From 183fc89391f4e3439593c5ade9f68a81f6529c90 Mon Sep 17 00:00:00 2001 From: Mirza Karacic Date: Wed, 11 Dec 2024 14:37:58 -0800 Subject: [PATCH] Integration fixes --- .github/actions/build-and-test/action.yaml | 4 +- .../actions/fast-forward-merge/action.yaml | 36 --------------- .github/actions/publish-to-jfrog/action.yaml | 41 +++++++++++++---- .github/workflows/build.yaml | 16 ++++++- .github/workflows/promote-prod.yaml | 5 +- .github/workflows/promote-to-stage.yaml | 17 +++++-- .github/workflows/promote.yaml | 46 +++++++++++++------ client/pom.xml | 2 +- .../{bouncy_pom.xml => bouncycastle_pom.xml} | 2 +- client/src/resources/gnu_pom.xml | 2 +- 10 files changed, 102 insertions(+), 69 deletions(-) delete mode 100644 .github/actions/fast-forward-merge/action.yaml rename client/src/resources/{bouncy_pom.xml => bouncycastle_pom.xml} (98%) diff --git a/.github/actions/build-and-test/action.yaml b/.github/actions/build-and-test/action.yaml index f9ab2d19b..27920a827 100644 --- a/.github/actions/build-and-test/action.yaml +++ b/.github/actions/build-and-test/action.yaml @@ -31,11 +31,11 @@ runs: - name: Stage crypto shell: bash run: | - ./set_cypto ${{ inputs.crypto-type }} + ./set_crypto ${{ inputs.crypto-type }} - name: Build shell: bash - run: mvn clean install -P ${{ inputs.crypto-type }} + run: mvn clean install - name: Run EE server if: ${{ inputs.run-tests == 'true' }} diff --git a/.github/actions/fast-forward-merge/action.yaml b/.github/actions/fast-forward-merge/action.yaml deleted file mode 100644 index d917069b5..000000000 --- a/.github/actions/fast-forward-merge/action.yaml +++ /dev/null @@ -1,36 +0,0 @@ -name: "Fast forward merge" -description: Fast forward target branch to given commit hash - -inputs: - ref_to_merge: - description: Branch to merge into base - required: true - base_branch: - description: Base branch - required: true - git-bot-token: - description: Git bot token - required: true - -runs: - using: composite - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - # Fetch the whole history to prevent unrelated history errors - fetch-depth: "0" - ref: ${{ inputs.base_branch }} - token: ${{ inputs.git-bot-token }} - - - name: Debug stuff - shell: bash - run: | - git remote -vvv - - name: Fast forward - shell: bash - run: git merge --ff-only ${{ inputs.ref_to_merge }} - - - name: Upload changes to remote head branch - shell: bash - run: git push diff --git a/.github/actions/publish-to-jfrog/action.yaml b/.github/actions/publish-to-jfrog/action.yaml index 68f8a7654..e97b26cbe 100644 --- a/.github/actions/publish-to-jfrog/action.yaml +++ b/.github/actions/publish-to-jfrog/action.yaml @@ -13,19 +13,20 @@ inputs: jfrog-platform-url: description: "" required: false - default: https://aerospike.jfrog.io/ + default: https://aerospike.jfrog.io oidc-provider: description: "" - required: false - default: gh-aerospike-clients + required: true oidc-audience: description: "" - required: false - default: aerospike/clients + required: true crypto-type: description: "" required: false default: gnu + artifact-name: + description: "" + required: true runs: using: "composite" @@ -38,15 +39,39 @@ runs: oidc-provider-name: ${{ inputs.oidc-provider }} oidc-audience: ${{ inputs.oidc-audience }} + - name: Debug + shell: bash + run: | + echo "${{ inputs.crypto-type }}" && \ + ls -la + - name: Set crypto dependency shell: bash run: | ./set_crypto ${{ inputs.crypto-type }} - - name: Deploy release + - name: Debug + shell: bash + run: | + echo "${{ inputs.crypto-type }}" && \ + ls -la + + - uses: s4u/maven-settings-action@v3.1.0 + with: + servers: '[{"id": "jfrog", "username": "${{ steps.setup-jfrog-cli.outputs.oidc-user }}", "password": "${{ steps.setup-jfrog-cli.outputs.oidc-token }}"}]' + + - name: Deploy client release shell: bash working-directory: client run: | - jf mvn-config --repo-deploy-releases=${{ inputs.jfrog-releases-repo-name }} --repo-deploy-snapshots=${{ inputs.jfrog-snapshots-repo-name }} - jf mvn source:jar