Merge pull request #299 from AmericaSCORESBayArea/sandbox

Oct 27, 2024: Sandbox to Production

Author: Aleksandr-v25

.github/workflows/on-push-build-and-deploy.yml

@@ -1,107 +1,130 @@
-# This workflow will build a MuleSoft project and deploy to CloudHub
-
 name: Build and Deploy to Sandbox
 
 on:
   push:
     branches: [ sandbox ]
   workflow_dispatch:
     branches: [ sandbox ]
-    
+
 jobs:
-  build:
+
+  upload_raml:
     runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Set up Python environment
+      uses: actions/setup-python@v5
+      with:
+        python-version: '3.9'
+
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install -r ./scripts/requirements.txt
+
+    - name: Execute exchange-update.py with secrets
+      env:
+        ORGANIZATION_ID: ${{ secrets.EXCHANGE_UPDATE_ORGANIZATION_ID }}
+        API_MANAGER_ENVIRONMENT_ID: ${{ secrets.EXCHANGE_UPDATE_API_MANAGER_ENVIRONMENT_ID }}
+        API_MANAGER_INSTANCE_ID: ${{ secrets.EXCHANGE_UPDATE_API_MANAGER_INSTANCE_ID }}
+        CLIENT_ID: ${{ secrets.EXCHANGE_UPDATE_CLIENT_ID }}
+        CLIENT_SECRET: ${{ secrets.EXCHANGE_UPDATE_CLIENT_SECRET }}
+      run: |
+        cd scripts
+        python exchange-update.py $ORGANIZATION_ID $API_MANAGER_ENVIRONMENT_ID $API_MANAGER_INSTANCE_ID $CLIENT_ID $CLIENT_SECRET
+
+
+
+  build_mule:
+    needs: upload_raml
+    runs-on: ubuntu-latest
+
     steps:
-    - uses: actions/checkout@v2
-    - uses: actions/cache@v1
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Cache Maven repository
+      uses: actions/cache@v4
       with:
         path: ~/.m2/repository
         key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
         restore-keys: |
           ${{ runner.os }}-maven-
-    - name: Set up JDK 1.8
-      uses: actions/setup-java@v1
-      with:
-        java-version: 1.8
-    - name: Add repo credentials
-      uses: s4u/[email protected]
+
+    - name: Set up JDK 17
+      uses: actions/setup-java@v4
       with:
-        servers: |
-          [{
-           "id": "mule-enterprise",
-           "username": "${{ secrets.mule_nexus_username }}",
-           "password": "${{ secrets.mule_nexus_password }}"
-          },
-          {
-           "id": "scores-exchange",
-           "username": "${{ secrets.anypoint_cicd_username }}",
-           "password": "${{ secrets.anypoint_cicd_password }}"
-          }]
-    - name: Insert Secret Properties to the .properties file
+        distribution: 'adopt'
+        java-version: 17
+
+    - name: Set up script permissions
+      run: chmod +x ./scripts/deployment-build.sh
+
+    - name: Execute deployment-build.sh with secrets
       env:
-        SFDC_TKN: ${{ secrets.sfdc_sandbox_integrationuser_tkn }}
-        SFDC_PASSWORD: ${{ secrets.sfdc_sandbox_integrationuser_pwd }}
-        TYPEFORM_CLIENTID: ${{ secrets.typeform_clientid }}
-        TYPEFORM_CLIENTSECRET: ${{ secrets.typeform_clientsecret }}
-        TYPEFORM_TKN: ${{ secrets.typeform_tkn }}
+        KEYSTORE_KEY_PASSWORD: ${{ secrets.KEYSTORE_KEY_PASSWORD }}
+        KEYSTORE_PASSWORD: ${{ secrets.KEYSTORE_PASSWORD }}
       run: |
-        set -e  # Exit immediately if a command exits with a non-zero status
-        echo "Checking if sandbox.properties file exists:"
-        if [ -f src/main/resources/properties/sandbox.properties ]; then
-          echo "sandbox.properties file exists."
-        else
-          echo "Error: sandbox.properties file does not exist."
-          exit 1
-        fi
-  
-        sed -i "s/sfdc.tkn=/sfdc.tkn=${{ secrets.sfdc_sandbox_integrationuser_tkn }}/" src/main/resources/properties/sandbox.properties
-        sed -i "s/sfdc.password=/sfdc.password=${{ secrets.sfdc_sandbox_integrationuser_pwd }}/" src/main/resources/properties/sandbox.properties
-        sed -i "s/typeform.clientid=/typeform.clientid=${{ secrets.typeform_clientid }}/" src/main/resources/properties/sandbox.properties
-        sed -i "s/typeform.clientsecret=/typeform.clientsecret=${{ secrets.typeform_clientsecret }}/" src/main/resources/properties/sandbox.properties
-        sed -i "s/typeform.tkn=/typeform.tkn=${{ secrets.typeform_tkn }}/" src/main/resources/properties/sandbox.properties
-    - name: Print effective-settings
-      run: mvn help:effective-settings
-    - name: Print effective-pom
-      run: mvn help:effective-pom
-    - name: Build with Maven
-      run: mvn -B package --file pom.xml
-    - name: Stamp artifact file name with commit hash
-      run: |
-        artifactName1=$(ls target/*.jar | head -1)
-        commitHash=$(git rev-parse --short "$GITHUB_SHA")
-        artifactName2=$(ls target/*.jar | head -1 | sed "s/.jar/-$commitHash.jar/g")
-        mv $artifactName1 $artifactName2
-    - name: Upload artifact 
-      uses: actions/upload-artifact@master
+        cd scripts
+        ./deployment-build.sh $KEYSTORE_KEY_PASSWORD $KEYSTORE_PASSWORD
+
+    - name: Upload artifact
+      uses: actions/upload-artifact@v4
       with:
-          name: artifacts
-          path: target/*.jar
+        name: artifacts
+        path: ./target/*.jar
 
