-
Notifications
You must be signed in to change notification settings - Fork 5
364 lines (356 loc) · 22.1 KB
/
integration-test.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
# Copyright (c) Microsoft Corporation.
# Copyright (c) IBM Corporation.
name: integration-test
on:
workflow_dispatch:
inputs:
databaseType:
description: 'Database connection'
required: true
default: 'db2'
type: choice
options:
- db2
- oracle
- sqlserver
- postgres
- none
deleteAzureResources:
description: 'Delete Azure resources at the end'
required: true
type: boolean
default: true
imageResourceId:
description: 'Private vm image resource id. Only requried for VM image cicd, ignore it otherwise.'
required: false
# Allows you to run this workflow using GitHub APIs
# PERSONAL_ACCESS_TOKEN=<GITHUB_PERSONAL_ACCESS_TOKEN>
# REPO_NAME=WASdev/azure.websphere-traditional.singleserver
# Enable database connection and delete Azure resources at the end. Specify the desired database type (db2, oracle, sqlserver, postgres) for parameter "databaseType".
# curl --verbose -XPOST -u "WASdev:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/actions/workflows/integration-test.yaml/dispatches --data '{"ref": "main", "inputs":{"databaseType": "db2"}}'
# Enable database connection and keep Azure resources at the end. Specify the desired database type (db2, oracle, sqlserver, postgres) for parameter "databaseType".
# curl --verbose -XPOST -u "WASdev:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/actions/workflows/integration-test.yaml/dispatches --data '{"ref": "main", "inputs":{"databaseType": "db2", "deleteAzureResources": "false"}}'
# Disable database connection and delete Azure resources at the end
# curl --verbose -XPOST -u "WASdev:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/actions/workflows/integration-test.yaml/dispatches --data '{"ref": "main", "inputs":{"databaseType": "none"}}'
# Disable database connection and keep Azure resources at the end
# curl --verbose -XPOST -u "WASdev:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/actions/workflows/integration-test.yaml/dispatches --data '{"ref": "main", "inputs":{"databaseType": "none", "deleteAzureResources": "false"}}'
repository_dispatch:
types: [integration-test]
# sample request
# PERSONAL_ACCESS_TOKEN=<GITHUB_PERSONAL_ACCESS_TOKEN>
# REPO_NAME=WASdev/azure.websphere-traditional.singleserver
# Enable database connection and delete Azure resources at the end. Specify the desired database type (db2, oracle, sqlserver, postgres) for parameter "databaseType".
# curl --verbose -X POST https://api.github.com/repos/${REPO_NAME}/dispatches -H "Accept: application/vnd.github.everest-preview+json" -H "Authorization: token ${PERSONAL_ACCESS_TOKEN}" --data '{"event_type": "integration-test", "client_payload": {"databaseType": "db2", "deleteAzureResources": true}}'
# Enable database connection and keep Azure resources at the end. Specify the desired database type (db2, oracle, sqlserver, postgres) for parameter "databaseType".
# curl --verbose -X POST https://api.github.com/repos/${REPO_NAME}/dispatches -H "Accept: application/vnd.github.everest-preview+json" -H "Authorization: token ${PERSONAL_ACCESS_TOKEN}" --data '{"event_type": "integration-test", "client_payload": {"databaseType": "db2", "deleteAzureResources": false}}'
# Disable database connection and delete Azure resources at the end
# curl --verbose -X POST https://api.github.com/repos/${REPO_NAME}/dispatches -H "Accept: application/vnd.github.everest-preview+json" -H "Authorization: token ${PERSONAL_ACCESS_TOKEN}" --data '{"event_type": "integration-test", "client_payload": {"databaseType": "none", "deleteAzureResources": true}}'
# Disable database connection and keep Azure resources at the end
# curl --verbose -X POST https://api.github.com/repos/${REPO_NAME}/dispatches -H "Accept: application/vnd.github.everest-preview+json" -H "Authorization: token ${PERSONAL_ACCESS_TOKEN}" --data '{"event_type": "integration-test", "client_payload": {"databaseType": "none", "deleteAzureResources": false}}'
env:
