Skip to content

integration-test

integration-test #18

# Copyright (c) IBM Corporation.
# Copyright (c) Microsoft Corporation.
name: integration-test
on:
workflow_dispatch:
inputs:
selectLoadBalancer:
description: 'Select a load balancer'
required: true
default: 'ihs'
type: choice
options:
- 'ihs'
- 'appgw'
- 'none'
databaseType:
description: 'Database connection'
required: true
default: 'db2'
type: choice
options:
- db2
- oracle
- sqlserver
- sqlserver-passwordless
- postgres
- none
deleteAzureResources:
description: 'Delete Azure resources at the end'
required: true
type: boolean
default: true
ndImageResourceId:
description: 'Private ND vm image resource id. Only requried for ND VM image cicd, ignore it otherwise.'
required: false
ihsImageResourceId:
description: 'Private IHS vm image resource id. Only requried for IHS VM image cicd, ignore it otherwise.'
required: false
location:
description: 'Location of the Azure resources'
required: true
type: string
default: 'eastus2'
configurations_for_it:
description: "JSON string of environment variables used for IT"
required: false
default: '{}'
# Allows you to run this workflow using GitHub APIs
# PERSONAL_ACCESS_TOKEN=<GITHUB_PERSONAL_ACCESS_TOKEN>
# REPO_NAME=WASdev/azure.websphere-traditional.cluster
# Select a load balancer, enable database connection and delete Azure resources at the end. Specify the desired load balancer type (ihs, appgw, none) for parameter "selectLoadBalancer". Specify the desired database type (db2, oracle, sqlserver, postgres) for parameter "databaseType".
# curl --verbose -XPOST -u "WASdev:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/actions/workflows/integration-test.yaml/dispatches --data '{"ref": "main", "inputs":{"selectLoadBalancer": "ihs", "databaseType": "db2"}}'
# Select a load balancer, enable database connection and keep Azure resources at the end. Specify the desired load balancer type (ihs, appgw, none) for parameter "selectLoadBalancer". Specify the desired database type (db2, oracle, sqlserver, postgres) for parameter "databaseType".
# curl --verbose -XPOST -u "WASdev:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/actions/workflows/integration-test.yaml/dispatches --data '{"ref": "main", "inputs":{"selectLoadBalancer": "ihs", "databaseType": "db2", "deleteAzureResources": "false"}}'
# Select a load balancer, disable database connection and delete Azure resources at the end. Specify the desired load balancer type (ihs, appgw, none) for parameter "selectLoadBalancer".
# curl --verbose -XPOST -u "WASdev:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/actions/workflows/integration-test.yaml/dispatches --data '{"ref": "main", "inputs":{"selectLoadBalancer": "ihs", "databaseType": "none"}}'
# Select a load balancer, disable database connection and keep Azure resources at the end. Specify the desired load balancer type (ihs, appgw, none) for parameter "selectLoadBalancer".
# curl --verbose -XPOST -u "WASdev:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/actions/workflows/integration-test.yaml/dispatches --data '{"ref": "main", "inputs":{"selectLoadBalancer": "ihs", "databaseType": "none", "deleteAzureResources": "false"}}'
repository_dispatch:
types: [integration-test]
# sample request
# PERSONAL_ACCESS_TOKEN=<GITHUB_PERSONAL_ACCESS_TOKEN>
# REPO_NAME=WASdev/azure.websphere-traditional.cluster
# Select a load balancer, enable database connection and delete Azure resources at the end. Specify the desired load balancer type (ihs, appgw, none) for parameter "selectLoadBalancer". Specify the desired database type (db2, oracle, sqlserver, postgres) for parameter "databaseType".
# curl --verbose -X POST https://api.github.com/repos/${REPO_NAME}/dispatches -H "Accept: application/vnd.github.everest-preview+json" -H "Authorization: token ${PERSONAL_ACCESS_TOKEN}" --data '{"event_type": "integration-test", "client_payload": {"selectLoadBalancer": "ihs", "databaseType": "db2", "deleteAzureResources": true}}'
# Select a load balancer, enable database connection and keep Azure resources at the end. Specify the desired load balancer type (ihs, appgw, none) for parameter "selectLoadBalancer". Specify the desired database type (db2, oracle, sqlserver, postgres) for parameter "databaseType".
