Validate payg-vmss offer with jdk:openjdk17 and db:none
#82
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Validate payg-vmss offer | |
| run-name: Validate payg-vmss offer with `jdk`:${{ inputs.jdkVersion }} and `db`:${{ inputs.databaseType }} | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| databaseType: | |
| description: 'Database connection' | |
| required: true | |
| default: 'mssqlserver' | |
| type: choice | |
| options: | |
| - mssqlserver | |
| - oracle | |
| - mysql(flexible) | |
| - postgresql(single) | |
| - none | |
| jdkVersion: | |
| description: 'jdkVersion' | |
| required: true | |
| default: 'openjdk17' | |
| type: choice | |
| options: | |
| - openjdk8 | |
| - openjdk11 | |
| - openjdk17 | |
| timeWaitBeforeDelete: | |
| description: 'Choose the wait time before deleting resources: 30m (30 minutes), 2h (2 hours), 5h (5 hours), 0 (immediately)' | |
| required: true | |
| type: choice | |
| default: 0 | |
| options: | |
| - 30m | |
| - 2h | |
| - 5h | |
| - 0 | |
| env: | |
| azCliVersion: 2.30.0 | |
| azureCredentials: ${{ secrets.AZURE_CREDENTIALS_PAYG }} | |
| location: eastus | |
| vmssResourceGroup: vmss-${{ github.repository_owner }}-${{ github.run_id }}-${{ github.run_number }} | |
| vmName: ${{ github.run_id }}${{ github.run_number }}vm | |
| vmssName: jbossvmss | |
| asName: ${{ github.run_id }}${{ github.run_number }}as | |
| adminUsername: azureadmin | |
| password: ${{ secrets.VM_PASSWORD }} | |
| numberOfInstances: 3 | |
| vmssBootStorageAccountName: vmsssa | |
| jbossEAPUserName: jbossadmin | |
| jbossEAPPassword: ${{ secrets.JBOSS_EAP_USER_PASSWORD }} | |
| userAssignedManagedIdentity: ${{ secrets.USER_ASSIGNED_MANAGED_IDENTITY_ID }} | |
| dbInstanceName: db${{ github.run_id }}${{ github.run_number }} | |
| dbPassword: ${{ secrets.DATABASE_PASSWORD }} | |
| gitUserName: ${{ secrets.USER_NAME }} | |
| vmssTestBranchName: vmss-cicd-${{ github.run_id }}-${{ github.run_number }} | |
| gitEmail: ${{ secrets.USER_EMAIL }} | |
| enableLoadBalancer: enable | |
| disableLoadBalancer: disable | |
| scriptLocation: https://raw.githubusercontent.com/${{ secrets.USER_NAME }}/rhel-jboss-templates/$GITHUB_REF_NAME/utilities/ | |
| offerName: "eap74-rhel8-payg-vmss" | |
| jobs: | |
| preflight: | |
| name: preflight with ${{ inputs.jdkVersion }} and ${{ inputs.databaseType }} | |
| outputs: | |
| artifactName: ${{steps.build.outputs.artifactName}} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout rhel-jboss-templates | |
| uses: actions/checkout@v4 | |
| - name: build | |
| id: build | |
| uses: ./.github/actions/build | |
| with: | |
| offerName: ${{ env.offerName }} | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| workflowType: "validate" | |
| deploy-vmss: | |
| needs: preflight | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout rhel-jboss-templates | |
| uses: actions/checkout@v4 | |
| with: | |
| path: rhel-jboss-templates | |
| - name: Download artifact for test branch | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: ${{needs.preflight.outputs.artifactName}} | |
| path: rhel-jboss-templates-dev | |
| - name: Create a new branch with built artifact | |
| run: | | |
| current=`pwd` | |
| echo "current=${current}" >> "$GITHUB_ENV" | |
| cd rhel-jboss-templates | |
| git config --global core.longpaths true | |
| git config --global user.email $gitEmail | |
| git config --global user.name $gitUserName | |
| echo "create branch $vmssTestBranchName" | |
| git checkout -b $vmssTestBranchName | |
| rm -r -f $current/rhel-jboss-templates/eap74-rhel8-payg-vmss/src/main/* | |
| cp -r -f $current/rhel-jboss-templates-dev/* $current/rhel-jboss-templates/eap74-rhel8-payg-vmss/ | |
| git add . | |
| git status | |
| git commit -m "test branch for pipeline" | |
| git push https://${{ secrets.GITHUB_TOKEN }}@github.com/${GITHUB_REPOSITORY}.git -f | |
