Skip to content

Commit

Permalink
Merge pull request #1 from MormonJesus69420/main
Browse files Browse the repository at this point in the history
MLT-0011 Add GitHub actions to the project (#1)
  • Loading branch information
MormonJesus69420 authored May 23, 2024
2 parents c442015 + 44e3d50 commit 30e9952
Show file tree
Hide file tree
Showing 7 changed files with 497 additions and 1 deletion.
38 changes: 38 additions & 0 deletions .github/test-flows/package-project.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
name: Package Project
run-name: ${{ github.actor }} is packaging the project
on:
# This event should allow for manual workflow triggering
workflow_dispatch:
# Run on push to main branch
push:
branches:
- main
# Runs every time a pull request is created or updated
pull_request:
concurrency:
# Define concurrency group name which will then be used to determine duplicate workflow runs
group: ${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}
cancel-in-progress: true
jobs:
package-project:
runs-on: "ubuntu-latest"
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Java JDK
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: 21
architecture: x64
# Cache maven dependencies for quicker runs
cache: maven
- name: Package the Project
run: mvn package
- name: Upload an Artifact
uses: actions/upload-artifact@v4
with:
name: packaged-project
path: target/wls-*.jar
if-no-files-found: error
overwrite: true
33 changes: 33 additions & 0 deletions .github/test-flows/test-project.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
name: Test Project
run-name: ${{ github.actor }} is testing the project
on:
# Run on push to main branch
push:
branches:
- main
# Runs every time a pull request is created or updated
pull_request:
concurrency:
# Define concurrency group name which will then be used to determine duplicate workflow runs
group: ${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}
cancel-in-progress: true
jobs:
test-project:
runs-on: "ubuntu-latest"
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Java JDK
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: 21
architecture: x64
# Cache maven dependencies for quicker runs
cache: maven
- name: Test the Project
run: mvn verify --fail-at-end
- name: Publish Test Report
uses: scacap/action-surefire-report@v1
with:
fail_on_test_failures: true
211 changes: 211 additions & 0 deletions .github/workflows/deploy-project.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,211 @@
name: Deploy Project
run-name: ${{ github.actor }} is testing the project

on:
# Run on push to main branch and tags
push:
branches:
- main
tags:
- "v*.*.*"
# Runs every time a pull request is created or updated
pull_request:

env:
# Run in batch mode, produce errors, use settings file, set local repo
MAVEN_CONFIG: -B -e -s .m2/settings.xml -Dmaven.repo.local=.m2/repository

concurrency:
# Define concurrency group name which will then be used to determine duplicate workflow runs
group: ${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}
cancel-in-progress: true

jobs:
test-project:
name: Build and Test the Project
runs-on: self-hosted-linux
steps:
- name: Checkout
uses: actions/checkout@v4

- name: Setup Java JDK
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: 21
architecture: x64
# Cache maven dependencies for quicker runs
cache: maven

- name: Cache Maven Packages
uses: actions/cache@v4
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2

- name: Import Secrets
uses: hashicorp/vault-action@v3
with:
url: ${{ secrets.VAULT_URL }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
secrets: secret/v1/application/k8s/mlt/proxy *

- name: Test the Project
run: |
echo ${{ env.HTTP_PROXY_HOST }}
echo ${{ env.HTTP_PROXY_PORT }}
echo ${{ env.HTTPS_PROXY_HOST }}
echo ${{ env.HTTPS_PROXY_PORT }}
envsubst < .m2/settings.xml
mvn ${{ env.MAVEN_CONFIG }} verify --fail-at-end
- name: Publish Test Report
uses: scacap/action-surefire-report@v1
with:
fail_on_test_failures: true

- name: Upload the JAR File
uses: actions/upload-artifact@v4
with:
name: packaged-project
path: target/wls-*.jar
if-no-files-found: error
overwrite: true

- name: Cache Maven Repository
uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2

publish-image:
name: Build and Publish the Docker Image
needs: test-project
if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')
runs-on: self-hosted-linux
steps:
- name: Checkout
uses: actions/checkout@v4

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver: docker

- name: Import Secrets
uses: hashicorp/vault-action@v3
with:
url: ${{ secrets.VAULT_URL }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
secrets: secret/v1/application/k8s/mlt/harbor *

- name: Log in to Harbor Registry
uses: docker/login-action@v3
with:
registry: ${{ env.HARBOR_URL }}
username: ${{ env.HARBOR_USERNAME }}
password: ${{ env.HARBOR_PASSWORD }}