# curl --verbose -X POST https://api.github.com/repos/${REPO_NAME}/dispatches -H "Accept: application/vnd.github.everest-preview+json" -H "Authorization: token ${PERSONAL_ACCESS_TOKEN}" --data '{"event_type": "integration-test", "client_payload": {"selectLoadBalancer": "ihs", "databaseType": "db2", "deleteAzureResources": false}}'
# Select a load balancer, disable database connection and delete Azure resources at the end. Specify the desired load balancer type (ihs, appgw, none) for parameter "selectLoadBalancer".
# curl --verbose -X POST https://api.github.com/repos/${REPO_NAME}/dispatches -H "Accept: application/vnd.github.everest-preview+json" -H "Authorization: token ${PERSONAL_ACCESS_TOKEN}" --data '{"event_type": "integration-test", "client_payload": {"selectLoadBalancer": "ihs", "databaseType": "none", "deleteAzureResources": true}}'
# Select a load balancer, disable database connection and keep Azure resources at the end. Specify the desired load balancer type (ihs, appgw, none) for parameter "selectLoadBalancer".
# curl --verbose -X POST https://api.github.com/repos/${REPO_NAME}/dispatches -H "Accept: application/vnd.github.everest-preview+json" -H "Authorization: token ${PERSONAL_ACCESS_TOKEN}" --data '{"event_type": "integration-test", "client_payload": {"selectLoadBalancer": "ihs", "databaseType": "none", "deleteAzureResources": false}}'
env:
repoName: "azure.websphere-traditional.cluster"
azureCredentials: ${{ secrets.AZURE_CREDENTIALS }}
userName: ${{ secrets.USER_NAME }}
msTeamsWebhook: ${{ secrets.MSTEAMS_WEBHOOK }}
vmAdminId: ${{ secrets.VM_ADMIN_ID }}
vmAdminPassword: ${{ secrets.VM_ADMIN_PASSWORD }}
dbInstanceName: db${{ github.run_id }}${{ github.run_number }}
dbPassword: ${{ secrets.DATABASE_PASSWORD }}
uamiName: uami${{ github.run_id }}${{ github.run_number }}
testResourceGroup: twasClusterTestRG-${{ github.repository_owner }}-${{ github.run_id }}-${{ github.run_number }}
testDeploymentName: twasClusterTestDeployment-${{ github.run_id }}-${{ github.run_number }}
location: ${{ github.event.inputs.location || 'eastus2' }}
scriptLocation: https://raw.githubusercontent.com/${{ secrets.USER_NAME }}/azure.websphere-traditional.cluster/$GITHUB_REF_NAME/test/
curlParameters: "--connect-timeout 60 --max-time 180 --retry 10 --retry-delay 30 --retry-max-time 180"
jobs:
integration-test:
runs-on: ubuntu-latest
steps:
- name: Set dynamic env from configurations_for_it
run: |
echo '${{ inputs.configurations_for_it }}' > config.json
# return error if the json is not valid
if ! jq empty config.json; then
echo "Invalid JSON in configurations_for_it"
exit 1
fi
# Set environment variables for top-level keys only (non-nested)
for key in $(jq -r 'to_entries | map(select(.value | type != "object")) | map(.key) | .[]' config.json); do
value=$(jq -r --arg k "$key" '.[$k]' config.json)
# Only set valid environment variable names
if [[ "$key" =~ ^[a-zA-Z_][a-zA-Z0-9_]*$ ]]; then
echo "$key=$value"
echo "$key=$value" >> $GITHUB_ENV
fi
done
# Set nested objects as JSON strings for jq access
if jq -e '.vnetForCluster' config.json > /dev/null 2>&1; then
vnetForClusterJson=$(jq -c '.vnetForCluster' config.json)
echo "vnetForCluster=${vnetForClusterJson}" >> $GITHUB_ENV
fi
- name: Get versions of external dependencies
run: |
