diff --git a/.github/workflows/cfdeploy.yml b/.github/workflows/cfdeploy.yml index b27dc8d2..4dd2527d 100644 --- a/.github/workflows/cfdeploy.yml +++ b/.github/workflows/cfdeploy.yml @@ -20,6 +20,10 @@ on: repository_id: description: 'Specify the Repository ID (leave blank if deploying to developcap)' required: false + cds_services_version: + description: 'Optional override for (e.g. 4.3.1). Leave blank to use existing value.' + required: false + default: '' permissions: pull-requests: read @@ -150,6 +154,24 @@ jobs: exit 1 fi + - name: Override cds.services.version (runtime only) + if: ${{ github.event.inputs.cds_services_version != '' }} + env: + TARGET_CDS_SERVICES_VERSION: ${{ github.event.inputs.cds_services_version }} + run: | + echo "Override requested: cds.services.version -> ${TARGET_CDS_SERVICES_VERSION}" + FILES=$(grep -Rl "" . | grep pom.xml || true) + if [ -z "$FILES" ]; then + echo "No pom.xml files with found" >&2; exit 1; + fi + echo "Updating files:"; echo "$FILES" | sed 's/^/ - /' + for f in $FILES; do + sed -i "s|[^<]*|${TARGET_CDS_SERVICES_VERSION}|" "$f" + done + echo "Post-update values:"; grep -R "" $FILES || true + echo "(Not committing these changes)" + shell: bash + - name: Deleting the sdm directory for fresh build βš™οΈ run: | echo "πŸ”„ Deleting 'sdm' directory for fresh build..." diff --git a/.github/workflows/multi tenancy_Integration.yml b/.github/workflows/multi tenancy_Integration.yml index 4145a771..8aef98aa 100644 --- a/.github/workflows/multi tenancy_Integration.yml +++ b/.github/workflows/multi tenancy_Integration.yml @@ -56,8 +56,7 @@ jobs: -u ${{ secrets.CF_USER }} \ -p ${{ secrets.CF_PASSWORD }} \ -o ${{ secrets.CF_ORG }} \ - -s ${{ secrets.CF_SPACE }} - # -s ${{ steps.determine_space.outputs.space }} + -s ${{ steps.determine_space.outputs.space }} - name: Fetch and Escape Client Details for single tenant πŸ” id: fetch_credentials @@ -137,8 +136,8 @@ jobs: echo "πŸš€ Starting integration tests..." set -e PROPERTIES_FILE="sdm/src/test/resources/credentials.properties" - appUrl="${{ secrets.CF_ORG }}-${{ secrets.CF_SPACE }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" - appUrlMT="${{ secrets.CF_ORG }}-${{ secrets.CF_SPACE }}-bookshop-mt-srv.cfapps.eu12.hana.ondemand.com" + appUrl="${{ secrets.CF_ORG }}-${{ steps.determine_space.outputs.space }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" + appUrlMT="${{ secrets.CF_ORG }}-${{ steps.determine_space.outputs.space }}-bookshop-mt-srv.cfapps.eu12.hana.ondemand.com" authUrl="${{ secrets.CAPAUTH_URL }}" authUrlMT1="${{ secrets.AUTHURLMT1 }}" authUrlMT2="${{ secrets.AUTHURLMT2 }}" @@ -195,4 +194,4 @@ jobs: mvn clean verify -P integration-tests -DtokenFlow=technicalUser -DtenancyModel=multi -Dtenant=TENANT1 -DskipUnitTests mvn clean verify -P integration-tests -DtokenFlow=namedUser -DtenancyModel=multi -Dtenant=TENANT2 -DskipUnitTests mvn clean verify -P integration-tests -DtokenFlow=technicalUser -DtenancyModel=multi -Dtenant=TENANT2 -DskipUnitTests - echo "βœ… Integration tests completed!" + echo "βœ… Integration tests completed!" \ No newline at end of file diff --git a/.github/workflows/multiTenancyDeployLocal.yml b/.github/workflows/multiTenancyDeployLocal.yml index a98c79df..065a4b48 100644 --- a/.github/workflows/multiTenancyDeployLocal.yml +++ b/.github/workflows/multiTenancyDeployLocal.yml @@ -8,6 +8,10 @@ on: required: true default: 'developcap' + deploy_branch: + description: 'Specify the branch to deploy' + required: false + permissions: pull-requests: read packages: read # Added permission to read packages @@ -20,6 +24,9 @@ jobs: - name: Checkout this repository πŸ“ uses: actions/checkout@v2 + with: + ref: ${{ github.event.inputs.deploy_branch }} + - name: Set up JDK 21 β˜• uses: actions/setup-java@v3 @@ -82,7 +89,7 @@ jobs: # Login to Cloud Foundry again to ensure session is active echo "πŸ”‘ Logging in to Cloud Foundry..." - cf login -a ${ secrets.CF_API } -u ${ secrets.CF_USER } -p ${ secrets.CF_PASSWORD } -o ${ secrets.CF_ORG } -s -s ${{ steps.determine_space.outputs.space }} + cf login -a ${{ secrets.CF_API }} -u ${{ secrets.CF_USER }} -p ${{ secrets.CF_PASSWORD }} -o ${{ secrets.CF_ORG }} -s ${{ github.event.inputs.cf_space }} echo "βœ… Logged in successfully!" # Deploy the application @@ -91,4 +98,4 @@ jobs: ls -lrth echo "▢️ Running cf deploy..." cf deploy mta_archives/bookshop-mt_1.0.0.mtar -f - echo "βœ… Deployment complete!" + echo "βœ… Deployment complete!" \ No newline at end of file diff --git a/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml b/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml new file mode 100644 index 00000000..ab0b5e74 --- /dev/null +++ b/.github/workflows/multiTenant_deploy_and_Integration_test_LatestVersion.yml @@ -0,0 +1,328 @@ +name: Multi Tenancy Deploy & Integration Test LatestVersionπŸš€ + +# This workflow now runs ONLY after the main "Multi Tenancy Deploy & Integration Test" workflow +# (multiTenant_deploy_and_Integration_test.yml) has completed successfully. It can still be +# triggered manually via workflow_dispatch if needed. +on: + workflow_run: + workflows: ["Multi Tenancy Deploy & Integration TestπŸš€"] + types: [completed] + workflow_dispatch: + +permissions: + pull-requests: read + packages: read # Added permission to read packages + +jobs: + deploy: + #Run only if the triggering workflow concluded successfully + if: ${{ github.event.workflow_run.conclusion == 'success' || github.event_name == 'workflow_dispatch' }} + runs-on: ubuntu-latest + + steps: + + - name: Checkout this repository πŸ“ + uses: actions/checkout@v2 + + - name: Set up JDK 21 β˜• + uses: actions/setup-java@v3 + with: + distribution: 'temurin' + java-version: '21' + + - name: Build and package πŸ“¦ + run: | + echo "πŸ”¨ Building and packaging..." + mvn clean install -P unit-tests -DskipIntegrationTests + echo "βœ… Build completed successfully!" + + - name: Setup Node.js 🟒 + uses: actions/setup-node@v3 + with: + node-version: '18' # Ensure to use at least version 18 + + - name: Install MBT βš™οΈ + run: | + echo "πŸ”§ Installing MBT..." + npm install -g mbt + echo "βœ… MBT installation complete!" + + - name: Clone the cloud-cap-samples-java repo 🌐 + run: | + echo "πŸ”„ Cloning repository..." + git clone --depth 1 --branch mtTests https://github.com/vibhutikumar07/cloud-cap-samples-java.git + echo "βœ… Repository cloned!" + + - name: Override cds.services.version (runtime only) + env: + TARGET_CDS_SERVICES_VERSION: 4.3.1 + run: | + set -e + echo "=== cds.services.version Override Step ===" + echo "Target version to apply: ${TARGET_CDS_SERVICES_VERSION}" + FILES=$(grep -Rl "" . | grep pom.xml || true) + if [ -z "$FILES" ]; then + echo "No pom.xml files with found" >&2; exit 1; + fi + echo "POM files containing property:"; echo "$FILES" | sed 's/^/ - /' + + echo "\nCurrent raw occurrences BEFORE override:" + for f in $FILES; do + # Show each occurrence with line number (first 3 if multiple) + MATCHES=$(grep -n "" "$f" | head -3 || true) + if [ -n "$MATCHES" ]; then + echo "--- $f"; echo "$MATCHES" + fi + done + + echo "\nResolving effective value BEFORE override via mvn help:evaluate ..." + RESOLVED_BEFORE=$(mvn -q -DforceStdout help:evaluate -Dexpression=cds.services.version || true) + echo "Effective cds.services.version before override: '${RESOLVED_BEFORE}'" + if [ "${RESOLVED_BEFORE}" = "${TARGET_CDS_SERVICES_VERSION}" ]; then + echo "NOTE: Effective value already equals target; files will still be normalized to target string." + fi + + echo "\nApplying override ..." + # Perform in-place replacement for each file + for f in $FILES; do + sed -i "s|[^<]*|${TARGET_CDS_SERVICES_VERSION}|" "$f" + done + + echo "\nRaw occurrences AFTER override:" + grep -R "" $FILES || true + + echo "\nResolving effective value AFTER override via mvn help:evaluate ..." + RESOLVED_AFTER=$(mvn -q -DforceStdout help:evaluate -Dexpression=cds.services.version || true) + echo "Effective cds.services.version after override: '${RESOLVED_AFTER}'" + if [ "${RESOLVED_AFTER}" != "${TARGET_CDS_SERVICES_VERSION}" ]; then + echo "WARNING: Resolved value does not match target (profiles or parent POM could be overriding it)." >&2 + fi + + echo "(Not committing these changes)" + echo "=== Override Step Complete ===" + shell: bash + + + - name: Change directory to cloud-cap-samples-java πŸ“‚ + working-directory: cloud-cap-samples-java + run: | + pwd + echo "βœ”οΈ Directory changed!" + + + - name: Run mbt build πŸ”¨ + working-directory: cloud-cap-samples-java + run: | + echo "πŸš€ Running MBT build..." + echo "java version:" + java --version + mbt build + echo "βœ… MBT build completed!" + + - name: Deploy to Cloud Foundry ☁️ + working-directory: cloud-cap-samples-java + run: | + echo "πŸš€ Deploying to ${{ secrets.CF_SPACE }}..." + echo "πŸ”§ Installing Cloud Foundry CLI and plugins..." + + # Install cf CLI plugin + wget -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key | sudo tee /etc/apt/trusted.gpg.d/cloudfoundry.asc + echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list + sudo apt update + sudo apt install cf-cli + + cf install-plugin multiapps -f + echo "βœ… Cloud Foundry CLI setup complete!" + + # Login to Cloud Foundry again to ensure session is active + echo "πŸ”‘ Logging in to Cloud Foundry..." + cf login -a ${{ secrets.CF_API }} -u ${{ secrets.CF_USER }} -p ${{ secrets.CF_PASSWORD }} -o ${{ secrets.CF_ORG }} -s ${{ secrets.CF_SPACE }} + echo "βœ… Logged in successfully!" + + # Deploy the application + echo "πŸ“‚ Current directory.." + pwd + ls -lrth + echo "▢️ Running cf deploy..." + cf deploy mta_archives/bookshop-mt_1.0.0.mtar -f + echo "βœ… Deployment complete!" + + integration-test: + needs: deploy + runs-on: ubuntu-latest + + steps: + - name: Checkout repository βœ… + uses: actions/checkout@v2 + + - name: Set up Java 17 β˜• + uses: actions/setup-java@v3 + with: + java-version: 17 + distribution: 'temurin' + + - name: Install Cloud Foundry CLI and jq πŸ“¦ + run: | + echo "πŸ”§ Installing Cloud Foundry CLI and