Merge pull request #2 from lalithkota/develop-1.2.0.1-merge

Native JWT Verification added. And merged with latest develop

.github/workflows/docker-build.yml

@@ -0,0 +1,95 @@
+name: Docker build and push
+
+on:
+  push:
+    branches:
+      - "**"
+    tags-ignore:
+      - "**"
+    paths:
+      - "consolidator/**"
+      - "hub/**"
+      - "kafka-admin-client/**"
+      - "*.Dockerfile"
+  pull_request:
+    branches:
+      - "**"
+    paths:
+      - "consolidator/**"
+      - "hub/**"
+      - "kafka-admin-client/**"
+      - "*.Dockerfile"
+  workflow_dispatch:
+
+jobs:
+  docker-build-consolidator:
+    name: Docker Build Consolidator
+    runs-on: ubuntu-latest
+    env:
+      NAMESPACE: ${{ secrets.docker_hub_organisation || 'mosipdev' }}
+      SERVICE_NAME: 'consolidator-websub-service'
+    steps:
+      - uses: actions/checkout@v3
+      - name: Docker build
+        run: |
+          BRANCH_NAME=$(echo ${{ github.ref }} | sed -e 's,.*/\(.*\),\1,')
+          IMAGE_ID=$NAMESPACE/$SERVICE_NAME
+
+          # Change all uppercase to lowercase
+          IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
+          VERSION=$BRANCH_NAME
+          if [[ $BRANCH_NAME == master || $BRANCH_NAME == main ]]; then
+            VERSION=develop
+          fi
+          echo IMAGE_ID=$IMAGE_ID
+          echo VERSION=$VERSION
+          echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
+          echo VERSION=$VERSION >> $GITHUB_ENV
+
+          docker build . \
+            --file consolidator.Dockerfile \
+            --tag $IMAGE_ID:$VERSION
+          if [[ '${{ secrets.docker_hub_token }}' != '' && '${{ secrets.docker_hub_actor }}' != '' && '${{ github.event_name }}' != 'pull_request' ]]; then
+            echo DOCKER_PUSH=true >> $GITHUB_ENV
+          fi
+      - name: Docker Push
+        if: env.DOCKER_PUSH == 'true'
+        run: |
+          echo "${{ secrets.docker_hub_token }}" | docker login -u ${{ secrets.docker_hub_actor }} --password-stdin
+          docker push ${{ env.IMAGE_ID }}:${{ env.VERSION }}
+
+  docker-build-websub:
+    name: Docker Build Websub
+    runs-on: ubuntu-latest
+    env:
+      NAMESPACE: ${{ secrets.docker_hub_organisation || 'mosipdev' }}
+      SERVICE_NAME: 'websub-service'
+    steps:
+      - uses: actions/checkout@v3
+      - name: Docker build
+        run: |
+          BRANCH_NAME=$(echo ${{ github.ref }} | sed -e 's,.*/\(.*\),\1,')
+          IMAGE_ID=$NAMESPACE/$SERVICE_NAME
+
+          # Change all uppercase to lowercase
+          IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
+          VERSION=$BRANCH_NAME
+          if [[ $BRANCH_NAME == master || $BRANCH_NAME == main ]]; then
+            VERSION=develop
+          fi
+          echo IMAGE_ID=$IMAGE_ID
+          echo VERSION=$VERSION
+          echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
+          echo VERSION=$VERSION >> $GITHUB_ENV
+
+          docker build . \
+            --file hub.Dockerfile \
+            --tag $IMAGE_ID:$VERSION
+          if [[ '${{ secrets.docker_hub_token }}' != '' && '${{ secrets.docker_hub_actor }}' != '' && '${{ github.event_name }}' != 'pull_request' ]]; then
+            echo DOCKER_PUSH=true >> $GITHUB_ENV
+          fi
+      - name: Docker Push
+        if: env.DOCKER_PUSH == 'true'
+        run: |
+          echo "${{ secrets.docker_hub_token }}" | docker login -u ${{ secrets.docker_hub_actor }} --password-stdin
+          docker push ${{ env.IMAGE_ID }}:${{ env.VERSION }}

