-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1 from MormonJesus69420/main
MLT-0011 Add GitHub actions to the project (#1)
- Loading branch information
Showing
7 changed files
with
497 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
name: Package Project | ||
run-name: ${{ github.actor }} is packaging the project | ||
on: | ||
# This event should allow for manual workflow triggering | ||
workflow_dispatch: | ||
# Run on push to main branch | ||
push: | ||
branches: | ||
- main | ||
# Runs every time a pull request is created or updated | ||
pull_request: | ||
concurrency: | ||
# Define concurrency group name which will then be used to determine duplicate workflow runs | ||
group: ${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }} | ||
cancel-in-progress: true | ||
jobs: | ||
package-project: | ||
runs-on: "ubuntu-latest" | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v4 | ||
- name: Setup Java JDK | ||
uses: actions/setup-java@v4 | ||
with: | ||
distribution: temurin | ||
java-version: 21 | ||
architecture: x64 | ||
# Cache maven dependencies for quicker runs | ||
cache: maven | ||
- name: Package the Project | ||
run: mvn package | ||
- name: Upload an Artifact | ||
uses: actions/upload-artifact@v4 | ||
with: | ||
name: packaged-project | ||
path: target/wls-*.jar | ||
if-no-files-found: error | ||
overwrite: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
name: Test Project | ||
run-name: ${{ github.actor }} is testing the project | ||
on: | ||
# Run on push to main branch | ||
push: | ||
branches: | ||
- main | ||
# Runs every time a pull request is created or updated | ||
pull_request: | ||
concurrency: | ||
# Define concurrency group name which will then be used to determine duplicate workflow runs | ||
group: ${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }} | ||
cancel-in-progress: true | ||
jobs: | ||
test-project: | ||
runs-on: "ubuntu-latest" | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v4 | ||
- name: Setup Java JDK | ||
uses: actions/setup-java@v4 | ||
with: | ||
distribution: temurin | ||
java-version: 21 | ||
architecture: x64 | ||
# Cache maven dependencies for quicker runs | ||
cache: maven | ||
- name: Test the Project | ||
run: mvn verify --fail-at-end | ||
- name: Publish Test Report | ||
uses: scacap/action-surefire-report@v1 | ||
with: | ||
fail_on_test_failures: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,211 @@ | ||
name: Deploy Project | ||
run-name: ${{ github.actor }} is testing the project | ||
|
||
on: | ||
# Run on push to main branch and tags | ||
push: | ||
branches: | ||
- main | ||
tags: | ||
- "v*.*.*" | ||
# Runs every time a pull request is created or updated | ||
pull_request: | ||
|
||
env: | ||
# Run in batch mode, produce errors, use settings file, set local repo | ||
MAVEN_CONFIG: -B -e -s .m2/settings.xml -Dmaven.repo.local=.m2/repository | ||
|
||
concurrency: | ||
# Define concurrency group name which will then be used to determine duplicate workflow runs | ||
group: ${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }} | ||
cancel-in-progress: true | ||
|
||
jobs: | ||
test-project: | ||
name: Build and Test the Project | ||
runs-on: self-hosted-linux | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v4 | ||
|
||
- name: Setup Java JDK | ||
uses: actions/setup-java@v4 | ||
with: | ||
distribution: temurin | ||
