diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 000000000..30e80ae43 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,102 @@ +name: Build and Deploy + +on: + push: + tags: + - '*' + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + +jobs: + Build-and-push-image: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + attestations: write + id-token: write + services: + redis: + image: redis:latest + options: --entrypoint redis-server + cassandra: + image: cassandra:latest + options: --entrypoint cassandra -p 9042:9042 + + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Restore cache + uses: actions/cache@v2 + with: + path: ~/.m2 + key: maven-dependency-cache-${{ hashFiles('**/pom.xml') }} + + - name: Update apt packages + run: sudo apt update + + - name: Install Redis server + run: sudo apt install redis-server -y + + - name: Build and run test cases + run: mvn clean install -DskipTests + + - name: Save the build artifact + run: mvn -f service/pom.xml play2:dist + + - name: Store build artifact + uses: actions/upload-artifact@v3 + with: + name: lms-service + path: service/target/lms-service-1.0-SNAPSHOT-dist.zip + + - name: Checkout code + uses: actions/checkout@v4 + + - name: Download build artifact + uses: actions/download-artifact@v3 + with: + name: lms-service + path: ./service/target + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + with: + version: latest + + - name: Log in to the Container registry + uses: docker/login-action@v2 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GHCR_LOGIN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + + - name: Build and Push Image + id: push + uses: docker/build-push-action@v5 + with: + context: . + file: ./Dockerfile + platforms: linux/amd64,linux/arm64 + visibility: public + push: true + tags: | + ${{ steps.meta.outputs.tags }} + labels: | + ${{ steps.meta.outputs.labels }} + + - name: Generate artifact attestation + uses: actions/attest-build-provenance@v1 + with: + subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}} + subject-digest: ${{ steps.push.outputs.digest }} + push-to-registry: true \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 2ed616aa5..6282c75a4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,15 +1,21 @@ -FROM sunbird/openjdk-java11-alpine:latest -MAINTAINER "Manojv" "manojv@ilimi.in" -RUN apk update \ - && apk add unzip \ - && apk add curl \ - && adduser -u 1001 -h /home/sunbird/ -D sunbird \ +FROM eclipse-temurin:11-jdk-focal + +# Update package lists and install necessary packages +RUN apt-get update \ + && apt-get install -y unzip curl \ + && adduser --uid 1001 --home /home/sunbird --disabled-password --gecos '' sunbird \ && mkdir -p /home/sunbird/lms -#ENV sunbird_learnerstate_actor_host 52.172.24.203 -#ENV sunbird_learnerstate_actor_port 8088 + +# Change ownership of the /home/sunbird directory RUN chown -R sunbird:sunbird /home/sunbird + +# Switch to the sunbird user USER sunbird + +# Copy the service file and unzip it COPY ./service/target/lms-service-1.0-SNAPSHOT-dist.zip /home/sunbird/lms/ RUN unzip /home/sunbird/lms/lms-service-1.0-SNAPSHOT-dist.zip -d /home/sunbird/lms/ + +# Set the working directory and define the command to run WORKDIR /home/sunbird/lms/ -CMD java -XX:+PrintFlagsFinal $JAVA_OPTIONS -Dplay.server.http.idleTimeout=180s -cp '/home/sunbird/lms/lms-service-1.0-SNAPSHOT/lib/*' -Dlogger.file=/home/sunbird/lms/lms-service-1.0-SNAPSHOT/config/logback.xml play.core.server.ProdServerStart /home/sunbird/lms/lms-service-1.0-SNAPSHOT +CMD java -XX:+PrintFlagsFinal $JAVA_OPTIONS -Dplay.server.http.idleTimeout=180s -cp '/home/sunbird/lms/lms-service-1.0-SNAPSHOT/lib/*' -Dlogger.file=/home/sunbird/lms/lms-service-1.0-SNAPSHOT/config/logback.xml play.core.server.ProdServerStart /home/sunbird/lms/lms-service-1.0-SNAPSHOT