repoName: "azure.websphere-traditional.singleserver"
azureCredentials: ${{ secrets.AZURE_CREDENTIALS }}
userName: ${{ secrets.USER_NAME }}
msTeamsWebhook: ${{ secrets.MSTEAMS_WEBHOOK }}
vmAdminId: ${{ secrets.VM_ADMIN_ID }}
vmAdminPassword: ${{ secrets.VM_ADMIN_PASSWORD }}
dbInstanceName: db${{ github.run_id }}${{ github.run_number }}
dbPassword: ${{ secrets.DATABASE_PASSWORD }}
testResourceGroup: twasSingleTestRG-${{ github.repository_owner }}-${{ github.run_id }}-${{ github.run_number }}
testDeploymentName: twasSingleTestDeployment-${{ github.run_id }}-${{ github.run_number }}
location: eastus
scriptLocation: https://raw.githubusercontent.com/${{ secrets.USER_NAME }}/azure.websphere-traditional.singleserver/$GITHUB_REF_NAME/test/
jobs:
integration-test:
runs-on: ubuntu-latest
steps:
- name: Get versions of external dependencies
run: |
curl -Lo external-deps-versions.properties https://raw.githubusercontent.com/Azure/azure-javaee-iaas/main/external-deps-versions.properties
source external-deps-versions.properties
echo "bicepVersion=${BICEP_VERSION}" >> $GITHUB_ENV
- name: Set up JDK 11
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: '11'
server-id: github # Value of the distributionManagement/repository/id field of the pom.xml
server-username: MAVEN_USERNAME # env variable for username
server-password: MAVEN_TOKEN # env variable for token
- name: Set Maven env
env:
MAVEN_USERNAME: github
MAVEN_TOKEN: ${{ secrets.GITHUB_TOKEN }}
shell: bash
run: |
echo "MAVEN_USERNAME=${MAVEN_USERNAME}" >> "$GITHUB_ENV"
echo "MAVEN_TOKEN=${MAVEN_TOKEN}" >> "$GITHUB_ENV"
- name: Set up bicep
run: |
curl -Lo bicep https://github.com/Azure/bicep/releases/download/${{ env.bicepVersion }}/bicep-linux-x64
chmod +x ./bicep
sudo mv ./bicep /usr/local/bin/bicep
bicep --version
- name: Checkout arm-ttk
uses: actions/checkout@v3
with:
repository: Azure/arm-ttk
path: arm-ttk
- name: Checkout ${{ env.repoName }}
uses: actions/checkout@v3
with:
path: ${{ env.repoName }}
ref: ${{ github.event.inputs.ref }}
- name: Checkout websphere-cafe
uses: actions/checkout@v3
with:
repository: Azure-Samples/websphere-cafe
path: websphere-cafe
- uses: azure/login@v1
id: azure-login
with:
creds: ${{ env.azureCredentials }}
- name: Deploy an IBM DB2 server on Azure VM
if: ${{ inputs.databaseType == 'db2' || github.event.client_payload.databaseType == 'db2' }}
run: |
az group create -n ${{ env.testResourceGroup }} -l ${{ env.location }}
az vm create \
--resource-group ${{ env.testResourceGroup }} --name ${{ env.dbInstanceName }} \
--image "Canonical:UbuntuServer:18.04-LTS:latest" \
--admin-username azureuser --generate-ssh-keys \
--nsg-rule NONE --enable-agent true \
--vnet-name ${{ env.dbInstanceName }}VNET --enable-auto-update false \
--tags SkipASMAzSecPack=true SkipNRMSCorp=true SkipNRMSDatabricks=true SkipNRMSDB=true SkipNRMSHigh=true SkipNRMSMedium=true SkipNRMSRDPSSH=true SkipNRMSSAW=true SkipNRMSMgmt=true
az vm open-port -g ${{ env.testResourceGroup }} -n ${{ env.dbInstanceName }} --port 50000 --priority 100
az vm extension set --name CustomScript \
--extension-instance-name install-db2-in-docker \
--resource-group ${{ env.testResourceGroup }} --vm-name ${{ env.dbInstanceName }} \
--publisher Microsoft.Azure.Extensions --version 2.0 \
--settings "{\"fileUris\": [\"${{ env.scriptLocation }}install-db2.sh\"]}" \
--protected-settings "{\"commandToExecute\":\"bash install-db2.sh ${{ env.dbPassword }}\"}"
