diff --git a/.ci/PublishHelmChart/Jenkinsfile_PublishHelmChart b/.ci/PublishHelmChart/Jenkinsfile_PublishHelmChart index 8f62b3c5d84..71e387d7bc0 100644 --- a/.ci/PublishHelmChart/Jenkinsfile_PublishHelmChart +++ b/.ci/PublishHelmChart/Jenkinsfile_PublishHelmChart @@ -1,29 +1,34 @@ #! groovy @Library('corda-shared-build-pipeline-steps@5.1') _ +import com.r3.build.agents.KubernetesAgent import com.r3.build.enums.BuildEnvironment +import com.r3.build.enums.KubernetesCluster import com.r3.build.utils.PublishingUtils -int cpus = 1 -BuildEnvironment buildEnvironment = BuildEnvironment.AMD64_LINUX_JAVA17 +/** + * Jenkins Kubernetes agent + */ +KubernetesAgent k8s = new KubernetesAgent( + BuildEnvironment.AMD64_LINUX_JAVA17, + KubernetesCluster.JenkinsAgents, + 1 +) PublishingUtils publishingUtils = new PublishingUtils(this) pipeline { agent { kubernetes { - cloud "eks-e2e" - yaml kubernetesBuildAgentYaml('build', buildEnvironment, cpus) + cloud k8s.buildCluster.cloudName + yaml k8s.JSON yamlMergeStrategy merge() // important to keep tolerations from the inherited template idleMinutes 15 podRetention always() - label ([ - "gradle-build", - "${cpus}cpus", - "${buildEnvironment.jenkinsLabel}" - ].join('-')) + nodeSelector k8s.nodeSelector + label k8s.jenkinsLabel showRawYaml false - defaultContainer 'build' + defaultContainer k8s.defaultContainer.name } } diff --git a/.ci/e2eTests/JenkinsfileCombinedWorker b/.ci/e2eTests/JenkinsfileCombinedWorker index 46f087b1567..f78de78a232 100644 --- a/.ci/e2eTests/JenkinsfileCombinedWorker +++ b/.ci/e2eTests/JenkinsfileCombinedWorker @@ -90,7 +90,7 @@ pipeline { REST_TLS_PATH = "${env.WORKSPACE}/applications/workers/release/combined-worker/tls/rest/rest_worker.pfx" VM_PARAMETERS = "-Dco.paralleluniverse.fibers.verifyInstrumentation=true" LOG4J_PARAMETERS = "-Dlog4j.configurationFile=log4j2-console.xml" - PROGRAM_PARAMETERS = "--instance-id=0 -mbus.busType=DATABASE -spassphrase=password -ssalt=salt -ddatabase.user=u${postgresDb} -ddatabase.pass=password -ddatabase.jdbc.url=jdbc:postgresql://${postgresHost}:${postgresPort}/${postgresDb} -ddatabase.jdbc.directory=${JDBC_PATH} -rtls.keystore.path=${REST_TLS_PATH} -rtls.keystore.password=mySecretPassword --serviceEndpoint=endpoints.crypto=localhost:7004 --serviceEndpoint=endpoints.verification=localhost:7004 --serviceEndpoint=endpoints.uniqueness=localhost:7004 --serviceEndpoint=endpoints.persistence=localhost:7004" + PROGRAM_PARAMETERS = "--instance-id=0 -mbus.busType=DATABASE -spassphrase=password -ssalt=salt -ddatabase.user=u${postgresDb} -ddatabase.pass=password -ddatabase.jdbc.url=jdbc:postgresql://${postgresHost}:${postgresPort}/${postgresDb} -ddatabase.jdbc.directory=${JDBC_PATH} -rtls.keystore.path=${REST_TLS_PATH} -rtls.keystore.password=mySecretPassword --serviceEndpoint=endpoints.crypto=localhost:7004 --serviceEndpoint=endpoints.verification=localhost:7004 --serviceEndpoint=endpoints.uniqueness=localhost:7004 --serviceEndpoint=endpoints.persistence=localhost:7004 --serviceEndpoint=endpoints.tokenSelection=localhost:7004" WORKING_DIRECTORY = "${env.WORKSPACE}" } steps { diff --git a/.ci/e2eTests/JenkinsfileMultiClusterTest b/.ci/e2eTests/JenkinsfileMultiClusterTest deleted file mode 100644 index ba8376e3abb..00000000000 --- a/.ci/e2eTests/JenkinsfileMultiClusterTest +++ /dev/null @@ -1,10 +0,0 @@ -@Library('corda-shared-build-pipeline-steps@5.1') _ - -endToEndPipeline( - dailyBuildCron: '0 */12 * * *', - multiCluster: true, - gradleTestTargetsToExecute: ['smokeTest', 'e2eTest'], - usePackagedCordaHelmChart: false, - gradleAdditionalArgs : '-PrunMultiClusterTests -Dscan.tag.MultiCluster', - javaVersion: '17' -) diff --git a/.ci/e2eTests/corda.yaml b/.ci/e2eTests/corda.yaml index 0d59d0f3b00..91186fe7b21 100644 --- a/.ci/e2eTests/corda.yaml +++ b/.ci/e2eTests/corda.yaml @@ -7,6 +7,28 @@ bootstrap: valueFrom: secretKeyRef: key: "postgres-password" + stateManager: + flow: + username: + value: "state-manager-user" + password: + valueFrom: + secretKeyRef: + key: "password" + flowMapper: + username: + value: "state-manager-user" + password: + valueFrom: + secretKeyRef: + key: "password" + tokenSelection: + username: + value: "state-manager-user" + password: + valueFrom: + secretKeyRef: + key: "password" kafka: sasl: username: @@ -73,6 +95,15 @@ workers: secretKeyRef: name: "kafka-credentials" key: "flow" + stateManager: + db: + name: state-manager + username: + value: "state-manager-user" + password: + valueFrom: + secretKeyRef: + key: "password" flowMapper: kafka: sasl: @@ -83,6 +114,15 @@ workers: secretKeyRef: name: "kafka-credentials" key: "flowMapper" + stateManager: + db: + name: state-manager + username: + value: "state-manager-user" + password: + valueFrom: + secretKeyRef: + key: "password" verification: kafka: sasl: @@ -143,6 +183,15 @@ workers: secretKeyRef: name: "kafka-credentials" key: "tokenSelection" + stateManager: + db: + name: state-manager + username: + value: "state-manager-user" + password: + valueFrom: + secretKeyRef: + key: "password" rest: kafka: sasl: diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 861051ac939..734204008da 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,107 +1 @@ - -# Build scripts should be audited by BLT - -Jenkinsfile @corda/blt -.ci/** @corda/blt - -*.gradle @corda/blt -gradle.properties @corda/corda5-team-leads -gradle/* @corda/blt - -.github/** @corda/blt -CODEOWNERS @corda/blt @corda/corda5-team-leads - -# Modules to be audited by REST team -/applications/workers/release/rest-worker/ @corda/rest -/components/rest-gateway-comp/ @corda/rest -/components/permissions/ @corda/rest -/components/rbac-security-manager-service/ @corda/rest -/libs/rest/ @corda/rest -/libs/permissions/ @corda/rest -/processors/rest-processor/ @corda/rest -/tools/plugins/initial-rbac/ @corda/rest -/tools/plugins/plugins-rest/ @corda/rest -/tools/plugins/virtual-node/ @corda/rest - -# Corda Helm chart for cluster management team -/charts/corda/ @corda/cluster-management - -# Modules to be audited by the Network team -/applications/workers/release/p2p-gateway-worker/ @corda/corda-platform-network-team -/applications/workers/release/p2p-link-manager-worker/ @corda/corda-platform-network-team -/applications/workers/release/member-worker/ @corda/corda-platform-network-team -/processors/link-manager-processor/ @corda/corda-platform-network-team -/processors/gateway-processor/ @corda/corda-platform-network-team -/processors/member-processor/ @corda/corda-platform-network-team -/components/gateway/ @corda/corda-platform-network-team -/components/link-manager/ @corda/corda-platform-network-team -/components/membership/ @corda/corda-platform-network-team -/libs/membership/ @corda/corda-platform-network-team -/libs/p2p-crypto/ @corda/corda-platform-network-team -/libs/layered-property-map/ @corda/corda-platform-network-team -/tools/plugins/mgm/ @corda/corda-platform-network-team -/tools/plugins/network/ @corda/corda-platform-network-team -/applications/tools/p2p-test/ @corda/corda-platform-network-team - -# Modules to be audited by Sandboxing SMEs -/components/security-manager/ @corda/sandboxing -/components/virtual-node/sandbox-* @corda/sandboxing -/components/sandbox* @corda/sandboxing -/libs/virtual-node/sandbox-* @corda/sandboxing -/osgi-* @corda/sandboxing -/testing/sandboxes/ @corda/sandboxing -/testing/sandboxes-testkit/ @corda/sandboxing -/testing/security-manager-utilities/ @corda/sandboxing - -# Modules to be audited by Crypto SMEs -/components/crypto/ @corda/crypto -/libs/crypto/ @corda/crypto -/processors/crypto/ @corda/crypto - -# Modules to be audited by Packaging SMEs -/components/chunking/ @corda/packaging -/components/virtual-node/cpi-* @corda/packaging -/components/virtual-node/cpk-* @corda/packaging -/libs/chunking/ @corda/packaging -/libs/packaging/ @corda/packaging -/libs/serialization/ @corda/packaging -/libs/virtual-node/cpi-* @corda/packaging -/testing/packaging-test-utilities/ @corda/packaging -/tools/plugins/package @corda/packaging - -# Modules to be audited by DB SMEs -/components/db/ @corda/db -/components/persistence/ @corda/db -/components/reconciliation/ @corda/db -/libs/db/ @corda/db -/processors/db/ @corda/db -/testing/persistence-testkit/ @corda/db -/tools/plugins/db-config @corda/db - -# Modules to be audited by Flow Worker team -/components/flow/ @corda/flow-worker -/libs/flows/ @corda/flow-worker -/libs/lifecycle/ @corda/flow-worker -/libs/messaging/ @corda/flow-worker -/libs/application/application-impl/ @corda/flow-worker -/processors/flow-processor/ @corda/flow-worker -/testing/flow/ @corda/flow-worker -/testing/message-patterns/ @corda/flow-worker -/applications/workers/release/flow-worker @corda/flow-worker - -# Modules to be audited by Ledger SMEs -/components/ledger/ @corda/ledger -/libs/ledger/ @corda/ledger -/testing/ledger/ @corda/ledger - -# Modules to be audited by Notary SMEs -/components/uniqueness/ @corda/notaries -/libs/uniqueness/ @corda/notaries -/notary-plugins/ @corda/notaries -/processors/uniqueness-processor/ @corda/notaries -/testing/uniqueness/ @corda/notaries - -# Ledger token selection files to be reviewed by the REST team -# This needs to be after the ledger rules to partially override those -/components/ledger/ledger-utxo-token-cache @corda/rest -/components/ledger/ledger-utxo-flow/src/main/kotlin/net/corda/ledger/utxo/impl/token @corda/rest +* @driessamyn @jasonbyrner3 @dimosr @ronanbrowne @rick-r3 @simon-johnson-r3 @blsemo @Omar-awad @aditisdesai @vinir3 @vkolomeyko @thiagoviana @Sakpal diff --git a/.github/workflows/remove-stale-branches.yml b/.github/workflows/remove-stale-branches.yml new file mode 100644 index 00000000000..25dd1b9f8c4 --- /dev/null +++ b/.github/workflows/remove-stale-branches.yml @@ -0,0 +1,19 @@ +name: 'Remove stale branches' +on: + schedule: + - cron: '0 0 * * 1-5' + +jobs: + remove-stale-branches: + name: Remove stale branches + runs-on: ubuntu-latest + steps: + - uses: fpicalausa/remove-stale-branches@v1.5.8 + with: + dry-run: true + days-before-branch-stale: 30 + days-before-branch-delete: 14 + stale-branch-message: "@{author} The branch [{branchName}]({branchUrl}) hasn't been updated in the last 30 days and is marked as stale. It will be removed in 14 days.\r\nIf you want to keep this branch around, delete this comment or add new commits to this branch." + exempt-protected-branches: true + exempt-branches-regex: "^(release\\/|feature\\/|poc\\/).*" + operations-per-run: 30 diff --git a/.run/Combined Worker Local.run.xml b/.run/Combined Worker Local.run.xml index ec8e493d59d..c518d5853f4 100644 --- a/.run/Combined Worker Local.run.xml +++ b/.run/Combined Worker Local.run.xml @@ -2,7 +2,7 @@