Skip to content

[MOSIP-29315]

[MOSIP-29315] #552

Workflow file for this run

name: Maven Package upon a push
on:
push:
branches:
- '!release-branch'
- release-1*
- master
- 1.*
- develop
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up JDK 11
uses: actions/setup-java@v1
with:
ref: ${{ github.ref }}
java-version: 11
server-id: ossrh # Value of the distributionManagement/repository/id field of the pom.xml
settings-path: ${{ github.workspace }} # location for the settings.xml file
- name: Setup branch and env
run: |
# Strip git ref prefix from version
echo "BRANCH_NAME=$(echo ${{ github.ref }} | sed -e 's,.*/\(.*\),\1,')" >> $GITHUB_ENV
echo "GPG_TTY=$(tty)" >> $GITHUB_ENV
- name: Setup branch and GPG public key
run: |
# Strip git ref prefix from version
echo ${{ env.BRANCH_NAME }}
echo ${{ env.GPG_TTY }}
sudo apt-get --yes install gnupg2
gpg2 --import ./.github/keys/mosipgpgkey_pub.gpg
gpg2 --quiet --batch --passphrase=${{secrets.gpg_secret}} --allow-secret-key-import --import ./.github/keys/mosipgpgkey_sec.gpg
- uses: actions/cache@v1
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-${{ env.BRANCH_NAME }}
- name: Setup the settings file for ossrh server
run: echo "<settings> <servers> <server> <id>ossrh</id> <username>${{secrets.ossrh_user}}</username> <password>${{secrets.ossrh_secret}}</password> </server> </servers> <profiles> <profile> <id>ossrh</id> <activation> <activeByDefault>true</activeByDefault> </activation> <properties> <gpg.executable>gpg2</gpg.executable> <gpg.passphrase>${{secrets.gpg_secret}}</gpg.passphrase> </properties> </profile> <profile> <id>allow-snapshots</id> <activation><activeByDefault>true</activeByDefault></activation> <repositories> <repository> <id>snapshots-repo</id> <url>https://oss.sonatype.org/content/repositories/snapshots</url> <releases><enabled>false</enabled></releases> <snapshots><enabled>true</enabled></snapshots> </repository> <repository> <id>releases-repo</id> <url>https://oss.sonatype.org/service/local/staging/deploy/maven2</url> <releases><enabled>true</enabled></releases> <snapshots><enabled>false</enabled></snapshots> </repository> </repositories> </profile> <profile> <id>sonar</id> <properties> <sonar.sources>.</sonar.sources> <sonar.host.url>https://sonarcloud.io</sonar.host.url> </properties> <activation> <activeByDefault>false</activeByDefault> </activation> </profile> </profiles> </settings>" > $GITHUB_WORKSPACE/settings.xml
- name: Build with Maven
run: |
cd partner
mvn -B package --file pom.xml -s $GITHUB_WORKSPACE/settings.xml
- name: Ready the springboot artifacts
run: find -name '*.jar' -executable -type f -exec zip release.zip {} +
- name: Upload the springboot jars
uses: actions/upload-artifact@v1
with:
name: release
path: ./release.zip
- uses: 8398a7/action-slack@v3
with:
status: ${{ job.status }}
fields: repo,message,commit,workflow,job # selectable (default: repo,message)
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} # required
if: failure() # Pick up events even if the job fails or is canceled.