-  deploy:
-    needs: build
+  deploy_mule:
+    needs: build_mule
     runs-on: ubuntu-latest
-    steps:    
-    - uses: actions/checkout@v2
-    - uses: actions/cache@v1
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Cache Maven repository
+      uses: actions/cache@v4
       with:
         path: ~/.m2/repository
         key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
         restore-keys: |
           ${{ runner.os }}-maven-
-    - uses: actions/download-artifact@master
+
+    - name: Download artifact
+      uses: actions/download-artifact@v4
       with:
         name: artifacts
-    - name: Print effective-settings
-      run: mvn help:effective-settings
+        path: .
+
+    # - name: Print effective-settings
+    #   run: mvn help:effective-settings
+
     - name: Deploy to Sandbox
-      env:
-        USERNAME: ${{ secrets.anypoint_cicd_username }}
-        PASSWORD: ${{ secrets.anypoint_cicd_password }}
-        SFDC_TKN: ${{ secrets.sfdc_sandbox_integrationuser_tkn }}
-        SFDC_PASSWORD: ${{ secrets.sfdc_sandbox_integrationuser_pwd }}
-        TYPEFORM_CLIENTID: ${{ secrets.typeform_clientid }}
-        TYPEFORM_CLIENTSECRET: ${{ secrets.typeform_clientsecret }}
-        TYPEFORM_TKN: ${{ secrets.typeform_tkn }}
       run: |
         artifactName=$(ls *.jar | head -1)
-        mvn deploy -DmuleDeploy -e -Dmule.artifact=$artifactName -Danypoint.username="$USERNAME" -Danypoint.password="$PASSWORD" -Denv=Sandbox -Denv.lowercase=sandbox -Dsfdc.password="$SFDC_SANDBOX_INTEGRATIONUSER_PWD" -Dtypeform.clientid="$TYPEFORM_CLIENTID" -Dtypeform.clientsecret="$TYPEFORM_CLIENTSECRET" -Dtypeform.tkn="$TYPEFORM_TKN" -Dsfdc.tkn="$SFDC_SANDBOX_INTEGRATIONUSER_TKN" -DskipTests
+        echo "Deploying artifact $artifactName to the Sandbox environment."
+        mvn deploy -DmuleDeploy -e -Dmule.artifact=$artifactName \
+          -Danypoint.username="${{ secrets.ANYPOINT_CICD_USERNAME }}" \
+          -Danypoint.password="${{ secrets.ANYPOINT_CICD_PASSWORD }}" \
+          -Dapp.name=sandbox-salesforce-data-api \
+          -Denv=Sandbox \
+          -Denv.lowercase=sandbox \
+          -Dapi.id="${{ secrets.SANDBOX_API_ID }}" \
+          -Dkeystore.key.password="${{ secrets.KEYSTORE_KEY_PASSWORD }}" \
+          -Dkeystore.password="${{ secrets.KEYSTORE_PASSWORD }}" \
+          -Danypoint.platform.client_id="${{ secrets.ANYPOINT_PLATFORM_CLIENT_ID }}" \
+          -Danypoint.platform.client_secret="${{ secrets.ANYPOINT_PLATFORM_CLIENT_SECRET }}" \
+          -Dsfdc.password="${{ secrets.SFDC_SANDBOX_INTEGRATIONUSER_PWD }}" \
+          -Dsfdc.tkn="${{ secrets.SFDC_SANDBOX_INTEGRATIONUSER_TKN }}" \
+          -Dtypeform.clientid="${{ secrets.TYPEFORM_CLIENTID }}" \
+          -Dtypeform.clientsecret="${{ secrets.TYPEFORM_CLIENTSECRET }}" \
+          -Dtypeform.tkn="${{ secrets.TYPEFORM_TKN }}" \
+          -DskipTests
+ 
+
+    - name: Confirm Deployment
+      run: |
+        echo "Deployment to Sandbox completed."

