chore: Starlette dependency removal (#4371) #5918
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Integration tests using JIB containers | |
| on: | |
| push: | |
| branches: [ v2.x.x, v3.x.x ] | |
| paths-ignore: | |
| - '**.md' | |
| pull_request: | |
| branches: [ v2.x.x, v3.x.x ] | |
| paths-ignore: | |
| - '**.md' | |
| workflow_dispatch: | |
| env: | |
| JOB_ID: ${{ github.run_id }}-${{ github.run_number }} | |
| jobs: | |
| PublishJibContainers: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Build with Gradle | |
| run: > | |
| ./gradlew clean jib -Djib.serialize=true -Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} -Pzowe.docker.password=${{ secrets.PERSONAL_JB_TOKEN }} -Pzowe.docker.username=balhar-jakub -Pzowe.docker.container=ghcr.io/balhar-jakub/ -Pzowe.docker.tag=${{ env.JOB_ID }} | |
| - name: Standalone Catalog | |
| run: > | |
| ./gradlew :api-catalog-services:jib -Djib.serialize=true -Pzowe.jib.image.suffix=standalone -Pzowe.jib.image.javaAgentPort=6304 -Pzowe.jib.image.debugPort=5125 -Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} -Pzowe.docker.password=${{ secrets.PERSONAL_JB_TOKEN }} -Pzowe.docker.username=balhar-jakub -Pzowe.docker.container=ghcr.io/balhar-jakub/ -Pzowe.docker.tag=${{ env.JOB_ID }} | |
| - uses: ./.github/actions/teardown | |
| CITestsModulith: | |
| needs: PublishJibContainers | |
| runs-on: ubuntu-latest | |
| container: ubuntu:latest | |
| timeout-minutes: 15 | |
| services: | |
| apiml: | |
| image: ghcr.io/balhar-jakub/apiml:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| env: | |
| APIML_SECURITY_AUTH_JWT_CUSTOMAUTHHEADER: customJwtHeader | |
| APIML_SECURITY_AUTH_PASSTICKET_CUSTOMUSERHEADER: customUserHeader | |
| APIML_SECURITY_AUTH_PASSTICKET_CUSTOMAUTHHEADER: customPassticketHeader | |
| APIML_SECURITY_X509_ENABLED: true | |
| SERVER_MAX_HTTP_REQUEST_HEADER_SIZE: 16348 | |
| SPRING_CLOUD_GATEWAY_SERVER_WEBFLUX_HTTPCLIENT_WEBSOCKET_MAXFRAMEPAYLOADLENGTH: 3145728 | |
| APIML_GATEWAY_SERVICESTOLIMITREQUESTRATE: discoverableclient | |
| APIML_GATEWAY_SERVICESTODISABLERETRY: discoverableclient | |
| APIML_GATEWAY_COOKIENAMEFORRATELIMIT: apimlAuthenticationToken | |
| #The memory is constrained to test large file upload memory issues (#4265) | |
| #If the container runs oom, it is hard killed without printing any reasonable message in the log | |
| options: --memory 640m --memory-swap 640m | |
| discoverable-client: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://apiml:10011/eureka | |
| SPRING_SERVLET_MULTIPART_MAXFILESIZE: 1024MB | |
| SPRING_SERVLET_MULTIPART_MAXREQUESTSIZE: 1024MB | |
| mock-services: | |
| image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://apiml:10011/eureka | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Run Modulith CI Tests | |
| timeout-minutes: 4 | |
| run: > | |
| ENV_CONFIG=docker-modulith ./gradlew runStartUpCheck :integration-tests:runContainerModulithTests --info | |
| -Ddiscoverableclient.instances=1 -Denvironment.config=-docker-modulith -Denvironment.modulith=true | |
| -Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - uses: ./.github/actions/dump-jacoco | |
| if: always() | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: ContainerCITestsModulith-${{ env.JOB_ID }} | |
| path: | | |
| integration-tests/build/reports/** | |
| results/** | |
| integration-tests/build/test-results/runContainerModulithTests/binary/** | |
| integration-tests/build/test-results/runStartUpCheck/binary/** | |
| - uses: ./.github/actions/teardown | |
| CITestsModulithSAFProviderHA: | |
| needs: PublishJibContainers | |
| runs-on: ubuntu-latest | |
| container: ubuntu:latest | |
| timeout-minutes: 15 | |
| services: | |
| apiml: | |
| image: ghcr.io/balhar-jakub/apiml:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SECURITY_AUTH_JWT_CUSTOMAUTHHEADER: customJwtHeader | |
| APIML_SECURITY_AUTH_PASSTICKET_CUSTOMUSERHEADER: customUserHeader | |
| APIML_SECURITY_AUTH_PASSTICKET_CUSTOMAUTHHEADER: customPassticketHeader | |
| APIML_SECURITY_X509_ENABLED: true | |
| SERVER_MAX_HTTP_REQUEST_HEADER_SIZE: 16348 | |
| SPRING_CLOUD_GATEWAY_SERVER_WEBFLUX_HTTPCLIENT_WEBSOCKET_MAXFRAMEPAYLOADLENGTH: 16348 | |
| APIML_GATEWAY_SERVICESTOLIMITREQUESTRATE: discoverableclient | |
| APIML_GATEWAY_COOKIENAMEFORRATELIMIT: apimlAuthenticationToken | |
| APIML_SECURITY_AUTH_PROVIDER: saf | |
| APIML_DISCOVERY_ALLPEERSURLS: https://apiml:10011/eureka,https://apiml-2:10011/eureka | |
| APIML_SERVICE_HOSTNAME: apiml | |
| logbackService: ZWEAGW1 | |
| apiml-2: | |
| image: ghcr.io/balhar-jakub/apiml:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SECURITY_AUTH_JWT_CUSTOMAUTHHEADER: customJwtHeader | |
| APIML_SECURITY_AUTH_PASSTICKET_CUSTOMUSERHEADER: customUserHeader | |
| APIML_SECURITY_AUTH_PASSTICKET_CUSTOMAUTHHEADER: customPassticketHeader | |
| APIML_SECURITY_X509_ENABLED: true | |
| SERVER_MAX_HTTP_REQUEST_HEADER_SIZE: 16348 | |
| SPRING_CLOUD_GATEWAY_SERVER_WEBFLUX_HTTPCLIENT_WEBSOCKET_MAXFRAMEPAYLOADLENGTH: 16348 | |
| APIML_GATEWAY_SERVICESTOLIMITREQUESTRATE: discoverableclient | |
| APIML_GATEWAY_COOKIENAMEFORRATELIMIT: apimlAuthenticationToken | |
| APIML_SECURITY_AUTH_PROVIDER: saf | |
| APIML_DISCOVERY_ALLPEERSURLS: https://apiml:10011/eureka,https://apiml-2:10011/eureka | |
| APIML_SERVICE_HOSTNAME: apiml-2 | |
| logbackService: ZWEAGW2 | |
| api-catalog-services: | |
| image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| env: | |
| APIML_SERVICE_HOSTNAME: api-catalog-services | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://apiml:10011/eureka,https://apiml-2:10011/eureka | |
| APIML_SERVICE_GATEWAYHOSTNAME: https://apiml:10010 | |
| api-catalog-services-2: | |
| image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| env: | |
| APIML_SERVICE_HOSTNAME: api-catalog-services-2 | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://apiml-2:10011/eureka,https://apiml:10011/eureka | |
| APIML_SERVICE_GATEWAYHOSTNAME: https://apiml-2:10010 | |
| discoverable-client: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://apiml:10011/eureka | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Run Startup Check | |
| if: always() | |
| timeout-minutes: 4 | |
| run: > | |
| ./gradlew runStartUpCheck --info -Denvironment.config=-docker-modulith-ha -Ddiscoverableclient.instances=1 | |
| -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD -Denvironment.modulith=true | |
| env: | |
| ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Run Modulith CI Tests with SAF Provider in HA | |
| run: > | |
| ENV_CONFIG=docker-modulith-ha ./gradlew :integration-tests:runContainerSAFProviderTests --info | |
| -Ddiscoverableclient.instances=1 -Denvironment.config=-docker-modulith-ha -Denvironment.modulith=true | |
| -Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - uses: ./.github/actions/dump-jacoco | |
| if: always() | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: CITestsModulithSAFProviderHA-${{ env.JOB_ID }} | |
| path: | | |
| integration-tests/build/reports/** | |
| results/** | |
| integration-tests/build/test-results/runContainerSAFProviderTests/binary/** | |
| integration-tests/build/test-results/runStartUpCheck/binary/** | |
| - uses: ./.github/actions/teardown | |
| CITestsModulithHA: | |
| needs: PublishJibContainers | |
| container: ubuntu:latest | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| type: ["normal", "gateway-chaotic", "discoverableclient-chaotic", "websocket-chaotic"] | |
| services: | |
| apiml: | |
| image: ghcr.io/balhar-jakub/apiml:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SECURITY_AUTH_JWT_CUSTOMAUTHHEADER: customJwtHeader | |
| APIML_SECURITY_AUTH_PASSTICKET_CUSTOMUSERHEADER: customUserHeader | |
| APIML_SECURITY_AUTH_PASSTICKET_CUSTOMAUTHHEADER: customPassticketHeader | |
| APIML_SECURITY_X509_ENABLED: true | |
| SERVER_MAX_HTTP_REQUEST_HEADER_SIZE: 16348 | |
| SPRING_CLOUD_GATEWAY_SERVER_WEBFLUX_HTTPCLIENT_WEBSOCKET_MAXFRAMEPAYLOADLENGTH: 16348 | |
| APIML_GATEWAY_SERVICESTOLIMITREQUESTRATE: discoverableclient | |
| APIML_GATEWAY_COOKIENAMEFORRATELIMIT: apimlAuthenticationToken | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://apiml:10011/eureka,https://apiml-2:10011/eureka | |
| APIML_DISCOVERY_ALLPEERSURLS: https://apiml:10011/eureka,https://apiml-2:10011/eureka | |
| APIML_SERVICE_HOSTNAME: apiml | |
| logbackService: ZWEAGW1 | |
| APIML_HEALTH_PROTECTED: false | |
| apiml-2: | |
| image: ghcr.io/balhar-jakub/apiml:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SECURITY_AUTH_JWT_CUSTOMAUTHHEADER: customJwtHeader | |
| APIML_SECURITY_AUTH_PASSTICKET_CUSTOMUSERHEADER: customUserHeader | |
| APIML_SECURITY_AUTH_PASSTICKET_CUSTOMAUTHHEADER: customPassticketHeader | |