java-version: 21 | ||
architecture: x64 | ||
# Cache maven dependencies for quicker runs | ||
cache: maven | ||
|
||
- name: Cache Maven Packages | ||
uses: actions/cache@v4 | ||
with: | ||
path: ~/.m2 | ||
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} | ||
restore-keys: ${{ runner.os }}-m2 | ||
|
||
- name: Import Secrets | ||
uses: hashicorp/vault-action@v3 | ||
with: | ||
url: ${{ secrets.VAULT_URL }} | ||
method: approle | ||
roleId: ${{ secrets.VAULT_ROLE_ID }} | ||
secretId: ${{ secrets.VAULT_SECRET_ID }} | ||
secrets: secret/v1/application/k8s/mlt/proxy * | ||
|
||
- name: Test the Project | ||
run: | | ||
echo ${{ env.HTTP_PROXY_HOST }} | ||
echo ${{ env.HTTP_PROXY_PORT }} | ||
echo ${{ env.HTTPS_PROXY_HOST }} | ||
echo ${{ env.HTTPS_PROXY_PORT }} | ||
envsubst < .m2/settings.xml | ||
mvn ${{ env.MAVEN_CONFIG }} verify --fail-at-end | ||
- name: Publish Test Report | ||
uses: scacap/action-surefire-report@v1 | ||
with: | ||
fail_on_test_failures: true | ||
|
||
- name: Upload the JAR File | ||
uses: actions/upload-artifact@v4 | ||
with: | ||
name: packaged-project | ||
path: target/wls-*.jar | ||
if-no-files-found: error | ||
overwrite: true | ||
|
||
- name: Cache Maven Repository | ||
uses: actions/cache@v4 | ||
with: | ||
path: ~/.m2/repository | ||
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} | ||
restore-keys: ${{ runner.os }}-m2 | ||
|
||
publish-image: | ||
name: Build and Publish the Docker Image | ||
needs: test-project | ||
if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') | ||
runs-on: self-hosted-linux | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v4 | ||
|
||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v3 | ||
with: | ||
driver: docker | ||
|
||
- name: Import Secrets | ||
uses: hashicorp/vault-action@v3 | ||
with: | ||
url: ${{ secrets.VAULT_URL }} | ||
method: approle | ||
roleId: ${{ secrets.VAULT_ROLE_ID }} | ||
secretId: ${{ secrets.VAULT_SECRET_ID }} | ||
secrets: secret/v1/application/k8s/mlt/harbor * | ||
|
||
- name: Log in to Harbor Registry | ||
uses: docker/login-action@v3 | ||
with: | ||
registry: ${{ env.HARBOR_URL }} | ||
username: ${{ env.HARBOR_USERNAME }} | ||
password: ${{ env.HARBOR_PASSWORD }} | ||
|
||
- name: Extract Metadata for Docker | ||
id: meta | ||
uses: docker/metadata-action@v5 | ||
with: | ||
images: mlt/wls # TODO: Figure out what image name will be generated | ||
tags: | | ||
type=semver,pattern={{version}} | ||
type=ref,event=branch | ||
type=ref,event=pr | ||
- name: Download the JAR File | ||
uses: actions/download-artifact@v4 | ||
with: | ||
name: packaged-project | ||
|
||
- name: Build the Docker Image | ||
uses: docker/build-push-action@v5 | ||
with: | ||
push: true | ||
context: . | ||
tags: ${{ steps.meta.outputs.tags }} | ||
labels: ${{ steps.meta.outputs.labels }} | ||
|
||
deploy-to-stage: | ||
name: Deploy to Kubernetes Stage | ||
needs: publish-image | ||
if: github.ref == 'refs/heads/main' | ||
runs-on: self-hosted-linux | ||
environment: stage | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v4 | ||
|
||
- name: Import Secrets | ||
uses: hashicorp/vault-action@v3 | ||
with: | ||
url: ${{ secrets.VAULT_URL }} | ||
method: approle | ||
roleId: ${{ secrets.VAULT_ROLE_ID }} | ||
secretId: ${{ secrets.VAULT_SECRET_ID }} | ||
secrets: secret/v1/application/k8s/mlt/k8s-stage * | ||
|
||
- name: Setup Kubectl | ||
