From 3fef1dc2f16c638880c8ad53c3120963c992fe6f Mon Sep 17 00:00:00 2001 From: jandroav Date: Mon, 23 Oct 2023 12:23:14 +0200 Subject: [PATCH 01/18] #DAT-16091 --- .github/dependabot.yml | 16 +- .github/release-drafter.yml | 53 +++++ .github/workflows/attach-artifact-release.yml | 12 ++ .github/workflows/build-nightly.yml | 13 ++ .github/workflows/ci-report.yml | 50 ----- .github/workflows/ci.yml | 198 ------------------ .github/workflows/codeql.yml | 18 ++ .github/workflows/create-release.yml | 87 +------- .github/workflows/label-pr.yml | 19 ++ .github/workflows/release-published.yml | 104 ++++----- .github/workflows/snyk.yml | 62 ------ .github/workflows/test.yml | 90 ++++++++ pom.xml | 163 ++------------ 13 files changed, 284 insertions(+), 601 deletions(-) create mode 100644 .github/release-drafter.yml create mode 100644 .github/workflows/attach-artifact-release.yml create mode 100644 .github/workflows/build-nightly.yml delete mode 100644 .github/workflows/ci-report.yml delete mode 100644 .github/workflows/ci.yml create mode 100644 .github/workflows/codeql.yml create mode 100644 .github/workflows/label-pr.yml delete mode 100644 .github/workflows/snyk.yml create mode 100644 .github/workflows/test.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml index a217b34..54c9015 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,7 +1,13 @@ version: 2 updates: -- package-ecosystem: maven - directory: "/" - schedule: - interval: daily - open-pull-requests-limit: 10 + + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" + + - package-ecosystem: "maven" + directory: "/" + schedule: + interval: "daily" + diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml new file mode 100644 index 0000000..394f795 --- /dev/null +++ b/.github/release-drafter.yml @@ -0,0 +1,53 @@ + +name-template: 'Support for $OWNER $REPOSITORY Extension v$NEXT_MINOR_VERSION' +tag-template: 'v$NEXT_MINOR_VERSION' +exclude-labels: + - 'skipReleaseNotes' +categories: + - title: ':green_book: Notable Changes' + labels: + - 'notableChanges' + - title: '🚀 New Features' + labels: + - 'TypeEnhancement' + - 'TypeTest' + - title: '🐛 Bug Fixes 🛠' + labels: + - 'TypeBug' + - title: '💥 Breaking Changes' + labels: + - 'breakingChanges' + - title: '🤖 Security Driver and Other Updates' + collapse-after: 5 + labels: + - 'sdou' + - 'dependencies' + - title: '👏 New Contributors' + labels: + - 'newContributors' + + +change-template: '- (#$NUMBER) $TITLE @$AUTHOR ' +change-title-escapes: '\<*_&' # You can add # and @ to disable mentions, and add ` to disable code blocks. +version-resolver: + major: + labels: + - 'major' + minor: + labels: + - 'minor' + patch: + labels: + - 'feature' + - 'enhancement' + - 'patch' + - 'bugfix' + - 'sdou' + default: minor +template: | + ## Changes + + $CHANGES + + **Full Changelog**: https://github.com/$OWNER/$REPOSITORY/compare/$PREVIOUS_TAG...$REPOSITORY-$RESOLVED_VERSION + diff --git a/.github/workflows/attach-artifact-release.yml b/.github/workflows/attach-artifact-release.yml new file mode 100644 index 0000000..ea07976 --- /dev/null +++ b/.github/workflows/attach-artifact-release.yml @@ -0,0 +1,12 @@ +name: Attach Artifact to Release + +on: + pull_request: + types: + - closed + +jobs: + + attach-artifact-to-release: + uses: liquibase/build-logic/.github/workflows/extension-attach-artifact-release.yml@v0.5.2 + secrets: inherit diff --git a/.github/workflows/build-nightly.yml b/.github/workflows/build-nightly.yml new file mode 100644 index 0000000..e4c9e89 --- /dev/null +++ b/.github/workflows/build-nightly.yml @@ -0,0 +1,13 @@ +# This workflow will build the extension against the latest Liquibase artifact +name: "Nightly build" + +on: + schedule: + - cron: '0 7 * * 1-5' + +jobs: + nightly-build: + uses: liquibase/build-logic/.github/workflows/os-extension-test.yml@v0.5.2 + with: + nightly: true + secrets: inherit diff --git a/.github/workflows/ci-report.yml b/.github/workflows/ci-report.yml deleted file mode 100644 index 6d8c2e3..0000000 --- a/.github/workflows/ci-report.yml +++ /dev/null @@ -1,50 +0,0 @@ -name: 'Continuous Integration - Report' -on: - workflow_run: - workflows: [Continuous Integration] - types: [completed] - -jobs: - test-report: - name: Report Test Results - runs-on: ubuntu-latest - if: github.event.workflow_run.conclusion != 'skipped' - - steps: - - uses: actions/checkout@v2 - - - name: Download and Extract Artifacts - env: - GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} - run: | - mvn -B liquibase-sdk:download-snapshot-artifacts \ - -Dliquibase.sdk.repo=${{ github.repository }} \ - -Dliquibase.sdk.runId=${{ github.event.workflow_run.id }} \ - -Dliquibase.sdk.downloadDirectory=artifacts \ - -Dliquibase.sdk.artifactPattern=* \ - -Dliquibase.sdk.unzipArtifacts=true - - - name: Publish Unit Test Results - uses: EnricoMi/publish-unit-test-result-action@v2 - with: - commit: ${{ github.event.workflow_run.head_sha }} - event_file: artifacts/Event File/event.json - event_name: ${{ github.event.workflow_run.event }} - junit_files: "artifacts/test-reports-*/**/*.xml" - - build-testing-comment: - name: Add Build Testing Comment - runs-on: ubuntu-latest - if: github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.head_branch != 'main' - - steps: - - uses: actions/checkout@v2 - - - name: Create "BUILD_TESTING" comment - env: - GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} - run: | - mvn -B liquibase-sdk:set-pull-request-comment \ - -Dliquibase.sdk.repo=${{ github.repository }} \ - -Dliquibase.sdk.pr.newComment=BUILD_TESTING \ - -Dliquibase.sdk.pr.definition=${{ github.event.workflow_run.head_branch }} \ No newline at end of file diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml deleted file mode 100644 index 4ffa57d..0000000 --- a/.github/workflows/ci.yml +++ /dev/null @@ -1,198 +0,0 @@ -name: Continuous Integration - -on: - pull_request: - types: - - opened - - reopened - - synchronize - schedule: - - cron: "5 6 * * *" - repository_dispatch: - types: [ liquibase-ci ] - push: - branches: - - main - -jobs: - build: - name: Build & Package - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - - name: Set up JDK 17 - uses: actions/setup-java@v2 - with: - java-version: 17 - distribution: 'temurin' - cache: 'maven' - - - name: Install liquibase-core 0-SNAPSHOT - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: mvn -B clean liquibase-sdk:install-snapshot -Dliquibase.sdk.branchSearch=MATCHING_BRANCHES,master - - - name: Build and Package - run: mvn -B dependency:go-offline clean package -DskipTests=true - - - name: Save Artifacts - uses: actions/upload-artifact@v2 - with: - name: liquibase-hanadb-artifacts - path: | - target/*.jar - - - name: Save Event File - uses: actions/upload-artifact@v3 - with: - name: Event File - path: ${{ github.event_path }} - - - name: Build Cache - uses: actions/cache@v3.0.5 - with: - key: build-${{ github.run_number }}-${{ github.run_attempt }} - path: | - **/target/** - ~/.m2/repository/org/liquibase/ - - unit-test: - name: Test Java ${{ matrix.java }} - runs-on: ubuntu-latest - needs: build - - strategy: - fail-fast: false - matrix: - java: [ 8, 11, 17, 20 ] - - steps: - - uses: actions/checkout@v2 - - - name: Set up JDK ${{ matrix.java }} - uses: actions/setup-java@v2 - with: - java-version: ${{ matrix.java }} - distribution: 'temurin' - cache: 