[Pkg-freeipa-devel] [Git][freeipa-team/tomcatjss][master] 28 commits: Update version number to 8.4.0-alpha1
Timo Aaltonen (@tjaalton)
gitlab at salsa.debian.org
Thu Aug 10 14:46:39 BST 2023
Timo Aaltonen pushed to branch master at FreeIPA packaging / tomcatjss
Commits:
ae2cec4a by Endi S. Dewata at 2022-12-05T11:48:51+07:00
Update version number to 8.4.0-alpha1
- - - - -
b3201ddb by Endi S. Dewata at 2022-12-14T22:50:29+07:00
Update runner-init.sh to no longer map cgroup folder
- - - - -
a1880b49 by Endi S. Dewata at 2022-12-14T22:50:29+07:00
Consolidate initialization jobs
- - - - -
3675a3f4 by Endi S. Dewata at 2022-12-15T02:10:39+07:00
Consolidate build jobs
The build jobs in test workflows have been consolidated into
build.yml such that the build will be created just once by the
build workflow, and the test workflows will use the same build
once it's completed.
https://github.com/lewagon/wait-on-check-action
- - - - -
e6d20a16 by Endi S. Dewata at 2022-12-15T09:30:08+07:00
Fix Eclipse warning due to missing encoding
- - - - -
b462db25 by Endi S. Dewata at 2022-12-16T21:02:13+07:00
Add tomcatjss-deps and tomcatjss-builder-deps images
The tomcatjss-deps and tomcatjss-builder-deps images have been
added to store the runtime and build dependencies, respectively.
- - - - -
f91a41ea by Endi S. Dewata at 2022-12-16T22:50:38+07:00
Cache tomcatjss-deps and tomcatjss-builder-deps images
The build job has been modified to cache the runtime and build
dependencies.
- - - - -
7864f7d8 by Endi S. Dewata at 2022-12-20T06:40:58+07:00
Add publish job
A new job has been added to publish Tomcat JSS images to GH
Packages after the build job in the master branch is complete.
- - - - -
2c1eb1ac by Endi S. Dewata at 2022-12-20T20:10:09+07:00
Update actions/checkout to v3
- - - - -
d6a9678e by Endi S. Dewata at 2022-12-20T20:10:39+07:00
Update actions/upload-artifact to v3
- - - - -
12ce3acf by Endi S. Dewata at 2022-12-20T20:10:42+07:00
Replace deprecated set-output with GITHUB_OUPUT
- - - - -
44d7576b by Endi S. Dewata at 2022-12-21T18:12:48+07:00
Drop default COPR repo
The CI has been modified to no longer use a COPR repo by default
and instead it will install JSS packages from jss-builder image.
- - - - -
5e891c54 by Endi S. Dewata at 2022-12-22T18:46:41+07:00
Add tomcatjss-dist image
The CI has been modified to store the RPMs in an Alpine-based
image and publish it to GH Packages to reduce the size of the
distribution.
- - - - -
8a146bf2 by Endi S. Dewata at 2023-01-05T20:35:44+07:00
Replace BASE64_MATRIX with BASE64_OS
Previously the BASE64_MATRIX parameter provided a mechanism
to test against multiple Fedora versions at once. However,
since the test resources are limited and only one of the
versions is eventually published, the parameter has been
replaced with a new BASE64_OS parameter which only supports
a single Fedora version.
https://github.com/dogtagpki/pki/wiki/Configuring-Test-OS
- - - - -
e99eb1a8 by Endi S. Dewata at 2023-01-06T07:03:33+07:00
Update publish workflow
The publish workflow has been modified to wait for the build
using lewagon/wait-on-check-action instead of on.workflow_run
such that it can be customized to publish the images with the
proper tag for the branch.
- - - - -
2b6a35ae by Endi S. Dewata at 2023-01-18T20:34:34+07:00
Add support for container registry configuration
The publish job has been modified to support container registry
configuration and will only run if the registry is configured.
The job will also no longer publish the runner image since it's
only used internally.
https://github.com/dogtagpki/pki/wiki/Configuring-Container-Registry
- - - - -
7e6f2f6d by Endi S. Dewata at 2023-01-18T08:49:38-06:00
Remove default container registry
- - - - -
3795700d by Endi S. Dewata at 2023-01-19T21:01:47+07:00
Switch to Quay.io
- - - - -
a5ca31ab by Endi S. Dewata at 2023-01-20T10:16:09-06:00
Clean up publish job
- - - - -
9878cfaa by Marco Fargetta at 2023-04-13T18:13:16+02:00
Update maven jss dependency to last version
- - - - -
9b77f362 by Endi S. Dewata at 2023-04-19T14:42:59-05:00
Publish to GitHub Maven registry
A new job has been added to build Tomcat JSS with Maven and
publish the artifacts to GitHub Maven registry. The group ID
and artifact ID have been renamed to follow a more commonly
used pattern.
- - - - -
b861b273 by Chris Kelley at 2023-04-20T10:50:26+01:00
Updating version to v8.4.0
- - - - -
8d13e1fa by Timo Aaltonen at 2023-05-16T15:24:58+03:00
Merge tag 'v8.3.0' into m
- - - - -
c4aaed7a by Timo Aaltonen at 2023-05-16T15:25:03+03:00
Merge branch 'master' into m
- - - - -
c379e977 by Timo Aaltonen at 2023-05-16T16:16:33+03:00
version bump
- - - - -
1284bc26 by Timo Aaltonen at 2023-05-16T16:18:30+03:00
control: Bump libjss-java depends.