- name: Deploy an Oracle database server on Azure VM
if: ${{ inputs.databaseType == 'oracle' || github.event.client_payload.databaseType == 'oracle' }}
run: |
az group create -n ${{ env.testResourceGroup }} -l ${{ env.location }}
az vm create \
--resource-group ${{ env.testResourceGroup }} --name ${{ env.dbInstanceName }} \
--image Oracle:oracle-database-19-3:oracle-database-19-0904:latest --size Standard_DS2_v2 \
--admin-username azureuser --generate-ssh-keys \
--nsg-rule NONE --enable-agent true \
--vnet-name ${{ env.dbInstanceName }}VNET --enable-auto-update false \
--tags SkipASMAzSecPack=true SkipNRMSCorp=true SkipNRMSDatabricks=true SkipNRMSDB=true SkipNRMSHigh=true SkipNRMSMedium=true SkipNRMSRDPSSH=true SkipNRMSSAW=true SkipNRMSMgmt=true
az vm disk attach --name oradata01 --new --resource-group ${{ env.testResourceGroup }} --vm-name ${{ env.dbInstanceName }} --size-gb 64 --sku StandardSSD_LRS
az vm open-port -g ${{ env.testResourceGroup }} -n ${{ env.dbInstanceName }} --port 1521,5502 --priority 100
az vm extension set --name CustomScript \
--extension-instance-name install-oracle \
--resource-group ${{ env.testResourceGroup }} --vm-name ${{ env.dbInstanceName }} \
--publisher Microsoft.Azure.Extensions --version 2.0 \
--settings "{\"fileUris\": [\"${{ env.scriptLocation }}install-oracle-main.sh\", \"${{ env.scriptLocation }}install-oracle.sh\"]}" \
--protected-settings "{\"commandToExecute\":\"bash install-oracle-main.sh ${{ env.dbPassword }}\"}"
- name: Deploy an instance of Azure SQL Database
if: ${{ inputs.databaseType == 'sqlserver' || github.event.client_payload.databaseType == 'sqlserver' }}
run: |
az group create -n ${{ env.testResourceGroup }} -l ${{ env.location }}
az sql server create \
--resource-group ${{ env.testResourceGroup }} --name ${{ env.dbInstanceName }} \
--admin-user testuser --admin-password ${{ env.dbPassword }} \
--location ${{ env.location }}
host=$(az sql server show \
--resource-group ${{ env.testResourceGroup }} --name ${{ env.dbInstanceName }} \
--query "fullyQualifiedDomainName" -o tsv)
echo "sqlserverHost=${host}" >> $GITHUB_ENV
# Allow Azure services to access
az sql server firewall-rule create \
--resource-group ${{ env.testResourceGroup }} --server ${{ env.dbInstanceName }} \
--name "AllowAllAzureIps" --start-ip-address 0.0.0.0 --end-ip-address 0.0.0.0
az sql db create --resource-group ${{ env.testResourceGroup }} --server ${{ env.dbInstanceName }} --name testdb
- name: Deploy an instance of Azure Database for PostgreSQL
if: ${{ inputs.databaseType == 'postgres' || github.event.client_payload.databaseType == 'postgres' }}
run: |
az group create -n ${{ env.testResourceGroup }} -l ${{ env.location }}
az postgres server create \
--resource-group ${{ env.testResourceGroup }} --name ${{ env.dbInstanceName }} \
--admin-user testuser --admin-password ${{ env.dbPassword }} \
--location ${{ env.location }}
host=$(az postgres server show \
--resource-group ${{ env.testResourceGroup }} --name ${{ env.dbInstanceName }} \
--query "fullyQualifiedDomainName" -o tsv)
echo "postgresqlHost=${host}" >> $GITHUB_ENV
# Allow Azure services to access
az postgres server firewall-rule create \
--resource-group ${{ env.testResourceGroup }} --server ${{ env.dbInstanceName }} \
--name "AllowAllAzureIps" --start-ip-address 0.0.0.0 --end-ip-address 0.0.0.0
az postgres db create --resource-group ${{ env.testResourceGroup }} --server ${{ env.dbInstanceName }} --name testdb
- name: Build ${{ env.repoName }}
run: |
enableDB=false
databaseType=db2
dsConnectionURL=jdbc:db2://contoso.db2.database:50000/sample
dbUser=contosoDbUser
if ${{ inputs.databaseType == 'db2' || github.event.client_payload.databaseType == 'db2' }}; then
enableDB=true
databaseType=db2
