diff --git a/.github/workflows/SAPUI5_Version_Monitoring.yml b/.github/workflows/SAPUI5_Version_Monitoring.yml index c0a688d63..b451c0894 100644 --- a/.github/workflows/SAPUI5_Version_Monitoring.yml +++ b/.github/workflows/SAPUI5_Version_Monitoring.yml @@ -8,6 +8,7 @@ on: jobs: update-version: name: Check and Update SAPUI5 Version + environment: dev runs-on: ubuntu-latest permissions: contents: write diff --git a/.github/workflows/blackduck.yml b/.github/workflows/blackduck.yml index a1763a42e..e4dde42c3 100644 --- a/.github/workflows/blackduck.yml +++ b/.github/workflows/blackduck.yml @@ -16,6 +16,7 @@ permissions: jobs: build: + environment: dev runs-on: ubuntu-latest steps: - name: Checkout code @@ -40,11 +41,15 @@ jobs: run: curl --silent -O https://detect.blackduck.com/detect9.sh - name: Run & analyze BlackDuck Scan + env: + BLACKDUCK_TOKEN: ${{ secrets.BLACKDUCK_TOKEN }} run: | + set +x + echo "::add-mask::$BLACKDUCK_TOKEN" bash ./detect9.sh -d \ --logging.level.com.synopsys.integration=DEBUG \ --blackduck.url="https://sap.blackducksoftware.com" \ - --blackduck.api.token=""${{ secrets.BLACKDUCK_TOKEN }}"" \ + --blackduck.api.token="$BLACKDUCK_TOKEN" \ --detect.blackduck.signature.scanner.arguments="--min-scan-interval=0" \ --detect.maven.build.command="install -P unit-tests -DskipIntegrationTests" \ --detect.latest.release.version="9.6.0" \ diff --git a/.github/workflows/cfdeploy.yml b/.github/workflows/cfdeploy.yml index b8751d4ff..c352b8636 100644 --- a/.github/workflows/cfdeploy.yml +++ b/.github/workflows/cfdeploy.yml @@ -32,6 +32,7 @@ permissions: jobs: Deploy: + environment: dev runs-on: ubuntu-latest if: ${{ github.event.inputs.workflow_choice == 'Deploy' }} @@ -72,6 +73,11 @@ jobs: - name: Prepare and Deploy to Cloud Foundry ☁️ run: | + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" echo "🔄 Preparing to deploy..." echo "Current Branch: 📂" git branch @@ -108,14 +114,20 @@ jobs: cf install-plugin multiapps -f echo "🔑 Logging into Cloud Foundry..." - cf login -a ${{ secrets.CF_API }} -u ${{ secrets.CF_USER }} -p ${{ secrets.CF_PASSWORD }} -o ${{ secrets.CF_ORG }} -s ${{ github.event.inputs.cf_space }} + cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s ${{ github.event.inputs.cf_space }} > /dev/null echo "✅ Logged in successfully!" echo "🚀 Running cf deploy..." cf deploy mta_archives/demoappjava_1.0.0.mtar -f echo "✅ Deployment complete!" + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} SnapshotDeploy: + environment: dev runs-on: ubuntu-latest if: ${{ github.event.inputs.workflow_choice == 'Snapshot Deploy' }} @@ -195,6 +207,11 @@ jobs: - name: Prepare and Deploy to Cloud Foundry ☁️ run: | + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" echo "🔄 Preparing to deploy..." echo "Current Branch: 📂" git branch @@ -231,9 +248,14 @@ jobs: cf install-plugin multiapps -f echo "🔑 Logging into Cloud Foundry..." - cf login -a ${{ secrets.CF_API }} -u ${{ secrets.CF_USER }} -p ${{ secrets.CF_PASSWORD }} -o ${{ secrets.CF_ORG }} -s ${{ github.event.inputs.cf_space }} + cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s ${{ github.event.inputs.cf_space }} > /dev/null echo "✅ Logged in successfully!" echo "🚀 Running cf deploy..." cf deploy mta_archives/demoappjava_1.0.0.mtar -f echo "✅ Deployment complete!" + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index a5b5476e0..5c6c0df5d 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -13,6 +13,7 @@ on: jobs: analyze: name: Analyze + environment: dev runs-on: ubuntu-latest permissions: diff --git a/.github/workflows/demo-build.yml b/.github/workflows/demo-build.yml index 223c11f04..7936247ec 100644 --- a/.github/workflows/demo-build.yml +++ b/.github/workflows/demo-build.yml @@ -7,6 +7,7 @@ on: jobs: build: + environment: dev runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/internalArticatory.yml b/.github/workflows/internalArticatory.yml index 3dd91871c..d1c7146a4 100644 --- a/.github/workflows/internalArticatory.yml +++ b/.github/workflows/internalArticatory.yml @@ -87,11 +87,17 @@ jobs: - name: Verify artifact in Artifactory if: ${{ endsWith(steps.bump-version.outputs.updated_version || steps.read-revision.outputs.updated_version, '-SNAPSHOT') }} + env: + CAP_DEPLOYMENT_USER: ${{ secrets.CAP_DEPLOYMENT_USER }} + CAP_DEPLOYMENT_PASS: ${{ secrets.CAP_DEPLOYMENT_PASS }} run: | + set +x + echo "::add-mask::$CAP_DEPLOYMENT_USER" + echo "::add-mask::$CAP_DEPLOYMENT_PASS" group_path="com/sap/cds/sdm" version="${{ steps.bump-version.outputs.updated_version || steps.read-revision.outputs.updated_version }}" echo "Checking metadata for $version" - curl -u "${{ secrets.CAP_DEPLOYMENT_USER }}:${{ secrets.CAP_DEPLOYMENT_PASS }}" -f -I \ + curl -u "$CAP_DEPLOYMENT_USER:$CAP_DEPLOYMENT_PASS" -f -I \ "$ARTIFACTORY_URL/$group_path/$version/maven-metadata.xml" || { echo "Metadata not found"; exit 1; } echo "Artifact metadata accessible for $version" - name: Summary diff --git a/.github/workflows/main-build-and-deploy.yml b/.github/workflows/main-build-and-deploy.yml index 0ce1a17b1..4b1fb9bf9 100644 --- a/.github/workflows/main-build-and-deploy.yml +++ b/.github/workflows/main-build-and-deploy.yml @@ -13,6 +13,7 @@ on: jobs: update-version: + environment: dev runs-on: ubuntu-latest #needs: blackduck steps: @@ -36,6 +37,7 @@ jobs: retention-days: 1 build: + environment: dev runs-on: ubuntu-latest needs: update-version steps: @@ -60,6 +62,7 @@ jobs: deploy: name: Deploy to Artifactory + environment: dev runs-on: ubuntu-latest needs: build steps: diff --git a/.github/workflows/main-build.yml b/.github/workflows/main-build.yml index f436f11ed..324e6595e 100644 --- a/.github/workflows/main-build.yml +++ b/.github/workflows/main-build.yml @@ -12,6 +12,7 @@ on: jobs: build: name: Build + environment: dev runs-on: ubuntu-latest permissions: contents: read @@ -30,6 +31,7 @@ jobs: update-version: name: Update version + environment: dev runs-on: ubuntu-latest needs: [ build ] permissions: diff --git a/.github/workflows/multi tenancy_Integration.yml b/.github/workflows/multi tenancy_Integration.yml index 17ec2920f..e71b024ba 100644 --- a/.github/workflows/multi tenancy_Integration.yml +++ b/.github/workflows/multi tenancy_Integration.yml @@ -17,6 +17,7 @@ on: jobs: # Parallel integration tests using matrix strategy integration-test: + environment: dev runs-on: ubuntu-latest strategy: fail-fast: false @@ -65,9 +66,11 @@ jobs: - name: Determine Cloud Foundry Space 🌌 id: determine_space + env: + CF_SPACE: ${{ secrets.CF_SPACE }} run: | if [ "${{ github.event.inputs.cf_space }}" == "developcap" ]; then - space="${{ secrets.CF_SPACE }}" + space="$CF_SPACE" else space="${{ github.event.inputs.cf_space }}" fi @@ -75,13 +78,25 @@ jobs: echo "space=$space" >> $GITHUB_OUTPUT - name: Login to Cloud Foundry 