chore: remove comment #512
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Run CI | |
| on: | |
| push: | |
| workflow_dispatch: | |
| jobs: | |
| gradle: | |
| outputs: | |
| success: ${{ steps.build.outcome == 'success' }} | |
| strategy: | |
| matrix: | |
| os: [ ubuntu-latest ] | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-java@v4 | |
| with: | |
| distribution: temurin | |
| java-version: 21 | |
| - name: Setup Gradle | |
| uses: gradle/actions/setup-gradle@v4 | |
| - name: Grant execute permission for Gradlew (Linux/Mac) | |
| if: runner.os != 'Windows' | |
| run: chmod +x ./gradlew | |
| - name: Execute build | |
| id: build | |
| env: | |
| APP_KEY: ${{ secrets.APP_KEY }} | |
| DATASOURCE_USER: ${{ secrets.DATASOURCE_USER }} | |
| DATASOURCE_PASSWORD: ${{ secrets.DATASOURCE_PASSWORD }} | |
| DATASOURCE_URL: ${{ secrets.DATASOURCE_URL }} | |
| LOCAL_KMS_DATASOURCE_USER: ${{ secrets.LOCAL_KMS_DATASOURCE_USER }} | |
| LOCAL_KMS_DATASOURCE_PASSWORD: ${{ secrets.LOCAL_KMS_DATASOURCE_PASSWORD }} | |
| LOCAL_KMS_DATASOURCE_URL: ${{ secrets.LOCAL_KMS_DATASOURCE_URL }} | |
| NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} | |
| NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| KMS_PROVIDER: local | |
| run: | | |
| ./gradlew build | |
| ./gradlew :modules:openapi:jsPublicPackageJson | |
| ./gradlew :modules:openid-federation-common:jsPublicPackageJson | |
| ./gradlew publishJsPackageToNpmjsRegistry | |
| ./gradlew publishAllPublicationsToSphereon-opensourceRepository | |
| - name: Upload build artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: build-artifacts | |
| path: | | |
| modules/federation-server/build/libs/federation-server-*.jar | |
| modules/admin-server/build/libs/admin-server-*.jar | |
| auto-tag: | |
| needs: gradle | |
| runs-on: ubuntu-latest | |
| outputs: | |
| version: ${{ steps.get_version_info.outputs.new_version }} | |
| if: github.event_name == 'repository_dispatch' || (github.event_name == 'pull_request' && github.event.pull_request.merged == true) || (github.event_name == 'push' && needs.gradle.outputs.success == 'true') | |
| permissions: | |
| contents: write | |
| actions: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| fetch-tags: true | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Get version info | |
| id: get_version_info | |
| run: | | |
| git config --local user.email "${GITHUB_ACTOR}@users.noreply.github.com" | |
| git config --local user.name "${GITHUB_ACTOR}" | |
| EVENT_NAME="${{ github.event_name }}" | |
| if [[ "$EVENT_NAME" == "pull_request" ]]; then | |
| BRANCH_NAME="${{ github.event.pull_request.head.ref }}" | |
| else | |
| BRANCH_NAME="${GITHUB_REF#refs/heads/}" | |
| fi | |
| GRADLE_VERSION=$(grep 'version = ' build.gradle.kts | sed 's/.*version = "\(.*\)".*/\1/') | |
| GRADLE_VERSION=${GRADLE_VERSION%-SNAPSHOT} | |
| COMMIT_SHA=$(git rev-parse --short HEAD) | |
| PR_NUMBER=${{ github.event.pull_request.number }} | |
| if [[ $BRANCH_NAME == "main" ]]; then | |
| NEW_VERSION="${GRADLE_VERSION}" | |
| elif [[ $BRANCH_NAME == "develop" ]]; then | |
| NEW_VERSION="${GRADLE_VERSION}-beta.${COMMIT_SHA}" | |
| elif [[ $BRANCH_NAME == release/* ]]; then | |
| NEW_VERSION="${GRADLE_VERSION}-rc.${COMMIT_SHA}" | |
| else | |
| SAFE_BRANCH=$(echo "${BRANCH_NAME}" | sed 's/[^a-zA-Z0-9]/-/g') | |
| if [[ -n $PR_NUMBER ]]; then | |
| NEW_VERSION="${GRADLE_VERSION}-alpha.pr${PR_NUMBER}.${COMMIT_SHA}" | |
| else | |
| NEW_VERSION="${GRADLE_VERSION}-alpha.${SAFE_BRANCH}.${COMMIT_SHA}" | |
| fi | |
| fi | |
| echo "new_version=${NEW_VERSION}" >> $GITHUB_OUTPUT | |
| git tag -a ${NEW_VERSION} -m "Release ${NEW_VERSION}" | |
| git push origin ${NEW_VERSION} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| docker-publish: | |
| needs: [ gradle, auto-tag ] | |
| if: needs.gradle.outputs.success == 'true' | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 20 | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Debug Event | |