| APIML_SECURITY_X509_ENABLED: true | |
| SERVER_MAX_HTTP_REQUEST_HEADER_SIZE: 16348 | |
| SPRING_CLOUD_GATEWAY_SERVER_WEBFLUX_HTTPCLIENT_WEBSOCKET_MAXFRAMEPAYLOADLENGTH: 16348 | |
| APIML_GATEWAY_SERVICESTOLIMITREQUESTRATE: discoverableclient | |
| APIML_GATEWAY_COOKIENAMEFORRATELIMIT: apimlAuthenticationToken | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://apiml:10011/eureka,https://apiml-2:10011/eureka | |
| APIML_DISCOVERY_ALLPEERSURLS: https://apiml:10011/eureka,https://apiml-2:10011/eureka | |
| APIML_SERVICE_HOSTNAME: apiml-2 | |
| logbackService: ZWEAGW2 | |
| APIML_HEALTH_PROTECTED: false | |
| discoverable-client: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://apiml:10011/eureka,https://apiml-2:10011/eureka | |
| discoverable-client-2: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_HOSTNAME: discoverable-client-2 | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://apiml-2:10011/eureka,https://apiml:10011/eureka | |
| mock-services: | |
| image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Run Startup Check | |
| if: always() | |
| timeout-minutes: 4 | |
| run: > | |
| ./gradlew runStartUpCheck --info -Denvironment.config=-docker-modulith-ha -Ddiscoverableclient.instances=2 | |
| -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD -Denvironment.modulith=true | |
| env: | |
| ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Run Normal HA Tests in Modulith | |
| if: ${{ 'normal' == matrix.type }} | |
| run: > | |
| ./gradlew runHATests --info -Denvironment.config=-docker-modulith-ha | |
| -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD -Denvironment.modulith=true | |
| env: | |
| ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Run Gateway Service Chaotic HA Tests in Modulith | |
| if: ${{ 'gateway-chaotic' == matrix.type }} | |
| run: > | |
| ./gradlew :integration-tests:runChaoticHATests --tests org.zowe.apiml.integration.ha.GatewayChaoticTest | |
| --info -Denvironment.config=-docker-modulith-ha | |
| -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD -Denvironment.modulith=true | |
| env: | |
| ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Run Discoverable Client Chaotic HA Tests in Modulith | |
| if: ${{ 'discoverableclient-chaotic' == matrix.type }} | |
| run: > | |
| ./gradlew :integration-tests:runChaoticHATests --tests org.zowe.apiml.integration.ha.SouthboundServiceChaoticTest | |
| --info -Denvironment.config=-docker-modulith-ha | |
| -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD -Denvironment.modulith=true | |
| env: | |
| ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Run WebSocket Chaotic HA Tests in Modulith | |
| if: ${{ 'websocket-chaotic' == matrix.type }} | |
| run: > | |
| ./gradlew :integration-tests:runChaoticHATests --tests org.zowe.apiml.integration.ha.WebSocketChaoticTest | |
| --info -Denvironment.config=-docker-modulith-ha | |
| -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD -Denvironment.modulith=true | |
| env: | |
| ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Correct Permisions | |
| run: | | |
| chmod 755 -R .gradle | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: CITestsModulithHA-${{ env.JOB_ID }}-${{ matrix.type }} | |
| path: | | |
| integration-tests/build/reports/** | |
| integration-tests/build/test-results/** | |
| - uses: ./.github/actions/teardown | |
| CITests: | |
| needs: PublishJibContainers | |
| runs-on: ubuntu-latest | |
| container: ubuntu:latest | |
| timeout-minutes: 15 | |
| services: | |
| api-catalog-services-2: | |
| image: ghcr.io/balhar-jakub/api-catalog-services-standalone:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| env: | |
| APIML_SERVICE_HOSTNAME: api-catalog-services-2 | |
| APIML_HEALTH_PROTECTED: false | |
| api-catalog-services: | |
| image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| caching-service: | |
| image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
| discoverable-client: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| SPRING_SERVLET_MULTIPART_MAXFILESIZE: 1024MB | |
| SPRING_SERVLET_MULTIPART_MAXREQUESTSIZE: 1024MB | |
| discovery-service: | |
| image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
| # needs to run in isolation from another DS for multi-tenancy setup | |
| discovery-service-2: | |
| image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_HOSTNAME: discovery-service-2 | |
| APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service-2:10011/eureka | |
| gateway-service: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_HOSTNAME: gateway-service | |
| APIML_SECURITY_AUTH_JWT_CUSTOMAUTHHEADER: customJwtHeader | |
| APIML_SECURITY_AUTH_PASSTICKET_CUSTOMUSERHEADER: customUserHeader | |
| APIML_SECURITY_AUTH_PASSTICKET_CUSTOMAUTHHEADER: customPassticketHeader | |
| ZWE_CONFIGS_APIML_SERVICE_ADDITIONALREGISTRATION_0_DISCOVERYSERVICEURLS: https://discovery-service-2:10011/eureka | |
| SERVER_MAX_HTTP_REQUEST_HEADER_SIZE: 16348 | |
| SPRING_CLOUD_GATEWAY_SERVER_WEBFLUX_HTTPCLIENT_WEBSOCKET_MAXFRAMEPAYLOADLENGTH: 3145728 | |
| APIML_GATEWAY_SERVICESTOLIMITREQUESTRATE: discoverableclient | |
| APIML_GATEWAY_SERVICESTODISABLERETRY: discoverableclient | |
| APIML_GATEWAY_COOKIENAMEFORRATELIMIT: apimlAuthenticationToken | |
| EUREKA_CLIENT_INSTANCEINFOREPLICATIONINTERVALSECONDS: 1 | |
| EUREKA_CLIENT_REGISTRYFETCHINTERVALSECONDS: 1 | |
| options: --memory 640m --memory-swap 640m | |
| zaas-service: | |
| image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SECURITY_X509_ENABLED: true | |
| APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
| APIML_SECURITY_X509_CERTIFICATESURL: https://gateway-service:10010/gateway/certificates | |
| mock-services: | |
| image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Run Startup Check | |
| if: always() | |
| timeout-minutes: 4 | |
| run: > | |
| ./gradlew runStartUpCheck --info -Denvironment.config=-docker | |
| env: | |
| ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Run CI Tests | |
| timeout-minutes: 4 | |
| run: > | |
| ./gradlew :integration-tests:runContainerTests --info -Denvironment.config=-docker | |
| -Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - uses: ./.github/actions/dump-jacoco | |
| if: always() | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: ContainerCITests-${{ env.JOB_ID }} | |
| path: | | |
| integration-tests/build/reports/** | |
| results/** | |
| - uses: ./.github/actions/teardown | |
| CITestsSAFProviderHA: | |
| needs: PublishJibContainers | |
| runs-on: ubuntu-latest | |
| container: ubuntu:latest | |
| timeout-minutes: 15 | |
| services: | |
| api-catalog-services-2: | |
| image: ghcr.io/balhar-jakub/api-catalog-services-standalone:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| env: | |
| APIML_SERVICE_HOSTNAME: api-catalog-services-2 | |
| APIML_HEALTH_PROTECTED: false | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service-2:10011/eureka/,https://discovery-service:10011/eureka/ | |
| api-catalog-services: | |
| image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| env: | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
| caching-service: | |
| image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
| discoverable-client: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
| discovery-service: | |
| image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_HOSTNAME: discovery-service | |
| APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service-2:10011/eureka | |
| discovery-service-2: | |
| image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_HOSTNAME: discovery-service-2 | |
| APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service:10011/eureka | |
| gateway-service: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_HOSTNAME: gateway-service | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
| logbackService: ZWEAGW1 | |
| gateway-service-2: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_HOSTNAME: gateway-service-2 | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service-2:10011/eureka/,https://discovery-service:10011/eureka/ | |
| logbackService: ZWEAGW2 | |
| zaas-service: | |
| image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SECURITY_X509_ENABLED: true | |
| APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
| APIML_SECURITY_X509_CERTIFICATESURL: https://gateway-service:10010/gateway/certificates | |
| APIML_SECURITY_AUTH_PROVIDER: saf | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
| zaas-service-2: | |
| image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SECURITY_X509_ENABLED: true | |
| APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
