inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-24 17:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

[ACS-5005] Improve keystore/truststore generation for GHA (#1873)

Browse Source
This commit is contained in:
Kacper Magdziarz
2023-04-14 16:12:33 +02:00
committed by GitHub
parent 32c3a5ad90
commit 7e9e0e1ad4
3 changed files with 13 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
.github/workflows/ci.yml vendored
View File

@@ -23,6 +23,7 @@ env:
MAVEN_USERNAME: ${{ secrets.NEXUS_USERNAME }}
QUAY_PASSWORD: ${{ secrets.QUAY_PASSWORD }}
QUAY_USERNAME: ${{ secrets.QUAY_USERNAME }}
CI_WORKSPACE: ${{ github.workspace }}
TAS_ENVIRONMENT: ./packaging/tests/environment
TAS_SCRIPTS: ../alfresco-community-repo/packaging/tests/scripts
@@ -316,7 +317,8 @@ jobs:
- testSuite: MTLSTestSuite
compose-profile: with-mtls-transform-core-aio
mtls: true
mvn-options: '-Dencryption.ssl.keystore.location=${GITHUB_WORKSPACE}/keystores/alfresco/alfresco.keystore -Dencryption.ssl.truststore.location=${GITHUB_WORKSPACE}/keystores/alfresco/alfresco.truststore'
disabledHostnameVerification: false
mvn-options: '-Dencryption.ssl.keystore.location=${CI_WORKSPACE}/keystores/alfresco/alfresco.keystore -Dencryption.ssl.truststore.location=${CI_WORKSPACE}/keystores/alfresco/alfresco.truststore'
steps:
- uses: actions/checkout@v3
- uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v1.33.0
@@ -328,8 +330,14 @@ jobs:
- name: "Generate Keystores and Truststores for Mutual TLS configuration"
if: ${{ matrix.mtls }}
run: |
git clone -b "master" --depth=1 "https://${{ secrets.BOT_GITHUB_USERNAME }}:${{ secrets.BOT_GITHUB_TOKEN }}@github.com/Alfresco/alfresco-ssl-generator.git"
bash ./scripts/ci/generate_keystores.sh
git clone -b "master" --depth=1 "https://${{ secrets.BOT_GITHUB_USERNAME }}:${{ secrets.BOT_GITHUB_TOKEN }}@github.com/Alfresco/alfresco-ssl-generator.git"
if ${{ matrix.disabledHostnameVerification }} ; then
bash ${{ env.CI_WORKSPACE }}/alfresco-ssl-generator/scripts/ci/generate_keystores_wrong_hostnames.sh
echo "HOSTNAME_VERIFICATION_DISABLED=true" >> "$GITHUB_ENV"
else
bash ${{ env.CI_WORKSPACE }}/alfresco-ssl-generator/scripts/ci/generate_keystores.sh
echo "HOSTNAME_VERIFICATION_DISABLED=false" >> "$GITHUB_ENV"
fi
- name: "Set up the environment"
run: |
if [ -e ./scripts/ci/tests/${{ matrix.testSuite }}-setup.sh ]; then