v1.2.0.1-B4 #34
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release maven packages and docker upon a release | |
| on: | |
| release: | |
| types: [published] | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: Set up JDK 11 | |
| uses: actions/setup-java@v1 | |
| with: | |
| ref: ${{ github.ref }} | |
| java-version: 11 | |
| server-id: ossrh # Value of the distributionManagement/repository/id field of the pom.xml | |
| settings-path: ${{ github.workspace }} # location for the settings.xml file | |
| - name: Setup branch and GPG public key | |
| run: | | |
| # Strip git ref prefix from version | |
| echo "::set-env name=BRANCH_NAME::$(echo ${{ github.ref }} | sed -e 's,.*/\(.*\),\1,')" | |
| echo ${{ env.BRANCH_NAME }} | |
| echo "::set-env name=GPG_TTY::$(tty)" | |
| echo ${{ env.GPG_TTY }} | |
| sudo apt-get --yes install gnupg2 | |
| gpg2 --import ./.github/keys/mosipgpgkey_pub.gpg | |
| gpg2 --quiet --batch --passphrase=${{secrets.gpg_secret}} --allow-secret-key-import --import ./.github/keys/mosipgpgkey_sec.gpg | |
| - uses: actions/cache@v1 | |
| with: | |
| path: ~/.m2/repository | |
| key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-maven-${{ env.BRANCH_NAME }} | |
| - name: Setup the settings file for ossrh server | |
| run: echo "<settings> <servers> <server> <id>ossrh</id> <username>${{secrets.ossrh_user}}</username> <password>${{secrets.ossrh_secret}}</password> </server> </servers> <profiles> <profile> <id>ossrh</id> <activation> <activeByDefault>true</activeByDefault> </activation> <properties> <gpg.executable>gpg2</gpg.executable> <gpg.passphrase>${{secrets.gpg_secret}}</gpg.passphrase> </properties> </profile> <profile> <id>allow-snapshots</id> <activation><activeByDefault>true</activeByDefault></activation> <repositories> <repository> <id>snapshots-repo</id> <url>https://oss.sonatype.org/content/repositories/snapshots</url> <releases><enabled>false</enabled></releases> <snapshots><enabled>true</enabled></snapshots> </repository> <repository> <id>releases-repo</id> <url>https://oss.sonatype.org/service/local/staging/deploy/maven2</url> <releases><enabled>true</enabled></releases> <snapshots><enabled>false</enabled></snapshots> </repository> </repositories> </profile> <profile> <id>sonar</id> <properties> <sonar.sources>.</sonar.sources> <sonar.host.url>https://sonarcloud.io</sonar.host.url> </properties> <activation> <activeByDefault>false</activeByDefault> </activation> </profile> </profiles> </settings>" > $GITHUB_WORKSPACE/settings.xml | |
| - name: Build with Maven | |
| run: | | |
| cd authentication | |
| mvn -B package -s $GITHUB_WORKSPACE/settings.xml --file pom.xml | |
| - name: Ready the springboot artifacts | |
| run: find -name '*.jar' -executable -type f -exec zip release.zip {} + | |
| - name: Upload the springboot jars | |
| uses: actions/upload-artifact@v1 | |
| with: | |
| name: release | |
| path: ./release.zip | |
| publish_to_nexus: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: Set up JDK 11 | |
| uses: actions/setup-java@v1 | |
| with: | |
| ref: ${{ github.ref }} | |
| java-version: 11 | |
| server-id: ossrh # Value of the distributionManagement/repository/id field of the pom.xml | |
| settings-path: ${{ github.workspace }} # location for the settings.xml file | |
| - name: Setup branch and GPG public key | |
| run: | | |
| # Strip git ref prefix from version | |
| echo "::set-env name=BRANCH_NAME::$(echo ${{ github.ref }} | sed -e 's,.*/\(.*\),\1,')" | |
| echo ${{ env.BRANCH_NAME }} | |
| echo "::set-env name=GPG_TTY::$(tty)" | |
| echo ${{ env.GPG_TTY }} | |
| sudo apt-get --yes install gnupg2 | |
| gpg2 --import ./.github/keys/mosipgpgkey_pub.gpg | |
| gpg2 --quiet --batch --passphrase=${{secrets.gpg_secret}} --allow-secret-key-import --import ./.github/keys/mosipgpgkey_sec.gpg | |
