Skip to content
This repository has been archived by the owner on Nov 4, 2024. It is now read-only.

Commit

Permalink
Merge pull request #77 from galasa-dev/gh-workflow
Browse files Browse the repository at this point in the history 
Trying GH actions workflows in galasa-dev org
  • Loading branch information
@jadecarino
jadecarino authored Jul 24, 2024
2 parents 6090669 + e91040f commit 526f931
Show file tree
Hide file tree
Showing 4 changed files with 232 additions and 1 deletion.
121 changes: 121 additions & 0 deletions .github/workflows/build.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,121 @@
name: Main build

on:
workflow_dispatch:
push:
branches: [main]

env:
REGISTRY: ghcr.io
NAMESPACE: galasa-dev
BRANCH: main

jobs:
build-wrapping:
name: Build Wrapping source code and Docker image for development Maven registry
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v4

- name: Set up JDK
uses: actions/setup-java@v4
with:
java-version: '11'
distribution: 'semeru'
cache: maven

# The githash is added to the development Maven registry to show what commit level it contains
- name: Print githash
run: |
echo $GITHUB_SHA > ./wrapping.githash
# Copy secrets into files to use in workflow
- name: Make secrets directory
run : |
mkdir /home/runner/work/secrets
- name: Copy settings.xml
env:
MAVEN_SETTINGS_XML: ${{ secrets.MAVEN_SETTINGS_XML }}
run : |
echo $MAVEN_SETTINGS_XML > /home/runner/work/secrets/settings.xml
- name: Copy GPG passphrase
env:
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
run : |
echo $GPG_PASSPHRASE > /home/runner/work/secrets/passphrase.file
- name: Copy GPG key
env:
GPG_KEY_BASE64: ${{ secrets.GPG_KEY }}
run : |
echo $GPG_KEY_BASE64 | base64 --decode > /home/runner/work/secrets/galasa.gpg
# Set up Maven GPG directory
- name: Make GPG home directory
run: |
mkdir /home/runner/work/gpg
- name: Change directory permissions
run: |
chmod '700' /home/runner/work/gpg
- name: Import GPG
run: |
gpg --homedir /home/runner/work/gpg --pinentry-mode loopback --passphrase-file /home/runner/work/secrets/passphrase.file --import /home/runner/work/secrets/galasa.gpg
- name: Copy custom settings.xml
run: |
cp /home/runner/work/secrets/settings.xml /home/runner/work/gpg/settings.xml
# Make directory to deploy Maven artefacts to in the build
- name: Make artefacts directory
run : |
mkdir ${{ github.workspace }}/repo
- name: Building Wrapping source code
run: |
mvn deploy \
-Dgalasa.source.repo=https://repo.maven.apache.org/maven2/ \
-Dgalasa.central.repo=https://repo.maven.apache.org/maven2/ \
-Dgalasa.release.repo=file:${{ github.workspace }}/repo \
-Dgalasa.jacocoEnabled=true \
-Dgalasa.isRelease=true \
--batch-mode --errors --fail-at-end \
--settings /home/runner/work/gpg/settings.xml
- name: Login to Github Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Extract metadata for Wrapping image
id: metadata
uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
with:
images: ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/wrapping-maven-artefacts

# A Docker image containing the built Maven artefacts is deployed to the dev Maven registry
- name: Build Wrapping image for development Maven registry
id: build
uses: docker/build-push-action@v5
with:
context: .
file: dockerfiles/dockerfile.wrapping
push: true
tags: ${{ steps.metadata.outputs.tags }}
labels: ${{ steps.metadata.outputs.labels }}
# Temporary: dockerRepository will change to ghcr.io once the Wrapping image is available there
build-args: |
dockerRepository=harbor.galasa.dev
baseVersion=latest
# Recycle the development Maven registry app in ArgoCD
# Authenticate using a token passed in as an environment variable
- name: Recycle application in ArgoCD
env:
ARGOCD_AUTH_TOKEN: ${{ secrets.ARGOCD_TOKEN }}
run: |
docker run --env ARGOCD_AUTH_TOKEN=${{ env.ARGOCD_AUTH_TOKEN }} --rm -v ${{ github.workspace }}:/var/workspace ghcr.io/galasa-dev/argocdcli:main app actions run gh-maven-repos restart --kind Deployment --resource-name wrapping-gh --server argocd.galasa.dev
104 changes: 104 additions & 0 deletions .github/workflows/pr-build.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,104 @@
name: PR build

