_API }} \ | |
| -u ${{ secrets.CF_USER }} \ | |
| -p ${{ secrets.CF_PASSWORD }} \ | |
| -o ${{ secrets.CF_ORG }} \ | |
| -s ${{ steps.determine_space.outputs.space }} | |
| - name: Revert to Default Repository π | |
| run: | | |
| echo "π Reverting REPOSITORY_ID to default repository..." | |
| cf set-env demoappjava-srv REPOSITORY_ID "${{ secrets.DEFAULTREPOSITORYID }}" | |
| echo "π Restaging application..." | |
| cf restage demoappjava-srv | |
| echo "β Reverted to default repository!" | |
| repospecific-integration-test: | |
| runs-on: ubuntu-latest | |
| needs: virusscan-repo-cleanup | |
| if: always() | |
| strategy: | |
| fail-fast: false | |
| max-parallel: 1 | |
| matrix: | |
| tokenFlow: [namedUser, technicalUser] | |
| testClass: | |
| - IntegrationTest_SingleFacet_RepoSpecific | |
| - IntegrationTest_MultipleFacet_RepoSpecific | |
| - IntegrationTest_Chapters_MultipleFacet_RepoSpecific | |
| steps: | |
| - name: Checkout repository π | |
| uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ github.event.inputs.branch_name }} | |
| - name: Set up Java 17 β | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: 17 | |
| distribution: 'temurin' | |
| cache: 'maven' | |
| - name: Cache CF CLI π¦ | |
| id: cache-cf-cli | |
| uses: actions/cache@v4 | |
| with: | |
| path: /usr/bin/cf8 | |
| key: cf-cli-v8-${{ runner.os }} | |
| - name: Install Cloud Foundry CLI π§ | |
| if: steps.cache-cf-cli.outputs.cache-hit != 'true' | |
| run: | | |
| echo "π Installing Cloud Foundry CLI..." | |
| wget -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key | sudo apt-key add - | |
| echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list | |
| sudo apt-get update | |
| sudo apt-get install cf8-cli | |
| - name: Install jq π¦ | |
| run: | | |
| if ! command -v jq &> /dev/null; then | |
| sudo apt-get update && sudo apt-get install -y jq | |
| fi | |
| - name: Determine Cloud Foundry Space π | |
| id: determine_space | |
| run: | | |
| if [ "${{ github.event.inputs.cf_space }}" == "developcap" ]; then | |
| space="${{ secrets.CF_SPACE }}" | |
| else | |
| space="${{ github.event.inputs.cf_space }}" | |
| fi | |
| echo "space=$space" >> $GITHUB_OUTPUT | |
| - name: Login to Cloud Foundry π | |
| run: | | |
| cf login -a ${{ secrets.CF_API }} \ | |
| -u ${{ secrets.CF_USER }} \ | |
| -p ${{ secrets.CF_PASSWORD }} \ | |
| -o ${{ secrets.CF_ORG }} \ | |
| -s ${{ steps.determine_space.outputs.space }} | |
| - name: Fetch and Escape Client Details for single tenant π | |
| id: fetch_credentials | |
| run: | | |
| echo "π Fetching client details for single tenant..." | |
| service_instance_guid=$(cf service demoappjava-public-uaa --guid) | |
| if [ -z "$service_instance_guid" ]; then | |
| echo "β Error: Unable to retrieve service instance GUID"; exit 1; | |
| fi | |
| bindings_response=$(cf curl "/v3/service_credential_bindings?service_instance_guids=${service_instance_guid}") | |
| binding_guid=$(echo "$bindings_response" | jq -r '.resources[0].guid') | |
| if [ -z "$binding_guid" ]; then | |
| echo "β Error: Unable to retrieve binding GUID"; exit 1; | |
| fi | |
| binding_details=$(cf curl "/v3/service_credential_bindings/${binding_guid}/details") | |
| clientSecret=$(echo "$binding_details" | jq -r '.credentials.clientsecret') | |
| if [ -z "$clientSecret" ] || [ "$clientSecret" == "null" ]; then | |
| echo "β Error: clientSecret is not set or is null"; exit 1; | |
| fi | |
| escapedClientSecret=$(echo "$clientSecret" | sed 's/\$/\\$/g') | |
| echo "::add-mask::$escapedClientSecret" | |
| clientID=$(echo "$binding_details" | jq -r '.credentials.clientid') | |
| if [ -z "$clientID" ] || [ "$clientID" == "null" ]; then | |
| echo "β Error: clientID is not set or is null"; exit 1; | |
| fi | |
| echo "::add-mask::$clientID" | |
| echo "CLIENT_SECRET=$escapedClientSecret" >> $GITHUB_OUTPUT | |
| echo "CLIENT_ID=$clientID" >> $GITHUB_OUTPUT | |