- name: Extract Metadata for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: mlt/wls # TODO: Figure out what image name will be generated
tags: |
type=semver,pattern={{version}}
type=ref,event=branch
type=ref,event=pr
- name: Download the JAR File
uses: actions/download-artifact@v4
with:
name: packaged-project

- name: Build the Docker Image
uses: docker/build-push-action@v5
with:
push: true
context: .
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

deploy-to-stage:
name: Deploy to Kubernetes Stage
needs: publish-image
if: github.ref == 'refs/heads/main'
runs-on: self-hosted-linux
environment: stage
steps:
- name: Checkout
uses: actions/checkout@v4

- name: Import Secrets
uses: hashicorp/vault-action@v3
with:
url: ${{ secrets.VAULT_URL }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
secrets: secret/v1/application/k8s/mlt/k8s-stage *

- name: Setup Kubectl
uses: azure/setup-kubectl@v4 # TODO: Check if it needs some more config

- name: Deploy to Stage
run: | # TODO: Fix this to fit our config and needs, as I've "borrowed" this from Tekst team
echo "Deploying to stage version ${{ env.APP_VERSION }}"
sed -i "s/<version>/${{ env.APP_VERSION }}/g" k8s/stage/wls.yml
sed -i "s/<host_url>/${{ env.K8S_HOST_URL }}/g" k8s/stage/wls.yml
kubectl config set-cluster stagecl --server=${{ env.K8S_STAGE_SERVER }}
kubectl config set clusters.stagecl.certificate-authority-data ${{ env.K8S_STAGE_NB_NO_CA }}
kubectl config set-credentials ${{ env.K8S_STAGE_USER }} --token=${{ env.K8S_STAGE_NB_NO_TOKEN }}
kubectl config set-context mlt --cluster=stagecl --user=${{ env.K8S_STAGE_USER }} --namespace=mlt-stage
kubectl config use-context mlt
kubectl config view
kubectl version
kubectl apply -f k8s/stage/wls.yml
kubectl rollout restart deploy/wls
deploy-to-prod:
name: Deploy to Kubernetes Prod
needs: publish-image
if: startsWith(github.event.ref, 'refs/tags/v')
runs-on: self-hosted-linux
environment: prod
steps:
- name: Checkout
uses: actions/checkout@v4

- name: Import Secrets
uses: hashicorp/vault-action@v3
with:
url: ${{ secrets.VAULT_URL }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
secrets: |
secret/v1/application/k8s/mlt/k8s-prod *
- name: Setup Kubectl
uses: azure/setup-kubectl@v4 # TODO: Check if it needs some more config

- name: Deploy to Prod
run: | # TODO: Fix this to fit our config and needs, as I've "borrowed" this from Tekst team
echo "Deploying to production version ${{ env.APP_VERSION }}"
sed -i "s/<version>/${{ env.APP_VERSION }}/g" k8s/prod/wls.yml
sed -i "s/<host_url>/${{ env.K8S_HOST_URL }}/g" k8s/prod/wls.yml
kubectl config set-cluster prodcl --server=${{ env.K8S_PROD_SERVER }}
kubectl config set clusters.prodcl.certificate-authority-data ${{ env.K8S_PROD_NB_NO_CA }}
kubectl config set-credentials ${{ env.K8S_PROD_USER }} --token=${{ env.K8S_PROD_NB_NO_TOKEN }}
kubectl config set-context mlt --cluster=prodcl --user=${{ env.K8S_PROD_USER }} --namespace=mlt-prod
kubectl config use-context mlt
kubectl config view
kubectl version
kubectl apply -f k8s/prod/wls.yml
kubectl rollout restart deploy/wls
22 changes: 22 additions & 0 deletions .m2/settings.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
<settings xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.1.0 http://maven.apache.org/xsd/settings-1.1.0.xsd"
xmlns="http://maven.apache.org/SETTINGS/1.1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<proxies>
<!-- Values are inserted from GitHub Actions pipeline -->
<proxy>
<id>nb-proxy-http</id>
<active>true</active>
<protocol>http</protocol>
<host>${HTTP_PROXY_HOST}</host>
<port>${HTTP_PROXY_PORT}</port>
<nonProxyHosts>localhost|127.0.0.1|docker</nonProxyHosts>
</proxy>
<proxy>
<id>nb-proxy-https</id>
<active>true</active>
<protocol>https</protocol>
<host>${HTTPS_PROXY_HOST}</host>
<port>${HTTPS_PROXY_PORT}</port>
<nonProxyHosts>localhost|127.0.0.1|docker</nonProxyHosts>
</proxy>
</proxies>
</settings>
Loading

0 comments on commit 30e9952

Please sign in to comment.