opencadc · at88mph · Nov 20, 2024 · Nov 13, 2024 · Nov 13, 2024 · Nov 14, 2024
diff --git a/.github/workflows/cd.edge.build.yml b/.github/workflows/cd.edge.build.yml
@@ -0,0 +1,81 @@
+name: "CD: Edge Build"
+
+on:
+  repository_dispatch:
+    types: [edge-build]
+
+env:
+  REGISTRY: images.opencadc.org
+  IMAGE: platform/skaha
+  TAG: edge
+
+jobs:
+  edge-build:
+    if: github.repository == 'opencadc/science-platform'
+    runs-on: ubuntu-latest
+    permissions:
+      attestations: write
+      id-token: write
+    steps:
+      -
+        name: Client Payload
+        id: client-payload
+        run: |
+          echo "Client Payload: ${{ toJson(github.event.client_payload) }}"
+      -
+        name: Checkout
+        uses: actions/checkout@v3
+      -
+        name: Setup Docker Buildx
+        uses: docker/[email protected]
+        with:
+          install: true
+      -
+        name: Perform Container Registry Login
+        uses: docker/[email protected]
+        with:
+          registry: images.opencadc.org
+          username: ${{ secrets.SKAHA_REGISTRY_USERNAME }}
+          password: ${{ secrets.SKAHA_REGISTRY_TOKEN }}
+      -
+        name: Build and Push Docker Image
+        id: build
+        uses: docker/[email protected]
+        with:
+          context: skaha/
+          target: production
+          file: skaha/Dockerfile
+          platforms: linux/amd64
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          provenance: mode=max
+          sbom: true
+          push: true
+          tags: ${{ env.REGISTRY }}/${{ env.IMAGE }}:${{ env.TAG }}
+          labels: |
+            org.opencontainers.image.title=Science Platform
+            org.opencontainers.image.licenses=AGPL-3.0
+            org.opencontainers.image.url=https://github.com/opencadc/science-platform
+      -
+        # See https://github.com/marketplace/actions/attest-build-provenance#container-image
+        # for more information on the attest-build-provenance action
+        name: Attest Container Image
+        id: attest
+        uses: actions/[email protected]
+        with:
+          subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE }}
+          subject-digest: ${{ steps.build.outputs.digest }}
+          # push-to-registry: true
+          show-summary: true
+      -
+        name: Install Cosign
+        id: install-cosign
+        uses: sigstore/[email protected]
+        with:
+          cosign-release: 'v2.4.1'
+      -
+        name: Cosign Container Image
+        id: cosign
+        run: |
+          cosign version
+          cosign sign --yes ${{ env.REGISTRY }}/${{ env.IMAGE }}:${{ env.TAG }} --upload
diff --git a/.github/workflows/cd.release.build.yml b/.github/workflows/cd.release.build.yml
@@ -0,0 +1,89 @@
+name: "CD: Release Build"
+
+on:
+  repository_dispatch:
+    types: [release-build]
+
+env:
+  REGISTRY: images.opencadc.org
+  IMAGE: platform/skaha
+  TAG: latest
+  TAG_RELEASE: ${{ github.event.client_payload.tag_name }}
+
+jobs:
+  release-build:
+    if: github.repository == 'opencadc/science-platform'
+    runs-on: ubuntu-latest
+    permissions:
+      attestations: write
+      id-token: write
+    steps:
+      -
+        name: Client Payload
+        id: client-payload
+        run: |
+          echo "Client Payload: ${{ toJson(github.event.client_payload) }}"
+      -
+        name: Checkout
+        uses: actions/checkout@v3
+      -
+        name: Setup Docker Buildx
+        uses: docker/[email protected]
+        with:
+          install: true
+      -
+        name: Perform Container Registry Login
+        uses: docker/[email protected]
+        with:
+          registry: images.opencadc.org
+          username: ${{ secrets.SKAHA_REGISTRY_USERNAME }}
+          password: ${{ secrets.SKAHA_REGISTRY_TOKEN }}
+      -
+        name: Build and Push Docker Image
+        id: build
+        uses: docker/[email protected]
+        with:
+          context: skaha/
+          target: production
+          file: skaha/Dockerfile
+          platforms: linux/amd64
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          provenance: mode=max
+          sbom: true
+          push: true
+          tags: |
+            ${{ env.REGISTRY }}/${{ env.IMAGE }}:${{ env.TAG }}
+            ${{ env.REGISTRY }}/${{ env.IMAGE }}:${{ env.TAG_RELEASE }}
+          labels: |
+            org.opencontainers.image.title=skaha
+            org.opencontainers.image.version=${{ env.TAG_RELEASE }}
+            org.opencontainers.image.description="Science Platform Backend"
+            org.opencontainers.image.licenses=AGPL-3.0
+            org.opencontainers.image.url=https://github.com/opencadc/science-platform
+      -
+        # See https://github.com/marketplace/actions/attest-build-provenance#container-image
+        # for more information on the attest-build-provenance action
+        name: Attest Container Image
+        id: attest