| - uses: azure/login@v1 | |
| id: azure-login | |
| with: | |
| creds: ${{ env.azureCredentials }} | |
| - name: Deploy an instance of Azure SQL Database | |
| if: ${{ inputs.databaseType == 'mssqlserver' || github.event.client_payload.databaseType == 'mssqlserver' }} | |
| run: | | |
| az group create -n ${{ env.vmssResourceGroup}} -l ${{ env.location }} | |
| az sql server create \ | |
| --resource-group ${{ env.vmssResourceGroup }} --name ${{ env.dbInstanceName }} \ | |
| --admin-user testuser --admin-password ${{ env.dbPassword }} \ | |
| --location ${{ env.location }} | |
| host=$(az sql server show \ | |
| --resource-group ${{ env.vmssResourceGroup }} --name ${{ env.dbInstanceName }} \ | |
| --query "fullyQualifiedDomainName" -o tsv) | |
| echo "sqlserverHost=${host}" >> "$GITHUB_ENV" | |
| # Allow Azure services to access | |
| az sql server firewall-rule create \ | |
| --resource-group ${{ env.vmssResourceGroup }} --server ${{ env.dbInstanceName }} \ | |
| --name "AllowAllAzureIps" --start-ip-address 0.0.0.0 --end-ip-address 0.0.0.0 | |
| az sql db create --resource-group ${{ env.vmssResourceGroup }} --server ${{ env.dbInstanceName }} --name testdb | |
| - name: Deploy an Oracle database server on Azure VM | |
| if: ${{ inputs.databaseType == 'oracle' || github.event.client_payload.databaseType == 'oracle' }} | |
| run: | | |
| az group create -n ${{ env.vmssResourceGroup }} -l ${{ env.location }} | |
| az vm create \ | |
| --resource-group ${{ env.vmssResourceGroup }} --name ${{ env.dbInstanceName }} \ | |
| --image Oracle:oracle-database-19-3:oracle-database-19-0904:latest --size Standard_DS2_v2 \ | |
| --admin-username azureuser --generate-ssh-keys \ | |
| --nsg-rule NONE --enable-agent true \ | |
| --vnet-name ${{ env.dbInstanceName }}VNET --enable-auto-update false \ | |
| --tags SkipASMAzSecPack=true SkipNRMSCorp=true SkipNRMSDatabricks=true SkipNRMSDB=true SkipNRMSHigh=true SkipNRMSMedium=true SkipNRMSRDPSSH=true SkipNRMSSAW=true SkipNRMSMgmt=true | |
| az vm disk attach --name oradata01 --new --resource-group ${{ env.vmssResourceGroup }} --vm-name ${{ env.dbInstanceName }} --size-gb 64 --sku StandardSSD_LRS | |
| az vm open-port -g ${{ env.vmssResourceGroup }} -n ${{ env.dbInstanceName }} --port 1521,5502 --priority 100 | |
| az vm extension set --name CustomScript \ | |
| --extension-instance-name install-oracle \ | |
| --resource-group ${{ env.vmssResourceGroup }} --vm-name ${{ env.dbInstanceName }} \ | |
| --publisher Microsoft.Azure.Extensions --version 2.0 \ | |
| --settings "{\"fileUris\": [\"${{ env.scriptLocation }}install-oracle-main.sh\", \"${{ env.scriptLocation }}install-oracle.sh\"]}" \ | |
| --protected-settings "{\"commandToExecute\":\"bash install-oracle-main.sh ${{ env.dbPassword }}\"}" | |
| - name: Deploy an instance of Azure Database for MySQL | |
| if: ${{ inputs.databaseType == 'mysql(flexible)' || github.event.client_payload.databaseType == 'mysql(flexible)' }} | |
| run: | | |
| az group create -n ${{ env.vmssResourceGroup }} -l ${{ env.location }} | |
| az mysql flexible-server create \ | |
| --resource-group ${{ env.vmssResourceGroup }} --name ${{ env.dbInstanceName }} \ | |
| --admin-user myadmin --admin-password ${{ env.dbPassword }} \ | |
| --sku-name Standard_B1ms --location ${{ env.location }} \ | |
| --version 8.0.21 \ | |
| --yes | |
| # Allow Azure services to access | |
| az mysql flexible-server firewall-rule create \ | |
| --resource-group ${{ env.vmssResourceGroup }} --name ${{ env.dbInstanceName }} \ | |
| --rule-name "AllowAllAzureIps" --start-ip-address 0.0.0.0 --end-ip-address 0.0.0.0 | |
| # Allow current IP to access MySQL server | |
| currentIp=$(curl -s https://icanhazip.com) | |
| az mysql flexible-server firewall-rule create \ | |
| --resource-group ${{ env.vmssResourceGroup }} --name ${{ env.dbInstanceName }} \ | |