'maven' - - - name: Build Cache - uses: actions/cache@v3.0.5 - with: - key: build-${{ github.run_number }}-${{ github.run_attempt }} - path: | - **/target/** - ~/.m2/repository/org/liquibase/ - - - name: Run Tests - run: mvn -B jacoco:prepare-agent surefire:test - - - name: Archive Test Results - if: ${{ always() }} - uses: actions/upload-artifact@v2 - with: - name: test-reports-jdk-${{ matrix.java }} - path: | - **/target/surefire-reports - **/target/jacoco.exec - - integration-test: - name: Integration Test - runs-on: ubuntu-latest - needs: build - steps: - - uses: actions/checkout@v2 - - - name: Set up JDK 17 - uses: actions/setup-java@v2 - with: - java-version: 17 - distribution: 'temurin' - cache: 'maven' - - - name: Build Cache - uses: actions/cache@v3.0.5 - with: - key: build-${{ github.run_number }}-${{ github.run_attempt }} - path: | - **/target/** - ~/.m2/repository/org/liquibase/ - - - name: Start Hana - run: | - mkdir ./HXE - chmod 777 ./HXE - HXE_VERSION=2.00.061.00.20220519.1 - echo "{\"master_password\" : \"L1qu1base_test\"}" > ./HXE/passwords.json - chmod 777 ./HXE/passwords.json - - docker pull saplabs/hanaexpress:$HXE_VERSION - - docker run -d \ - -p 39013:39013 \ - -p 39015:39015 \ - -p 39017:39017 \ - -p 39041-39045:39041-39045 \ - -p 1128-1129:1128-1129 \ - -p 59013-59014:59013-59014 \ - -v $(pwd)/HXE:/hana/mounts \ - --ulimit nofile=1048576:1048576 \ - --sysctl kernel.shmmax=1073741824 \ - --sysctl net.ipv4.ip_local_port_range='40000 60999' \ - --sysctl kernel.shmall=8388608 \ - --name HXE \ - saplabs/hanaexpress:$HXE_VERSION \ - --passwords-url file:///hana/mounts/passwords.json \ - --agree-to-sap-license - - sleep 10 - - timeout 500 sh -c ' - while true; do - STARTING_CONTAINERS=`docker ps --filter "name=HXE" --format "{{.Names}} {{.Status}}" | grep "health: starting" | wc -l`; - echo "Waiting for $STARTING_CONTAINERS HANA container(s) to finish startup"; - if [ $STARTING_CONTAINERS -ne 1 ]; then - break; - fi; - sleep 5; - done - ' - - docker ps -a - docker logs HXE - docker exec HXE bash -l -c "hdbsql -u SYSTEM -p L1qu1base_test -i 90 -d HXE 'CREATE USER LIQUIBASE_TEST PASSWORD L1qu1base_test NO FORCE_FIRST_PASSWORD_CHANGE'" - - - name: Run Integration Tests - run: mvn -B verify - - - name: Archive Test Results - if: ${{ always() }} - uses: actions/upload-artifact@v2 - with: - name: test-reports-integration - path: target/failsafe-reports - - dependabot: - name: Merge dependabot - runs-on: ubuntu-latest - needs: integration-test - permissions: - contents: write - pull-requests: write - if: ${{ github.actor == 'dependabot[bot]' }} - - steps: - - name: Dependabot metadata - id: dependabot-metadata - uses: dependabot/fetch-metadata@v1.3.1 - - - name: Approve patch and minor updates - if: ${{steps.dependabot-metadata.outputs.update-type == 'version-update:semver-patch' || steps.dependabot-metadata.outputs.update-type == 'version-update:semver-minor'}} - run: | - gh pr merge --auto --merge "$PR_URL" - gh pr review $PR_URL --approve -b "I'm **approving** this pull request because **it includes a patch or minor update**" - env: - PR_URL: ${{github.event.pull_request.html_url}} - GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..e3fc948 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,18 @@ +name: CodeQL + +on: + workflow_dispatch: + push: + branches: [ "main" ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ "main" ] + schedule: + - cron: '16 14 * * 4' + +jobs: + codeql: + uses: liquibase/build-logic/.github/workflows/codeql.yml@v0.5.3 + secrets: inherit + with: + languages: '[java]' diff --git a/.github/workflows/create-release.yml b/.github/workflows/create-release.yml index 27a5111..d766640 100644 --- a/.github/workflows/create-release.yml +++ b/.github/workflows/create-release.yml @@ -1,85 +1,12 @@ name: Create Release + on: - repository_dispatch: - types: [liquibase-release] workflow_dispatch: - inputs: - liquibaseVersion: - description: 'Liquibase Version' - required: true - extensionVersion: - description: 'Extension Version (Defaults to Liquibase Version)' - required: false + push: + branches: + - main jobs: - setup: - name: Setup - runs-on: ubuntu-latest - outputs: - liquibaseVersion: ${{ steps.collect-data.outputs.liquibaseVersion }} - extensionVersion: ${{ steps.collect-data.outputs.extensionVersion }} - steps: - - name: Collect Data - id: collect-data - uses: actions/github-script@v4 - with: - script: | - if (context.payload.client_payload) { - core.setOutput("liquibaseVersion", context.payload.client_payload.liquibaseVersion); - core.setOutput("extensionVersion", context.payload.client_payload.liquibaseVersion); - } else if (context.payload.inputs) { - core.setOutput("liquibaseVersion", context.payload.inputs.liquibaseVersion); - core.setOutput("extensionVersion", context.payload.inputs.extensionVersion || context.payload.inputs.liquibaseVersion); - } else { - core.setFailed('Unknown event type') - } - - - run: | - echo "Saw Liquibase version ${{ steps.collect-data.outputs.liquibaseVersion }}" - echo "Saw Extension version ${{ steps.collect-data.outputs.extensionVersion }}" - - create-release-artifacts: - name: "Create release artifacts" - runs-on: ubuntu-latest - needs: setup - steps: - - uses: actions/checkout@v2 - with: - persist-credentials: false # otherwise, the token used is the GITHUB_TOKEN, instead of your personal token - fetch-depth: 0 # otherwise, you will fail to push refs to dest repo - - - name: Set up JDK - uses: actions/setup-java@v2 - with: - java-version: '17' - distribution: 'temurin' - cache: 'maven' - gpg-private-key: ${{ secrets.GPG_SECRET }} - gpg-passphrase: GPG_PASSPHRASE - env: - GPG_PASSWORD: ${{ secrets.GPG_PASSPHRASE }} - - - name: Download snapshot build - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: mvn -B liquibase-sdk:download-snapshot-artifacts -Dliquibase.sdk.repo=${{ github.repository }} -Dliquibase.sdk.branchSearch=master -Dliquibase.sdk.artifactPattern=liquibase-hanadb-artifacts -Dliquibase.sdk.downloadDirectory=original-artifacts - - - name: Re-version Artifacts - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GPG_PASSWORD: ${{ secrets.GPG_PASSPHRASE }} - run: | - (cd original-artifacts && unzip liquibase-hanadb-artifacts.zip && rm liquibase-hanadb-artifacts.zip) - mvn -B liquibase-sdk:create-release-artifacts -Dliquibase.sdk.repo=${{ github.repository }} -Dliquibase.sdk.inputDirectory=original-artifacts -Dliquibase.sdk.outputDirectory=final-artifacts -Dliquibase.sdk.newVersion=${{ needs.setup.outputs.extensionVersion }} -Dliquibase.sdk.gpgExecutable=/usr/bin/gpg -X - - - name: Attach Files to Draft Release - uses: softprops/action-gh-release@v1 - with: - tag_name: v${{ needs.setup.outputs.extensionVersion }} - draft: true - fail_on_unmatched_files: true - body: Support for Liquibase ${{ needs.setup.outputs.liquibaseVersion }}. - generate_release_notes: true - files: final-artifacts/* - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + create-release: + uses: liquibase/build-logic/.github/workflows/create-release.yml@v0.5.2 + secrets: inherit diff --git a/.github/workflows/label-pr.yml b/.github/workflows/label-pr.yml new file mode 100644 index 0000000..a73d55b --- /dev/null +++ b/.github/workflows/label-pr.yml @@ -0,0 +1,19 @@ +name: Pull Request Labels +on: + pull_request: + types: [opened, labeled, unlabeled, synchronize, reopened] +jobs: + label: + runs-on: ubuntu-latest + permissions: + issues: write + pull-requests: write + steps: + - name: Validate PR Labels + uses: mheap/github-action-required-labels@v5 + with: + mode: minimum + count: 1 + labels: "breakingChanges, newContributors, notableChanges, sdou, skipReleaseNotes, TypeBug, TypeEnhancement, TypeTest" + add_comment: true + message: "Label error: This PR is being prevented from merging because you have not added one of the labels: {{ provided }}. You'll need to add it before this PR can be merged." \ No newline at end of file diff --git a/.github/workflows/release-published.yml b/.github/workflows/release-published.yml index f8d355f..9e54f92 100644 --- a/.github/workflows/release-published.yml +++ b/.github/workflows/release-published.yml @@ -1,80 +1,52 @@ name: Release Extension to Sonatype on: + workflow_dispatch: release: types: [published] - workflow_dispatch: - inputs: - tag: - description: 'Release Tag' - required: true jobs: - setup: - name: Setup - runs-on: ubuntu-latest - outputs: - tag: ${{ steps.collect-data.outputs.tag }} - version: ${{ steps.collect-data.outputs.version }} - steps: - - name: Collect Data - id: collect-data - uses: actions/github-script@v6 - with: - script: | - let tag; - if (context.payload.inputs) { - tag = context.payload.inputs.tag; - } else { - tag = context.payload.release.tag_name; - } - - let version = tag.replace(/^v/, ""); - - core.setOutput("tag", tag); - core.setOutput("version", version); - - - run: | - echo "Publishing version ${{ steps.collect-data.outputs.version }} from ${{ steps.collect-data.outputs.tag }}" + release: + uses: liquibase/build-logic/.github/workflows/extension-release-published.yml@v0.5.2 + secrets: inherit - deploy_maven: - name: Deploy to Maven - needs: [ setup ] - runs-on: ubuntu-latest + deploy_xsd: + name: Upload xsds + runs-on: ubuntu-20.04 steps: - - name: Download Release Artifacts - uses: robinraju/release-downloader@v1.4 - with: - tag: "${{ needs.setup.outputs.tag }}" - filename: "*" - out-file-path: "." - - - name: Set up Java for publishing to Maven Central Repository - uses: actions/setup-java@v3 + - name: Download liquibase mongodb xsd + uses: actions/checkout@v4 with: - java-version: '17' - distribution: 'temurin' - server-id: sonatype-nexus-staging - server-username: MAVEN_USERNAME - server-password: MAVEN_PASSWORD + # Relative path under $GITHUB_WORKSPACE to place the repository + path: liquibase-mongodb + repository: "liquibase/liquibase-mongodb" - - name: Publish to Maven Central + - name: Upload to s3 env: - MAVEN_USERNAME: ${{ secrets.SONATYPE_USERNAME }} - MAVEN_PASSWORD: ${{ secrets.SONATYPE_TOKEN }} + AWS_ACCESS_KEY_ID: ${{ secrets.LIQUIBASEORIGIN_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.LIQUIBASEORIGIN_SECRET_ACCESS_KEY }} + AWS_DEFAULT_REGION: us-east-1 + # aws s3 sync syncs directories and S3 prefixes. run: | - version=${{ needs.setup.outputs.version }} - - unzip *.zip + aws s3 sync liquibase-mongodb/src/main/resources/www.liquibase.org/xml/ns/mongodb/ s3://liquibaseorg-origin/xml/ns/mongodb/ --content-type application/octet-stream --only-show-errors + - name: Index.htm file upload + env: + AWS_ACCESS_KEY_ID: ${{ secrets.LIQUIBASEORIGIN_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.LIQUIBASEORIGIN_SECRET_ACCESS_KEY }} + AWS_DEFAULT_REGION: us-east-1 + # List all xsd and htm files in repository. Copy index.htm to temporary folder + # Add links for all xsd files to index.htm file (except liquibase-mongodb-latest.xsd and index.htm) + # Sync index.htm with the s3 + run: | + search_dir=liquibase-mongodb/src/main/resources/www.liquibase.org/xml/ns/mongodb + filenames=`ls -1 $search_dir` + mkdir index-file + cp $search_dir/index.htm index-file/ + for entry in $filenames + do + if [[ "$entry" != "liquibase-mongodb-latest.xsd" ]] && [[ "$entry" != "index.htm" ]] ;then + sed -ie "s/<\/ul>/
  • ${entry}<\/a><\/li>\n<\/ul>/" index-file/index.htm + fi + done - mvn -B org.apache.maven.plugins:maven-deploy-plugin:3.0.0-M1:deploy-file \ - -Durl=https://oss.sonatype.org/service/local/staging/deploy/maven2/ \ - -DrepositoryId=sonatype-nexus-staging \ - -DpomFile=liquibase-hanadb-${version}.pom \ - -DgeneratePom=false \ - -Dfile=liquibase-hanadb-${version}.jar \ - -Dsources=liquibase-hanadb-${version}-sources.jar \ - -Djavadoc=liquibase-hanadb-${version}-javadoc.jar \ - -Dfiles=liquibase-hanadb-${version}.jar.asc,liquibase-hanadb-${version}-sources.jar.asc,liquibase-hanadb-${version}-javadoc.jar.asc,liquibase-hanadb-${version}.pom.asc \ - -Dtypes=jar.asc,jar.asc,jar.asc,pom.asc \ - -Dclassifiers=,sources,javadoc, + aws s3 sync index-file s3://liquibaseorg-origin/xml/ns/mongodb/ --only-show-errors diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml deleted file mode 100644 index 7307fdd..0000000 --- a/.github/workflows/snyk.yml +++ /dev/null @@ -1,62 +0,0 @@ -# Run Snyk nightly to scan and report security issues. -name: Snyk Scan - -# Job will run nightly at 02:05 EDT / 01:05 CDT -# Time below is UTC -on: - schedule: - - cron: "5 6 * * *" - workflow_dispatch: - -jobs: - security-scan: - # This workflow only runs on the main liquibase repo, not in forks - if: github.repository == 'liquibase/liquibase-hanadb' - - name: Snyk Security Scan - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - - name: Set up JDK - uses: actions/setup-java@v3 - with: - java-version: 17 - distribution: 'temurin' - cache: 'maven' - - ## Need to install the snyk CLI and not use the github action because the action runs snyk in a separate docker container which does not have access to the installed sub-modules. - - name: Install snyk - env: - SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} - run: | - curl -s https://static.snyk.io/cli/latest/snyk-linux -o snyk - ls -l snyk - chmod 755 snyk - ./snyk config set api="$SNYK_TOKEN" - - ## snyk monitor requires --all-projects because otherwise it only reports on the dependencies of one of the sub-modules. It would be nice if we could have one snyk project which included all the sub-modules in it, but that doesn't seem possible at this point - ## Run monitor before test, so that we report results even if the test step fails - - name: Report snyk status to web UI - run: | - ./snyk monitor --all-projects --org=datical --policy-path=.snyk -- -B -Dscope=compile - - ## snyk test requires --all-projects because otherwise it does not fail the run when a problem is found. It just prints "no direct upgrade or path" and continues on - ## Running with -Dscope=compile in order to report only on shipped modules, not "test" or "provided" scope ones - - name: Run Snyk Test to check for vulnerabilities - run: | - ./snyk test --fail-on=all --all-projects --severity-threshold=low --org=datical --policy-path=.snyk -- -B -Dscope=compile - - - - name: Slack Notification - if: ${{ failure() }} - uses: rtCamp/action-slack-notify@v2 - env: - SLACK_CHANNEL: team-liquibase-community - SLACK_COLOR: ${{ job.status }} # or a specific color like 'good' or '#ff00ff' - SLACK_MESSAGE: "${{ github.job }}: ${{ job.status }} @here" - SLACK_USERNAME: "liquibot" - SLACK_WEBHOOK: ${{ secrets.SNYK_LIQUIBASE_SLACK_WEBHOOK }} - MSG_MINIMAL: actions url - SLACK_ICON_EMOJI: ':liquibase:' - SLACK_LINK_NAMES: true diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 