publicIp=$(az vm show -g ${{ env.testResourceGroup }} -n ${{ env.dbInstanceName }} -d --query publicIps -o tsv)
dsConnectionURL=jdbc:db2://${publicIp}:50000/sample
dbUser=db2inst1
elif ${{ inputs.databaseType == 'oracle' || github.event.client_payload.databaseType == 'oracle' }}; then
enableDB=true
databaseType=oracle
publicIp=$(az vm show -g ${{ env.testResourceGroup }} -n ${{ env.dbInstanceName }} -d --query publicIps -o tsv)
dsConnectionURL=jdbc:oracle:thin:@${publicIp}:1521/oratest1
dbUser=testuser
elif ${{ inputs.databaseType == 'sqlserver' || github.event.client_payload.databaseType == 'sqlserver' }}; then
enableDB=true
databaseType=sqlserver
dsConnectionURL="jdbc:sqlserver://${{ env.sqlserverHost }}:1433;database=testdb"
dbUser=testuser@${{ env.dbInstanceName }}
elif ${{ inputs.databaseType == 'postgres' || github.event.client_payload.databaseType == 'postgres' }}; then
enableDB=true
databaseType=postgres
dsConnectionURL="jdbc:postgresql://${{ env.postgresqlHost }}:5432/testdb"
dbUser=testuser@${{ env.dbInstanceName }}
fi
echo "enableDB=${enableDB}" >> $GITHUB_ENV
cd ${{ env.repoName }}
mvn -Dgit.repo=${{ env.userName }} -Dgit.tag=$GITHUB_REF_NAME -DuseTrial=true \
-DvmSize=Standard_D2_v3 -DdnsLabelPrefix=was \
-DadminUsername=${{ env.vmAdminId }} -DadminPasswordOrKey=${{ env.vmAdminPassword }} \
-DauthenticationType=password -DwasUsername=${{ env.vmAdminId }} -DwasPassword=${{ env.vmAdminPassword }} \
-DenableDB=${enableDB} -DdatabaseType=${databaseType} -DjdbcDataSourceJNDIName=jdbc/WebSphereCafeDB -DdsConnectionURL=${dsConnectionURL} -DdbUser=${dbUser} -DdbPassword=${{ env.dbPassword }} \
-Dtest.args="-Test All" -Pbicep -Passembly -Ptemplate-validation-tests clean install
- name: Deploy a twas-single server on Azure VM
run: |
cd ${{ env.repoName }}/target/cli
chmod a+x deploy.azcli
./deploy.azcli -n ${{ env.testDeploymentName }} -g ${{ env.testResourceGroup }} -l ${{ env.location }} -i ${{ inputs.imageResourceId }}
- name: Verify the deployment
run: |
outputs=$(az deployment group show -n ${{ env.testDeploymentName }} -g ${{ env.testResourceGroup }} --query 'properties.outputs')
adminSecuredConsole=$(echo $outputs | jq -r '.adminSecuredConsole.value')
curl $adminSecuredConsole -k
if [[ $? -ne 0 ]]; then
echo "Failed to access ${adminSecuredConsole}."
exit 1
fi
hitCountServletUrl=$(echo $outputs | jq -r '.hitCountServletUrl.value')
curl $hitCountServletUrl -k
if [[ $? -ne 0 ]]; then
echo "Failed to access ${hitCountServletUrl}."
exit 1
fi
snoopServletUrl=$(echo $outputs | jq -r '.snoopServletUrl.value')
curl $snoopServletUrl -k
if [[ $? -ne 0 ]]; then
echo "Failed to access ${snoopServletUrl}."
exit 1
fi
- name: Install and verify websphere-cafe
run: |
nsgName=$(az network nsg list -g ${testResourceGroup} --query "[?contains(name, '-nsg')].name" -o tsv)
publicIp=$(az vm list -g ${testResourceGroup} -d --query "[?contains(name, '-vm')].publicIps" -o tsv)
vmName=$(az vm list -g ${testResourceGroup} --query "[?contains(name, '-vm')].name" -o tsv)
# Open port 22 in the nsg
az network nsg rule create \
--name port-22 \
--nsg-name ${nsgName} \
--priority 100 \
--resource-group ${testResourceGroup} \
--access Allow \
--destination-address-prefixes "*" \
--destination-port-ranges 22 \
--direction Inbound \
--protocol Tcp \
--source-address-prefixes "*"
sleep 1m
# Build and package websphere-cafe
if [ ${enableDB} != true ]; then
sed -i "s/WebSphereCafeDB/built-in-derby-datasource/g" websphere-cafe/websphere-cafe-web/src/main/resources/META-INF/persistence.xml
fi
mvn clean install --file websphere-cafe/pom.xml
if [ ${enableDB} != true ]; then
sed -i "s/built-in-derby-datasource/WebSphereCafeDB/g" websphere-cafe/websphere-cafe-web/src/main/resources/META-INF/persistence.xml
fi
# Upload websphere-cafe.ear to the VM
sudo apt-get install -y sshpass