+        uses: actions/[email protected]
+        with:
+          subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE }}
+          subject-digest: ${{ steps.build.outputs.digest }}
+          # Currently not pushing attestations to Harbor Registry
+          # push-to-registry: true
+          show-summary: true
+      -
+        name: Install Cosign
+        id: install-cosign
+        uses: sigstore/[email protected]
+        with:
+          cosign-release: 'v2.4.1'
+      -
+        name: Cosign Container Image
+        id: cosign
+        run: |
+          cosign version
+          cosign sign --yes ${{ env.REGISTRY }}/${{ env.IMAGE }}:${{ env.TAG }} --upload
+          cosign sign --yes ${{ env.REGISTRY }}/${{ env.IMAGE }}:${{ env.TAG_RELEASE }} --upload
+          cosign sign --yes ${{ env.REGISTRY }}/${{ env.IMAGE }}:${{ steps.build.outputs.digest }} --upload
diff --git a/.github/workflows/cd.release.yml b/.github/workflows/cd.release.yml
@@ -0,0 +1,56 @@
+# Release Please Actions
+name: "CD: Release Please"
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  release-please:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+    if: github.repository == 'opencadc/science-platform'
+    steps:
+      -
+        name: Create release
+        id: release-please
+        uses: googleapis/[email protected]
+        with:
+          config-file: release-please-config.json
+          manifest-file: .release-please-manifest.json
+      -
+        name: Dispatch Edge Build
+        # Run this step only if the release-please completes successfully
+        if: steps.release-please.outcome == 'success'
+        uses: peter-evans/[email protected]
+        with:
+          repository: opencadc/science-platform
+          event-type: edge-build
+          token: ${{ secrets.GITHUB_TOKEN }}
+          client-payload: |-
+            {
+              "releases_created": "${{ steps.release-please.outputs.releases_created }}",
+              "tag_name": "${{ steps.release-please.outputs.tag_name }}",
+              "sha": "${{ steps.release-please.outputs.sha }}"
+            }
+      -
+        name: Dispatch Release Build
+        # Run this step only if the release-please completes successfully
+        if: ${{ steps.release-please.outputs.release_created }}
+        uses: peter-evans/[email protected]
+        with:
+          repository: opencadc/science-platform
+          event-type: release-build
+          token: ${{ secrets.GITHUB_TOKEN }}
+          client-payload: |-
+            {
+              "releases_created": "${{ steps.release-please.outputs.releases_created }}",
+              "tag_name": "${{ steps.release-please.outputs.tag_name }}",
+              "sha": "${{ steps.release-please.outputs.sha }}"
+            }
diff --git a/.github/workflows/ci.linting.yml b/.github/workflows/ci.linting.yml
@@ -27,4 +27,3 @@ jobs:
         run: |
             cd skaha
             ./gradlew clean spotlessCheck
-
diff --git a/.github/workflows/ci.testing.yml b/.github/workflows/ci.testing.yml
@@ -34,14 +34,14 @@ jobs:
           if-no-files-found: error
           retention-days: 1
           overwrite: true
-  
+
   codecov:
     runs-on: ubuntu-latest
     needs: tests
     permissions:
       id-token: write
     steps:
-      - 
+      -
         name: Download coverage artifacts
         uses: actions/[email protected]
         with:
@@ -60,4 +60,4 @@ jobs:
           flags: skaha-unittests-coverage
           name: skaha-unittests-coverage
           fail_ci_if_error: true
-          verbose: true
+          verbose: true
diff --git a/.gitignore b/.gitignore
@@ -1,6 +1,6 @@
 /**/dependencies
 /**/.idea
-/**/.gradle 
+/**/.gradle
 /**/build
 /**/bin
 .vscode
@@ -10,4 +10,4 @@
 *_key
 *.crt
 deployment/helm/skaha/token-tool-secret/skaha-private.pem
-deployment/helm/skaha/token-tool-secret/skaha-public.pem
+deployment/helm/skaha/token-tool-secret/skaha-public.pem
diff --git a/.release-please-manifest.json b/.release-please-manifest.json
@@ -0,0 +1,3 @@
+{
+  "skaha": "0.23.1"
+}
diff --git a/release-please-config.json b/release-please-config.json
@@ -0,0 +1,25 @@
+{
+  "packages": {
+    "skaha": {
+      "path": "skaha",
+      "package-name": "skaha",
+      "changelog-path": "CHANGELOG.md",
+      "release-type": "simple",
+      "bump-minor-pre-major": false,
+      "bump-patch-for-minor-pre-major": false,
+      "draft": false,
+      "prerelease": false,
+      "extra-files": [
+        {
+          "type": "generic",
+          "path": "gradle.properties"
+        },
+        {
+          "type": "generic",
+          "path": "version.yaml"
+        }
+      ]
+    }
+  },
+  "$schema": "https://raw.githubusercontent.com/googleapis/release-please/main/schemas/config.json"
+}
diff --git a/skaha/Dockerfile b/skaha/Dockerfile
@@ -1,12 +1,23 @@
-FROM images.opencadc.org/library/cadc-tomcat:1
+FROM eclipse-temurin:11-alpine AS base
 
