I have run Selenium Java tests via GitHub Actions. For generating Report I have used
dorny/test-reporter#v1.5.0
My .xml file is:
name: DEV Table View suite
on:
workflow_dispatch:
jobs:
build:
runs-on: windows-latest
steps:
- name: Checkout
uses: actions/checkout#v1
- name: Set up JDK 1.11
uses: actions/setup-java#v2
with:
java-version: '11'
distribution: 'adopt'
- name: Test
run: mvn clean test -Denv=DEV -DtestngXML='tableView.xml'
- name: Report
uses: dorny/test-reporter#v1.5.0
if: always()
with:
name: Maven Tests
path: "**/surefire-reports/TEST-*.xml"
reporter: java-junit
fail-on-error: false
But in results I have noticed some issues:
incorrect time
passed tests are not green-colored
How to solve these issues?
I have a Github action pipeline that can successfully create an S3 and then upload my war file into there, but when deploying to the beanstalk, always got s3 access denied error. below is my build.yml file:
# This workflow will build a package using Maven and then publish it to GitHub packages when a release is created
# For more information see: https://github.com/actions/setup-java/blob/main/docs/advanced-usage.md#apache-maven-with-a-settings-path
name: Maven Package
on:
pull_request:
branches:
- main
push:
branches:
- develop
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout#v2
name: Set up JDK 8
- uses: actions/setup-java#v2
with:
java-version: '8'
distribution: 'adopt'
server-id: github # Value of the distributionManagement/repository/id field of the pom.xml
settings-path: ${{ github.workspace }} # location for the settings.xml file
- name: Build with Maven
run: mvn -B package --file pom.xml
- name: make a new dir and upload war in there
run: mkdir staging && cp -r target/* staging
- uses: actions/upload-artifact#v2
with:
name: Package
path: staging
- name: list all files
run: ls && cd target && ls
- name: Publish to GitHub Packages Apache Maven
run: mvn deploy -s $GITHUB_WORKSPACE/settings.xml
env:
GITHUB_TOKEN: ${{ github.token }}
- name: Deploy to EB
uses: einaregilsson/beanstalk-deploy#v18
with:
aws_access_key: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_secret_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
application_name: springbootwebapi
environment_name: Springbootwebapi-env
version_label: v1.0.10
region: us-east-2
deployment_package: target/login-0.0.2-SNAPSHOT.war
below is the some log snippet from GitHub action:
No existing bucket name given, creating/requesting storage location
Uploading file to bucket elasticbeanstalk-us-east-2-148565102071 New
build successfully uploaded to S3,
bucket=elasticbeanstalk-us-east-2-148565102071,
key=/springbootwebapi/v1-0-10.zip Created new application version
v1.0.10 in Beanstalk. Starting deployment of version v1.0.10 to
environment Springbootwebapi-env Deployment started,
"wait_for_deployment" was true...
18:17:02 INFO: Environment update is starting. 18:17:06 ERROR:
Service:Amazon S3, Message:Access Denied 18:17:06 ERROR: Failed to
deploy application. 18:17:07 ERROR: Service:Amazon S3, Message:Access
Denied: S3Bucket=elasticbeanstalk-us-east-2-148565102071,
S3Key=resources/environments/e-fp5bx3gtdn/_runtime/_versions/springbootwebapi/v1.0.10
18:17:13 ERROR: Deployment failed! Current State: Version: Sample
Application, Health: Red, Health Status: Degraded Error: Deployment
failed: Error: Deployment failed! Current State: Version: Sample
Application, Health: Red, Health Status: Degraded
I don't know why got accessed denied even right after the uploading successfully.
UPDATE 1:
I already have the below permissions added see the below, but not working:
As per docs, you need to attach the below policies for the AWS user to be able to deploy your project when using the GitHub action you have specified:
AWSElasticBeanstalkWebTier
AWSElasticBeanstalkManagedUpdatesCustomerRolePolicy
Adding the above will fix the problem, while also ensuring that you have no future issues when using this GitHub action.
After removing AWSCompromisedKeyQuarantineV2 from the permission list, it works successfully. The reason is this permission actually denies several related operations to the user, see the below JSON for AWSCompromisedKeyQuarantineV2 details:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Deny",
"Action": [
"ec2:RequestSpotInstances",
"ec2:RunInstances",
"ec2:StartInstances",
"iam:AddUserToGroup",
"iam:AttachGroupPolicy",
"iam:AttachRolePolicy",
"iam:AttachUserPolicy",
"iam:ChangePassword",
"iam:CreateAccessKey",
"iam:CreateInstanceProfile",
"iam:CreateLoginProfile",
"iam:CreatePolicyVersion",
"iam:CreateRole",
"iam:CreateUser",
"iam:DetachUserPolicy",
"iam:PassRole",
"iam:PutGroupPolicy",
"iam:PutRolePolicy",
"iam:PutUserPermissionsBoundary",
"iam:PutUserPolicy",
"iam:SetDefaultPolicyVersion",
"iam:UpdateAccessKey",
"iam:UpdateAccountPasswordPolicy",
"iam:UpdateAssumeRolePolicy",
"iam:UpdateLoginProfile",
"iam:UpdateUser",
"lambda:AddLayerVersionPermission",
"lambda:AddPermission",
"lambda:CreateFunction",
"lambda:GetPolicy",
"lambda:ListTags",
"lambda:PutProvisionedConcurrencyConfig",
"lambda:TagResource",
"lambda:UntagResource",
"lambda:UpdateFunctionCode",
"lightsail:Create*",
"lightsail:Delete*",
"lightsail:DownloadDefaultKeyPair",
"lightsail:GetInstanceAccessDetails",
"lightsail:Start*",
"lightsail:Update*",
"organizations:CreateAccount",
"organizations:CreateOrganization",
"organizations:InviteAccountToOrganization",
"s3:DeleteBucket",
"s3:DeleteObject",
"s3:DeleteObjectVersion",
"s3:PutLifecycleConfiguration",
"s3:PutBucketAcl",
"s3:DeleteBucketOwnershipControls",
"s3:DeleteBucketPolicy",
"s3:ObjectOwnerOverrideToBucketOwner",
"s3:PutAccountPublicAccessBlock",
"s3:PutBucketPolicy",
"s3:ListAllMyBuckets"
],
"Resource": [
"*"
]
}
]
}
I used gradle.yml before, around six month ago. But now in my new project it's not working (tests are failed).
