From 34cbe0412233fd5bfbed4e91330c0236f6a492de Mon Sep 17 00:00:00 2001 From: vibhutikumar <160819926+vibhutikumar07@users.noreply.github.com> Date: Thu, 4 Jun 2026 16:36:49 +0530 Subject: [PATCH 01/11] =?UTF-8?q?Harden=20GitHub=20Actions=20workflows=20?= =?UTF-8?q?=E2=80=94=20environment,=20secret=20masking=20&=20log=20protect?= =?UTF-8?q?ion?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Security changes applied to all 19 workflow files: 1. environment: dev — All jobs now pull secrets from the protected "dev" environment instead of repo-level secrets, adding an extra access control layer. Jobs with existing environment (maven-central) are kept as-is. 2. Secrets moved from inline ${{ secrets.X }} to env: blocks — Prevents secret values from appearing in the process argument list (visible via ps/audit logs). Shell commands now reference $ENV_VAR instead. 3. set +x in every sensitive step — Disables bash debug-trace mode before any secret variable is assigned, preventing accidental log exposure if debug mode is ever enabled upstream. 4. ::add-mask:: for all runtime-fetched and copied secret variables — Registers CF credentials, clientSecret/clientID (fetched from XSUAA at runtime), usernames and passwords with GitHub's log scrubber so any accidental echo or error trace is redacted as *** in logs. --- .../workflows/SAPUI5_Version_Monitoring.yml | 1 + .github/workflows/blackduck.yml | 7 +- .github/workflows/cfdeploy.yml | 26 +++++- .github/workflows/codeql.yml | 1 + .github/workflows/demo-build.yml | 1 + .github/workflows/internalArticatory.yml | 8 +- .github/workflows/main-build-and-deploy.yml | 3 + .github/workflows/main-build.yml | 2 + .../workflows/multi tenancy_Integration.yml | 59 +++++++++---- .github/workflows/multiTenancyDeployLocal.yml | 17 +++- ...ultiTenant_deploy_and_Integration_test.yml | 85 ++++++++++++++----- ...loy_and_Integration_test_LatestVersion.yml | 85 ++++++++++++++----- .github/workflows/new_wokflow_test.yml | 1 + .github/workflows/pull-request-build.yml | 2 +- ...ngleTenant_deploy_and_Integration_test.yml | 60 +++++++++---- ...loy_and_Integration_test_LatestVersion.yml | 68 +++++++++++---- .../singleTenant_integration_test.yml | 46 +++++++--- .github/workflows/sonarqube.yml | 14 ++- .github/workflows/unit.tests.yml | 1 + 19 files changed, 366 insertions(+), 121 deletions(-) diff --git a/.github/workflows/SAPUI5_Version_Monitoring.yml b/.github/workflows/SAPUI5_Version_Monitoring.yml index c0a688d63..b451c0894 100644 --- a/.github/workflows/SAPUI5_Version_Monitoring.yml +++ b/.github/workflows/SAPUI5_Version_Monitoring.yml @@ -8,6 +8,7 @@ on: jobs: update-version: name: Check and Update SAPUI5 Version + environment: dev runs-on: ubuntu-latest permissions: contents: write diff --git a/.github/workflows/blackduck.yml b/.github/workflows/blackduck.yml index a1763a42e..e4dde42c3 100644 --- a/.github/workflows/blackduck.yml +++ b/.github/workflows/blackduck.yml @@ -16,6 +16,7 @@ permissions: jobs: build: + environment: dev runs-on: ubuntu-latest steps: - name: Checkout code @@ -40,11 +41,15 @@ jobs: run: curl --silent -O https://detect.blackduck.com/detect9.sh - name: Run & analyze BlackDuck Scan + env: + BLACKDUCK_TOKEN: ${{ secrets.BLACKDUCK_TOKEN }} run: | + set +x + echo "::add-mask::$BLACKDUCK_TOKEN" bash ./detect9.sh -d \ --logging.level.com.synopsys.integration=DEBUG \ --blackduck.url="https://sap.blackducksoftware.com" \ - --blackduck.api.token=""${{ secrets.BLACKDUCK_TOKEN }}"" \ + --blackduck.api.token="$BLACKDUCK_TOKEN" \ --detect.blackduck.signature.scanner.arguments="--min-scan-interval=0" \ --detect.maven.build.command="install -P unit-tests -DskipIntegrationTests" \ --detect.latest.release.version="9.6.0" \ diff --git a/.github/workflows/cfdeploy.yml b/.github/workflows/cfdeploy.yml index b8751d4ff..a7c27bdb4 100644 --- a/.github/workflows/cfdeploy.yml +++ b/.github/workflows/cfdeploy.yml @@ -32,6 +32,7 @@ permissions: jobs: Deploy: + environment: dev runs-on: ubuntu-latest if: ${{ github.event.inputs.workflow_choice == 'Deploy' }} @@ -108,14 +109,25 @@ jobs: cf install-plugin multiapps -f echo "🔑 Logging into Cloud Foundry..." - cf login -a ${{ secrets.CF_API }} -u ${{ secrets.CF_USER }} -p ${{ secrets.CF_PASSWORD }} -o ${{ secrets.CF_ORG }} -s ${{ github.event.inputs.cf_space }} + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s ${{ github.event.inputs.cf_space }} echo "✅ Logged in successfully!" echo "🚀 Running cf deploy..." cf deploy mta_archives/demoappjava_1.0.0.mtar -f echo "✅ Deployment complete!" + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} SnapshotDeploy: + environment: dev runs-on: ubuntu-latest if: ${{ github.event.inputs.workflow_choice == 'Snapshot Deploy' }} @@ -231,9 +243,19 @@ jobs: cf install-plugin multiapps -f echo "🔑 Logging into Cloud Foundry..." - cf login -a ${{ secrets.CF_API }} -u ${{ secrets.CF_USER }} -p ${{ secrets.CF_PASSWORD }} -o ${{ secrets.CF_ORG }} -s ${{ github.event.inputs.cf_space }} + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s ${{ github.event.inputs.cf_space }} echo "✅ Logged in successfully!" echo "🚀 Running cf deploy..." cf deploy mta_archives/demoappjava_1.0.0.mtar -f echo "✅ Deployment complete!" + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index a5b5476e0..5c6c0df5d 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -13,6 +13,7 @@ on: jobs: analyze: name: Analyze + environment: dev runs-on: ubuntu-latest permissions: diff --git a/.github/workflows/demo-build.yml b/.github/workflows/demo-build.yml index 223c11f04..7936247ec 100644 --- a/.github/workflows/demo-build.yml +++ b/.github/workflows/demo-build.yml @@ -7,6 +7,7 @@ on: jobs: build: + environment: dev runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/internalArticatory.yml b/.github/workflows/internalArticatory.yml index 3dd91871c..d1c7146a4 100644 --- a/.github/workflows/internalArticatory.yml +++ b/.github/workflows/internalArticatory.yml @@ -87,11 +87,17 @@ jobs: - name: Verify artifact in Artifactory if: ${{ endsWith(steps.bump-version.outputs.updated_version || steps.read-revision.outputs.updated_version, '-SNAPSHOT') }} + env: + CAP_DEPLOYMENT_USER: ${{ secrets.CAP_DEPLOYMENT_USER }} + CAP_DEPLOYMENT_PASS: ${{ secrets.CAP_DEPLOYMENT_PASS }} run: | + set +x + echo "::add-mask::$CAP_DEPLOYMENT_USER" + echo "::add-mask::$CAP_DEPLOYMENT_PASS" group_path="com/sap/cds/sdm" version="${{ steps.bump-version.outputs.updated_version || steps.read-revision.outputs.updated_version }}" echo "Checking metadata for $version" - curl -u "${{ secrets.CAP_DEPLOYMENT_USER }}:${{ secrets.CAP_DEPLOYMENT_PASS }}" -f -I \ + curl -u "$CAP_DEPLOYMENT_USER:$CAP_DEPLOYMENT_PASS" -f -I \ "$ARTIFACTORY_URL/$group_path/$version/maven-metadata.xml" || { echo "Metadata not found"; exit 1; } echo "Artifact metadata accessible for $version" - name: Summary diff --git a/.github/workflows/main-build-and-deploy.yml b/.github/workflows/main-build-and-deploy.yml index 0ce1a17b1..4b1fb9bf9 100644 --- a/.github/workflows/main-build-and-deploy.yml +++ b/.github/workflows/main-build-and-deploy.yml @@ -13,6 +13,7 @@ on: jobs: update-version: + environment: dev runs-on: ubuntu-latest #needs: blackduck steps: @@ -36,6 +37,7 @@ jobs: retention-days: 1 build: + environment: dev runs-on: ubuntu-latest needs: update-version steps: @@ -60,6 +62,7 @@ jobs: deploy: name: Deploy to Artifactory + environment: dev runs-on: ubuntu-latest needs: build steps: diff --git a/.github/workflows/main-build.yml b/.github/workflows/main-build.yml index f436f11ed..324e6595e 100644 --- a/.github/workflows/main-build.yml +++ b/.github/workflows/main-build.yml @@ -12,6 +12,7 @@ on: jobs: build: name: Build + environment: dev runs-on: ubuntu-latest permissions: contents: read @@ -30,6 +31,7 @@ jobs: update-version: name: Update version + environment: dev runs-on: ubuntu-latest needs: [ build ] permissions: diff --git a/.github/workflows/multi tenancy_Integration.yml b/.github/workflows/multi tenancy_Integration.yml index 17ec2920f..e32aa421a 100644 --- a/.github/workflows/multi tenancy_Integration.yml +++ b/.github/workflows/multi tenancy_Integration.yml @@ -17,6 +17,7 @@ on: jobs: # Parallel integration tests using matrix strategy integration-test: + environment: dev runs-on: ubuntu-latest strategy: fail-fast: false @@ -65,9 +66,11 @@ jobs: - name: Determine Cloud Foundry Space 🌌 id: determine_space + env: + CF_SPACE: ${{ secrets.CF_SPACE }} run: | if [ "${{ github.event.inputs.cf_space }}" == "developcap" ]; then - space="${{ secrets.CF_SPACE }}" + space="$CF_SPACE" else space="${{ github.event.inputs.cf_space }}" fi @@ -75,12 +78,22 @@ jobs: echo "space=$space" >> $GITHUB_OUTPUT - name: Login to Cloud Foundry 🔑 + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} run: | + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" echo "🔄 Logging in to Cloud Foundry using space: ${{ steps.determine_space.outputs.space }}" - cf login -a ${{ secrets.CF_API }} \ - -u ${{ secrets.CF_USER }} \ - -p ${{ secrets.CF_PASSWORD }} \ - -o ${{ secrets.CF_ORG }} \ + cf login -a "$CF_API" \ + -u "$CF_USER" \ + -p "$CF_PASSWORD" \ + -o "$CF_ORG" \ -s ${{ steps.determine_space.outputs.space }} - name: Fetch and Escape Client Details for single tenant 🔍 @@ -157,23 +170,32 @@ jobs: CLIENT_ID: ${{ steps.fetch_credentials.outputs.CLIENT_ID }} CLIENT_SECRET_MT: ${{ steps.fetch_credentials_mt.outputs.CLIENT_SECRET_MT }} CLIENT_ID_MT: ${{ steps.fetch_credentials_mt.outputs.CLIENT_ID_MT }} + CF_ORG: ${{ secrets.CF_ORG }} + CAPAUTH_URL: ${{ secrets.CAPAUTH_URL }} + AUTHURLMT1: ${{ secrets.AUTHURLMT1 }} + AUTHURLMT2: ${{ secrets.AUTHURLMT2 }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + NOSDMROLEUSERNAME: ${{ secrets.NOSDMROLEUSERNAME }} + NOSDMROLEUSERPASSWORD: ${{ secrets.NOSDMROLEUSERPASSWORD }} run: | echo "🚀 Preparing credentials for ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}..." + set +x set -e PROPERTIES_FILE="sdm/src/test/resources/credentials.properties" - appUrl="${{ secrets.CF_ORG }}-${{ steps.determine_space.outputs.space }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" - appUrlMT="${{ secrets.CF_ORG }}-${{ steps.determine_space.outputs.space }}-bookshop-mt-srv.cfapps.eu12.hana.ondemand.com" - authUrl="${{ secrets.CAPAUTH_URL }}" - authUrlMT1="${{ secrets.AUTHURLMT1 }}" - authUrlMT2="${{ secrets.AUTHURLMT2 }}" - clientID="${{ env.CLIENT_ID }}" - clientSecret="${{ env.CLIENT_SECRET }}" - clientIDMT="${{ env.CLIENT_ID_MT }}" - clientSecretMT="${{ env.CLIENT_SECRET_MT }}" - username="${{ secrets.CF_USER }}" - password="${{ secrets.CF_PASSWORD }}" - noSDMRoleUsername="${{ secrets.NOSDMROLEUSERNAME }}" - noSDMRoleUserPassword="${{ secrets.NOSDMROLEUSERPASSWORD }}" + appUrl="$CF_ORG-${{ steps.determine_space.outputs.space }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" + appUrlMT="$CF_ORG-${{ steps.determine_space.outputs.space }}-bookshop-mt-srv.cfapps.eu12.hana.ondemand.com" + authUrl="$CAPAUTH_URL" + authUrlMT1="$AUTHURLMT1" + authUrlMT2="$AUTHURLMT2" + clientID="$CLIENT_ID" + clientSecret="$CLIENT_SECRET" + clientIDMT="$CLIENT_ID_MT" + clientSecretMT="$CLIENT_SECRET_MT" + username="$CF_USER" + password="$CF_PASSWORD" + noSDMRoleUsername="$NOSDMROLEUSERNAME" + noSDMRoleUserPassword="$NOSDMROLEUSERPASSWORD" echo "::add-mask::$clientSecret" echo "::add-mask::$clientID" @@ -233,6 +255,7 @@ jobs: # Summary job to aggregate results test-summary: + environment: dev runs-on: ubuntu-latest needs: integration-test if: always() diff --git a/.github/workflows/multiTenancyDeployLocal.yml b/.github/workflows/multiTenancyDeployLocal.yml index 79c60c1f8..aa8f51ab5 100644 --- a/.github/workflows/multiTenancyDeployLocal.yml +++ b/.github/workflows/multiTenancyDeployLocal.yml @@ -24,6 +24,7 @@ permissions: jobs: deploy: + environment: dev runs-on: ubuntu-latest steps: @@ -98,7 +99,12 @@ jobs: - name: Deploy to Cloud Foundry ☁️ working-directory: app/multi-tenant/personal-space/cloud-cap-samples-java - run: | + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} + run: | echo "🚀 Deploying to -s ${{ steps.determine_space.outputs.space }}..." echo "🔧 Installing Cloud Foundry CLI and plugins..." @@ -107,13 +113,18 @@ jobs: echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list sudo apt update sudo apt install cf8-cli - + cf install-plugin multiapps -f echo "✅ Cloud Foundry CLI setup complete!" # Login to Cloud Foundry again to ensure session is active echo "🔑 Logging in to Cloud Foundry..." - cf login -a ${{ secrets.CF_API }} -u ${{ secrets.CF_USER }} -p ${{ secrets.CF_PASSWORD }} -o ${{ secrets.CF_ORG }} -s ${{ github.event.inputs.cf_space }} + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s ${{ github.event.inputs.cf_space }} echo "✅ Logged in successfully!" # Deploy the application diff --git a/.github/workflows/multiTenant_deploy_and_Integration_test.yml b/.github/workflows/multiTenant_deploy_and_Integration_test.yml index 66bd44aa6..f820c368d 100644 --- a/.github/workflows/multiTenant_deploy_and_Integration_test.yml +++ b/.github/workflows/multiTenant_deploy_and_Integration_test.yml @@ -15,6 +15,7 @@ permissions: jobs: deploy: + environment: dev if: github.event.pull_request.merged == true runs-on: ubuntu-latest @@ -74,8 +75,14 @@ jobs: - name: Deploy to Cloud Foundry ☁️ working-directory: app/multi-tenant/central-space/cloud-cap-samples-java - run: | - echo "🚀 Deploying to ${{ secrets.CF_SPACE }}..." + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} + run: | + echo "🚀 Deploying to $CF_SPACE..." echo "🔧 Installing Cloud Foundry CLI and plugins..." # Install cf CLI plugin @@ -83,13 +90,19 @@ jobs: echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list sudo apt update sudo apt install cf8-cli - + cf install-plugin multiapps -f echo "✅ Cloud Foundry CLI setup complete!" # Login to Cloud Foundry again to ensure session is active echo "🔑 Logging in to Cloud Foundry..." - cf login -a ${{ secrets.CF_API }} -u ${{ secrets.CF_USER }} -p ${{ secrets.CF_PASSWORD }} -o ${{ secrets.CF_ORG }} -s ${{ secrets.CF_SPACE }} + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + echo "::add-mask::$CF_SPACE" + cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s "$CF_SPACE" echo "✅ Logged in successfully!" # Deploy the application @@ -101,6 +114,7 @@ jobs: echo "✅ Deployment complete!" integration-test: + environment: dev needs: deploy runs-on: ubuntu-latest strategy: @@ -148,9 +162,11 @@ jobs: - name: Determine Cloud Foundry Space 🌌 id: determine_space + env: + CF_SPACE: ${{ secrets.CF_SPACE }} run: | if [ "${{ github.event.inputs.cf_space }}" == "developcap" ]; then - space="${{ secrets.CF_SPACE }}" + space="$CF_SPACE" else space="${{ github.event.inputs.cf_space }}" fi @@ -158,13 +174,25 @@ jobs: echo "space=$space" >> $GITHUB_OUTPUT - name: Login to Cloud Foundry 🔑 + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} run: | echo "🔄 Logging in to Cloud Foundry using space: ${{ steps.determine_space.outputs.space }}" - cf login -a ${{ secrets.CF_API }} \ - -u ${{ secrets.CF_USER }} \ - -p ${{ secrets.CF_PASSWORD }} \ - -o ${{ secrets.CF_ORG }} \ - -s ${{ secrets.CF_SPACE }} + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + echo "::add-mask::$CF_SPACE" + cf login -a "$CF_API" \ + -u "$CF_USER" \ + -p "$CF_PASSWORD" \ + -o "$CF_ORG" \ + -s "$CF_SPACE" - name: Fetch and Escape Client Details for single tenant 🔍 id: fetch_credentials @@ -240,23 +268,33 @@ jobs: CLIENT_ID: ${{ steps.fetch_credentials.outputs.CLIENT_ID }} CLIENT_SECRET_MT: ${{ steps.fetch_credentials_mt.outputs.CLIENT_SECRET_MT }} CLIENT_ID_MT: ${{ steps.fetch_credentials_mt.outputs.CLIENT_ID_MT }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} + CAPAUTH_URL: ${{ secrets.CAPAUTH_URL }} + AUTHURLMT1: ${{ secrets.AUTHURLMT1 }} + AUTHURLMT2: ${{ secrets.AUTHURLMT2 }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + NOSDMROLEUSERNAME: ${{ secrets.NOSDMROLEUSERNAME }} + NOSDMROLEUSERPASSWORD: ${{ secrets.NOSDMROLEUSERPASSWORD }} run: | echo "🚀 Preparing credentials for ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}..." + set +x set -e PROPERTIES_FILE="sdm/src/test/resources/credentials.properties" - appUrl="${{ secrets.CF_ORG }}-${{ secrets.CF_SPACE }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" - appUrlMT="${{ secrets.CF_ORG }}-${{ secrets.CF_SPACE }}-bookshop-mt-srv.cfapps.eu12.hana.ondemand.com" - authUrl="${{ secrets.CAPAUTH_URL }}" - authUrlMT1="${{ secrets.AUTHURLMT1 }}" - authUrlMT2="${{ secrets.AUTHURLMT2 }}" - clientID="${{ env.CLIENT_ID }}" - clientSecret="${{ env.CLIENT_SECRET }}" - clientIDMT="${{ env.CLIENT_ID_MT }}" - clientSecretMT="${{ env.CLIENT_SECRET_MT }}" - username="${{ secrets.CF_USER }}" - password="${{ secrets.CF_PASSWORD }}" - noSDMRoleUsername="${{ secrets.NOSDMROLEUSERNAME }}" - noSDMRoleUserPassword="${{ secrets.NOSDMROLEUSERPASSWORD }}" + appUrl="$CF_ORG-$CF_SPACE-demoappjava-srv.cfapps.eu12.hana.ondemand.com" + appUrlMT="$CF_ORG-$CF_SPACE-bookshop-mt-srv.cfapps.eu12.hana.ondemand.com" + authUrl="$CAPAUTH_URL" + authUrlMT1="$AUTHURLMT1" + authUrlMT2="$AUTHURLMT2" + clientID="$CLIENT_ID" + clientSecret="$CLIENT_SECRET" + clientIDMT="$CLIENT_ID_MT" + clientSecretMT="$CLIENT_SECRET_MT" + username="$CF_USER" + password="$CF_PASSWORD" + noSDMRoleUsername="$NOSDMROLEUSERNAME" + noSDMRoleUserPassword="$NOSDMROLEUSERPASSWORD" echo "::add-mask::$clientSecret" echo "::add-mask::$clientID" @@ -316,6 +354,7 @@ jobs: # Summary job to aggregate results test-summary: + environment: dev runs-on: ubuntu-latest needs: integration-test if: always() && github.event.pull_request.merged == true diff --git a/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml b/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml index 8681a2fd4..0ba8952d4 100644 --- a/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml +++ b/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml @@ -15,6 +15,7 @@ permissions: jobs: deploy: + environment: dev #Run only if the triggering workflow concluded successfully if: ${{ github.event.workflow_run.conclusion == 'success' || github.event_name == 'workflow_dispatch' }} runs-on: ubuntu-latest @@ -121,8 +122,14 @@ jobs: - name: Deploy to Cloud Foundry ☁️ working-directory: app/multi-tenant/central-space/cloud-cap-samples-java - run: | - echo "🚀 Deploying to ${{ secrets.CF_SPACE }}..." + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} + run: | + echo "🚀 Deploying to $CF_SPACE..." echo "🔧 Installing Cloud Foundry CLI and plugins..." # Install cf CLI plugin @@ -130,13 +137,19 @@ jobs: echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list sudo apt update sudo apt install cf8-cli - + cf install-plugin multiapps -f echo "✅ Cloud Foundry CLI setup complete!" # Login to Cloud Foundry again to ensure session is active echo "🔑 Logging in to Cloud