Skip to content

Commit

Permalink
Merge pull request #744 from catenax-ng/update-build-yml-to-develop
Browse files Browse the repository at this point in the history 
update build.yml file to the develop version
  • Loading branch information
@ndr-brt
ndr-brt authored Feb 13, 2023
2 parents 1793103 + 9c87591 commit 6c0cfd4
Show file tree
Hide file tree
Showing 2 changed files with 151 additions and 83 deletions.
97 changes: 16 additions & 81 deletions .github/workflows/build.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,43 +10,41 @@ on:
- '[0-9]+.[0-9]+.[0-9]+'
release:
types:
- released
- published
pull_request:
paths-ignore:
- 'charts/**'
- 'docs/**'
- '**/*.md'
branches:
- '*'
workflow_dispatch:

jobs:
secret-presence:
runs-on: ubuntu-latest
outputs:
CXNG_GHCR_PAT: ${{ steps.secret-presence.outputs.CXNG_GHCR_PAT }}
ORG_VERACODE_API_ID: ${{ steps.secret-presence.outputs.ORG_VERACODE_API_ID }}
ORG_VERACODE_API_KEY: ${{ steps.secret-presence.outputs.ORG_VERACODE_API_KEY }}
SONAR_TOKEN: ${{ steps.secret-presence.outputs.SONAR_TOKEN }}
steps:
-
name: Check whether secrets exist
id: secret-presence
run: |
[ ! -z "${{ secrets.CXNG_GHCR_PAT }}" ] && echo "::set-output name=CXNG_GHCR_PAT::true"
[ ! -z "${{ secrets.ORG_VERACODE_API_ID }}" ] && echo "::set-output name=ORG_VERACODE_API_ID::true"
[ ! -z "${{ secrets.ORG_VERACODE_API_KEY }}" ] && echo "::set-output name=ORG_VERACODE_API_KEY::true"
[ ! -z "${{ secrets.SONAR_TOKEN }}" ] && echo "::set-output name=SONAR_TOKEN::true"
exit 0
verify-formatting:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v3.3.0
with:
fetch-depth: 0
-
name: Set up JDK 11
uses: actions/setup-java@v3.5.1
uses: actions/setup-java@v3.10.0
with:
java-version: '11'
distribution: 'adopt'
Expand All @@ -64,23 +62,16 @@ jobs:
# Set-Up
-
name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v3.3.0
with:
fetch-depth: 0
-
name: Set up JDK 11
uses: actions/setup-java@v3.5.1
uses: actions/setup-java@v3.10.0
with:
java-version: '11'
distribution: 'adopt'
cache: 'maven'
-
name: Init git submodule
run: git submodule update --init
-
name: Build edc with Gradle to get specific snapshot
run: ./gradlew publishToMavenLocal -Pskip.signing=true -PedcVersion=0.0.1-20220922-SNAPSHOT -xjavadoc
working-directory: edc
-
name: Cache SonarCloud packages
uses: actions/cache@v3
Expand All @@ -102,30 +93,22 @@ jobs:
-Dsonar.host.url=https://sonarcloud.io \
-Dsonar.coverage.jacoco.xmlReportPaths=${GITHUB_WORKSPACE}/edc-tests/target/site/jacoco-aggregate/jacoco.xml \
-Dsonar.verbose=true
build-extensions:
runs-on: ubuntu-latest
needs: [ secret-presence, verify-formatting ]
steps:
# Set-Up
-
name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v3.3.0
-
name: Set up JDK 11
uses: actions/setup-java@v3.5.1
uses: actions/setup-java@v3.10.0
with:
java-version: '11'
distribution: 'adopt'
cache: 'maven'
# Build
-
name: Init git submodule
run: git submodule update --init
-
name: Build edc with Gradle to get specific snapshot
run: ./gradlew publishToMavenLocal -Pskip.signing=true -PedcVersion=0.0.1-20220922-SNAPSHOT -xjavadoc
working-directory: edc
-
name: Build Extensions
run: |-
Expand All @@ -148,7 +131,7 @@ jobs:
# Set-Up
-
name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v3.3.0
-
name: Login to GitHub Container Registry
if: |
Expand All @@ -160,19 +143,12 @@ jobs:
password: ${{ secrets.CXNG_GHCR_PAT }}
-
name: Set up JDK 11
uses: actions/setup-java@v3.5.1
uses: actions/setup-java@v3.10.0
with:
java-version: '11'
distribution: 'adopt'
cache: 'maven'
# Build
-
name: Init git submodule
run: git submodule update --init
-
name: Build edc with Gradle to get specific snapshot
run: ./gradlew publishToMavenLocal -Pskip.signing=true -PedcVersion=0.0.1-20220922-SNAPSHOT -xjavadoc
working-directory: edc
-
name: Build Controlplane
run: |-
Expand All @@ -195,7 +171,7 @@ jobs:
type=sha
-
name: Build Docker Image
uses: docker/build-push-action@v3
uses: docker/build-push-action@v4
with:
context: .
file: edc-controlplane/${{ matrix.name }}/src/main/docker/Dockerfile
Expand All @@ -206,23 +182,6 @@ jobs:
${{ (needs.secret-presence.outputs.CXNG_GHCR_PAT && github.event_name != 'pull_request' && 'true') || 'false' }}
tags: ${{ steps.edc_controlplane_meta.outputs.tags }}
labels: ${{ steps.edc_controlplane_meta.outputs.labels }}
-
name: Veracode Upload And Scan
uses: veracode/[email protected]
if: |
needs.secret-presence.outputs.ORG_VERACODE_API_ID && needs.secret-presence.outputs.ORG_VERACODE_API_KEY && contains('
refs/heads/develop
refs/heads/release/
refs/tags/
refs/heads/main', github.ref)
continue-on-error: true
with:
appname: product-edc/${{ matrix.name }}
createprofile: true
version: ${{ github.ref }}-${{ github.sha }}
filepath: edc-controlplane/${{ matrix.name }}/target/${{ matrix.name }}.jar
vid: ${{ secrets.ORG_VERACODE_API_ID }}
vkey: ${{ secrets.ORG_VERACODE_API_KEY }}