curl -Lo external-deps-versions.properties https://raw.githubusercontent.com/Azure/azure-javaee-iaas/main/external-deps-versions.properties
source external-deps-versions.properties
echo "bicepVersion=${BICEP_VERSION}" >> $GITHUB_ENV
- name: Set up JDK 11
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: '11'
server-id: github # Value of the distributionManagement/repository/id field of the pom.xml
server-username: MAVEN_USERNAME # env variable for username
server-password: MAVEN_TOKEN # env variable for token
- name: Set Maven env
env:
MAVEN_USERNAME: github
MAVEN_TOKEN: ${{ secrets.GITHUB_TOKEN }}
shell: bash
run: |
echo "MAVEN_USERNAME=${MAVEN_USERNAME}" >> "$GITHUB_ENV"
echo "MAVEN_TOKEN=${MAVEN_TOKEN}" >> "$GITHUB_ENV"
- name: Set up bicep
run: |
curl -Lo bicep https://github.com/Azure/bicep/releases/download/${{ env.bicepVersion }}/bicep-linux-x64
chmod +x ./bicep
sudo mv ./bicep /usr/local/bin/bicep
bicep --version
- name: Checkout arm-ttk
uses: actions/checkout@v3
with:
repository: Azure/arm-ttk
path: arm-ttk
- name: Checkout ${{ env.repoName }}
uses: actions/checkout@v3
with:
path: ${{ env.repoName }}
ref: ${{ github.event.inputs.ref }}
- name: Checkout websphere-cafe
uses: actions/checkout@v3
with:
repository: Azure-Samples/websphere-cafe
path: websphere-cafe
- uses: azure/login@v1
id: azure-login
with:
creds: ${{ env.azureCredentials }}
- name: Create Azure resource group
id: create-resource-group
run: |
echo "Creating Azure resource group: ${{ env.testResourceGroup }}"
az group create --name ${{ env.testResourceGroup }} --location ${{ env.location }}
- name: Provision Azure Vnet
id: vnet-provision
if: ${{ env.newOrExistingVnetForCluster == 'existing' }}
run: |
echo "Provisioning Azure Vnet with subnet"
vnetName=$(echo '${{ env.vnetForCluster }}' | jq -r '.name')
gatewaySubnetName=$(echo '${{ env.vnetForCluster }}' | jq -r '.subnets.gatewaySubnet.name')
clusterSubnetName=$(echo '${{ env.vnetForCluster }}' | jq -r '.subnets.clusterSubnet.name')
az network vnet create \
--resource-group ${{ env.testResourceGroup }} \
--location ${{ env.location }} \
--name "${vnetName}" \
--address-prefix 10.0.0.0/28 \
--subnet-name "${gatewaySubnetName}" \
--subnet-prefix 10.0.0.0/29
az network vnet subnet create \
--resource-group ${{ env.testResourceGroup }} \
--vnet-name "${vnetName}" \
--name "${clusterSubnetName}" \
--address-prefix 10.0.0.8/29
- name: Deploy an IBM DB2 server on Azure VM
if: ${{ inputs.databaseType == 'db2' || github.event.client_payload.databaseType == 'db2' }}
run: |
az vm create \
--resource-group ${{ env.testResourceGroup }} --name ${{ env.dbInstanceName }} \
--image "Canonical:0001-com-ubuntu-server-jammy:22_04-lts:latest" \
--admin-username azureuser --generate-ssh-keys \
--nsg-rule NONE --enable-agent true \
--vnet-name ${{ env.dbInstanceName }}VNET --enable-auto-update false \
--tags SkipASMAzSecPack=true SkipNRMSCorp=true SkipNRMSDatabricks=true SkipNRMSDB=true SkipNRMSHigh=true SkipNRMSMedium=true SkipNRMSRDPSSH=true SkipNRMSSAW=true SkipNRMSMgmt=true
az vm open-port -g ${{ env.testResourceGroup }} -n ${{ env.dbInstanceName }} --port 50000 --priority 100
az vm extension set --name CustomScript \
--extension-instance-name install-db2-in-docker \
--resource-group ${{ env.testResourceGroup }} --vm-name ${{ env.dbInstanceName }} \
--publisher Microsoft.Azure.Extensions --version 2.0 \
