Skip to content

Commit

Permalink
Docker: Add :latest tag to production builds and :snapshot for snapshots
Browse files Browse the repository at this point in the history
  • Loading branch information
quartje committed Apr 3, 2024
1 parent 55268a5 commit fea69d3
Showing 1 changed file with 85 additions and 84 deletions.
169 changes: 85 additions & 84 deletions .github/workflows/deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@ on:
tags:
- "*"
workflow_dispatch:


jobs:
deployment:
Expand All @@ -15,97 +14,99 @@ jobs:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v4

- name: Set up JDK 11
uses: actions/setup-java@v4
with:
java-version: 11
distribution: "temurin"
server-id: openconext-releases
server-username: MAVEN_USERNAME
server-password: MAVEN_PASSWORD
- name: Set up JDK 11
uses: actions/setup-java@v4
with:
java-version: 11
distribution: "temurin"
server-id: openconext-releases
server-username: MAVEN_USERNAME
server-password: MAVEN_PASSWORD

- name: Set up cache
uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Set up cache
uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Determine the version
run: echo ::set-output name=version::$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec)
id: versioncheck
- name: Determine the version
run: echo ::set-output name=version::$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec)
id: versioncheck

- name: Exit when workflow_dispatch is triggered, and the version does not contain SNAPSHOT in it's name
run: |
echo "Only SNAPSHOT releases can be triggered with the workflow_dispatch"
exit 1
if: github.event_name == 'workflow_dispatch' && ( !endsWith(steps.versioncheck.outputs.version, '-SNAPSHOT'))
- name: Exit when workflow_dispatch is triggered, and the version does not contain SNAPSHOT in it's name
run: |
echo "Only SNAPSHOT releases can be triggered with the workflow_dispatch"
exit 1
if: github.event_name == 'workflow_dispatch' && ( !endsWith(steps.versioncheck.outputs.version, '-SNAPSHOT'))

- name: Exit when a production build is triggered, and the github tag is not the same as the version in pom.xml
run: |
echo "Project version ${{ steps.versioncheck.outputs.version }} does not match git tag ${{ github.ref_name }}"
exit 1
if: github.event_name != 'workflow_dispatch' && steps.versioncheck.outputs.version != github.ref_name
- name: Exit when a production build is triggered, and the github tag is not the same as the version in pom.xml
run: |
echo "Project version ${{ steps.versioncheck.outputs.version }} does not match git tag ${{ github.ref_name }}"
exit 1
if: github.event_name != 'workflow_dispatch' && steps.versioncheck.outputs.version != github.ref_name

- name: Set up JDK 11 for snapshots
uses: actions/setup-java@v4
with:
java-version: "11"
distribution: "temurin"
cache: "maven"
server-id: openconext-snapshots
server-username: MAVEN_USERNAME
server-password: MAVEN_PASSWORD
if: ( endsWith(steps.versioncheck.outputs.version, '-SNAPSHOT'))
- name: Set up JDK 11 for snapshots
uses: actions/setup-java@v4
with:
java-version: "11"
distribution: "temurin"
cache: "maven"
server-id: openconext-snapshots
server-username: MAVEN_USERNAME
server-password: MAVEN_PASSWORD
if: ( endsWith(steps.versioncheck.outputs.version, '-SNAPSHOT'))

- name: Set up JDK 11 for releases
uses: actions/setup-java@v4
with:
java-version: "11"
distribution: "temurin"
cache: "maven"
server-id: openconext-releases
server-username: MAVEN_USERNAME
server-password: MAVEN_PASSWORD
if: ${{!( endsWith(steps.versioncheck.outputs.version, '-SNAPSHOT')) }}

- name: Deploy with Maven
run: mvn --batch-mode deploy -DskipTests
env:
MAVEN_USERNAME: ${{ secrets.BUILD_USERNAME }}
MAVEN_PASSWORD: ${{ secrets.BUILD_PASSWORD }}
- name: Set up JDK 11 for releases
uses: actions/setup-java@v4
with:
java-version: "11"
distribution: "temurin"
cache: "maven"
server-id: openconext-releases
server-username: MAVEN_USERNAME
server-password: MAVEN_PASSWORD
if: ${{!( endsWith(steps.versioncheck.outputs.version, '-SNAPSHOT')) }}

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Deploy with Maven
run: mvn --batch-mode deploy -DskipTests
env:
MAVEN_USERNAME: ${{ secrets.BUILD_USERNAME }}
MAVEN_PASSWORD: ${{ secrets.BUILD_PASSWORD }}

- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/openconext/openconext-oidcng/oidcng
flavor: |
latest=false
tags: |
type=ref,event=tag
type=semver,pattern={{version}},value=${{ steps.versioncheck.outputs.version }}
type=sha
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Build and push the oidcng-server
uses: docker/build-push-action@v5
with:
context: .
file: docker/Dockerfile
platforms: linux/amd64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/openconext/openconext-oidcng/oidcng
flavor: |
latest=false
tags: |
type=ref,event=tag
type=raw,event=tag,value=latest
type=raw,event=workflow_dispatch,value=snapshot
type=semver,pattern={{version}},value=${{ steps.versioncheck.outputs.version }}
type=sha
- name: Build and push the oidcng-server
uses: docker/build-push-action@v5
with:
context: .
file: docker/Dockerfile
platforms: linux/amd64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

0 comments on commit fea69d3

Please sign in to comment.