Replace AuthTokens.basic with NeptuneAuthToken in OpenCypher #130
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI Pipeline | |
| on: | |
| # Trigger the workflow on push or pull request, | |
| # but only for the master and develop branch | |
| push: | |
| branches: [ main, develop ] | |
| pull_request: | |
| branches: [ main, develop ] | |
| # Trigger on-demand | |
| workflow_dispatch: | |
| inputs: | |
| signTacoFile: | |
| description: Sign taco file artifact | |
| type: boolean | |
| required: false | |
| default: false | |
| env: | |
| SIGNING_ENABLED: ${{ github.event.inputs.signTacoFile }} | |
| jobs: | |
| build: | |
| name: JDBC Build and Test | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out | |
| uses: actions/checkout@v3 | |
| - name: Set up JDK | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'zulu' | |
| java-version: 8 | |
| - name: Ensure executable permissions | |
| run: chmod +x ./gradlew | |
| - name: Build and test | |
| run: ./gradlew build | |
| - name: Build shadow jar | |
| run: ./gradlew shadowJar | |
| - name: Copy artifacts | |
| run: | | |
| mkdir output | |
| mkdir output/jarfile | |
| mkdir output/reports | |
| mkdir output/testresults | |
| cp build/libs/*.jar output/jarfile | |
| cp -R build/reports output/reports | |
| cp build/test-results/test/*.xml output/testresults | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: output | |
| path: output | |
| - name: Upload to Codecov | |
| uses: codecov/codecov-action@v3 | |
| build-taco: | |
| name: Assemble Tableau Connector | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out | |
| uses: actions/checkout@v3 | |
| - name: Ensure executable permissions | |
| run: chmod a+x ./tableau-connector/build.sh | |
| - name: Get driver version | |
| run: | | |
| file="./gradle.properties" | |
| MAJOR_VERSION=$(grep "MAJOR_VERSION" ${file} | cut -d'=' -f2) | |
| MINOR_VERSION=$(grep "MINOR_VERSION" ${file} | cut -d'=' -f2) | |
| PATCH_VERSION=$(grep "PATCH_VERSION" ${file} | cut -d'=' -f2) | |
| echo "version=$MAJOR_VERSION.$MINOR_VERSION.$PATCH_VERSION" >> $GITHUB_ENV | |
| - name: Assemble Tableau Connector | |
| run: ./tableau-connector/build.sh ${{env.version}} | |
| - name: View assembled file | |
| run: ls -l tableau-connector/target | |
| - name: Verify TACO filename | |
| run: | | |
| if [ ! -f "tableau-connector/target/neptune-jdbc-v${{env.version}}.taco" ] | |
| then | |
| echo "Error: The TACO file is either incorrectly named or missing from tableau-connector/target/." | |
| echo "Contents of tableau-connector/target/:" | |
| ls tableau-connector/target | |
| exit 1 | |
| fi | |
| - name: "Configure AWS credentials" | |
| if: ${{env.SIGNING_ENABLED == 'true'}} | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| role-skip-session-tagging: true | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: us-west-2 | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| role-external-id: ${{ secrets.AWS_ROLE_EXTERNAL_ID }} | |
| role-duration-seconds: 3600 | |
| - name: Sign TACO file | |
| id: sign-taco-file | |
| shell: bash | |
| run: | | |
| echo "Sign is set to ${SIGNING_ENABLED}" | |
| if [[ $SIGNING_ENABLED = "true" ]] | |
| then | |
| echo "Signing is enabled. Will attempt to sign" | |
| pwd | |
| ls -l tableau-connector/target | |
| echo "Installing jq" | |
| sudo apt-get install jq | |
| # Upload unsigned .taco to S3 Bucket | |
| echo "Obtaining version id and uploading unsigned .taco to S3 Bucket" | |
| version_id=$( aws s3api put-object --bucket ${{ secrets.AWS_UNSIGNED_BUCKET }} --key ${{ secrets.AWS_KEY }} --body ./tableau-connector/target/neptune-jdbc-v${{env.version}}.taco --acl bucket-owner-full-control | jq '.VersionId' ) | |
| job_id="" | |
| # Attempt to get Job ID from bucket tagging, will retry up to 3 times before exiting with a failure code. | |
| # Will sleep for 5 seconds between retries. | |
| echo "Attempt to get Job ID from bucket tagging, will retry up to 3 times before exiting with a failure code." | |
| for (( i=0; i<3; i++ )) | |
| do | |
| # Get job ID | |
| id=$( aws s3api get-object-tagging --bucket ${{ secrets.AWS_UNSIGNED_BUCKET }} --key ${{ secrets.AWS_KEY }} --version-id ${version_id} | jq -r '.TagSet[0].Value' ) | |
| if [ $id != "null" ] | |
| then | |
| job_id=$id | |
| break | |
| fi | |
| echo "Will sleep for 5 seconds between retries." | |
| sleep 5s | |
| done | |
| if [[ $job_id = "" ]] | |
| then | |
| echo "Exiting because unable to retrieve job ID" | |
| exit 1 | |
| fi | |
| # Poll signed S3 bucket to see if the signed artifact is there | |
| echo "Poll signed S3 bucket to see if the signed artifact is there" | |
| for (( i=0; i<3; i++ )) | |
| do | |
| aws s3api wait object-exists --bucket ${{ secrets.AWS_SIGNED_BUCKET }} --key ${{ secrets.AWS_KEY }}-${job_id}.taco | |
| if [ $? -eq 0 ] | |
| then | |
| break | |
| fi | |
| echo "Will sleep for 5 seconds between retries." | |
| sleep 5s | |
| done | |
| # Downloading signed taco from S3 | |
| echo "Downloading signed .taco from S3" | |
| aws s3api get-object --bucket ${{ secrets.AWS_SIGNED_BUCKET }} --key ${{ secrets.AWS_KEY }}-${job_id}.taco ./tableau-connector/target/neptune-jdbc-v${{env.version}}-signed.taco | |
| echo "Signing completed" | |
| ls -l tableau-connector/target | |
| else | |
| echo "Signing will be skipped" | |
| fi | |
| - name: Upload build | |
| if: always() | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: neptune-jdbc-${{env.version}}-taco | |
| path: ./tableau-connector/target/ |