fd0f23b9cc
* Encrypting the password stored in AuthenticationDTO for every db. * Adding comment to the properties file to denote that adding encryption salt and password are mandatory to the server coming up. * Added the encryption salt and password to server.yml to allow the github actions to succeed. * Adding database migration to encrypt the existing passwords for authentication object (used for storing db connection username/password) Changes to the installation script install.sh: 1. Instead of overwriting the existing encryption password or salt, giving the user an option to conserve the previous encryption credentials to ensure that the developer users do not lose access to their database configurations (passwords). 2. Added another file for writing encryption credentials (encryption.env) to ensure that we dont delete the encryption password and salt by mistake.
85 lines
2.9 KiB
YAML
85 lines
2.9 KiB
YAML
# This workflow is responsible for building, testing & packaging the Java server codebase
|
|
name: Appsmith Server Workflow
|
|
|
|
on:
|
|
push:
|
|
branches: [ release, master ]
|
|
# Only trigger if files have changed in this specific path
|
|
paths:
|
|
- 'app/server/**'
|
|
pull_request:
|
|
branches: [ release, master ]
|
|
paths:
|
|
- 'app/server/**'
|
|
# Change the working directory for all the jobs in this workflow
|
|
defaults:
|
|
run:
|
|
working-directory: app/server
|
|
|
|
jobs:
|
|
build:
|
|
runs-on: ubuntu-latest
|
|
|
|
# Service containers to run with this job. Required for running tests
|
|
services:
|
|
# Label used to access the service container
|
|
redis:
|
|
# Docker Hub image for Redis
|
|
image: redis
|
|
ports:
|
|
# Opens tcp port 6379 on the host and service container
|
|
- 6379:6379
|
|
|
|
steps:
|
|
# Checkout the code
|
|
- uses: actions/checkout@v2
|
|
|
|
# Setup Java
|
|
- name: Set up JDK 1.11
|
|
uses: actions/setup-java@v1
|
|
with:
|
|
java-version: 1.11
|
|
|
|
# Retrieve maven dependencies from cache. After a successful run, these dependencies are cached again
|
|
- name: Cache maven dependencies
|
|
uses: actions/cache@v2
|
|
env:
|
|
cache-name: cache-maven-dependencies
|
|
with:
|
|
# maven dependencies are stored in `~/.m2` on Linux/macOS
|
|
path: ~/.m2
|
|
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
|
|
restore-keys: ${{ runner.os }}-m2
|
|
|
|
# Build and test the code
|
|
- name: Build and test
|
|
env:
|
|
APPSMITH_MONGODB_URI: "mongodb://localhost:27017/mobtools"
|
|
APPSMITH_REDIS_URL: "redis://127.0.0.1:6379"
|
|
APPSMITH_ENCRYPTION_PASSWORD: "password"
|
|
APPSMITH_ENCRYPTION_SALT: "salt"
|
|
run: mvn -B package
|
|
|
|
# Here, the GITHUB_REF is of type /refs/head/<branch_name>. We extract branch_name from this by removing the
|
|
# first 11 characters. This can be used to build images for several branches
|
|
- name: Get the version to tag the Docker image
|
|
id: vars
|
|
run: echo ::set-output name=tag::$(echo ${GITHUB_REF:11})
|
|
|
|
# Build release Docker image and push to Docker Hub
|
|
- name: Push release image to Docker Hub
|
|
if: success() && github.ref == 'refs/heads/release'
|
|
run: |
|
|
docker build -t appsmith/appsmith-server:${{steps.vars.outputs.tag}} .
|
|
echo ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin
|
|
docker push appsmith/appsmith-server
|
|
|
|
# Build master Docker image and push to Docker Hub
|
|
- name: Push master image to Docker Hub with commit tag
|
|
if: success() && github.ref == 'refs/heads/master'
|
|
run: |
|
|
docker build -t appsmith/appsmith-server:${GITHUB_SHA} .
|
|
docker build -t appsmith/appsmith-server:latest .
|
|
echo ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin
|
|
docker push appsmith/appsmith-server
|