publish_to_nexus:
if: "!contains(github.ref, 'master')"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up JDK 11
uses: actions/setup-java@v1
with:
ref: ${{ github.ref }}
java-version: 11
server-id: ossrh # Value of the distributionManagement/repository/id field of the pom.xml
settings-path: ${{ github.workspace }} # location for the settings.xml file
- name: Setup branch and env
run: |
# Strip git ref prefix from version
echo "BRANCH_NAME=$(echo ${{ github.ref }} | sed -e 's,.*/\(.*\),\1,')" >> $GITHUB_ENV
echo "GPG_TTY=$(tty)" >> $GITHUB_ENV
- name: Setup branch and GPG public key
run: |
# Strip git ref prefix from version
echo ${{ env.BRANCH_NAME }}
echo ${{ env.GPG_TTY }}
sudo apt-get --yes install gnupg2
gpg2 --import ./.github/keys/mosipgpgkey_pub.gpg
gpg2 --quiet --batch --passphrase=${{secrets.gpg_secret}} --allow-secret-key-import --import ./.github/keys/mosipgpgkey_sec.gpg
- uses: actions/cache@v1
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-${{ env.BRANCH_NAME }}
- name: Setup the settings file for ossrh server
run: echo "<settings> <servers> <server> <id>ossrh</id> <username>${{secrets.ossrh_user}}</username> <password>${{secrets.ossrh_secret}}</password> </server> </servers> <profiles> <profile> <id>ossrh</id> <activation> <activeByDefault>true</activeByDefault> </activation> <properties> <gpg.executable>gpg2</gpg.executable> <gpg.passphrase>${{secrets.gpg_secret}}</gpg.passphrase> </properties> </profile> <profile> <id>allow-snapshots</id> <activation><activeByDefault>true</activeByDefault></activation> <repositories> <repository> <id>snapshots-repo</id> <url>https://oss.sonatype.org/content/repositories/snapshots</url> <releases><enabled>false</enabled></releases> <snapshots><enabled>true</enabled></snapshots> </repository> <repository> <id>releases-repo</id> <url>https://oss.sonatype.org/service/local/staging/deploy/maven2</url> <releases><enabled>true</enabled></releases> <snapshots><enabled>false</enabled></snapshots> </repository> </repositories> </profile> </profiles> </settings>" > $GITHUB_WORKSPACE/settings.xml
- name: Install xmllint
run: |
sudo apt-get update
sudo apt-get install libxml2-utils
- name: Build with Maven
run: cd partner && mvn -B package --file pom.xml -s $GITHUB_WORKSPACE/settings.xml
- name: Publish the maven package
run: |
chmod +x ./deploy.sh
cd partner && mvn deploy -s $GITHUB_WORKSPACE/settings.xml -f pom.xml
env:
GPG_TTY: $(tty)
# - uses: 8398a7/action-slack@v3
# with:
# status: ${{ job.status }}
# fields: repo,message,commit,workflow,job # selectable (default: repo,message)
# env:
# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_DEVOPS_WEBHOOK }} # required
# if: failure() # Pick up events even if the job fails or is canceled.D
docker-policy-management-service:
needs: build
runs-on: ubuntu-latest
env:
NAMESPACE: ${{ secrets.dev_namespace_docker_hub }}
SERVICE_NAME: policy-management-service
SERVICE_LOCATION: partner/policy-management-service
steps:
- uses: actions/checkout@v2
- uses: actions/download-artifact@v1
with:
name: release
path: ./
- name: Setup branch name
run: |
# Strip git ref prefix from version
echo "BRANCH_NAME=$(echo ${{ github.ref }} | sed -e 's,.*/\(.*\),\1,')" >> $GITHUB_ENV
echo ${{ env.BRANCH_NAME }}
- name: Get version info from pom
id: getPomVersion
uses: mavrosxristoforos/[email protected]
with:
xml-file: ./${{ env.SERVICE_LOCATION }}/pom.xml
xpath: /*[local-name()="project"]/*[local-name()="version"]
- name: Unzip and extract the policy-management-service
run: unzip -uj "release.zip" "${{ env.SERVICE_LOCATION }}/target/*" -d "./${{ env.SERVICE_LOCATION }}/target"
- name: Get current date
id: date
run: echo "::set-output name=date::$(date +'%Y-%m-%d')"
- name: Build image
run: |
cd "./${{env.SERVICE_LOCATION}}"
docker build . --build-arg SOURCE=mosip --build-arg COMMIT_HASH=$(git rev-parse HEAD) --build-arg COMMIT_ID=$(git rev-parse --short HEAD) --build-arg BUILD_TIME=${{steps.date.outputs.date}} --file Dockerfile --tag ${{ env.SERVICE_NAME }}
- name: Log into registry
run: echo "${{ secrets.release_docker_hub }}" | docker login -u ${{ secrets.actor_docker_hub }} --password-stdin
- name: Push image
run: |
IMAGE_ID=$NAMESPACE/$SERVICE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
echo "push version ${{steps.getPomVersion.outputs.info}}"
if [[ $BRANCH_NAME == master ]]; then
VERSION=latest
else
VERSION=$BRANCH_NAME
fi
echo IMAGE_ID=$IMAGE_ID
echo VERSION=$VERSION
docker tag $SERVICE_NAME $IMAGE_ID:$VERSION
docker push $IMAGE_ID:$VERSION
- uses: 8398a7/action-slack@v3
with:
status: ${{ job.status }}
fields: repo,message,commit,workflow,job # selectable (default: repo,message)
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_DEVOPS_WEBHOOK }} # required
if: failure() # Pick up events even if the job fails or is canceled.