- - - - -
c49eb2a3 by Timo Aaltonen at 2023-05-16T16:19:28+03:00
releasing package tomcatjss version 8.4.0-1
- - - - -
8814a11e by Timo Aaltonen at 2023-08-10T16:45:25+03:00
releasing package tomcatjss version 8.4.0-2
- - - - -
20 changed files:
- + .dockerignore
- .github/workflows/build-tests.yml
- + .github/workflows/build.yml
- .github/workflows/code-analysis.yml
- + .github/workflows/init.yml
- .github/workflows/pki-tests.yml
- + .github/workflows/publish.yml
- .github/workflows/sonarcloud-pull.yml
- .gitignore
- + .settings/org.eclipse.core.resources.prefs
- Dockerfile
- core/pom.xml
- debian/changelog
- debian/control
- debian/rules
- main/pom.xml
- pom.xml
- tests/bin/init-workflow.sh
- tomcat-9.0/pom.xml
- tomcatjss.spec
Changes:
=====================================
.dockerignore
=====================================
@@ -0,0 +1,3 @@
+tomcatjss-builder.tar
+tomcatjss-dist.tar
+tomcatjss-runner.tar
=====================================
.github/workflows/build-tests.yml
=====================================
@@ -4,39 +4,34 @@ on: [push, pull_request]
jobs:
init:
- name: Initializing Workflow
- runs-on: ubuntu-latest
- outputs:
- matrix: ${{ steps.init.outputs.matrix }}
- repo: ${{ steps.init.outputs.repo }}
- steps:
- - name: Clone repository
- uses: actions/checkout at v2
-
- - name: Initialize workflow
- id: init
- env:
- BASE64_MATRIX: ${{ secrets.BASE64_MATRIX }}
- BASE64_REPO: ${{ secrets.BASE64_REPO }}
- run: |
- tests/bin/init-workflow.sh
+ name: Initialization
+ uses: ./.github/workflows/init.yml
+ secrets: inherit
build-test:
name: Build Test
needs: init
runs-on: ubuntu-latest
- strategy:
- matrix: ${{ fromJSON(needs.init.outputs.matrix) }}
- container: fedora:${{ matrix.os }}
+ container: ${{ needs.init.outputs.base-image }}
steps:
- name: Clone repository
- uses: actions/checkout at v2
+ uses: actions/checkout at v3
- name: Install dependencies
run: |
- dnf install -y dnf-plugins-core maven rpm-build
- dnf copr enable -y ${{ needs.init.outputs.repo }}
- dnf builddep -y --spec tomcatjss.spec
+ dnf install -y dnf-plugins-core moby-engine maven rpm-build
+ if [ -n "$COPR_REPO" ]; then dnf copr enable -y $COPR_REPO; fi
+ dnf builddep -y --skip-unavailable --spec tomcatjss.spec
+ env:
+ COPR_REPO: ${{ needs.init.outputs.repo }}
+
+ - name: Install JSS packages from jss-dist
+ run: |
+ docker pull quay.io/dogtagpki/jss-dist:latest
+ docker create --name=jss-dist quay.io/dogtagpki/jss-dist:latest
+ docker cp jss-dist:/root/RPMS /tmp/RPMS/
+ docker rm -f jss-dist
+ dnf localinstall -y /tmp/RPMS/*
- name: Build Tomcat JSS with Ant
run: |
@@ -46,9 +41,9 @@ jobs:
run: |
mvn install:install-file \
-Dfile=/usr/lib/java/jss.jar \
- -DgroupId=org.dogtagpki \
- -DartifactId=jss \
- -Dversion=5.3.0-SNAPSHOT \
+ -DgroupId=org.dogtagpki.jss \
+ -DartifactId=jss-base \
+ -Dversion=5.4.0-SNAPSHOT \
-Dpackaging=jar \
-DgeneratePom=true
@@ -59,7 +54,7 @@ jobs:
- name: Compare tomcatjss.jar
run: |
jar tvf ~/build/tomcatjss/jars/tomcatjss.jar | awk '{print $8;}' | sort | tee ant.out
- jar tvf main/target/tomcatjss-main-8.3.0-SNAPSHOT.jar | awk '{print $8;}' | grep -v '^META-INF/maven/' | sort > maven.out
+ jar tvf main/target/tomcatjss-main-8.4.0-SNAPSHOT.jar | awk '{print $8;}' | grep -v '^META-INF/maven/' | sort > maven.out
diff ant.out maven.out
- name: Build Tomcat JSS RPMS with Ant
=====================================
.github/workflows/build.yml
=====================================
@@ -0,0 +1,105 @@
+name: Build Tomcat JSS
+
+on: [push, pull_request]
+
+jobs:
+ init:
+ name: Initialization
+ uses: ./.github/workflows/init.yml
+ secrets: inherit
+
+ build:
+ name: Building Tomcat JSS
+ needs: init
+ runs-on: ubuntu-latest
+ steps:
+ - name: Clone repository
+ uses: actions/checkout at v3
+
+ - name: Set up Docker Buildx
+ uses: docker/setup-buildx-action at v2
+
+ - name: Cache Docker layers
+ id: cache-buildx
+ uses: actions/cache at v3
+ with:
+ key: buildx-${{ hashFiles('tomcatjss.spec') }}
+ path: /tmp/.buildx-cache
+
+ - name: Build tomcatjss-deps image
+ uses: docker/build-push-action at v3
+ with:
+ context: .
+ build-args: |
+ BASE_IMAGE=${{ needs.init.outputs.base-image }}
+ COPR_REPO=${{ needs.init.outputs.repo }}
+ tags: tomcatjss-deps
+ target: tomcatjss-deps
+ cache-to: type=local,dest=/tmp/.buildx-cache
+ if: steps.cache-buildx.outputs.cache-hit != 'true'
+
+ - name: Build tomcatjss-builder-deps image
+ uses: docker/build-push-action at v3
+ with:
+ context: .
