Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Dependencies and workflows updated. #147

Merged
merged 1 commit into from
Oct 28, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
118 changes: 15 additions & 103 deletions .github/workflows/build-n-push-main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,122 +17,34 @@ jobs:
permissions:
id-token: write
packages: write
contents: write

steps:
#
# Checkout the source code.
#
- name: Checkout the source code
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
with:
token: ${{ secrets.GIT_PAT }}
fetch-depth: 0

#
# Cache JDK.
#
- name: Cache JDK
uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8
id: cache-jdk
with:
key: OpenJDK21U-jdk_x64_linux_hotspot_21.0.2_13.tar.gz
path: |
${{ runner.temp }}/jdk_setup.tar.gz
${{ runner.temp }}/jdk_setup.sha256

#
# Download JDK and verify its hash.
#
- name: Download JDK and verify its hash
if: steps.cache-jdk.outputs.cache-hit != 'true'
run: |
echo "454bebb2c9fe48d981341461ffb6bf1017c7b7c6e15c6b0c29b959194ba3aaa5 ${{ runner.temp }}/jdk_setup.tar.gz" >> ${{ runner.temp }}/jdk_setup.sha256
curl -L "https://github.com/adoptium/temurin21-binaries/releases/download/jdk-21.0.2%2B13/OpenJDK21U-jdk_x64_linux_hotspot_21.0.2_13.tar.gz" -o "${{ runner.temp }}/jdk_setup.tar.gz"
sha256sum --check --status "${{ runner.temp }}/jdk_setup.sha256"
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2

#
# Setup JDK.
# Setup Java Build Environment.
#
- name: Setup JDK
uses: actions/setup-java@5ffc13f4174014e2d4d4572b3d74c3fa61aeb2c2
- name: Setup Java Build Environment
uses: pagopa/mil-actions/setup-java-build-env@241c6c17f483229fdd4ac26c6d79d1d65be2659c # 1.1.1
with:
distribution: "jdkfile"
jdkFile: "${{ runner.temp }}/jdk_setup.tar.gz"
java-version: "21"
cache: maven
gh_user: ${{ secrets.GIT_USER }}
gh_token: ${{ secrets.GIT_PAT }}

#
# Cache Maven.
# Build and push native container image.
#
- name: Cache Maven
uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8
id: cache-maven
- name: Build and push native container image
id: build_image
uses: pagopa/mil-actions/build-push-native-image@241c6c17f483229fdd4ac26c6d79d1d65be2659c # 1.1.1
with:
key: apache-maven-3.9.6-bin.tar.gz
path: |
${{ runner.temp }}/maven_setup.tar.gz
${{ runner.temp }}/maven_setup.sha256

#
# Download Maven and verify its hash.
#
- name: Download Maven and verify its hash
if: steps.cache-maven.outputs.cache-hit != 'true'
run: |
echo "6eedd2cae3626d6ad3a5c9ee324bd265853d64297f07f033430755bd0e0c3a4b ${{ runner.temp }}/maven_setup.tar.gz" >> ${{ runner.temp }}/maven_setup.sha256
curl -L "https://archive.apache.org/dist/maven/maven-3/3.9.6/binaries/apache-maven-3.9.6-bin.tar.gz" -o "${{ runner.temp }}/maven_setup.tar.gz"
sha256sum --check --status "${{ runner.temp }}/maven_setup.sha256"

#
# Setup Maven.
#
- name: Setup Maven
run: |
mkdir ${{ runner.temp }}/maven
tar -xvf ${{ runner.temp }}/maven_setup.tar.gz -C ${{ runner.temp }}/maven --strip-components=1
echo "<settings><servers><server><id>github</id><username>${{ secrets.GIT_USER }}</username><password>${{ secrets.GIT_PAT }}</password></server></servers></settings>" >> ${{ runner.temp }}/settings.xml

#
# Build native executable.
#
- name: Build native executable
run: |
${{ runner.temp }}/maven/bin/mvn clean package \
-Pnative \
-Dmaven.test.skip=${{ github.event.inputs.skip-unit-test }} \
-Dquarkus.native.container-build=true \
-Dquarkus.native.builder-image=quay.io/quarkus/ubi-quarkus-mandrel-builder-image@sha256:ce70e1a8016471ff0fc9c8f048cd9e37afddacd3de37ed0bca74201d102e45f5 \
-s ${{ runner.temp }}/settings.xml \
--no-transfer-progress

#
# Build Docker image.
#
- name: Build Docker image
run: |
BRANCH_NAME="${GITHUB_REF////_}"
echo "branch_name=$BRANCH_NAME" >> $GITHUB_ENV
docker build \
-f src/main/docker/Dockerfile.native-micro \
-t ghcr.io/${{ github.repository }}:$BRANCH_NAME \
.

#
# Push Docker image.
#
- name: Push Docker image
run: |
echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
docker push -a ghcr.io/${{ github.repository }}

#
# Get Docker image with sha256.
#
- name: Get Docker image with sha256
run: |
echo "image_sha256_temp=$(docker image inspect -f '{{index .RepoDigests 0}}' ghcr.io/${{ github.repository }}:${{ env.branch_name }})"
echo "image_sha256=${image_sha256_temp/@/:${{ env.branch_name }}@}" >> "$GITHUB_ENV"
gh_token: ${{ secrets.GIT_PAT }}
sonar_token: ${{ secrets.SONAR_TOKEN }}
release_version: "${GITHUB_REF////_}"
skip_test: ${{ inputs.skip-unit-test }}

#
# Update Container App.
Expand All @@ -146,4 +58,4 @@ jobs:
ARM_TENANT_ID: "${{ secrets.AZURE_TENANT_ID }}"
run: |
terraform init -backend-config="env/dev-cd/backend.tfvars" -reconfigure
terraform apply -var-file="env/dev-cd/terraform.tfvars" -var="mil_auth_image=${{ env.image_sha256 }}" -auto-approve -lock-timeout=300s
terraform apply -var-file="env/dev-cd/terraform.tfvars" -var="mil_auth_image=${{ steps.build_image.outputs.image }}" -auto-approve -lock-timeout=300s
7 changes: 1 addition & 6 deletions .github/workflows/deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,6 @@ jobs:

permissions:
id-token: write
packages: write
contents: write

steps:
#
Expand All @@ -40,10 +38,7 @@ jobs:
# Checkout the source code
#
- name: Checkout the source code
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
with:
token: ${{ secrets.GIT_PAT }}
fetch-depth: 0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2

#
# Terraform
Expand Down
Loading
Loading