Foundry..." - cf login -a ${{ secrets.CF_API }} -u ${{ secrets.CF_USER }} -p ${{ secrets.CF_PASSWORD }} -o ${{ secrets.CF_ORG }} -s ${{ secrets.CF_SPACE }} + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + echo "::add-mask::$CF_SPACE" + cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s "$CF_SPACE" echo "✅ Logged in successfully!" # Deploy the application @@ -148,6 +161,7 @@ jobs: echo "✅ Deployment complete!" integration-test: + environment: dev needs: deploy runs-on: ubuntu-latest strategy: @@ -195,9 +209,11 @@ jobs: - name: Determine Cloud Foundry Space 🌌 id: determine_space + env: + CF_SPACE: ${{ secrets.CF_SPACE }} run: | if [ "${{ github.event.inputs.cf_space }}" == "developcap" ]; then - space="${{ secrets.CF_SPACE }}" + space="$CF_SPACE" else space="${{ github.event.inputs.cf_space }}" fi @@ -205,13 +221,25 @@ jobs: echo "space=$space" >> $GITHUB_OUTPUT - name: Login to Cloud Foundry 🔑 + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} run: | echo "🔄 Logging in to Cloud Foundry using space: ${{ steps.determine_space.outputs.space }}" - cf login -a ${{ secrets.CF_API }} \ - -u ${{ secrets.CF_USER }} \ - -p ${{ secrets.CF_PASSWORD }} \ - -o ${{ secrets.CF_ORG }} \ - -s ${{ secrets.CF_SPACE }} + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + echo "::add-mask::$CF_SPACE" + cf login -a "$CF_API" \ + -u "$CF_USER" \ + -p "$CF_PASSWORD" \ + -o "$CF_ORG" \ + -s "$CF_SPACE" - name: Fetch and Escape Client Details for single tenant 🔍 id: fetch_credentials @@ -287,23 +315,33 @@ jobs: CLIENT_ID: ${{ steps.fetch_credentials.outputs.CLIENT_ID }} CLIENT_SECRET_MT: ${{ steps.fetch_credentials_mt.outputs.CLIENT_SECRET_MT }} CLIENT_ID_MT: ${{ steps.fetch_credentials_mt.outputs.CLIENT_ID_MT }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} + CAPAUTH_URL: ${{ secrets.CAPAUTH_URL }} + AUTHURLMT1: ${{ secrets.AUTHURLMT1 }} + AUTHURLMT2: ${{ secrets.AUTHURLMT2 }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + NOSDMROLEUSERNAME: ${{ secrets.NOSDMROLEUSERNAME }} + NOSDMROLEUSERPASSWORD: ${{ secrets.NOSDMROLEUSERPASSWORD }} run: | echo "🚀 Preparing credentials for ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}..." + set +x set -e PROPERTIES_FILE="sdm/src/test/resources/credentials.properties" - appUrl="${{ secrets.CF_ORG }}-${{ secrets.CF_SPACE }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" - appUrlMT="${{ secrets.CF_ORG }}-${{ secrets.CF_SPACE }}-bookshop-mt-srv.cfapps.eu12.hana.ondemand.com" - authUrl="${{ secrets.CAPAUTH_URL }}" - authUrlMT1="${{ secrets.AUTHURLMT1 }}" - authUrlMT2="${{ secrets.AUTHURLMT2 }}" - clientID="${{ env.CLIENT_ID }}" - clientSecret="${{ env.CLIENT_SECRET }}" - clientIDMT="${{ env.CLIENT_ID_MT }}" - clientSecretMT="${{ env.CLIENT_SECRET_MT }}" - username="${{ secrets.CF_USER }}" - password="${{ secrets.CF_PASSWORD }}" - noSDMRoleUsername="${{ secrets.NOSDMROLEUSERNAME }}" - noSDMRoleUserPassword="${{ secrets.NOSDMROLEUSERPASSWORD }}" + appUrl="$CF_ORG-$CF_SPACE-demoappjava-srv.cfapps.eu12.hana.ondemand.com" + appUrlMT="$CF_ORG-$CF_SPACE-bookshop-mt-srv.cfapps.eu12.hana.ondemand.com" + authUrl="$CAPAUTH_URL" + authUrlMT1="$AUTHURLMT1" + authUrlMT2="$AUTHURLMT2" + clientID="$CLIENT_ID" + clientSecret="$CLIENT_SECRET" + clientIDMT="$CLIENT_ID_MT" + clientSecretMT="$CLIENT_SECRET_MT" + username="$CF_USER" + password="$CF_PASSWORD" + noSDMRoleUsername="$NOSDMROLEUSERNAME" + noSDMRoleUserPassword="$NOSDMROLEUSERPASSWORD" echo "::add-mask::$clientSecret" echo "::add-mask::$clientID" @@ -363,6 +401,7 @@ jobs: # Summary job to aggregate results test-summary: + environment: dev runs-on: ubuntu-latest needs: integration-test if: always() diff --git a/.github/workflows/new_wokflow_test.yml b/.github/workflows/new_wokflow_test.yml index 6d957adc1..37c742171 100644 --- a/.github/workflows/new_wokflow_test.yml +++ b/.github/workflows/new_wokflow_test.yml @@ -7,6 +7,7 @@ on: workflow_dispatch: jobs: check_release_branches: + environment: dev if: ${{ github.event.workflow_run.conclusion == 'success' || github.event_name == 'workflow_dispatch' }} runs-on: ubuntu-latest diff --git a/.github/workflows/pull-request-build.yml b/.github/workflows/pull-request-build.yml index 7ebbf875b..9fa18c50a 100644 --- a/.github/workflows/pull-request-build.yml +++ b/.github/workflows/pull-request-build.yml @@ -11,7 +11,7 @@ on: jobs: build: - + environment: dev runs-on: ubuntu-latest strategy: diff --git a/.github/workflows/singleTenant_deploy_and_Integration_test.yml b/.github/workflows/singleTenant_deploy_and_Integration_test.yml index a7b495160..640abf6b9 100644 --- a/.github/workflows/singleTenant_deploy_and_Integration_test.yml +++ b/.github/workflows/singleTenant_deploy_and_Integration_test.yml @@ -14,6 +14,7 @@ permissions: jobs: deploy: + environment: dev if: github.event.pull_request.merged == true runs-on: ubuntu-latest @@ -88,25 +89,32 @@ jobs: mbt build - # Install cf & login + # Install cf & login wget -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key \ | sudo tee /etc/apt/trusted.gpg.d/cloudfoundry.asc echo "deb https://packages.cloudfoundry.org/debian stable main" \ | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list sudo apt update sudo apt install cf8-cli - + # Install cf CLI plugin cf install-plugin multiapps -f # Login to Cloud Foundry again to ensure session is active - cf login -a ${{ secrets.CF_API }} -u ${{ secrets.CF_USER }} -p ${{ secrets.CF_PASSWORD }} -o ${{ secrets.CF_ORG }} -s ${{ secrets.CF_SPACE }} + cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s "$CF_SPACE" # Deploy the application echo "Running cf deploy" cf deploy mta_archives/demoappjava_1.0.0.mtar -f + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} integration-test: + environment: dev needs: deploy runs-on: ubuntu-latest strategy: @@ -151,12 +159,24 @@ jobs: fi - name: Login to Cloud Foundry + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} run: | - cf login -a ${{ secrets.CF_API }} \ - -u ${{ secrets.CF_USER }} \ - -p ${{ secrets.CF_PASSWORD }} \ - -o ${{ secrets.CF_ORG }} \ - -s ${{ secrets.CF_SPACE }} + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + echo "::add-mask::$CF_SPACE" + cf login -a "$CF_API" \ + -u "$CF_USER" \ + -p "$CF_PASSWORD" \ + -o "$CF_ORG" \ + -s "$CF_SPACE" - name: Fetch and Escape Client Details for single tenant 🔍 id: fetch_credentials @@ -190,18 +210,26 @@ jobs: env: CLIENT_SECRET: ${{ steps.fetch_credentials.outputs.CLIENT_SECRET }} CLIENT_ID: ${{ steps.fetch_credentials.outputs.CLIENT_ID }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} + CAPAUTH_URL: ${{ secrets.CAPAUTH_URL }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + NOSDMROLEUSERNAME: ${{ secrets.NOSDMROLEUSERNAME }} + NOSDMROLEUSERPASSWORD: ${{ secrets.NOSDMROLEUSERPASSWORD }} run: | + set +x echo "🚀 Starting integration tests for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}..." set -e PROPERTIES_FILE="sdm/src/test/resources/credentials.properties" - appUrl="${{ secrets.CF_ORG }}-${{ secrets.CF_SPACE }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" - authUrl="${{ secrets.CAPAUTH_URL }}" - clientID="${{ env.CLIENT_ID }}" - clientSecret="${{ env.CLIENT_SECRET }}" - username="${{ secrets.CF_USER }}" - password="${{ secrets.CF_PASSWORD }}" - noSDMRoleUsername="${{ secrets.NOSDMROLEUSERNAME }}" - noSDMRoleUserPassword="${{ secrets.NOSDMROLEUSERPASSWORD }}" + appUrl="$CF_ORG-$CF_SPACE-demoappjava-srv.cfapps.eu12.hana.ondemand.com" + authUrl="$CAPAUTH_URL" + clientID="$CLIENT_ID" + clientSecret="$CLIENT_SECRET" + username="$CF_USER" + password="$CF_PASSWORD" + noSDMRoleUsername="$NOSDMROLEUSERNAME" + noSDMRoleUserPassword="$NOSDMROLEUSERPASSWORD" echo "::add-mask::$clientSecret" echo "::add-mask::$clientID" echo "::add-mask::$username" diff --git a/.github/workflows/singleTenant_deploy_and_Integration_test_LatestVersion.yml b/.github/workflows/singleTenant_deploy_and_Integration_test_LatestVersion.yml index 50bae680d..c6411698d 100644 --- a/.github/workflows/singleTenant_deploy_and_Integration_test_LatestVersion.yml +++ b/.github/workflows/singleTenant_deploy_and_Integration_test_LatestVersion.yml @@ -16,6 +16,7 @@ permissions: jobs: deploy: + environment: dev # Run only if the triggering workflow concluded successfully if: ${{ github.event.workflow_run.conclusion == 'success' || github.event_name == 'workflow_dispatch' }} runs-on: ubuntu-latest @@ -139,25 +140,32 @@ jobs: mbt build - # Install cf & login + # Install cf & login wget -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key \ | sudo tee /etc/apt/trusted.gpg.d/cloudfoundry.asc echo "deb https://packages.cloudfoundry.org/debian stable main" \ | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list sudo apt update sudo apt install cf8-cli - + # Install cf CLI plugin cf install-plugin multiapps -f # Login to Cloud Foundry again to ensure session is active - cf login -a ${{ secrets.CF_API }} -u ${{ secrets.CF_USER }} -p ${{ secrets.CF_PASSWORD }} -o ${{ secrets.CF_ORG }} -s ${{ secrets.CF_SPACE }} + cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s "$CF_SPACE" # Deploy the application echo "Running cf deploy" cf deploy mta_archives/demoappjava_1.0.0.mtar -f + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} integration-test: + environment: dev needs: deploy runs-on: ubuntu-latest strategy: @@ -202,12 +210,24 @@ jobs: fi - name: Login to Cloud Foundry + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} run: | - cf login -a ${{ secrets.CF_API }} \ - -u ${{ secrets.CF_USER }} \ - -p ${{ secrets.CF_PASSWORD }} \ - -o ${{ secrets.CF_ORG }} \ - -s ${{ secrets.CF_SPACE }} + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + echo "::add-mask::$CF_SPACE" + cf login -a "$CF_API" \ + -u "$CF_USER" \ + -p "$CF_PASSWORD" \ + -o "$CF_ORG" \ + -s "$CF_SPACE" - name: Fetch and Escape Client Secret id: fetch_secret @@ -234,23 +254,39 @@ jobs: # Escape any $ characters in the clientSecret escapedClientSecret=$(echo "$clientSecret" | sed 's/\$/\\$/g') + echo "::add-mask::$escapedClientSecret" echo "CLIENT_SECRET=$escapedClientSecret" >> $GITHUB_OUTPUT - name: Run integration tests (${{ matrix.tokenFlow }} - ${{ matrix.testClass }}) env: CLIENT_SECRET: ${{ steps.fetch_secret.outputs.CLIENT_SECRET }} + CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} + CAPAUTH_URL: ${{ secrets.CAPAUTH_URL }} + CAPSDM_CLIENT_ID: ${{ secrets.CAPSDM_CLIENT_ID }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + NOSDMROLEUSERNAME: ${{ secrets.NOSDMROLEUSERNAME }} + NOSDMROLEUSERPASSWORD: ${{ secrets.NOSDMROLEUSERPASSWORD }} run: | + set +x echo "Starting integration tests for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}..." set -e # Enable error checking PROPERTIES_FILE="sdm/src/test/resources/credentials.properties" # Gather secrets and other values - appUrl="${{ secrets.CF_ORG }}-${{ secrets.CF_SPACE }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" - authUrl="${{ secrets.CAPAUTH_URL }}" - clientID="${{ secrets.CAPSDM_CLIENT_ID }}" - clientSecret="${{ env.CLIENT_SECRET }}" - username="${{ secrets.CF_USER }}" - password="${{ secrets.CF_PASSWORD }}" - noSDMRoleUsername="${{ secrets.NOSDMROLEUSERNAME }}" - noSDMRoleUserPassword="${{ secrets.NOSDMROLEUSERPASSWORD }}" + appUrl="$CF_ORG-$CF_SPACE-demoappjava-srv.cfapps.eu12.hana.ondemand.com" + authUrl="$CAPAUTH_URL" + clientID="$CAPSDM_CLIENT_ID" + clientSecret="$CLIENT_SECRET" + username="$CF_USER" + password="$CF_PASSWORD" + noSDMRoleUsername="$NOSDMROLEUSERNAME" + noSDMRoleUserPassword="$NOSDMROLEUSERPASSWORD" + echo "::add-mask::$clientID" + echo "::add-mask::$clientSecret" + echo "::add-mask::$username" + echo "::add-mask::$password" + echo "::add-mask::$noSDMRoleUsername" + echo "::add-mask::$noSDMRoleUserPassword" # Ensure all required variables are set if [ -z "$appUrl" ]; then echo "Error: appUrl is not set"; exit 1; fi if [ -z "$authUrl" ]; then echo "Error: authUrl is not set"; exit 1; fi diff --git a/.github/workflows/singleTenant_integration_test.yml b/.github/workflows/singleTenant_integration_test.yml index dc4ab243b..d37c90eed 100644 --- a/.github/workflows/singleTenant_integration_test.yml +++ b/.github/workflows/singleTenant_integration_test.yml @@ -13,6 +13,7 @@ on: jobs: integration-test: + environment: dev runs-on: ubuntu-latest strategy: fail-fast: false @@ -60,9 +61,11 @@ jobs: - name: Determine Cloud Foundry Space 🌌 id: determine_space + env: + CF_SPACE: ${{ secrets.CF_SPACE }} run: | if [ "${{ github.event.inputs.cf_space }}" == "developcap" ]; then - space="${{ secrets.CF_SPACE }}" + space="$CF_SPACE" else space="${{ github.event.inputs.cf_space }}" fi @@ -70,13 +73,23 @@ jobs: echo "space=$space" >> $GITHUB_OUTPUT - name: Login to Cloud Foundry 🔑 + env: + CF_API: ${{ secrets.CF_API }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + CF_ORG: ${{ secrets.CF_ORG }} run: | + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" echo "🔄 Logging in to Cloud Foundry..." echo "Space Name: ${{ steps.determine_space.outputs.space }}" - cf login -a ${{ secrets.CF_API }} \ - -u ${{ secrets.CF_USER }} \ - -p ${{ secrets.CF_PASSWORD }} \ - -o ${{ secrets.CF_ORG }} \ + cf login -a "$CF_API" \ + -u "$CF_USER" \ + -p "$CF_PASSWORD" \ + -o "$CF_ORG" \ -s ${{ steps.determine_space.outputs.space }} echo "✅ Logged in successfully!" @@ -113,18 +126,25 @@ jobs: env: CLIENT_SECRET: ${{ steps.fetch_credentials.outputs.CLIENT_SECRET }} CLIENT_ID: ${{ steps.fetch_credentials.outputs.CLIENT_ID }} + CF_ORG: ${{ secrets.CF_ORG }} + CAPAUTH_URL: ${{ secrets.CAPAUTH_URL }} + CF_USER: ${{ secrets.CF_USER }} + CF_PASSWORD: ${{ secrets.CF_PASSWORD }} + NOSDMROLEUSERNAME: ${{ secrets.NOSDMROLEUSERNAME }} + NOSDMROLEUSERPASSWORD: ${{ secrets.NOSDMROLEUSERPASSWORD }} run: | + set +x echo "🚀 Starting integration tests for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}..." set -e PROPERTIES_FILE="sdm/src/test/resources/credentials.properties" - appUrl="${{ secrets.CF_ORG }}-${{ steps.determine_space.outputs.space }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" - authUrl="${{ secrets.CAPAUTH_URL }}" - clientID="${{ env.CLIENT_ID }}" - clientSecret="${{ env.CLIENT_SECRET }}" - username="${{ secrets.CF_USER }}" - password="${{ secrets.CF_PASSWORD }}" - noSDMRoleUsername="${{ secrets.NOSDMROLEUSERNAME }}" - noSDMRoleUserPassword="${{ secrets.NOSDMROLEUSERPASSWORD }}" + appUrl="$CF_ORG-${{ steps.determine_space.outputs.space }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" + authUrl="$CAPAUTH_URL" + clientID="$CLIENT_ID" + clientSecret="$CLIENT_SECRET" + username="$CF_USER" + password="$CF_PASSWORD" + noSDMRoleUsername="$NOSDMROLEUSERNAME" + noSDMRoleUserPassword="$NOSDMROLEUSERPASSWORD" echo "::add-mask::$clientSecret" echo "::add-mask::$clientID" echo "::add-mask::$username" diff --git a/.github/workflows/sonarqube.yml b/.github/workflows/sonarqube.yml index fb67c7044..fb8f0117e 100644 --- a/.github/workflows/sonarqube.yml +++ b/.github/workflows/sonarqube.yml @@ -16,6 +16,7 @@ permissions: jobs: sonar-scan: + environment: dev runs-on: ubuntu-latest steps: @@ -45,7 +46,12 @@ jobs: fi - name: Run SonarQube analysis + env: + SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} run: | + set +x + echo "::add-mask::$SONAR_TOKEN" if [ "${{ github.event_name }}" == "pull_request" ]; then sonar-scanner \ -Dsonar.projectKey=cap-java-sdm \ @@ -57,8 +63,8 @@ jobs: -Dsonar.inclusions=**/*.java \ -Dsonar.exclusions=**/target/**,**/node_modules/**,sdm/src/main/test/**,app/**/*.capnb,sdm/src/main/java/com/sap/cds/sdm/model/**,sdm/src/main/java/com/sap/cds/sdm/caching/CacheKey.java,sdm/src/main/java/com/sap/cds/sdm/caching/RepoKey.java,sdm/src/main/java/com/sap/cds/sdm/caching/TokenCacheKey.java,sdm/src/main/java/com/sap/cds/sdm/caching/SecondaryTypesKey.java,sdm/src/main/java/com/sap/cds/sdm/caching/SecondaryPropertiesKey.java \ -Dsonar.java.file.suffixes=.java \ - -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \ - -Dsonar.login=${{ secrets.SONAR_TOKEN }} \ + -Dsonar.host.url="$SONAR_HOST_URL" \ + -Dsonar.login="$SONAR_TOKEN" \ -Dsonar.pullrequest.key=${{ github.event.pull_request.number }} \ -Dsonar.pullrequest.branch=${{ github.head_ref }} \ -Dsonar.pullrequest.base=${{ github.base_ref }} @@ -73,8 +79,8 @@ jobs: -Dsonar.inclusions=**/*.java \ -Dsonar.exclusions=**/target/**,**/node_modules/**,sdm/src/main/test/**,app/**/*.capnb,sdm/src/main/java/com/sap/cds/sdm/model/**,sdm/src/main/java/com/sap/cds/sdm/caching/CacheKey.java,sdm/src/main/java/com/sap/cds/sdm/caching/RepoKey.java,sdm/src/main/java/com/sap/cds/sdm/caching/TokenCacheKey.java,sdm/src/main/java/com/sap/cds/sdm/caching/SecondaryTypesKey.java,sdm/src/main/java/com/sap/cds/sdm/caching/SecondaryPropertiesKey.java \ -Dsonar.java.file.suffixes=.java \ - -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \ - -Dsonar.login=${{ secrets.SONAR_TOKEN }} + -Dsonar.host.url="$SONAR_HOST_URL" \ + -Dsonar.login="$SONAR_TOKEN" fi - name: Quality Gate Check diff --git a/.github/workflows/unit.tests.yml b/.github/workflows/unit.tests.yml index 84c9b0016..10ad4074d 100644 --- a/.github/workflows/unit.tests.yml +++ b/.github/workflows/unit.tests.yml @@ -13,6 +13,7 @@ permissions: jobs: unitTests: + environment: dev runs-on: ubuntu-latest strategy: matrix: From bb2733a37d241c81790a1cbc9be6ae4209a62712 Mon Sep 17 00:00:00 2001 From: vibhutikumar <160819926+vibhutikumar07@users.noreply.github.com> Date: Thu, 4 Jun 2026 17:00:02 +0530 Subject: [PATCH 02/11] Update pom.xml --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 8db2566c0..993d1f24f 100644 --- a/pom.xml +++ b/pom.xml @@ -23,7 +23,7 @@ - 1.8.1-SNAPSHOT + 1.0.0-RC1 21 ${java.version} ${java.version} From 6c66e295f885a1b2c703ea9dc22eea31e132cdee Mon Sep 17 00:00:00 2001 From: vibhutikumar <160819926+vibhutikumar07@users.noreply.github.com> Date: Thu, 4 Jun 2026 17:36:02 +0530 Subject: [PATCH 03/11] remove .gitignore from leading apps and add mta.yaml back (#505) Co-authored-by: Yashmeet . --- .../cloud-cap-samples-java/.gitignore | 38 ---- .../cloud-cap-samples-java/mta.yaml | 170 ++++++++++++++++++ .../cloud-cap-samples-java/.gitignore | 38 ---- .../cloud-cap-samples-java/mta.yaml | 170 ++++++++++++++++++ .../central-space/demoapp/.gitignore | 31 ---- .../personal-space/demoapp/.gitignore | 31 ---- 6 files changed, 340 insertions(+), 138 deletions(-) delete mode 100644 app/multi-tenant/central-space/cloud-cap-samples-java/.gitignore create mode 100644 app/multi-tenant/central-space/cloud-cap-samples-java/mta.yaml delete mode 100644 app/multi-tenant/personal-space/cloud-cap-samples-java/.gitignore create mode 100644 app/multi-tenant/personal-space/cloud-cap-samples-java/mta.yaml delete mode 100644 app/single-tenant/central-space/demoapp/.gitignore delete mode 100644 app/single-tenant/personal-space/demoapp/.gitignore