From 9ef2a5a3242fe4ee36a4810deb97f13ac3f67cbc Mon Sep 17 00:00:00 2001
From: Zac Spitzer <zac.spitzer@gmail.com>
Date: Fri, 2 Aug 2024 14:55:49 +0200
Subject: [PATCH 1/2] LDEV-4979 build: fix docker creds for PRs and sql server
 (5.4)

https://luceeserver.atlassian.net/browse/LDEV-4979
---
 .github/workflows/main.yml | 89 +++++++++++++++++++++++++++-----------
 1 file changed, 63 insertions(+), 26 deletions(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 3a529f5bb1..8c4a338de7 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -29,8 +29,21 @@ jobs:
       LUCEE_BUILD_JAVA_VERSION: 8
       LUCEE_TEST_JAVA_VERSION: ''
     services:
-      sql-server:
-        image: mcr.microsoft.com/mssql/server:2019-latest
+      ldap_with_creds:
+        image: ${{ (github.secret_source != 'none') && 'rroemhild/test-openldap' || '' }}
+        ports:
+          - 10389:10389
+          - 10636:10636
+        credentials: 
+          username: ${{ secrets.DOCKERHUB_PUBLIC_USERNAME || ' ' }} # empty string to avoid invalid template
+          password: ${{ secrets.DOCKERHUB_PUBLIC_TOKEN || ' ' }}
+      ldap_no_creds:
+        image: ${{ (github.secret_source == 'none') && 'rroemhild/test-openldap' || '' }}
+        ports:
+          - 10389:10389
+          - 10636:10636
+      sql-server_with_creds:
+        image: ${{ (github.secret_source != 'none') && 'mcr.microsoft.com/mssql/server:2022-latest' || '' }}
         env:
           MSSQL_PID: Express
           ACCEPT_EULA: Y
@@ -38,31 +51,35 @@ jobs:
         ports:
           - 1433:1433
         options: --health-cmd="/opt/mssql-tools/bin/sqlcmd -S localhost -U SA -P ${SA_PASSWORD} -Q 'SELECT 1' || exit 1"  --health-interval 10s --health-timeout 5s --health-retries 5
-      greenmail:
-        image: greenmail/standalone:1.6.9
+        credentials: 
+          username: ${{ secrets.DOCKERHUB_PUBLIC_USERNAME || ' ' }}
+          password: ${{ secrets.DOCKERHUB_PUBLIC_TOKEN || ' ' }}
+      sql-server_without_creds:
+        image: ${{ (github.secret_source == 'none') && 'mcr.microsoft.com/mssql/server:2022-latest' || '' }}
+        env:
+          MSSQL_PID: Express
+          ACCEPT_EULA: Y
+          SA_PASSWORD: Lucee!1433 # password must be complex or the service won't start
         ports:
-          - 3025:3025 #SMTP
-          - 3110:3110 #POP3
-          - 3143:3143 #IMAP
-          - 3465:3465 #SMTPS
-          - 3993:3993 #IMAPS
-          - 3995:3995 #POP3S
-          - 8080:8080 #API
+          - 1433:1433
+        options: --health-cmd="/opt/mssql-tools18/bin/sqlcmd -C -S localhost -U SA -P ${SA_PASSWORD} -Q 'SELECT 1' || exit 1"  --health-interval 10s --health-timeout 5s --health-retries 5
+      redis_with_creds:
+        image: ${{ (github.secret_source != 'none') && 'redis' || '' }}
+        # Set health checks to wait until redis has started
+        options: >-
+          --health-cmd "redis-cli ping"
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          # Maps port 6379 on service container to the host
+          - 6379:6379
         credentials: 
-           username: ${{ secrets.DOCKERHUB_PUBLIC_USERNAME }}
-           password: ${{ secrets.DOCKERHUB_PUBLIC_TOKEN }}  
-      ldap:
-      #  image: kwart/ldap-server
-         image: rroemhild/test-openldap
-         ports:
-           - 10389:10389
-           - 10636:10636
-         credentials: 
-           username: ${{ secrets.DOCKERHUB_PUBLIC_USERNAME }}
-           password: ${{ secrets.DOCKERHUB_PUBLIC_TOKEN }}
-      redis:
+          username: ${{ secrets.DOCKERHUB_PUBLIC_USERNAME || ' ' }}
+          password: ${{ secrets.DOCKERHUB_PUBLIC_TOKEN || ' ' }}
+      redis_without_creds:
         # Docker Hub image
-        image: redis
+        image: ${{ (github.secret_source == 'none') && 'redis' || '' }}
         # Set health checks to wait until redis has started
         options: >-
           --health-cmd "redis-cli ping"
@@ -72,9 +89,29 @@ jobs:
         ports:
           # Maps port 6379 on service container to the host
           - 6379:6379
+      greenmail_with_creds:
+        image: ${{ (github.secret_source != 'none') && 'greenmail/standalone:1.6.9' || '' }}
+        ports:
+          - 3025:3025 #SMTP
+          - 3110:3110 #POP3
+          - 3143:3143 #IMAP
+          - 3465:3465 #SMTPS
+          - 3993:3993 #IMAPS
+          - 3995:3995 #POP3S
+          - 8080:8080 #API
         credentials: 
-           username: ${{ secrets.DOCKERHUB_PUBLIC_USERNAME }}
-           password: ${{ secrets.DOCKERHUB_PUBLIC_TOKEN }}
+          username: ${{ secrets.DOCKERHUB_PUBLIC_USERNAME || ' ' }}
+          password: ${{ secrets.DOCKERHUB_PUBLIC_TOKEN || ' ' }}
+      greenmail_no_creds:
+        image: ${{ (github.secret_source == 'none') && 'greenmail/standalone:1.6.9' || '' }}
+        ports:
+          - 3025:3025 #SMTP
+          - 3110:3110 #POP3
+          - 3143:3143 #IMAP
+          - 3465:3465 #SMTPS
+          - 3993:3993 #IMAPS
+          - 3995:3995 #POP3S
+          - 8080:8080 #API
     steps:
     # when workflow is run via a workflow_call, these vars are found under input, which doesn't exist otherwise
     # so lets copy them over to the normal env vars

From 7e08f1f48c184c743857f1a2e68e3833de77efa4 Mon Sep 17 00:00:00 2001
From: Zac Spitzer <zac.spitzer@gmail.com>
Date: Fri, 2 Aug 2024 14:58:45 +0200
Subject: [PATCH 2/2] avoid docker login

---
 .github/workflows/main.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 8c4a338de7..767cff0ed5 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -117,6 +117,7 @@ jobs:
     # so lets copy them over to the normal env vars
     -  name: Login to Docker Hub
        uses: docker/login-action@v3
+       if: ${{ github.secret_source != 'none' }}
        with:
          username: ${{ secrets.DOCKERHUB_PUBLIC_USERNAME }}
          password: ${{ secrets.DOCKERHUB_PUBLIC_TOKEN }}