From 9f00df19753dfab21cea07de9e363f160ac40f3e Mon Sep 17 00:00:00 2001 From: Steffen Waldmann Date: Wed, 17 Dec 2025 12:00:22 +0100 Subject: [PATCH 01/16] `cds add github-actions` --- .github/workflows/cf.yaml | 62 ++++++++++++++++++++++++++++++++++ .github/workflows/release.yaml | 21 ++++++++++++ .github/workflows/test.yaml | 29 ++++++++++++++++ 3 files changed, 112 insertions(+) create mode 100644 .github/workflows/cf.yaml create mode 100644 .github/workflows/release.yaml create mode 100644 .github/workflows/test.yaml diff --git a/.github/workflows/cf.yaml b/.github/workflows/cf.yaml new file mode 100644 index 0000000..d9b159b --- /dev/null +++ b/.github/workflows/cf.yaml @@ -0,0 +1,62 @@ +name: Cloud Foundry + +on: + workflow_call: + inputs: + environment: + default: Staging + type: string + workflow_dispatch: + push: + branches: + - main + +permissions: + contents: read + deployments: write + +concurrency: + group: cf-${{ github.workflow }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +env: + APP_NAME: xtravels +jobs: + deploy: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v5 + - uses: actions/setup-node@v5 + with: + node-version: 22 + - uses: actions/setup-java@v5 + with: + distribution: sapmachine + java-version: 21 + cache: maven + - uses: cap-js/cf-setup@v1 + with: + cf-api: ${{ vars.CF_API }} + cf-org: ${{ vars.CF_ORG }} + cf-space: ${{ vars.CF_SPACE }} + cf-username: ${{ vars.CF_USERNAME }} + cf-password: ${{ secrets.CF_PASSWORD }} + - run: npm install + - run: npx cds up + + - run: cf logs "${{ env.APP_NAME }}" --recent + if: always() + - run: cf logs "${{ env.APP_NAME }}-srv" --recent + if: always() + - run: cf logs "${{ env.APP_NAME }}-db-deployer" --recent + if: always() + + - name: Get application URL + id: route + shell: bash + run: | + host=$(cf app "${APP_NAME}" | awk '/routes:/ {print $2}' | sed -E 's#^https?://##; s/,.*$//') + echo "url=https://$host" >> "$GITHUB_OUTPUT" + environment: + name: ${{ inputs.environment || 'Staging' }} + url: ${{ steps.route.outputs.url }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 0000000..326da44 --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,21 @@ +name: Release + +on: + workflow_dispatch: + release: + types: [published] + +permissions: + contents: read + deployments: write + +jobs: + tests: + uses: capire/xtravels-java/.github/workflows/test.yaml@main + secrets: inherit + deploy-cf: + needs: [tests] + uses: capire/xtravels-java/.github/workflows/cf.yaml@main + secrets: inherit + with: + environment: Production diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml new file mode 100644 index 0000000..88ea15d --- /dev/null +++ b/.github/workflows/test.yaml @@ -0,0 +1,29 @@ +name: Tests + +on: + workflow_call: + workflow_dispatch: + pull_request: + merge_group: + push: + branches: + - main + +permissions: + contents: read + +jobs: + tests: + runs-on: ubuntu-latest + steps: + - uses: actions/setup-node@v5 + with: + node-version: 22 + - uses: actions/checkout@v5 + - run: npm install + - uses: actions/setup-java@v5 + with: + distribution: sapmachine + java-version: 21 + cache: maven + - run: mvn test -B From 3e7290d7622fd2452ba950bd65637388239f4396 Mon Sep 17 00:00:00 2001 From: Steffen Waldmann Date: Wed, 17 Dec 2025 12:37:16 +0100 Subject: [PATCH 02/16] Add pull_request trigger to cf.yaml workflow --- .github/workflows/cf.