-RUN dnf -y install dnf-plugins-core \
-    && dnf -y config-manager --add-repo https://download.docker.com/linux/fedora/docker-ce.repo \
-    && dnf -y install acl attr containerd.io docker-ce docker-ce-cli kubernetes-client which \
-    && dnf -y clean all
+FROM base AS builder
+COPY . /skaha
+WORKDIR /skaha
+RUN ./gradlew clean spotlessCheck build --no-daemon
 
-RUN kubectl version --client
+FROM images.opencadc.org/library/cadc-tomcat:1.3 AS production
 
-COPY build/libs/skaha.war /usr/share/tomcat/webapps/
+RUN set -eux \
+    && dnf install --nodocs --assumeyes --setopt=install_weak_deps=False dnf-plugins-core-4.9.0-1.fc40 \  
+    && dnf -y config-manager --add-repo https://download.docker.com/linux/fedora/docker-ce.repo \
+    && dnf -y install --nodocs --assumeyes --setopt=install_weak_deps=False \
+        acl-2.3.2-1.fc40 attr-2.5.2-3.fc40 \
+        containerd.io-1.7.22-3.1.fc40 \
+        docker-ce-3:27.3.1-1.fc40 \
+        docker-ce-cli-1:27.3.1-1.fc40 \
+        kubernetes-client-1.29.9-2.fc40 \
+    # Clean up dnf cache and other unneeded files to reduce image size
+    && dnf clean all
 
-COPY src/scripts/* /usr/local/bin/
+COPY --from=builder /skaha/build/libs/skaha.war /usr/share/tomcat/webapps/
+COPY --from=builder /skaha/src/scripts/* /usr/local/bin/
diff --git a/skaha/build.gradle b/skaha/build.gradle
@@ -4,6 +4,7 @@ plugins {
     id 'com.diffplug.spotless' version '6.25.0'
     id 'java'
     id 'jacoco'
+    id 'org.jetbrains.dokka' version '1.6.0'
 }
 
 repositories {
@@ -54,6 +55,7 @@ dependencies {
     testImplementation 'junit:junit:[4.13,)'
     testImplementation 'org.json:json:20231013'
     testImplementation 'org.mockito:mockito-core:5.12.0'
+
 }
 
 spotless {
@@ -77,12 +79,43 @@ spotless {
     endWithNewline()
   }
 }
+check.dependsOn spotlessCheck
 
+// Create Java Code Coverage Reports
 jacocoTestReport {
     reports {
         xml.enabled true
         html.enabled true
     }
 }
-
 check.dependsOn jacocoTestReport
+
+// Create JavaDoc
+javadoc {
+    destinationDir = file("${buildDir}/docs/javadoc")
+}
+
+// Create Java Documentation using Dokka for Github Markdown and HTML
+tasks.dokkaGfm.configure {
+    outputDirectory.set(file("${buildDir}/docs/dokka/gfm"))
+    dokkaSourceSets {
+        register("main") {
+            sourceRoots.from(file("src/main/java"))
+        }
+    }
+}
+tasks.dokkaHtml.configure {
+    outputDirectory.set(file("${buildDir}/docs/dokka/html"))
+    dokkaSourceSets {
+        register("main") {
+            sourceRoots.from(file("src/main/java"))
+        }
+      configureEach {
+        jdkVersion.set(11)
+        sourceLink {
+        localDirectory.set(file("src/main/java"))
+        remoteUrl.set("https://github.com/opencadc/science-platform/tree/main/skaha/src/main/java")
+      }
+      }
+    }
+}
Original file line number	Diff line number	Diff line change
Expand Up		@@ -27,4 +27,3 @@ jobs:
		run: \|
		cd skaha
		./gradlew clean spotlessCheck