jq..." + wget -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key | sudo apt-key add - + echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list + sudo apt-get update + sudo apt-get install cf8-cli jq + + - name: Determine Cloud Foundry Space 🌌 + id: determine_space + run: | + if [ "${{ github.event.inputs.cf_space }}" == "developcap" ]; then + space="${{ secrets.CF_SPACE }}" + else + space="${{ github.event.inputs.cf_space }}" + fi + echo "🌍 Space determined: $space" + echo "::set-output name=space::$space" + + - name: Login to Cloud Foundry πŸ”‘ + run: | + echo "πŸ”„ Logging in to Cloud Foundry using space: ${{ steps.determine_space.outputs.space }}" + cf login -a ${{ secrets.CF_API }} \ + -u ${{ secrets.CF_USER }} \ + -p ${{ secrets.CF_PASSWORD }} \ + -o ${{ secrets.CF_ORG }} \ + -s ${{ secrets.CF_SPACE }} + + - name: Fetch and Escape Client Details for single tenant πŸ” + id: fetch_credentials + run: | + echo "Fetching client details for single tenant..." + service_instance_guid=$(cf service demoappjava-public-uaa --guid) + if [ -z "$service_instance_guid" ]; then + echo "❌ Error: Unable to retrieve service instance GUID"; exit 1; + fi + + bindings_response=$(cf curl "/v3/service_credential_bindings?service_instance_guids=${service_instance_guid}") + binding_guid=$(echo "$bindings_response" | jq -r '.resources[0].guid') + if [ -z "$binding_guid" ]; then + echo "❌ Error: Unable to retrieve binding GUID"; exit 1; + fi + + binding_details=$(cf curl "/v3/service_credential_bindings/${binding_guid}/details") + + clientSecret=$(echo "$binding_details" | jq -r '.credentials.clientsecret') + if [ -z "$clientSecret" ] || [ "$clientSecret" == "null" ]; then + echo "❌ Error: clientSecret is not set or is null"; exit 1; + fi + escapedClientSecret=$(echo "$clientSecret" | sed 's/\$/\\$/g') + echo "::add-mask::$escapedClientSecret" + + clientID=$(echo "$binding_details" | jq -r '.credentials.clientid') + if [ -z "$clientID" ] || [ "$clientID" == "null" ]; then + echo "❌ Error: clientID is not set or is null"; exit 1; + fi + echo "::add-mask::$clientID" + + echo "::set-output name=CLIENT_SECRET::$escapedClientSecret" + echo "::set-output name=CLIENT_ID::$clientID" + echo "βœ… Client details fetched successfully!" + + - name: Fetch and Escape Client Details for multi tenant πŸ” + id: fetch_credentials_mt + run: | + echo "Fetching client details for multi tenant..." + service_instance_guid=$(cf service bookshop-mt-uaa --guid) + if [ -z "$service_instance_guid" ]; then + echo "❌ Error: Unable to retrieve service instance GUID"; exit 1; + fi + + bindings_response=$(cf curl "/v3/service_credential_bindings?service_instance_guids=${service_instance_guid}") + binding_guid=$(echo "$bindings_response" | jq -r '.resources[0].guid') + if [ -z "$binding_guid" ]; then + echo "❌ Error: Unable to retrieve binding GUID"; exit 1; + fi + + binding_details=$(cf curl "/v3/service_credential_bindings/${binding_guid}/details") + + clientSecret_mt=$(echo "$binding_details" | jq -r '.credentials.clientsecret') + if [ -z "$clientSecret_mt" ] || [ "$clientSecret_mt" == "null" ]; then + echo "❌ Error: clientSecret_mt is not set or is null"; exit 1; + fi + escapedClientSecret_mt=$(echo "$clientSecret_mt" | sed 's/\$/\\$/g') + echo "::add-mask::$escapedClientSecret_mt" + + clientID_mt=$(echo "$binding_details" | jq -r '.credentials.clientid') + if [ -z "$clientID_mt" ] || [ "$clientID_mt" == "null" ]; then + echo "❌ Error: clientID_mt is not set or is null"; exit 1; + fi + echo "::add-mask::$clientID_mt" + + echo "::set-output name=CLIENT_SECRET_MT::$escapedClientSecret_mt" + echo "::set-output name=CLIENT_ID_MT::$clientID_mt" + echo "βœ… Multi-tenant client details fetched successfully!" + + - name: Run integration tests 🎯 + env: + CLIENT_SECRET: ${{ steps.fetch_credentials.outputs.CLIENT_SECRET }} + CLIENT_ID: ${{ steps.fetch_credentials.outputs.CLIENT_ID }} + CLIENT_SECRET_MT: ${{ steps.fetch_credentials_mt.outputs.CLIENT_SECRET_MT }} + CLIENT_ID_MT: ${{ steps.fetch_credentials_mt.outputs.CLIENT_ID_MT }} + run: | + echo "πŸš€ Starting integration tests..." + set -e + PROPERTIES_FILE="sdm/src/test/resources/credentials.properties" + appUrl="${{ secrets.CF_ORG }}-${{ secrets.CF_SPACE }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" + appUrlMT="${{ secrets.CF_ORG }}-${{ secrets.CF_SPACE }}-bookshop-mt-srv.cfapps.eu12.hana.ondemand.com" + authUrl="${{ secrets.CAPAUTH_URL }}" + authUrlMT1="${{ secrets.AUTHURLMT1 }}" + authUrlMT2="${{ secrets.AUTHURLMT2 }}" + clientID="${{ env.CLIENT_ID }}" + clientSecret="${{ env.CLIENT_SECRET }}" + clientIDMT="${{ env.CLIENT_ID_MT }}" + clientSecretMT="${{ env.CLIENT_SECRET_MT }}" + username="${{ secrets.CF_USER }}" + password="${{ secrets.CF_PASSWORD }}" + noSDMRoleUsername="${{ secrets.NOSDMROLEUSERNAME }}" + noSDMRoleUserPassword="${{ secrets.NOSDMROLEUSERPASSWORD }}" + + echo "::add-mask::$clientSecret" + echo "::add-mask::$clientID" + echo "::add-mask::$clientSecretMT" + echo "::add-mask::$clientIDMT" + echo "::add-mask::$username" + echo "::add-mask::$password" + echo "::add-mask::$noSDMRoleUsername" + echo "::add-mask::$noSDMRoleUserPassword" + + if [ -z "$appUrl" ]; then echo "❌ Error: appUrl is not set"; exit 1; fi + if [ -z "$appUrlMT" ]; then echo "❌ Error: appUrlMT is not set"; exit 1; fi + if [ -z "$authUrl" ]; then echo "❌ Error: authUrl is not set"; exit 1; fi + if [ -z "$authUrlMT1" ]; then echo "❌ Error: authUrlMT1 is not set"; exit 1; fi + if [ -z "$authUrlMT2" ]; then echo "❌ Error: authUrlMT2 is not set"; exit 1; fi + if [ -z "$clientID" ]; then echo "❌ Error: clientID is not set"; exit 1; fi + if [ -z "$clientSecret" ]; then echo "❌ Error: clientSecret is not set"; exit 1; fi + if [ -z "$clientIDMT" ]; then echo "❌ Error: clientIDMT is not set"; exit 1; fi + if [ -z "$clientSecretMT" ]; then echo "❌ Error: clientSecretMT is not set"; exit 1; fi + if [ -z "$username" ]; then echo "❌ Error: username is not set"; exit 1; fi + if [ -z "$password" ]; then echo "❌ Error: password is not set"; exit 1; fi + if [ -z "$noSDMRoleUsername" ]; then echo "❌ Error: noSDMRoleUsername is not set"; exit 1; fi + if [ -z "$noSDMRoleUserPassword" ]; then echo "❌ Error: noSDMRoleUserPassword is not set"; exit 1; fi + + cat > "$PROPERTIES_FILE" <" . | grep pom.xml || true) + if [ -z "$FILES" ]; then + echo "No pom.xml files with found" >&2; exit 1; + fi + echo "POM files containing property:"; echo "$FILES" | sed 's/^/ - /' + + echo "\nCurrent raw occurrences BEFORE override:" + for f in $FILES; do + # Show each occurrence with line number (first 3 if multiple) + MATCHES=$(grep -n "" "$f" | head -3 || true) + if [ -n "$MATCHES" ]; then + echo "--- $f"; echo "$MATCHES" + fi + done + + echo "\nResolving effective value BEFORE override via mvn help:evaluate ..." + RESOLVED_BEFORE=$(mvn -q -DforceStdout help:evaluate -Dexpression=cds.services.version || true) + echo "Effective cds.services.version before override: '${RESOLVED_BEFORE}'" + if [ "${RESOLVED_BEFORE}" = "${TARGET_CDS_SERVICES_VERSION}" ]; then + echo "NOTE: Effective value already equals target; files will still be normalized to target string." + fi + + echo "\nApplying override ..." + # Perform in-place replacement for each file + for f in $FILES; do + sed -i "s|[^<]*|${TARGET_CDS_SERVICES_VERSION}|" "$f" + done + + echo "\nRaw occurrences AFTER override:" + grep -R "" $FILES || true + + echo "\nResolving effective value AFTER override via mvn help:evaluate ..." + RESOLVED_AFTER=$(mvn -q -DforceStdout help:evaluate -Dexpression=cds.services.version || true) + echo "Effective cds.services.version after override: '${RESOLVED_AFTER}'" + if [ "${RESOLVED_AFTER}" != "${TARGET_CDS_SERVICES_VERSION}" ]; then + echo "WARNING: Resolved value does not match target (profiles or parent POM could be overriding it)." >&2 + fi + + echo "(Not committing these changes)" + echo "=== Override Step Complete ===" + shell: bash + + - name: Deleting the sdm directory for fresh build + run: | + pwd + cd + rm -rf .m2/repository/com/sap/cds + + - name: Configure Maven for GitHub Packages + run: | + mkdir -p ~/.m2 + cat > ~/.m2/settings.xml < + + + github-snapshot + ${{ github.actor }} + ${{ secrets.GITHUB_TOKEN }} + + + + EOF + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + + # - name: Consume GitHub Packages (com.sap.cds.sdm-root and com.sap.cds.sdm) + # run: | + # mvn dependency:get -Dartifact=com.sap.cds:sdm-root:LATEST -DrepoUrl=https://maven.pkg.github.com/cap-java/sdm + # mvn dependency:get -Dartifact=com.sap.cds:sdm:LATEST -DrepoUrl=https://maven.pkg.github.com/cap-java/sdm + + - name: Prepare and Deploy to Cloud Foundry + run: | + echo "Current Branch......" + git branch + pwd + cd /home/runner/work/sdm/sdm/cap-notebook/demoapp + # Removing node_modules & package-lock.json + cd app + rm -rf node_modules package-lock.json + + npm i + + cd .. + + # Replace placeholder with actual REPOSITORY_ID value + sed -i 's|__REPOSITORY_ID__|'${{ steps.set_repository_id.outputs.repository_id }}'|g' ./mta.yaml + + wget -P /tmp https://github.com/SAP/cloud-mta-build-tool/releases/download/v1.2.28/cloud-mta-build-tool_1.2.28_Linux_amd64.tar.gz + tar -xvzf /tmp/cloud-mta-build-tool_1.2.28_Linux_amd64.tar.gz + sudo mv mbt /usr/local/bin/ + + mbt build + + # Install cf & login + wget -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key \ + | sudo tee /etc/apt/trusted.gpg.d/cloudfoundry.asc + echo "deb https://packages.cloudfoundry.org/debian stable main" \ + | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list + sudo apt update + sudo apt install cf-cli + + # Install cf CLI plugin + cf install-plugin multiapps -f + + # Login to Cloud Foundry again to ensure session is active + cf login -a ${{ secrets.CF_API }} -u ${{ secrets.CF_USER }} -p ${{ secrets.CF_PASSWORD }} -o ${{ secrets.CF_ORG }} -s ${{ secrets.CF_SPACE }} + + # Deploy the application + echo "Running cf deploy" + cf deploy mta_archives/demoappjava_1.0.0.mtar -f + + integration-test: + needs: deploy + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + - name: Set up Java 17 + uses: actions/setup-java@v3 + with: + java-version: 17 + distribution: 'temurin' + + - name: Install Cloud Foundry CLI and jq + run: | + wget -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key | sudo apt-key add - + echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list + sudo apt-get update + sudo apt-get install cf8-cli jq + - name: Login to Cloud Foundry + run: | + cf login -a ${{ secrets.CF_API }} \ + -u ${{ secrets.CF_USER }} \ + -p ${{ secrets.CF_PASSWORD }} \ + -o ${{ secrets.CF_ORG }} \ + -s ${{ secrets.CF_SPACE }} + - name: Fetch and Escape Client Secret + id: fetch_secret + run: | + # Fetch the service instance GUID + service_instance_guid=$(cf service demoappjava-public-uaa --guid) + if [ -z "$service_instance_guid" ]; then + echo "Error: Unable to retrieve service instance GUID"; exit 1; + fi + # Fetch the binding GUID + bindings_response=$(cf curl "/v3/service_credential_bindings?service_instance_guids=${service_instance_guid}") + + binding_guid=$(echo $bindings_response | jq -r '.resources[0].guid') + if [ -z "$binding_guid" ]; then + echo "Error: Unable to retrieve binding GUID"; exit 1; + fi + + # Fetch the clientSecret + binding_details=$(cf curl "/v3/service_credential_bindings/${binding_guid}/details") + clientSecret=$(echo "$binding_details" | jq -r '.credentials.clientsecret') + if [ -z "$clientSecret" ] || [ "$clientSecret" == "null" ]; then + echo "Error: clientSecret is not set or is null"; exit 1; + fi + + # Escape any $ characters in the clientSecret + escapedClientSecret=$(echo "$clientSecret" | sed 's/\$/\\$/g') + echo "::set-output name=CLIENT_SECRET::$escapedClientSecret" + - name: Run integration tests + env: + CLIENT_SECRET: ${{ steps.fetch_secret.outputs.CLIENT_SECRET }} + run: | + set -e # Enable error checking + PROPERTIES_FILE="sdm/src/test/resources/credentials.properties" + # Gather secrets and other values + appUrl="${{ secrets.CF_ORG }}-${{ secrets.CF_SPACE }}-demoappjava-srv.cfapps.eu12.hana.ondemand.com" + authUrl="${{ secrets.CAPAUTH_URL }}" + clientID="${{ secrets.CAPSDM_CLIENT_ID }}" + clientSecret="${{ env.CLIENT_SECRET }}" + username="${{ secrets.CF_USER }}" + password="${{ secrets.CF_PASSWORD }}" + noSDMRoleUsername="${{ secrets.NOSDMROLEUSERNAME }}" + noSDMRoleUserPassword="${{ secrets.NOSDMROLEUSERPASSWORD }}" + # Ensure all required variables are set + if [ -z "$appUrl" ]; then echo "Error: appUrl is not set"; exit 1; fi + if [ -z "$authUrl" ]; then echo "Error: authUrl is not set"; exit 1; fi + if [ -z "$clientID" ]; then echo "Error: clientID is not set"; exit 1; fi + if [ -z "$clientSecret" ]; then echo "Error: clientSecret is not set"; exit 1; fi + if [ -z "$username" ]; then echo "Error: username is not set"; exit 1; fi + if [ -z "$password" ]; then echo "Error: password is not set"; exit 1; fi + if [ -z "$noSDMRoleUsername" ]; then echo "Error: noSDMRoleUsername is not set"; exit 1; fi + if [ -z "$noSDMRoleUserPassword" ]; then echo "Error: noSDMRoleUserPassword is not set"; exit 1; fi + # Function to partially mask sensitive information for logging + mask() { + local value="$1" + if [ ${#value} -gt 6 ]; then + echo "${value:0:3}*****${value: -3}" + else + echo "${value:0:2}*****" + fi + } + # Update properties file with real values + cat > "$PROPERTIES_FILE" <