--settings "{\"fileUris\": [\"${{ env.scriptLocation }}install-db2.sh\"]}" \
--protected-settings "{\"commandToExecute\":\"bash install-db2.sh ${{ env.dbPassword }}\"}"
- name: Deploy an Oracle database server on Azure VM
if: ${{ inputs.databaseType == 'oracle' || github.event.client_payload.databaseType == 'oracle' }}
run: |
az vm create \
--resource-group ${{ env.testResourceGroup }} --name ${{ env.dbInstanceName }} \
--image Oracle:oracle-database-19-3:oracle-database-19-0904:latest --size Standard_DS2_v2 \
--admin-username azureuser --generate-ssh-keys \
--nsg-rule NONE --enable-agent true \
--vnet-name ${{ env.dbInstanceName }}VNET --enable-auto-update false \
--tags SkipASMAzSecPack=true SkipNRMSCorp=true SkipNRMSDatabricks=true SkipNRMSDB=true SkipNRMSHigh=true SkipNRMSMedium=true SkipNRMSRDPSSH=true SkipNRMSSAW=true SkipNRMSMgmt=true
az vm disk attach --name oradata01 --new --resource-group ${{ env.testResourceGroup }} --vm-name ${{ env.dbInstanceName }} --size-gb 64 --sku StandardSSD_LRS
az vm open-port -g ${{ env.testResourceGroup }} -n ${{ env.dbInstanceName }} --port 1521,5502 --priority 100
az vm extension set --name CustomScript \
--extension-instance-name install-oracle \
--resource-group ${{ env.testResourceGroup }} --vm-name ${{ env.dbInstanceName }} \
--publisher Microsoft.Azure.Extensions --version 2.0 \
--settings "{\"fileUris\": [\"${{ env.scriptLocation }}install-oracle-main.sh\", \"${{ env.scriptLocation }}install-oracle.sh\"]}" \
--protected-settings "{\"commandToExecute\":\"bash install-oracle-main.sh ${{ env.dbPassword }}\"}"
- name: Deploy an instance of Azure SQL Database
if: ${{ inputs.databaseType == 'sqlserver' || inputs.databaseType == 'sqlserver-passwordless' || github.event.client_payload.databaseType == 'sqlserver' || github.event.client_payload.databaseType == 'sqlserver-passwordless' }}
run: |
# Extract service principal details from the credentials
SP_CLIENT_ID=$(echo '${{ env.azureCredentials }}' | jq -r '.clientId')
# Create an Azure SQL server with system-assigned managed identity and assign the service principal logged into the Azure CLI as an Entra admin
az sql server create \
--resource-group ${{ env.testResourceGroup }} --name ${{ env.dbInstanceName }} \
--admin-user testuser --admin-password ${{ env.dbPassword }} \
--assign-identity \
--external-admin-principal-type Application \
--external-admin-name $SP_CLIENT_ID \
--external-admin-sid $(az ad sp show --id $SP_CLIENT_ID --query id -o tsv) \
--location ${{ env.location }}
host=$(az sql server show \
--resource-group ${{ env.testResourceGroup }} --name ${{ env.dbInstanceName }} \
--query "fullyQualifiedDomainName" -o tsv)
echo "sqlserverHost=${host}" >> $GITHUB_ENV
# Allow Azure services to access
az sql server firewall-rule create \
--resource-group ${{ env.testResourceGroup }} --server ${{ env.dbInstanceName }} \
--name "AllowAllAzureIps" --start-ip-address 0.0.0.0 --end-ip-address 0.0.0.0
az sql db create --resource-group ${{ env.testResourceGroup }} --server ${{ env.dbInstanceName }} --name testdb
if [[ "${{ inputs.databaseType }}" == "sqlserver-passwordless" || "${{ github.event.client_payload.databaseType }}" == "sqlserver-passwordless" ]]; then
# Assign Directory Readers permission to the SQL Server's system-assigned managed identity
# Get the SQL Server's system-assigned managed identity's principal ID
SQL_SERVER_IDENTITY_PRINCIPAL_ID=$(az sql server show \