docker-partner-management-service:
needs: build
runs-on: ubuntu-latest
env:
NAMESPACE: ${{ secrets.dev_namespace_docker_hub }}
SERVICE_NAME: partner-management-service
SERVICE_LOCATION: partner/partner-management-service
steps:
- uses: actions/checkout@v2
- uses: actions/download-artifact@v1
with:
name: release
path: ./
- name: Setup branch name
run: |
# Strip git ref prefix from version
echo "BRANCH_NAME=$(echo ${{ github.ref }} | sed -e 's,.*/\(.*\),\1,')" >> $GITHUB_ENV
echo ${{ env.BRANCH_NAME }}
- name: Get version info from pom
id: getPomVersion
uses: mavrosxristoforos/[email protected]
with:
xml-file: ./${{ env.SERVICE_LOCATION }}/pom.xml
xpath: /*[local-name()="project"]/*[local-name()="version"]
- name: Unzip and extract the partner-management-service
run: unzip -uj "release.zip" "${{ env.SERVICE_LOCATION }}/target/*" -d "./${{ env.SERVICE_LOCATION }}/target"
- name: Get current date
id: date
run: echo "::set-output name=date::$(date +'%Y-%m-%d')"
- name: Build image
run: |
cd "./${{env.SERVICE_LOCATION}}"
docker build . --build-arg SOURCE=mosip --build-arg COMMIT_HASH=$(git rev-parse HEAD) --build-arg COMMIT_ID=$(git rev-parse --short HEAD) --build-arg BUILD_TIME=${{steps.date.outputs.date}} --file Dockerfile --tag ${{ env.SERVICE_NAME }}
- name: Log into registry
run: echo "${{ secrets.release_docker_hub }}" | docker login -u ${{ secrets.actor_docker_hub }} --password-stdin
- name: Push image
run: |
IMAGE_ID=$NAMESPACE/$SERVICE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
echo "push version ${{steps.getPomVersion.outputs.info}}"
if [[ $BRANCH_NAME == master ]]; then
VERSION=latest
else
VERSION=$BRANCH_NAME
fi
echo IMAGE_ID=$IMAGE_ID
echo VERSION=$VERSION
docker tag $SERVICE_NAME $IMAGE_ID:$VERSION
docker push $IMAGE_ID:$VERSION
- uses: 8398a7/action-slack@v3
with:
status: ${{ job.status }}
fields: repo,message,commit,workflow,job # selectable (default: repo,message)
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_DEVOPS_WEBHOOK }} # required
if: failure() # Pick up events even if the job fails or is canceled.
sonar_analysis:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up JDK 11
uses: actions/setup-java@v1
with:
ref: ${{ github.ref }}
java-version: 11
server-id: ossrh # Value of the distributionManagement/repository/id field of the pom.xml
settings-path: ${{ github.workspace }} # location for the settings.xml file
- name: Setup branch and env
run: |
# Strip git ref prefix from version
echo "BRANCH_NAME=$(echo ${{ github.ref }} | sed -e 's,.*/\(.*\),\1,')" >> $GITHUB_ENV
echo "GPG_TTY=$(tty)" >> $GITHUB_ENV
- uses: actions/cache@v1
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-${{ env.BRANCH_NAME }}
- name: Setup the settings file for ossrh server
run: echo "<settings> <servers> <server> <id>ossrh</id> <username>${{secrets.ossrh_user}}</username> <password>${{secrets.ossrh_secret}}</password> </server> </servers> <profiles> <profile> <id>ossrh</id> <activation> <activeByDefault>true</activeByDefault> </activation> <properties> <gpg.executable>gpg2</gpg.executable> <gpg.passphrase>${{secrets.gpg_secret}}</gpg.passphrase> </properties> </profile> <profile> <id>allow-snapshots</id> <activation><activeByDefault>true</activeByDefault></activation> <repositories> <repository> <id>snapshots-repo</id> <url>https://oss.sonatype.org/content/repositories/snapshots</url> <releases><enabled>false</enabled></releases> <snapshots><enabled>true</enabled></snapshots> </repository> <repository> <id>releases-repo</id> <url>https://oss.sonatype.org/service/local/staging/deploy/maven2</url> <releases><enabled>true</enabled></releases> <snapshots><enabled>false</enabled></snapshots> </repository> </repositories> </profile> <profile> <id>sonar</id> <properties> <sonar.sources>.</sonar.sources> <sonar.host.url>https://sonarcloud.io</sonar.host.url> </properties> <activation> <activeByDefault>false</activeByDefault> </activation> </profile> </profiles> </settings>" > $GITHUB_WORKSPACE/settings.xml
- name: Build with Maven
run: |
cd partner
mvn -B package --file pom.xml -s $GITHUB_WORKSPACE/settings.xml
- name: Analyze with SonarCloud
run: |
cd partner
mvn -B -Dgpg.skip verify sonar:sonar -Dsonar.projectKey=mosip_${{ github.event.repository.name }} -Dsonar.organization=${{ secrets.ORG_KEY }} -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=${{ secrets.SONAR_TOKEN }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}