| --rule-name "AllowCurrentIp" --start-ip-address ${currentIp} --end-ip-address ${currentIp} | |
| host=$(az mysql flexible-server show \ | |
| --resource-group ${{ env.vmssResourceGroup }} --name ${{ env.dbInstanceName }} \ | |
| --query "fullyQualifiedDomainName" -o tsv) | |
| echo "mysqlHost=${host}" >> "$GITHUB_ENV" | |
| wget --no-check-certificate https://dl.cacerts.digicert.com/DigiCertGlobalRootCA.crt.pem | |
| mysql -h $host -u myadmin -p${{ env.dbPassword }} --ssl-ca=DigiCertGlobalRootCA.crt.pem << EOF | |
| CREATE DATABASE testdb; | |
| CREATE USER 'testuser'@'%' IDENTIFIED BY '${{ env.dbPassword }}'; | |
| GRANT ALL PRIVILEGES ON testdb . * TO 'testuser'@'%'; | |
| FLUSH PRIVILEGES; | |
| EOF | |
| - name: Deploy an instance of Azure Database for PostgreSQL | |
| if: ${{ inputs.databaseType == 'postgresql(single)' || github.event.client_payload.databaseType == 'postgresql(single)' }} | |
| run: | | |
| az group create -n ${{ env.vmssResourceGroup}} -l ${{ env.location }} | |
| az postgres server create \ | |
| --resource-group ${{ env.vmssResourceGroup}} --name ${{ env.dbInstanceName }} \ | |
| --admin-user testuser --admin-password ${{ env.dbPassword }} \ | |
| --location ${{ env.location }} | |
| host=$(az postgres server show \ | |
| --resource-group ${{ env.vmssResourceGroup}} --name ${{ env.dbInstanceName }} \ | |
| --query "fullyQualifiedDomainName" -o tsv) | |
| echo "postgresqlHost=${host}" >> "$GITHUB_ENV" | |
| # Allow Azure services to access | |
| az postgres server firewall-rule create \ | |
| --resource-group ${{ env.vmssResourceGroup}} --server ${{ env.dbInstanceName }} \ | |
| --name "AllowAllAzureIps" --start-ip-address 0.0.0.0 --end-ip-address 0.0.0.0 | |
| az postgres db create --resource-group ${{ env.vmssResourceGroup}} --server ${{ env.dbInstanceName }} --name testdb | |
| - name: Prepare parameter file | |
| run: | | |
| enableDB=false | |
| databaseType=postgresql | |
| dsConnectionURL=jdbc:postgresql://contoso.postgres.database:5432/testdb | |
| dbUser=contosoDbUser | |
| dbPassword=contosoDbPwd | |
| if ${{ inputs.databaseType == 'mssqlserver' || github.event.client_payload.databaseType == 'mssqlserver' }}; then | |
| enableDB=true | |
| databaseType=mssqlserver | |
| dsConnectionURL="jdbc:sqlserver://${{ env.sqlserverHost }}:1433;database=testdb" | |
| dbUser=testuser@${{ env.dbInstanceName }} | |
| dbPassword=${{ env.dbPassword }} | |
| elif ${{ inputs.databaseType == 'oracle' || github.event.client_payload.databaseType == 'oracle' }}; then | |
| enableDB=true | |
| databaseType=oracle | |
| publicIp=$(az vm show -g ${{ env.vmssResourceGroup }} -n ${{ env.dbInstanceName }} -d --query publicIps -o tsv) | |
| dsConnectionURL=jdbc:oracle:thin:@${publicIp}:1521/oratest1 | |
| dbUser=testuser | |
| dbPassword=${{ env.dbPassword }} | |
| elif ${{ inputs.databaseType == 'mysql(flexible)' || github.event.client_payload.databaseType == 'mysql(flexible)' }}; then | |
| enableDB=true | |
| databaseType=mysql | |
| dsConnectionURL=jdbc:mysql://${{ env.mysqlHost }}:3306/testdb?sslMode=REQUIRED | |
| dbUser=testuser | |
| dbPassword=${{ env.dbPassword }} | |
| elif ${{ inputs.databaseType == 'postgresql(single)' || github.event.client_payload.databaseType == 'postgresql(single)' }}; then | |
| enableDB=true | |
| databaseType=postgresql | |
| dsConnectionURL="jdbc:postgresql://${{ env.postgresqlHost }}:5432/testdb" | |
| dbUser=testuser@${{ env.dbInstanceName }} | |
| dbPassword=${{ env.dbPassword }} | |
| fi | |
| echo "generate parameter file for vmss" | |
| bash rhel-jboss-templates/eap74-rhel8-payg-vmss/src/test/scripts/gen-parameters.sh \ | |
| <<< "rhel-jboss-templates/eap74-rhel8-payg-vmss/src/test/parameters-test-vmss.json \ | |
| ${gitUserName} \ | |
| ${vmssTestBranchName} \ | |
| ${location} \ | |
| ${vmssName} \ | |
| ${adminUsername} \ | |
| ${password} \ | |
| ${vmssResourceGroup} \ | |