+ build-args: |
+ BASE_IMAGE=${{ needs.init.outputs.base-image }}
+ COPR_REPO=${{ needs.init.outputs.repo }}
+ tags: tomcatjss-builder-deps
+ target: tomcatjss-builder-deps
+ cache-to: type=local,dest=/tmp/.buildx-cache
+ if: steps.cache-buildx.outputs.cache-hit != 'true'
+
+ - name: Build tomcatjss-builder image
+ uses: docker/build-push-action at v3
+ with:
+ context: .
+ build-args: |
+ BASE_IMAGE=${{ needs.init.outputs.base-image }}
+ COPR_REPO=${{ needs.init.outputs.repo }}
+ tags: tomcatjss-builder
+ target: tomcatjss-builder
+ cache-from: type=local,src=/tmp/.buildx-cache
+ outputs: type=docker,dest=tomcatjss-builder.tar
+
+ - name: Store tomcatjss-builder image
+ uses: actions/cache at v3
+ with:
+ key: tomcatjss-builder-${{ github.sha }}
+ path: tomcatjss-builder.tar
+
+ - name: Build tomcatjss-dist image
+ uses: docker/build-push-action at v3
+ with:
+ context: .
+ build-args: |
+ BASE_IMAGE=${{ needs.init.outputs.base-image }}
+ COPR_REPO=${{ needs.init.outputs.repo }}
+ tags: tomcatjss-dist
+ target: tomcatjss-dist
+ cache-from: type=local,src=/tmp/.buildx-cache
+ outputs: type=docker,dest=tomcatjss-dist.tar
+
+ - name: Store tomcatjss-dist image
+ uses: actions/cache at v3
+ with:
+ key: tomcatjss-dist-${{ github.sha }}
+ path: tomcatjss-dist.tar
+
+ - name: Build tomcatjss-runner image
+ uses: docker/build-push-action at v3
+ with:
+ context: .
+ build-args: |
+ BASE_IMAGE=${{ needs.init.outputs.base-image }}
+ COPR_REPO=${{ needs.init.outputs.repo }}
+ tags: tomcatjss-runner
+ target: tomcatjss-runner
+ cache-from: type=local,src=/tmp/.buildx-cache
+ outputs: type=docker,dest=tomcatjss-runner.tar
+
+ - name: Store tomcatjss-runner image
+ uses: actions/cache at v3
+ with:
+ key: tomcatjss-runner-${{ github.sha }}
+ path: tomcatjss-runner.tar
=====================================
.github/workflows/code-analysis.yml
=====================================
@@ -3,54 +3,32 @@ on: [push, pull_request]
jobs:
init:
if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository
- name: Initializing Workflow
- runs-on: ubuntu-latest
- outputs:
- matrix: ${{ steps.init.outputs.matrix }}
- repo: ${{ steps.init.outputs.repo }}
- steps:
- - name: Clone repository
- uses: actions/checkout at v2
-
- - name: Initialize workflow
- id: init
- env:
- BASE64_MATRIX: ${{ secrets.BASE64_MATRIX }}
- BASE64_REPO: ${{ secrets.BASE64_REPO }}
- run: |
- tests/bin/init-workflow.sh
+ name: Initialization
+ uses: ./.github/workflows/init.yml
+ secrets: inherit
build:
- name: Building TomcatJSS
+ name: Waiting for build
needs: init
runs-on: ubuntu-latest
- strategy:
- matrix: ${{ fromJSON(needs.init.outputs.matrix) }}
steps:
- - name: Clone repository
- uses: actions/checkout at v2
-
- - name: Set up Docker Buildx
- uses: docker/setup-buildx-action at v1
-
- - name: Build runner image
- uses: docker/build-push-action at v2
+ - name: Wait for build
+ uses: lewagon/wait-on-check-action at v1.2.0
with:
- context: .
- build-args: |
- OS_VERSION=${{ matrix.os }}
- COPR_REPO=${{ needs.init.outputs.repo }}
- BUILD_OPTS=--with-timestamp --with-commit-id
- tags: tomcatjss-runner
- target: tomcatjss-runner
- outputs: type=docker,dest=sonar-runner.tar
-
- - name: Store runner image
- uses: actions/cache at v3
+ ref: ${{ github.ref }}
+ check-name: 'Building Tomcat JSS'
+ repo-token: ${{ secrets.GITHUB_TOKEN }}
+ wait-interval: 30
+ if: github.event_name == 'push'
+
+ - name: Wait for build
+ uses: lewagon/wait-on-check-action at v1.2.0
with:
- key: sonar-runner-${{ matrix.os }}-${{ github.run_id }}
- path: sonar-runner.tar
-
+ ref: ${{ github.event.pull_request.head.sha }}
+ check-name: 'Building Tomcat JSS'
+ repo-token: ${{ secrets.GITHUB_TOKEN }}
+ wait-interval: 30
+ if: github.event_name == 'pull_request'
sonarcloud:
name: SonarCloud
@@ -58,22 +36,19 @@ jobs:
runs-on: ubuntu-latest
env:
SHARED: /tmp/workdir/tomcatjss
- strategy:
- matrix: ${{ fromJSON(needs.init.outputs.matrix) }}
steps:
- - uses: actions/checkout at v2
+ - uses: actions/checkout at v3
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
-
- - name: Retrieve runner image
+ - name: Retrieve tomcatjss-runner image
uses: actions/cache at v3
with:
- key: sonar-runner-${{ matrix.os }}-${{ github.run_id }}
- path: sonar-runner.tar