diff --git a/app/multi-tenant/central-space/cloud-cap-samples-java/.gitignore b/app/multi-tenant/central-space/cloud-cap-samples-java/.gitignore deleted file mode 100644 index f9986b41c..000000000 --- a/app/multi-tenant/central-space/cloud-cap-samples-java/.gitignore +++ /dev/null @@ -1,38 +0,0 @@ -gen/ -edmx/ -schema-h2.sql -default-env.json -openapi.json -.env -.values.yaml - -bin/ -target/ -.java-version -.flattened-pom.xml -.classpath -.project -.settings -.vscode -.idea -*.iml - -node/ -node_modules/ - -.mta/ -*.mtar -mta.yaml - -*.log* -gc_history* -hs_err* -.DS_Store - -*.db -*.sqlite* - -.cdsrc-private.json - -/chart/ -.reloadtrigger diff --git a/app/multi-tenant/central-space/cloud-cap-samples-java/mta.yaml b/app/multi-tenant/central-space/cloud-cap-samples-java/mta.yaml new file mode 100644 index 000000000..1594e917e --- /dev/null +++ b/app/multi-tenant/central-space/cloud-cap-samples-java/mta.yaml @@ -0,0 +1,170 @@ +_schema-version: '2.1' +ID: bookshop-mt +version: 1.0.0 +description: "Multitenant Bookshop CAP Java Project with UI" +parameters: + enable-parallel-deployments: true +modules: +# --------------------- SERVER MODULE ------------------------ + - name: bookshop-mt-srv +# ------------------------------------------------------------ + type: java + path: srv + parameters: + memory: 1024M + disk-quota: 512M + buildpack: sap_java_buildpack_jakarta + properties: + SPRING_PROFILES_ACTIVE: cloud,sandbox + CDS_MULTITENANCY_APPUI_TENANTSEPARATOR: "-" + JBP_CONFIG_COMPONENTS: "jres: ['com.sap.xs.java.buildpack.jre.SAPMachineJRE']" + JBP_CONFIG_SAP_MACHINE_JRE: '{ version: 21.+ }' + REPOSITORY_ID: __REPOSITORY_ID__ # Placeholder for REPOSITORY_ID + INCOMING_CONNECTION_TIMEOUT: 12000000 + INCOMING_REQUEST_TIMEOUT: 12000000 + timeout: 12000000 + build-parameters: + builder: custom + commands: + - mvn clean package -DskipTests=true + build-result: target/*-exec.jar + requires: + - name: bookshop-mt-service-manager + - name: bookshop-mt-uaa + - name: bookshop-mt-saas-registry + - name: sdm + - name: mtx-api + properties: + CDS_MULTITENANCY_SIDECAR_URL: ~{mtx-url} + - name: app-api + properties: + CDS_MULTITENANCY_APPUI_URL: ~{app-url} + - name: cf-logging + provides: + - name: srv-api + properties: + srv-url: '${default-url}' +# --------------------- SIDECAR MODULE ----------------------- + - name: bookshop-mt-sidecar +# ------------------------------------------------------------ + type: nodejs + path: mtx/sidecar + parameters: + memory: 256M + disk-quota: 1024M + build-parameters: + builder: custom + build-result: gen + commands: + - npm run build + requires: + - name: bookshop-mt-srv + requires: + - name: bookshop-mt-service-manager + - name: bookshop-mt-uaa + - name: cf-logging + - name: sdm + provides: + - name: mtx-api + properties: + mtx-url: ${default-url} + hooks: + - name: upgrade-all + type: task + phases: + - blue-green.application.before-start.idle + - deploy.application.before-start + parameters: + name: upgrade + memory: 512M + disk-quota: 768M + command: npx -p @sap/cds-mtx cds-mtx upgrade "*" +# --------------------- APPROUTER MODULE --------------------- + - name: bookshop-mt-app +# ------------------------------------------------------------ + type: approuter.nodejs + path: app + + parameters: + memory: 256M + disk-quota: 512M + keep-existing-routes: true + host: ${space}-1-multi-pgnaicm + routes: + # - route: playground-agri-com-de2-subscriber-${space}-pgcnaim.${default-domain} + - route: sdm-dev-consumer-eu12-6uxoiqfk-${default-uri} + - route: sdmgoogleworkspace-cpok9mi1-${default-uri} + properties: + TENANT_HOST_PATTERN: ^(.*)-${default-uri} # testing only, use custom domain with wildcard for production + INCOMING_CONNECTION_TIMEOUT: 1200000 + INCOMING_REQUEST_TIMEOUT: 1200000 + timeout: 1200000 + requires: + - name: srv-api + group: destinations + properties: + name: backend + url: ~{srv-url} + forwardAuthToken: true + strictSSL: true + timeout: 1200000 + - name: bookshop-mt-uaa + provides: + - name: app-api + properties: + app-url: '${default-url}' + app-domain: '${domain}' +# --------------------- RESOURCES --------------------- +resources: +# ----------------------------------------------------- + - name: bookshop-mt-uaa + type: org.cloudfoundry.managed-service + parameters: + service: xsuaa + service-plan: application + path: ./xs-security-mt.json + config: # override xsappname as it needs to be unique + xsappname: bookshop-mt-${org}-${space} + oauth2-configuration: + credential-types: + - binding-secret + - x509 + redirect-uris: + - https://*.~{app-api/app-domain}/** + requires: + - name: app-api + - name: bookshop-mt-service-manager + type: org.cloudfoundry.managed-service + parameters: + service: service-manager + service-plan: container + - name: bookshop-mt-saas-registry + type: org.cloudfoundry.managed-service + parameters: + service: saas-registry + service-plan: application + config: + appName: bookshop-mt-${org}-${space} # this is the text on the tile + xsappname: bookshop-mt-${org}-${space} # this is the value from xsuaa.parameters.config.xsappname + appUrls: + getDependencies: ~{srv-api/srv-url}/mt/v1.0/subscriptions/dependencies + onSubscription: ~{srv-api/srv-url}/mt/v1.0/subscriptions/tenants/{tenantId} + onSubscriptionAsync: true + onUnSubscriptionAsync: true + onUpdateDependenciesAsync: true + callbackTimeoutMillis: 3600000 + displayName: Multitenancy App ${space} + description: Multitenancy App test deployed using job + category: 'Category' + requires: + - name: srv-api + - name: cf-logging + type: org.cloudfoundry.managed-service + parameters: + service: application-logs + service-plan: lite + - name: sdm + type: org.cloudfoundry.managed-service + parameters: + service: sdm + service-plan: standard diff --git a/app/multi-tenant/personal-space/cloud-cap-samples-java/.gitignore b/app/multi-tenant/personal-space/cloud-cap-samples-java/.gitignore deleted file mode 100644 index f9986b41c..000000000 --- a/app/multi-tenant/personal-space/cloud-cap-samples-java/.gitignore +++ /dev/null @@ -1,38 +0,0 @@ -gen/ -edmx/ -schema-h2.sql -default-env.json -openapi.json -.env -.values.yaml - -bin/ -target/ -.java-version -.flattened-pom.xml -.classpath -.project -.settings -.vscode -.idea -*.iml - -node/ -node_modules/ - -.mta/ -*.mtar -mta.yaml - -*.log* -gc_history* -hs_err* -.DS_Store - -*.db -*.sqlite* - -.cdsrc-private.json - -/chart/ -.reloadtrigger diff --git a/app/multi-tenant/personal-space/cloud-cap-samples-java/mta.yaml b/app/multi-tenant/personal-space/cloud-cap-samples-java/mta.yaml new file mode 100644 index 000000000..1594e917e --- /dev/null +++ b/app/multi-tenant/personal-space/cloud-cap-samples-java/mta.yaml @@ -0,0 +1,170 @@ +_schema-version: '2.1' +ID: bookshop-mt +version: 1.0.0 +description: "Multitenant Bookshop CAP Java Project with UI" +parameters: + enable-parallel-deployments: true +modules: +# --------------------- SERVER MODULE ------------------------ + - name: bookshop-mt-srv +# ------------------------------------------------------------ + type: java + path: srv + parameters: + memory: 1024M + disk-quota: 512M + buildpack: sap_java_buildpack_jakarta + properties: + SPRING_PROFILES_ACTIVE: cloud,sandbox + CDS_MULTITENANCY_APPUI_TENANTSEPARATOR: "-" + JBP_CONFIG_COMPONENTS: "jres: ['com.sap.xs.java.buildpack.jre.SAPMachineJRE']" + JBP_CONFIG_SAP_MACHINE_JRE: '{ version: 21.+ }' + REPOSITORY_ID: __REPOSITORY_ID__ # Placeholder for REPOSITORY_ID + INCOMING_CONNECTION_TIMEOUT: 12000000 + INCOMING_REQUEST_TIMEOUT: 12000000 + timeout: 12000000 + build-parameters: + builder: custom + commands: + - mvn clean package -DskipTests=true + build-result: target/*-exec.jar + requires: + - name: bookshop-mt-service-manager + - name: bookshop-mt-uaa + - name: bookshop-mt-saas-registry + - name: sdm + - name: mtx-api + properties: + CDS_MULTITENANCY_SIDECAR_URL: ~{mtx-url} + - name: app-api + properties: + CDS_MULTITENANCY_APPUI_URL: ~{app-url} + - name: cf-logging + provides: + - name: srv-api + properties: + srv-url: '${default-url}' +# --------------------- SIDECAR MODULE ----------------------- + - name: bookshop-mt-sidecar +# ------------------------------------------------------------ + type: nodejs + path: mtx/sidecar + parameters: + memory: 256M + disk-quota: 1024M + build-parameters: + builder: custom + build-result: gen + commands: + - npm run build + requires: + - name: bookshop-mt-srv + requires: + - name: bookshop-mt-service-manager + - name: bookshop-mt-uaa + - name: cf-logging + - name: sdm + provides: + - name: mtx-api + properties: + mtx-url: ${default-url} + hooks: + - name: upgrade-all + type: task + phases: + - blue-green.application.before-start.idle + - deploy.application.before-start + parameters: + name: upgrade + memory: 512M + disk-quota: 768M + command: npx -p @sap/cds-mtx cds-mtx upgrade "*" +# --------------------- APPROUTER MODULE --------------------- + - name: bookshop-mt-app +# ------------------------------------------------------------ + type: approuter.nodejs + path: app + + parameters: + memory: 256M + disk-quota: 512M + keep-existing-routes: true + host: ${space}-1-multi-pgnaicm + routes: + # - route: playground-agri-com-de2-subscriber-${space}-pgcnaim.${default-domain} + - route: sdm-dev-consumer-eu12-6uxoiqfk-${default-uri} + - route: sdmgoogleworkspace-cpok9mi1-${default-uri} + properties: + TENANT_HOST_PATTERN: ^(.