🔑 + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} run: | + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + echo "::add-mask::$CF_SPACE" echo "🔄 Logging in to Cloud Foundry using space: ${{ steps.determine_space.outputs.space }}" - cf login -a ${{ secrets.CF_API }} \ - -u ${{ secrets.CF_USER }} \ - -p ${{ secrets.CF_PASSWORD }} \ - -o ${{ secrets.CF_ORG }} \ - -s ${{ steps.determine_space.outputs.space }} + cf login -a "$CF_API" \ + -u "$CF_USER" \ + -p "$CF_PASSWORD" \ + -o "$CF_ORG" \ + -s ${{ steps.determine_space.outputs.space }} > /dev/null - name: Fetch and Escape Client Details for single tenant 🔍 id: fetch_credentials @@ -157,23 +172,32 @@ jobs: CLIENT_ID: ${{ steps.fetch_credentials.outputs.CLIENT_ID }} CLIENT_SECRET_MT: ${{ steps.fetch_credentials_mt.outputs.CLIENT_SECRET_MT }} CLIENT_ID_MT: ${{ steps.fetch_credentials_mt.outputs.CLIENT_ID_MT }} + CF_ORG: ${{ secrets.CF_ORG }} + CAPAUTH_URL: ${{ secrets.CAPAUTH_URL }} + AUTHURLMT1: ${{ secrets.AUTHURLMT1 }} + AUTHURLMT2: ${{ secrets.AUTHURLMT2 }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + NOSDMROLEUSERNAME: ${{ secrets.NOSDMROLEUSERNAME }} + NOSDMROLEUSERPASSWORD: ${{ secrets.NOSDMROLEUSERPASSWORD }} run: | echo "🚀 Preparing credentials for ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}..." + set +x set -e PROPERTIES_FILE="sdm/src/test/resources/credentials.properties" - appUrl="${{ secrets.CF_ORG }}-${{ steps.determine_space.outputs.space }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" - appUrlMT="${{ secrets.CF_ORG }}-${{ steps.determine_space.outputs.space }}-bookshop-mt-srv.cfapps.eu12.hana.ondemand.com" - authUrl="${{ secrets.CAPAUTH_URL }}" - authUrlMT1="${{ secrets.AUTHURLMT1 }}" - authUrlMT2="${{ secrets.AUTHURLMT2 }}" - clientID="${{ env.CLIENT_ID }}" - clientSecret="${{ env.CLIENT_SECRET }}" - clientIDMT="${{ env.CLIENT_ID_MT }}" - clientSecretMT="${{ env.CLIENT_SECRET_MT }}" - username="${{ secrets.CF_USER }}" - password="${{ secrets.CF_PASSWORD }}" - noSDMRoleUsername="${{ secrets.NOSDMROLEUSERNAME }}" - noSDMRoleUserPassword="${{ secrets.NOSDMROLEUSERPASSWORD }}" + appUrl="$CF_ORG-${{ steps.determine_space.outputs.space }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" + appUrlMT="$CF_ORG-${{ steps.determine_space.outputs.space }}-bookshop-mt-srv.cfapps.eu12.hana.ondemand.com" + authUrl="$CAPAUTH_URL" + authUrlMT1="$AUTHURLMT1" + authUrlMT2="$AUTHURLMT2" + clientID="$CLIENT_ID" + clientSecret="$CLIENT_SECRET" + clientIDMT="$CLIENT_ID_MT" + clientSecretMT="$CLIENT_SECRET_MT" + username="$CF_USER" + password="$CF_PASSWORD" + noSDMRoleUsername="$NOSDMROLEUSERNAME" + noSDMRoleUserPassword="$NOSDMROLEUSERPASSWORD" echo "::add-mask::$clientSecret" echo "::add-mask::$clientID" @@ -218,8 +242,26 @@ jobs: - name: Run integration tests (${{ matrix.testClass }} - ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}) 🎯 run: | echo "🎯 Running Maven integration tests: testClass=${{ matrix.testClass }}, tokenFlow=${{ matrix.tokenFlow }}, tenant=${{ matrix.tenant }}" - mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=multi -Dtenant=${{ matrix.tenant }} -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java" - echo "✅ Integration tests completed for ${{ matrix.testClass }} - ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}!" + MAX_RETRIES=3 + ATTEMPT=0 + EXIT_CODE=1 + while [ $ATTEMPT -lt $MAX_RETRIES ]; do + ATTEMPT=$((ATTEMPT + 1)) + echo "🔄 Attempt $ATTEMPT of $MAX_RETRIES..." + if mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=multi -Dtenant=${{ matrix.tenant }} -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java"; then + echo "✅ Tests passed on attempt $ATTEMPT!" + EXIT_CODE=0 + break + else + if [ $ATTEMPT -lt $MAX_RETRIES ]; then + echo "⚠️ Attempt $ATTEMPT failed. Retrying in 30 seconds..." + sleep 30 + else + echo "❌ All $MAX_RETRIES attempts failed for ${{ matrix.testClass }} - ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}." + fi + fi + done + exit $EXIT_CODE - name: Upload test results 📊 if: always() @@ -233,6 +275,7 @@ jobs: # Summary job to aggregate results test-summary: + environment: dev runs-on: ubuntu-latest needs: integration-test if: always() diff --git a/.github/workflows/multiTenancyDeployLocal.yml b/.github/workflows/multiTenancyDeployLocal.yml index 79c60c1f8..d2126c701 100644 --- a/.github/workflows/multiTenancyDeployLocal.yml +++ b/.github/workflows/multiTenancyDeployLocal.yml @@ -24,6 +24,7 @@ permissions: jobs: deploy: + environment: dev runs-on: ubuntu-latest steps: @@ -84,7 +85,7 @@ jobs: - name: Set REPOSITORY_ID 🔍 id: set_repository_id run: | - echo "repository_id=${{ secrets.REPOSITORY_ID }}" >> $GITHUB_OUTPUT + echo "repository_id=${{ secrets.MULTITENANT_REPOSITORY_ID }}" >> $GITHUB_OUTPUT - name: Run mbt build 🔨 working-directory: app/multi-tenant/personal-space/cloud-cap-samples-java @@ -98,7 +99,12 @@ jobs: - name: Deploy to Cloud Foundry ☁️ working-directory: app/multi-tenant/personal-space/cloud-cap-samples-java - run: | + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} + run: | echo "🚀 Deploying to -s ${{ steps.determine_space.outputs.space }}..." echo "🔧 Installing Cloud Foundry CLI and plugins..." @@ -107,13 +113,18 @@ jobs: echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list sudo apt update sudo apt install cf8-cli - + cf install-plugin multiapps -f echo "✅ Cloud Foundry CLI setup complete!" # Login to Cloud Foundry again to ensure session is active echo "🔑 Logging in to Cloud Foundry..." - cf login -a ${{ secrets.CF_API }} -u ${{ secrets.CF_USER }} -p ${{ secrets.CF_PASSWORD }} -o ${{ secrets.CF_ORG }} -s ${{ github.event.inputs.cf_space }} + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s ${{ github.event.inputs.cf_space }} > /dev/null echo "✅ Logged in successfully!" # Deploy the application diff --git a/.github/workflows/multiTenant_deploy_and_Integration_test.yml b/.github/workflows/multiTenant_deploy_and_Integration_test.yml index 66bd44aa6..54ed383c6 100644 --- a/.github/workflows/multiTenant_deploy_and_Integration_test.yml +++ b/.github/workflows/multiTenant_deploy_and_Integration_test.yml @@ -15,6 +15,7 @@ permissions: jobs: deploy: + environment: dev if: github.event.pull_request.merged == true runs-on: ubuntu-latest @@ -74,8 +75,20 @@ jobs: - name: Deploy to Cloud Foundry ☁️ working-directory: app/multi-tenant/central-space/cloud-cap-samples-java - run: | - echo "🚀 Deploying to ${{ secrets.CF_SPACE }}..." + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} + run: | + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + echo "::add-mask::$CF_SPACE" + echo "🚀 Deploying..." echo "🔧 Installing Cloud Foundry CLI and plugins..." # Install cf CLI plugin @@ -83,13 +96,13 @@ jobs: echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list sudo