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/cf.yaml b/.github/workflows/cf.yaml index d9b159b..c3e75ac 100644 --- a/.github/workflows/cf.yaml +++ b/.github/workflows/cf.yaml @@ -10,6 +10,7 @@ on: push: branches: - main + pull_request: permissions: contents: read From aa492fcf92982a64c6c1c671a912847a5f149509 Mon Sep 17 00:00:00 2001 From: Steffen Waldmann Date: Wed, 17 Dec 2025 12:41:10 +0100 Subject: [PATCH 03/16] Add `packages` permission --- .github/workflows/cf.yaml | 1 + .github/workflows/release.yaml | 1 + .github/workflows/test.yaml | 1 + 3 files changed, 3 insertions(+) diff --git a/.github/workflows/cf.yaml b/.github/workflows/cf.yaml index d9b159b..17dfe2b 100644 --- a/.github/workflows/cf.yaml +++ b/.github/workflows/cf.yaml @@ -14,6 +14,7 @@ on: permissions: contents: read deployments: write + packages: read concurrency: group: cf-${{ github.workflow }}-${{ github.head_ref || github.run_id }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 326da44..7395d61 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -8,6 +8,7 @@ on: permissions: contents: read deployments: write + packages: read jobs: tests: diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 88ea15d..d14ed5c 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -11,6 +11,7 @@ on: permissions: contents: read + packages: read jobs: tests: From 305e1bbebf82aecc371d439c8015d2989bafe322 Mon Sep 17 00:00:00 2001 From: Steffen Waldmann Date: Wed, 17 Dec 2025 13:41:33 +0100 Subject: [PATCH 04/16] Add NODE_AUTH_TOKEN --- .github/workflows/cf.yaml | 1 + .github/workflows/test.yaml | 2 ++ 2 files changed, 3 insertions(+) diff --git a/.github/workflows/cf.yaml b/.github/workflows/cf.yaml index d0109d5..fc8e0cf 100644 --- a/.github/workflows/cf.yaml +++ b/.github/workflows/cf.yaml @@ -23,6 +23,7 @@ concurrency: env: APP_NAME: xtravels + NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} jobs: deploy: runs-on: ubuntu-latest diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index d14ed5c..ebbf368 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -22,6 +22,8 @@ jobs: node-version: 22 - uses: actions/checkout@v5 - run: npm install + env: + NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - uses: actions/setup-java@v5 with: distribution: sapmachine From 006a4abb6d07abcff03a15b9227679bcd2db478a Mon Sep 17 00:00:00 2001 From: Steffen Waldmann Date: Wed, 17 Dec 2025 13:44:15 +0100 Subject: [PATCH 05/16] Update .npmrc --- .npmrc | 1 + 1 file changed, 1 insertion(+) diff --git a/.npmrc b/.npmrc index 77ed8bc..217fb77 100644 --- a/.npmrc +++ b/.npmrc @@ -1 +1,2 @@ @capire:registry=https://npm.pkg.github.com/ +//npm.pkg.github.com/:_authToken=${NODE_AUTH_TOKEN} From c3addcd1e3b95c9a05e694334a5d76cdac1b1916 Mon Sep 17 00:00:00 2001 From: Steffen Waldmann Date: Wed, 17 Dec 2025 14:22:34 +0100 Subject: [PATCH 06/16] Set `FORCE_COLOR` --- .github/workflows/cf.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/cf.yaml b/.github/workflows/cf.yaml index fc8e0cf..3364b8f 100644 --- a/.github/workflows/cf.yaml +++ b/.github/workflows/cf.yaml @@ -24,6 +24,7 @@ concurrency: env: APP_NAME: xtravels NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + FORCE_COLOR: true jobs: deploy: runs-on: ubuntu-latest From c38daa0e84f95cdc89feeeef84323e4b80a04ded Mon Sep 17 00:00:00 2001 From: Steffen Waldmann Date: Wed, 21 Jan 2026 17:13:41 +0100 Subject: [PATCH 07/16] Upgrade GitHub Actions to latest versions --- .github/workflows/cf.yaml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/cf.yaml b/.github/workflows/cf.yaml index 3364b8f..6b4e30c 100644 --- a/.github/workflows/cf.yaml +++ b/.github/workflows/cf.yaml @@ -29,8 +29,8 @@ jobs: deploy: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 - - uses: actions/setup-node@v5 + - uses: actions/checkout@v6 + - uses: actions/setup-node@v6 with: node-version: 22 - uses: actions/setup-java@v5 @@ -38,13 +38,13 @@ jobs: distribution: sapmachine java-version: 21 cache: maven - - uses: cap-js/cf-setup@v1 + - uses: cap-js/cf-setup@v2 with: - cf-api: ${{ vars.CF_API }} - cf-org: ${{ vars.CF_ORG }} - cf-space: ${{ vars.CF_SPACE }} - cf-username: ${{ vars.CF_USERNAME }} - cf-password: ${{ secrets.CF_PASSWORD }} + api: ${{ vars.CF_API }} + org: ${{ vars.CF_ORG }} + space: ${{ vars.CF_SPACE }} + username: ${{ vars.CF_USERNAME }} + password: ${{ secrets.CF_PASSWORD }} - run: npm install - run: npx cds up From f7037313a925bfbb120ab94b8d722d3b352577ff Mon Sep 17 00:00:00 2001 From: Steffen Waldmann Date: Wed, 21 Jan 2026 17:14:07 +0100 Subject: [PATCH 08/16] Upgrade GitHub Actions to latest versions --- .github/workflows/test.