| APIML_SECURITY_X509_CERTIFICATESURL: https://gateway-service-2:10010/gateway/certificates | |
| APIML_SECURITY_AUTH_PROVIDER: saf | |
| APIML_SERVICE_HOSTNAME: zaas-service-2 | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service-2:10011/eureka/,https://discovery-service:10011/eureka/ | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Run Startup Check | |
| if: always() | |
| timeout-minutes: 4 | |
| run: > | |
| ./gradlew runStartUpCheck --info -Denvironment.config=-ha -Ddiscoverableclient.instances=1 | |
| -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD | |
| env: | |
| ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Run CI Tests With SAF Provider | |
| run: > | |
| ./gradlew :integration-tests:runContainerSAFProviderTests --info -Denvironment.config=-ha | |
| -Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - uses: ./.github/actions/dump-jacoco | |
| if: always() | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: CITestsSAFProviderHA-${{ env.JOB_ID }} | |
| path: | | |
| integration-tests/build/reports/** | |
| results/** | |
| - uses: ./.github/actions/teardown | |
| GatewayProxy: | |
| needs: PublishJibContainers | |
| runs-on: ubuntu-latest | |
| container: ubuntu:latest | |
| timeout-minutes: 10 | |
| services: | |
| discovery-service: | |
| image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
| gateway-service: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_APIMLID: apiml1 | |
| APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
| APIML_SERVICE_FORWARDCLIENTCERTENABLED: true | |
| APIML_SECURITY_X509_CERTIFICATESURL: https://central-gateway-service:10010/gateway/certificates | |
| logbackService: ZWEAGW1 | |
| gateway-service-2: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_HOSTNAME: gateway-service-2 | |
| APIML_SERVICE_APIMLID: apiml2 | |
| logbackService: ZWEAGW2 | |
| zaas-service: | |
| image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
| APIML_SECURITY_X509_CERTIFICATESURL: https://gateway-service:10010/gateway/certificates | |
| zaas-service-2: | |
| image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
| APIML_SECURITY_X509_CERTIFICATESURL: https://gateway-service-2:10010/gateway/certificates | |
| APIML_SERVICE_HOSTNAME: zaas-service-2 | |
| central-gateway-service: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_APIMLID: centralapiml | |
| APIML_CONNECTION_TIMEOUT: 2000 | |
| APIML_SERVICE_FORWARDCLIENTCERTENABLED: true | |
| APIML_SERVICE_HOSTNAME: central-gateway-service | |
| discoverable-client: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| mock-services: | |
| image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Run CI Tests | |
| run: > | |
| ./gradlew :integration-tests:runGatewayProxyTest --info -Denvironment.config=-docker | |
| -Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Dump CGW jacoco data | |
| run: > | |
| java -jar ./scripts/jacococli.jar dump --address gateway-service --port 6300 --destfile ./results/gateway-service.exec | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: GatewayProxy-${{ env.JOB_ID }} | |
| path: | | |
| integration-tests/build/reports/** | |
| results/** | |
| - uses: ./.github/actions/teardown | |
| GatewayCentralRegistry: | |
| needs: PublishJibContainers | |
| runs-on: ubuntu-latest | |
| container: ubuntu:latest | |
| timeout-minutes: 10 | |
| services: | |
| # Domain apiml instance which registers it's gateway in central's discovery service | |
| discovery-service: | |
| image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| zaas-service: | |
| image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SECURITY_X509_ENABLED: true | |
| APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
| APIML_SECURITY_X509_CERTIFICATESURL: https://central-gateway-service:10010/gateway/certificates | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/ | |
| logbackService: ZWEAAZ2 | |
| gateway-service: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_APIMLID: domain-apiml | |
| APIML_SERVICE_EXTERNALURL: https://gateway-service:10010 | |
| APIML_GATEWAY_REGISTRY_ENABLED: false | |
| APIML_SECURITY_X509_REGISTRY_ALLOWEDUSERS: USER,UNKNOWNUSER | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/ | |
| ZWE_CONFIGS_APIML_SERVICE_ADDITIONALREGISTRATION_0_DISCOVERYSERVICEURLS: https://discovery-service-2:10011/eureka | |
| ZWE_CONFIGS_APIML_SERVICE_ADDITIONALREGISTRATION_0_ROUTES_0_GATEWAYURL: / | |
| ZWE_CONFIGS_APIML_SERVICE_ADDITIONALREGISTRATION_0_ROUTES_0_SERVICEURL: / | |
| logbackService: ZWEAGW2 | |
| discoverable-client: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| # Central apiml instance with central gateway registry | |
| central-gateway-service: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_APIMLID: central-apiml | |
| APIML_SERVICE_HOSTNAME: central-gateway-service | |
| APIML_SERVICE_EXTERNALURL: https://central-gateway-service:10010 | |
| APIML_GATEWAY_REGISTRY_ENABLED: true | |
| APIML_SECURITY_X509_REGISTRY_ALLOWEDUSERS: USER,UNKNOWNUSER | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service-2:10011/eureka/ | |
| logbackService: ZWEAGW1 | |
| api-catalog-services-2: | |
| image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| env: | |
| APIML_SERVICE_HOSTNAME: api-catalog-services-2 | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service-2:10011/eureka/ | |
| discovery-service-2: | |
| image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_HOSTNAME: discovery-service-2 | |
| zaas-service-2: | |
| image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_HOSTNAME: zaas-service-2 | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service-2:10011/eureka/ | |
| APIML_SECURITY_X509_ENABLED: true | |
| APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
| APIML_SECURITY_X509_CERTIFICATESURL: https://central-gateway-service:10010/gateway/certificates | |
| logbackService: ZWEAAZ1 | |
| mock-services: | |
| image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Run CI Tests | |
| timeout-minutes: 4 | |
| run: > | |
| ./gradlew runStartUpCheck :integration-tests:runGatewayCentralRegistryTest --info | |
| -Denvironment.config=-docker -Dgateway.instances=2 -Ddiscoverableclient.instances=0 | |
| -Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Dump CGW jacoco data | |
| run: > | |
| java -jar ./scripts/jacococli.jar dump --address gateway-service --port 6300 --destfile ./results/gateway-service.exec | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: GatewayCentralRegistry-${{ env.JOB_ID }} | |
| path: | | |
| integration-tests/build/reports/** | |
| results/** | |
| - uses: ./.github/actions/teardown | |
| CentralRegistryModulith: | |
| needs: PublishJibContainers | |
| runs-on: ubuntu-latest | |
| container: ubuntu:latest | |
| timeout-minutes: 10 | |
| services: | |
| # Domain apiml instance which registers it's gateway in central's discovery service | |
| apiml: | |
| image: ghcr.io/balhar-jakub/apiml:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_HOSTNAME: apiml | |
| APIML_SERVICE_APIMLID: domain-apiml | |
| APIML_SERVICE_EXTERNALURL: https://apiml:10010 | |
| APIML_GATEWAY_REGISTRY_ENABLED: false | |
| APIML_SECURITY_X509_REGISTRY_ALLOWEDUSERS: USER,UNKNOWNUSER | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://apiml:10011/eureka/ | |
| APIML_DISCOVERY_ALLPEERSURLS: https://apiml:10011/eureka | |
| ZWE_CONFIGS_APIML_SERVICE_ADDITIONALREGISTRATION_0_DISCOVERYSERVICEURLS: https://central-gateway-service:10011/eureka | |
| ZWE_CONFIGS_APIML_SERVICE_ADDITIONALREGISTRATION_0_ROUTES_0_GATEWAYURL: / | |
| ZWE_CONFIGS_APIML_SERVICE_ADDITIONALREGISTRATION_0_ROUTES_0_SERVICEURL: / | |
| APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
| APIML_SECURITY_X509_CERTIFICATESURL: https://central-gateway-service:10010/gateway/certificates | |
| logbackService: ZWEAGW1 | |
| APIML_HEALTH_PROTECTED: false | |
| APIML_SECURITY_X509_ENABLED: true | |
| # Central apiml instance with central gateway registry | |
| central-gateway-service: | |
| image: ghcr.io/balhar-jakub/apiml:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_APIMLID: central-apiml | |
| APIML_SERVICE_HOSTNAME: central-gateway-service | |
| APIML_SERVICE_EXTERNALURL: https://central-gateway-service:10010 | |
| APIML_GATEWAY_REGISTRY_ENABLED: true | |
| APIML_SECURITY_X509_REGISTRY_ALLOWEDUSERS: USER,UNKNOWNUSER | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://central-gateway-service:10011/eureka | |
| APIML_DISCOVERY_ALLPEERSURLS: https://central-gateway-service:10011/eureka | |
| logbackService: ZWEAGW2 | |
| APIML_SECURITY_X509_ENABLED: true | |
| APIML_HEALTH_PROTECTED: false | |
| APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
