chore(deps): upgrade Alfresco/hxp-studio-services to version 7.20.0-alpha.1549 #21915
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| push: | |
| branches: | |
| - develop | |
| pull_request: | |
| branches: | |
| - develop | |
| types: | |
| - opened | |
| - reopened | |
| - synchronize | |
| - labeled | |
| env: | |
| CHART_DIR: "helm/alfresco-process-infrastructure" | |
| HELM_REPO_BASE_URL: https://kubernetes-charts.alfresco.com | |
| HELM_REPO: Alfresco/charts | |
| HELM_REPO_BRANCH: master | |
| HELM_REPO_SUBFOLDER: incubator | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.head_ref || github.ref_name || github.run_id }} | |
| cancel-in-progress: ${{ github.event_name != 'push' }} | |
| jobs: | |
| pre-checks: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Check dependabot build | |
| uses: Activiti/Activiti/.github/actions/check-ext-build@456be36569d3afea26c83755ee9e90f0697b5349 # 8.7.1 | |
| - name: Setup Helm Docs | |
| uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@03cc498daae9f1b06424f352d944e403b458b825 # v12.8.1 | |
| with: | |
| version: 1.13.1 | |
| - name: pre-commit | |
| uses: Alfresco/alfresco-build-tools/.github/actions/pre-commit@03cc498daae9f1b06424f352d944e403b458b825 # v12.8.1 | |
| with: | |
| skip_checkout: true | |
| - name: Run Checkov | |
| uses: bridgecrewio/checkov-action@e1bb78184f5dd3690fb1089d6c4f51295f9dff48 # v12.1839.0 | |
| with: | |
| framework: kubernetes | |
| - name: Ensure SHA pinned actions | |
| uses: zgosalvez/github-actions-ensure-sha-pinned-actions@6124774845927d14c601359ab8138699fa5b70c3 # v4.0.1 | |
| validate: | |
| needs: pre-checks | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - uses: actions/cache/restore@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 | |
| with: | |
| path: ~/.m2/repository | |
| key: ${{ runner.os }}-maven-validate-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-maven-validate- | |
| - uses: Alfresco/alfresco-build-tools/.github/actions/validate-maven-versions@03cc498daae9f1b06424f352d944e403b458b825 # v12.8.1 | |
| with: | |
| maven-username: ${{ secrets.NEXUS_USERNAME }} | |
| maven-password: ${{ secrets.NEXUS_PASSWORD }} | |
| - name: Save maven cache | |
| uses: actions/cache/save@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 | |
| if: github.event_name == 'push' | |
| with: | |
| path: ~/.m2/repository | |
| key: ${{ runner.os }}-maven-validate-${{ hashFiles('**/pom.xml') }} | |
| build: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - pre-checks | |
| - validate | |
| env: | |
| TARGET_CHARTS_PATH: charts | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Build | |
| uses: Alfresco/alfresco-build-tools/.github/actions/helm-build-chart@03cc498daae9f1b06424f352d944e403b458b825 # v12.8.1 | |
| with: | |
| chart-dir: ${{ env.CHART_DIR }} | |
| - name: Setup Cluster | |
| uses: Alfresco/alfresco-build-tools/.github/actions/setup-kind@03cc498daae9f1b06424f352d944e403b458b825 # v12.8.1 | |
| - name: Compute Keycloak Client Secret | |
| id: compute-keycloak-secret | |
| run: echo "result=$(uuidgen)" >> $GITHUB_OUTPUT | |
| - name: Execute helm upgrade dry-run | |
| env: | |
| CHART_DIR: ${{ env.CHART_DIR }} | |
| NAMESPACE: "test" | |
| DOMAIN: "example" | |
| KEYCLOAK_SECRET: ${{ steps.compute-keycloak-secret.outputs.result }} | |
| shell: bash | |
| run: | | |
| NAMESPACE_LOWERCASE=$(echo ${NAMESPACE} | tr "[:upper:]" "[:lower:]") | |
| helm upgrade $NAMESPACE_LOWERCASE $CHART_DIR \ | |
| --install \ | |
| --set global.gateway.domain=$DOMAIN \ | |
| --set global.keycloak.clientSecret=$KEYCLOAK_SECRET \ | |
| --namespace $NAMESPACE_LOWERCASE \ | |
| --wait \ | |
| --dry-run | |
| - name: Package Helm Chart | |
| id: package-helm-chart | |
| uses: Alfresco/alfresco-build-tools/.github/actions/helm-package-chart@03cc498daae9f1b06424f352d944e403b458b825 # v12.8.1 | |
| with: | |
| chart-dir: ${{ env.CHART_DIR }} | |
