From e67792d51cd11773a6355888a411dd792cf367d9 Mon Sep 17 00:00:00 2001 From: ds-lcapellino Date: Wed, 16 Oct 2024 10:49:10 +0200 Subject: [PATCH 1/2] feature: split sonar action from pr action --- .github/workflows/pull-request_backend.yml | 23 +++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pull-request_backend.yml b/.github/workflows/pull-request_backend.yml index 0915532be0..789da9d7e2 100644 --- a/.github/workflows/pull-request_backend.yml +++ b/.github/workflows/pull-request_backend.yml @@ -56,8 +56,7 @@ jobs: run: | echo ${{steps.pom-version.outputs.pom_changed}} - - Test-and-Sonar: + Test: permissions: checks: write pull-requests: write @@ -87,6 +86,21 @@ jobs: files: "**/surefire-reports/TEST-*.xml" check_name: "Unit Test Results" + Sonar: + needs: Test + permissions: + checks: write + pull-requests: write + runs-on: ubuntu-latest + if: success() + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-java@v4 + with: + java-version: '${{ env.JAVA_VERSION }}' + distribution: 'temurin' + cache: 'maven' + - name: Clean working directories run: | rm -rf .scannerwork @@ -99,6 +113,9 @@ jobs: key: ${{ runner.os }}-sonar restore-keys: ${{ runner.os }}-sonar + - name: Compile + run: mvn -pl tx-models,tx-backend,tx-coverage -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn -B compile + - name: Verify Sonar Scan env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any @@ -108,7 +125,7 @@ jobs: run: mvn -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn --batch-mode sonar:sonar -Dsonar.coverage.jacoco.xmlReportPaths=${{ github.workspace }}/tx-coverage/target/site/jacoco-aggregate/jacoco.xml -Dsonar.projectKey=${{ vars.SONAR_PROJECT_KEY_BACKEND }} -Dsonar.organization=${{ vars.SONAR_ORGANIZATION }} Publish-docker-image: - # needs: [ "Test-and-Sonar" ] + # needs: [ "Test-and-Sonar" ] runs-on: ubuntu-latest defaults: run: From 03b8c2e997b15189e7a2d7836926b423bd08d723 Mon Sep 17 00:00:00 2001 From: ds-lcapellino Date: Thu, 17 Oct 2024 12:53:19 +0200 Subject: [PATCH 2/2] feature: seperate docker image publishing from PR action --- .github/workflows/publish-docker-image.yaml | 87 +++++++++++++++++++++ .github/workflows/pull-request_backend.yml | 59 -------------- 2 files changed, 87 insertions(+), 59 deletions(-) create mode 100644 .github/workflows/publish-docker-image.yaml diff --git a/.github/workflows/publish-docker-image.yaml b/.github/workflows/publish-docker-image.yaml new file mode 100644 index 0000000000..d47fc9883b --- /dev/null +++ b/.github/workflows/publish-docker-image.yaml @@ -0,0 +1,87 @@ +# Copyright (c) 2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 + +name: "[BE][BUILT] Publish Docker image" + +on: + workflow_dispatch: # Trigger manually + pull_request: + +env: + GHCR_REGISTRY: ghcr.io + JAVA_VERSION: 17 + DOCKER_HUB_REGISTRY_NAMESPACE: tractusx + BACKEND_IMAGE_DOCKER_HUB: traceability-foss + +jobs: + Publish-docker-image: + runs-on: ubuntu-latest + defaults: + run: + working-directory: tx-backend + permissions: + contents: read + packages: write + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - uses: actions/setup-java@v4 + with: + java-version: '${{ env.JAVA_VERSION }}' + distribution: 'temurin' + cache: 'maven' + + - name: Login to GHCR Registry + env: + DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }} + if: env.DOCKER_HUB_USER == '' + uses: docker/login-action@v3 + with: + registry: ${{ env.GHCR_REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build & Push docker