0000000..8ae4d12 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,90 @@ +name: Build and Test + +on: + workflow_dispatch: + pull_request: + types: + - opened + - reopened + - synchronize + +jobs: + build: + uses: liquibase/build-logic/.github/workflows/os-extension-test.yml@v0.5.2 + secrets: inherit + + integration-test: + name: Integration Test + runs-on: ubuntu-latest + needs: build + steps: + - uses: actions/checkout@v2 + + - name: Set up JDK 17 + uses: actions/setup-java@v2 + with: + java-version: 17 + distribution: 'temurin' + cache: 'maven' + + - name: Build Cache + uses: actions/cache@v3.0.5 + with: + key: build-${{ github.run_number }}-${{ github.run_attempt }} + path: | + **/target/** + ~/.m2/repository/org/liquibase/ + + - name: Start Hana + run: | + mkdir ./HXE + chmod 777 ./HXE + HXE_VERSION=2.00.061.00.20220519.1 + echo "{\"master_password\" : \"L1qu1base_test\"}" > ./HXE/passwords.json + chmod 777 ./HXE/passwords.json + + docker pull saplabs/hanaexpress:$HXE_VERSION + + docker run -d \ + -p 39013:39013 \ + -p 39015:39015 \ + -p 39017:39017 \ + -p 39041-39045:39041-39045 \ + -p 1128-1129:1128-1129 \ + -p 59013-59014:59013-59014 \ + -v $(pwd)/HXE:/hana/mounts \ + --ulimit nofile=1048576:1048576 \ + --sysctl kernel.shmmax=1073741824 \ + --sysctl net.ipv4.ip_local_port_range='40000 60999' \ + --sysctl kernel.shmall=8388608 \ + --name HXE \ + saplabs/hanaexpress:$HXE_VERSION \ + --passwords-url file:///hana/mounts/passwords.json \ + --agree-to-sap-license + + sleep 10 + + timeout 500 sh -c ' + while true; do + STARTING_CONTAINERS=`docker ps --filter "name=HXE" --format "{{.Names}} {{.Status}}" | grep "health: starting" | wc -l`; + echo "Waiting for $STARTING_CONTAINERS HANA container(s) to finish startup"; + if [ $STARTING_CONTAINERS -ne 1 ]; then + break; + fi; + sleep 5; + done + ' + + docker ps -a + docker logs HXE + docker exec HXE bash -l -c "hdbsql -u SYSTEM -p L1qu1base_test -i 90 -d HXE 'CREATE USER LIQUIBASE_TEST PASSWORD L1qu1base_test NO FORCE_FIRST_PASSWORD_CHANGE'" + + - name: Run Integration Tests + run: mvn -B verify + + - name: Archive Test Results + if: ${{ always() }} + uses: actions/upload-artifact@v2 + with: + name: test-reports-integration + path: target/failsafe-reports \ No newline at end of file diff --git a/pom.xml b/pom.xml index 3618c16..ab365c7 100644 --- a/pom.xml +++ b/pom.xml @@ -3,36 +3,20 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> 4.0.0 + + org.liquibase + liquibase-parent-pom + 0.2.6 + + org.liquibase.ext liquibase-hanadb - 0-SNAPSHOT + 4.24.1-SNAPSHOT - Liquibase Extension: SAP HANA support + Liquibase Extension SAP HANA support Add this Liquibase extension to your project to support SAP HANA https://github.com/liquibase/liquibase-hanadb - - Liquibase - http://www.liquibase.com - - - - - http://www.apache.org/licenses/LICENSE-2.0 - Apache License, Version 2.0 - - - - - https://github.com/liquibase/liquibase-hanadb/issues - - - - scm:git:http://github.com/liquibase/liquibase-hanadb.git - https://github.com/liquibase/liquibase-hanadb - HEAD - - liquibase @@ -62,35 +46,12 @@ -6 - - UTF-8 - UTF-8 - 0-SNAPSHOT - ${env.GITHUB_TOKEN} - liquibase - ${project.artifactId} - ${project.name} - ${project.description} - https://sonarcloud.io - git - true - - target + + 4.24.0 - - org.liquibase - liquibase-core - ${liquibase.version} - - - junit - junit - test - 4.13.2 - org.liquibase liquibase-test-harness @@ -107,104 +68,26 @@ - - maven-resources-plugin - 3.3.1 - - UTF-8 - - - - maven-compiler-plugin - 3.11.0 - - 8 - true - true - ${project.build.sourceEncoding} - - maven-surefire-plugin - 3.1.2 + ${maven-surefire-plugin.version} true plain + + ${project.build.directory}/spock-reports + - - - org.codehaus.mojo - build-helper-maven-plugin - 3.4.0 - - - org.apache.maven.plugins - maven-javadoc-plugin - 3.5.0 - - true - false - Liquibase SAP HANA ${project.version} API - true - none - UTF-8 - - false - - - - javadoc-default - - jar - - package - - - - - - org.apache.maven.plugins - maven-source-plugin - 3.3.0 - - - attach-sources - package - - jar - - - - - - - org.jacoco - jacoco-maven-plugin - 0.8.11 - - - - ${jacoco.fileset.directory} - - **/jacoco.exec - - - - - - - - org.sonarsource.scanner.maven - sonar-maven-plugin - 3.9.1.2184 - - - - org.liquibase.ext - liquibase-sdk-maven-plugin - 0.10.20 + + + + org.apache.maven.surefire + surefire-junit47 + ${maven-surefire-plugin.version} + + - + From f30af60387ca71a2caf01a2ea2b8aedc0862edb9 Mon Sep 17 00:00:00 2001 From: jandroav Date: Mon, 23 Oct 2023 13:09:17 +0200 Subject: [PATCH 02/18] chore(pom.xml): add maven-failsafe-plugin to redirect test output to file and configure report format feat(pom.xml): add system property variable for spock-reports output directory feat(pom.xml): add dependency for surefire-junit47 to force using the latest JUnit 47 provider --- pom.xml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/pom.xml b/pom.xml index ab365c7..a0f98ac 100644 --- a/pom.xml +++ b/pom.xml @@ -87,6 +87,25 @@ + + maven-failsafe-plugin + ${maven-failsafe-plugin.version} + + true + plain + + ${project.build.directory}/spock-reports + + + + + + org.apache.maven.surefire + surefire-junit47 + ${maven-surefire-plugin.version} + + + From d7957d61200098bc2362dd134d80164f70b778c3 Mon Sep 17 00:00:00 2001 From: jandroav Date: Mon, 23 Oct 2023 13:16:10 +0200 Subject: [PATCH 03/18] chore(.snyk): remove .snyk file as it is no longer needed for vulnerability management --- .snyk | 10 ---------- 1 file changed, 10 deletions(-) delete mode 100644 .snyk diff --git a/.snyk b/.snyk deleted file mode 100644 index 0808500..0000000 --- a/.snyk +++ /dev/null @@ -1,10 +0,0 @@ -# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. -version: v1.22.1 -# ignores vulnerabilities until expiry date; change duration by modifying expiry date -ignore: - SNYK-JAVA-ORGLIQUIBASE-2419059: - - '*': - reason: ignore liquibase version - expires: 2025-03-07T00:00:00.000Z - created: 2022-03-07T15:57:03.089Z -patch: {} From cb4218a205d6cf870b2751e6e942b5f4d60e5a6d Mon Sep 17 00:00:00 2001 From: jandroav Date: Mon, 23 Oct 2023 13:27:31 +0200 Subject: [PATCH 04/18] chore(pom.xml): update liquibase-hanadb version to 0-SNAPSHOT for development purposes chore(pom.xml): update project name to "Liquibase Extension: SAP HANA support" for clarity chore(pom.xml): update project description to reflect the purpose of the extension chore(pom.xml): update organization name to "Liquibase" for consistency chore(pom.xml): update license information to use Apache License, Version 2.0 chore(pom.xml): update issue management URL to point to the GitHub repository issues chore(pom.xml): update SCM information to use Git and point to the GitHub repository chore(pom.xml): update liquibase.version property to 0-SNAPSHOT for development purposes chore(pom.xml): update project.build.sourceEncoding and project.reporting.outputEncoding to UTF-8 chore(pom.xml): update surefire-plugin version to 3.1.2 for compatibility chore(pom.xml): update build-helper-maven-plugin version to 3.4.0 for compatibility chore(pom.xml): update maven-javadoc-plugin version to 3.5.0 for compatibility chore(pom.xml): update maven-source-plugin version to 3.3.0 for compatibility chore(pom.xml): update jacoco-maven-plugin version to 0.8.11 for compatibility