| release: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| outputs: | |
| version: ${{ steps.calculate-next-internal-version.outputs.next-prerelease }} | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Parse next release | |
| id: helm-parse-next-release | |
| uses: Alfresco/alfresco-build-tools/.github/actions/helm-parse-next-release@03cc498daae9f1b06424f352d944e403b458b825 # v12.8.1 | |
| with: | |
| chart-dir: ${{ env.CHART_DIR }} | |
| - id: calculate-next-internal-version | |
| name: Calculate next internal release | |
| uses: Alfresco/alfresco-build-tools/.github/actions/calculate-next-internal-version@03cc498daae9f1b06424f352d944e403b458b825 # v12.8.1 | |
| with: | |
| next-version: ${{ steps.helm-parse-next-release.outputs.next-release }} | |
| - id: helm-release-and-publish | |
| name: Release and publish helm chart | |
| uses: Alfresco/alfresco-build-tools/.github/actions/helm-release-and-publish@03cc498daae9f1b06424f352d944e403b458b825 # v12.8.1 | |
| with: | |
| version: ${{ steps.calculate-next-internal-version.outputs.next-prerelease }} | |
| chart-dir: ${{ env.CHART_DIR }} | |
| helm-repository: ${{ env.HELM_REPO }} | |
| helm-repository-branch: ${{ env.HELM_REPO_BRANCH }} | |
| helm-repository-subfolder: ${{ env.HELM_REPO_SUBFOLDER }} | |
| helm-repository-base-url: ${{ env.HELM_REPO_BASE_URL }} | |
| helm-repository-token: ${{ secrets.BOT_GITHUB_TOKEN }} | |
| git-username: ${{ secrets.BOT_GITHUB_USERNAME }} | |
| do-push: ${{ github.event_name == 'push' }} | |
| promote: | |
| runs-on: ubuntu-latest | |
| needs: release | |
| if: github.event_name == 'push' | |
| env: | |
| VERSION: ${{ needs.release.outputs.version }} | |
| DEVELOPMENT_BRANCH: ${{ github.ref_name }} | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - id: get-versions | |
| working-directory: helm/alfresco-process-infrastructure | |
| run: | | |
| CHART_VERSION=`yq '.dependencies | map(select(.name == "common")) | .[0].version' Chart.yaml` | |
| echo ${CHART_VERSION} | |
| echo "chart=${CHART_VERSION}" >> $GITHUB_OUTPUT | |
| DEPLOYMENT_VERSION=`yq '.alfresco-deployment-service.image.tag' values.yaml` | |
| echo ${DEPLOYMENT_VERSION} | |
| echo "deployment=${DEPLOYMENT_VERSION}" >> $GITHUB_OUTPUT | |
| MODELING_VERSION=`yq '.alfresco-modeling-service.image.tag' values.yaml` | |
| echo ${MODELING_VERSION} | |
| echo "modeling=${MODELING_VERSION}" >> $GITHUB_OUTPUT | |
| - id: get-pom-versions | |
| run: | | |
| COMPONENT_REPOSITORY_VERSION=`yq '.project.properties["studio-component-repository.version"]' pom.xml` | |
| echo ${COMPONENT_REPOSITORY_VERSION} | |
| echo "component_repository=${COMPONENT_REPOSITORY_VERSION}" >> $GITHUB_OUTPUT | |
| - uses: Alfresco/alfresco-build-tools/.github/actions/jx-updatebot-pr@03cc498daae9f1b06424f352d944e403b458b825 # v12.8.1 | |
| env: | |
| ACTIVITI_CLOUD_COMMON_CHART_VERSION: ${{ steps.get-versions.outputs.chart }} | |
| ALFRESCO_DEPLOYMENT_SERVICE_VERSION: ${{ steps.get-versions.outputs.deployment }} | |
| ALFRESCO_MODELING_SERVICE_VERSION: ${{ steps.get-versions.outputs.modeling }} | |
| STUDIO_COMPONENT_REPOSITORY_VERSION: ${{ steps.get-pom-versions.outputs.component_repository }} | |
| with: | |
| version: ${{ env.VERSION }} | |
| auto-merge: 'true' | |
| labels: 'be-propagation,${{ env.DEVELOPMENT_BRANCH }}' | |
| base-branch-name: ${{ env.DEVELOPMENT_BRANCH }} | |
| git-username: ${{ secrets.BOT_GITHUB_USERNAME }} | |
| git-token: ${{ secrets.BOT_GITHUB_TOKEN }} | |
| git-author-name: ${{ secrets.BOT_GITHUB_USERNAME }} | |
| notify: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - release | |
| - promote | |
| if: always() && failure() && github.event_name == 'push' | |
| steps: | |
| - name: Teams Notification | |
| uses: Alfresco/alfresco-build-tools/.github/actions/send-teams-notification@03cc498daae9f1b06424f352d944e403b458b825 # v12.8.1 | |
| with: | |
| webhook-url: ${{ secrets.TEAMS_NOTIFICATION_AUTOMATE_BACKEND_WORKFLOW_WEBHOOK }} |