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index ebbf368..3e8da17 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -17,10 +17,10 @@ jobs: tests: runs-on: ubuntu-latest steps: - - uses: actions/setup-node@v5 + - uses: actions/setup-node@v6 with: node-version: 22 - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - run: npm install env: NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 94e738247ec0123d38ad96dbd916e1879b9b13d8 Mon Sep 17 00:00:00 2001 From: Steffen Waldmann Date: Wed, 4 Feb 2026 10:08:38 +0100 Subject: [PATCH 09/16] temp rm mock users --- srv/src/main/resources/application.yaml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/srv/src/main/resources/application.yaml b/srv/src/main/resources/application.yaml index 3b12bba..2f5cec6 100644 --- a/srv/src/main/resources/application.yaml +++ b/srv/src/main/resources/application.yaml @@ -14,10 +14,6 @@ management: db.enabled: true cds: drafts.enforce-readonly: true - security.mock.users: - admin: - roles: - - admin data-source.csv.paths: - "db/data/**" - "../db/data/**" From 5f6dce689b2fa1105270f9cb5fba6a8f590cb8fa Mon Sep 17 00:00:00 2001 From: Steffen Waldmann Date: Wed, 4 Feb 2026 10:35:09 +0100 Subject: [PATCH 10/16] Update application.yaml --- srv/src/main/resources/application.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/srv/src/main/resources/application.yaml b/srv/src/main/resources/application.yaml index 2f5cec6..3194944 100644 --- a/srv/src/main/resources/application.yaml +++ b/srv/src/main/resources/application.yaml @@ -14,6 +14,10 @@ management: db.enabled: true cds: drafts.enforce-readonly: true + security.mock.users: + admin: + roles: + - admin data-source.csv.paths: - "db/data/**" - "../db/data/**" @@ -23,6 +27,11 @@ cds: - "../node_modules/@capire/**" - "../../node_modules/@capire/**" --- +spring: + config.activate.on-profile: cloud +cds: + security.mock.users: {} +--- spring: config.activate.on-profile: hybrid cds: From 1024a36a1019cdcd30521832fd15c53039ab5837 Mon Sep 17 00:00:00 2001 From: Steffen Waldmann Date: Wed, 4 Feb 2026 10:35:28 +0100 Subject: [PATCH 11/16] Update application.yaml --- srv/src/main/resources/application.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/srv/src/main/resources/application.yaml b/srv/src/main/resources/application.yaml index 3194944..945e3cc 100644 --- a/srv/src/main/resources/application.yaml +++ b/srv/src/main/resources/application.yaml @@ -17,7 +17,7 @@ cds: security.mock.users: admin: roles: - - admin + - admin data-source.csv.paths: - "db/data/**" - "../db/data/**" From 6397550ccbaec77b8e08f249ffdc964ba1a3bc9d Mon Sep 17 00:00:00 2001 From: Steffen Waldmann Date: Wed, 4 Feb 2026 10:46:37 +0100 Subject: [PATCH 12/16] Restore admin roles in security configuration Revert security.mock.users configuration to include admin roles and change profile activation condition. --- srv/src/main/resources/application.