--resource-group ${{ env.testResourceGroup }} \
--name ${{ env.dbInstanceName }} \
--query "identity.principalId" -o tsv)
# Add the SQL Server managed identity to the Directory Readers role
# https://learn.microsoft.com/en-us/entra/identity/role-based-access-control/permissions-reference#all-roles
DIRECTORY_READERS_ROLE_TEMPLATE_ID=88d8e3e3-8f55-4a1e-953a-9b9898b8876b
az rest --method POST \
--uri "https://graph.microsoft.com/v1.0/directoryRoles/roleTemplateId=$DIRECTORY_READERS_ROLE_TEMPLATE_ID/members/\$ref" \
--headers "Content-Type=application/json" \
--body "{\"@odata.id\":\"https://graph.microsoft.com/v1.0/directoryObjects/$SQL_SERVER_IDENTITY_PRINCIPAL_ID\"}"
# Create a user-assigned managed identity
az identity create --name ${{ env.uamiName }} --resource-group ${{ env.testResourceGroup }}
# Export the resource ID of the user-assigned managed identity as an environment variable
uamiId=$(az identity show --name ${{ env.uamiName }} --resource-group ${{ env.testResourceGroup }} --query id -o tsv)
echo "uamiId=${uamiId}" >> $GITHUB_ENV
# Create a SQL user for the managed identity for Microsoft Entra authentication
export SERVER_NAME=${host}
export DATABASE_NAME=testdb
export SQL_QUERY="CREATE USER \"${{ env.uamiName }}\" FROM EXTERNAL PROVIDER;GRANT CONTROL ON DATABASE::\"${DATABASE_NAME}\" TO \"${{ env.uamiName }}\";"
mvn clean package --file websphere-cafe/util/azure-sql-query/pom.xml
java -jar websphere-cafe/util/azure-sql-query/target/azure-sql-query-1.0-SNAPSHOT-jar-with-dependencies.jar
fi
- name: Deploy an instance of Azure Database for PostgreSQL Flexible Server
if: ${{ inputs.databaseType == 'postgres' || github.event.client_payload.databaseType == 'postgres' }}
run: |
# Create a PostgreSQL Flexible Server that allows Azure services to access
az postgres flexible-server create \
--resource-group ${{ env.testResourceGroup }} --name ${{ env.dbInstanceName }} --database-name testdb \
--admin-user testuser --admin-password ${{ env.dbPassword }} --public-access 0.0.0.0 \
--location ${{ env.location }} --sku-name Standard_B1ms --tier Burstable
host=$(az postgres flexible-server show \
--resource-group ${{ env.testResourceGroup }} --name ${{ env.dbInstanceName }} \
--query "fullyQualifiedDomainName" -o tsv)
echo "postgresqlHost=${host}" >> $GITHUB_ENV
- name: Build ${{ env.repoName }}
run: |
enableDB=false
databaseType=db2
dsConnectionURL=jdbc:db2://contoso.db2.database:50000/sample
dbUser=contosoDbUser
enablePswlessConnection=false
if ${{ inputs.databaseType == 'db2' || github.event.client_payload.databaseType == 'db2' }}; then
enableDB=true
databaseType=db2
publicIp=$(az vm show -g ${{ env.testResourceGroup }} -n ${{ env.dbInstanceName }} -d --query publicIps -o tsv)
dsConnectionURL=jdbc:db2://${publicIp}:50000/sample
dbUser=db2inst1
elif ${{ inputs.databaseType == 'oracle' || github.event.client_payload.databaseType == 'oracle' }}; then
enableDB=true
databaseType=oracle
publicIp=$(az vm show -g ${{ env.testResourceGroup }} -n ${{ env.dbInstanceName }} -d --query publicIps -o tsv)
dsConnectionURL=jdbc:oracle:thin:@${publicIp}:1521/oratest1
dbUser=testuser
elif ${{ inputs.databaseType == 'sqlserver' || github.event.client_payload.databaseType == 'sqlserver' }}; then