| APIML_SECURITY_X509_CERTIFICATESURL: https://central-gateway-service:10010/gateway/certificates | |
| discoverable-client: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| mock-services: | |
| image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Run Startup Check | |
| if: always() | |
| timeout-minutes: 4 | |
| run: > | |
| ./gradlew runStartUpCheck --info -Denvironment.config=-docker-modulith -Ddiscoverableclient.instances=0 -Denvironment.modulith=true -Dgateway.instances=2 -Dgateway.host=central-gateway-service | |
| - name: Run CI Tests | |
| timeout-minutes: 4 | |
| run: > | |
| ./gradlew :integration-tests:runGatewayCentralRegistryTest --info | |
| -Denvironment.config=-docker-modulith -Denvironment.modulith=true | |
| -Ddiscovery.additionalHost=central-gateway-service | |
| -Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: ModulithCentralRegistry-${{ env.JOB_ID }} | |
| path: | | |
| integration-tests/build/reports/** | |
| - uses: ./.github/actions/teardown | |
| CITestsRegistration: | |
| needs: PublishJibContainers | |
| runs-on: ubuntu-latest | |
| container: ubuntu:latest | |
| timeout-minutes: 15 | |
| services: | |
| api-catalog-services: | |
| image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| caching-service: | |
| image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
| discoverable-client: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| discovery-service: | |
| image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| gateway-service: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| zaas-service: | |
| image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
| mock-services: | |
| image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Run CI Tests | |
| run: > | |
| ./gradlew :integration-tests:runRegistrationTests --info -Denvironment.config=-docker | |
| -Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
| # Coverage results are not stored in this job as it would not provide much additional data | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: ContainerCITestsRegistration-${{ env.JOB_ID }} | |
| path: | | |
| integration-tests/build/reports/** | |
| - uses: ./.github/actions/teardown | |
| CITestsZaas: | |
| needs: PublishJibContainers | |
| runs-on: ubuntu-latest | |
| container: ubuntu:latest | |
| timeout-minutes: 15 | |
| services: | |
| caching-service: | |
| image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| ZWE_CACHING_SERVICE_PERSISTENT: 'infinispan' | |
| CACHING_STORAGE_MODE: "infinispan" | |
| JGROUPS_BIND_ADDRESS: "caching-service" | |
| JGROUPS_BIND_PORT: "7600" | |
| central-gateway-service: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| discoverable-client: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| api-catalog-services: | |
| image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| discovery-service: | |
| image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| zaas-service: | |
| image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SECURITY_PERSONALACCESSTOKEN_ENABLED: true | |
| APIML_SECURITY_OIDC_CLIENTID: ${{ secrets.OKTA_CLIENT_ID }} | |
| APIML_SECURITY_OIDC_CLIENTSECRET: ${{ secrets.OKTA_CLIENT_PASSWORD }} | |
| APIML_SECURITY_OIDC_ENABLED: true | |
| APIML_SECURITY_OIDC_REGISTRY: zowe.okta.com | |
| APIML_SECURITY_OIDC_JWKS_URI: ${{ secrets.OKTA_JWKSET_URI }} | |
| APIML_SECURITY_OIDC_IDENTITYMAPPERUSER: APIMTST | |
| APIML_SECURITY_OIDC_IDENTITYMAPPERURL: https://gateway-service:10010/zss/api/v1/certificate/dn | |
| APIML_SECURITY_X509_ENABLED: true | |
| APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
| APIML_SECURITY_X509_CERTIFICATESURL: https://gateway-service:10010/gateway/certificates | |
| gateway-service: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
| APIML_SECURITY_X509_CERTIFICATESURL: https://gateway-service:10010/gateway/certificates | |
| mock-services: | |
| image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Build with Gradle | |
| run: > | |
| ./gradlew runStartUpCheck :integration-tests:runZaasTest --info -Denvironment.config=-docker | |
| -Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
| -Doidc.client.id=${{ secrets.OKTA_CLIENT_ID }} -Doidc.test.user=${{ secrets.OIDC_TEST_USER }} | |
| -Doidc.test.pass=${{ secrets.OIDC_TEST_PASS }} -Doidc.test.alt_user=${{ secrets.OKTA_WINNIE_USER }} | |
| -Doidc.test.alt_pass=${{ secrets.OKTA_WINNIE_PASS }} -Doidc.host=${{secrets.OKTA_HOST}} | |
| -Ddiscoverableclient.instances=1 | |
| - name: Dump DC jacoco data | |
| run: > | |
| java -jar ./scripts/jacococli.jar dump --address zaas-service --port 6301 --destfile ./results/zaas-service.exec | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: ContainerCITestsZaas-${{ env.JOB_ID }} | |
| path: | | |
| integration-tests/build/reports/** | |
| results/** | |
| - uses: ./.github/actions/teardown | |
| CITestsZosmfWithoutJwt: | |
| needs: PublishJibContainers | |
| runs-on: ubuntu-latest | |
| container: ubuntu:latest | |
| timeout-minutes: 15 | |
| services: | |
| api-catalog-services: | |
| image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| caching-service: | |
| image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
| discoverable-client: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| discovery-service: | |
| image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| zaas-service: | |
| image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SECURITY_X509_ENABLED: true | |
| APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
| APIML_SECURITY_X509_CERTIFICATESURL: https://gateway-service:10010/gateway/certificates | |
| APIML_SECURITY_AUTH_ZOSMF_JWTAUTOCONFIGURATION: ltpa | |
| gateway-service: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SECURITY_AUTH_JWT_CUSTOMAUTHHEADER: customJwtHeader | |
| APIML_SECURITY_AUTH_PASSTICKET_CUSTOMUSERHEADER: customUserHeader | |
| APIML_SECURITY_AUTH_PASSTICKET_CUSTOMAUTHHEADER: customPassticketHeader | |
| mock-services: | |
| image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Build with Gradle | |
| run: > | |
| ./gradlew :integration-tests:runZosmfAuthTest --info -Denvironment.config=-docker | |
| -Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
| # Coverage results are not stored in this job as it would not provide much additional data | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: ContainerCITestsZosmfWithoutJwt-${{ env.JOB_ID }} | |
| path: | | |
| integration-tests/build/reports/** | |
| - uses: ./.github/actions/teardown | |
| CITestsWithRedisReplica: | |
| needs: PublishJibContainers | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Run APIML and Redis Containers | |
| run: | | |
| cd docker/redis | |
| chmod +x run-redis.sh | |
| ./run-redis.sh -l -t -a ${{ env.JOB_ID }} | |
| - uses: ./.github/actions/validate-apiml-healthy | |
| with: | |
| caching-service: "true" | |
| - name: Run Caching Service tests | |
| run: > | |
| ./gradlew :integration-tests:runCachingServiceTests --info | |
| -DtlsConfiguration.clientKeyStore=../docker/redis/redis-containers/keystore/all-services.keystore.p12 | |
| -DtlsConfiguration.keyAlias=apimtst | |
| -DtlsConfiguration.keyStore=../docker/redis/redis-containers/keystore/all-services.keystore.p12 | |
| -DtlsConfiguration.trustStore=../docker/redis/redis-containers/keystore/all-services.truststore.p12 | |
| -Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Output Redis logs | |
| if: always() | |
| run: | | |
| echo "Redis Master" | |
| docker logs redis-master | |
| echo "Redis Replica" | |
| docker logs redis-replica | |
| - name: Output Caching Service container logs | |
| if: always() | |
| run: docker logs caching-service | |
| - name: Output Gateway container logs | |
| if: always() | |
| run: docker logs gateway-service | |
| - name: Output ZAAS container logs | |
| if: always() | |
| run: docker logs zaas-service | |
| - name: Output Discovery container logs | |
| if: always() | |
| run: docker logs discovery-service | |
| # Coverage results are not stored in this job as it would not provide much additional data | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: ContainerCITestsWithRedisReplica-${{ env.JOB_ID }} | |
| path: | | |
| integration-tests/build/reports/** | |
| - uses: ./.github/actions/teardown | |
| CITestsWithRedisSentinel: | |
| needs: PublishJibContainers | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Run APIML and Redis Containers | |
| run: | | |
| cd docker/redis | |
| chmod +x run-redis.sh | |
| ./run-redis.sh -l -s -t -a ${{ env.JOB_ID }} | |
| - uses: ./.github/actions/validate-apiml-healthy | |
| with: | |
| caching-service: "true" | |
| - name: Run Caching Service tests | |