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/srv/src/main/resources/application.yaml b/srv/src/main/resources/application.yaml index 945e3cc..135dd3f 100644 --- a/srv/src/main/resources/application.yaml +++ b/srv/src/main/resources/application.yaml @@ -14,10 +14,6 @@ management: db.enabled: true cds: drafts.enforce-readonly: true - security.mock.users: - admin: - roles: - - admin data-source.csv.paths: - "db/data/**" - "../db/data/**" @@ -28,9 +24,13 @@ cds: - "../../node_modules/@capire/**" --- spring: - config.activate.on-profile: cloud + config.activate.on-profile: "!cloud" + cds: - security.mock.users: {} + security.mock.users: + admin: + roles: + - admin --- spring: config.activate.on-profile: hybrid From 229f8be0726db296e1d56b4eaa7b0e0f27795871 Mon Sep 17 00:00:00 2001 From: Steffen Waldmann Date: Wed, 4 Feb 2026 11:22:37 +0100 Subject: [PATCH 13/16] Use `registry-url` in Workflow --- .github/workflows/test.yaml | 4 +--- .npmrc | 1 - 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 3e8da17..68a1a44 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -20,10 +20,8 @@ jobs: - uses: actions/setup-node@v6 with: node-version: 22 + registry-url: https://npm.pkg.github.com/ - uses: actions/checkout@v6 - - run: npm install - env: - NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - uses: actions/setup-java@v5 with: distribution: sapmachine diff --git a/.npmrc b/.npmrc index 217fb77..77ed8bc 100644 --- a/.npmrc +++ b/.npmrc @@ -1,2 +1 @@ @capire:registry=https://npm.pkg.github.com/ -//npm.pkg.github.com/:_authToken=${NODE_AUTH_TOKEN} From 1e51d35a76c78698fb59ffecf686d846116a7e70 Mon Sep 17 00:00:00 2001 From: Steffen Waldmann Date: Wed, 4 Feb 2026 11:25:11 +0100 Subject: [PATCH 14/16] Remove test workflow in favor of maven one --- .github/workflows/release.yaml | 2 +- .github/workflows/test.yaml | 30 ------------------------------ 2 files changed, 1 insertion(+), 31 deletions(-) delete mode 100644 .github/workflows/test.yaml diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 7395d61..76c1143 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -12,7 +12,7 @@ permissions: jobs: tests: - uses: capire/xtravels-java/.github/workflows/test.yaml@main + uses: capire/xtravels-java/.github/workflows/maven.yaml@main secrets: inherit deploy-cf: needs: [tests] diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml deleted file mode 100644 index 68a1a44..0000000 --- a/.github/workflows/test.yaml +++ /dev/null @@ -1,30 +0,0 @@ -name: Tests - -on: - workflow_call: - workflow_dispatch: - pull_request: - merge_group: - push: - branches: - - main - -permissions: - contents: read - packages: read - -jobs: - tests: - runs-on: ubuntu-latest - steps: - - uses: actions/setup-node@v6 - with: - node-version: 22 - registry-url: https://npm.pkg.github.com/ - - uses: actions/checkout@v6 - - uses: actions/setup-java@v5 - with: - distribution: sapmachine - java-version: 21 - cache: maven - - run: mvn test -B From b09d83aa4c491fbdb03d7b25140bd3fa7bc70654 Mon Sep 17 00:00:00 2001 From: Steffen Waldmann Date: Wed, 4 Feb 2026 11:27:19 +0100 Subject: [PATCH 15/16] Update cf.yaml --- .github/workflows/cf.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/cf.yaml b/.github/workflows/cf.yaml index 6b4e30c..e5e7dd5 100644 --- a/.github/workflows/cf.yaml +++ b/.github/workflows/cf.yaml @@ -33,6 +33,7 @@ jobs: - uses: actions/setup-node@v6 with: node-version: 22 + registry-url: https://npm.pkg.github.com/ - uses: actions/setup-java@v5 with: distribution: sapmachine @@ -46,6 +47,9 @@ jobs: username: ${{ vars.CF_USERNAME }} password: ${{ secrets.CF_PASSWORD }} - run: npm install + env: + NODE_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}} + - run: npx cds up - run: cf logs "${{ env.APP_NAME }}" --recent From 86d716d4ab010909fa97bf12073fe643c80d4d24 Mon Sep 17 00:00:00 2001 From: Steffen Waldmann Date: Wed, 4 Feb 2026 13:21:03 +0100 Subject: [PATCH 16/16] Remove pull_request trigger from cf.yaml Removed pull_request trigger from workflow. --- .github/workflows/cf.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/cf.yaml b/.github/workflows/cf.yaml index e5e7dd5..bf1dcf8 100644 --- a/.github/workflows/cf.yaml +++ b/.github/workflows/cf.yaml @@ -10,7 +10,6 @@ on: push: branches: - main - pull_request: permissions: contents: read