-
Notifications
You must be signed in to change notification settings - Fork 2
91 lines (79 loc) · 3.08 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
name: build
on:
workflow_call:
inputs:
environment:
required: true
type: string
module:
required: true
type: string
workflow_dispatch:
inputs:
environment:
required: true
type: choice
options:
- dev
- test
module:
required: true
type: choice
options:
- api
- worker
jobs:
build:
runs-on: self-hosted
env:
ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: true
AWS_REGION: ${{ vars.AWS_REGION }}
DEPLOYMENT_ENV: ${{ vars[format('{0}_DEPLOYMENT_ENV', inputs.environment)] }}
steps:
- name: Checkout Code
uses: actions/checkout@v3
- name: Setup Java
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: '17'
- name: Install Maven 3.6.3
run: |
export PATH="$PATH:/opt/maven/bin"
echo "PATH=$PATH" >> $GITHUB_ENV
if mvn -v; then echo "Maven already installed" && exit 0; else echo "Installing Maven"; fi
tmpdir="$(mktemp -d)"
curl -LsS https://archive.apache.org/dist/maven/maven-3/3.6.3/binaries/apache-maven-3.6.3-bin.tar.gz | tar xzf - -C "$tmpdir"
sudo rm -rf /opt/maven
sudo mv "$tmpdir/apache-maven-3.6.3" /opt/maven
- name: Set env vars from AWS params in BCDA management account
uses: cmsgov/ab2d-bcda-dpc-platform/actions/aws-params-env-action@main
with:
params: |
ARTIFACTORY_URL=/artifactory/url
ARTIFACTORY_USER=/artifactory/user
ARTIFACTORY_PASSWORD=/artifactory/password
- name: Build package
run: mvn -U clean package -s settings.xml -DskipTests -Dusername="${ARTIFACTORY_USER}" -Dpassword="${ARTIFACTORY_PASSWORD}" -Drepository_url="${ARTIFACTORY_URL}"
- name: Assume role in AB2D Management account
uses: aws-actions/configure-aws-credentials@v3
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: arn:aws:iam::${{ secrets.MGMT_ACCOUNT_ID }}:role/delegatedadmin/developer/ab2d-mgmt-github-actions
- name: Build image and push to ECR
working-directory: ./${{ inputs.module }}
run: |
ECR_REPO_DOMAIN="${{ secrets.MGMT_ACCOUNT_ID }}.dkr.ecr.$AWS_REGION.amazonaws.com"
aws ecr get-login-password | docker login --username AWS --password-stdin "$ECR_REPO_DOMAIN"
ECR_REPO_URI="$ECR_REPO_DOMAIN/ab2d_${{ inputs.module }}"
SHA_SHORT=$(git rev-parse --short HEAD)
echo "Building image for commit sha $SHA_SHORT"
docker build \
-t "${ECR_REPO_URI}:ab2d-${DEPLOYMENT_ENV}-$SHA_SHORT" \
-t "${ECR_REPO_URI}:ab2d-${DEPLOYMENT_ENV}-latest" .
# Push to special tag for promotion if this is run on a push to main
if [ "$GITHUB_REF" == "refs/heads/main" ]; then
docker tag $ECR_REPO_URI:ab2d-$DEPLOYMENT_ENV-$SHA_SHORT $ECR_REPO_URI:main-$SHA_SHORT
fi
echo "Pushing image"
docker push "${ECR_REPO_URI}" --all-tags