image for GHCR ${{ env.GHCR_REGISTRY }}/${{ github.repository }}:${{ github.event.pull_request.head.sha }} + env: + DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }} + if: env.DOCKER_HUB_USER == '' + uses: docker/build-push-action@v6 + with: + context: . + push: true + tags: ${{ env.GHCR_REGISTRY }}/${{ github.repository }}:${{ github.event.pull_request.head.sha }} + + - name: Login to Docker Hub + env: + DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }} + if: env.DOCKER_HUB_USER != '' + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_HUB_USER }} + password: ${{ secrets.DOCKER_HUB_TOKEN }} + + - name: Build & push docker image for Docker Hub ${{ env.DOCKER_HUB_REGISTRY_NAMESPACE }}/${{ env.BACKEND_IMAGE_DOCKER_HUB }}:${{ github.event.pull_request.head.sha }} + env: + DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }} + if: env.DOCKER_HUB_USER != '' + uses: docker/build-push-action@v6 + with: + context: . + push: true + tags: ${{ env.DOCKER_HUB_REGISTRY_NAMESPACE }}/${{ env.BACKEND_IMAGE_DOCKER_HUB }}:${{ github.event.pull_request.head.sha }} diff --git a/.github/workflows/pull-request_backend.yml b/.github/workflows/pull-request_backend.yml index 789da9d7e2..ed4e497adb 100644 --- a/.github/workflows/pull-request_backend.yml +++ b/.github/workflows/pull-request_backend.yml @@ -123,62 +123,3 @@ jobs: SONAR_ORGANIZATION: ${{ vars.SONAR_ORGANIZATION }} SONAR_PROJECT_KEY: ${{ vars.SONAR_PROJECT_KEY_BACKEND }} run: mvn -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn --batch-mode sonar:sonar -Dsonar.coverage.jacoco.xmlReportPaths=${{ github.workspace }}/tx-coverage/target/site/jacoco-aggregate/jacoco.xml -Dsonar.projectKey=${{ vars.SONAR_PROJECT_KEY_BACKEND }} -Dsonar.organization=${{ vars.SONAR_ORGANIZATION }} - - Publish-docker-image: - # needs: [ "Test-and-Sonar" ] - runs-on: ubuntu-latest - defaults: - run: - working-directory: tx-backend - permissions: - contents: read - packages: write - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - uses: actions/setup-java@v4 - with: - java-version: '${{ env.JAVA_VERSION }}' - distribution: 'temurin' - cache: 'maven' - - - name: Login to GHCR Registry - env: - DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }} - if: env.DOCKER_HUB_USER == '' - uses: docker/login-action@v3 - with: - registry: ${{ env.GHCR_REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Build & Push docker image for GHCR ${{ env.GHCR_REGISTRY }}/${{ github.repository }}:${{ github.event.pull_request.head.sha }} - env: - DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }} - if: env.DOCKER_HUB_USER == '' - uses: docker/build-push-action@v6 - with: - context: . - push: true - tags: ${{ env.GHCR_REGISTRY }}/${{ github.repository }}:${{ github.event.pull_request.head.sha }} - - - name: Login to Docker Hub - env: - DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }} - if: env.DOCKER_HUB_USER != '' - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKER_HUB_USER }} - password: ${{ secrets.DOCKER_HUB_TOKEN }} - - - name: Build & push docker image for Docker Hub ${{ env.DOCKER_HUB_REGISTRY_NAMESPACE }}/${{ env.BACKEND_IMAGE_DOCKER_HUB }}:${{ github.event.pull_request.head.sha }} - env: - DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }} - if: env.DOCKER_HUB_USER != '' - uses: docker/build-push-action@v6 - with: - context: . - push: true - tags: ${{ env.DOCKER_HUB_REGISTRY_NAMESPACE }}/${{ env.BACKEND_IMAGE_DOCKER_HUB }}:${{ github.event.pull_request.head.sha }}