OF-2721: Tidy up connection closure for newly created / uninitialised… #468
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Openfire CI | |
env: | |
CI: true | |
on: [push, pull_request] | |
jobs: | |
build: | |
name: Build Openfire from source | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
java: [ 11, 17 ] | |
distribution: [ zulu ] # We could add more here: temurin, adopt, liberica, microsoft, corretto | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up JDK ${{ matrix.java }} ${{ matrix.distribution }} | |
uses: actions/setup-java@v3 | |
with: | |
java-version: ${{ matrix.java }} | |
distribution: ${{ matrix.distribution }} | |
cache: maven | |
- name: Build with Maven | |
run: | | |
if [[ ${{ github.ref_name }} == 'main' ]]; then | |
./mvnw -B package -Pcoverage --file pom.xml | |
else | |
./mvnw -B package | |
fi | |
- name: Upload failed test reports | |
uses: actions/upload-artifact@v3 | |
if: always() | |
with: | |
name: surefire-reports_java${{ matrix.java }} | |
path: xmppserver/target/surefire-reports | |
- name: Upload distribution | |
if: ${{ matrix.distribution == 'zulu' }} | |
uses: actions/upload-artifact@v3 | |
with: | |
name: distribution-java${{ matrix.java }} | |
path: distribution/target/distribution-base | |
- name: Upload test files | |
if: ${{ matrix.distribution == 'zulu' }} | |
uses: actions/upload-artifact@v3 | |
with: | |
name: test-files | |
path: | | |
runIntegrationTests | |
runAioxmppIntegrationTests | |
runConnectivityIntegrationTests | |
test.gradle | |
- name: Upload coverage report for 'xmppserver' module | |
if: ${{ matrix.distribution == 'zulu' && matrix.java == 11 && github.ref_name == 'main'}} | |
uses: actions/upload-artifact@v3 | |
with: | |
name: Coverage Report for 'xmppserver' module | |
path: xmppserver/target/site/jacoco/ | |
aioxmpp: | |
name: Execute aioxmpp-based CI tests | |
runs-on: ubuntu-latest | |
needs: build | |
steps: | |
- name: Set JAVA_HOME to use Java 11 | |
run: echo "JAVA_HOME=$(echo $JAVA_HOME_11_X64)" >> $GITHUB_ENV | |
- name: Download distribution artifact from build job. | |
uses: actions/download-artifact@v3 | |
with: | |
name: distribution-java11 | |
path: distribution/target/distribution-base | |
- name: Download test files from build job. | |
uses: actions/download-artifact@v3 | |
with: | |
name: test-files | |
- name: Fix file permissions | |
run: | | |
chmod +x distribution/target/distribution-base/bin/openfire.sh | |
chmod +x ./runAioxmppIntegrationTests | |
- name: Set up Python | |
uses: actions/setup-python@v4 | |
with: | |
python-version: 3.11 | |
check-latest: true # attempt to prevent to use 3.11.3 by enticing the runner to update (to something later) | |
- name: Run aioxmpp tests | |
run: ./runAioxmppIntegrationTests -d -l -h example.org -i 127.0.0.1 || ./runAioxmppIntegrationTests -d -l -h example.org -i 127.0.0.1 || ./runAioxmppIntegrationTests -d -l -h example.org -i 127.0.0.1 # Try tests a few times, in case of flakiness | |
- name: Expose test output | |
if: always() | |
uses: actions/upload-artifact@v3 | |
with: | |
name: aioxmpp test output | |
path: aioxmpp/output | |
- name: Expose openfire output | |
if: always() | |
uses: actions/upload-artifact@v3 | |
with: | |
name: openfire logs | |
path: distribution/target/distribution-base/logs/* | |
check_branch: | |
runs-on: ubuntu-latest | |
outputs: | |
is_publishable_branch: ${{ steps.check-branch.outputs.is_publishable_branch }} | |
steps: | |