.github/workflows/production-on-push-build-and-deploy.yml

@@ -6,9 +6,174 @@ on:
   workflow_dispatch:
 
 jobs:
-  build-and-deploy:
+
+  upload_raml:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Set up Python environment
+      uses: actions/setup-python@v5
+      with:
+        python-version: '3.9'
+
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install -r ./scripts/requirements.txt
+
+    - name: Execute exchange-update.py with secrets
+      env:
+        ORGANIZATION_ID: ${{ secrets.EXCHANGE_UPDATE_ORGANIZATION_ID }}
+        API_MANAGER_ENVIRONMENT_ID: ${{ secrets.PRODUCTION_EXCHANGE_UPDATE_API_MANAGER_ENVIRONMENT_ID }}
+        API_MANAGER_INSTANCE_ID: ${{ secrets.PRODUCTION_EXCHANGE_UPDATE_API_MANAGER_INSTANCE_ID }}
+        CLIENT_ID: ${{ secrets.EXCHANGE_UPDATE_CLIENT_ID }}
+        CLIENT_SECRET: ${{ secrets.EXCHANGE_UPDATE_CLIENT_SECRET }}
+      run: |
+        cd scripts
+        python exchange-update.py $ORGANIZATION_ID $API_MANAGER_ENVIRONMENT_ID $API_MANAGER_INSTANCE_ID $CLIENT_ID $CLIENT_SECRET
+
+
+
+  build_mule:
+    needs: upload_raml
     runs-on: ubuntu-latest
+
     steps:
-      - name: Print a message
-        run: echo "Hello, this is a test message!"
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Cache Maven repository
+      uses: actions/cache@v4
+      with:
+        path: ~/.m2/repository
+        key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+        restore-keys: |
+          ${{ runner.os }}-maven-
+
+    - name: Set up JDK 17
+      uses: actions/setup-java@v4
+      with:
+        distribution: 'adopt'
+        java-version: 17
+
+    - name: Set up script permissions
+      run: chmod +x ./scripts/deployment-build.sh
+
+    - name: Set up script permissions 2
+      run: chmod +x ./scripts/disable-validations.sh
+
+    - name: Disable validations & execute deployment-build.sh with secrets
+      env:
+        KEYSTORE_KEY_PASSWORD: ${{ secrets.PRODUCTION_KEYSTORE_KEY_PASSWORD }}
+        KEYSTORE_PASSWORD: ${{ secrets.PRODUCTION_KEYSTORE_PASSWORD }}
+      run: |
+        cd scripts
+        ./disable-validations.sh
+        ./deployment-build.sh $KEYSTORE_KEY_PASSWORD $KEYSTORE_PASSWORD
+
+    - name: Upload artifact
+      uses: actions/upload-artifact@v4
+      with:
+        name: artifacts
+        path: ./target/*.jar
+
+  deploy_mule:
+    needs: build_mule
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Cache Maven repository
+      uses: actions/cache@v4
+      with:
+        path: ~/.m2/repository
+        key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+        restore-keys: |
+          ${{ runner.os }}-maven-
+
+    - name: Download artifact
+      uses: actions/download-artifact@v4
+      with:
+        name: artifacts
+        path: .
+
+    # - name: Print effective-settings