enableDB=true
databaseType=sqlserver
dsConnectionURL="jdbc:sqlserver://${{ env.sqlserverHost }}:1433;database=testdb"
dbUser=testuser@${{ env.dbInstanceName }}
elif ${{ inputs.databaseType == 'sqlserver-passwordless' || github.event.client_payload.databaseType == 'sqlserver-passwordless' }}; then
enableDB=true
databaseType=sqlserver
dsConnectionURL="jdbc:sqlserver://${{ env.sqlserverHost }}:1433;database=testdb"
enablePswlessConnection=true
elif ${{ inputs.databaseType == 'postgres' || github.event.client_payload.databaseType == 'postgres' }}; then
enableDB=true
databaseType=postgres
dsConnectionURL="jdbc:postgresql://${{ env.postgresqlHost }}:5432/testdb"
dbUser=testuser
fi
echo "enableDB=${enableDB}" >> $GITHUB_ENV
selectLoadBalancer=none
if ${{ inputs.selectLoadBalancer == 'ihs' || github.event.client_payload.selectLoadBalancer == 'ihs' }}; then
selectLoadBalancer=ihs
elif ${{ inputs.selectLoadBalancer == 'appgw' || github.event.client_payload.selectLoadBalancer == 'appgw' }}; then
selectLoadBalancer=appgw
fi
echo "selectLoadBalancer=${selectLoadBalancer}" >> $GITHUB_ENV
if ${{ env.entitled == 'true' }}; then
echo "Deploy with existing WebSphere entitlement license"
useTrial=false
ibmUserId=${{ secrets.IBM_USER_ID }}
ibmUserPwd=${{ secrets.IBM_USER_PWD }}
else
echo "Trial user, use evaluation license"
useTrial=true
ibmUserId=""
ibmUserPwd=""
fi
cd ${{ env.repoName }}
mvn -Dgit.repo=${{ env.userName }} -Dgit.tag=$GITHUB_REF_NAME \
-DuseTrial=${useTrial} \
-DibmUserId=${ibmUserId} \
-DibmUserPwd=${ibmUserPwd} \
-DnumberOfNodes=3 -DvmSize=Standard_D2_v3 -DdmgrVMPrefix=dmgr -DmanagedVMPrefix=managed -DdnsLabelPrefix=wasndcluster \
-DadminUsername=${{ env.vmAdminId }} -DadminPasswordOrKey=${{ env.vmAdminPassword }} \
-DauthenticationType=password -DwasUsername=${{ env.vmAdminId }} -DwasPassword=${{ env.vmAdminPassword }} \
-DselectLoadBalancer=${selectLoadBalancer} -DenableCookieBasedAffinity=true -DihsVmSize=Standard_D2_v3 -DihsVMPrefix=ihs -DihsDnsLabelPrefix=ihs \
-DihsUnixUsername=${{ env.vmAdminId }} -DihsUnixPasswordOrKey=${{ env.vmAdminPassword }} \
-DihsAuthenticationType=password -DihsAdminUsername=${{ env.vmAdminId }} -DihsAdminPassword=${{ env.vmAdminPassword }} \
-DenableDB=${enableDB} -DdatabaseType=${databaseType} -DjdbcDataSourceJNDIName=jdbc/WebSphereCafeDB -DdsConnectionURL=${dsConnectionURL} -DdbUser=${dbUser} -DdbPassword=${{ env.dbPassword }} \
-DenablePswlessConnectionParam=${enablePswlessConnection} \
-Dtest.args="-Test All" -Pbicep -Passembly -Ptemplate-validation-tests clean install
- name: Deploy a twas-cluster on Azure VMs
run: |
cd ${{ env.repoName }}/target/cli
chmod a+x deploy.azcli
ndImageResourceId=${{ inputs.ndImageResourceId }}
ihsImageResourceId=${{ inputs.ihsImageResourceId }}
./deploy.azcli -n ${{ env.testDeploymentName }} -g ${{ env.testResourceGroup }} -l ${{ env.location }} -u ${{ env.uamiId || 'NA' }} -d "${ndImageResourceId:-NA}" -i "${ihsImageResourceId:-NA}"
- name: Verify the deployment
run: |
outputs=$(az deployment group show -n ${{ env.testDeploymentName }} -g ${{ env.testResourceGroup }} --query 'properties.outputs')
adminSecuredConsole=$(echo $outputs | jq -r '.adminSecuredConsole.value')
curl ${{ env.curlParameters }} $adminSecuredConsole -k
if [[ $? -ne 0 ]]; then
echo "Failed to access ${adminSecuredConsole}."