build-dataplane:
runs-on: ubuntu-latest
Expand All @@ -237,7 +196,7 @@ jobs:
# Set-Up
-
name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v3.3.0
-
name: Login to GitHub Container Registry
if: |
Expand All @@ -249,19 +208,12 @@ jobs:
password: ${{ secrets.CXNG_GHCR_PAT }}
-
name: Set up JDK 11
uses: actions/setup-java@v3.5.1
uses: actions/setup-java@v3.10.0
with:
java-version: '11'
distribution: 'adopt'
cache: 'maven'
# Build
-
name: Init git submodule
run: git submodule update --init
-
name: Build edc with Gradle to get specific snapshot
run: ./gradlew publishToMavenLocal -Pskip.signing=true -PedcVersion=0.0.1-20220922-SNAPSHOT -xjavadoc
working-directory: edc
-
name: Build Dataplane
run: |-
Expand All @@ -284,7 +236,7 @@ jobs:
type=sha
-
name: Build Docker Image
uses: docker/build-push-action@v3
uses: docker/build-push-action@v4
with:
context: .
file: edc-dataplane/${{ matrix.name }}/src/main/docker/Dockerfile
Expand All @@ -295,20 +247,3 @@ jobs:
${{ (needs.secret-presence.outputs.CXNG_GHCR_PAT && github.event_name != 'pull_request' && 'true') || 'false' }}
tags: ${{ steps.edc_dataplane_meta.outputs.tags }}
labels: ${{ steps.edc_dataplane_meta.outputs.labels }}
-
name: Veracode Upload And Scan
uses: veracode/[email protected]
if: |
needs.secret-presence.outputs.ORG_VERACODE_API_ID && needs.secret-presence.outputs.ORG_VERACODE_API_KEY && contains('
refs/heads/develop
refs/heads/release/
refs/tags/
refs/heads/main', github.ref)
continue-on-error: true
with:
appname: product-edc/${{ matrix.name }}
createprofile: true
version: ${{ github.ref }}-${{ github.sha }}
filepath: edc-dataplane/${{ matrix.name }}/target/${{ matrix.name }}.jar
vid: ${{ secrets.ORG_VERACODE_API_ID }}
vkey: ${{ secrets.ORG_VERACODE_API_KEY }}
137 changes: 135 additions & 2 deletions .github/workflows/veracode.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,135 @@
# file to satisfy check in https://gh-org-checks.core.demo.catena-x.net/
# veracode runs inside the build.yaml
---
name: "Veracode"

on:
schedule:
- cron: '0 2 * * *'
workflow_dispatch:

jobs:
secret-presence:
runs-on: ubuntu-latest
outputs:
ORG_VERACODE_API_ID: ${{ steps.secret-presence.outputs.ORG_VERACODE_API_ID }}
ORG_VERACODE_API_KEY: ${{ steps.secret-presence.outputs.ORG_VERACODE_API_KEY }}
steps:
-
name: Check whether secrets exist
id: secret-presence
run: |
[ ! -z "${{ secrets.ORG_VERACODE_API_ID }}" ] && echo "::set-output name=ORG_VERACODE_API_ID::true"
[ ! -z "${{ secrets.ORG_VERACODE_API_KEY }}" ] && echo "::set-output name=ORG_VERACODE_API_KEY::true"
exit 0
verify-formatting:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/[email protected]
with:
fetch-depth: 0
-
name: Set up JDK 11
uses: actions/[email protected]
with:
java-version: '11'
distribution: 'adopt'
cache: 'maven'
-
name: Verify proper formatting
run: ./mvnw -s settings.xml -B spotless:check

build-controlplane:
runs-on: ubuntu-latest
needs: [ secret-presence, verify-formatting ]
strategy:
fail-fast: false
matrix:
name:
- edc-controlplane-memory
- edc-controlplane-postgresql
- edc-controlplane-postgresql-hashicorp-vault
steps:
# Set-Up
-
name: Checkout
uses: actions/[email protected]
-
name: Set up JDK 11
uses: actions/[email protected]
with:
java-version: '11'
distribution: 'adopt'
cache: 'maven'
# Build
-
name: Build Controlplane
run: |-
./mvnw -s settings.xml -B -pl .,edc-controlplane/${{ matrix.name }} -am package
env:
GITHUB_PACKAGE_USERNAME: ${{ github.actor }}
GITHUB_PACKAGE_PASSWORD: ${{ secrets.CXNG_GHCR_PAT }}
-
name: Tar gzip files for veracode upload
run: |-
tar -czvf edc-controlplane/${{ matrix.name }}/target/${{ matrix.name }}.tar.gz edc-controlplane/${{ matrix.name }}/target/${{ matrix.name }}.jar edc-controlplane/${{ matrix.name }}/target/lib/*.jar
-
name: Veracode Upload And Scan
uses: veracode/[email protected]
if: |
needs.secret-presence.outputs.ORG_VERACODE_API_ID && needs.secret-presence.outputs.ORG_VERACODE_API_KEY
continue-on-error: true
with:
appname: product-edc/${{ matrix.name }}
createprofile: true
version: ${{ matrix.name }}-${{ github.sha }}
filepath: edc-controlplane/${{ matrix.name }}/target/${{ matrix.name }}.tar.gz
vid: ${{ secrets.ORG_VERACODE_API_ID }}
vkey: ${{ secrets.ORG_VERACODE_API_KEY }}

build-dataplane:
runs-on: ubuntu-latest
needs: [ secret-presence, verify-formatting ]
strategy:
fail-fast: false
matrix:
name:
- edc-dataplane-azure-vault
- edc-dataplane-hashicorp-vault
steps:
# Set-Up
-
name: Checkout
uses: actions/[email protected]
-
name: Set up JDK 11
uses: actions/[email protected]
with:
java-version: '11'
distribution: 'adopt'
cache: 'maven'
# Build
-
name: Build Dataplane
run: |-
./mvnw -s settings.xml -B -pl .,edc-dataplane/${{ matrix.name }} -am package
env:
GITHUB_PACKAGE_USERNAME: ${{ github.actor }}
GITHUB_PACKAGE_PASSWORD: ${{ secrets.CXNG_GHCR_PAT }}
-
name: Tar gzip files for veracode upload
run: |-
tar -czvf edc-dataplane/${{ matrix.name }}/target/${{ matrix.name }}.tar.gz edc-dataplane/${{ matrix.name }}/target/${{ matrix.name }}.jar edc-dataplane/${{ matrix.name }}/target/lib/*.jar
-
name: Veracode Upload And Scan
uses: veracode/[email protected]
if: |
needs.secret-presence.outputs.ORG_VERACODE_API_ID && needs.secret-presence.outputs.ORG_VERACODE_API_KEY
continue-on-error: true
with:
appname: product-edc/${{ matrix.name }}
createprofile: true
version: ${{ matrix.name }}-${{ github.sha }}
filepath: edc-dataplane/${{ matrix.name }}/target/${{ matrix.name }}.tar.gz
vid: ${{ secrets.ORG_VERACODE_API_ID }}
vkey: ${{ secrets.ORG_VERACODE_API_KEY }}

0 comments on commit 6c0cfd4

Please sign in to comment.