+ key: tomcatjss-runner-${{ github.sha }}
+ path: tomcatjss-runner.tar
- - name: Load runner image
- run: docker load --input sonar-runner.tar
+ - name: Load tomcatjss-runner image
+ run: docker load --input tomcatjss-runner.tar
- name: Run container
run: |
@@ -107,7 +82,7 @@ jobs:
echo ${{ github.event.pull_request.base.ref }} > ./pr/BaseBranch
- name: Upload pr as artifact
- uses: actions/upload-artifact at v2
+ uses: actions/upload-artifact at v3
with:
name: pr
path: pr/
@@ -116,7 +91,7 @@ jobs:
name: Shellcheck
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout at v2
+ - uses: actions/checkout at v3
- name: Run ShellCheck
uses: ludeeus/action-shellcheck at master
with:
=====================================
.github/workflows/init.yml
=====================================
@@ -0,0 +1,38 @@
+name: Initialization
+on:
+ workflow_call:
+ secrets:
+ BASE64_OS:
+ required: false
+ BASE64_REPO:
+ required: false
+ BASE64_DATABASE:
+ required: false
+ outputs:
+ base-image:
+ value: ${{ jobs.init.outputs.base-image }}
+ repo:
+ value: ${{ jobs.init.outputs.repo }}
+ db-image:
+ value: ${{ jobs.init.outputs.db-image }}
+
+jobs:
+ init:
+ name: Initializing workflow
+ runs-on: ubuntu-latest
+ outputs:
+ base-image: ${{ steps.init.outputs.base-image }}
+ repo: ${{ steps.init.outputs.repo }}
+ db-image: ${{ steps.init.outputs.db-image }}
+ steps:
+ - name: Clone repository
+ uses: actions/checkout at v3
+
+ - name: Initialize workflow
+ id: init
+ env:
+ BASE64_OS: ${{ secrets.BASE64_OS }}
+ BASE64_REPO: ${{ secrets.BASE64_REPO }}
+ BASE64_DATABASE: ${{ secrets.BASE64_DATABASE }}
+ run: |
+ tests/bin/init-workflow.sh
=====================================
.github/workflows/pki-tests.yml
=====================================
@@ -4,53 +4,32 @@ on: [push, pull_request]
jobs:
init:
- name: Initializing Workflow
- runs-on: ubuntu-latest
- outputs:
- matrix: ${{ steps.init.outputs.matrix }}
- repo: ${{ steps.init.outputs.repo }}
- steps:
- - name: Clone repository
- uses: actions/checkout at v2
-
- - name: Initialize workflow
- id: init
- env:
- BASE64_MATRIX: ${{ secrets.BASE64_MATRIX }}
- BASE64_REPO: ${{ secrets.BASE64_REPO }}
- run: |
- tests/bin/init-workflow.sh
+ name: Initialization
+ uses: ./.github/workflows/init.yml
+ secrets: inherit
build:
- name: Building TomcatJSS
+ name: Waiting for build
needs: init
runs-on: ubuntu-latest
- strategy:
- matrix: ${{ fromJSON(needs.init.outputs.matrix) }}
steps:
- - name: Clone repository
- uses: actions/checkout at v2
-
- - name: Set up Docker Buildx
- uses: docker/setup-buildx-action at v1
-
- - name: Build runner image
- uses: docker/build-push-action at v2
+ - name: Wait for build
+ uses: lewagon/wait-on-check-action at v1.2.0
with:
- context: .
- build-args: |
- OS_VERSION=${{ matrix.os }}
- COPR_REPO=${{ needs.init.outputs.repo }}
- BUILD_OPTS=--with-timestamp --with-commit-id
- tags: tomcatjss-runner
- target: tomcatjss-runner
- outputs: type=docker,dest=tomcatjss-runner.tar
-
- - name: Store runner image
- uses: actions/cache at v3
+ ref: ${{ github.ref }}
+ check-name: 'Building Tomcat JSS'
+ repo-token: ${{ secrets.GITHUB_TOKEN }}
+ wait-interval: 30
+ if: github.event_name == 'push'
+
+ - name: Wait for build
+ uses: lewagon/wait-on-check-action at v1.2.0
with:
- key: tomcatjss-runner-${{ matrix.os }}-${{ github.run_id }}
- path: tomcatjss-runner.tar
+ ref: ${{ github.event.pull_request.head.sha }}
+ check-name: 'Building Tomcat JSS'
+ repo-token: ${{ secrets.GITHUB_TOKEN }}
+ wait-interval: 30
+ if: github.event_name == 'pull_request'
# https://github.com/dogtagpki/pki/blob/master/docs/installation/server/Installing_Basic_PKI_Server.md
ssl-test:
@@ -59,19 +38,17 @@ jobs:
runs-on: ubuntu-latest
env:
SHARED: /tmp/workdir/tomcatjss
- strategy:
- matrix: ${{ fromJSON(needs.init.outputs.matrix) }}
steps:
- name: Clone repository
- uses: actions/checkout at v2
+ uses: actions/checkout at v3
- - name: Retrieve runner image
+ - name: Retrieve tomcatjss-runner image
uses: actions/cache at v3
with:
- key: tomcatjss-runner-${{ matrix.os }}-${{ github.run_id }}
+ key: tomcatjss-runner-${{ github.sha }}
path: tomcatjss-runner.tar
- - name: Load runner image
+ - name: Load tomcatjss-runner image
run: docker load --input tomcatjss-runner.tar