| echo "β Client details fetched successfully!" | |
| - name: Run repo-specific integration tests π― (${{ matrix.tokenFlow }} - ${{ matrix.testClass }}) | |
| env: | |
| CLIENT_SECRET: ${{ steps.fetch_credentials.outputs.CLIENT_SECRET }} | |
| CLIENT_ID: ${{ steps.fetch_credentials.outputs.CLIENT_ID }} | |
| CMIS_CLIENT_ID: ${{ secrets.CMISCLIENTID }} | |
| CMIS_CLIENT_SECRET: ${{ secrets.CMISCLIENTSECRET }} | |
| run: | | |
| echo "π Starting repo-specific integration tests for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}..." | |
| set -e | |
| PROPERTIES_FILE="sdm/src/test/resources/credentials.properties" | |
| appUrl="${{ secrets.CF_ORG }}-${{ steps.determine_space.outputs.space }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" | |
| authUrl="${{ secrets.CAPAUTH_URL }}" | |
| clientID="${{ env.CLIENT_ID }}" | |
| clientSecret="${{ env.CLIENT_SECRET }}" | |
| username="${{ secrets.CF_USER }}" | |
| password="${{ secrets.CF_PASSWORD }}" | |
| noSDMRoleUsername="${{ secrets.NOSDMROLEUSERNAME }}" | |
| noSDMRoleUserPassword="${{ secrets.NOSDMROLEUSERPASSWORD }}" | |
| versionedRepositoryID="${{ secrets.VERSIONEDREPOSITORYID }}" | |
| virusScanRepositoryID="${{ secrets.VIRUSSCANREPOSITORYID }}" | |
| defaultRepositoryID="${{ secrets.DEFAULTREPOSITORYID }}" | |
| CMIS_URL="${{ secrets.CMIS_URL }}" | |
| cmisClientID="$CMIS_CLIENT_ID" | |
| cmisClientSecret="$CMIS_CLIENT_SECRET" | |
| echo "::add-mask::$clientSecret" | |
| echo "::add-mask::$clientID" | |
| echo "::add-mask::$username" | |
| echo "::add-mask::$password" | |
| echo "::add-mask::$noSDMRoleUsername" | |
| echo "::add-mask::$noSDMRoleUserPassword" | |
| echo "::add-mask::$versionedRepositoryID" | |
| echo "::add-mask::$virusScanRepositoryID" | |
| echo "::add-mask::$defaultRepositoryID" | |
| echo "::add-mask::$CMIS_URL" | |
| echo "::add-mask::$cmisClientID" | |
| echo "::add-mask::$cmisClientSecret" | |
| if [ -z "$appUrl" ]; then echo "β Error: appUrl is not set"; exit 1; fi | |
| if [ -z "$authUrl" ]; then echo "β Error: authUrl is not set"; exit 1; fi | |
| if [ -z "$clientID" ]; then echo "β Error: clientID is not set"; exit 1; fi | |
| if [ -z "$clientSecret" ]; then echo "β Error: clientSecret is not set"; exit 1; fi | |
| if [ -z "$username" ]; then echo "β Error: username is not set"; exit 1; fi | |
| if [ -z "$password" ]; then echo "β Error: password is not set"; exit 1; fi | |
| if [ -z "$noSDMRoleUsername" ]; then echo "β Error: noSDMRoleUsername is not set"; exit 1; fi | |
| if [ -z "$noSDMRoleUserPassword" ]; then echo "β Error: noSDMRoleUserPassword is not set"; exit 1; fi | |
| if [ -z "$versionedRepositoryID" ]; then echo "β Error: versionedRepositoryID is not set"; exit 1; fi | |
| if [ -z "$virusScanRepositoryID" ]; then echo "β Error: virusScanRepositoryID is not set"; exit 1; fi | |
| if [ -z "$defaultRepositoryID" ]; then echo "β Error: defaultRepositoryID is not set"; exit 1; fi | |
| if [ -z "$CMIS_URL" ]; then echo "β Error: CMIS_URL is not set"; exit 1; fi | |
| if [ -z "$cmisClientID" ]; then echo "β Error: cmisClientID is not set"; exit 1; fi | |
| if [ -z "$cmisClientSecret" ]; then echo "β Error: cmisClientSecret is not set"; exit 1; fi | |
| cat > "$PROPERTIES_FILE" <<EOL | |
| appUrl=$appUrl | |
| authUrl=$authUrl | |
| clientID=$clientID | |
| clientSecret=$clientSecret | |
| username=$username | |
| password=$password | |
| noSDMRoleUsername=$noSDMRoleUsername | |
| noSDMRoleUserPassword=$noSDMRoleUserPassword | |
| versionedRepositoryID=$versionedRepositoryID | |
| virusScanRepositoryID=$virusScanRepositoryID | |
| defaultRepositoryID=$defaultRepositoryID | |
| CMIS_URL=$CMIS_URL | |
| cmisClientID=$cmisClientID | |
| cmisClientSecret=$cmisClientSecret | |
| EOL | |
| echo "π― Running Maven repo-specific integration tests for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}..." | |
| mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java" |