Skip to content

OF-2649: Prevent incorrect CSI warning message from being logged #2243

OF-2649: Prevent incorrect CSI warning message from being logged

OF-2649: Prevent incorrect CSI warning message from being logged #2243

name: Openfire CI
env:
CI: true
on: [push, pull_request]
jobs:
build:
name: Build Openfire from source
runs-on: ubuntu-latest
strategy:
matrix:
java: [ 11, 17 ]
distribution: [ zulu ] # We could add more here: temurin, adopt, liberica, microsoft, corretto
steps:
- uses: actions/checkout@v3
- name: Set up JDK ${{ matrix.java }} ${{ matrix.distribution }}
uses: actions/setup-java@v3
with:
java-version: ${{ matrix.java }}
distribution: ${{ matrix.distribution }}
cache: maven
- name: Build with Maven
run: ./mvnw -B package -Pcoverage --file pom.xml
- name: Upload failed test reports
uses: actions/upload-artifact@v3
if: always()
with:
name: surefire-reports_java${{ matrix.java }}
path: xmppserver/target/surefire-reports
- name: Upload distribution
if: ${{ matrix.distribution == 'zulu' }}
uses: actions/upload-artifact@v3
with:
name: distribution-java${{ matrix.java }}
path: distribution/target/distribution-base
- name: Upload test files
if: ${{ matrix.distribution == 'zulu' }}
uses: actions/upload-artifact@v3
with:
name: test-files
path: |
runIntegrationTests
runAioxmppIntegrationTests
runConnectivityIntegrationTests
test.gradle
- name: Upload coverage report for 'xmppserver' module
if: ${{ matrix.distribution == 'zulu' && matrix.java == 11 }}
uses: actions/upload-artifact@v3
with:
name: Coverage Report for 'xmppserver' module
path: xmppserver/target/site/jacoco/
aioxmpp:
name: Execute aioxmpp-based CI tests
runs-on: ubuntu-latest
needs: build
steps:
- name: Set JAVA_HOME to use Java 11
run: echo "JAVA_HOME=$(echo $JAVA_HOME_11_X64)" >> $GITHUB_ENV
- name: Download distribution artifact from build job.
uses: actions/download-artifact@v3
with:
name: distribution-java11
path: distribution/target/distribution-base
- name: Download test files from build job.
uses: actions/download-artifact@v3
with:
name: test-files
- name: Fix file permissions
run: |
chmod +x distribution/target/distribution-base/bin/openfire.sh
chmod +x ./runAioxmppIntegrationTests
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: 3.11
check-latest: true # attempt to prevent to use 3.11.3 by enticing the runner to update (to something later)
- name: Run aioxmpp tests
run: ./runAioxmppIntegrationTests -d -l -h example.org -i 127.0.0.1 || ./runAioxmppIntegrationTests -d -l -h example.org -i 127.0.0.1 || ./runAioxmppIntegrationTests -d -l -h example.org -i 127.0.0.1 # Try tests a few times, in case of flakiness
- name: Expose test output
if: always()
uses: actions/upload-artifact@v3
with:
name: aioxmpp test output
path: aioxmpp/output
- name: Expose openfire output
if: always()
uses: actions/upload-artifact@v3
with:
name: openfire logs
path: distribution/target/distribution-base/logs/*
check_branch:
runs-on: ubuntu-latest
outputs:
is_publishable_branch: ${{ steps.check-branch.outputs.is_publishable_branch }}
steps:
- name: check branch ${{ github.ref }} is either main or a version number
id: check-branch
run: |
if [[ ${{ github.ref }} == 'refs/heads/main' || ${{ github.ref }} =~ refs\/heads\/[0-9]+\.[0-9]+ ]]; then
echo "is_publishable_branch=true" >> $GITHUB_OUTPUT
else
echo "is_publishable_branch=false" >> $GITHUB_OUTPUT
fi
connectivity:
name: Execute Connectivity CI tests
runs-on: ubuntu-latest
needs: build
steps:
- name: Set JAVA_HOME to use Java 11
run: echo "JAVA_HOME=$(echo $JAVA_HOME_11_X64)" >> $GITHUB_ENV
- name: Download distribution artifact from build job.
uses: actions/download-artifact@v3
with:
name: distribution-java11
path: distribution/target/distribution-base
- name: Download test files from build job.
uses: actions/download-artifact@v3
with:
name: test-files
- name: Set up Java
uses: actions/setup-java@v3
with:
java-version: 11
distribution: zulu
- name: Fix file permissions
run: |
chmod +x distribution/target/distribution-base/bin/openfire.sh
chmod +x ./runConnectivityIntegrationTests
- name: Run connectivity tests
run: ./runConnectivityIntegrationTests -d -l -i 127.0.0.1
smack:
name: Execute Smack-based CI tests
runs-on: ubuntu-latest
needs: build
steps:
- name: Set JAVA_HOME to use Java 11
run: echo "JAVA_HOME=$(echo $JAVA_HOME_11_X64)" >> $GITHUB_ENV
- name: Download distribution artifact from build job.
uses: actions/download-artifact@v3
with:
name: distribution-java11
path: distribution/target/distribution-base
- name: Download test files from build job.