*)-${default-uri} # testing only, use custom domain with wildcard for production + INCOMING_CONNECTION_TIMEOUT: 1200000 + INCOMING_REQUEST_TIMEOUT: 1200000 + timeout: 1200000 + requires: + - name: srv-api + group: destinations + properties: + name: backend + url: ~{srv-url} + forwardAuthToken: true + strictSSL: true + timeout: 1200000 + - name: bookshop-mt-uaa + provides: + - name: app-api + properties: + app-url: '${default-url}' + app-domain: '${domain}' +# --------------------- RESOURCES --------------------- +resources: +# ----------------------------------------------------- + - name: bookshop-mt-uaa + type: org.cloudfoundry.managed-service + parameters: + service: xsuaa + service-plan: application + path: ./xs-security-mt.json + config: # override xsappname as it needs to be unique + xsappname: bookshop-mt-${org}-${space} + oauth2-configuration: + credential-types: + - binding-secret + - x509 + redirect-uris: + - https://*.~{app-api/app-domain}/** + requires: + - name: app-api + - name: bookshop-mt-service-manager + type: org.cloudfoundry.managed-service + parameters: + service: service-manager + service-plan: container + - name: bookshop-mt-saas-registry + type: org.cloudfoundry.managed-service + parameters: + service: saas-registry + service-plan: application + config: + appName: bookshop-mt-${org}-${space} # this is the text on the tile + xsappname: bookshop-mt-${org}-${space} # this is the value from xsuaa.parameters.config.xsappname + appUrls: + getDependencies: ~{srv-api/srv-url}/mt/v1.0/subscriptions/dependencies + onSubscription: ~{srv-api/srv-url}/mt/v1.0/subscriptions/tenants/{tenantId} + onSubscriptionAsync: true + onUnSubscriptionAsync: true + onUpdateDependenciesAsync: true + callbackTimeoutMillis: 3600000 + displayName: Multitenancy App ${space} + description: Multitenancy App test deployed using job + category: 'Category' + requires: + - name: srv-api + - name: cf-logging + type: org.cloudfoundry.managed-service + parameters: + service: application-logs + service-plan: lite + - name: sdm + type: org.cloudfoundry.managed-service + parameters: + service: sdm + service-plan: standard diff --git a/app/single-tenant/central-space/demoapp/.gitignore b/app/single-tenant/central-space/demoapp/.gitignore deleted file mode 100644 index c161f228e..000000000 --- a/app/single-tenant/central-space/demoapp/.gitignore +++ /dev/null @@ -1,31 +0,0 @@ -**/gen/ -**/edmx/ -*.db -*.sqlite -*.sqlite-wal -*.sqlite-shm -schema*.sql -default-env.json - -**/bin/ -**/target/ -.flattened-pom.xml -.classpath -.project -.settings - -**/node/ -**/node_modules/ - -**/.mta/ -*.mtar - -*.log* -gc_history* -hs_err* -*.tgz -*.iml - -.vscode -.idea -.reloadtrigger diff --git a/app/single-tenant/personal-space/demoapp/.gitignore b/app/single-tenant/personal-space/demoapp/.gitignore deleted file mode 100644 index c161f228e..000000000 --- a/app/single-tenant/personal-space/demoapp/.gitignore +++ /dev/null @@ -1,31 +0,0 @@ -**/gen/ -**/edmx/ -*.db -*.sqlite -*.sqlite-wal -*.sqlite-shm -schema*.sql -default-env.json - -**/bin/ -**/target/ -.flattened-pom.xml -.classpath -.project -.settings - -**/node/ -**/node_modules/ - -**/.mta/ -*.mtar - -*.log* -gc_history* -hs_err* -*.tgz -*.iml - -.vscode -.idea -.reloadtrigger From 9f91dbab27e5423397aed9b9b856049c640e4426 Mon Sep 17 00:00:00 2001 From: vibhutikumar <160819926+vibhutikumar07@users.noreply.github.com> Date: Thu, 4 Jun 2026 17:38:41 +0530 Subject: [PATCH 04/11] Update multiTenancyDeployLocal.yml --- .github/workflows/multiTenancyDeployLocal.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/multiTenancyDeployLocal.yml b/.github/workflows/multiTenancyDeployLocal.yml index aa8f51ab5..1431fa707 100644 --- a/.github/workflows/multiTenancyDeployLocal.yml +++ b/.github/workflows/multiTenancyDeployLocal.yml @@ -85,7 +85,7 @@ jobs: - name: Set REPOSITORY_ID 🔍 id: set_repository_id run: | - echo "repository_id=${{ secrets.REPOSITORY_ID }}" >> $GITHUB_OUTPUT + echo "repository_id=${{ secrets.MULTITENANT_REPOSITORY_ID }}" >> $GITHUB_OUTPUT - name: Run mbt build 🔨 working-directory: app/multi-tenant/personal-space/cloud-cap-samples-java From ca9bc084760c11af9184acbc138442c30807d834 Mon Sep 17 00:00:00 2001 From: vibhutikumar <160819926+vibhutikumar07@users.noreply.github.com> Date: Thu, 4 Jun 2026 17:55:12 +0530 Subject: [PATCH 05/11] Update pom.xml --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 993d1f24f..8db2566c0 100644 --- a/pom.xml +++ b/pom.xml @@ -23,7 +23,7 @@ - 1.0.0-RC1 + 1.8.1-SNAPSHOT 21 ${java.version} ${java.version} From ec2cdb5a8d242494fbc98cbb25127cc1d8ff572b Mon Sep 17 00:00:00 2001 From: vibhutikumar <160819926+vibhutikumar07@users.noreply.github.com> Date: Thu, 4 Jun 2026 18:23:53 +0530 Subject: [PATCH 06/11] modified workflow --- .github/workflows/cfdeploy.yml | 4 ++-- .github/workflows/multi tenancy_Integration.yml | 4 +++- .github/workflows/multiTenancyDeployLocal.yml | 2 +- .github/workflows/multiTenant_deploy_and_Integration_test.yml | 4 ++-- .../multiTenant_deploy_and_Integration_test_LatestVersion.yml | 4 ++-- .../workflows/singleTenant_deploy_and_Integration_test.yml | 4 ++-- ...singleTenant_deploy_and_Integration_test_LatestVersion.yml | 4 ++-- .github/workflows/singleTenant_integration_test.yml | 3 ++- 8 files changed, 16 insertions(+), 13 deletions(-) diff --git a/.github/workflows/cfdeploy.yml b/.github/workflows/cfdeploy.yml index a7c27bdb4..6ce6258de 100644 --- a/.github/workflows/cfdeploy.yml +++ b/.github/workflows/cfdeploy.yml @@ -114,7 +114,7 @@ jobs: echo "::add-mask::$CF_USER" echo "::add-mask::$CF_PASSWORD" echo "::add-mask::$CF_ORG" - cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s ${{ github.event.inputs.cf_space }} + cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s ${{ github.event.inputs.cf_space }} > /dev/null echo "✅ Logged in successfully!" echo "🚀 Running cf deploy..." @@ -248,7 +248,7 @@ jobs: echo "::add-mask::$CF_USER" echo "::add-mask::$CF_PASSWORD" echo "::add-mask::$CF_ORG" - cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s ${{ github.event.inputs.cf_space }} + cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s ${{ github.event.inputs.cf_space }} > /dev/null echo "✅ Logged in successfully!" echo "🚀 Running cf deploy..." diff --git a/.github/workflows/multi tenancy_Integration.yml b/.github/workflows/multi tenancy_Integration.yml index e32aa421a..d1a53099e 100644 --- a/.github/workflows/multi tenancy_Integration.yml +++ b/.github/workflows/multi tenancy_Integration.yml @@ -83,18 +83,20 @@ jobs: CF_USER: ${{ secrets.CF_USER }} CF_PASSWORD: ${{ secrets.CF_PASSWORD }} CF_ORG: ${{ secrets.CF_ORG }} + CF_SPACE: ${{ secrets.CF_SPACE }} run: | set +x echo "::add-mask::$CF_API" echo "::add-mask::$CF_USER" echo "::add-mask::$CF_PASSWORD" echo "::add-mask::$CF_ORG" + echo "::add-mask::$CF_SPACE" echo "🔄 Logging in to Cloud Foundry using space: ${{ steps.determine_space.outputs.space }}" cf login -a "$CF_API" \ -u "$CF_USER" \ -p "$CF_PASSWORD" \ -o "$CF_ORG" \ - -s ${{ steps.determine_space.outputs.space }} + -s ${{ steps.determine_space.outputs.space }} > /dev/null - name: Fetch and Escape Client Details for single tenant 🔍 id: fetch_credentials diff --git a/.github/workflows/multiTenancyDeployLocal.yml b/.github/workflows/multiTenancyDeployLocal.yml index 1431fa707..d2126c701 100644 --- a/.github/workflows/multiTenancyDeployLocal.yml +++ b/.github/workflows/multiTenancyDeployLocal.yml @@ -124,7 +124,7 @@ jobs: echo "::add-mask::$CF_USER" echo "::add-mask::$CF_PASSWORD" echo "::add-mask::$CF_ORG" - cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s ${{ github.event.inputs.cf_space }} + cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s ${{ github.event.inputs.cf_space }} > /dev/null echo "✅ Logged in successfully!" # Deploy the application diff --git a/.github/workflows/multiTenant_deploy_and_Integration_test.yml b/.github/workflows/multiTenant_deploy_and_Integration_test.yml index f820c368d..8d71678f8 100644 --- a/.github/workflows/multiTenant_deploy_and_Integration_test.yml +++ b/.github/workflows/multiTenant_deploy_and_Integration_test.yml @@ -102,7 +102,7 @@ jobs: echo "::add-mask::$CF_PASSWORD" echo "::add-mask::$CF_ORG" echo "::add-mask::$CF_SPACE" - cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s "$CF_SPACE" + cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s "$CF_SPACE" > /dev/null echo "✅ Logged in successfully!" # Deploy the application @@ -192,7 +192,7 @@ jobs: -u "$CF_USER" \ -p "$CF_PASSWORD" \ -o "$CF_ORG" \ - -s "$CF_SPACE" + -s "$CF_SPACE" > /dev/null - name: Fetch and Escape Client Details for single tenant 🔍 id: fetch_credentials diff --git a/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml b/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml index 0ba8952d4..646f7a690 100644 --- a/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml +++ b/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml @@ -149,7 +149,7 @@ jobs: echo "::add-mask::$CF_PASSWORD" echo "::add-mask::$CF_ORG" echo "::add-mask::$CF_SPACE" - cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s "$CF_SPACE" + cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s "$CF_SPACE" > /dev/null echo "✅ Logged in successfully!" # Deploy the application @@ -239,7 +239,7 @@ jobs: -u "$CF_USER" \ -p "$CF_PASSWORD" \ -o "$CF_ORG" \ - -s "$CF_SPACE" + -s "$CF_SPACE" > /dev/null - name: Fetch and Escape Client Details for single tenant 🔍 id: fetch_credentials diff --git a/.github/workflows/singleTenant_deploy_and_Integration_test.yml b/.github/workflows/singleTenant_deploy_and_Integration_test.yml index 640abf6b9..5ae97eaa0 100644 --- a/.github/workflows/singleTenant_deploy_and_Integration_test.yml +++ b/.github/workflows/singleTenant_deploy_and_Integration_test.yml @@ -101,7 +101,7 @@ jobs: cf install-plugin multiapps -f # Login to Cloud Foundry again to ensure session is active - cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s "$CF_SPACE" + cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s "$CF_SPACE" > /dev/null # Deploy the application echo "Running cf deploy" @@ -176,7 +176,7 @@ jobs: -u "$CF_USER" \ -p "$CF_PASSWORD" \ -o "$CF_ORG" \ - -s "$CF_SPACE" + -s "$CF_SPACE" > /dev/null - name: Fetch and Escape Client Details for single tenant 🔍 id: fetch_credentials diff --git a/.github/workflows/singleTenant_deploy_and_Integration_test_LatestVersion.yml b/.github/workflows/singleTenant_deploy_and_Integration_test_LatestVersion.yml index c6411698d..491ee64a7 100644 --- a/.github/workflows/singleTenant_deploy_and_Integration_test_LatestVersion.yml +++ b/.github/workflows/singleTenant_deploy_and_Integration_test_LatestVersion.yml @@ -152,7 +152,7 @@ jobs: cf install-plugin multiapps -f # Login to Cloud Foundry again to ensure session is active - cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s "$CF_SPACE" + cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s "$CF_SPACE" > /dev/null # Deploy the application echo "Running cf deploy" @@ -227,7 +227,7 @@ jobs: -u "$CF_USER" \ -p "$CF_PASSWORD" \ -o "$CF_ORG" \ - -s "$CF_SPACE" + -s "$CF_SPACE" > /dev/null - name: Fetch and Escape Client Secret id: fetch_secret diff --git a/.github/workflows/singleTenant_integration_test.yml b/.github/workflows/singleTenant_integration_test.yml index d37c90eed..dbc1bf4f1 100644 --- a/.github/workflows/singleTenant_integration_test.yml +++ b/.github/workflows/singleTenant_integration_test.yml @@ -84,13 +84,14 @@ jobs: echo "::add-mask::$CF_USER" echo "::add-mask::$CF_PASSWORD" echo "::add-mask::$CF_ORG" + echo "::add-mask::${{ steps.determine_space.outputs.space }}" echo "🔄 Logging in to Cloud Foundry..." echo "Space Name: ${{ steps.determine_space.outputs.space }}" cf login -a "$CF_API" \ -u "$CF_USER" \ -p "$CF_PASSWORD" \ -o "$CF_ORG" \ - -s ${{ steps.determine_space.outputs.space }} + -s ${{ steps.determine_space.outputs.space }} > /dev/null echo "✅ Logged in successfully!" - name: Fetch and Escape Client Details for single tenant 🔍 From ff31082c1595c5193044d28fd83ba071c80e515d Mon Sep 17 00:00:00 2001 From: vibhutikumar <160819926+vibhutikumar07@users.noreply.github.com> Date: Thu, 4 Jun 2026 18:31:49 +0530 Subject: [PATCH 07/11] Added retry logic --- ...ngleTenant_deploy_and_Integration_test.yml | 22 ++++++++++++++++++- ...loy_and_Integration_test_LatestVersion.yml | 22 ++++++++++++++++++- .../singleTenant_integration_test.yml | 22 ++++++++++++++++++- 3 files changed, 63 insertions(+), 3 deletions(-) diff --git a/.github/workflows/singleTenant_deploy_and_Integration_test.yml b/.github/workflows/singleTenant_deploy_and_Integration_test.yml index 5ae97eaa0..354ef95c9 100644 --- a/.github/workflows/singleTenant_deploy_and_Integration_test.yml +++ b/.github/workflows/singleTenant_deploy_and_Integration_test.yml @@ -255,7 +255,27 @@ jobs: noSDMRoleUserPassword=$noSDMRoleUserPassword EOL echo "🎯 Running Maven integration tests for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}..." - mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java" + # mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java" + MAX_RETRIES=3 + ATTEMPT=0 + EXIT_CODE=1 + while [ $ATTEMPT -lt $MAX_RETRIES ]; do + ATTEMPT=$((ATTEMPT + 1)) + echo "🔄 Attempt $ATTEMPT of $MAX_RETRIES..." + if mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java"; then + echo "✅ Tests passed on attempt $ATTEMPT!" + EXIT_CODE=0 + break + else + if [ $ATTEMPT -lt $MAX_RETRIES ]; then + echo "⚠️ Attempt $ATTEMPT failed. Retrying in 30 seconds..." + sleep 30 + else + echo "❌ All $MAX_RETRIES attempts failed for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}." + fi + fi + done + exit $EXIT_CODE diff --git a/.github/workflows/singleTenant_deploy_and_Integration_test_LatestVersion.yml b/.github/workflows/singleTenant_deploy_and_Integration_test_LatestVersion.yml index 491ee64a7..c770abd8f 100644 --- a/.github/workflows/singleTenant_deploy_and_Integration_test_LatestVersion.yml +++ b/.github/workflows/singleTenant_deploy_and_Integration_test_LatestVersion.yml @@ -309,6 +309,26 @@ jobs: EOL # Run Maven integration tests echo "Running Maven integration tests for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}..." - mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java" + # mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java" + MAX_RETRIES=3 + ATTEMPT=0 + EXIT_CODE=1 + while [ $ATTEMPT -lt $MAX_RETRIES ]; do + ATTEMPT=$((ATTEMPT + 1)) + echo "🔄 Attempt $ATTEMPT of $MAX_RETRIES..." + if mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java"; then + echo "✅ Tests passed on attempt $ATTEMPT!" + EXIT_CODE=0 + break + else + if [ $ATTEMPT -lt $MAX_RETRIES ]; then + echo "⚠️ Attempt $ATTEMPT failed. Retrying in 30 seconds..." + sleep 30 + else + echo "❌ All $MAX_RETRIES attempts failed for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}." + fi + fi + done + exit $EXIT_CODE diff --git a/.github/workflows/singleTenant_integration_test.yml b/.github/workflows/singleTenant_integration_test.yml index dbc1bf4f1..538599761 100644 --- a/.github/workflows/singleTenant_integration_test.yml +++ b/.github/workflows/singleTenant_integration_test.yml @@ -171,4 +171,24 @@ jobs: noSDMRoleUserPassword=$noSDMRoleUserPassword EOL echo "🎯 Running Maven integration tests for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}..." - mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java" + # mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java" + MAX_RETRIES=3 + ATTEMPT=0 + EXIT_CODE=1 + while [ $ATTEMPT -lt $MAX_RETRIES ]; do + ATTEMPT=$((ATTEMPT + 1)) + echo "🔄 Attempt $ATTEMPT of $MAX_RETRIES..." + if mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=single -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java"; then + echo "✅ Tests passed on attempt $ATTEMPT!" + EXIT_CODE=0 + break + else + if [ $ATTEMPT -lt $MAX_RETRIES ]; then + echo "⚠️ Attempt $ATTEMPT failed. Retrying in 30 seconds..." + sleep 30 + else + echo "❌ All $MAX_RETRIES attempts failed for ${{ matrix.tokenFlow }} - ${{ matrix.testClass }}." + fi + fi + done + exit $EXIT_CODE From 9824d78ab31a6e3ff42731040e0ed45c122d9907 Mon Sep 17 00:00:00 2001 From: vibhutikumar <160819926+vibhutikumar07@users.noreply.github.com> Date: Thu, 4 Jun 2026 18:40:30 +0530 Subject: [PATCH 08/11] Added Retry logic --- .../workflows/multi tenancy_Integration.yml | 22 +++++++++++++++++-- ...ultiTenant_deploy_and_Integration_test.yml | 22 +++++++++++++++++-- ...loy_and_Integration_test_LatestVersion.yml | 22 +++++++++++++++++-- 3 files changed, 60 insertions(+), 6 deletions(-) diff --git a/.github/workflows/multi tenancy_Integration.yml b/.github/workflows/multi tenancy_Integration.yml index d1a53099e..e71b024ba 100644 --- a/.github/workflows/multi tenancy_Integration.yml +++ b/.github/workflows/multi tenancy_Integration.yml @@ -242,8 +242,26 @@ jobs: - name: Run integration tests (${{ matrix.testClass }} - ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}) 🎯 run: | echo "🎯 Running Maven integration tests: testClass=${{ matrix.testClass }}, tokenFlow=${{ matrix.tokenFlow }}, tenant=${{ matrix.tenant }}" - mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=multi -Dtenant=${{ matrix.tenant }} -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java" - echo "✅ Integration tests completed for ${{ matrix.testClass }} - ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}!" + MAX_RETRIES=3 + ATTEMPT=0 + EXIT_CODE=1 + while [ $ATTEMPT -lt $MAX_RETRIES ]; do + ATTEMPT=$((ATTEMPT + 1)) + echo "🔄 Attempt $ATTEMPT of $MAX_RETRIES..." + if mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=multi -Dtenant=${{ matrix.tenant }} -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java"; then + echo "✅ Tests passed on attempt $ATTEMPT!" + EXIT_CODE=0 + break + else + if [ $ATTEMPT -lt $MAX_RETRIES ]; then + echo "⚠️ Attempt $ATTEMPT failed. Retrying in 30 seconds..." + sleep 30 + else + echo "❌ All $MAX_RETRIES attempts failed for ${{ matrix.testClass }} - ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}." + fi + fi + done + exit $EXIT_CODE - name: Upload test results 📊 if: always() diff --git a/.github/workflows/multiTenant_deploy_and_Integration_test.yml b/.github/workflows/multiTenant_deploy_and_Integration_test.yml index 8d71678f8..32af4d264 100644 --- a/.github/workflows/multiTenant_deploy_and_Integration_test.yml +++ b/.github/workflows/multiTenant_deploy_and_Integration_test.yml @@ -339,8 +339,26 @@ jobs: - name: Run integration tests (${{ matrix.testClass }} - ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}) 🎯 run: | echo "🎯 Running Maven integration tests: testClass=${{ matrix.testClass }}, tokenFlow=${{ matrix.tokenFlow }}, tenant=${{ matrix.tenant }}" - mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=multi -Dtenant=${{ matrix.tenant }} -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java" - echo "✅ Integration tests completed for ${{ matrix.testClass }} - ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}!" + MAX_RETRIES=3 + ATTEMPT=0 + EXIT_CODE=1 + while [ $ATTEMPT -lt $MAX_RETRIES ]; do + ATTEMPT=$((ATTEMPT + 1)) + echo "🔄 Attempt $ATTEMPT of $MAX_RETRIES..." + if mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=multi -Dtenant=${{ matrix.tenant }} -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java"; then + echo "✅ Tests passed on attempt $ATTEMPT!" + EXIT_CODE=0 + break + else + if [ $ATTEMPT -lt $MAX_RETRIES ]; then + echo "⚠️ Attempt $ATTEMPT failed. Retrying in 30 seconds..." + sleep 30 + else + echo "❌ All $MAX_RETRIES attempts failed for ${{ matrix.testClass }} - ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}." + fi + fi + done + exit $EXIT_CODE - name: Upload test results 📊 if: always() diff --git a/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml b/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml index 646f7a690..e673e07d0 100644 --- a/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml +++ b/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml @@ -386,8 +386,26 @@ jobs: - name: Run integration tests (${{ matrix.testClass }} - ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}) 🎯 run: | echo "🎯 Running Maven integration tests: testClass=${{ matrix.testClass }}, tokenFlow=${{ matrix.tokenFlow }}, tenant=${{ matrix.tenant }}" - mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=multi -Dtenant=${{ matrix.tenant }} -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java" - echo "✅ Integration tests completed for ${{ matrix.testClass }} - ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}!" + MAX_RETRIES=3 + ATTEMPT=0 + EXIT_CODE=1 + while [ $ATTEMPT -lt $MAX_RETRIES ]; do + ATTEMPT=$((ATTEMPT + 1)) + echo "🔄 Attempt $ATTEMPT of $MAX_RETRIES..." + if mvn clean verify -P integration-tests -DtokenFlow=${{ matrix.tokenFlow }} -DtenancyModel=multi -Dtenant=${{ matrix.tenant }} -DskipUnitTests -Dfailsafe.includes="**/${{ matrix.testClass }}.java"; then + echo "✅ Tests passed on attempt $ATTEMPT!" + EXIT_CODE=0 + break + else + if [ $ATTEMPT -lt $MAX_RETRIES ]; then + echo "⚠️ Attempt $ATTEMPT failed. Retrying in 30 seconds..." + sleep 30 + else + echo "❌ All $MAX_RETRIES attempts failed for ${{ matrix.testClass }} - ${{ matrix.tokenFlow }} - ${{ matrix.tenant }}." + fi + fi + done + exit $EXIT_CODE - name: Upload test results 📊 if: always() From 881914a6a5acb84319f01237006eae084e9aab34 Mon Sep 17 00:00:00 2001 From: vibhutikumar <160819926+vibhutikumar07@users.noreply.github.com> Date: Thu, 4 Jun 2026 18:48:31 +0530 Subject: [PATCH 09/11] modified workflow --- .github/workflows/cfdeploy.yml | 20 +++++++++---------- ...ultiTenant_deploy_and_Integration_test.yml | 16 +++++++-------- ...loy_and_Integration_test_LatestVersion.yml | 16 +++++++-------- ...ngleTenant_deploy_and_Integration_test.yml | 6 ++++++ ...loy_and_Integration_test_LatestVersion.yml | 6 ++++++ 5 files changed, 38 insertions(+), 26 deletions(-) diff --git a/.github/workflows/cfdeploy.yml b/.github/workflows/cfdeploy.yml index 6ce6258de..c352b8636 100644 --- a/.github/workflows/cfdeploy.yml +++ b/.github/workflows/cfdeploy.yml @@ -73,6 +73,11 @@ jobs: - name: Prepare and Deploy to Cloud Foundry ☁️ run: | + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" echo "🔄 Preparing to deploy..." echo "Current Branch: 📂" git branch @@ -109,11 +114,6 @@ jobs: cf install-plugin multiapps -f echo "🔑 Logging into Cloud Foundry..." - set +x - echo "::add-mask::$CF_API" - echo "::add-mask::$CF_USER" - echo "::add-mask::$CF_PASSWORD" - echo "::add-mask::$CF_ORG" cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s ${{ github.event.inputs.cf_space }} > /dev/null echo "✅ Logged in successfully!" @@ -207,6 +207,11 @@ jobs: - name: Prepare and Deploy to Cloud Foundry ☁️ run: | + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" echo "🔄 Preparing to deploy..." echo "Current Branch: 📂" git branch @@ -243,11 +248,6 @@ jobs: cf install-plugin multiapps -f echo "🔑 Logging into Cloud Foundry..." - set +x - echo "::add-mask::$CF_API" - echo "::add-mask::$CF_USER" - echo "::add-mask::$CF_PASSWORD" - echo "::add-mask::$CF_ORG" cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s ${{ github.event.inputs.cf_space }} > /dev/null echo "✅ Logged in successfully!" diff --git a/.github/workflows/multiTenant_deploy_and_Integration_test.yml b/.github/workflows/multiTenant_deploy_and_Integration_test.yml index 32af4d264..54ed383c6 100644 --- a/.github/workflows/multiTenant_deploy_and_Integration_test.yml +++ b/.github/workflows/multiTenant_deploy_and_Integration_test.yml @@ -82,7 +82,13 @@ jobs: CF_ORG: ${{ secrets.CF_ORG }} CF_SPACE: ${{ secrets.CF_SPACE }} run: | - echo "🚀 Deploying to $CF_SPACE..." + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + echo "::add-mask::$CF_SPACE" + echo "🚀 Deploying..." echo "🔧 Installing Cloud Foundry CLI and plugins..." # Install cf CLI plugin @@ -96,12 +102,6 @@ jobs: # Login to Cloud Foundry again to ensure session is active echo "🔑 Logging in to Cloud Foundry..." - set +x - echo "::add-mask::$CF_API" - echo "::add-mask::$CF_USER" - echo "::add-mask::$CF_PASSWORD" - echo "::add-mask::$CF_ORG" - echo "::add-mask::$CF_SPACE" cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s "$CF_SPACE" > /dev/null echo "✅ Logged in successfully!" @@ -181,13 +181,13 @@ jobs: CF_ORG: ${{ secrets.CF_ORG }} CF_SPACE: ${{ secrets.CF_SPACE }} run: | - echo "🔄 Logging in to Cloud Foundry using space: ${{ steps.determine_space.outputs.space }}" set +x echo "::add-mask::$CF_API" echo "::add-mask::$CF_USER" echo "::add-mask::$CF_PASSWORD" echo "::add-mask::$CF_ORG" echo "::add-mask::$CF_SPACE" + echo "🔄 Logging in to Cloud Foundry..." cf login -a "$CF_API" \ -u "$CF_USER" \ -p "$CF_PASSWORD" \ diff --git a/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml b/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml index e673e07d0..8ceb9cb5f 100644 --- a/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml +++ b/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml @@ -129,7 +129,13 @@ jobs: CF_ORG: ${{ secrets.CF_ORG }} CF_SPACE: ${{ secrets.CF_SPACE }} run: | - echo "🚀 Deploying to $CF_SPACE..." + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + echo "::add-mask::$CF_SPACE" + echo "🚀 Deploying..." echo "🔧 Installing Cloud Foundry CLI and plugins..." # Install cf CLI plugin @@ -143,12 +149,6 @@ jobs: # Login to Cloud Foundry again to ensure session is active echo "🔑 Logging in to Cloud Foundry..." - set +x - echo "::add-mask::$CF_API" - echo "::add-mask::$CF_USER" - echo "::add-mask::$CF_PASSWORD" - echo "::add-mask::$CF_ORG" - echo "::add-mask::$CF_SPACE" cf login -a "$CF_API" -u "$CF_USER" -p "$CF_PASSWORD" -o "$CF_ORG" -s "$CF_SPACE" > /dev/null echo "✅ Logged in successfully!" @@ -228,13 +228,13 @@ jobs: CF_ORG: ${{ secrets.CF_ORG }} CF_SPACE: ${{ secrets.CF_SPACE }} run: | - echo "🔄 Logging in to Cloud Foundry using space: ${{ steps.determine_space.outputs.space }}" set +x echo "::add-mask::$CF_API" echo "::add-mask::$CF_USER" echo "::add-mask::$CF_PASSWORD" echo "::add-mask::$CF_ORG" echo "::add-mask::$CF_SPACE" + echo "🔄 Logging in to Cloud Foundry..." cf login -a "$CF_API" \ -u "$CF_USER" \ -p "$CF_PASSWORD" \ diff --git a/.github/workflows/singleTenant_deploy_and_Integration_test.yml b/.github/workflows/singleTenant_deploy_and_Integration_test.yml index 354ef95c9..f62e5f3ee 100644 --- a/.github/workflows/singleTenant_deploy_and_Integration_test.yml +++ b/.github/workflows/singleTenant_deploy_and_Integration_test.yml @@ -68,6 +68,12 @@ jobs: - name: Prepare and Deploy to Cloud Foundry run: | + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + echo "::add-mask::$CF_SPACE" echo "Current Branch......" git branch pwd diff --git a/.github/workflows/singleTenant_deploy_and_Integration_test_LatestVersion.yml b/.github/workflows/singleTenant_deploy_and_Integration_test_LatestVersion.yml index c770abd8f..a4991ba6c 100644 --- a/.github/workflows/singleTenant_deploy_and_Integration_test_LatestVersion.yml +++ b/.github/workflows/singleTenant_deploy_and_Integration_test_LatestVersion.yml @@ -119,6 +119,12 @@ jobs: - name: Prepare and Deploy to Cloud Foundry run: | + set +x + echo "::add-mask::$CF_API" + echo "::add-mask::$CF_USER" + echo "::add-mask::$CF_PASSWORD" + echo "::add-mask::$CF_ORG" + echo "::add-mask::$CF_SPACE" echo "Current Branch......" git branch pwd From b657f645f10b15415311a18a7f1acde434f4b53b Mon Sep 17 00:00:00 2001 From: vibhutikumar <160819926+vibhutikumar07@users.noreply.github.com> Date: Thu, 4 Jun 2026 18:52:01 +0530 Subject: [PATCH 10/11] updated sdm version --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 8db2566c0..993d1f24f 100644 --- a/pom.xml +++ b/pom.xml @@ -23,7 +23,7 @@ - 1.8.1-SNAPSHOT + 1.0.0-RC1 21 ${java.version} ${java.version} From 91ca2338934204a8f19485856711a8322fa573be Mon Sep 17 00:00:00 2001 From: vibhutikumar <160819926+vibhutikumar07@users.noreply.github.com> Date: Fri, 5 Jun 2026 08:56:32 +0530 Subject: [PATCH 11/11] Updated sdm version in pom --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 993d1f24f..8db2566c0 100644 --- a/pom.xml +++ b/pom.xml @@ -23,7 +23,7 @@ - 1.0.0-RC1 + 1.8.1-SNAPSHOT 21 ${java.version} ${java.version}