Maybe is it related to changes about authorization by token or access with Selenide? Locally tests are passed.
My gradle.yml
name: Java CI with Gradle
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
- name: Set up JDK 15
uses: actions/setup-java#v2
with:
java-version: '15'
distribution: 'adopt'
- name: Grant execute permission for gradlew
run: chmod +x gradlew
- name: Build with Gradle
run: ./gradlew build --info
FAILURE: Build failed with an exception.
Error: Process completed with exit code 1.
some logs
As the docs state in order to cache the Maven dependencies with GitHub Actions all we have to use is the actions/cache action like this:
steps:
- uses: actions/checkout#v2
- name: Set up JDK 1.8
uses: actions/setup-java#v1
with:
java-version: 1.8
- name: Cache Maven packages
uses: actions/cache#v2
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
- name: Build with Maven
run: mvn --batch-mode --update-snapshots verify
However using the windows-2016 GitHub Actions environment, this doesn't provides us with a working cache - as the logs states:
Post job cleanup.
"C:\Program Files\Git\usr\bin\tar.exe" --posix --use-compress-program "zstd -T0" -cf cache.tzst -P -C D:/a/spring-boot-admin/spring-boot-admin --files-from manifest.txt --force-local
/usr/bin/tar: C\:\\Users\runneradmin\\.m2\repository: Cannot stat: No such file or directory
/usr/bin/tar: Exiting with failure status due to previous errors
Warning: Tar failed with error: The process 'C:\Program Files\Git\usr\bin\tar.exe' failed with exit code 2
How to fix this?
It seems that the path to the Maven repository isn't correctly initialized. As this issue describes the paths are written with \\ instead of / which GNU tar expects. The fix was already provided in Dec 2020, so it made it to the version v2.1.4. The last version v2.1.3 was released in November. But sadly there is a bug in pointing the v2 to the latest v2.1.4 (as normally expected by GitHub Actions users). Therefore to solve this issue, we need to explicitely specifiy the full actions/cache version v2.1.4 like this:
steps:
- uses: actions/checkout#v2
- name: Set up JDK 1.8
uses: actions/setup-java#v1
with:
java-version: 1.8
- name: Cache Maven packages
uses: actions/cache#v2.1.4
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
- name: Build with Maven
run: mvn --batch-mode --update-snapshots verify
Now it should work like a charm (see logs here).
I am trying to create a pipeline using Concourse CI. The pipeline should:
Get the code from git.
Build and package everything using maven.
Push generated artifact (target/*war) to Cloud Foundry.
Steps 1 and 2 are executed successfully but after hours of trying different configurations, I am not able to access the generated artifact and push it to CF.
I am getting following error in last step: error invalid path: found 0 files instead of 1 at path: /tmp/build/put/mvn-package/target/udm-0.1.war
File pipeline.yml:
resources:
- name: branch-dev
type: git
source:
uri: {{git-url}}
branch: {{git-branch}}
private_key: {{private-repo-key}}
- name: PCF-Dev
type: cf
source:
api: {{pcf-api}}
username: {{pcf-username}}
password: {{pcf-password}}
organization: {{pcf-organization}}
space: {{pcf-space}}
skip_cert_check: false
jobs:
- name: udm
serial: true
plan:
- get: branch-dev
trigger: true
- task: mvn-package
privileged: true
file: branch-dev/ci/package.yml
- put: PCF-Dev
params:
manifest: branch-dev/ci/manifest.yml
path: mvn-package-output/target/udm-0.1.war
File manifest.yml
applications:
- name: udm
File package.yml:
platform: linux
image_resource:
type: docker-image
source:
repository: maven
tag: latest
inputs:
- name: branch-dev
outputs:
- name: mvn-package-output
run:
path: "mvn"
args: ["-f", "branch-dev/udm/pom.xml", "package"]
I guess I am missing something. Could someone take a look and point me in the right direction?
You need to put/get the resource (build artifact) between build/deploy jobs (and have it defined as a resource)
Pivotal projects have very good examples of production Concourse use, like https://github.com/azwickey-pivotal/volume-demo/blob/master/ci/pipeline.yml