timeout 1m sh -c 'until nc -zv $0 $1; do echo "nc rc: $?"; sleep 5; done' ${publicIp} 22
sshpass -p ${vmAdminPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o TCPKeepAlive=yes -o ServerAliveCountMax=20 -o ServerAliveInterval=15 -o ConnectTimeout=100 -v -tt ${vmAdminId}@${publicIp} 'ls /tmp'
sshpass -p ${vmAdminPassword} scp websphere-cafe/websphere-cafe-application/target/websphere-cafe.ear ${vmAdminId}@${publicIp}:/tmp
# Close port 22 in the nsg
az network nsg rule delete \
--name port-22 \
--nsg-name ${nsgName} \
--resource-group ${testResourceGroup}
# Install and start websphere-cafe
az vm extension set --name CustomScript \
--extension-instance-name deploy-websphere-cafe \
--resource-group ${testResourceGroup} --vm-name ${vmName} \
--publisher Microsoft.Azure.Extensions --version 2.0 \
--settings "{\"fileUris\": [\"${{ env.scriptLocation }}deploy-app.sh\", \"${{ env.scriptLocation }}deploy-app.py.template\"]}" \
--protected-settings "{\"commandToExecute\": \"bash deploy-app.sh /tmp/websphere-cafe.ear websphere-cafe\"}"
# Verify if websphere-cafe is accessible
websphereCafeUrl=https://${publicIp}:9443/websphere-cafe
curl $websphereCafeUrl -k
if [[ $? -ne 0 ]]; then
echo "Failed to access ${websphereCafeUrl}."
exit 1
fi
- name: Generate artifact file name and path
id: artifact_file
run: |
version=$(awk '/<version>[^<]+<\/version>/{gsub(/<version>|<\/version>/,"",$1);print $1;exit;}' ${{ env.repoName }}/pom.xml)
artifactName=${{ env.repoName }}-$version-arm-assembly
unzip ${{ env.repoName }}/target/$artifactName.zip -d ${{ env.repoName }}/target/$artifactName
echo "##[set-output name=artifactName;]${artifactName}"
echo "##[set-output name=artifactPath;]${{ env.repoName }}/target/$artifactName"
- name: Archive ${{ env.repoName }} template
uses: actions/upload-artifact@v4
if: success()
with:
name: ${{steps.artifact_file.outputs.artifactName}}
path: ${{steps.artifact_file.outputs.artifactPath}}
notification:
needs: integration-test
if: always()
runs-on: ubuntu-latest
steps:
- name: Output inputs from workflow_dispatch
run: echo "${{ toJSON(github.event.inputs) }}"
- name: Output client_payload from repository_dispatch
run: echo "${{ toJSON(github.event.client_payload) }}"
- name: Send notification
if: ${{ env.msTeamsWebhook != 'NA' }}
run: |
workflowJobs=$(curl -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ env.userName }}/${{ env.repoName }}/actions/runs/${{ github.run_id }}/jobs)
successIntegrationTestJob=$(echo $workflowJobs | jq 'select(.jobs != null) | .jobs | map(select(.name=="integration-test" and .conclusion=="success")) | length')
echo "$successIntegrationTestJob"
if [ -z $successIntegrationTestJob ];then
echo "jobs not retrieved."
elif (($successIntegrationTestJob == 0));then
echo "Job integration-test failed, send notification to Teams"
curl ${{ env.msTeamsWebhook }} \
-H 'Content-Type: application/json' \
--data-binary @- << EOF
{
"@context":"http://schema.org/extensions",
"@type":"MessageCard",
"text":"Workflow integration-test of repo ${{ env.repoName }} failed, please take a look at: https://github.com/${{ env.userName }}/${{ env.repoName }}/actions/runs/${{ github.run_id }}"
}
EOF
else
echo "Job integration-test succeeded."
fi
delete-resources:
needs: notification
runs-on: ubuntu-latest
if: always()
steps:
- uses: azure/login@v1
id: azure-login
with:
creds: ${{ env.azureCredentials }}
- name: Delete all Azure resources
id: delete-resources-in-group
if: ${{ (github.event_name == 'workflow_dispatch' && inputs.deleteAzureResources) || (github.event_name == 'repository_dispatch' && github.event.client_payload.deleteAzureResources) }}
run: |
echo "delete resource group: " ${{ env.testResourceGroup }}
az group delete -n ${{ env.testResourceGroup }} --yes --no-wait