chore(pom.xml): update sonar-maven-plugin version to 3.9.1.2184 for compatibility chore(pom.xml): update liquibase-sdk-maven-plugin version to 0.10.20 for compatibility --- pom.xml | 176 +++++++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 137 insertions(+), 39 deletions(-) diff --git a/pom.xml b/pom.xml index a0f98ac..a201e36 100644 --- a/pom.xml +++ b/pom.xml @@ -3,20 +3,36 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> 4.0.0 - - org.liquibase - liquibase-parent-pom - 0.2.6 - - org.liquibase.ext liquibase-hanadb - 4.24.1-SNAPSHOT + 0-SNAPSHOT - Liquibase Extension SAP HANA support + Liquibase Extension: SAP HANA support Add this Liquibase extension to your project to support SAP HANA https://github.com/liquibase/liquibase-hanadb + + Liquibase + http://www.liquibase.com + + + + + http://www.apache.org/licenses/LICENSE-2.0 + Apache License, Version 2.0 + + + + + https://github.com/liquibase/liquibase-hanadb/issues + + + + scm:git:http://github.com/liquibase/liquibase-hanadb.git + https://github.com/liquibase/liquibase-hanadb + HEAD + + liquibase @@ -46,12 +62,35 @@ -6 - - 4.24.0 + UTF-8 + UTF-8 + 0-SNAPSHOT + ${env.GITHUB_TOKEN} + + liquibase + ${project.artifactId} + ${project.name} + ${project.description} + https://sonarcloud.io + git + true + + target + + org.liquibase + liquibase-core + ${liquibase.version} + + + junit + junit + test + 4.13.2 + org.liquibase liquibase-test-harness @@ -68,45 +107,104 @@ + + maven-resources-plugin + 3.3.1 + + UTF-8 + + + + maven-compiler-plugin + 3.11.0 + + 8 + true + true + ${project.build.sourceEncoding} + + maven-surefire-plugin - ${maven-surefire-plugin.version} + 3.1.2 true plain - - ${project.build.directory}/spock-reports - - - - - org.apache.maven.surefire - surefire-junit47 - ${maven-surefire-plugin.version} - - - maven-failsafe-plugin - ${maven-failsafe-plugin.version} + org.codehaus.mojo + build-helper-maven-plugin + 3.4.0 + + + org.apache.maven.plugins + maven-javadoc-plugin + 3.5.0 - true - plain - - ${project.build.directory}/spock-reports - + true + false + Liquibase SAP HANA ${project.version} API + true + none + UTF-8 + + false - - - - org.apache.maven.surefire - surefire-junit47 - ${maven-surefire-plugin.version} - - + + + javadoc-default + + jar + + package + + + + + + org.apache.maven.plugins + maven-source-plugin + 3.3.0 + + + attach-sources + package + + jar + + + + + + + org.jacoco + jacoco-maven-plugin + 0.8.11 + + + + ${jacoco.fileset.directory} + + **/jacoco.exec + + + + + + + + org.sonarsource.scanner.maven + sonar-maven-plugin + 3.9.1.2184 + + + + org.liquibase.ext + liquibase-sdk-maven-plugin + 0.10.20 - - + + \ No newline at end of file From 718fa0b7eece7e82b8e3f6e9c14416e22bb33317 Mon Sep 17 00:00:00 2001 From: jandroav Date: Mon, 23 Oct 2023 13:30:38 +0200 Subject: [PATCH 05/18] chore(pom.xml): update liquibase-hanadb version to 4.24.1-SNAPSHOT chore(pom.xml): update liquibase.version property to 4.24.0 chore(pom.xml): remove unused dependencies and plugins chore(pom.xml): update maven-surefire-plugin version to ${maven-surefire-plugin.version} chore(pom.xml): update maven-failsafe-plugin version to ${maven-failsafe-plugin.version} --- pom.xml | 176 +++++++++++++------------------------------------------- 1 file changed, 39 insertions(+), 137 deletions(-) diff --git a/pom.xml b/pom.xml index a201e36..a0f98ac 100644 --- a/pom.xml +++ b/pom.xml @@ -3,36 +3,20 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> 4.0.0 + + org.liquibase + liquibase-parent-pom + 0.2.6 + + org.liquibase.ext liquibase-hanadb - 0-SNAPSHOT + 4.24.1-SNAPSHOT - Liquibase Extension: SAP HANA support + Liquibase Extension SAP HANA support Add this Liquibase extension to your project to support SAP HANA https://github.com/liquibase/liquibase-hanadb - - Liquibase - http://www.liquibase.com - - - - - http://www.apache.org/licenses/LICENSE-2.0 - Apache License, Version 2.0 - - - - - https://github.com/liquibase/liquibase-hanadb/issues - - - - scm:git:http://github.com/liquibase/liquibase-hanadb.git - https://github.com/liquibase/liquibase-hanadb - HEAD - - liquibase @@ -62,35 +46,12 @@ -6 - - UTF-8 - UTF-8 - 0-SNAPSHOT - ${env.GITHUB_TOKEN} - liquibase - ${project.artifactId} - ${project.name} - ${project.description} - https://sonarcloud.io - git - true - - target + + 4.24.0 - - org.liquibase - liquibase-core - ${liquibase.version} - - - junit - junit - test - 4.13.2 - org.liquibase liquibase-test-harness @@ -107,104 +68,45 @@ - - maven-resources-plugin - 3.3.1 - - UTF-8 - - - - maven-compiler-plugin - 3.11.0 - - 8 - true - true - ${project.build.sourceEncoding} - - maven-surefire-plugin - 3.1.2 + ${maven-surefire-plugin.version} true plain + + ${project.build.directory}/spock-reports + + + + + org.apache.maven.surefire + surefire-junit47 + ${maven-surefire-plugin.version} + + - org.codehaus.mojo - build-helper-maven-plugin - 3.4.0 - - - org.apache.maven.plugins - maven-javadoc-plugin - 3.5.0 - - true - false - Liquibase SAP HANA ${project.version} API - true - none - UTF-8 - - false - - - - javadoc-default - - jar - - package - - - - - - org.apache.maven.plugins - maven-source-plugin - 3.3.0 - - - attach-sources - package - - jar - - - - - - - org.jacoco - jacoco-maven-plugin - 0.8.11 + maven-failsafe-plugin + ${maven-failsafe-plugin.version} - - - ${jacoco.fileset.directory} - - **/jacoco.exec - - - + true + plain + + ${project.build.directory}/spock-reports + - - - - org.sonarsource.scanner.maven - sonar-maven-plugin - 3.9.1.2184 - - - - org.liquibase.ext - liquibase-sdk-maven-plugin - 0.10.20 + + + + org.apache.maven.surefire + surefire-junit47 + ${maven-surefire-plugin.version} + + - - \ No newline at end of file + + From a3f64212a0d5cbdffc639db4a68ecb6e4a5eeabd Mon Sep 17 00:00:00 2001 From: jandroav Date: Tue, 24 Oct 2023 10:01:36 +0200 Subject: [PATCH 06/18] chore(test.yml): add build and package step to the workflow to ensure dependencies are downloaded and project is built before running tests chore(test.yml): create HXE directory before starting Hana to ensure it exists --- .github/workflows/test.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 8ae4d12..310d4b8 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -35,6 +35,9 @@ jobs: **/target/** ~/.m2/repository/org/liquibase/ + - name: Build and Package + run: mvn -B dependency:go-offline clean package -DskipTests=true + - name: Start Hana run: | mkdir ./HXE From d22e0d7a1a4735685e390ffb8ca48390e943abc3 Mon Sep 17 00:00:00 2001 From: jandroav Date: Tue, 24 Oct 2023 10:07:07 +0200 Subject: [PATCH 07/18] chore(workflows): update liquibase/build-logic workflows to v0.5.3 The liquibase/build-logic workflows have been updated to version v0.5.3. This update includes the following changes: - attach-artifact-release.yml: Updated to v0.5.3 - build-nightly.yml: Updated to v0.5.3 - codeql.yml: Updated to v0.5.3 - create-release.yml: Updated to v0.5.3 - release-published.yml: Updated to v0.5.3 - test.yml: Updated to v0.5.3 These updates are necessary to ensure that the workflows are using the latest version of the build logic and take advantage of any bug fixes or improvements that have been made. --- .github/workflows/attach-artifact-release.yml | 2 +- .github/workflows/build-nightly.