fix(deps): update zeebe.version to v8.5.5 #804
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: build | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - stable/* | |
| - release-* | |
| - trying | |
| - staging | |
| pull_request: {} | |
| workflow_dispatch: | |
| inputs: | |
| deployToDev: | |
| description: 'Click here if you want to test a feature in the development environment prior to merge' | |
| type: boolean | |
| required: false | |
| default: 'false' | |
| defaults: | |
| run: | |
| # use bash shell by default to ensure pipefail behavior is the default | |
| # see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference | |
| shell: bash | |
| # variables for later use | |
| env: | |
| vault_secret_path: ${{ inputs.deployToDev && 'secret/data/products/zeebe/ci/testbench-secrets-1.x-dev' || 'secret/data/products/zeebe/ci/testbench-secrets-1.x-prod' }} | |
| docker_tag: ${{ inputs.deployToDev && '1.x-dev' || '1.x-prod' }} | |
| should_deploy_infra: ${{ (github.repository == 'zeebe-io/zeebe-cluster-testbench' && (github.ref == 'refs/heads/main' || contains(github.ref, 'ref/heads/stable/') || inputs.deployToDev)) && 'true' || 'false' }} | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| checks: write | |
| pull-requests: write | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - name: Echo inputs | |
| run: | | |
| echo "Inputs" | |
| echo "-----" | |
| echo "Deploy to dev?: ${{ inputs.deployToDev }}" | |
| - uses: actions/checkout@v4 | |
| - name: Import Secrets | |
| id: secrets # important to refer to it in later steps | |
| uses: hashicorp/vault-action@v3.0.0 | |
| with: | |
| url: ${{ secrets.VAULT_ADDR }} | |
| method: approle | |
| roleId: ${{ secrets.VAULT_ROLE_ID }} | |
| secretId: ${{ secrets.VAULT_SECRET_ID }} | |
| exportEnv: false # we rely on step outputs, no need for environment variables | |
| secrets: | | |
| secret/data/products/zeebe/ci/zeebe ARTIFACTS_USR; | |
| secret/data/products/zeebe/ci/zeebe ARTIFACTS_PSW; | |
| ${{ env.vault_secret_path }} clientSecret; | |
| ${{ env.vault_secret_path }} cloudClientSecret; | |
| ${{ env.vault_secret_path }} contactPoint; | |
| ${{ env.vault_secret_path }} internalCloudClientSecret; | |
| ${{ env.vault_secret_path }} internalCloudPassword; | |
| ${{ env.vault_secret_path }} slackWebhookUrl; | |
| - name: Setup Maven | |
| uses: s4u/setup-maven-action@v1.14.0 | |
| with: | |
| java-version: '21' | |
| distribution: 'temurin' | |
| # Use CI Nexus as co-located pull-through cache for Maven artifacts via ~/.m2/settings.xml | |
| - name: Create Maven Settings | |
| uses: s4u/maven-settings-action@v3.0.0 | |
| with: | |
| githubServer: false | |
| servers: | | |
| [{ | |
| "id": "camunda-nexus", | |
| "username": "${{ steps.secrets.outputs.ARTIFACTS_USR }}", | |
| "password": "${{ steps.secrets.outputs.ARTIFACTS_PSW }}" | |
| }] | |
| mirrors: '[{"url": "https://repository.nexus.camunda.cloud/content/groups/internal/", "id": "camunda-nexus", "mirrorOf": "zeebe,zeebe-snapshots", "name": "camunda Nexus"}]' | |
| - name: Run Tests | |
| run: | | |
| mvn -B install -Dsurefire.rerunFailingTestsCount=5 | |
| env: | |
| MAVEN_USERNAME: ${{ steps.secrets.outputs.ARTIFACTS_USR }} | |
| MAVEN_PASSWORD: ${{ steps.secrets.outputs.ARTIFACTS_PSW }} | |
| - name: Publish Test Results | |
| uses: EnricoMi/publish-unit-test-result-action@v2 | |
| if: always() # Publish results even if the job fails or is canceled | |
| with: | |
| files: | | |
| **/target/surefire-reports/*.xml | |
| **/target/failsafe-reports/TEST-*.xml | |
| - name: Deploy Snapshot Artifacts | |