exit 1
fi
ihsConsole=$(echo $outputs | jq -r '.ihsConsole.value')
if [[ $selectLoadBalancer == "ihs" ]]; then
curl ${{ env.curlParameters }} $ihsConsole
if [[ $? -ne 0 ]]; then
echo "Failed to access ${ihsConsole}."
exit 1
fi
else
if [[ $ihsConsole != "N/A" ]]; then
echo "ihsConsole is ${ihsConsole}, but it should be N/A as IHS is not enabled."
exit 1
fi
fi
appGatewayHttpURL=$(echo $outputs | jq -r '.appGatewayHttpURL.value')
appGatewayHttpsURL=$(echo $outputs | jq -r '.appGatewayHttpsURL.value')
if [[ $selectLoadBalancer == "appgw" ]]; then
curl ${{ env.curlParameters }} $appGatewayHttpURL
if [[ $? -ne 0 ]]; then
echo "Failed to access ${appGatewayHttpURL}."
exit 1
fi
curl ${{ env.curlParameters }} $appGatewayHttpsURL -k
if [[ $? -ne 0 ]]; then
echo "Failed to access ${appGatewayHttpsURL}."
exit 1
fi
else
if [[ $appGatewayHttpURL != "N/A" ]]; then
echo "appGatewayHttpURL is ${appGatewayHttpURL}, but it should be N/A as application gateway is not enabled."
exit 1
fi
if [[ $appGatewayHttpsURL != "N/A" ]]; then
echo "appGatewayHttpsURL is ${appGatewayHttpsURL}, but it should be N/A as application gateway is not enabled."
exit 1
fi
fi
- name: Install and verify websphere-cafe
run: |
nsgName=$(az network nsg list -g ${testResourceGroup} --query "[?contains(name, '-nsg')].name" -o tsv)
publicIp=$(az vm list -g ${testResourceGroup} -d --query "[?contains(name, 'dmgr')].publicIps" -o tsv)
vmName=$(az vm list -g ${testResourceGroup} --query "[?contains(name, 'dmgr')].name" -o tsv)
# Open port 22 in the nsg
az network nsg rule create \
--name port-22 \
--nsg-name ${nsgName} \
--priority 100 \
--resource-group ${testResourceGroup} \
--access Allow \
--destination-address-prefixes "*" \
--destination-port-ranges 22 \
--direction Inbound \
--protocol Tcp \
--source-address-prefixes "*"
sleep 1m
# Build and package websphere-cafe
if [ ${enableDB} != true ]; then
sed -i "s/WebSphereCafeDB/built-in-derby-datasource/g" websphere-cafe/websphere-cafe-web/src/main/resources/META-INF/persistence.xml
fi
mvn clean install --file websphere-cafe/pom.xml
if [ ${enableDB} != true ]; then
sed -i "s/built-in-derby-datasource/WebSphereCafeDB/g" websphere-cafe/websphere-cafe-web/src/main/resources/META-INF/persistence.xml
fi
# Upload websphere-cafe.ear to the VM
sudo apt-get install -y sshpass
timeout 1m sh -c 'until nc -zv $0 $1; do echo "nc rc: $?"; sleep 5; done' ${publicIp} 22
sshpass -p ${vmAdminPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o TCPKeepAlive=yes -o ServerAliveCountMax=20 -o ServerAliveInterval=15 -o ConnectTimeout=100 -v -tt ${vmAdminId}@${publicIp} 'ls /tmp'
sshpass -p ${vmAdminPassword} scp websphere-cafe/websphere-cafe-application/target/websphere-cafe.ear ${vmAdminId}@${publicIp}:/tmp
# Close port 22 in the nsg
az network nsg rule delete \
--name port-22 \
--nsg-name ${nsgName} \
--resource-group ${testResourceGroup}
# Install and start websphere-cafe
az vm extension set --name CustomScript \
--extension-instance-name deploy-websphere-cafe \
--resource-group ${testResourceGroup} --vm-name ${vmName} \
--publisher Microsoft.Azure.Extensions --version 2.0 \
--settings "{\"fileUris\": [\"${{ env.scriptLocation }}deploy-app.sh\", \"${{ env.scriptLocation }}deploy-app.py.template\"]}" \