| ${vmssBootStorageAccountName} \ | |
| ${vmssResourceGroup} \ | |
| ${numberOfInstances} \ | |
| ${jbossEAPUserName} \ | |
| ${jbossEAPPassword} \ | |
| ${enableDB} \ | |
| ${databaseType} \ | |
| java:jboss/datasources/JavaEECafeDB \ | |
| ${dsConnectionURL} \ | |
| ${dbUser} \ | |
| ${dbPassword} \ | |
| ${{ inputs.jdkVersion }} " | |
| - name: Archive parameters-test-vmss.json | |
| uses: actions/upload-artifact@v4 | |
| if: success() | |
| with: | |
| name: parameters-test-vmss | |
| path: rhel-jboss-templates/eap74-rhel8-payg-vmss/src/test/parameters-test-vmss.json | |
| - name: Create Resource Group if needed | |
| if: ${{ inputs.databaseType == 'none' || github.event.client_payload.databaseType == 'none' }} | |
| uses: azure/CLI@v1 | |
| with: | |
| azcliversion: ${{ env.azCliVersion }} | |
| inlineScript: | | |
| echo "create resource group" ${{ env.vmssResourceGroup }} | |
| az group create --verbose --name ${{ env.vmssResourceGroup }} --location ${{ env.location }} | |
| - name: Deploy JBoss EAP VMSS | |
| id: deploy-vmss | |
| uses: azure/CLI@v1 | |
| with: | |
| azcliversion: ${{ env.azCliVersion }} | |
| inlineScript: | | |
| az deployment group create \ | |
| --verbose \ | |
| --resource-group ${{ env.vmssResourceGroup }} \ | |
| --name vmss \ | |
| --parameters @rhel-jboss-templates/eap74-rhel8-payg-vmss/src/test/parameters-test-vmss.json \ | |
| --template-file rhel-jboss-templates/eap74-rhel8-payg-vmss/mainTemplate.json | |
| - name: Query public ip of Application Gateway | |
| id: query_app_gateway_public_ip | |
| uses: azure/CLI@v1 | |
| with: | |
| azcliversion: ${{ env.azCliVersion }} | |
| inlineScript: | | |
| # query public ip address of Application Gateway | |
| publicip=$(az network public-ip list --resource-group ${{ env.vmssResourceGroup }} --query "[?starts_with(name, 'gwip')].ipAddress" -o tsv) | |
| echo "##[set-output name=publicip;]${publicip}" | |
| - name: Verify eap-session-replication application | |
| run: | | |
| publicip=${{steps.query_app_gateway_public_ip.outputs.publicip}} | |
| echo "publicip: " $publicip | |
| CURL_RETRY_PARMS="--connect-timeout 60 --max-time 180 --retry 10 --retry-delay 30 --retry-max-time 180 --retry-connrefused" | |
| echo "Verifying eap-session-replication is deployed as expected" | |
| curl --verbose http://${publicip}/eap-session-replication/ | |
| response=$(curl ${CURL_RETRY_PARMS} --write-out '%{http_code}' --silent --output /dev/null http://${publicip}/eap-session-replication/) | |
| echo "$response" | |
| if [ "$response" -ne 200 ]; then | |
| echo "eap-session-replication is not accessible" | |
| exit 1 | |
| else | |
| echo "eap-session-replication is accessible" | |
| fi | |
| exit 0 | |
| resources-cleanup: | |
| name: resources-cleanup after ${{ github.event.inputs.timeWaitBeforeDelete }} | |
| needs: | |
| - preflight | |
| - deploy-vmss | |
| if: always() | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: azure/login@v1 | |
| id: azure-login | |
| with: | |
| creds: ${{ env.azureCredentials }} | |
| - name: Checkout rhel-jboss-templates | |
| uses: actions/checkout@v4 | |
| with: | |
| path: rhel-jboss-templates | |
| - name: Pause ${{ github.event.inputs.timeWaitBeforeDelete }} before deleting resources | |
| run: | | |
| echo "Sleeping for ${{ github.event.inputs.timeWaitBeforeDelete }}" | |
| sleep ${{ github.event.inputs.timeWaitBeforeDelete }} | |
| - name: Delete Resource Group | |
| if: ${{ github.event_name == 'workflow_dispatch' }} | |
| id: delete-resource-group | |
| run: | | |
| echo "delete... " $vmssResourceGroup | |
| az group delete --yes --no-wait --verbose --name $vmssResourceGroup | |
| - name: Delete Testing Branch | |
| if: always() | |
| run: | | |
| cd rhel-jboss-templates | |
| git push https://${{ secrets.GITHUB_TOKEN }}@github.com/${GITHUB_REPOSITORY}.git -f --delete $vmssTestBranchName |