| run: > | |
| ./gradlew :integration-tests:runCachingServiceTests --info | |
| -DtlsConfiguration.clientKeyStore=../docker/redis/redis-containers/keystore/all-services.keystore.p12 | |
| -DtlsConfiguration.keyAlias=apimtst | |
| -DtlsConfiguration.keyStore=../docker/redis/redis-containers/keystore/all-services.keystore.p12 | |
| -DtlsConfiguration.trustStore=../docker/redis/redis-containers/keystore/all-services.truststore.p12 | |
| -Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Output Redis logs | |
| if: always() | |
| run: | | |
| echo "Redis Master" | |
| docker logs redis-master | |
| echo "Redis Replica" | |
| docker logs redis-replica | |
| echo "Redis Sentinel 1" | |
| docker logs redis-sentinel-1 | |
| echo "Redis Sentinel 2" | |
| docker logs redis-sentinel-2 | |
| echo "Redis Sentinel 3" | |
| docker logs redis-sentinel-3 | |
| - name: Output Caching Service container logs | |
| if: always() | |
| run: docker logs caching-service | |
| - name: Output Gateway container logs | |
| if: always() | |
| run: docker logs gateway-service | |
| - name: Output ZAAS container logs | |
| if: always() | |
| run: docker logs zaas-service | |
| - name: Output Discovery container logs | |
| if: always() | |
| run: docker logs discovery-service | |
| # Coverage results are not stored in this job as it would not provide much additional data | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: ContainerCITestsWithRedisSentinel-${{ env.JOB_ID }} | |
| path: | | |
| integration-tests/build/reports/** | |
| - uses: ./.github/actions/teardown | |
| DeterministicHALoadBalancing: | |
| needs: PublishJibContainers | |
| container: ubuntu:latest | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| services: | |
| api-catalog-services: | |
| image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| caching-service: | |
| image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
| discoverable-client: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| discoverable-client-2: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_HOSTNAME: discoverable-client-2 | |
| mock-services: | |
| image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
| discovery-service: | |
| image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| env: | |
| APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service:10011/eureka,https://discovery-service-2:10011/eureka | |
| discovery-service-2: | |
| image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| env: | |
| APIML_SERVICE_HOSTNAME: discovery-service-2 | |
| APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service-2:10011/eureka,https://discovery-service:10011/eureka | |
| zaas-service: | |
| image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
| zaas-service-2: | |
| image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
| gateway-service: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
| APIML_ROUTING_INSTANCEIDHEADER: true | |
| gateway-service-2: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_HOSTNAME: gateway-service-2 | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
| APIML_ROUTING_INSTANCEIDHEADER: true | |
| logbackService: ZWEAGW2 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Setup Docker | |
| if: ${{ false }} # Debug of containers | |
| run: | | |
| apt update | |
| apt install -y apt-transport-https ca-certificates curl software-properties-common | |
| curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - | |
| add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable" | |
| apt update | |
| apt-cache policy docker-ce | |
| apt install -y docker-ce | |
| - name: Run HA Tests | |
| run: > | |
| ./gradlew runStartUpCheck runDeterministicLbHaTests --info | |
| -Denvironment.config=-ha -Ddiscoverableclient.instances=2 | |
| -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD | |
| env: | |
| ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Get Container Logs | |
| if: ${{ false }} # Debug of containers | |
| run: | | |
| docker ps -a | |
| docker ps -q | xargs -L 1 docker logs | |
| - name: Correct Permisions | |
| run: | | |
| chmod 755 -R .gradle | |
| # Coverage results are not stored in this job as it would not provide much additional data | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: DeterministicLbHaTest-${{ env.JOB_ID }} | |
| path: | | |
| integration-tests/build/reports/** | |
| - uses: ./.github/actions/teardown | |
| DeterministicHALoadBalancingModulith: | |
| needs: PublishJibContainers | |
| container: ubuntu:latest | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| services: | |
| discoverable-client: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://apiml:10011/eureka,https://apiml-2:10011/eureka | |
| discoverable-client-2: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_HOSTNAME: discoverable-client-2 | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://apiml:10011/eureka,https://apiml-2:10011/eureka | |
| mock-services: | |
| image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://apiml:10011/eureka,https://apiml-2:10011/eureka | |
| apiml: | |
| image: ghcr.io/balhar-jakub/apiml:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_DISCOVERY_ALLPEERSURLS: https://apiml:10011/eureka,https://apiml-2:10011/eureka | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://apiml:10011/eureka,https://apiml-2:10011/eureka | |
| APIML_SERVICE_HOSTNAME: apiml | |
| APIML_ROUTING_INSTANCEIDHEADER: true | |
| logbackService: ZWEAGW1 | |
| apiml-2: | |
| image: ghcr.io/balhar-jakub/apiml:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_DISCOVERY_ALLPEERSURLS: https://apiml:10011/eureka,https://apiml-2:10011/eureka | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://apiml:10011/eureka,https://apiml-2:10011/eureka | |
| APIML_SERVICE_HOSTNAME: apiml-2 | |
| APIML_ROUTING_INSTANCEIDHEADER: true | |
| logbackService: ZWEAGW2 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Setup Docker | |
| if: ${{ false }} # Debug of containers | |
| run: | | |
| apt update | |
| apt install -y apt-transport-https ca-certificates curl software-properties-common | |
| curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - | |
| add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable" | |
| apt update | |
| apt-cache policy docker-ce | |
| apt install -y docker-ce | |
| - name: Run Startup Check | |
| if: always() | |
| timeout-minutes: 4 | |
| run: > | |
| ./gradlew runStartUpCheck --info -Denvironment.config=-docker-modulith-ha -Ddiscoverableclient.instances=2 | |
| -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD -Denvironment.modulith=true | |
| env: | |
| ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Run HA Tests | |
| run: > | |
| ./gradlew runDeterministicLbHaTests --info | |
| -Denvironment.config=-docker-modulith-ha -Ddiscoverableclient.instances=2 | |
| -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD -Denvironment.modulith=true | |
| env: | |
| ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Get Container Logs | |
| if: ${{ false }} # Debug of containers | |
| run: | | |
| docker ps -a | |
| docker ps -q | xargs -L 1 docker logs | |
| - name: Correct Permisions | |
| run: | | |
| chmod 755 -R .gradle | |
| # Coverage results are not stored in this job as it would not provide much additional data | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: DeterministicLbHaTestModulith-${{ env.JOB_ID }} | |
| path: | | |
| integration-tests/build/reports/** | |
| - uses: ./.github/actions/teardown | |
| StickySessionHALoadBalancing: | |
| needs: PublishJibContainers | |
| container: ubuntu:latest | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| services: | |
| api-catalog-services: | |
| image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| caching-service: | |
| image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
| discoverable-client: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_CUSTOMMETADATA_APIML_LB_TYPE: authentication | |
| discoverable-client-2: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_HOSTNAME: discoverable-client-2 | |
| APIML_SERVICE_CUSTOMMETADATA_APIML_LB_TYPE: authentication | |
| mock-services: | |
| image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
| discovery-service: | |
| image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| env: | |
| APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service:10011/eureka,https://discovery-service-2:10011/eureka | |
| discovery-service-2: | |
| image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| env: | |
| APIML_SERVICE_HOSTNAME: discovery-service-2 | |
| APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service-2:10011/eureka,https://discovery-service:10011/eureka | |