- name: check branch ${{ github.ref }} is either main or a version number | |
id: check-branch | |
run: | | |
if [[ ${{ github.ref }} == 'refs/heads/main' || ${{ github.ref }} =~ refs\/heads\/[0-9]+\.[0-9]+ ]]; then | |
echo "is_publishable_branch=true" >> $GITHUB_OUTPUT | |
else | |
echo "is_publishable_branch=false" >> $GITHUB_OUTPUT | |
fi | |
connectivity: | |
name: Execute Connectivity CI tests | |
runs-on: ubuntu-latest | |
needs: build | |
steps: | |
- name: Set JAVA_HOME to use Java 11 | |
run: echo "JAVA_HOME=$(echo $JAVA_HOME_11_X64)" >> $GITHUB_ENV | |
- name: Download distribution artifact from build job. | |
uses: actions/download-artifact@v3 | |
with: | |
name: distribution-java11 | |
path: distribution/target/distribution-base | |
- name: Download test files from build job. | |
uses: actions/download-artifact@v3 | |
with: | |
name: test-files | |
- name: Set up Java | |
uses: actions/setup-java@v3 | |
with: | |
java-version: 11 | |
distribution: zulu | |
- name: Fix file permissions | |
run: | | |
chmod +x distribution/target/distribution-base/bin/openfire.sh | |
chmod +x ./runConnectivityIntegrationTests | |
- name: Run connectivity tests | |
run: ./runConnectivityIntegrationTests -d -l -i 127.0.0.1 | |
smack: | |
name: Execute Smack-based CI tests | |
runs-on: ubuntu-latest | |
needs: build | |
steps: | |
- name: Set JAVA_HOME to use Java 11 | |
run: echo "JAVA_HOME=$(echo $JAVA_HOME_11_X64)" >> $GITHUB_ENV | |
- name: Download distribution artifact from build job. | |
uses: actions/download-artifact@v3 | |
with: | |
name: distribution-java11 | |
path: distribution/target/distribution-base | |
- name: Download test files from build job. | |
uses: actions/download-artifact@v3 | |
with: | |
name: test-files | |
- name: Set up Java | |
uses: actions/setup-java@v3 | |
with: | |
java-version: 11 | |
distribution: zulu | |
- name: Fix file permissions | |
run: | | |
chmod +x distribution/target/distribution-base/bin/openfire.sh | |
chmod +x ./runIntegrationTests | |
- name: Run smack tests | |
run: ./runIntegrationTests -d -l -i 127.0.0.1 | |
publish-maven: | |
name: Publish to Maven | |
runs-on: ubuntu-latest | |
needs: [aioxmpp, connectivity, smack, check_branch] | |
if: ${{github.repository == 'igniterealtime/Openfire' && github.event_name == 'push' && needs.check_branch.outputs.is_publishable_branch == 'true'}} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
# Defend against another commit quickly following the first | |
# We want the one that's been tested, rather than the head of main | |
ref: ${{ github.event.push.after }} | |
- name: Set up Java for publishing | |
uses: actions/setup-java@v3 | |
with: | |
java-version: 11 | |
distribution: zulu | |
cache: maven | |
server-id: igniterealtime | |
server-username: IGNITE_REALTIME_MAVEN_USERNAME | |
server-password: IGNITE_REALTIME_MAVEN_PASSWORD | |
- name: Publish | |
run: ./mvnw -B deploy -Pci -Dmaven.test.skip=true | |
env: | |
IGNITE_REALTIME_MAVEN_USERNAME: ${{ secrets.IGNITE_REALTIME_MAVEN_USERNAME }} | |
IGNITE_REALTIME_MAVEN_PASSWORD: ${{ secrets.IGNITE_REALTIME_MAVEN_PASSWORD }} | |
can-publish-docker: | |
# Based on https://github.com/GabLeRoux/github-actions-examples/blob/e0468ce2731b08bd8b1f7cd09d0b94c541310693/.github/workflows/secret_based_conditions.yml | |
name: Check if Docker Hub secrets exist | |
runs-on: ubuntu-latest | |
needs: [build, aioxmpp, connectivity, smack] | |
outputs: | |
is_DOCKERHUB_SECRET_set: ${{ steps.checksecret_job.outputs.is_DOCKERHUB_SECRET_set }} | |