apt update sudo apt install cf8-cli - + cf install-plugin multiapps -f echo "✅ Cloud Foundry CLI setup complete!" # Login to Cloud Foundry again to ensure session is active echo "🔑 Logging in to Cloud Foundry..." - cf login -a ${{ secrets.CF_API }} -u ${{ secrets.CF_USER }} -p ${{ secrets.CF_PASSWORD }} -o ${{ secrets.CF_ORG }} -s ${{ secrets.CF_SPACE }} + cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s "$CF_SPACE" > /dev/null echo "✅ Logged in successfully!" # Deploy the application @@ -101,6 +114,7 @@ jobs: echo "✅ Deployment complete!" integration-test: + environment: dev needs: deploy runs-on: ubuntu-latest strategy: @@ -148,9 +162,11 @@ jobs: - name: Determine Cloud Foundry Space 🌌 id: determine_space + env: + CF_SPACE: ${{ secrets.CF_SPACE }} run: | if [ "${{ github.event.inputs.cf_space }}" == "developcap" ]; then - space="${{ secrets.CF_SPACE }}" + space="$CF_SPACE" else space="${{ github.event.inputs.cf_space }}" fi @@ -158,13 +174,25 @@ jobs: echo "space=$space" >> $GITHUB_OUTPUT - name: Login to Cloud Foundry 🔑 + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} run: | - echo "🔄 Logging in to Cloud Foundry using space: ${{ steps.determine_space.outputs.space }}" - cf login -a ${{ secrets.CF_API }} \ - -u ${{ secrets.CF_USER }} \ - -p ${{ secrets.CF_PASSWORD }} \ - -o ${{ secrets.CF_ORG }} \ - -s ${{ secrets.CF_SPACE }} + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + echo "::add-mask::$CF_SPACE" + echo "🔄 Logging in to Cloud Foundry..." + cf login -a "$CF_API" \ + -u "$CF_USER" \ + -p "$CF_PASSWORD" \ + -o "$CF_ORG" \ + -s "$CF_SPACE" > /dev/null - name: Fetch and Escape Client Details for single tenant 🔍 id: fetch_credentials @@ -240,23 +268,33 @@ jobs: CLIENT_ID: ${{ steps.fetch_credentials.outputs.CLIENT_ID }} CLIENT_SECRET_MT: ${{ steps.fetch_credentials_mt.outputs.CLIENT_SECRET_MT }} CLIENT_ID_MT: ${{ steps.fetch_credentials_mt.outputs.CLIENT_ID_MT }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} + CAPAUTH_URL: ${{ secrets.CAPAUTH_URL }} + AUTHURLMT1: ${{ secrets.AUTHURLMT1 }} + AUTHURLMT2: ${{ secrets.AUTHURLMT2 }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + NOSDMROLEUSERNAME: ${{ secrets.NOSDMROLEUSERNAME }} + NOSDMROLEUSERPASSWORD: ${{ secrets.NOSDMROLEUSERPASSWORD }} run: | echo "🚀 Preparing credentials for ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}..." + set +x set -e PROPERTIES_FILE="sdm/src/test/resources/credentials.properties" - appUrl="${{ secrets.CF_ORG }}-${{ secrets.CF_SPACE }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" - appUrlMT="${{ secrets.CF_ORG }}-${{ secrets.CF_SPACE }}-bookshop-mt-srv.cfapps.eu12.hana.ondemand.com" - authUrl="${{ secrets.CAPAUTH_URL }}" - authUrlMT1="${{ secrets.AUTHURLMT1 }}" - authUrlMT2="${{ secrets.AUTHURLMT2 }}" - clientID="${{ env.CLIENT_ID }}" - clientSecret="${{ env.CLIENT_SECRET }}" - clientIDMT="${{ env.CLIENT_ID_MT }}" - clientSecretMT="${{ env.CLIENT_SECRET_MT }}" - username="${{ secrets.CF_USER }}" - password="${{ secrets.CF_PASSWORD }}" - noSDMRoleUsername="${{ secrets.NOSDMROLEUSERNAME }}" - noSDMRoleUserPassword="${{ secrets.NOSDMROLEUSERPASSWORD }}" + appUrl="$CF_ORG-$CF_SPACE-demoappjava-srv.cfapps.eu12.hana.ondemand.com" + appUrlMT="$CF_ORG-$CF_SPACE-bookshop-mt-srv.cfapps.eu12.hana.ondemand.com" + authUrl="$CAPAUTH_URL" + authUrlMT1="$AUTHURLMT1" + authUrlMT2="$AUTHURLMT2" + clientID="$CLIENT_ID" + clientSecret="$CLIENT_SECRET" + clientIDMT="$CLIENT_ID_MT" + clientSecretMT="$CLIENT_SECRET_MT" + username="$CF_USER" + password="$CF_PASSWORD" + noSDMRoleUsername="$NOSDMROLEUSERNAME" + noSDMRoleUserPassword="$NOSDMROLEUSERPASSWORD" echo "::add-mask::$clientSecret" echo "::add-mask::$clientID" @@ -301,8 +339,26 @@ jobs: - name: Run integration tests (${{ matrix.testClass }} - ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}) 🎯 run: | echo "🎯 Running Maven integration tests: testClass=${{ matrix.testClass }}, tokenFlow=${{ matrix.tokenFlow }}, tenant=${{ matrix.tenant }}" - mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=multi -Dtenant=${{ matrix.tenant }} -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java" - echo "✅ Integration tests completed for ${{ matrix.testClass }} - ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}!" + MAX_RETRIES=3 + ATTEMPT=0 + EXIT_CODE=1 + while [ $ATTEMPT -lt $MAX_RETRIES ]; do + ATTEMPT=$((ATTEMPT + 1)) + echo "🔄 Attempt $ATTEMPT of $MAX_RETRIES..." + if mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=multi -Dtenant=${{ matrix.tenant }} -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java"; then + echo "✅ Tests passed on attempt $ATTEMPT!" + EXIT_CODE=0 + break + else + if [ $ATTEMPT -lt $MAX_RETRIES ]; then + echo "⚠️ Attempt $ATTEMPT failed. Retrying in 30 seconds..." + sleep 30 + else + echo "❌ All $MAX_RETRIES attempts failed for ${{ matrix.testClass }} - ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}." + fi + fi + done + exit $EXIT_CODE - name: Upload test results 📊 if: always() @@ -316,6 +372,7 @@ jobs: # Summary job to aggregate results test-summary: + environment: dev runs-on: ubuntu-latest needs: integration-test if: always() && github.event.pull_request.merged == true diff --git a/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml b/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml index 8681a2fd4..8ceb9cb5f 100644 --- a/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml +++ b/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml @@ -15,6 +15,7 @@ permissions: jobs: deploy: + environment: dev #Run only if the triggering workflow concluded successfully if: ${{ github.event.workflow_run.conclusion == 'success' || github.event_name == 'workflow_dispatch' }} runs-on: ubuntu-latest @@ -121,8 +122,20 @@ jobs: - name: Deploy to Cloud Foundry ☁️ working-directory: app/multi-tenant/central-space/cloud-cap-samples-java - run: | - echo "🚀 Deploying to ${{ secrets.CF_SPACE }}..." + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} + run: | + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + echo "::add-mask::$CF_SPACE" + echo "🚀 Deploying..." echo "🔧 Installing Cloud Foundry CLI and plugins..." # Install cf CLI plugin @@ -130,13 +143,13 @@ jobs: echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list sudo apt update sudo apt install cf8-cli - + cf install-plugin multiapps -f echo "✅ Cloud Foundry CLI setup complete!" # Login to Cloud Foundry again to ensure session is active echo "🔑 Logging in to Cloud Foundry..." - cf login -a ${{ secrets.CF_API }} -u ${{ secrets.CF_USER }} -p ${{ secrets.CF_PASSWORD }} -o ${{ secrets.CF_ORG }} -s ${{ secrets.CF_SPACE }} + cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s "$CF_SPACE" > /dev/null echo "✅ Logged in successfully!" # Deploy the application @@ -148,6 +161,7 @@ jobs: echo "✅ Deployment complete!" integration-test: + environment: dev needs: deploy runs-on: ubuntu-latest strategy: @@ -195,9 +209,11 @@ jobs: - name: Determine Cloud Foundry Space 🌌 id: determine_space + env: + CF_SPACE: ${{ secrets.CF_SPACE }} run: | if [ "${{ github.event.inputs.cf_space }}" == "developcap" ]; then - space="${{ secrets.CF_SPACE }}" + space="$CF_SPACE" else space="${{ github.event.inputs.cf_space }}" fi @@ -205,13 +221,25 @@ jobs: echo "space=$space" >> $GITHUB_OUTPUT - name: Login to Cloud Foundry 🔑 + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} run: | - echo "🔄 Logging in to Cloud Foundry using space: ${{ steps.determine_space.outputs.space }}" - cf login -a ${{ secrets.CF_API }} \ - -u ${{ secrets.CF_USER }} \ - -p ${{ secrets.CF_PASSWORD }} \ - -o ${{ secrets.CF_ORG }} \ - -s ${{ secrets.CF_SPACE }} + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + echo "::add-mask::$CF_SPACE" + echo "🔄 Logging in to Cloud Foundry..." + cf login -a "$CF_API" \ + -u "$CF_USER" \ + -p "$CF_PASSWORD" \ + -o "$CF_ORG" \ + -s "$CF_SPACE" > /dev/null - name: Fetch and Escape Client Details for single tenant 🔍 id: fetch_credentials @@ -287,23 +315,33 @@ jobs: CLIENT_ID: ${{ steps.fetch_credentials.outputs.CLIENT_ID }} CLIENT_SECRET_MT: ${{ steps.fetch_credentials_mt.outputs.CLIENT_SECRET_MT }} CLIENT_ID_MT: ${{ steps.fetch_credentials_mt.outputs.CLIENT_ID_MT }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} + CAPAUTH_URL: ${{ secrets.CAPAUTH_URL }} + AUTHURLMT1: ${{ secrets.AUTHURLMT1 }} + AUTHURLMT2: ${{ secrets.AUTHURLMT2 }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + NOSDMROLEUSERNAME: ${{ secrets.NOSDMROLEUSERNAME }} + NOSDMROLEUSERPASSWORD: ${{ secrets.NOSDMROLEUSERPASSWORD }} run: | echo "🚀 Preparing credentials for ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}..." + set +x set -e PROPERTIES_FILE="sdm/src/test/resources/credentials.properties" - appUrl="${{ secrets.CF_ORG }}-${{ secrets.CF_SPACE }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" - appUrlMT="${{ secrets.CF_ORG }}-${{ secrets.CF_SPACE }}-bookshop-mt-srv.cfapps.eu12.hana.ondemand.com" - authUrl="${{ secrets.CAPAUTH_URL }}" - authUrlMT1="${{ secrets.AUTHURLMT1 }}" - authUrlMT2="${{ secrets.AUTHURLMT2 }}" - clientID="${{ env.CLIENT_ID }}" - clientSecret="${{ env.CLIENT_SECRET }}" - clientIDMT="${{ env.CLIENT_ID_MT }}" - clientSecretMT="${{ env.CLIENT_SECRET_MT }}" - username="${{ secrets.CF_USER }}" - password="${{ secrets.CF_PASSWORD }}" - noSDMRoleUsername="${{ secrets.NOSDMROLEUSERNAME }}" - noSDMRoleUserPassword="${{ secrets.NOSDMROLEUSERPASSWORD }}" + appUrl="$CF_ORG-$CF_SPACE-demoappjava-srv.cfapps.eu12.hana.ondemand.com" + appUrlMT="$CF_ORG-$CF_SPACE-bookshop-mt-srv.cfapps.eu12.hana.ondemand.com" + authUrl="$CAPAUTH_URL" + authUrlMT1="$AUTHURLMT1" + authUrlMT2="$AUTHURLMT2" + clientID="$CLIENT_ID" + clientSecret="$CLIENT_SECRET" + clientIDMT="$CLIENT_ID_MT" + clientSecretMT="$CLIENT_SECRET_MT" + username="$CF_USER" + password="$CF_PASSWORD" + noSDMRoleUsername="$NOSDMROLEUSERNAME" + noSDMRoleUserPassword="$NOSDMROLEUSERPASSWORD" echo "::add-mask::$clientSecret" echo "::add-mask::$clientID" @@ -348,8 +386,26 @@ jobs: - name: Run integration tests (${{ matrix.testClass }} - ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}) 🎯 run: | echo "🎯 Running Maven integration tests: testClass=${{ matrix.testClass }}, tokenFlow=${{ matrix.tokenFlow }}, tenant=${{ matrix.tenant }}" - mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=multi -Dtenant=${{ matrix.tenant }} -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java" - echo "✅ Integration tests completed for ${{ matrix.testClass }} - ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}!" + MAX_RETRIES=3 + ATTEMPT=0 + EXIT_CODE=1 + while [ $ATTEMPT -lt $MAX_RETRIES ]; do + ATTEMPT=$((ATTEMPT + 1)) + echo "🔄 Attempt $ATTEMPT of $MAX_RETRIES..." + if mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=multi -Dtenant=${{ matrix.tenant }} -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java"; then + echo "✅ Tests passed on attempt $ATTEMPT!" + EXIT_CODE=0 + break + else + if [ $ATTEMPT -lt $MAX_RETRIES ]; then + echo "⚠️ Attempt $ATTEMPT failed. Retrying in 30 seconds..." + sleep 30 + else + echo "❌ All $MAX_RETRIES attempts failed for ${{ matrix.testClass }} - ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}." + fi + fi + done + exit $EXIT_CODE - name: Upload test results 📊 if: always() @@ -363,6 +419,7 @@ jobs: # Summary job to aggregate results test-summary: + environment: dev runs-on: ubuntu-latest needs: integration-test if: always() diff --git a/.github/workflows/new_wokflow_test.yml b/.github/workflows/new_wokflow_test.yml index 6d957adc1..37c742171 100644 --- a/.github/workflows/new_wokflow_test.yml +++ b/.github/workflows/new_wokflow_test.yml @@ -7,6 +7,7 @@ on: workflow_dispatch: jobs: check_release_branches: + environment: dev if: ${{ github.event.workflow_run.conclusion == 'success' || github.event_name == 'workflow_dispatch' }} runs-on: ubuntu-latest diff --git a/.github/workflows/pull-request-build.yml b/.github/workflows/pull-request-build.yml index 7ebbf875b..9fa18c50a 100644 --- a/.github/workflows/pull-request-build.yml +++ b/.github/workflows/pull-request-build.yml @@ -11,7 +11,7 @@ on: jobs: build: - + environment: dev runs-on: ubuntu-latest strategy: diff --git a/.github/workflows/singleTenant_deploy_and_Integration_test.yml b/.github/workflows/singleTenant_deploy_and_Integration_test.yml index a7b495160..f62e5f3ee 100644 --- a/.github/workflows/singleTenant_deploy_and_Integration_test.yml +++ b/.github/workflows/singleTenant_deploy_and_Integration_test.yml @@ -14,6 +14,7 @@ permissions: jobs: deploy: + environment: dev if: github.event.pull_request.merged == true runs-on: ubuntu-latest @@ -67,6 +68,12 @@ jobs: - name: Prepare and Deploy to Cloud Foundry run: | + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + echo "::add-mask::$CF_SPACE" echo "Current Branch......" git branch pwd @@ -88,25 +95,32 @@ jobs: mbt build - # Install cf & login + # Install cf & login wget -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key \ | sudo tee /etc/apt/trusted.gpg.d/cloudfoundry.asc echo "deb https://packages.cloudfoundry.org/debian stable main" \ | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list sudo apt update sudo apt install cf8-cli - + # Install cf CLI plugin cf install-plugin multiapps -f # Login to Cloud Foundry again to ensure session is active - cf login -a ${{ secrets.CF_API }} -u ${{ secrets.CF_USER }} -p ${{ secrets.CF_PASSWORD }} -o ${{ secrets.CF_ORG }} -s ${{ secrets.CF_SPACE }} + cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s "$CF_SPACE" > /dev/null # Deploy the application echo "Running cf deploy" cf deploy mta_archives/demoappjava_1.0.0.mtar -f + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} integration-test: + environment: dev needs: deploy runs-on: ubuntu-latest strategy: @@ -151,12 +165,24 @@ jobs: fi - name: Login to Cloud Foundry + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} run: | - cf login -a ${{ secrets.CF_API }} \ - -u ${{ secrets.CF_USER }} \ - -p ${{ secrets.CF_PASSWORD }} \ - -o ${{ secrets.CF_ORG }} \ - -s ${{ secrets.CF_SPACE }} + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + echo "::add-mask::$CF_SPACE" + cf login -a "$CF_API" \ + -u "$CF_USER" \ + -p "$CF_PASSWORD" \ + -o "$CF_ORG" \ + -s "$CF_SPACE" > /dev/null - name: Fetch and Escape Client Details for single tenant 🔍 id: fetch_credentials @@ -190,18 +216,26 @@ jobs: env: CLIENT_SECRET: ${{ steps.fetch_credentials.outputs.CLIENT_SECRET }} CLIENT_ID: ${{ steps.fetch_credentials.outputs.CLIENT_ID }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} + CAPAUTH_URL: ${{ secrets.CAPAUTH_URL }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + NOSDMROLEUSERNAME: ${{ secrets.NOSDMROLEUSERNAME }} + NOSDMROLEUSERPASSWORD: ${{ secrets.NOSDMROLEUSERPASSWORD }} run: | + set +x echo "🚀 Starting integration tests for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}..." set -e PROPERTIES_FILE="sdm/src/test/resources/credentials.properties" - appUrl="${{ secrets.CF_ORG }}-${{ secrets.CF_SPACE }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" - authUrl="${{ secrets.CAPAUTH_URL }}" - clientID="${{ env.CLIENT_ID }}" - clientSecret="${{ env.CLIENT_SECRET }}" - username="${{ secrets.CF_USER }}" - password="${{ secrets.CF_PASSWORD }}" - noSDMRoleUsername="${{ secrets.NOSDMROLEUSERNAME }}" - noSDMRoleUserPassword="${{ secrets.NOSDMROLEUSERPASSWORD }}" + appUrl="$CF_ORG-$CF_SPACE-demoappjava-srv.cfapps.eu12.hana.ondemand.com" + authUrl="$CAPAUTH_URL" + clientID="$CLIENT_ID" + clientSecret="$CLIENT_SECRET" + username="$CF_USER" + password="$CF_PASSWORD" + noSDMRoleUsername="$NOSDMROLEUSERNAME" + noSDMRoleUserPassword="$NOSDMROLEUSERPASSWORD" echo "::add-mask::$clientSecret" echo "::add-mask::$clientID" echo "::add-mask::$username" @@ -227,7 +261,27 @@ jobs: noSDMRoleUserPassword=$noSDMRoleUserPassword EOL echo "🎯 Running Maven integration tests for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}..." - mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java" + # mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java" + MAX_RETRIES=3 + ATTEMPT=0 + EXIT_CODE=1 + while [ $ATTEMPT -lt $MAX_RETRIES ]; do + ATTEMPT=$((ATTEMPT + 1)) + echo "🔄 Attempt $ATTEMPT of $MAX_RETRIES..." + if mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java"; then + echo "✅ Tests passed on attempt $ATTEMPT!" + EXIT_CODE=0 + break + else + if [ $ATTEMPT -lt $MAX_RETRIES ]; then + echo "⚠️ Attempt $ATTEMPT failed. Retrying in 30 seconds..." + sleep 30 + else + echo "❌ All $MAX_RETRIES attempts failed for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}." + fi + fi + done + exit $EXIT_CODE diff --git a/.github/workflows/singleTenant_deploy_and_Integration_test_LatestVersion.yml b/.github/workflows/singleTenant_deploy_and_Integration_test_LatestVersion.yml index 50bae680d..a4991ba6c 100644 --- a/.github/workflows/singleTenant_deploy_and_Integration_test_LatestVersion.yml +++ b/.github/workflows/singleTenant_deploy_and_Integration_test_LatestVersion.yml @@ -16,6 +16,7 @@ permissions: jobs: deploy: + environment: dev # Run only if the triggering workflow concluded successfully if: ${{ github.event.workflow_run.conclusion == 'success' || github.event_name == 'workflow_dispatch' }} runs-on: ubuntu-latest @@ -118,6 +119,12 @@ jobs: - name: Prepare and Deploy to Cloud Foundry run: | + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + echo "::add-mask::$CF_SPACE" echo "Current Branch......" git branch pwd @@ -139,25 +146,32 @@ jobs: mbt build - # Install cf & login + # Install cf & login wget -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key \ | sudo tee /etc/apt/trusted.gpg.d/cloudfoundry.asc echo "deb https://packages.cloudfoundry.org/debian stable main" \ | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list sudo apt update sudo apt install cf8-cli - + # Install cf CLI plugin cf install-plugin multiapps -f # Login to Cloud Foundry again to ensure session is active - cf login -a ${{ secrets.CF_API }} -u ${{ secrets.CF_USER }} -p ${{ secrets.CF_PASSWORD }} -o ${{ secrets.CF_ORG }} -s ${{ secrets.CF_SPACE }} + cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s "$CF_SPACE" > /dev/null # Deploy the application echo "Running cf deploy" cf deploy mta_archives/demoappjava_1.0.0.mtar -f + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} integration-test: + environment: dev needs: deploy runs-on: ubuntu-latest strategy: @@ -202,12 +216,24 @@ jobs: fi - name: Login to Cloud Foundry + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} run: | - cf login -a ${{ secrets.CF_API }} \ - -u ${{ secrets.CF_USER }} \ - -p ${{ secrets.CF_PASSWORD }} \ - -o ${{ secrets.CF_ORG }} \ - -s ${{ secrets.CF_SPACE }} + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + echo "::add-mask::$CF_SPACE" + cf login -a "$CF_API" \ + -u "$CF_USER" \ + -p "$CF_PASSWORD" \ + -o "$CF_ORG" \ + -s "$CF_SPACE" > /dev/null - name: Fetch and Escape Client Secret id: fetch_secret @@ -234,23 +260,39 @@ jobs: # Escape any $ characters in the clientSecret escapedClientSecret=$(echo "$clientSecret" | sed 's/\$/\\$/g') + echo "::add-mask::$escapedClientSecret" echo "CLIENT_SECRET=$escapedClientSecret" >> $GITHUB_OUTPUT - name: Run integration tests (${{ matrix.tokenFlow }} - ${{ matrix.testClass }}) env: CLIENT_SECRET: ${{ steps.fetch_secret.outputs.CLIENT_SECRET }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} + CAPAUTH_URL: ${{ secrets.CAPAUTH_URL }} + CAPSDM_CLIENT_ID: ${{ secrets.CAPSDM_CLIENT_ID }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + NOSDMROLEUSERNAME: ${{ secrets.NOSDMROLEUSERNAME }} + NOSDMROLEUSERPASSWORD: ${{ secrets.NOSDMROLEUSERPASSWORD }} run: | + set +x echo "Starting integration tests for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}..." set -e # Enable error checking PROPERTIES_FILE="sdm/src/test/resources/credentials.properties" # Gather secrets and other values - appUrl="${{ secrets.CF_ORG }}-${{ secrets.CF_SPACE }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" - authUrl="${{ secrets.CAPAUTH_URL }}" - clientID="${{ secrets.CAPSDM_CLIENT_ID }}" - clientSecret="${{ env.CLIENT_SECRET }}" - username="${{ secrets.CF_USER }}" - password="${{ secrets.CF_PASSWORD }}" - noSDMRoleUsername="${{ secrets.NOSDMROLEUSERNAME }}" - noSDMRoleUserPassword="${{ secrets.NOSDMROLEUSERPASSWORD }}" + appUrl="$CF_ORG-$CF_SPACE-demoappjava-srv.cfapps.eu12.hana.ondemand.com" + authUrl="$CAPAUTH_URL" + clientID="$CAPSDM_CLIENT_ID" + clientSecret="$CLIENT_SECRET" + username="$CF_USER" + password="$CF_PASSWORD" + noSDMRoleUsername="$NOSDMROLEUSERNAME" + noSDMRoleUserPassword="$NOSDMROLEUSERPASSWORD" + echo "::add-mask::$clientID" + echo "::add-mask::$clientSecret" + echo "::add-mask::$username" + echo "::add-mask::$password" + echo "::add-mask::$noSDMRoleUsername" + echo "::add-mask::$noSDMRoleUserPassword" # Ensure all required variables are set if [ -z "$appUrl" ]; then echo "Error: appUrl is not set"; exit 1; fi if [ -z "$authUrl" ]; then echo "Error: authUrl is not set"; exit 1; fi @@ -273,6 +315,26 @@ jobs: EOL # Run Maven integration tests echo "Running Maven integration tests for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}..." - mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java" + # mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java" + MAX_RETRIES=3 + ATTEMPT=0 + EXIT_CODE=1 + while [ $ATTEMPT -lt $MAX_RETRIES ]; do + ATTEMPT=$((ATTEMPT + 1)) + echo "🔄 Attempt $ATTEMPT of $MAX_RETRIES..." + if mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java"; then + echo "✅ Tests passed on attempt $ATTEMPT!" + EXIT_CODE=0 + break + else + if [ $ATTEMPT -lt $MAX_RETRIES ]; then + echo "⚠️ Attempt $ATTEMPT failed. Retrying in 30 seconds..." + sleep 30 + else + echo "❌ All $MAX_RETRIES attempts failed for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}." + fi + fi + done + exit $EXIT_CODE diff --git a/.github/workflows/singleTenant_integration_test.yml b/.github/workflows/singleTenant_integration_test.yml index dc4ab243b..538599761 100644 --- a/.github/workflows/singleTenant_integration_test.yml +++ b/.github/workflows/singleTenant_integration_test.yml @@ -13,6 +13,7 @@ on: jobs: integration-test: + environment: dev runs-on: ubuntu-latest strategy: fail-fast: false @@ -60,9 +61,11 @@ jobs: - name: Determine Cloud Foundry Space 🌌 id: determine_space + env: + CF_SPACE: ${{ secrets.CF_SPACE }} run: | if [ "${{ github.event.inputs.cf_space }}" == "developcap" ]; then - space="${{ secrets.CF_SPACE }}" + space="$CF_SPACE" else space="${{ github.event.inputs.cf_space }}" fi @@ -70,14 +73,25 @@ jobs: echo "space=$space" >> $GITHUB_OUTPUT - name: Login to Cloud Foundry 🔑 + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} run: | + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + echo "::add-mask::${{ steps.determine_space.outputs.space }}" echo "🔄 Logging in to Cloud Foundry..." echo "Space Name: ${{ steps.determine_space.outputs.space }}" - cf login -a ${{ secrets.CF_API }} \ - -u ${{ secrets.CF_USER }} \ - -p ${{ secrets.CF_PASSWORD }} \ - -o ${{ secrets.CF_ORG }} \ - -s ${{ steps.determine_space.outputs.space }} + cf login -a "$CF_API" \ + -u "$CF_USER" \ + -p "$CF_PASSWORD" \ + -o "$CF_ORG" \ + -s ${{ steps.determine_space.outputs.space }} > /dev/null echo "✅ Logged in successfully!" - name: Fetch and Escape Client Details for single tenant 🔍 @@ -113,18 +127,25 @@ jobs: env: CLIENT_SECRET: ${{ steps.fetch_credentials.outputs.CLIENT_SECRET }} CLIENT_ID: ${{ steps.fetch_credentials.outputs.CLIENT_ID }} + CF_ORG: ${{ secrets.CF_ORG }} + CAPAUTH_URL: ${{ secrets.CAPAUTH_URL }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + NOSDMROLEUSERNAME: ${{ secrets.NOSDMROLEUSERNAME }} + NOSDMROLEUSERPASSWORD: ${{ secrets.NOSDMROLEUSERPASSWORD }} run: | + set +x echo "🚀 Starting integration tests for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}..." set -e PROPERTIES_FILE="sdm/src/test/resources/credentials.properties" - appUrl="${{ secrets.CF_ORG }}-${{ steps.determine_space.outputs.space }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" - authUrl="${{ secrets.CAPAUTH_URL }}" - clientID="${{ env.CLIENT_ID }}" - clientSecret="${{ env.CLIENT_SECRET }}" - username="${{ secrets.CF_USER }}" - password="${{ secrets.CF_PASSWORD }}" - noSDMRoleUsername="${{ secrets.NOSDMROLEUSERNAME }}" - noSDMRoleUserPassword="${{ secrets.NOSDMROLEUSERPASSWORD }}" + appUrl="$CF_ORG-${{ steps.determine_space.outputs.space }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" + authUrl="$CAPAUTH_URL" + clientID="$CLIENT_ID" + clientSecret="$CLIENT_SECRET" + username="$CF_USER" + password="$CF_PASSWORD" + noSDMRoleUsername="$NOSDMROLEUSERNAME" + noSDMRoleUserPassword="$NOSDMROLEUSERPASSWORD" echo "::add-mask::$clientSecret" echo "::add-mask::$clientID" echo "::add-mask::$username" @@ -150,4 +171,24 @@ jobs: noSDMRoleUserPassword=$noSDMRoleUserPassword EOL echo "🎯 Running Maven integration tests for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}..." - mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java" + # mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java" + MAX_RETRIES=3 + ATTEMPT=0 + EXIT_CODE=1 + while [ $ATTEMPT -lt $MAX_RETRIES ]; do + ATTEMPT=$((ATTEMPT + 1)) + echo "🔄 Attempt $ATTEMPT of $MAX_RETRIES..." + if mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java"; then + echo "✅ Tests passed on attempt $ATTEMPT!" + EXIT_CODE=0 + break + else + if [ $ATTEMPT -lt $MAX_RETRIES ]; then + echo "⚠️ Attempt $ATTEMPT failed. Retrying in 30 seconds..." + sleep 30 + else + echo "❌ All $MAX_RETRIES attempts failed for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}." + fi + fi + done + exit $EXIT_CODE diff --git a/.github/workflows/sonarqube.yml b/.github/workflows/sonarqube.yml index fb67c7044..fb8f0117e 100644 --- a/.github/workflows/sonarqube.yml +++ b/.github/workflows/sonarqube.yml @@ -16,6 +16,7 @@ permissions: jobs: sonar-scan: + environment: dev runs-on: ubuntu-latest steps: @@ -45,7 +46,12 @@ jobs: fi - name: Run SonarQube analysis + env: + SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} run: | + set +x + echo "::add-mask::$SONAR_TOKEN" if [ "${{ github.event_name }}" == "pull_request" ]; then sonar-scanner \ -Dsonar.projectKey=cap-java-sdm \ @@ -57,8 +63,8 @@ jobs: -Dsonar.inclusions=**/*.java \ -Dsonar.exclusions=**/target/**,**/node_modules/**,sdm/src/main/test/**,app/**/*.capnb,sdm/src/main/java/com/sap/cds/sdm/model/**,sdm/src/main/java/com/sap/cds/sdm/caching/CacheKey.java,sdm/src/main/java/com/sap/cds/sdm/caching/RepoKey.java,sdm/src/main/java/com/sap/cds/sdm/caching/TokenCacheKey.java,sdm/src/main/java/com/sap/cds/sdm/caching/SecondaryTypesKey.java,sdm/src/main/java/com/sap/cds/sdm/caching/SecondaryPropertiesKey.java \ -Dsonar.java.file.suffixes=.java \ - -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \ - -Dsonar.login=${{ secrets.SONAR_TOKEN }} \ + -Dsonar.host.url="$SONAR_HOST_URL" \ + -Dsonar.login="$SONAR_TOKEN" \ -Dsonar.pullrequest.key=${{ github.event.pull_request.number }} \ -Dsonar.pullrequest.branch=${{ github.head_ref }} \ -Dsonar.pullrequest.base=${{ github.base_ref }} @@ -73,8 +79,8 @@ jobs: -Dsonar.inclusions=**/*.java \ -Dsonar.exclusions=**/target/**,**/node_modules/**,sdm/src/main/test/**,app/**/*.capnb,sdm/src/main/java/com/sap/cds/sdm/model/**,sdm/src/main/java/com/sap/cds/sdm/caching/CacheKey.java,sdm/src/main/java/com/sap/cds/sdm/caching/RepoKey.java,sdm/src/main/java/com/sap/cds/sdm/caching/TokenCacheKey.java,sdm/src/main/java/com/sap/cds/sdm/caching/SecondaryTypesKey.java,sdm/src/main/java/com/sap/cds/sdm/caching/SecondaryPropertiesKey.java \ -Dsonar.java.file.suffixes=.java \ - -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \ - -Dsonar.login=${{ secrets.SONAR_TOKEN }} + -Dsonar.host.url="$SONAR_HOST_URL" \ + -Dsonar.login="$SONAR_TOKEN" fi - name: Quality Gate Check diff --git a/.github/workflows/unit.tests.yml b/.github/workflows/unit.tests.yml index 84c9b0016..10ad4074d 100644 --- a/.github/workflows/unit.tests.yml +++ b/.github/workflows/unit.tests.yml @@ -13,6 +13,7 @@ permissions: jobs: unitTests: + environment: dev runs-on: ubuntu-latest strategy: matrix: diff --git a/app/multi-tenant/central-space/cloud-cap-samples-java/.gitignore b/app/multi-tenant/central-space/cloud-cap-samples-java/.gitignore deleted file mode 100644 index f9986b41c..000000000 --- a/app/multi-tenant/central-space/cloud-cap-samples-java/.gitignore +++ /dev/null @@ -1,38 +0,0 @@ -gen/ -edmx/ -schema-h2.sql -default-env.json -openapi.json -.env -.values.yaml - -bin/ -target/ -.java-version -.flattened-pom.xml -.classpath -.project -.settings -.vscode -.idea -*.iml - -node/ -node_modules/ - -.mta/ -*.mtar -mta.yaml - -*.log* -gc_history* -hs_err* -.DS_Store - -*.db -*.sqlite* - -.cdsrc-private.json - -/chart/ -.reloadtrigger diff --git a/app/multi-tenant/central-space/cloud-cap-samples-java/mta.yaml b/app/multi-tenant/central-space/cloud-cap-samples-java/mta.yaml new file mode 100644 index 000000000..1594e917e --- /dev/null +++ b/app/multi-tenant/central-space/cloud-cap-samples-java/mta.yaml @@ -0,0 +1,170 @@ +_schema-version: '2.1' +ID: bookshop-mt +version: 1.0.0 +description: "Multitenant Bookshop CAP Java Project with UI" +parameters: + enable-parallel-deployments: true +modules: +# --------------------- SERVER MODULE ------------------------ + - name: bookshop-mt-srv +# ------------------------------------------------------------ + type: java + path: srv + parameters: + memory: 1024M + disk-quota: 512M + buildpack: sap_java_buildpack_jakarta + properties: + SPRING_PROFILES_ACTIVE: cloud,sandbox + CDS_MULTITENANCY_APPUI_TENANTSEPARATOR: "-" + JBP_CONFIG_COMPONENTS: "jres: ['com.sap.xs.java.buildpack.jre.SAPMachineJRE']" + JBP_CONFIG_SAP_MACHINE_JRE: '{ version: 21.+ }' + REPOSITORY_ID: __REPOSITORY_ID__ # Placeholder for REPOSITORY_ID + INCOMING_CONNECTION_TIMEOUT: 12000000 + INCOMING_REQUEST_TIMEOUT: 12000000 + timeout: 12000000 + build-parameters: + builder: custom + commands: + - mvn clean package -DskipTests=true + build-result: target/*-exec.jar + requires: + - name: bookshop-mt-service-manager + - name: bookshop-mt-uaa + - name: bookshop-mt-saas-registry + - name: sdm + - name: mtx-api + properties: + CDS_MULTITENANCY_SIDECAR_URL: ~{mtx-url} + - name: app-api + properties: + CDS_MULTITENANCY_APPUI_URL: ~{app-url} + - name: cf-logging + provides: + - name: srv-api + properties: + srv-url: '${default-url}' +# --------------------- SIDECAR MODULE ----------------------- + - name: bookshop-mt-sidecar +# ------------------------------------------------------------ + type: nodejs + path: mtx/sidecar + parameters: + memory: 256M + disk-quota: 1024M + build-parameters: + builder: custom + build-result: gen + commands: + - npm run build + requires: + - name: bookshop-mt-srv + requires: + - name: bookshop-mt-service-manager + - name: bookshop-mt-uaa + - name: cf-logging + - name: sdm + provides: + - name: mtx-api + properties: + mtx-url: ${default-url} + hooks: + - name: upgrade-all + type: task + phases: + - blue-green.application.before-start.idle + - deploy.application.before-start + parameters: + name: upgrade + memory: 512M + disk-quota: 768M + command: npx -p @sap/cds-mtx cds-mtx upgrade "*" +# --------------------- APPROUTER MODULE --------------------- + - name: bookshop-mt-app +# ------------------------------------------------------------ + type: approuter.nodejs + path: app + + parameters: + memory: 256M + disk-quota: 512M + keep-existing-routes: true + host: ${space}-1-multi-pgnaicm + routes: + # - route: playground-agri-com-de2-subscriber-${space}-pgcnaim.${default-domain} + - route: sdm-dev-consumer-eu12-6uxoiqfk-${default-uri} + - route: sdmgoogleworkspace-cpok9mi1-${default-uri} + properties: + TENANT_HOST_PATTERN: ^(.*)-${default-uri} # testing only, use custom domain with wildcard for production + INCOMING_CONNECTION_TIMEOUT: 1200000 + INCOMING_REQUEST_TIMEOUT: 1200000 + timeout: 1200000 + requires: + - name: srv-api + group: destinations + properties: + name: backend + url: ~{srv-url} + forwardAuthToken: true + strictSSL: true + timeout: 1200000 + - name: bookshop-mt-uaa + provides: + - name: app-api + properties: + app-url: '${default-url}' + app-domain: '${domain}' +# --------------------- RESOURCES --------------------- +resources: +# ----------------------------------------------------- + - name: bookshop-mt-uaa + type: org.cloudfoundry.managed-service + parameters: + service: xsuaa + service-plan: application + path: ./xs-security-mt.json + config: # override xsappname as it needs to be unique + xsappname: bookshop-mt-${org}-${space} + oauth2-configuration: + credential-types: + - binding-secret + - x509 + redirect-uris: + - https://*.~{app-api/app-domain}/** + requires: + - name: app-api + - name: bookshop-mt-service-manager + type: org.cloudfoundry.managed-service + parameters: + service: service-manager + service-plan: container + - name: bookshop-mt-saas-registry + type: org.cloudfoundry.managed-service + parameters: + service: saas-registry + service-plan: application + config: + appName: bookshop-mt-${org}-${space} # this is the text on the tile + xsappname: bookshop-mt-${org}-${space} # this is the value from xsuaa.parameters.config.xsappname + appUrls: + getDependencies: ~{srv-api/srv-url}/mt/v1.0/subscriptions/dependencies + onSubscription: ~{srv-api/srv-url}/mt/v1.0/subscriptions/tenants/{tenantId} + onSubscriptionAsync: true + onUnSubscriptionAsync: true + onUpdateDependenciesAsync: true + callbackTimeoutMillis: 3600000 + displayName: Multitenancy App ${space} + description: Multitenancy App test deployed using job + category: 'Category' + requires: + - name: srv-api + - name: cf-logging + type: org.cloudfoundry.managed-service + parameters: + service: application-logs + service-plan: lite + - name: sdm + type: org.cloudfoundry.managed-service + parameters: + service: sdm + service-plan: standard diff --git a/app/multi-tenant/personal-space/cloud-cap-samples-java/.gitignore