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/create-release.yml | 2 +- .github/workflows/release-published.yml | 43 +------------------ .github/workflows/test.yml | 9 +++- 6 files changed, 12 insertions(+), 48 deletions(-) diff --git a/.github/workflows/attach-artifact-release.yml b/.github/workflows/attach-artifact-release.yml index ea07976..54e9a08 100644 --- a/.github/workflows/attach-artifact-release.yml +++ b/.github/workflows/attach-artifact-release.yml @@ -8,5 +8,5 @@ on: jobs: attach-artifact-to-release: - uses: liquibase/build-logic/.github/workflows/extension-attach-artifact-release.yml@v0.5.2 + uses: liquibase/build-logic/.github/workflows/extension-attach-artifact-release.yml@v0.5.3 secrets: inherit diff --git a/.github/workflows/build-nightly.yml b/.github/workflows/build-nightly.yml index e4c9e89..be9dc87 100644 --- a/.github/workflows/build-nightly.yml +++ b/.github/workflows/build-nightly.yml @@ -7,7 +7,7 @@ on: jobs: nightly-build: - uses: liquibase/build-logic/.github/workflows/os-extension-test.yml@v0.5.2 + uses: liquibase/build-logic/.github/workflows/os-extension-test.yml@v0.5.3 with: nightly: true secrets: inherit diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index e3fc948..23c249f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -15,4 +15,4 @@ jobs: uses: liquibase/build-logic/.github/workflows/codeql.yml@v0.5.3 secrets: inherit with: - languages: '[java]' + languages: '["java"]' diff --git a/.github/workflows/create-release.yml b/.github/workflows/create-release.yml index d766640..60efbd2 100644 --- a/.github/workflows/create-release.yml +++ b/.github/workflows/create-release.yml @@ -8,5 +8,5 @@ on: jobs: create-release: - uses: liquibase/build-logic/.github/workflows/create-release.yml@v0.5.2 + uses: liquibase/build-logic/.github/workflows/create-release.yml@v0.5.3 secrets: inherit diff --git a/.github/workflows/release-published.yml b/.github/workflows/release-published.yml index 9e54f92..66dcba3 100644 --- a/.github/workflows/release-published.yml +++ b/.github/workflows/release-published.yml @@ -7,46 +7,5 @@ on: jobs: release: - uses: liquibase/build-logic/.github/workflows/extension-release-published.yml@v0.5.2 + uses: liquibase/build-logic/.github/workflows/extension-release-published.yml@v0.5.3 secrets: inherit - - deploy_xsd: - name: Upload xsds - runs-on: ubuntu-20.04 - steps: - - name: Download liquibase mongodb xsd - uses: actions/checkout@v4 - with: - # Relative path under $GITHUB_WORKSPACE to place the repository - path: liquibase-mongodb - repository: "liquibase/liquibase-mongodb" - - - name: Upload to s3 - env: - AWS_ACCESS_KEY_ID: ${{ secrets.LIQUIBASEORIGIN_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.LIQUIBASEORIGIN_SECRET_ACCESS_KEY }} - AWS_DEFAULT_REGION: us-east-1 - # aws s3 sync syncs directories and S3 prefixes. - run: | - aws s3 sync liquibase-mongodb/src/main/resources/www.liquibase.org/xml/ns/mongodb/ s3://liquibaseorg-origin/xml/ns/mongodb/ --content-type application/octet-stream --only-show-errors - - name: Index.htm file upload - env: - AWS_ACCESS_KEY_ID: ${{ secrets.LIQUIBASEORIGIN_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.LIQUIBASEORIGIN_SECRET_ACCESS_KEY }} - AWS_DEFAULT_REGION: us-east-1 - # List all xsd and htm files in repository. Copy index.htm to temporary folder - # Add links for all xsd files to index.htm file (except liquibase-mongodb-latest.xsd and index.htm) - # Sync index.htm with the s3 - run: | - search_dir=liquibase-mongodb/src/main/resources/www.liquibase.org/xml/ns/mongodb - filenames=`ls -1 $search_dir` - mkdir index-file - cp $search_dir/index.htm index-file/ - for entry in $filenames - do - if [[ "$entry" != "liquibase-mongodb-latest.xsd" ]] && [[ "$entry" != "index.htm" ]] ;then - sed -ie "s/<\/ul>/
  • ${entry}<\/a><\/li>\n<\/ul>/" index-file/index.htm - fi - done - - aws s3 sync index-file s3://liquibaseorg-origin/xml/ns/mongodb/ --only-show-errors diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 310d4b8..aff19b0 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -10,13 +10,12 @@ on: jobs: build: - uses: liquibase/build-logic/.github/workflows/os-extension-test.yml@v0.5.2 + uses: liquibase/build-logic/.github/workflows/os-extension-test.yml@v0.5.3 secrets: inherit integration-test: name: Integration Test runs-on: ubuntu-latest - needs: build steps: - uses: actions/checkout@v2 @@ -35,6 +34,12 @@ jobs: **/target/** ~/.m2/repository/org/liquibase/ + + - name: Install liquibase-core 0-SNAPSHOT + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: mvn -B clean liquibase-sdk:install-snapshot -Dliquibase.sdk.branchSearch=MATCHING_BRANCHES,master + - name: Build and Package run: mvn -B dependency:go-offline clean package -DskipTests=true From 530bf518762170c4fa68493e99935e2cb2169a7c Mon Sep 17 00:00:00 2001 From: jandroav Date: Tue, 24 Oct 2023 10:07:27 +0200 Subject: [PATCH 08/18] chore(test.yml): remove unnecessary empty line to improve code readability --- .github/workflows/test.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index aff19b0..2ea865a 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -34,7 +34,6 @@ jobs: **/target/** ~/.m2/repository/org/liquibase/ - - name: Install liquibase-core 0-SNAPSHOT env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From fffe316f4a2351860c93f622fe90b08a18af0000 Mon Sep 17 00:00:00 2001 From: jandroav Date: Tue, 24 Oct 2023 10:14:21 +0200 Subject: [PATCH 09/18] chore(test.yml): add maven settings to look for dependencies in the Liquibase repositories feat(test.yml): add Liquibase repositories and servers configuration to enable access to Liquibase dependencies The changes in this commit add the necessary configuration to the test workflow to look for dependencies in the Liquibase repositories. This is achieved by adding a maven-settings-xml-action step that configures the repositories and servers for Liquibase. The repositories are configured with the URLs for the Liquibase and Liquibase Pro repositories, enabling access to their releases and snapshots. The servers are configured with the necessary credentials to authenticate with the Liquibase and Liquibase Pro repositories. This allows the workflow to install the liquibase-core 0-SNAPSHOT dependency. --- .github/workflows/test.yml | 43 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 2ea865a..c6c32dd 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -33,6 +33,49 @@ jobs: path: | **/target/** ~/.m2/repository/org/liquibase/ + + # look for dependencies in maven + - name: maven-settings-xml-action + uses: whelk-io/maven-settings-xml-action@v21 + with: + repositories: | + [ + { + "id": "liquibase", + "url": "https://maven.pkg.github.com/liquibase/liquibase", + "releases": { + "enabled": "true" + }, + "snapshots": { + "enabled": "true", + "updatePolicy": "always" + } + }, + { + "id": "liquibase-pro", + "url": "https://maven.pkg.github.com/liquibase/liquibase-pro", + "releases": { + "enabled": "true" + }, + "snapshots": { + "enabled": "true", + "updatePolicy": "always" + } + } + ] + servers: | + [ + { + "id": "liquibase-pro", + "username": "liquibot", + "password": "${{ secrets.LIQUIBOT_PAT }}" + }, + { + "id": "liquibase", + "username": "liquibot", + "password": "${{ secrets.LIQUIBOT_PAT }}" + } + ] - name: Install liquibase-core 0-SNAPSHOT env: From 326c74b096972510275043f691095c937e779fdb Mon Sep 17 00:00:00 2001 From: jandroav Date: Tue, 24 Oct 2023 10:18:34 +0200 Subject: [PATCH 10/18] chore(pom.xml): add liquibase-sdk-maven-plugin to manage database schema changes The liquibase-sdk-maven-plugin is added to the project's pom.xml file. This plugin will be used to manage database schema changes using Liquibase. --- pom.xml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/pom.xml b/pom.xml index a0f98ac..507c2c1 100644 --- a/pom.xml +++ b/pom.xml @@ -106,6 +106,11 @@ + + org.liquibase.ext + liquibase-sdk-maven-plugin + 0.10.20 + From f30b4b4794c6c769ce2d8feb5986e56c3587f69f Mon Sep 17 00:00:00 2001 From: jandroav Date: Tue, 24 Oct 2023 10:21:21 +0200 Subject: [PATCH 11/18] chore(pom.xml): add configuration for liquibase-sdk-maven-plugin to include githubToken environment variable The configuration for the liquibase-sdk-maven-plugin has been updated to include the githubToken environment variable. This allows the plugin to access the token for authentication when interacting with GitHub. --- pom.xml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pom.xml b/pom.xml index 507c2c1..8fba1de 100644 --- a/pom.xml +++ b/pom.xml @@ -110,6 +110,9 @@ org.liquibase.ext liquibase-sdk-maven-plugin 0.10.20 + + ${env.GITHUB_TOKEN} + From b17eaae41d39609740c0f239b581099ec14310d6 Mon Sep 17 00:00:00 2001 From: jandroav Date: Tue, 24 Oct 2023 10:28:45 +0200 Subject: [PATCH 12/18] chore(test.yml): remove unused build cache step to simplify the workflow --- .github/workflows/test.yml | 8 -------- 1 file changed, 8 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index c6c32dd..dbfeef7 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -25,14 +25,6 @@ jobs: java-version: 17 distribution: 'temurin' cache: 'maven' - - - name: Build Cache - uses: actions/cache@v3.0.5 - with: - key: build-${{ github.run_number }}-${{ github.run_attempt }} - path: | - **/target/** - ~/.m2/repository/org/liquibase/ # look for dependencies in maven - name: maven-settings-xml-action From 5aa424d7283826a15c3134009f9d547708a49f0c Mon Sep 17 00:00:00 2001 From: jandroav Date: Tue, 24 Oct 2023 11:01:47 +0200 Subject: [PATCH 13/18] chore(.DS_Store): add .DS_Store file to the repository fix(pom.xml): remove unused liquibase-sdk-maven-plugin from pom.xml to reduce unnecessary dependencies --- .DS_Store | Bin 0 -> 6148 bytes pom.xml | 10 +--------- 2 files changed, 1 insertion(+), 9 deletions(-) create mode 100644 .DS_Store diff --git a/.DS_Store b/.DS_Store new file mode 100644 index 0000000000000000000000000000000000000000..320064a27cb493066e477b7887d59cdc74920cb7 GIT binary patch literal 6148 zcmeH~zY4-Y48{}fAh>jNyu}Cb4GvLocX1T$C^(4wJ-T21ELLYJ@&%ILCD+jQ8+wh1 z==M2mM0ycfz>TuDFfv6xmxG*SKRm9t%l&?{lG`k41$Zx`{oE#~02QDDRDcRlfe9&) z2l-+-p=aWwPys414F&A`P~gUzY(f8YAovIXb||}H?Xv_}tN_+z3!(zkXa%EHeGIX> zw}U0GtH~COcF`O@H1Di7#lSS$MGF#`RtEzWpaLTW=8^Yy{_o-6=KoO(Qz}3O{!9Vw zcE{ZoFO_HO$Lm@BoK;&lIOvxny!`|qv7>kecf)?M1z3|Uhzg890xkms75J$FFLngdbc 2.18.13 test - + @@ -106,14 +106,6 @@ - - org.liquibase.ext - liquibase-sdk-maven-plugin - 0.10.20 - - ${env.GITHUB_TOKEN} - - From 2e9a5abc2eb8805caf6359ebadc3415d17401b13 Mon Sep 17 00:00:00 2001 From: jandroav Date: Tue, 24 Oct 2023 11:03:14 +0200 Subject: [PATCH 14/18] chore: remove .DS_Store file The .DS_Store file was deleted as it is an unnecessary file that is automatically generated by macOS. It is not needed for the project and can be safely removed. --- .DS_Store | Bin 6148 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 .DS_Store diff --git a/.DS_Store b/.DS_Store deleted file mode 100644 index 320064a27cb493066e477b7887d59cdc74920cb7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 6148 zcmeH~zY4-Y48{}fAh>jNyu}Cb4GvLocX1T$C^(4wJ-T21ELLYJ@&%ILCD+jQ8+wh1 z==M2mM0ycfz>TuDFfv6xmxG*SKRm9t%l&?{lG`k41$Zx`{oE#~02QDDRDcRlfe9&) z2l-+-p=aWwPys414F&A`P~gUzY(f8YAovIXb||}H?Xv_}tN_+z3!(zkXa%EHeGIX> zw}U0GtH~COcF`O@H1Di7#lSS$MGF#`RtEzWpaLTW=8^Yy{_o-6=KoO(Qz}3O{!9Vw zcE{ZoFO_HO$Lm@BoK;&lIOvxny!`|qv7>kecf)?M1z3|Uhzg890xkms75J$FFL Date: Tue, 24 Oct 2023 11:05:31 +0200 Subject: [PATCH 15/18] chore(pom.xml): add liquibase-sdk-maven-plugin to enable Liquibase integration with GitHub Actions feat(pom.xml): configure the plugin to use the GITHUB_TOKEN environment variable for authentication with GitHub API --- pom.xml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/pom.xml b/pom.xml index 1a11420..20d96f6 100644 --- a/pom.xml +++ b/pom.xml @@ -106,6 +106,14 @@ + + org.liquibase.ext + liquibase-sdk-maven-plugin + 0.10.20 + + ${env.GITHUB_TOKEN} + + From dd19ce67c6023cb1b940a3672e6fff924fbc5fce Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 26 Oct 2023 16:43:22 +0200 Subject: [PATCH 16/18] chore(test.yml): comment out integration-test job to temporarily disable it --- .github/workflows/test.yml | 208 ++++++++++++++++++------------------- 1 file changed, 104 insertions(+), 104 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index dbfeef7..60ccc82 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -13,120 +13,120 @@ jobs: uses: liquibase/build-logic/.github/workflows/os-extension-test.yml@v0.5.3 secrets: inherit - integration-test: - name: Integration Test - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 + # integration-test: + # name: Integration Test + # runs-on: ubuntu-latest + # steps: + # - uses: actions/checkout@v2 - - name: Set up JDK 17 - uses: actions/setup-java@v2 - with: - java-version: 17 - distribution: 'temurin' - cache: 'maven' + # - name: Set up JDK 17 + # uses: actions/setup-java@v2 + # with: + # java-version: 17 + # distribution: 'temurin' + # cache: 'maven' - # look for dependencies in maven - - name: maven-settings-xml-action - uses: whelk-io/maven-settings-xml-action@v21 - with: - repositories: | - [ - { - "id": "liquibase", - "url": "https://maven.pkg.github.com/liquibase/liquibase", - "releases": { - "enabled": "true" - }, - "snapshots": { - "enabled": "true", - "updatePolicy": "always" - } - }, - { - "id": "liquibase-pro", - "url": "https://maven.pkg.github.com/liquibase/liquibase-pro", - "releases": { - "enabled": "true" - }, - "snapshots": { - "enabled": "true", - "updatePolicy": "always" - } - } - ] - servers: | - [ - { - "id": "liquibase-pro", - "username": "liquibot", - "password": "${{ secrets.LIQUIBOT_PAT }}" - }, - { - "id": "liquibase", - "username": "liquibot", - "password": "${{ secrets.LIQUIBOT_PAT }}" - } - ] + # # look for dependencies in maven + # - name: maven-settings-xml-action + # uses: whelk-io/maven-settings-xml-action@v21 + # with: + # repositories: | + # [ + # { + # "id": "liquibase", + # "url": "https://maven.pkg.github.com/liquibase/liquibase", + # "releases": { + # "enabled": "true" + # }, + # "snapshots": { + # "enabled": "true", + # "updatePolicy": "always" + # } + # }, + # { + # "id": "liquibase-pro", + # "url": "https://maven.pkg.github.com/liquibase/liquibase-pro", + # "releases": { + # "enabled": "true" + # }, + # "snapshots": { + # "enabled": "true", + # "updatePolicy": "always" + # } + # } + # ] + # servers: | + # [ + # { + # "id": "liquibase-pro", + # "username": "liquibot", + # "password": "${{ secrets.LIQUIBOT_PAT }}" + # }, + # { + # "id": "liquibase", + # "username": "liquibot", + # "password": "${{ secrets.LIQUIBOT_PAT }}" + # } + # ] - - name: Install liquibase-core 0-SNAPSHOT - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: mvn -B clean liquibase-sdk:install-snapshot -Dliquibase.sdk.branchSearch=MATCHING_BRANCHES,master + # - name: Install liquibase-core 0-SNAPSHOT + # env: + # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # run: mvn -B clean liquibase-sdk:install-snapshot -Dliquibase.sdk.branchSearch=MATCHING_BRANCHES,master - - name: Build and Package - run: mvn -B dependency:go-offline clean package -DskipTests=true + # - name: Build and Package + # run: mvn -B dependency:go-offline clean package -DskipTests=true - - name: Start Hana - run: | - mkdir ./HXE - chmod 777 ./HXE - HXE_VERSION=2.00.061.00.20220519.1 - echo "{\"master_password\" : \"L1qu1base_test\"}" > ./HXE/passwords.json - chmod 777 ./HXE/passwords.json + # - name: Start Hana + # run: | + # mkdir ./HXE + # chmod 777 ./HXE + # HXE_VERSION=2.00.061.00.20220519.1 + # echo "{\"master_password\" : \"L1qu1base_test\"}" > ./HXE/passwords.json + # chmod 777 ./HXE/passwords.json - docker pull saplabs/hanaexpress:$HXE_VERSION + # docker pull saplabs/hanaexpress:$HXE_VERSION - docker run -d \ - -p 39013:39013 \ - -p 39015:39015 \ - -p 39017:39017 \ - -p 39041-39045:39041-39045 \ - -p 1128-1129:1128-1129 \ - -p 59013-59014:59013-59014 \ - -v $(pwd)/HXE:/hana/mounts \ - --ulimit nofile=1048576:1048576 \ - --sysctl kernel.shmmax=1073741824 \ - --sysctl net.ipv4.ip_local_port_range='40000 60999' \ - --sysctl kernel.shmall=8388608 \ - --name HXE \ - saplabs/hanaexpress:$HXE_VERSION \ - --passwords-url file:///hana/mounts/passwords.json \ - --agree-to-sap-license + # docker run -d \ + # -p 39013:39013 \ + # -p 39015:39015 \ + # -p 39017:39017 \ + # -p 39041-39045:39041-39045 \ + # -p 1128-1129:1128-1129 \ + # -p 59013-59014:59013-59014 \ + # -v $(pwd)/HXE:/hana/mounts \ + # --ulimit nofile=1048576:1048576 \ + # --sysctl kernel.shmmax=1073741824 \ + # --sysctl net.ipv4.ip_local_port_range='40000 60999' \ + # --sysctl kernel.shmall=8388608 \ + # --name HXE \ + # saplabs/hanaexpress:$HXE_VERSION \ + # --passwords-url file:///hana/mounts/passwords.json \ + # --agree-to-sap-license - sleep 10 + # sleep 10 - timeout 500 sh -c ' - while true; do - STARTING_CONTAINERS=`docker ps --filter "name=HXE" --format "{{.Names}} {{.Status}}" | grep "health: starting" | wc -l`; - echo "Waiting for $STARTING_CONTAINERS HANA container(s) to finish startup"; - if [ $STARTING_CONTAINERS -ne 1 ]; then - break; - fi; - sleep 5; - done - ' + # timeout 500 sh -c ' + # while true; do + # STARTING_CONTAINERS=`docker ps --filter "name=HXE" --format "{{.Names}} {{.Status}}" | grep "health: starting" | wc -l`; + # echo "Waiting for $STARTING_CONTAINERS HANA container(s) to finish startup"; + # if [ $STARTING_CONTAINERS -ne 1 ]; then + # break; + # fi; + # sleep 5; + # done + # ' - docker ps -a - docker logs HXE - docker exec HXE bash -l -c "hdbsql -u SYSTEM -p L1qu1base_test -i 90 -d HXE 'CREATE USER LIQUIBASE_TEST PASSWORD L1qu1base_test NO FORCE_FIRST_PASSWORD_CHANGE'" + # docker ps -a + # docker logs HXE + # docker exec HXE bash -l -c "hdbsql -u SYSTEM -p L1qu1base_test -i 90 -d HXE 'CREATE USER LIQUIBASE_TEST PASSWORD L1qu1base_test NO FORCE_FIRST_PASSWORD_CHANGE'" - - name: Run Integration Tests - run: mvn -B verify + # - name: Run Integration Tests + # run: mvn -B verify - - name: Archive Test Results - if: ${{ always() }} - uses: actions/upload-artifact@v2 - with: - name: test-reports-integration + # - name: Archive Test Results + # if: ${{ always() }} + # uses: actions/upload-artifact@v2 + # with: + # name: test-reports-integration path: target/failsafe-reports \ No newline at end of file From 07198da2cd635762f741e5a249891624d3b4a5b4 Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 26 Oct 2023 16:44:08 +0200 Subject: [PATCH 17/18] chore(test.yml): remove unnecessary whitespace and commented out code chore(test.yml): comment out the upload-artifact step for test-reports-integration to prevent unnecessary artifact uploads --- .github/workflows/test.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 60ccc82..e9cca6d 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -13,6 +13,7 @@ jobs: uses: liquibase/build-logic/.github/workflows/os-extension-test.yml@v0.5.3 secrets: inherit + # integration-test: # name: Integration Test # runs-on: ubuntu-latest @@ -129,4 +130,4 @@ jobs: # uses: actions/upload-artifact@v2 # with: # name: test-reports-integration - path: target/failsafe-reports \ No newline at end of file + # path: target/failsafe-reports \ No newline at end of file From 3cd7a8177d5acd806b9453f90809cb0abd1483ca Mon Sep 17 00:00:00 2001 From: jandroav Date: Thu, 26 Oct 2023 16:44:53 +0200 Subject: [PATCH 18/18] chore: update liquibase build logic workflows to version v0.5.5 chore(pom.xml): add SCM information for liquibase-hanadb repository --- .github/workflows/attach-artifact-release.yml | 2 +- .github/workflows/build-nightly.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/create-release.yml | 2 +- .github/workflows/release-published.yml | 2 +- pom.xml | 7 +++++++ 6 files changed, 12 insertions(+), 5 deletions(-) diff --git a/.github/workflows/attach-artifact-release.yml b/.github/workflows/attach-artifact-release.yml index 54e9a08..5aebea2 100644 --- a/.github/workflows/attach-artifact-release.yml +++ b/.github/workflows/attach-artifact-release.yml @@ -8,5 +8,5 @@ on: jobs: attach-artifact-to-release: - uses: liquibase/build-logic/.github/workflows/extension-attach-artifact-release.yml@v0.5.3 + uses: liquibase/build-logic/.github/workflows/extension-attach-artifact-release.yml@v0.5.5 secrets: inherit diff --git a/.github/workflows/build-nightly.yml b/.github/workflows/build-nightly.yml index be9dc87..3059dfa 100644 --- a/.github/workflows/build-nightly.yml +++ b/.github/workflows/build-nightly.yml @@ -7,7 +7,7 @@ on: jobs: nightly-build: - uses: liquibase/build-logic/.github/workflows/os-extension-test.yml@v0.5.3 + uses: liquibase/build-logic/.github/workflows/os-extension-test.yml@v0.5.5 with: nightly: true secrets: inherit diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 23c249f..91aaf59 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -12,7 +12,7 @@ on: jobs: codeql: - uses: liquibase/build-logic/.github/workflows/codeql.yml@v0.5.3 + uses: liquibase/build-logic/.github/workflows/codeql.yml@v0.5.5 secrets: inherit with: languages: '["java"]' diff --git a/.github/workflows/create-release.yml b/.github/workflows/create-release.yml index 60efbd2..05ef7c8 100644 --- a/.github/workflows/create-release.yml +++ b/.github/workflows/create-release.yml @@ -8,5 +8,5 @@ on: jobs: create-release: - uses: liquibase/build-logic/.github/workflows/create-release.yml@v0.5.3 + uses: liquibase/build-logic/.github/workflows/create-release.yml@v0.5.5 secrets: inherit diff --git a/.github/workflows/release-published.yml b/.github/workflows/release-published.yml index 66dcba3..329ae86 100644 --- a/.github/workflows/release-published.yml +++ b/.github/workflows/release-published.yml @@ -7,5 +7,5 @@ on: jobs: release: - uses: liquibase/build-logic/.github/workflows/extension-release-published.yml@v0.5.3 + uses: liquibase/build-logic/.github/workflows/extension-release-published.yml@v0.5.5 secrets: inherit diff --git a/pom.xml b/pom.xml index 20d96f6..12ac82a 100644 --- a/pom.xml +++ b/pom.xml @@ -51,6 +51,13 @@ 4.24.0 + + scm:git:${project.scm.url} + scm:git:${project.scm.url} + https://github.com/liquibase/liquibase-hanadb.git + HEAD + + org.liquibase