steps: | |
- name: Check whether Docker Publish should be done | |
id: checksecret_job | |
env: | |
DOCKERHUB_SECRET: ${{ secrets.DOCKERHUB_TOKEN }} | |
run: | | |
echo "is_DOCKERHUB_SECRET_set: ${{ env.DOCKERHUB_SECRET != '' }}" | |
echo "is_DOCKERHUB_SECRET_set=${{ env.DOCKERHUB_SECRET != '' }}" >> $GITHUB_OUTPUT | |
publish-docker: | |
name: Publish to Docker Hub | |
runs-on: ubuntu-latest | |
needs: [can-publish-docker] | |
if: | | |
needs.can-publish-docker.outputs.is_DOCKERHUB_SECRET_set == 'true' && | |
github.event_name == 'push' && | |
(contains(github.ref, 'refs/tags/') || github.ref == 'refs/heads/main') | |
outputs: | |
imagedigest: ${{ steps.docker_build.outputs.digest }} | |
steps: | |
- name: Set up variables if we're on main | |
if: ${{ github.ref == 'refs/heads/main' }} | |
run: echo "SOURCE_TAG=alpha" >> $GITHUB_ENV | |
- name: Set up variables if we're on a tag | |
if: ${{ contains(github.ref, 'refs/tags/') }} | |
run: echo "SOURCE_TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV | |
- uses: actions/checkout@v4 | |
with: | |
# Defend against another commit quickly following the first | |
# We want the one that's been tested, rather than the head of main | |
ref: ${{ github.event.push.after }} | |
- name: Download distribution artifact from build job. | |
uses: actions/download-artifact@v3 | |
with: | |
name: distribution-java11 | |
path: distribution/target/distribution-base | |
- name: Fix file permissions | |
run: find . -type f -name '*.sh' -exec chmod +x {} \; | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Cache Docker layers # TODO: Validate that caches are faster than no caches | |
uses: actions/cache@v3 | |
with: | |
path: /tmp/.buildx-cache | |
key: ${{ runner.os }}-buildx-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-buildx- | |
- name: Login to DockerHub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Build and push to Docker Hub | |
id: docker_build | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
push: true | |
tags: ${{ secrets.DOCKERHUB_OPENFIREIMAGE }}:${{ env.SOURCE_TAG }} | |
platforms: linux/amd64,linux/arm64 | |
cache-from: type=local,src=/tmp/.buildx-cache | |
cache-to: type=local,dest=/tmp/.buildx-cache-new | |
- name: Move cache | |
# Temp fix | |
# https://github.com/docker/build-push-action/issues/252 | |
# https://github.com/moby/buildkit/issues/1896 | |
run: | | |
rm -rf /tmp/.buildx-cache | |
mv /tmp/.buildx-cache-new /tmp/.buildx-cache | |
- name: Image digest | |
run: | | |
echo Images published: | |
echo ${{ secrets.DOCKERHUB_OPENFIREIMAGE }}:${{ steps.docker_build.outputs.digest }} | |
echo ${{ secrets.DOCKERHUB_OPENFIREIMAGE }}:${{ env.SOURCE_TAG }} | |
test-published-docker: | |
name: Test tagged images published to Docker Hub | |
runs-on: ubuntu-latest | |
needs: [publish-docker] | |
if: contains(github.ref, 'refs/tags/') | |
steps: | |
- name: Launch & Check Openfire | |
run: | | |
docker run --name openfire -d -p 9090:9090 ${{ secrets.DOCKERHUB_OPENFIREIMAGE }}@${{needs.publish-docker.outputs.imagedigest}} | |
attempt_counter=0 | |
max_attempts=30 | |
until $(curl --output /dev/null --silent --head --fail http://127.0.0.1:9090); do | |
if [ ${attempt_counter} -eq ${max_attempts} ];then | |
echo "Max attempts reached. Openfire failed to launch." | |
exit 1 | |
fi | |
printf '.' | |
attempt_counter=$(($attempt_counter+1)) | |
sleep 1 | |
done | |
echo "Openfire Admin is reachable." | |
docker logs openfire |