Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish package to GitHub Packages | |
| on: | |
| release: | |
| types: [ published ] | |
| jobs: | |
| build: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up JDK 11 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: 11 | |
| distribution: 'adopt' | |
| - uses: cardinalby/git-get-release-action@v1 | |
| id: getEnvRelease | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Get Project Version from pom.xml | |
| uses: entimaniac/read-pom-version-action@1.0.0 | |
| id: getVersion | |
| # - name: Check Enviroment release | |
| # if: ${{ !((steps.getEnvRelease.outputs.prerelease && contains(steps.getVersion.outputs.version, '-SNAPSHOT')) || (!steps.getEnvRelease.outputs.prerelease && !contains(steps.getVersion.outputs.version, '-SNAPSHOT'))) }} | |
| # run: exit 1 | |
| - name: Cache Maven packages | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.m2 | |
| key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: ${{ runner.os }}-m2 | |
| - name: Build | |
| run: mvn clean verify -DskipTests=true | |
| test: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 90 | |
| needs: build | |
| services: | |
| mongo: | |
| image: mongo:4.4 | |
| ports: | |
| - 27017:27017 | |
| redis: | |
| image: redis | |
| ports: | |
| - 6379:6379 | |
| elasticsearch: | |
| image: elasticsearch:7.17.3 | |
| ports: | |
| - 9200:9200 | |
| - 9300:9300 | |
| options: -e="discovery.type=single-node" -e="xpack.security.enabled=false" --health-cmd="curl http://localhost:9200/_cluster/health" --health-interval=10s --health-timeout=5s --health-retries=10 | |
| minio: | |
| image: docker.io/bitnami/minio:2022 | |
| ports: | |
| - 9000:9000 | |
| - 9001:9001 | |
| options: -e="MINIO_ROOT_USER=root" -e="MINIO_ROOT_PASSWORD=password" -e="MINIO_DEFAULT_BUCKETS=default" | |
| steps: | |
| - name: Test Database | |
| env: | |
| ELASTIC_SEARCH_URL: http://localhost:${{ job.services.elasticsearch.ports[9200] }} | |
| run: | | |
| echo $ELASTIC_SEARCH_URL | |
| curl -fsSL "$ELASTIC_SEARCH_URL/_cat/health?h=status" | |
| - uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up JDK 11 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: 11 | |
| distribution: 'adopt' | |
| # - name: Cache SonarCloud packages | |
| # uses: actions/cache@v3 | |
| # with: | |
| # path: ~/.sonar/cache | |
| # key: ${{ runner.os }}-sonar | |
| # restore-keys: ${{ runner.os }}-sonar | |
| - name: Cache Maven packages | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.m2 | |
| key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: ${{ runner.os }}-m2 | |
| - name: Generate certificates | |
| run: cd src/main/resources/certificates && openssl genrsa -out keypair.pem 4096 && openssl rsa -in keypair.pem -pubout -out public.crt && openssl pkcs8 -topk8 -inform PEM -outform DER -nocrypt -in keypair.pem -out private.der && cd ../../../.. | |
| - name: Build | |
| run: mvn clean package install -DskipTests=true | |
| # Upgrade Java | |
| # - name: Build, test, and analyze | |
| # env: | |
| # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| # run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=netgrif_application-engine | |
| - name: Build, test | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| run: mvn -B test | |
| publish-OSSRH: | |
| runs-on: ubuntu-latest | |
| name: Publish to Maven Central | |
| needs: test | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - id: install-secret-key | |
| name: Install gpg secret key | |
| run: | | |
| cat <(echo -e "${{ secrets.OSSRH_GPG_SECRET_KEY }}") | gpg --batch --import | |
| gpg --list-secret-keys --keyid-format LONG | |
| - name: Set up Maven Central Repository | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: 11 | |
| distribution: 'adopt' | |
| server-id: ossrh | |
| server-username: MAVEN_USERNAME | |
| server-password: MAVEN_PASSWORD | |
| - name: Publish package | |
| run: mvn -DskipTests=true --batch-mode -P ossrh-publish -Dgpg.passphrase=${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }} deploy | |
| env: | |
| MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }} | |
| MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }} | |
| publish-docker: | |
| name: Docker build image and publish | |
| needs: test | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Set up JDK 11 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: 11 | |
| distribution: 'adopt' | |
| - name: Cache Maven packages | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.m2 | |
| key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: ${{ runner.os }}-m2 | |
| - name: Build | |
| run: mvn -P docker-build clean package install -DskipTests=true | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v1 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_AUTH_TOKEN }} | |
| - name: Get Project Version from pom.xml | |
| uses: entimaniac/read-pom-version-action@1.0.0 | |
| id: getVersion | |
| - name: Push Version ${{ steps.getVersion.outputs.version }} | |
| uses: docker/build-push-action@v3 | |
| with: | |
| push: true | |
| tags: netgrif/application-engine:${{ steps.getVersion.outputs.version }} | |
| - name: Push Latest | |
| if: ${{ !contains(steps.getVersion.outputs.version, '-SNAPSHOT') }} | |
| uses: docker/build-push-action@v3 | |
| with: | |
| push: true | |
| tags: netgrif/application-engine:latest | |
| publish-artifact: | |
| name: GitHub Artifacts | |
| needs: test | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/setup-java@v3 | |
| with: | |
| java-version: '11' | |
| distribution: 'adopt' | |
| - name: Cache Maven packages | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.m2 | |
| key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: ${{ runner.os }}-m2 | |
| - name: Publish artifact on GitHub Packages | |
| run: mvn -B -P github-publish clean deploy -DskipTests | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| publish-assets: | |
| name: Upload Release Assets | |
| needs: test | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| packages: write | |
| id-token: write | |
| security-events: write | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Build | |
| run: mvn clean package install -DskipTests=true | |
| - name: Get Project Version from pom.xml | |
| uses: entimaniac/read-pom-version-action@1.0.0 | |
| id: getVersion | |
| - name: Build project | |
| run: | | |
| mkdir -p netgrif-application-engine-${{ steps.getVersion.outputs.version }}/src/main/resources/ | |
| cp target/*-exec.jar netgrif-application-engine-${{ steps.getVersion.outputs.version }} | |
| cp -R src/main/resources/* netgrif-application-engine-${{ steps.getVersion.outputs.version }}/src/main/resources/ | |
| zip -r netgrif-application-engine-${{ steps.getVersion.outputs.version }}.zip netgrif-application-engine-${{ steps.getVersion.outputs.version }} | |
| - name: Upload binaries to release | |
| uses: svenstaro/upload-release-action@v2 | |
| with: | |
| repo_token: ${{ secrets.GITHUB_TOKEN }} | |
| file: netgrif-application-engine-${{ steps.getVersion.outputs.version }}.zip | |
| asset_name: netgrif-application-engine-${{ steps.getVersion.outputs.version }}.zip | |
| tag: ${{ github.ref }} | |
| overwrite: true |