| run: | | |
| echo "Event name: ${{ github.event_name }}" | |
| echo "Ref type: ${{ github.ref_type }}" | |
| echo "Ref: ${{ github.ref }}" | |
| echo "SHA: ${{ github.sha }}" | |
| echo "Base ref: ${{ github.base_ref }}" | |
| echo "Head ref: ${{ github.head_ref }}" | |
| echo "Workflow ref: ${{ github.workflow_ref }}" | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Download build artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: build-artifacts | |
| path: ./ | |
| - name: Debug downloaded files | |
| run: | | |
| echo "Current directory contents:" | |
| ls -la | |
| echo "Find all jar files:" | |
| find . -name "*.jar" | |
| - name: Create directory structure and move artifacts | |
| run: | | |
| mkdir -p modules/federation-server/build/libs/ | |
| mkdir -p modules/admin-server/build/libs/ | |
| mv ./federation-server/build/libs/federation-server-*.jar modules/federation-server/build/libs/ | |
| mv ./admin-server/build/libs/admin-server-*.jar modules/admin-server/build/libs/ | |
| # Ensure artifacts are accessible | |
| chmod 644 modules/federation-server/build/libs/*.jar | |
| chmod 644 modules/admin-server/build/libs/*.jar | |
| - name: List downloaded artifacts | |
| run: ls -R modules/*/build/libs/ | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Extract metadata (federation-server) | |
| id: meta-federation | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: sphereon/openid-federation-server | |
| flavor: | | |
| latest=false | |
| tags: | | |
| type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }} | |
| type=raw,value=${{ needs.auto-tag.outputs.version }} | |
| type=semver,pattern={{version}},value=${{ needs.auto-tag.outputs.version }} | |
| type=semver,pattern={{major}}.{{minor}},value=${{ needs.auto-tag.outputs.version }} | |
| type=semver,pattern={{major}},value=${{ needs.auto-tag.outputs.version }} | |
| - name: Build and push federation-server | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: ./.docker/federation-server/Dockerfile | |
| push: true | |
| tags: ${{ steps.meta-federation.outputs.tags }} | |
| labels: ${{ steps.meta-federation.outputs.labels }} | |
| cache-from: | | |
| type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/openid-federation-server:latest | |
| type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/openid-federation-base:latest | |
| cache-to: | | |
| type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/openid-federation-server:latest,mode=max | |
| type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/openid-federation-base:latest,mode=max | |
| - name: Extract metadata (admin-server) | |
| id: meta-admin | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: sphereon/openid-federation-admin-server | |
| flavor: | | |
| latest=false | |
| tags: | | |
| type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }} | |
| type=raw,value=${{ needs.auto-tag.outputs.version }} | |
| type=semver,pattern={{version}},value=${{ needs.auto-tag.outputs.version }} | |
| type=semver,pattern={{major}}.{{minor}},value=${{ needs.auto-tag.outputs.version }} | |
| type=semver,pattern={{major}},value=${{ needs.auto-tag.outputs.version }} | |
| - name: Build and push admin-server | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: ./.docker/admin-server/Dockerfile | |
| push: true | |
| tags: ${{ steps.meta-admin.outputs.tags }} | |
| labels: ${{ steps.meta-admin.outputs.labels }} | |
| cache-from: | | |
| type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/openid-federation-admin-server:latest | |
| type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/openid-federation-base:latest | |
| cache-to: | | |
| type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/openid-federation-admin-server:latest,mode=max | |
| type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/openid-federation-base:latest,mode=max |