- name: Run container
@@ -163,19 +140,17 @@ jobs:
runs-on: ubuntu-latest
env:
SHARED: /tmp/workdir/tomcatjss
- strategy:
- matrix: ${{ fromJSON(needs.init.outputs.matrix) }}
steps:
- name: Clone repository
- uses: actions/checkout at v2
+ uses: actions/checkout at v3
- - name: Retrieve runner image
+ - name: Retrieve tomcatjss-runner image
uses: actions/cache at v3
with:
- key: tomcatjss-runner-${{ matrix.os }}-${{ github.run_id }}
+ key: tomcatjss-runner-${{ github.sha }}
path: tomcatjss-runner.tar
- - name: Load runner image
+ - name: Load tomcatjss-runner image
run: docker load --input tomcatjss-runner.tar
- name: Run container
@@ -220,8 +195,8 @@ jobs:
- name: Upload artifacts
if: always()
- uses: actions/upload-artifact at v2
+ uses: actions/upload-artifact at v3
with:
- name: ca-${{ matrix.os }}
+ name: ca
path: |
/tmp/artifacts/pki
=====================================
.github/workflows/publish.yml
=====================================
@@ -0,0 +1,97 @@
+name: Publish Tomcat JSS
+
+on:
+ push:
+ branches:
+ - master
+
+env:
+ NAMESPACE: ${{ vars.REGISTRY_NAMESPACE || github.repository_owner }}
+
+jobs:
+ init:
+ name: Initialization
+ uses: ./.github/workflows/init.yml
+ secrets: inherit
+ if: vars.REGISTRY != ''
+
+ publish-maven:
+ name: Publishing Maven artifacts
+ needs: init
+ runs-on: ubuntu-latest
+ steps:
+ - name: Clone repository
+ uses: actions/checkout at v3
+
+ - name: Set up Java
+ uses: actions/setup-java at v3
+ with:
+ java-version: '17'
+ distribution: 'adopt'
+
+ - name: Check settings.xml
+ run: |
+ cat ~/.m2/settings.xml
+
+ - name: Update pom.xml
+ run: |
+ sed -i \
+ -e "s/OWNER/$NAMESPACE/g" \
+ -e "s/REPOSITORY/tomcatjss/g" \
+ pom.xml
+ cat pom.xml
+
+ - name: Publish Maven artifacts
+ run: |
+ mvn \
+ --batch-mode \
+ --update-snapshots \
+ deploy
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+ wait-for-images:
+ name: Waiting for container images
+ needs: init
+ runs-on: ubuntu-latest
+ steps:
+ - name: Wait for container images
+ uses: lewagon/wait-on-check-action at v1.2.0
+ with:
+ ref: ${{ github.ref }}
+ check-name: 'Building Tomcat JSS'
+ repo-token: ${{ secrets.GITHUB_TOKEN }}
+ wait-interval: 30
+
+ publish-images:
+ name: Publishing container images
+ needs: [init, wait-for-images]
+ runs-on: ubuntu-latest
+ steps:
+ - name: Log in to GitHub Container Registry
+ uses: docker/login-action at v2
+ with:
+ registry: ${{ vars.REGISTRY }}
+ username: ${{ github.actor }}
+ password: ${{ secrets.GITHUB_TOKEN }}
+ if: vars.REGISTRY == 'ghcr.io'
+
+ - name: Log in to other container registry
+ uses: docker/login-action at v2
+ with:
+ registry: ${{ vars.REGISTRY }}
+ username: ${{ secrets.REGISTRY_USERNAME }}
+ password: ${{ secrets.REGISTRY_PASSWORD }}
+ if: vars.REGISTRY != 'ghcr.io'
+
+ - name: Retrieve tomcatjss-dist image
+ uses: actions/cache at v3
+ with:
+ key: tomcatjss-dist-${{ github.sha }}
+ path: tomcatjss-dist.tar
+
+ - name: Publish tomcatjss-dist image
+ run: |
+ docker load --input tomcatjss-dist.tar
+ docker tag tomcatjss-dist ${{ vars.REGISTRY }}/$NAMESPACE/tomcatjss-dist:latest
+ docker push ${{ vars.REGISTRY }}/$NAMESPACE/tomcatjss-dist:latest
=====================================
.github/workflows/sonarcloud-pull.yml
=====================================
@@ -68,33 +68,18 @@ jobs:
return pr_base;
init:
- name: Initializing Workflow
- runs-on: ubuntu-latest
+ name: Initialization
needs: retrieve-pr
- outputs:
- matrix: ${{ steps.init.outputs.matrix }}
- repo: ${{ steps.init.outputs.repo }}
- steps:
- - name: Clone repository
- uses: actions/checkout at v2
-
- - name: Initialize workflow
- id: init
- env:
- BASE64_MATRIX: ${{ secrets.BASE64_MATRIX }}
- BASE64_REPO: ${{ secrets.BASE64_REPO }}
- run: |
- tests/bin/init-workflow.sh
+ uses: ./.github/workflows/init.yml
+ secrets: inherit
build:
name: Building TomcatJSS
needs: [init, retrieve-pr]
runs-on: ubuntu-latest
- strategy:
- matrix: ${{ fromJSON(needs.init.outputs.matrix) }}
steps:
- name: Clone the repository
- uses: actions/checkout at v2
+ uses: actions/checkout at v3
with:
repository: ${{ github.event.workflow_run.head_repository.full_name }}
ref: ${{ github.event.workflow_run.head_branch }}
@@ -115,9 +100,8 @@ jobs:
with:
context: .