| - uses: actions/cache@v1 | |
| with: | |
| path: ~/.m2/repository | |
| key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-maven-${{ env.BRANCH_NAME }} | |
| - name: Install xmllint | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install libxml2-utils | |
| - name: Setup the settings file for ossrh server | |
| run: echo "<settings> <servers> <server> <id>ossrh</id> <username>${{secrets.ossrh_user}}</username> <password>${{secrets.ossrh_secret}}</password> </server> </servers> <profiles> <profile> <id>ossrh</id> <activation> <activeByDefault>true</activeByDefault> </activation> <properties> <gpg.executable>gpg2</gpg.executable> <gpg.passphrase>${{secrets.gpg_secret}}</gpg.passphrase> </properties> </profile> <profile> <id>allow-snapshots</id> <activation><activeByDefault>true</activeByDefault></activation> <repositories> <repository> <id>snapshots-repo</id> <url>https://oss.sonatype.org/content/repositories/snapshots</url> <releases><enabled>false</enabled></releases> <snapshots><enabled>true</enabled></snapshots> </repository> <repository> <id>releases-repo</id> <url>https://oss.sonatype.org/service/local/staging/deploy/maven2</url> <releases><enabled>true</enabled></releases> <snapshots><enabled>false</enabled></snapshots> </repository> </repositories> </profile> <profile> <id>sonar</id> <properties> <sonar.sources>.</sonar.sources> <sonar.host.url>https://sonarcloud.io</sonar.host.url> </properties> <activation> <activeByDefault>false</activeByDefault> </activation> </profile> </profiles> </settings>" > $GITHUB_WORKSPACE/settings.xml | |
| - name: Build with Maven | |
| run: | | |
| cd authentication | |
| mvn -B package -s $GITHUB_WORKSPACE/settings.xml --file pom.xml | |
| - name: Publish the maven package | |
| run: | | |
| chmod +x ./deploy.sh | |
| ./deploy.sh authentication $GITHUB_WORKSPACE/settings.xml .* | |
| env: | |
| GPG_TTY: $(tty) | |
| - name: Analyze with SonarCloud | |
| run: | | |
| cd authentication | |
| mvn -B verify sonar:sonar -Dsonar.projectKey=${{ secrets.PROJECT_KEY }} -Dsonar.organization=${{ secrets.ORG_KEY }} -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=${{ secrets.SONAR_TOKEN }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| docker-authentication-otp-service: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| env: | |
| NAMESPACE: ${{ secrets.dev_namespace_docker_hub }} | |
| SERVICE_NAME: authentication-otp-service | |
| SERVICE_LOCATION: authentication/authentication-otp-service | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - uses: actions/download-artifact@v1 | |
| with: | |
| name: release | |
| path: ./ | |
| - name: Setup branch name | |
| run: | | |
| # Strip git ref prefix from version | |
| echo "::set-env name=BRANCH_NAME::$(echo ${{ github.ref }} | sed -e 's,.*/\(.*\),\1,')" | |
| echo ${{ env.BRANCH_NAME }} | |
| - name: Get version info from pom | |
| id: getPomVersion | |
| uses: mavrosxristoforos/[email protected] | |
| with: | |
| xml-file: ./${{ env.SERVICE_LOCATION }}/pom.xml | |
| xpath: /*[local-name()="project"]/*[local-name()="version"] | |
| - name: Unzip and extract the authentication-otp-service | |
| run: unzip -uj "release.zip" "${{ env.SERVICE_LOCATION }}/target/*" -d "./${{ env.SERVICE_LOCATION }}/target" | |
| - name: Build image | |
| run: | | |
| cd "./${{env.SERVICE_LOCATION}}" | |
| docker build . --file Dockerfile --tag ${{ env.SERVICE_NAME }} | |
| - name: Log into registry | |
| run: echo "${{ secrets.release_docker_hub }}" | docker login -u ${{ secrets.actor_docker_hub }} --password-stdin | |
| - name: Push image | |
| run: | | |
| IMAGE_ID=$NAMESPACE/$SERVICE_NAME | |
| # Change all uppercase to lowercase | |
| IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]') | |