| zaas-service: | |
| image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
| zaas-service-2: | |
| image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
| gateway-service: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
| APIML_SERVICE_CUSTOMMETADATA_APIML_LB_TYPE: authentication | |
| gateway-service-2: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_HOSTNAME: gateway-service-2 | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
| APIML_SERVICE_CUSTOMMETADATA_APIML_LB_TYPE: authentication | |
| logbackService: ZWEAGW2 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Setup Docker | |
| if: ${{ false }} # Debug of containers | |
| run: | | |
| apt update | |
| apt install -y apt-transport-https ca-certificates curl software-properties-common | |
| curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - | |
| add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable" | |
| apt update | |
| apt-cache policy docker-ce | |
| apt install -y docker-ce | |
| - name: Run HA Tests | |
| run: > | |
| ./gradlew runStickySessionLbHaTests --info -Denvironment.config=-ha | |
| -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD | |
| env: | |
| ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Get Container Logs | |
| if: ${{ false }} # Debug of containers | |
| run: | | |
| docker ps -a | |
| docker ps -q | xargs -L 1 docker logs | |
| - name: Correct Permisions | |
| run: | | |
| chmod 755 -R .gradle | |
| # Coverage results are not stored in this job as it would not provide much additional data | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: StickySessionLbHaTest-${{ env.JOB_ID }} | |
| path: | | |
| integration-tests/build/reports/** | |
| - uses: ./.github/actions/teardown | |
| StickySessionHALoadBalancingModulith: | |
| needs: PublishJibContainers | |
| container: ubuntu:latest | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| services: | |
| discoverable-client: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_CUSTOMMETADATA_APIML_LB_TYPE: authentication | |
| discoverable-client-2: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_HOSTNAME: discoverable-client-2 | |
| APIML_SERVICE_CUSTOMMETADATA_APIML_LB_TYPE: authentication | |
| mock-services: | |
| image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
| apiml: | |
| image: ghcr.io/balhar-jakub/apiml:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_DISCOVERY_ALLPEERSURLS: https://apiml:10011/eureka,https://apiml-2:10011/eureka | |
| APIML_SERVICE_HOSTNAME: apiml | |
| APIML_SERVICE_CUSTOMMETADATA_APIML_LB_TYPE: authentication | |
| logbackService: ZWEAGW1 | |
| apiml-2: | |
| image: ghcr.io/balhar-jakub/apiml:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_DISCOVERY_ALLPEERSURLS: https://apiml:10011/eureka,https://apiml-2:10011/eureka | |
| APIML_SERVICE_HOSTNAME: apiml-2 | |
| APIML_SERVICE_CUSTOMMETADATA_APIML_LB_TYPE: authentication | |
| logbackService: ZWEAGW2 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Setup Docker | |
| if: ${{ false }} # Debug of containers | |
| run: | | |
| apt update | |
| apt install -y apt-transport-https ca-certificates curl software-properties-common | |
| curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - | |
| add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable" | |
| apt update | |
| apt-cache policy docker-ce | |
| apt install -y docker-ce | |
| - name: Run HA Tests | |
| run: > | |
| ./gradlew runStickySessionLbHaTests --info -Denvironment.config=-docker-modulith-ha | |
| -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD -Denvironment.modulith=true | |
| env: | |
| ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Get Container Logs | |
| if: ${{ false }} # Debug of containers | |
| run: | | |
| docker ps -a | |
| docker ps -q | xargs -L 1 docker logs | |
| - name: Correct Permisions | |
| run: | | |
| chmod 755 -R .gradle | |
| # Coverage results are not stored in this job as it would not provide much additional data | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: StickySessionLbHaTestModulith-${{ env.JOB_ID }} | |
| path: | | |
| integration-tests/build/reports/** | |
| - uses: ./.github/actions/teardown | |
| CITestsHA: | |
| needs: PublishJibContainers | |
| container: ubuntu:latest | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| type: ["normal", "discovery-chaotic", "gateway-chaotic", "discoverableclient-chaotic", "websocket-chaotic"] | |
| services: | |
| api-catalog-services: | |
| image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| api-catalog-services-2: | |
| image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| env: | |
| APIML_SERVICE_HOSTNAME: api-catalog-services-2 | |
| APIML_HEALTH_PROTECTED: false | |
| caching-service: | |
| image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
| discoverable-client: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| discoverable-client-2: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_HOSTNAME: discoverable-client-2 | |
| mock-services: | |
| image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
| discovery-service: | |
| image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| env: | |
| APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service:10011/eureka,https://discovery-service-2:10011/eureka | |
| discovery-service-2: | |
| image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| env: | |
| APIML_SERVICE_HOSTNAME: discovery-service-2 | |
| APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service-2:10011/eureka,https://discovery-service:10011/eureka | |
| zaas-service: | |
| image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_HOSTNAME: zaas-service | |
| zaas-service-2: | |
| image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_HOSTNAME: zaas-service-2 | |
| gateway-service: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
| gateway-service-2: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_HOSTNAME: gateway-service-2 | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka/,https://discovery-service-2:10011/eureka/ | |
| logbackService: ZWEAGW2 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Run Startup Check | |
| if: always() | |
| timeout-minutes: 4 | |
| run: > | |
| ./gradlew runStartUpCheck --info -Denvironment.config=-ha -Ddiscoverableclient.instances=2 | |
| -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD | |
| env: | |
| ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Run Normal HA Tests | |
| if: ${{ 'normal' == matrix.type }} | |
| run: > | |
| ./gradlew runHATests --info -Denvironment.config=-ha | |
| -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD | |
| env: | |
| ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Run Discovery Service Chaotic HA Tests | |
| if: ${{ 'discovery-chaotic' == matrix.type }} | |
| run: > | |
| ./gradlew :integration-tests:runChaoticHATests --tests org.zowe.apiml.integration.ha.DiscoveryChaoticTest | |
| --info -Denvironment.config=-ha -Ddiscoverableclient.instances=1 | |
| -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD | |
| env: | |
| ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Run Gateway Service Chaotic HA Tests | |
| if: ${{ 'gateway-chaotic' == matrix.type }} | |
| run: > | |
| ./gradlew :integration-tests:runChaoticHATests --tests org.zowe.apiml.integration.ha.GatewayChaoticTest | |
| --info -Denvironment.config=-ha | |
| -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD | |
| env: | |
| ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Run Discoverable Client Chaotic HA Tests | |
| if: ${{ 'discoverableclient-chaotic' == matrix.type }} | |
| run: > | |
| ./gradlew :integration-tests:runChaoticHATests --tests org.zowe.apiml.integration.ha.SouthboundServiceChaoticTest | |
| --info -Denvironment.config=-ha | |
| -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD | |
| env: | |
| ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Run WebSocket Chaotic HA Tests | |
| if: ${{ 'websocket-chaotic' == matrix.type }} | |
| run: > | |
| ./gradlew :integration-tests:runChaoticHATests --tests org.zowe.apiml.integration.ha.WebSocketChaoticTest | |
| --info -Denvironment.config=-ha | |
| -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD | |
| env: | |
| ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Correct Permisions | |
| run: | | |
| chmod 755 -R .gradle | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: CITestsHA-${{ env.JOB_ID }}-${{ matrix.type }} | |
| path: | | |
| integration-tests/build/reports/** | |
| - uses: ./.github/actions/teardown | |
| CITestsWithInfinispan: | |
| needs: PublishJibContainers | |
| runs-on: ubuntu-latest | |