uses: azure/setup-kubectl@v4 # TODO: Check if it needs some more config | ||
|
||
- name: Deploy to Stage | ||
run: | # TODO: Fix this to fit our config and needs, as I've "borrowed" this from Tekst team | ||
echo "Deploying to stage version ${{ env.APP_VERSION }}" | ||
sed -i "s/<version>/${{ env.APP_VERSION }}/g" k8s/stage/wls.yml | ||
sed -i "s/<host_url>/${{ env.K8S_HOST_URL }}/g" k8s/stage/wls.yml | ||
kubectl config set-cluster stagecl --server=${{ env.K8S_STAGE_SERVER }} | ||
kubectl config set clusters.stagecl.certificate-authority-data ${{ env.K8S_STAGE_NB_NO_CA }} | ||
kubectl config set-credentials ${{ env.K8S_STAGE_USER }} --token=${{ env.K8S_STAGE_NB_NO_TOKEN }} | ||
kubectl config set-context mlt --cluster=stagecl --user=${{ env.K8S_STAGE_USER }} --namespace=mlt-stage | ||
kubectl config use-context mlt | ||
kubectl config view | ||
kubectl version | ||
kubectl apply -f k8s/stage/wls.yml | ||
kubectl rollout restart deploy/wls | ||
deploy-to-prod: | ||
name: Deploy to Kubernetes Prod | ||
needs: publish-image | ||
if: startsWith(github.event.ref, 'refs/tags/v') | ||
runs-on: self-hosted-linux | ||
environment: prod | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v4 | ||
|
||
- name: Import Secrets | ||
uses: hashicorp/vault-action@v3 | ||
with: | ||
url: ${{ secrets.VAULT_URL }} | ||
method: approle | ||
roleId: ${{ secrets.VAULT_ROLE_ID }} | ||
secretId: ${{ secrets.VAULT_SECRET_ID }} | ||
secrets: | | ||
secret/v1/application/k8s/mlt/k8s-prod * | ||
- name: Setup Kubectl | ||
uses: azure/setup-kubectl@v4 # TODO: Check if it needs some more config | ||
|
||
- name: Deploy to Prod | ||
run: | # TODO: Fix this to fit our config and needs, as I've "borrowed" this from Tekst team | ||
echo "Deploying to production version ${{ env.APP_VERSION }}" | ||
sed -i "s/<version>/${{ env.APP_VERSION }}/g" k8s/prod/wls.yml | ||
sed -i "s/<host_url>/${{ env.K8S_HOST_URL }}/g" k8s/prod/wls.yml | ||
kubectl config set-cluster prodcl --server=${{ env.K8S_PROD_SERVER }} | ||
kubectl config set clusters.prodcl.certificate-authority-data ${{ env.K8S_PROD_NB_NO_CA }} | ||
kubectl config set-credentials ${{ env.K8S_PROD_USER }} --token=${{ env.K8S_PROD_NB_NO_TOKEN }} | ||
kubectl config set-context mlt --cluster=prodcl --user=${{ env.K8S_PROD_USER }} --namespace=mlt-prod | ||
kubectl config use-context mlt | ||
kubectl config view | ||
kubectl version | ||
kubectl apply -f k8s/prod/wls.yml | ||
kubectl rollout restart deploy/wls |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
<settings xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.1.0 http://maven.apache.org/xsd/settings-1.1.0.xsd" | ||
xmlns="http://maven.apache.org/SETTINGS/1.1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> | ||
<proxies> | ||
<!-- Values are inserted from GitHub Actions pipeline --> | ||
<proxy> | ||
<id>nb-proxy-http</id> | ||
<active>true</active> | ||
<protocol>http</protocol> | ||
<host>${HTTP_PROXY_HOST}</host> | ||
<port>${HTTP_PROXY_PORT}</port> | ||
<nonProxyHosts>localhost|127.0.0.1|docker</nonProxyHosts> | ||
</proxy> | ||
<proxy> | ||
<id>nb-proxy-https</id> | ||
<active>true</active> | ||
<protocol>https</protocol> | ||
<host>${HTTPS_PROXY_HOST}</host> | ||
<port>${HTTPS_PROXY_PORT}</port> | ||
<nonProxyHosts>localhost|127.0.0.1|docker</nonProxyHosts> | ||
</proxy> | ||
</proxies> | ||
</settings> |
Oops, something went wrong.