build-args: |
- OS_VERSION=${{ matrix.os }}
+ BASE_IMAGE=${{ needs.init.outputs.base-image }}
COPR_REPO=${{ needs.init.outputs.repo }}
- BUILD_OPTS=--with-timestamp --with-commit-id
tags: tomcatjss-runner
target: tomcatjss-runner
outputs: type=docker,dest=sonar-runner.tar
@@ -125,7 +109,7 @@ jobs:
- name: Store runner image
uses: actions/cache at v3
with:
- key: sonar-runner-${{ matrix.os }}-${{ github.event.workflow_run.id }}
+ key: sonar-runner-${{ github.event.workflow_run.id }}
path: sonar-runner.tar
sonarcloud:
@@ -135,20 +119,18 @@ jobs:
runs-on: ubuntu-latest
env:
SHARED: /tmp/workdir/ldapjdk
- strategy:
- matrix: ${{ fromJSON(needs.init.outputs.matrix) }}
steps:
- name: Retrieve runner image
uses: actions/cache at v3
with:
- key: sonar-runner-${{ matrix.os }}-${{ github.event.workflow_run.id }}
+ key: sonar-runner-${{ github.event.workflow_run.id }}
path: sonar-runner.tar
- name: Load runner image
run: docker load --input sonar-runner.tar
- name: Clone the repository
- uses: actions/checkout at v2
+ uses: actions/checkout at v3
with:
repository: ${{ github.event.workflow_run.head_repository.full_name }}
ref: ${{ github.event.workflow_run.head_branch }}
=====================================
.gitignore
=====================================
@@ -2,3 +2,4 @@
build
dist
target/
+.flattened-pom.xml
=====================================
.settings/org.eclipse.core.resources.prefs
=====================================
@@ -0,0 +1,2 @@
+eclipse.preferences.version=1
+encoding/<project>=UTF-8
=====================================
Dockerfile
=====================================
@@ -4,44 +4,80 @@
# SPDX-License-Identifier: GPL-2.0-or-later
#
-ARG OS_VERSION="latest"
-ARG COPR_REPO="@pki/11.3"
+ARG BASE_IMAGE="registry.fedoraproject.org/fedora:latest"
+ARG COPR_REPO=""
################################################################################
-FROM registry.fedoraproject.org/fedora:$OS_VERSION AS tomcatjss-builder
+FROM $BASE_IMAGE AS tomcatjss-base
+
+RUN dnf install -y dnf-plugins-core systemd \
+ && dnf clean all \
+ && rm -rf /var/cache/dnf
+
+CMD [ "/usr/sbin/init" ]
+
+################################################################################
+FROM tomcatjss-base AS tomcatjss-deps
ARG COPR_REPO
-ARG BUILD_OPTS
# Enable COPR repo if specified
-RUN if [ -n "$COPR_REPO" ]; then dnf install -y dnf-plugins-core; dnf copr enable -y $COPR_REPO; fi
+RUN if [ -n "$COPR_REPO" ]; then dnf copr enable -y $COPR_REPO; fi
+
+# Install Tomcat JSS runtime dependencies
+RUN dnf install -y dogtag-tomcatjss \
+ && dnf remove -y dogtag-* --noautoremove \
+ && dnf clean all \
+ && rm -rf /var/cache/dnf
+
+################################################################################
+FROM tomcatjss-deps AS tomcatjss-builder-deps
+
+# Install build tools
+RUN dnf install -y rpm-build
-# Import source
-COPY . /tmp/tomcatjss/
-WORKDIR /tmp/tomcatjss
+# Import Tomcat JSS sources
+COPY tomcatjss.spec /root/tomcatjss/
+WORKDIR /root/tomcatjss
-# Build packages
-RUN dnf install -y git rpm-build
-RUN dnf builddep -y --spec tomcatjss.spec
-RUN ./build.sh $BUILD_OPTS --work-dir=build rpm
+# Install Tomcat JSS build dependencies
+RUN dnf builddep -y --skip-unavailable --spec tomcatjss.spec
################################################################################
-FROM registry.fedoraproject.org/fedora:$OS_VERSION AS tomcatjss-runner
+FROM tomcatjss-builder-deps AS tomcatjss-builder
-ARG COPR_REPO
+# Import JSS packages
+COPY --from=quay.io/dogtagpki/jss-dist:latest /root/RPMS /tmp/RPMS/
-EXPOSE 389 8080 8443
+# Install build depencencies
+RUN dnf localinstall -y /tmp/RPMS/* \
+ && dnf clean all \
+ && rm -rf /var/cache/dnf \
+ && rm -rf /tmp/RPMS
-# Enable COPR repo if specified
-RUN if [ -n "$COPR_REPO" ]; then dnf install -y dnf-plugins-core; dnf copr enable -y $COPR_REPO; fi
+# Import Tomcat JSS source
+COPY . /root/tomcatjss/
-# Import packages
-COPY --from=tomcatjss-builder /tmp/tomcatjss/build/RPMS /tmp/RPMS/
+# Build Tomcat JSS packages
+RUN ./build.sh --work-dir=build rpm
-# Install packages
-RUN dnf localinstall -y /tmp/RPMS/*; rm -rf /tmp/RPMS
+################################################################################
+FROM alpine:latest AS tomcatjss-dist
-# Install systemd to run the container
-RUN dnf install -y systemd
+# Import Tomcat JSS packages
+COPY --from=tomcatjss-builder /root/tomcatjss/build/RPMS /root/RPMS/
-CMD [ "/usr/sbin/init" ]
+################################################################################
+FROM tomcatjss-deps AS tomcatjss-runner
+
+# Import JSS packages
+COPY --from=quay.io/dogtagpki/jss-dist:latest /root/RPMS /tmp/RPMS/
+
+# Import Tomcat JSS packages
+COPY --from=tomcatjss-dist /root/RPMS /tmp/RPMS/
+
+# Install runtime packages
+RUN dnf localinstall -y /tmp/RPMS/* \
+ && dnf clean all \
+ && rm -rf /var/cache/dnf \
+ && rm -rf /tmp/RPMS
=====================================
core/pom.xml
=====================================
@@ -4,9 +4,15 @@
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
- <groupId>org.dogtagpki</groupId>
+
+ <parent>
+ <groupId>org.dogtagpki.tomcatjss</groupId>
+ <artifactId>tomcatjss-parent</artifactId>
+ <version>${revision}</version>
+ </parent>
+
<artifactId>tomcatjss-core</artifactId>
- <version>8.3.0-SNAPSHOT</version>
+ <packaging>jar</packaging>
<dependencies>
@@ -29,9 +35,9 @@
</dependency>
<dependency>
- <groupId>org.dogtagpki</groupId>
- <artifactId>jss</artifactId>
- <version>5.3.0-SNAPSHOT</version>
+ <groupId>org.dogtagpki.jss</groupId>
+ <artifactId>jss-base</artifactId>
+ <version>5.4.0-SNAPSHOT</version>
</dependency>
</dependencies>
=====================================
debian/changelog
=====================================
@@ -1,3 +1,16 @@
+tomcatjss (8.4.0-2) unstable; urgency=medium
+
+ * Release to unstable.