uses: actions/download-artifact@v3
with:
name: test-files
- name: Set up Java
uses: actions/setup-java@v3
with:
java-version: 11
distribution: zulu
- name: Fix file permissions
run: |
chmod +x distribution/target/distribution-base/bin/openfire.sh
chmod +x ./runIntegrationTests
- name: Run smack tests
run: ./runIntegrationTests -d -l -i 127.0.0.1
publish-maven:
name: Publish to Maven
runs-on: ubuntu-latest
needs: [aioxmpp, connectivity, smack, check_branch]
if: ${{github.repository == 'igniterealtime/Openfire' && github.event_name == 'push' && needs.check_branch.outputs.is_publishable_branch == 'true'}}
steps:
- uses: actions/checkout@v3
with:
# Defend against another commit quickly following the first
# We want the one that's been tested, rather than the head of main
ref: ${{ github.event.push.after }}
- name: Set up Java for publishing
uses: actions/setup-java@v3
with:
java-version: 11
distribution: zulu
cache: maven
server-id: igniterealtime
server-username: IGNITE_REALTIME_MAVEN_USERNAME
server-password: IGNITE_REALTIME_MAVEN_PASSWORD
- name: Publish
run: ./mvnw -B deploy -Pci -Dmaven.test.skip=true
env:
IGNITE_REALTIME_MAVEN_USERNAME: ${{ secrets.IGNITE_REALTIME_MAVEN_USERNAME }}
IGNITE_REALTIME_MAVEN_PASSWORD: ${{ secrets.IGNITE_REALTIME_MAVEN_PASSWORD }}
can-publish-docker:
# Based on https://github.com/GabLeRoux/github-actions-examples/blob/e0468ce2731b08bd8b1f7cd09d0b94c541310693/.github/workflows/secret_based_conditions.yml
name: Check if Docker Hub secrets exist
runs-on: ubuntu-latest
needs: [build, aioxmpp, connectivity, smack]
outputs:
is_DOCKERHUB_SECRET_set: ${{ steps.checksecret_job.outputs.is_DOCKERHUB_SECRET_set }}
steps:
- name: Check whether Docker Publish should be done
id: checksecret_job
env:
DOCKERHUB_SECRET: ${{ secrets.DOCKERHUB_TOKEN }}
run: |
echo "is_DOCKERHUB_SECRET_set: ${{ env.DOCKERHUB_SECRET != '' }}"
echo "is_DOCKERHUB_SECRET_set=${{ env.DOCKERHUB_SECRET != '' }}" >> $GITHUB_OUTPUT
publish-docker:
name: Publish to Docker Hub
runs-on: ubuntu-latest
needs: [can-publish-docker]
if: |
needs.can-publish-docker.outputs.is_DOCKERHUB_SECRET_set == 'true' &&
github.event_name == 'push' &&
(contains(github.ref, 'refs/tags/') || github.ref == 'refs/heads/main')
outputs:
imagedigest: ${{ steps.docker_build.outputs.digest }}
steps:
- name: Set up variables if we're on main
if: ${{ github.ref == 'refs/heads/main' }}
run: echo "SOURCE_TAG=alpha" >> $GITHUB_ENV
- name: Set up variables if we're on a tag
if: ${{ contains(github.ref, 'refs/tags/') }}
run: echo "SOURCE_TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV
- uses: actions/checkout@v3
with:
# Defend against another commit quickly following the first
# We want the one that's been tested, rather than the head of main
ref: ${{ github.event.push.after }}
- name: Download distribution artifact from build job.
uses: actions/download-artifact@v3
with:
name: distribution-java11
path: distribution/target/distribution-base
- name: Fix file permissions
run: find . -type f -name '*.sh' -exec chmod +x {} \;
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Cache Docker layers # TODO: Validate that caches are faster than no caches
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and push to Docker Hub
id: docker_build
uses: docker/build-push-action@v4
with:
context: .
push: true
tags: ${{ secrets.DOCKERHUB_OPENFIREIMAGE }}:${{ env.SOURCE_TAG }}
platforms: linux/amd64,linux/arm64
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new
- name: Move cache
# Temp fix
# https://github.com/docker/build-push-action/issues/252
# https://github.com/moby/buildkit/issues/1896
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
- name: Image digest
run: |
echo Images published:
echo ${{ secrets.DOCKERHUB_OPENFIREIMAGE }}:${{ steps.docker_build.outputs.digest }}
echo ${{ secrets.DOCKERHUB_OPENFIREIMAGE }}:${{ env.SOURCE_TAG }}
test-published-docker:
name: Test tagged images published to Docker Hub
runs-on: ubuntu-latest
needs: [publish-docker]
if: contains(github.ref, 'refs/tags/')
steps:
- name: Launch & Check Openfire
run: |
docker run --name openfire -d -p 9090:9090 ${{ secrets.DOCKERHUB_OPENFIREIMAGE }}@${{needs.publish-docker.outputs.imagedigest}}
attempt_counter=0
max_attempts=30
until $(curl --output /dev/null --silent --head --fail http://127.0.0.1:9090); do
if [ ${attempt_counter} -eq ${max_attempts} ];then
echo "Max attempts reached. Openfire failed to launch."
exit 1
fi
printf '.'
attempt_counter=$(($attempt_counter+1))
sleep 1
done
echo "Openfire Admin is reachable."
docker logs openfire