| if: env.should_deploy_infra == 'true' | |
| run: | | |
| mvn -B -DskipTests generate-sources source:jar javadoc:jar deploy | |
| env: | |
| MAVEN_USERNAME: ${{ steps.secrets.outputs.ARTIFACTS_USR }} | |
| MAVEN_PASSWORD: ${{ steps.secrets.outputs.ARTIFACTS_PSW }} | |
| - uses: google-github-actions/auth@v2 | |
| if: env.should_deploy_infra == 'true' | |
| name: GCP Login | |
| id: auth | |
| with: | |
| token_format: 'access_token' | |
| workload_identity_provider: 'projects/628707732411/locations/global/workloadIdentityPools/testbench-identity-pool/providers/testbench-identity-provider' | |
| service_account: 'testbench-service-account@zeebe-io.iam.gserviceaccount.com' | |
| - name: Login to GCR | |
| if: env.should_deploy_infra == 'true' | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: gcr.io | |
| username: oauth2accesstoken | |
| password: ${{ steps.auth.outputs.access_token }} | |
| - name: Build (and optionally Push) to Docker Registry | |
| uses: docker/build-push-action@v5 | |
| with: | |
| push: '${{ env.should_deploy_infra }}' | |
| context: . | |
| tags: 'gcr.io/zeebe-io/zeebe-cluster-testbench:${{ env.docker_tag }}' | |
| - uses: google-github-actions/get-gke-credentials@v2.2.0 | |
| if: env.should_deploy_infra == 'true' | |
| with: | |
| cluster_name: 'zeebe-cluster' | |
| location: 'europe-west1-b' | |
| - name: Deploy Infrastructure | |
| if: env.should_deploy_infra == 'true' | |
| run: | | |
| .ci/scripts/deploy.sh "${{ env.docker_tag }}" | |
| env: | |
| CLIENT_SECRET: ${{ steps.secrets.outputs.clientSecret }} | |
| CLOUD_CLIENT_SECRET: ${{ steps.secrets.outputs.cloudClientSecret }} | |
| CONTACT_POINT: ${{ steps.secrets.outputs.contactPoint }} | |
| INTERNAL_CLOUD_CLIENT_SECRET: ${{ steps.secrets.outputs.internalCloudClientSecret }} | |
| INTERNAL_CLOUD_PASSWORD: ${{ steps.secrets.outputs.internalCloudPassword }} | |
| SLACK_WEBHOOK_URL: ${{ steps.secrets.outputs.slackWebhookUrl }} | |
| # DRY_RUN: 'true' | |
| - name: Send Slack notification | |
| # only runs if there's a failure in the workflow | |
| if: failure() && github.repository == 'zeebe-io/zeebe-cluster-testbench' && (github.ref == 'refs/heads/main' || contains(github.ref, 'ref/heads/stable/')) | |
| uses: 8398a7/action-slack@v3 | |
| with: | |
| status: failure | |
| channel: '#zeebe-ci' | |
| fields: repo,action,eventName,ref,workflow | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ steps.secrets.outputs.slackWebhookUrl }} | |
| test-summary: | |
| # Used by bors to check all tests, including the unit test matrix. | |
| # New test jobs must be added to the `needs` lists! | |
| # This name is hard-referenced from bors.toml; remember to update that if this name changes | |
| name: Test summary | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| steps: | |
| - run: exit 0 | |
| auto-merge: | |
| name: Auto-merge dependabot PRs | |
| runs-on: ubuntu-latest | |
| needs: [ build ] | |
| if: github.repository == 'zeebe-io/zeebe-cluster-testbench' && github.actor == 'dependabot[bot]' | |
| permissions: | |
| checks: read | |
| pull-requests: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - id: metadata | |
| name: Fetch dependency metadata | |
| uses: dependabot/fetch-metadata@v2.1.0 | |
| with: | |
| github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| - id: merge | |
| name: Merge PR | |
| if: steps.metadata.outputs.update-type != 'version-update:semver-major' | |
| run: gh pr merge ${{ github.event.pull_request.number }} --merge | |
| env: | |
| GITHUB_TOKEN: "${{secrets.AUTO_MERGE_GITHUB_TOKEN}}" |