javadoc:jar deploy -Dusername=${{ steps.setup-jfrog-cli.outputs.oidc-user }} ${{ steps.setup-jfrog-cli.outputs.oidc-token }} + jf mvn-config --repo-deploy-releases=${{ inputs.jfrog-releases-repo-name }} --repo-deploy-snapshots=${{ inputs.jfrog-snapshots-repo-name }} && \ + jf mvn source:jar javadoc:jar deploy:deploy-file -DpomFile=src/resources/${{ inputs.crypto-type }}_pom.xml \ + -Dfile=target/${{ inputs.artifact-name }}.jar \ + -Dfiles=target/${{ inputs.artifact-name }}-jar-with-dependencies.jar,target/${{ inputs.artifact-name }}-javadoc.jar,target/${{ inputs.artifact-name }}-sources.jar \ + -Dclassifiers=jar-with-dependencies,javadoc,sources \ + -Dtypes=jar,jar,jar \ + -DrepositoryId=jfrog \ + -Durl=${{ inputs.jfrog-platform-url }}/artifactory/${{ inputs.jfrog-releases-repo-name }} && \ + jf rt bce && \ + jf rt bag && \ jf rt bp diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index f422b6b87..b3f8fc808 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -1,4 +1,5 @@ name: Build artifacts +run-name: Build artifact for ${{ inputs.crypto-type }} ${{ inputs.java-version }} permissions: # This is required for requesting the OIDC token @@ -41,12 +42,16 @@ on: required: true GPG_PASS: required: true + JFROG_OIDC_PROVIDER: + required: true + JFROG_OIDC_AUDIENCE: + required: true jobs: build: runs-on: ubuntu-latest steps: - - name: Checkout client + - name: Checkout code uses: actions/checkout@v4 with: ref: ${{ inputs.branch }} @@ -66,8 +71,17 @@ jobs: server-tag: ${{ inputs.server-tag }} use-server-rc: ${{ inputs.use-server-rc }} + - name: Get artifact name + id: get-artifact-name + working-directory: client + run: | + echo artifact-name=$(mvn help:evaluate -Dexpression=project.build.finalName -q -DforceStdout) >> $GITHUB_OUTPUT + - name: Publish to JFrog if: ${{ !cancelled() && inputs.upload-artifacts == true }} uses: ./.github/actions/publish-to-jfrog with: crypto-type: ${{ inputs.crypto-type }} + oidc-provider: ${{ secrets.JFROG_OIDC_PROVIDER }} + oidc-audience: ${{ secrets.JFROG_OIDC_AUDIENCE }} + artifact-name: ${{ steps.get-artifact-name.outputs.artifact-name }} diff --git a/.github/workflows/promote-prod.yaml b/.github/workflows/promote-prod.yaml index 63f03a009..c724cf4aa 100644 --- a/.github/workflows/promote-prod.yaml +++ b/.github/workflows/promote-prod.yaml @@ -16,6 +16,7 @@ jobs: name: Promot from stage to prod uses: ./.github/workflows/promote.yaml with: - build-number: ${{ inputs.build-number }} - target-repository: client-maven-stage-local + build-number: ${{ inputs.build-number }} + target-repository: clients-maven-stage-local target-branch: dev-stage + secrets: inherit diff --git a/.github/workflows/promote-to-stage.yaml b/.github/workflows/promote-to-stage.yaml index fe52abdf9..6e01bd65a 100644 --- a/.github/workflows/promote-to-stage.yaml +++ b/.github/workflows/promote-to-stage.yaml @@ -20,14 +20,25 @@ jobs: env: JF_URL: ${{ vars.JFROG_PLATFORM_URL }} with: - oidc-provider-name: ${{ inputs.oidc-provider }} - oidc-audience: ${{ inputs.oidc-audience }} + oidc-provider-name: ${{ secrets.JFROG_OIDC_PROVIDER }} + oidc-audience: ${{ secrets.JFROG_OIDC_AUDIENCE }} - name: Get info id: get-build-info run: | echo build-info=$(jf rt curl /api/build/clients-java-push-to-dev/${{ inputs.build-number }}) >> $GITHUB_OUTPUT + - name: Get commit hash from repo + id: get-commit-hash + run: | + echo commit-hash=$(echo '${{ steps.get-build-info.outputs.build-info }}' | jq -r '.buildInfo.vcs[].revision') >> $GITHUB_OUTPUT + + - name: Get build name + id: get-build-name + run: | + echo build-name=$(echo '${{ steps.get-build-info.outputs.build-info }}' | jq -r '.buildInfo.name') >> $GITHUB_OUTPUT + - name: Debug run: | - echo ${{ steps.get-build-info.outputs.build-info }} + echo "commit-hash: '${{ steps.get-commit-hash.outputs.commit-hash }}'" + echo "build-name: '${{ steps.get-build-name.outputs.build-name }}'" diff --git a/.github/workflows/promote.yaml b/.github/workflows/promote.yaml index 302218397..a8d203b2e 100644 --- a/.github/workflows/promote.yaml +++ b/.github/workflows/promote.yaml @@ -4,7 +4,7 @@ on: workflow_call: inputs: build-number: - type: number + type: string description: Build number used to build artifact to be promoted target-repository: type: string @@ -25,8 +25,8 @@ jobs: env: JF_URL: ${{ vars.JFROG_PLATFORM_URL }} with: - oidc-provider-name: ${{ inputs.oidc-provider }} - oidc-audience: ${{ inputs.oidc-audience }} + oidc-provider-name: ${{ secrets.JFROG_OIDC_PROVIDER }} + oidc-audience: ${{ secrets.JFROG_OIDC_AUDIENCE }} - name: Get info id: get-build-info @@ -36,25 +36,43 @@ jobs: - name: Get commit hash from repo id: get-commit-hash run: | - echo commit-hash=$(steps.get-build-info.outputs.build-info | jq -r '.vcs[].revision') >> $GITHUB_OUTPUT + echo commit-hash=$(echo '${{ steps.get-build-info.outputs.build-info }}' | jq -r '.buildInfo.vcs[].revision') >> $GITHUB_OUTPUT - - name: Get commit hash from repo + - name: Get build name id: get-build-name run: | - echo build-name=$(steps.get-build-info.outputs.build-info | jq -r '.name') >> $GITHUB_OUTPUT + echo build-name=$(echo '${{ steps.get-build-info.outputs.build-info }}' | jq -r '.buildInfo.name') >> $GITHUB_OUTPUT - name: Debug run: | - echo ${{ steps.get-build-info.outputs.build-info }} - echo ${{ steps.get-build-info.outputs.build-name }} + echo "commit-hash: '${{ steps.get-commit-hash.outputs.commit-hash }}'" + echo "build-name: '${{ steps.get-build-name.outputs.build-name }}'" + + # Needed since we are using actions which are part of the repository + - name: Checkout + uses: actions/checkout@v4 + with: + # Fetch the whole history to prevent unrelated history errors + fetch-depth: "0" + ref: ${{ inputs.target-branch }} + token: ${{ secrets.CLIENT_BOT_PAT }} + + - name: Fast forward + shell: bash + run: git merge --ff-only ${{ inputs.ref-to-merge }} - - name: Merge commit hash from source to target branch - uses: ./github/actions/fast-forward-merge + - name: Add tagging message + uses: stefanzweifel/git-auto-commit-action@v4 with: - ref-to-merge: ${{ steps.get-build-info.outputs.build-info }} - base-branch: ${{ inputs.target-branch }} - git-bot-token: ${{ secrets.CLIENT_BOT_PAT }} + commit_message: "Promote to prod [skip ci]" + commit_author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> + tagging_message: Promote to PROD + branch: ${{ inputs.target-branch }} + + - name: Upload changes to remote head branch + shell: bash + run: git push - name: Promote build run: | - jf rt build-promote ${{ steps.get-build-info.outputs.build-name }} ${{ inputs.build-number }} ${{ inputs.target-repository }} + jf rt build-promote ${{ steps.get-build-name.outputs.build-name }} ${{ inputs.build-number }} ${{ inputs.target-repository }} diff --git a/client/pom.xml b/client/pom.xml index baa6963c9..8bc96ad6b 100644 --- a/client/pom.xml +++ b/client/pom.xml @@ -116,7 +116,7 @@ install-file - ${project.basedir}/src/resources/bouncy_pom.xml + ${project.basedir}/src/resources/bouncycastle_pom.xml target/${project.build.finalName}.jar com.aerospike aerospike-client${crypto.type}-jdk21 diff --git a/client/src/resources/bouncy_pom.xml b/client/src/resources/bouncycastle_pom.xml similarity index 98% rename from client/src/resources/bouncy_pom.xml rename to client/src/resources/bouncycastle_pom.xml index c32d7bea6..1fc1c059c 100644 --- a/client/src/resources/bouncy_pom.xml +++ b/client/src/resources/bouncycastle_pom.xml @@ -2,7 +2,7 @@ 4.0.0 com.aerospike aerospike-client-bc-jdk21 - 9.0.1 + 9.0.2 jar Aerospike Java Client BC Aerospike Java client interface to Aerospike database server. Uses Bouncy Castle crypto library for RIPEMD-160 hashing. diff --git a/client/src/resources/gnu_pom.xml b/client/src/resources/gnu_pom.xml index 3682ae49a..5005254e9 100644 --- a/client/src/resources/gnu_pom.xml +++ b/client/src/resources/gnu_pom.xml @@ -2,7 +2,7 @@ 4.0.0 com.aerospike aerospike-client-jdk21 - 9.0.1 + 9.0.2 jar Aerospike Java Client Aerospike Java client interface to Aerospike database server