From 91c4e20c9afb7715d887b76abe484c7d895a9684 Mon Sep 17 00:00:00 2001 From: Torsten Date: Fri, 31 Mar 2023 12:57:38 +0300 Subject: [PATCH] Build docker and create release pipeline (#22) --- .deploy/demo/helm/values.yaml | 4 +- .github/scripts/release-env-check.sh | 12 +++++ .github/workflows/main.yml | 13 ++--- .../{release-api.yml => release.yml} | 52 +++++++++++-------- 4 files changed, 47 insertions(+), 34 deletions(-) create mode 100755 .github/scripts/release-env-check.sh rename .github/workflows/{release-api.yml => release.yml} (50%) diff --git a/.deploy/demo/helm/values.yaml b/.deploy/demo/helm/values.yaml index b81bf96..7752b0c 100644 --- a/.deploy/demo/helm/values.yaml +++ b/.deploy/demo/helm/values.yaml @@ -12,8 +12,8 @@ app: component: "emulator" replicaCount: 1 image: - name: localhost:5000/droidherd-service - tag: local + name: tinkoffcreditsystems/droidherd + tag: latest pullPolicy: "Always" service: port: 8080 diff --git a/.github/scripts/release-env-check.sh b/.github/scripts/release-env-check.sh new file mode 100755 index 0000000..a3a3340 --- /dev/null +++ b/.github/scripts/release-env-check.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env bash + +echo "Checking repository [$GITHUB_REPOSITORY]..." +[[ "${GITHUB_REPOSITORY}" != "tinkoff-mobile-tech/droidherd" ]] && exit 1 + +echo "Checking that ref type is tag ..." +[[ "${GITHUB_REF_TYPE}" != "tag" ]] && exit 1 + +echo "Checking tag [$GITHUB_REF_NAME]..." +[[ "${GITHUB_REF_NAME}" =~ ^release-[0-9]+\.[0-9]+\.[0-9]+$ ]] || exit 1 + +echo "Ok, lets go" diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index dda3358..f0d1bf7 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,22 +1,17 @@ -name: Building, testing and assembling jar-file +name: Build and test -on: - push: - branches: [ "main" ] - pull_request: - workflow_dispatch: +on: [ push ] jobs: gradle: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 + - uses: actions/setup-java@v3 with: distribution: temurin java-version: 11 - - name: Setup Gradle - uses: gradle/gradle-build-action@v2 - name: Build, test and assemble jar - run: ./gradlew build test bootJar + run: ./gradlew assemble test diff --git a/.github/workflows/release-api.yml b/.github/workflows/release.yml similarity index 50% rename from .github/workflows/release-api.yml rename to .github/workflows/release.yml index 5da40fa..bbcde10 100644 --- a/.github/workflows/release-api.yml +++ b/.github/workflows/release.yml @@ -1,30 +1,31 @@ -name: Release Droidherd API +name: Release Droidherd on: release: types: [created, workflow_dispatch] +env: + MVN_LOGIN: ${{ secrets.NEXUS_LOGIN }} + MVN_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} + DOCKER_REPOSITORY: ${{secrets.DOCKER_REPOSITORY}} + jobs: - with: - publish-api-to-maven-repo: + build-and-release: runs-on: ubuntu-latest steps: - - name: Check repository - run: | - [[ "${GITHUB_REPOSITORY}" != "tinkoff-mobile-tech/droidherd" ]] && exit 1 + - uses: actions/checkout@v3 - - name: Check release tag - run: | - [[ "${GITHUB_REF_NAME}" =~ ^release-[0-9]+\.[0-9]+\.[0-9]+$ ]] || exit 1 + - name: Check repository and tag + run: .github/scripts/release-env-check.sh - name: Set build version run: | - VERSION = $(echo "release-0.2.3" | grep -Eo '[0-9]\.[0-9]+\.[0-9]+') - echo "Evaluated version: $VERSION" - [[ -z "$VERSION" ]] && exit 1 - echo "BUILD_VERSION=${VERSION}" >> $GITHUB_ENV + echo "BUILD_VERSION=$(echo $GITHUB_REF_NAME | grep -Eo '[0-9]\.[0-9]+\.[0-9]+')" >> $GITHUB_ENV - - uses: actions/checkout@v3 + - name: Show and check version + run: | + echo "Evaluated version: [$BUILD_VERSION]" + if [[ -z "$BUILD_VERSION" ]]; then exit 1; fi - name: Set up JDK 11 uses: actions/setup-java@v3 @@ -36,15 +37,15 @@ jobs: - name: Validate Gradle wrapper uses: gradle/wrapper-validation-action@v1 - - name: Retrieve the secret and decode it to a file - env: - GPG_KEY: ${{ secrets.GPG_KEY }} - run: echo "$GPG_KEY" | base64 --decode > /tmp/secring.gpg + - name: Build + run: ./gradlew assemble test - - name: Retrieve the gradle.properties + - name: Generate sign key for publishing env: + GPG_KEY: ${{ secrets.GPG_KEY }} SIGN_OSSRH_GRADLE_PROPERTIES: ${{ secrets.SIGN_OSSRH_GRADLE_PROPERTIES }} run: | + echo "$GPG_KEY" | base64 --decode > /tmp/secring.gpg mkdir -p ~/.gradle echo -en "$SIGN_OSSRH_GRADLE_PROPERTIES" > ~/.gradle/gradle.properties @@ -54,8 +55,6 @@ jobs: arguments: :api:publish -Psigning.secretKeyRingFile=/tmp/secring.gpg env: MVN_RELEASE_REPOSITORY: https://oss.sonatype.org/service/local/staging/deploy/maven2/ - MVN_LOGIN: ${{ secrets.NEXUS_LOGIN }} - MVN_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} - name: Execute Gradle nexus staging release uses: gradle/gradle-build-action@v2 @@ -63,5 +62,12 @@ jobs: arguments: closeAndReleaseRepository env: MVN_RELEASE_REPOSITORY: https://oss.sonatype.org/service/local/ - MVN_LOGIN: ${{ secrets.NEXUS_LOGIN }} - MVN_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} + + - name: Docker build and push + run: | + echo '${{ secrets.DOCKER_REPOSITORY_PASSWORD }}' | docker login -u $DOCKER_REPOSITORY --password-stdin + docker build ./app --file ./app/OssDockerfile --tag $DOCKER_REPOSITORY/droidherd:${BUILD_VERSION} + docker push $DOCKER_REPOSITORY/droidherd:${BUILD_VERSION} + docker tag $DOCKER_REPOSITORY/droidherd:${BUILD_VERSION} $DOCKER_REPOSITORY/droidherd:latest + echo "Update latest tag $DOCKER_REPOSITORY/droidherd" + docker push $DOCKER_REPOSITORY/droidherd:latest