| container: ubuntu:latest | |
| timeout-minutes: 15 | |
| services: | |
| api-catalog-services: | |
| image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| caching-service: | |
| image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| ZWE_CACHING_SERVICE_PERSISTENT: 'infinispan' | |
| JGROUPS_BIND_PORT: "7600" | |
| SERVER_SSL_KEYSTORETYPE: "PKCS12" | |
| CACHING_STORAGE_INFINISPAN_PERSISTENCE_DATALOCATION: "data_replica" | |
| CACHING_STORAGE_INFINISPAN_INITIALHOSTS: "caching-service-2[7600]" | |
| CACHING_STORAGE_MODE: "infinispan" | |
| APIML_SERVICE_PORT: "10022" | |
| JGROUPS_BIND_ADDRESS: "caching-service" | |
| caching-service-2: | |
| image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| ZWE_CACHING_SERVICE_PERSISTENT: 'infinispan' | |
| JGROUPS_BIND_PORT: "7600" | |
| SERVER_SSL_KEYSTORETYPE: "PKCS12" | |
| CACHING_STORAGE_INFINISPAN_PERSISTENCE_DATALOCATION: "data" | |
| CACHING_STORAGE_INFINISPAN_INITIALHOSTS: "caching-service[7600]" | |
| CACHING_STORAGE_MODE: "infinispan" | |
| JGROUPS_BIND_ADDRESS: "caching-service-2" | |
| APIML_SERVICE_HOSTNAME: "caching-service-2" | |
| discoverable-client: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| discovery-service: | |
| image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| gateway-service: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| zaas-service: | |
| image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SECURITY_X509_ENABLED: true | |
| APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
| APIML_SECURITY_X509_CERTIFICATESURL: https://gateway-service:10010/gateway/certificates | |
| mock-services: | |
| image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Build with Gradle | |
| run: > | |
| ./gradlew :integration-tests:runInfinispanServiceTests --info -Denvironment.config=-docker | |
| -Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - uses: ./.github/actions/dump-jacoco | |
| if: always() | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: CITestsWithInfinispan-${{ env.JOB_ID }} | |
| path: | | |
| integration-tests/build/reports/** | |
| results/** | |
| - uses: ./.github/actions/teardown | |
| CITestsModulithWithInfinispan: | |
| needs: PublishJibContainers | |
| runs-on: ubuntu-latest | |
| container: ubuntu:latest | |
| timeout-minutes: 15 | |
| services: | |
| apiml: | |
| image: ghcr.io/balhar-jakub/apiml:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SECURITY_X509_ENABLED: true | |
| APIML_SECURITY_SSL_NONSTRICTVERIFYSSLCERTIFICATESOFSERVICES: true | |
| ZWE_CACHING_SERVICE_PERSISTENT: 'infinispan' | |
| JGROUPS_BIND_PORT: "7600" | |
| SERVER_SSL_KEYSTORETYPE: "PKCS12" | |
| CACHING_STORAGE_INFINISPAN_PERSISTENCE_DATALOCATION: "data_replica" | |
| CACHING_STORAGE_INFINISPAN_INITIALHOSTS: "apiml-2[7600]" | |
| CACHING_STORAGE_MODE: "infinispan" | |
| JGROUPS_BIND_ADDRESS: "apiml" | |
| apiml-2: | |
| image: ghcr.io/balhar-jakub/apiml:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SECURITY_X509_ENABLED: true | |
| APIML_GATEWAY_SERVICESTOLIMITREQUESTRATE: discoverableclient | |
| APIML_SECURITY_SSL_NONSTRICTVERIFYSSLCERTIFICATESOFSERVICES: true | |
| ZWE_CACHING_SERVICE_PERSISTENT: 'infinispan' | |
| JGROUPS_BIND_PORT: "7600" | |
| SERVER_SSL_KEYSTORETYPE: "PKCS12" | |
| CACHING_STORAGE_INFINISPAN_PERSISTENCE_DATALOCATION: "data" | |
| CACHING_STORAGE_INFINISPAN_INITIALHOSTS: "apiml[7600]" | |
| CACHING_STORAGE_MODE: "infinispan" | |
| JGROUPS_BIND_ADDRESS: "apiml-2" | |
| APIML_SERVICE_HOSTNAME: "apiml-2" | |
| api-catalog-services: | |
| image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| env: | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://apiml:10011/eureka/ | |
| discoverable-client: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| mock-services: | |
| image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Build with Gradle | |
| run: > | |
| ENV_CONFIG=docker-modulith ./gradlew :integration-tests:runModulithInfinispanServiceTests --info | |
| -Ddiscoverableclient.instances=1 -Denvironment.config=-docker-modulith -Denvironment.modulith=true | |
| -Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - uses: ./.github/actions/dump-jacoco | |
| if: always() | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: CITestsModulithWithInfinispan-${{ env.JOB_ID }} | |
| path: | | |
| integration-tests/build/reports/** | |
| results/** | |
| - uses: ./.github/actions/teardown | |
| E2EUITests: | |
| needs: PublishJibContainers | |
| runs-on: ubuntu-latest | |
| container: cypress/browsers:node-20.11.0-chrome-121.0.6167.85-1-ff-120.0-edge-121.0.2277.83-1 | |
| timeout-minutes: 30 | |
| services: | |
| api-catalog-services: | |
| image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| discoverable-client: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| discovery-service: | |
| image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| gateway-service: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OKTA_CLIENTID: ${{ secrets.OKTA_CLIENT_ID }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OKTA_CLIENTSECRET: ${{ secrets.OKTA_CLIENT_PASSWORD }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_ISSUER: ${{ secrets.OKTA_ISSUER }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_AUTHORIZATIONURI: ${{ secrets.OKTA_AUTH_URI }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_TOKENURI: ${{ secrets.OKTA_TOKEN_URI }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_USERINFOURI: ${{ secrets.OKTA_USER_INFO_URI }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_USERNAMEATTRIBUTE: sub | |
| SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_JWKSETURI: ${{ secrets.OKTA_JWKSET_URI }} | |
| APIML_SECURITY_OIDC_COOKIE_SAMESITE: None | |
| APIML_HEALTH_PROTECTED: false | |
| zaas-service: | |
| image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_HEALTH_PROTECTED: false | |
| caching-service: | |
| image: ghcr.io/balhar-jakub/caching-service:${{ github.run_id }}-${{ github.run_number }} | |
| mock-services: | |
| image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
| discovery-service-2: | |
| image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| env: | |
| APIML_SERVICE_HOSTNAME: discovery-service-2 | |
| APIML_DISCOVERY_ALLPEERSURLS: https://discovery-service-2:10011/eureka | |
| gateway-service-2: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_APIMLID: apiml2 | |
| APIML_SERVICE_HOSTNAME: gateway-service-2 | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service-2:10011/eureka/ | |
| APIML_HEALTH_PROTECTED: false | |
| ZWE_CONFIGS_APIML_SERVICE_ADDITIONALREGISTRATION_0_DISCOVERYSERVICEURLS: https://discovery-service:10011/eureka | |
| ZWE_CONFIGS_APIML_SERVICE_ADDITIONALREGISTRATION_0_ROUTES_0_GATEWAYURL: / | |
| ZWE_CONFIGS_APIML_SERVICE_ADDITIONALREGISTRATION_0_ROUTES_0_SERVICEURL: / | |
| logbackService: ZWEAGW2 | |
| zaas-service-2: | |
| image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SECURITY_X509_ENABLED: true | |
| APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
| APIML_SECURITY_X509_CERTIFICATESURL: https://gateway-service-2:10010/gateway/certificates | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://discovery-service-2:10011/eureka/ | |
| APIML_HEALTH_PROTECTED: false | |
| APIML_SERVICE_HOSTNAME: zaas-service-2 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Install npm dependencies API Catalog | |
| uses: bahmutov/npm-install@v1 | |
| with: | |
| install-command: npm ci --legacy-peer-deps | |
| working-directory: api-catalog-ui/frontend | |
| - name: Cache NPM and Cypress 📦 | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.cache/Cypress | |
| api-catalog-ui/frontend/node_modules | |
| key: my-cache-${{ runner.os }}-${{ hashFiles('api-catalog-ui/frontend/*.json') }} | |
| - name: Run startup check | |
| timeout-minutes: 4 | |
| run: > | |
| ./gradlew runStartUpCheck --info --scan -Denvironment.config=-ha -Ddiscoverableclient.instances=1 -Dgateway.instances=1 | |
| - name: Show status when APIML is not ready yet | |
| if: failure() | |
| shell: bash | |
| run: | | |
| apt update | |
| apt install -y apt-transport-https ca-certificates curl software-properties-common | |
| curl -k -s https://gateway-service:10010/application/health | |
| curl -k -s https://gateway-service-2:10010/application/health | |
| - name: Cypress run API Catalog | |
| run: | | |
| cd api-catalog-ui/frontend | |
| export CYPRESS_OKTA_USERNAME=${{ secrets.OKTA_WINNIE_USER }} | |
| export CYPRESS_OKTA_PASSWORD=${{ secrets.OKTA_WINNIE_PASS }} | |
| npm run cy:e2e:ci | |
| - name: Dump CGW jacoco data | |
| run: > | |
| java -jar ./scripts/jacococli.jar dump --address gateway-service --port 6300 --destfile ./results/gateway-service.exec | |
