Deploy #249
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Deploy | |
on: | |
workflow_dispatch: | |
push: | |
tags: | |
- "*" | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
cancel-in-progress: true | |
jobs: | |
deployment: | |
permissions: write-all | |
environment: deploy | |
runs-on: ubuntu-latest | |
outputs: | |
version: ${{ steps.versioncheck.outputs.version }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: actions/setup-java@v4 | |
with: | |
java-version: 21 | |
distribution: "temurin" | |
- name: Set up cache | |
uses: actions/cache@v4 | |
with: | |
path: ~/.m2/repository | |
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
restore-keys: | | |
${{ runner.os }}-maven- | |
- name: Determine the version | |
run: echo "version=$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec)" >> $GITHUB_OUTPUT | |
id: versioncheck | |
- name: Exit when workflow_dispatch is triggered, and the version does not contain SNAPSHOT in it's name | |
run: | | |
echo "Only SNAPSHOT releases can be triggered with the workflow_dispatch" | |
exit 1 | |
if: github.event_name == 'workflow_dispatch' && ( !endsWith(steps.versioncheck.outputs.version, '-SNAPSHOT')) | |
- name: Exit when a production build is triggered, and the github tag is not the same as the version in pom.xml | |
run: | | |
echo echo "Project version ${{ steps.versioncheck.outputs.version }} does not match git tag ${{ github.ref_name }}" | |
exit 1 | |
if: github.event_name != 'workflow_dispatch' && steps.versioncheck.outputs.version != github.ref_name | |
- name: Set up JDK 21 for snapshots | |
uses: actions/setup-java@v4 | |
with: | |
java-version: "21" | |
distribution: "temurin" | |
cache: "maven" | |
server-id: openconext-snapshots | |
server-username: MAVEN_USERNAME | |
server-password: MAVEN_PASSWORD | |
if: ( endsWith(steps.versioncheck.outputs.version, '-SNAPSHOT')) | |
- name: Set up JDK 21 for releases | |
uses: actions/setup-java@v4 | |
with: | |
java-version: "21" | |
distribution: "temurin" | |
cache: "maven" | |
server-id: openconext-releases | |
server-username: MAVEN_USERNAME | |
server-password: MAVEN_PASSWORD | |
if: ${{!( endsWith(steps.versioncheck.outputs.version, '-SNAPSHOT')) }} | |
- name: Deploy with Maven | |
run: mvn --batch-mode deploy -DskipTests | |
env: | |
MAVEN_USERNAME: ${{ secrets.BUILD_USERNAME }} | |
MAVEN_PASSWORD: ${{ secrets.BUILD_PASSWORD }} | |
- name: Upload the produced artefacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: invitebuilds | |
path: | | |
client/build/ | |
provisioning-mock/target/*.jar | |
server/target/*.jar | |
welcome/build/ | |
retention-days: 1 | |
- name: Build Changelog | |
id: changelog | |
uses: ardalanamini/auto-changelog@v4 | |
with: | |
default-commit-type: New Features | |
github-token: ${{ github.token }} | |
if: github.event_name != 'workflow_dispatch' | |
- name: Create release | |
uses: actions/create-release@v1 | |
id: create_release | |
with: | |
draft: false | |
prerelease: true | |
release_name: Release ${{ github.ref_name }} | |
tag_name: ${{ github.ref_name }} | |
github-token: ${{ github.token }} | |
body: | | |
${{ steps.changelog.outputs.changelog }} | |
env: | |
GITHUB_TOKEN: ${{ github.token }} | |
if: github.event_name != 'workflow_dispatch' | |
dockerbuild: | |
permissions: write-all | |
runs-on: ubuntu-latest | |
needs: deployment | |
strategy: | |
matrix: | |
include: | |
- image: ghcr.io/openconext/openconext-invite/inviteclient | |
app: client | |
- image: ghcr.io/openconext/openconext-invite/invitewelcome | |
app: welcome | |
- image: ghcr.io/openconext/openconext-invite/inviteprovisioningmock | |
app: provisioning-mock | |
- image: ghcr.io/openconext/openconext-invite/inviteserver | |
app: server | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Download the previous produced artefacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: invitebuilds | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set docker labels and tags | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: ${{ matrix.image }} | |
flavor: | | |
latest=false | |
tags: | | |
type=ref,event=tag | |
type=raw,event=tag,value=latest | |
type=raw,event=workflow_dispatch,value=snapshot | |
type=semver,pattern={{version}},value=${{ needs.deployment.outputs.version }} | |
type=sha | |
- name: Build and push the ${{ matrix.app }} image | |
uses: docker/build-push-action@v5 | |
with: | |
context: ${{ matrix.app }} | |
file: ${{ matrix.app }}/docker/Dockerfile | |
platforms: linux/amd64 | |
push: true | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} |