+    #   run: mvn help:effective-settings
+
+    - name: Deploy to Production
+      run: |
+        artifactName=$(ls *.jar | head -1)
+        echo "Deploying artifact $artifactName to the Production environment."
+        mvn deploy -DmuleDeploy -e -Dmule.artifact=$artifactName \
+          -Danypoint.username="${{ secrets.ANYPOINT_CICD_USERNAME }}" \
+          -Danypoint.password="${{ secrets.ANYPOINT_CICD_PASSWORD }}" \
+          -Dapp.name=production-salesforce-data-api \
+          -Denv=Production \
+          -Denv.lowercase=production \
+          -Dapi.id="${{ secrets.PRODUCTION_API_ID }}" \
+          -Dkeystore.key.password="${{ secrets.PRODUCTION_KEYSTORE_KEY_PASSWORD }}" \
+          -Dkeystore.password="${{ secrets.PRODUCTION_KEYSTORE_PASSWORD }}" \
+          -Danypoint.platform.client_id="${{ secrets.ANYPOINT_PLATFORM_CLIENT_ID }}" \
+          -Danypoint.platform.client_secret="${{ secrets.ANYPOINT_PLATFORM_CLIENT_SECRET }}" \
+          -Dsfdc.password="${{ secrets.SFDC_PROD_INTEGRATIONUSER_PWD }}" \
+          -Dsfdc.tkn="${{ secrets.SFDC_PROD_INTEGRATIONUSER_TKN }}" \
+          -Dtypeform.clientid="${{ secrets.TYPEFORM_CLIENTID }}" \
+          -Dtypeform.clientsecret="${{ secrets.TYPEFORM_CLIENTSECRET }}" \
+          -Dtypeform.tkn="${{ secrets.TYPEFORM_TKN }}" \
+          -DskipTests
+ 
+
+    - name: Confirm Deployment
+      run: |
+        echo "Deployment to Sandbox completed."
+
+  create-release:
+    needs: deploy_mule
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Execute version.sh to determine new tag
+      id: determine_version
+      run: |
+        chmod +x ./scripts/version.sh
+        new_tag=$(./scripts/version.sh)
+        echo "::set-output name=new_tag::$new_tag"
+
+    - name: Create Release
+      id: create_release
+      uses: actions/create-release@v1
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      with:
+        tag_name: ${{ steps.determine_version.outputs.new_tag }}
+        release_name: Release ${{ steps.determine_version.outputs.new_tag }}
+        body: "Release of the production-salesforce-data-api"
+        draft: false
+        prerelease: false
 
+    - name: Download artifact
+      uses: actions/download-artifact@v4
+      with:
+        name: artifacts
+        path: .
+        
+    - name: Capture artifact file path
+      id: get_file
+      run: echo "FILE_PATH=$(ls ./*.jar)" >> $GITHUB_ENV
+  
+    - name: Upload artifact to release
+      uses: actions/upload-release-asset@v1
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      with:
+        upload_url: ${{ steps.create_release.outputs.upload_url }}
+        asset_path: ${{ env.FILE_PATH }}
+        asset_name: production-salesforce-data-api-${{ steps.determine_version.outputs.new_tag }}.jar
+        asset_content_type: application/java-archive