.github/workflows/helm-charts-build.yml

@@ -0,0 +1,134 @@
+name: Build and Publish Helm charts
+
+on:
+  push:
+    tags-ignore:
+      - '**'
+    branches:
+      - 1.*
+      - develop
+      - main
+  workflow_dispatch:
+    inputs:
+      forcePublishCharts:
+        description: "Force publish Charts?"
+        default: "*"
+        type: string
+
+jobs:
+  generate-charts:
+    runs-on: ubuntu-latest
+    env:
+      SKIP: 'FALSE'
+      RANCHER_CHART_FILTER: "openg2p.org/add-to-rancher"
+      FORCE_PUBLISH_CHARTS: "${{ inputs.forcePublishCharts || '' }}"
+    defaults:
+      run:
+        shell: bash
+    steps:
+    - name: Checkout Repository
+      uses: actions/checkout@v3
+
+    - id: files
+      if: env.FORCE_PUBLISH_CHARTS == ''
+      uses: jitterbit/get-changed-files@v1
+
+    - name: save helm/charts to tmp.txt file
+      run: |
+        touch charts-list.txt
+        if [ -n "${FORCE_PUBLISH_CHARTS}" ]; then
+          for chart in charts/${FORCE_PUBLISH_CHARTS}/; do
+            chart="${chart#charts/}"
+            chart="${chart%/}"
+            echo "$chart" >> charts-list.txt
+          done
+        else
+          for changed_file in ${{ steps.files.outputs.all }}; do
+            if [[ ${changed_file} =~ ^charts ]]; then
+              chart_name=$(echo "${changed_file}" | awk -F/ '/^[charts]/{print $2}')
+              echo $chart_name >> charts-list.txt;
+              echo "Saved $chart_name chart to charts-list.txt"
+            fi
+          done
+          cat charts-list.txt | sort | uniq > charts-list-unique.txt
+          mv charts-list-unique.txt charts-list.txt
+        fi
+        echo "List of charts to be published";
+        cat charts-list.txt
+
+    - name: Generate tar files
+      run: |
+        if [[ ! -s charts-list.txt ]]; then
+          echo "::warning::No Charts to publish";
+          echo "SKIP=TRUE" >> $GITHUB_ENV
+        else
+          for chartpath in charts/*/; do
+            if [ -f ${chartpath}Chart.yaml ]; then
+              helm dep up $chartpath
+            fi
+          done
+          RANCHER_CHARTS=()
+          while IFS= read -r chartpath; do
+            echo "chartpath: $chartpath"
+            chartname=$(basename "$chartpath")
+            if [ -f charts/${chartname}/Chart.yaml ]; then
+              echo "Chartname: $chartname"
+              helm package charts/$chartpath
+              is_rancher_chart=$(grep "$RANCHER_CHART_FILTER" charts/${chartpath%*/}/Chart.yaml || true)
+              if [ -n "$is_rancher_chart" ]; then
+                RANCHER_CHARTS+=("$chartname")
+              fi
+            fi
+          done < charts-list.txt
+          echo "RANCHER_CHARTS=${RANCHER_CHARTS[@]}" >> $GITHUB_ENV
+          rm charts-list.txt
+        fi
+
+        shopt -s nocasematch
+        if [[ '${{ github.repository_owner }}' != 'OpenG2P' ]]; then
+          echo "SKIP=TRUE" >> $GITHUB_ENV
+        fi
+    - name: Upload tar as Artifact
+      uses: actions/upload-artifact@v4
+      with:
+          name: charts
+          path: ./*.tgz
+      if: env.SKIP != 'TRUE'
+
+    - name: Checkout branch for publishing
+      uses: actions/checkout@v3
+      with:
+          repository: 'openg2p/openg2p-helm'
+          ref: gh-pages
+          token: ${{ secrets.OPENG2P_BOT_GITHUB_PAT }}
+      if: env.SKIP != 'TRUE'
+
+    - name: Download tar from Artifacts
+      uses: actions/download-artifact@v4
+      with:
+          name: charts
+          path: ./
+      if: env.SKIP != 'TRUE'
+
+    - name: Update index.yaml
+      run: |
+        helm repo index --url https://openg2p.github.io/openg2p-helm/ .
+        for chartname in $RANCHER_CHARTS; do
+          cp ${chartname}*.tgz rancher/
+        done
+        helm repo index --url https://openg2p.github.io/openg2p-helm/ --merge rancher/index.yaml rancher
+        for chartname in $RANCHER_CHARTS; do
+          rm rancher/${chartname}*.tgz || true
+        done
+      if: env.SKIP != 'TRUE'
+
+    - name: Commit Changes to repository
+      uses: EndBug/add-and-commit@v7
+      with:
+        branch: gh-pages
+        author_name: openg2pbot
+        author_email: [email protected]
+        default_author: user_info
+        message: 'added common helm charts for publish openg2p/websub@${{ github.sha }}'
+        add: './*.tgz ./index.yaml rancher/index.yaml'
+      if: env.SKIP != 'TRUE'