-
Notifications
You must be signed in to change notification settings - Fork 0
174 lines (145 loc) · 5.8 KB
/
pushImage.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
name: Push Image Workflow
on:
workflow_dispatch:
create:
push:
branches:
- release/**
- develop
paths-ignore:
- "*.md"
env:
AWS_REGION: eu-west-2
jobs:
test:
runs-on: ubuntu-latest
# Need to check here as create event can't be filtered by branch name: https://github.com/orgs/community/discussions/54860
if: github.ref == 'refs/heads/develop' || startsWith(github.ref, 'refs/heads/release')
steps:
- uses: actions/checkout@v3
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: "17"
distribution: "temurin"
cache: maven
- name: Build with Maven
run: mvn -B package --file pom.xml
- name: DependencyCheck
uses: dependency-check/Dependency-Check_Action@main
env:
JAVA_HOME: /opt/jdk
id: DependencyCheck
with:
project: "GAP-apply-admin-backend"
path: "."
format: "HTML"
args: >
--enableRetired
--disableOssIndex true
- name: Upload Test results
uses: actions/upload-artifact@master
with:
name: DependencyCheck report
path: ${{github.workspace}}/reports
build:
# Need to check here as create event can't be filtered by branch name: https://github.com/orgs/community/discussions/54860
if: github.ref == 'refs/heads/develop' || startsWith(github.ref, 'refs/heads/release')
runs-on: ubuntu-latest
outputs:
docker-image-name: ${{ steps.docker-image-name.outputs.name }}
steps:
- uses: actions/checkout@v3
with:
# Fetch all commits since we use the total commit count to determine the build version
fetch-depth: 0
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: "17"
distribution: "temurin"
cache: maven
- name: Setup AWS credentials
uses: aws-actions/configure-aws-credentials@v1-node16
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
- name: Login to AWS ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Determine & set BUILD_VERSION
run: |
GIT_COUNT=$(git rev-list $GITHUB_SHA --count)
echo "BUILD_VERSION=b_$GIT_COUNT" >> $GITHUB_ENV
echo BUILD_VERSION is ${{ env.BUILD_VERSION }}
- name: Build project
run: |
./mvnw package
- name: Build Docker image
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
run: docker build --tag $ECR_REGISTRY/gap-apply-admin-backend:${{ env.BUILD_VERSION }} .
- name: Generate Docker image name
id: docker-image-name
run: |
NAME=${{ (github.ref == 'refs/heads/develop' && 'admin-api-dev-image') || (startsWith(github.ref, 'refs/heads/release') && 'admin-api-qa-image') }}
echo "name=$NAME" >> $GITHUB_OUTPUT
- name: Save Docker image
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
run: docker save --output ${{ steps.docker-image-name.outputs.name }}.tar $ECR_REGISTRY/gap-apply-admin-backend:${{ env.BUILD_VERSION }}
- name: Upload Docker image
uses: actions/upload-artifact@v3
with:
name: ${{ steps.docker-image-name.outputs.name }}
path: ${{ steps.docker-image-name.outputs.name }}.tar
retention-days: 1
deploy:
environment: AWS
runs-on: ubuntu-latest
needs: [build, test]
steps:
- uses: actions/checkout@v3
with:
# Fetch all commits since we use the total commit count to determine the build version
fetch-depth: 0
- name: Setup AWS credentials
uses: aws-actions/configure-aws-credentials@v1-node16
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
- name: Login to AWS ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Determine & set BUILD_VERSION
run: |
GIT_COUNT=$(git rev-list $GITHUB_SHA --count)
echo "BUILD_VERSION=b_$GIT_COUNT" >> $GITHUB_ENV
echo BUILD_VERSION is ${{ env.BUILD_VERSION }}
- name: Download Docker image
uses: actions/download-artifact@v3
with:
name: ${{ needs.build.outputs.docker-image-name }}
- name: Load Docker image
run: docker load --input ${{ needs.build.outputs.docker-image-name }}.tar
- name: Push Docker image to AWS ECR
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
run: docker push $ECR_REGISTRY/gap-apply-admin-backend:${{ env.BUILD_VERSION }}
- name: Create env tag
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
run: |
ENV_TAG=${{ (github.ref == 'refs/heads/develop' && 'develop') || (startsWith(github.ref, 'refs/heads/release') && 'qa') }}
docker tag $ECR_REGISTRY/gap-apply-admin-backend:${{ env.BUILD_VERSION }} $ECR_REGISTRY/gap-apply-admin-backend:$ENV_TAG
docker push $ECR_REGISTRY/gap-apply-admin-backend:$ENV_TAG
- name: Create release tag - if we are committing to a release branch
if: ${{ startsWith(github.ref, 'refs/heads/release/') }}
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
run: |
RELEASE_VERSION=V_${GITHUB_REF##*/}
docker tag $ECR_REGISTRY/gap-apply-admin-backend:${{ env.BUILD_VERSION }} $ECR_REGISTRY/gap-apply-admin-backend:$RELEASE_VERSION
docker push $ECR_REGISTRY/gap-apply-admin-backend:$RELEASE_VERSION