+
+ -- Timo Aaltonen <tjaalton at debian.org> Thu, 10 Aug 2023 16:44:43 +0300
+
+tomcatjss (8.4.0-1) experimental; urgency=medium
+
+ * New upstream release.
+ * control: Bump libjss-java depends.
+
+ -- Timo Aaltonen <tjaalton at debian.org> Tue, 16 May 2023 16:18:31 +0300
+
tomcatjss (8.3.0-1) unstable; urgency=medium
* New upstream release.
=====================================
debian/control
=====================================
@@ -9,7 +9,7 @@ Build-Depends:
default-jdk,
javahelper,
libcommons-lang3-java,
- libjss-java (>= 5.3.0),
+ libjss-java (>= 5.4.0),
libslf4j-java,
libtomcat9-java (>= 9.0.37-2~),
Standards-Version: 4.6.0
@@ -21,7 +21,7 @@ Package: libtomcatjss-java
Architecture: all
Depends: libtomcat9-java, ${java:Depends}, ${misc:Depends},
libcommons-lang3-java,
- libjss-java (>= 5.3.0),
+ libjss-java (>= 5.4.0),
libslf4j-java,
Conflicts: libtcnative-1
Breaks: pki-server (<< 10.3.5-2)
=====================================
debian/rules
=====================================
@@ -17,7 +17,7 @@ override_dh_auto_build:
-Dinstall.doc.dir=build/usr/share/doc/tomcatjss \
-Dinstall.jar.dir=build/usr/share/java \
-Dslf4j-api.jar=/usr/share/java/slf4j-api.jar \
- -Dversion=8.3.0 \
+ -Dversion=8.4.0 \
install
override_dh_auto_install:
=====================================
main/pom.xml
=====================================
@@ -4,22 +4,28 @@
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
- <groupId>org.dogtagpki</groupId>
+
+ <parent>
+ <groupId>org.dogtagpki.tomcatjss</groupId>
+ <artifactId>tomcatjss-parent</artifactId>
+ <version>${revision}</version>
+ </parent>
+
<artifactId>tomcatjss-main</artifactId>
- <version>8.3.0-SNAPSHOT</version>
+ <packaging>jar</packaging>
<dependencies>
<dependency>
- <groupId>org.dogtagpki</groupId>
+ <groupId>${project.groupId}</groupId>
<artifactId>tomcatjss-core</artifactId>
- <version>8.3.0-SNAPSHOT</version>
+ <version>${project.version}</version>
</dependency>
<dependency>
- <groupId>org.dogtagpki</groupId>
+ <groupId>${project.groupId}</groupId>
<artifactId>tomcatjss-tomcat-9.0</artifactId>
- <version>8.3.0-SNAPSHOT</version>
+ <version>${project.version}</version>
</dependency>
</dependencies>
@@ -40,6 +46,7 @@
<artifactSet>
<excludes>
<exclude>org.slf4j:slf4j-api</exclude>
+ <exclude>org.slf4j:slf4j-jdk14</exclude>
<exclude>org.apache.commons:commons-lang3</exclude>
<exclude>org.apache.tomcat:tomcat-catalina</exclude>
<exclude>org.apache.tomcat:tomcat-servlet-api</exclude>
@@ -53,7 +60,7 @@
<exclude>org.apache.tomcat:tomcat-util</exclude>
<exclude>org.apache.tomcat:tomcat-util-scan</exclude>
<exclude>org.apache.tomcat:tomcat-jaspic-api</exclude>
- <exclude>org.dogtagpki:jss</exclude>
+ <exclude>org.dogtagpki.jss:jss-base</exclude>
</excludes>
</artifactSet>
</configuration>
=====================================
pom.xml
=====================================
@@ -4,15 +4,68 @@
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
- <groupId>org.dogtagpki</groupId>
- <artifactId>tomcatjss</artifactId>
- <version>8.3.0-SNAPSHOT</version>
+ <groupId>org.dogtagpki.tomcatjss</groupId>
+ <artifactId>tomcatjss-parent</artifactId>
+ <version>${revision}</version>
<packaging>pom</packaging>
+ <properties>
+ <revision>8.4.0-SNAPSHOT</revision>
+ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+ </properties>
+
<modules>
<module>core</module>
<module>tomcat-9.0</module>
<module>main</module>
</modules>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>flatten-maven-plugin</artifactId>
+ <version>1.1.0</version>
+ <configuration>
+ <updatePomFile>true</updatePomFile>
+ <flattenMode>resolveCiFriendliesOnly</flattenMode>
+ </configuration>
+ <executions>
+ <execution>
+ <id>flatten</id>
+ <phase>process-resources</phase>
+ <goals>
+ <goal>flatten</goal>
+ </goals>
+ </execution>
+ <execution>
+ <id>flatten.clean</id>
+ <phase>clean</phase>
+ <goals>
+ <goal>clean</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+
+ <repositories>
+ <repository>
+ <id>github</id>
+ <url>https://maven.pkg.github.com/OWNER/*</url>
+ <snapshots>
+ <enabled>true</enabled>
+ </snapshots>
+ </repository>
+ </repositories>
+
+ <distributionManagement>
+ <repository>
+ <id>github</id>
+ <name>GitHub Packages</name>