| - name: Correct Permisions | |
| run: | | |
| chmod 755 -R .gradle | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: E2EUITests-${{ env.JOB_ID }} | |
| path: | | |
| results/** | |
| - name: Upload screenshots API Catalog | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: cypress-snapshots | |
| path: api-catalog-ui/frontend/cypress/screenshots | |
| - uses: ./.github/actions/teardown | |
| E2EUITestsModulith: | |
| # This stage needs to use modulith with gateway-service hostname due to the current OIDC provider setup | |
| # Where only gateway-service is an allowed hostname for redirects | |
| needs: PublishJibContainers | |
| runs-on: ubuntu-latest | |
| container: cypress/browsers:node-20.11.0-chrome-121.0.6167.85-1-ff-120.0-edge-121.0.2277.83-1 | |
| timeout-minutes: 30 | |
| services: | |
| discoverable-client: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://gateway-service:10011/eureka | |
| mock-services: | |
| image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
| env: | |
| APIML_SERVICE_DISCOVERYSERVICEURLS: https://gateway-service:10011/eureka | |
| gateway-service: # To avoid updating Oauth provider admin settings | |
| image: ghcr.io/balhar-jakub/apiml:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| env: | |
| APIML_DISCOVERY_ALLPEERSURLS: https://gateway-service:10011/eureka | |
| APIML_SERVICE_HOSTNAME: gateway-service | |
| SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OKTA_CLIENTID: ${{ secrets.OKTA_CLIENT_ID }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OKTA_CLIENTSECRET: ${{ secrets.OKTA_CLIENT_PASSWORD }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_ISSUER: ${{ secrets.OKTA_ISSUER }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_AUTHORIZATIONURI: ${{ secrets.OKTA_AUTH_URI }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_TOKENURI: ${{ secrets.OKTA_TOKEN_URI }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_USERINFOURI: ${{ secrets.OKTA_USER_INFO_URI }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_USERNAMEATTRIBUTE: sub | |
| SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_JWKSETURI: ${{ secrets.OKTA_JWKSET_URI }} | |
| APIML_SECURITY_OIDC_COOKIE_SAMESITE: None | |
| APIML_HEALTH_PROTECTED: false | |
| logbackService: ZWEAGW1 | |
| APIML_SERVICE_GATEWAYHOSTNAME: https://apiml:10010 | |
| gateway-service-2: | |
| image: ghcr.io/balhar-jakub/apiml:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| env: | |
| APIML_DISCOVERY_ALLPEERSURLS: https://gateway-service-2:10011/eureka | |
| APIML_SERVICE_HOSTNAME: gateway-service-2 | |
| APIML_SERVICE_APIMLID: apiml2 | |
| APIML_HEALTH_PROTECTED: false | |
| ZWE_CONFIGS_APIML_SERVICE_ADDITIONALREGISTRATION_0_DISCOVERYSERVICEURLS: https://gateway-service:10011/eureka | |
| ZWE_CONFIGS_APIML_SERVICE_ADDITIONALREGISTRATION_0_ROUTES_0_GATEWAYURL: / | |
| ZWE_CONFIGS_APIML_SERVICE_ADDITIONALREGISTRATION_0_ROUTES_0_SERVICEURL: / | |
| logbackService: ZWEAGW2 | |
| APIML_SECURITY_X509_ENABLED: true | |
| APIML_SECURITY_X509_ACCEPTFORWARDEDCERT: true | |
| APIML_SECURITY_X509_CERTIFICATESURL: https://gateway-service-2:10010/gateway/certificates | |
| APIML_SERVICE_GATEWAYHOSTNAME: https://apiml:10010 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Install npm dependencies API Catalog | |
| uses: bahmutov/npm-install@v1 | |
| with: | |
| install-command: npm ci --legacy-peer-deps | |
| working-directory: api-catalog-ui/frontend | |
| - name: Cache NPM and Cypress 📦 | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.cache/Cypress | |
| api-catalog-ui/frontend/node_modules | |
| key: my-cache-${{ runner.os }}-${{ hashFiles('api-catalog-ui/frontend/*.json') }} | |
| - name: Run startup check | |
| timeout-minutes: 4 | |
| run: > | |
| ./gradlew runStartUpCheck --info --scan -Denvironment.config=-docker-modulith-ha -Ddiscoverableclient.instances=1 -Denvironment.modulith=true -Denvironment.gwCount=1 | |
| -Dgateway.host=gateway-service,gateway-service-2 -Ddiscovery.host=gateway-service -Ddiscovery.additionalHost=gateway-service-2 | |
| - name: Show status when APIML is not ready yet | |
| if: failure() | |
| shell: bash | |
| run: | | |
| apt update | |
| apt install -y apt-transport-https ca-certificates curl software-properties-common | |
| curl -k -s https://gateway-service:10010/application/health | |
| curl -k -s https://gateway-service-2:10010/application/health | |
| - name: Cypress run API Catalog | |
| run: | | |
| cd api-catalog-ui/frontend | |
| export CYPRESS_OKTA_USERNAME=${{ secrets.OKTA_WINNIE_USER }} | |
| export CYPRESS_OKTA_PASSWORD=${{ secrets.OKTA_WINNIE_PASS }} | |
| npm run cy:e2e:ci:modulith | |
| - name: Dump CGW jacoco data | |
| run: > | |
| java -jar ./scripts/jacococli.jar dump --address gateway-service --port 6310 --destfile ./results/gateway-service.exec | |
| - name: Correct Permisions | |
| run: | | |
| chmod 755 -R .gradle | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: E2EUITestsModulith-${{ env.JOB_ID }} | |
| path: | | |
| results/** | |
| - name: Upload screenshots API Catalog | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: cypress-snapshots-modulith | |
| path: api-catalog-ui/frontend/cypress/screenshots | |
| - uses: ./.github/actions/teardown | |
| CITestsServicePrefixReplacer: | |
| needs: PublishJibContainers | |
| container: ubuntu:latest | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| services: | |
| api-catalog-services: | |
| image: ghcr.io/balhar-jakub/api-catalog-services:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| discoverable-client: | |
| image: ghcr.io/balhar-jakub/discoverable-client:${{ github.run_id }}-${{ github.run_number }} | |
| discovery-service: | |
| image: ghcr.io/balhar-jakub/discovery-service:${{ github.run_id }}-${{ github.run_number }} | |
| volumes: | |
| - /api-defs:/api-defs | |
| env: | |
| APIML_DISCOVERY_SERVICEIDPREFIXREPLACER: "discoverable*,sample" | |
| gateway-service: | |
| image: ghcr.io/balhar-jakub/gateway-service:${{ github.run_id }}-${{ github.run_number }} | |
| zaas-service: | |
| image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }} | |
| mock-services: | |
| image: ghcr.io/balhar-jakub/mock-services:${{ github.run_id }}-${{ github.run_number }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - name: Run Service ID Prefix Replacer Tests | |
| run: > | |
| ./gradlew :integration-tests:runIdPrefixReplacerTests --info -Denvironment.config=-docker | |
| -Partifactory_user=${{ secrets.ARTIFACTORY_USERNAME }} -Partifactory_password=${{ secrets.ARTIFACTORY_PASSWORD }} | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: CITestsServicePrefixReplacer-${{ env.JOB_ID }} | |
| path: | | |
| integration-tests/build/reports/** | |
| results/** | |
| - uses: ./.github/actions/teardown | |
| PublishResults: | |
| needs: [ | |
| CITests,CITestsWithInfinispan,CITestsZaas,GatewayProxy,CITestsHA, | |
| CITestsModulith,CITestsModulithHA | |
| ] | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 20 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{ github.head_ref }} | |
| - uses: ./.github/actions/setup | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: ContainerCITests-${{ env.JOB_ID }} | |
| path: containercitests | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: ContainerCITestsModulith-${{ env.JOB_ID }} | |
| path: containercitestsmodulith | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: CITestsWithInfinispan-${{ env.JOB_ID }} | |
| path: citestswithinfinispan | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: GatewayProxy-${{ env.JOB_ID }} | |
| path: GatewayProxy | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: ContainerCITestsZaas-${{ env.JOB_ID }} | |
| path: ContainerCITestsZaas | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: CITestsHA-${{ env.JOB_ID }}-websocket-chaotic | |
| path: citestschaoticha | |
| - name: Code coverage and publish results | |
| run: > | |
| ./gradlew --scan coverage sonar -Dresults="containercitests/results,containercitestsmodulith/results,citestswithinfinispan/results,GatewayProxy/results,citestschaoticha/results,ContainerCITestsZaas/results" | |
| -Psonar.host.url=$SONAR_HOST_URL -Dsonar.token=$SONAR_TOKEN -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD | |
| env: | |
| ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
| SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Store results | |
| uses: actions/upload-artifact@v4 | |
| if: failure() | |
| with: | |
| name: SonarResults-${{ env.JOB_ID }} | |
| path: | | |
| build/reports/problems/problems-report.html | |
| results/** | |
| apiml/build/reports/tests/** | |
| - uses: ./.github/actions/teardown |