b/app/multi-tenant/personal-space/cloud-cap-samples-java/.gitignore deleted file mode 100644 index f9986b41c..000000000 --- a/app/multi-tenant/personal-space/cloud-cap-samples-java/.gitignore +++ /dev/null @@ -1,38 +0,0 @@ -gen/ -edmx/ -schema-h2.sql -default-env.json -openapi.json -.env -.values.yaml - -bin/ -target/ -.java-version -.flattened-pom.xml -.classpath -.project -.settings -.vscode -.idea -*.iml - -node/ -node_modules/ - -.mta/ -*.mtar -mta.yaml - -*.log* -gc_history* -hs_err* -.DS_Store - -*.db -*.sqlite* - -.cdsrc-private.json - -/chart/ -.reloadtrigger diff --git a/app/multi-tenant/personal-space/cloud-cap-samples-java/mta.yaml b/app/multi-tenant/personal-space/cloud-cap-samples-java/mta.yaml new file mode 100644 index 000000000..1594e917e --- /dev/null +++ b/app/multi-tenant/personal-space/cloud-cap-samples-java/mta.yaml @@ -0,0 +1,170 @@ +_schema-version: '2.1' +ID: bookshop-mt +version: 1.0.0 +description: "Multitenant Bookshop CAP Java Project with UI" +parameters: + enable-parallel-deployments: true +modules: +# --------------------- SERVER MODULE ------------------------ + - name: bookshop-mt-srv +# ------------------------------------------------------------ + type: java + path: srv + parameters: + memory: 1024M + disk-quota: 512M + buildpack: sap_java_buildpack_jakarta + properties: + SPRING_PROFILES_ACTIVE: cloud,sandbox + CDS_MULTITENANCY_APPUI_TENANTSEPARATOR: "-" + JBP_CONFIG_COMPONENTS: "jres: ['com.sap.xs.java.buildpack.jre.SAPMachineJRE']" + JBP_CONFIG_SAP_MACHINE_JRE: '{ version: 21.+ }' + REPOSITORY_ID: __REPOSITORY_ID__ # Placeholder for REPOSITORY_ID + INCOMING_CONNECTION_TIMEOUT: 12000000 + INCOMING_REQUEST_TIMEOUT: 12000000 + timeout: 12000000 + build-parameters: + builder: custom + commands: + - mvn clean package -DskipTests=true + build-result: target/*-exec.jar + requires: + - name: bookshop-mt-service-manager + - name: bookshop-mt-uaa + - name: bookshop-mt-saas-registry + - name: sdm + - name: mtx-api + properties: + CDS_MULTITENANCY_SIDECAR_URL: ~{mtx-url} + - name: app-api + properties: + CDS_MULTITENANCY_APPUI_URL: ~{app-url} + - name: cf-logging + provides: + - name: srv-api + properties: + srv-url: '${default-url}' +# --------------------- SIDECAR MODULE ----------------------- + - name: bookshop-mt-sidecar +# ------------------------------------------------------------ + type: nodejs + path: mtx/sidecar + parameters: + memory: 256M + disk-quota: 1024M + build-parameters: + builder: custom + build-result: gen + commands: + - npm run build + requires: + - name: bookshop-mt-srv + requires: + - name: bookshop-mt-service-manager + - name: bookshop-mt-uaa + - name: cf-logging + - name: sdm + provides: + - name: mtx-api + properties: + mtx-url: ${default-url} + hooks: + - name: upgrade-all + type: task + phases: + - blue-green.application.before-start.idle + - deploy.application.before-start + parameters: + name: upgrade + memory: 512M + disk-quota: 768M + command: npx -p @sap/cds-mtx cds-mtx upgrade "*" +# --------------------- APPROUTER MODULE --------------------- + - name: bookshop-mt-app +# ------------------------------------------------------------ + type: approuter.nodejs + path: app + + parameters: + memory: 256M + disk-quota: 512M + keep-existing-routes: true + host: ${space}-1-multi-pgnaicm + routes: + # - route: playground-agri-com-de2-subscriber-${space}-pgcnaim.${default-domain} + - route: sdm-dev-consumer-eu12-6uxoiqfk-${default-uri} + - route: sdmgoogleworkspace-cpok9mi1-${default-uri} + properties: + TENANT_HOST_PATTERN: ^(.*)-${default-uri} # testing only, use custom domain with wildcard for production + INCOMING_CONNECTION_TIMEOUT: 1200000 + INCOMING_REQUEST_TIMEOUT: 1200000 + timeout: 1200000 + requires: + - name: srv-api + group: destinations + properties: + name: backend + url: ~{srv-url} + forwardAuthToken: true + strictSSL: true + timeout: 1200000 + - name: bookshop-mt-uaa + provides: + - name: app-api + properties: + app-url: '${default-url}' + app-domain: '${domain}' +# --------------------- RESOURCES --------------------- +resources: +# ----------------------------------------------------- + - name: bookshop-mt-uaa + type: org.cloudfoundry.managed-service + parameters: + service: xsuaa + service-plan: application + path: ./xs-security-mt.json + config: # override xsappname as it needs to be unique + xsappname: bookshop-mt-${org}-${space} + oauth2-configuration: + credential-types: + - binding-secret + - x509 + redirect-uris: + - https://*.~{app-api/app-domain}/** + requires: + - name: app-api + - name: bookshop-mt-service-manager + type: org.cloudfoundry.managed-service + parameters: + service: service-manager + service-plan: container + - name: bookshop-mt-saas-registry + type: org.cloudfoundry.managed-service + parameters: + service: saas-registry + service-plan: application + config: + appName: bookshop-mt-${org}-${space} # this is the text on the tile + xsappname: bookshop-mt-${org}-${space} # this is the value from xsuaa.parameters.config.xsappname + appUrls: + getDependencies: ~{srv-api/srv-url}/mt/v1.0/subscriptions/dependencies + onSubscription: ~{srv-api/srv-url}/mt/v1.0/subscriptions/tenants/{tenantId} + onSubscriptionAsync: true + onUnSubscriptionAsync: true + onUpdateDependenciesAsync: true + callbackTimeoutMillis: 3600000 + displayName: Multitenancy App ${space} + description: Multitenancy App test deployed using job + category: 'Category' + requires: + - name: srv-api + - name: cf-logging + type: org.cloudfoundry.managed-service + parameters: + service: application-logs + service-plan: lite + - name: sdm + type: org.cloudfoundry.managed-service + parameters: + service: sdm + service-plan: standard diff --git a/app/single-tenant/central-space/demoapp/.gitignore b/app/single-tenant/central-space/demoapp/.gitignore deleted file mode 100644 index c161f228e..000000000 --- a/app/single-tenant/central-space/demoapp/.gitignore +++ /dev/null @@ -1,31 +0,0 @@ -**/gen/ -**/edmx/ -*.db -*.sqlite -*.sqlite-wal -*.sqlite-shm -schema*.sql -default-env.json - -**/bin/ -**/target/ -.flattened-pom.xml -.classpath -.project -.settings - -**/node/ -**/node_modules/ - -**/.mta/ -*.mtar - -*.log* -gc_history* -hs_err* -*.tgz -*.iml - -.vscode -.idea -.reloadtrigger diff --git a/app/single-tenant/personal-space/demoapp/.gitignore b/app/single-tenant/personal-space/demoapp/.gitignore deleted file mode 100644 index c161f228e..000000000 --- a/app/single-tenant/personal-space/demoapp/.gitignore +++ /dev/null @@ -1,31 +0,0 @@ -**/gen/ -**/edmx/ -*.db -*.sqlite -*.sqlite-wal -*.sqlite-shm -schema*.sql -default-env.json - -**/bin/ -**/target/ -.flattened-pom.xml -.classpath -.project -.settings - -**/node/ -**/node_modules/ - -**/.mta/ -*.mtar - -*.log* -gc_history* -hs_err* -*.tgz -*.iml - -.vscode -.idea -.reloadtrigger