+ <url>https://maven.pkg.github.com/OWNER/REPOSITORY</url>
+ </repository>
+ </distributionManagement>
+
</project>
=====================================
tests/bin/init-workflow.sh
=====================================
@@ -1,21 +1,38 @@
#!/bin/bash -e
-if [ "$BASE64_MATRIX" == "" ]
+################################################################################
+# Base image
+
+if [ "$BASE64_OS" != "" ]
then
- MATRIX="{\"os\":[\"latest\"]}"
+ OS_VERSION=$(echo "$BASE64_OS" | base64 -d)
else
- MATRIX=$(echo "$BASE64_MATRIX" | base64 -d)
+ OS_VERSION=latest
fi
-echo "MATRIX: $MATRIX"
-echo "::set-output name=matrix::$MATRIX"
+BASE_IMAGE=registry.fedoraproject.org/fedora:$OS_VERSION
+echo "BASE_IMAGE: $BASE_IMAGE"
+echo "base-image=$BASE_IMAGE" >> $GITHUB_OUTPUT
+
+################################################################################
+# COPR repository
-if [ "$BASE64_REPO" == "" ]
+if [ "$BASE64_REPO" != "" ]
then
- REPO="@pki/11.3"
-else
REPO=$(echo "$BASE64_REPO" | base64 -d)
fi
echo "REPO: $REPO"
-echo "::set-output name=repo::$REPO"
+echo "repo=$REPO" >> $GITHUB_OUTPUT
+
+################################################################################
+# Database image
+
+if [ "$BASE64_DATABASE" != "" ]
+then
+ DATABASE=$(echo "$BASE64_DATABASE" | base64 -d)
+ DB_IMAGE=$(echo "$DATABASE" | jq -r .image)
+fi
+
+echo "DB_IMAGE: $DB_IMAGE"
+echo "db-image=$DB_IMAGE" >> $GITHUB_OUTPUT
=====================================
tomcat-9.0/pom.xml
=====================================
@@ -4,9 +4,15 @@
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
- <groupId>org.dogtagpki</groupId>
+
+ <parent>
+ <groupId>org.dogtagpki.tomcatjss</groupId>
+ <artifactId>tomcatjss-parent</artifactId>
+ <version>${revision}</version>
+ </parent>
+
<artifactId>tomcatjss-tomcat-9.0</artifactId>
- <version>8.3.0-SNAPSHOT</version>
+ <packaging>jar</packaging>
<dependencies>
@@ -17,15 +23,15 @@
</dependency>
<dependency>
- <groupId>org.dogtagpki</groupId>
- <artifactId>jss</artifactId>
- <version>5.3.0-SNAPSHOT</version>
+ <groupId>org.dogtagpki.jss</groupId>
+ <artifactId>jss-base</artifactId>
+ <version>5.4.0-SNAPSHOT</version>
</dependency>
<dependency>
- <groupId>org.dogtagpki</groupId>
+ <groupId>${project.groupId}</groupId>
<artifactId>tomcatjss-core</artifactId>
- <version>8.3.0-SNAPSHOT</version>
+ <version>${project.version}</version>
</dependency>
</dependencies>
=====================================
tomcatjss.spec
=====================================
@@ -6,7 +6,7 @@ Name: tomcatjss
# Upstream version number:
%global major_version 8
-%global minor_version 3
+%global minor_version 4
%global update_version 0
# Downstream release number:
@@ -26,6 +26,7 @@ Name: tomcatjss
Summary: JSS Connector for Apache Tomcat
URL: https://github.com/dogtagpki/tomcatjss
License: LGPLv2+
+BuildArch: noarch
Version: %{major_version}.%{minor_version}.%{update_version}
Release: %{release_number}%{?phase:.}%{?phase}%{?timestamp:.}%{?timestamp}%{?commit_id:.}%{?commit_id}%{?dist}
@@ -46,9 +47,6 @@ Source: https://github.com/dogtagpki/tomcatjss/archive/v%{version}%{?p
# > tomcatjss-VERSION-RELEASE.patch
# Patch: tomcatjss-VERSION-RELEASE.patch
-BuildArch: noarch
-ExclusiveArch: %{java_arches} noarch
-
################################################################################
# Java
################################################################################
@@ -76,7 +74,7 @@ BuildRequires: slf4j
BuildRequires: slf4j-jdk14
# JSS
-BuildRequires: jss = 5.3
+BuildRequires: jss = 5.4
# Tomcat
%if 0%{?rhel} && ! 0%{?eln}
@@ -107,7 +105,7 @@ Requires: slf4j
Requires: slf4j-jdk14
# JSS
-Requires: jss = 5.3
+Requires: jss = 5.4
# Tomcat
%if 0%{?rhel} && ! 0%{?eln}
View it on GitLab: https://salsa.debian.org/freeipa-team/tomcatjss/-/compare/e28fb091ea8330a62cfedcc6561e1b394aae7b47...8814a11e1a99bef17730eefe6b4daff53a59ad60
--
View it on GitLab: https://salsa.debian.org/freeipa-team/tomcatjss/-/compare/e28fb091ea8330a62cfedcc6561e1b394aae7b47...8814a11e1a99bef17730eefe6b4daff53a59ad60
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-freeipa-devel/attachments/20230810/044c186f/attachment-0001.htm>
More information about the Pkg-freeipa-devel
mailing list