| echo "push version ${{steps.getPomVersion.outputs.info}}" | |
| VERSION=$BRANCH_NAME | |
| echo IMAGE_ID=$IMAGE_ID | |
| echo VERSION=$VERSION | |
| docker tag $SERVICE_NAME $IMAGE_ID:$VERSION | |
| docker push $IMAGE_ID:$VERSION | |
| docker-authentication-internal-service: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| env: | |
| NAMESPACE: ${{ secrets.dev_namespace_docker_hub }} | |
| SERVICE_NAME: authentication-internal-service | |
| SERVICE_LOCATION: authentication/authentication-internal-service | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - uses: actions/download-artifact@v1 | |
| with: | |
| name: release | |
| path: ./ | |
| - name: Setup branch name | |
| run: | | |
| # Strip git ref prefix from version | |
| echo "::set-env name=BRANCH_NAME::$(echo ${{ github.ref }} | sed -e 's,.*/\(.*\),\1,')" | |
| echo ${{ env.BRANCH_NAME }} | |
| - name: Get version info from pom | |
| id: getPomVersion | |
| uses: mavrosxristoforos/[email protected] | |
| with: | |
| xml-file: ./${{ env.SERVICE_LOCATION }}/pom.xml | |
| xpath: /*[local-name()="project"]/*[local-name()="version"] | |
| - name: Unzip and extract the authentication-internal-service | |
| run: unzip -uj "release.zip" "${{ env.SERVICE_LOCATION }}/target/*" -d "./${{ env.SERVICE_LOCATION }}/target" | |
| - name: Build image | |
| run: | | |
| cd "./${{env.SERVICE_LOCATION}}" | |
| docker build . --file Dockerfile --tag ${{ env.SERVICE_NAME }} | |
| - name: Log into registry | |
| run: echo "${{ secrets.release_docker_hub }}" | docker login -u ${{ secrets.actor_docker_hub }} --password-stdin | |
| - name: Push image | |
| run: | | |
| IMAGE_ID=$NAMESPACE/$SERVICE_NAME | |
| # Change all uppercase to lowercase | |
| IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]') | |
| echo "push version ${{steps.getPomVersion.outputs.info}}" | |
| VERSION=$BRANCH_NAME | |
| echo IMAGE_ID=$IMAGE_ID | |
| echo VERSION=$VERSION | |
| docker tag $SERVICE_NAME $IMAGE_ID:$VERSION | |
| docker push $IMAGE_ID:$VERSION | |
| docker-authentication-service: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| env: | |
| NAMESPACE: ${{ secrets.dev_namespace_docker_hub }} | |
| SERVICE_NAME: authentication-service | |
| SERVICE_LOCATION: authentication/authentication-service | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - uses: actions/download-artifact@v1 | |
| with: | |
| name: release | |
| path: ./ | |
| - name: Setup branch name | |
| run: | | |
| # Strip git ref prefix from version | |
| echo "::set-env name=BRANCH_NAME::$(echo ${{ github.ref }} | sed -e 's,.*/\(.*\),\1,')" | |
| echo ${{ env.BRANCH_NAME }} | |
| - name: Get version info from pom | |
| id: getPomVersion | |
| uses: mavrosxristoforos/[email protected] | |
| with: | |
| xml-file: ./${{ env.SERVICE_LOCATION }}/pom.xml | |
| xpath: /*[local-name()="project"]/*[local-name()="version"] | |
| - name: Unzip and extract the authentication-service | |
| run: unzip -uj "release.zip" "${{ env.SERVICE_LOCATION }}/target/*" -d "./${{ env.SERVICE_LOCATION }}/target" | |
| - name: Build image | |
| run: | | |
| cd "./${{env.SERVICE_LOCATION}}" | |
| docker build . --file Dockerfile --tag ${{ env.SERVICE_NAME }} | |
| - name: Log into registry | |
| run: echo "${{ secrets.release_docker_hub }}" | docker login -u ${{ secrets.actor_docker_hub }} --password-stdin | |
| - name: Push image | |
| run: | | |
| IMAGE_ID=$NAMESPACE/$SERVICE_NAME | |
| # Change all uppercase to lowercase | |
| IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]') | |
| echo "push version ${{steps.getPomVersion.outputs.info}}" | |
| VERSION=$BRANCH_NAME | |
| echo IMAGE_ID=$IMAGE_ID | |
| echo VERSION=$VERSION | |
| docker tag $SERVICE_NAME $IMAGE_ID:$VERSION | |
| docker push $IMAGE_ID:$VERSION |