--protected-settings "{\"commandToExecute\": \"bash deploy-app.sh /tmp/websphere-cafe.ear websphere-cafe ${selectLoadBalancer}\"}"
# Verify if websphere-cafe is accessible
websphereCafeUrl=
outputs=$(az deployment group show -n ${{ env.testDeploymentName }} -g ${{ env.testResourceGroup }} --query 'properties.outputs')
if [[ $selectLoadBalancer == "ihs" ]]; then
websphereCafeUrl=$(echo $outputs | jq -r '.ihsConsole.value')websphere-cafe
elif [[ $selectLoadBalancer == "appgw" ]]; then
websphereCafeUrl=$(echo $outputs | jq -r '.appGatewayHttpURL.value')websphere-cafe
fi
if [ -n "$websphereCafeUrl" ]; then
curl $websphereCafeUrl -k --fail
fi
- name: Generate artifact file name and path
id: artifact_file
run: |
version=$(mvn -q -Dexec.executable=echo -Dexec.args='${version.${{ env.repoName }}}' --file ${{ env.repoName }}/pom.xml --non-recursive exec:exec)
artifactName=${{ env.repoName }}-$version-arm-assembly
unzip ${{ env.repoName }}/target/$artifactName.zip -d ${{ env.repoName }}/target/$artifactName
echo "##[set-output name=artifactName;]${artifactName}"
echo "##[set-output name=artifactPath;]${{ env.repoName }}/target/$artifactName"
- name: Archive ${{ env.repoName }} template
uses: actions/[email protected]
if: success()
with:
name: ${{steps.artifact_file.outputs.artifactName}}
path: ${{steps.artifact_file.outputs.artifactPath}}
notification:
needs: integration-test
if: always()
runs-on: ubuntu-latest
steps:
- name: Output inputs from workflow_dispatch
run: echo "${{ toJSON(github.event.inputs) }}"
- name: Output client_payload from repository_dispatch
run: echo "${{ toJSON(github.event.client_payload) }}"
- name: Send notification
if: ${{ env.msTeamsWebhook != 'NA' }}
run: |
workflowJobs=$(curl -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ env.userName }}/${{ env.repoName }}/actions/runs/${{ github.run_id }}/jobs)
successIntegrationTestJob=$(echo $workflowJobs | jq 'select(.jobs != null) | .jobs | map(select(.name=="integration-test" and .conclusion=="success")) | length')
echo "$successIntegrationTestJob"
if [ -z $successIntegrationTestJob ];then
echo "jobs not retrieved."
elif (($successIntegrationTestJob == 0));then
echo "Job integration-test failed, send notification to Teams"
curl ${{ env.msTeamsWebhook }} \
-H 'Content-Type: application/json' \
--data-binary @- << EOF
{
"@context":"http://schema.org/extensions",
"@type":"MessageCard",
"text":"Workflow integration-test of repo ${{ env.repoName }} failed, please take a look at: https://github.com/${{ env.userName }}/${{ env.repoName }}/actions/runs/${{ github.run_id }}"
}
EOF
else
echo "Job integration-test succeeded."
fi
delete-resources:
needs: notification
runs-on: ubuntu-latest
if: always()
steps:
- uses: azure/login@v1
id: azure-login
with:
creds: ${{ env.azureCredentials }}
- name: Checkout ${{ env.repoName }}
uses: actions/checkout@v3
with:
path: ${{ env.repoName }}
ref: ${{ github.event.inputs.ref }}
- name: Delete all Azure resources
id: delete-resources-in-group
if: ${{ (github.event_name == 'workflow_dispatch' && inputs.deleteAzureResources) || (github.event_name == 'repository_dispatch' && github.event.client_payload.deleteAzureResources) }}
run: |
echo "delete resource group: " ${{ env.testResourceGroup }}
az group delete -n ${{ env.testResourceGroup }} --yes --no-wait