on:
workflow_dispatch:
pull_request:
branches: [main]

env:
REGISTRY: ghcr.io
NAMESPACE: galasa-dev

jobs:
build-wrapping:
name: Build Wrapping source code and Docker image
runs-on: ubuntu-latest

steps:
- name: Checkout Code
uses: actions/checkout@v4

- name: Set up JDK
uses: actions/setup-java@v4
with:
java-version: '11'
distribution: 'semeru'
cache: maven

# The githash is added to the development Maven registry to show what commit level it contains
- name: Print githash
run: |
echo $GITHUB_SHA > ./wrapping.githash
# Copy secrets into files to use in workflow
- name: Make secrets directory
run : |
mkdir /home/runner/work/secrets
- name: Copy settings.xml
env:
MAVEN_SETTINGS_XML: ${{ secrets.MAVEN_SETTINGS_XML }}
run : |
echo $MAVEN_SETTINGS_XML > /home/runner/work/secrets/settings.xml
- name: Copy GPG passphrase
env:
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
run : |
echo $GPG_PASSPHRASE > /home/runner/work/secrets/passphrase.file
- name: Copy GPG key
env:
GPG_KEY_BASE64: ${{ secrets.GPG_KEY }}
run : |
echo $GPG_KEY_BASE64 | base64 --decode > /home/runner/work/secrets/galasa.gpg
# Set up Maven GPG directory
- name: Make GPG home directory
run: |
mkdir /home/runner/work/gpg
- name: Change directory permissions
run: |
chmod '700' /home/runner/work/gpg
- name: Import GPG
run: |
gpg --homedir /home/runner/work/gpg --pinentry-mode loopback --passphrase-file /home/runner/work/secrets/passphrase.file --import /home/runner/work/secrets/galasa.gpg
- name: Copy custom settings.xml
run: |
cp /home/runner/work/secrets/settings.xml /home/runner/work/gpg/settings.xml
# Make directory to deploy Maven artefacts to in the build
- name: Make artefacts directory
run : |
mkdir ${{ github.workspace }}/repo
- name: Building Wrapping source code
run: |
mvn deploy \
-Dgpg.skip=true \
-Dgalasa.source.repo=https://repo.maven.apache.org/maven2/ \
-Dgalasa.central.repo=https://repo.maven.apache.org/maven2/ \
-Dgalasa.release.repo=file:${{ github.workspace }}/repo \
--batch-mode --errors --fail-at-end \
--settings /home/runner/work/gpg/settings.xml
- name: Extract metadata for Wrapping image
id: metadata
uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
with:
images: ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/wrapping-maven-artefacts

# This Docker image will not be used, it's just to test that the Docker build should work
- name: Build Wrapping image
id: build
uses: docker/build-push-action@v5
with:
context: .
file: dockerfiles/dockerfile.wrapping
push: false
tags: ${{ steps.metadata.outputs.tags }}
labels: ${{ steps.metadata.outputs.labels }}
# dockerRepository will change to ghcr.io once the Wrapping image is available there
build-args: |
dockerRepository=harbor.galasa.dev
baseVersion=latest
6 changes: 6 additions & 0 deletions dockerfiles/dockerfile.wrapping
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
ARG dockerRepository
ARG baseVersion
FROM ${dockerRepository}/galasadev/galasa-base:${baseVersion}

COPY repo/ /usr/local/apache2/htdocs/
COPY wrapping.githash /usr/local/apache2/htdocs/wrapping.githash
2 changes: 1 addition & 1 deletion pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,7 +102,7 @@
<goal>sign</goal>
</goals>
<configuration>
<gpgArguments>
<gpgArguments>
<arg>--pinentry-mode</arg>
<arg>loopback</arg>
</gpgArguments>
Expand Down

0 comments on commit 526f931

Please sign in to comment.