From f2d96e291a9a39c7530cea80b6a467aa99964b16 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?T=C3=B5nis=20Ojandu?= <86777631+tonisojandu-sympower@users.noreply.github.com> Date: Mon, 23 Oct 2023 15:07:12 +0300 Subject: [PATCH] TECH-1140 Split workflow into Composite Actions (#48) --- .../build-and-upload-docker-image/action.yml | 16 + .github/actions/code-analysis/action.yml | 18 + .github/actions/deploy-staging/action.yml | 75 ++++ .github/actions/format-version/action.yml | 30 ++ .github/actions/run-tests/action.yml | 92 +++++ .../setup-build-environment/action.yml | 73 ++++ .../actions/upload-build-artifacts/action.yml | 27 ++ .github/actions/upload-pacts/action.yml | 26 ++ .github/actions/upload-schema/action.yml | 59 ++++ .github/workflows/release-for-testing.yml | 144 ++------ .github/workflows/release-new-version.yml | 329 +++--------------- .github/workflows/run-tests.yml | 2 +- 12 files changed, 488 insertions(+), 403 deletions(-) create mode 100644 .github/actions/build-and-upload-docker-image/action.yml create mode 100644 .github/actions/code-analysis/action.yml create mode 100644 .github/actions/deploy-staging/action.yml create mode 100644 .github/actions/format-version/action.yml create mode 100644 .github/actions/run-tests/action.yml create mode 100644 .github/actions/setup-build-environment/action.yml create mode 100644 .github/actions/upload-build-artifacts/action.yml create mode 100644 .github/actions/upload-pacts/action.yml create mode 100644 .github/actions/upload-schema/action.yml diff --git a/.github/actions/build-and-upload-docker-image/action.yml b/.github/actions/build-and-upload-docker-image/action.yml new file mode 100644 index 0000000..0904b89 --- /dev/null +++ b/.github/actions/build-and-upload-docker-image/action.yml @@ -0,0 +1,16 @@ +name: 'Build and upload Docker Image' +description: 'Build and upload Docker Image to ECR' +inputs: + version: + description: 'Version number of the image released to ECR' + required: true +runs: + using: "composite" + steps: + - name: Build Docker Image + shell: bash + run: | + set -ue ; + ./gradlew jib --parallel --continue --stacktrace \ + -Ptag=${{ inputs.version }} \ + -Djib.from.platforms=linux/amd64,linux/arm64 \ No newline at end of file diff --git a/.github/actions/code-analysis/action.yml b/.github/actions/code-analysis/action.yml new file mode 100644 index 0000000..5915ed4 --- /dev/null +++ b/.github/actions/code-analysis/action.yml @@ -0,0 +1,18 @@ +name: 'Code analysis' +description: 'Run code analysis' +inputs: + secrets: + description: 'Secrets required for the build' + required: true + default: '{}' +runs: + using: "composite" + steps: + - name: Sonar analysis + shell: bash + env: + GITHUB_TOKEN: ${{ fromJSON(inputs.secrets).GIT_TOKEN }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ fromJSON(inputs.secrets).SONAR_TOKEN }} + run: | + set -ue ; + ./gradlew sonar -x test -x behaviourTest -x integrationTest -x jacocoTestReport --parallel --continue --stacktrace \ No newline at end of file diff --git a/.github/actions/deploy-staging/action.yml b/.github/actions/deploy-staging/action.yml new file mode 100644 index 0000000..1bc42c0 --- /dev/null +++ b/.github/actions/deploy-staging/action.yml @@ -0,0 +1,75 @@ +name: 'Deploy to staging' +description: 'Upgrade the staging environment with the latest docker image' +inputs: + secrets: + description: 'Secrets required for the build' + required: true + default: '{}' + version: + description: 'Version number of the image released to ECR' + required: true + default-name: + description: 'Default service and component name to use when not specified in the auto-deployment file' + required: true +runs: + using: "composite" + steps: + - uses: tibdex/github-app-token@v2 + id: generate-token + with: + app_id: ${{ fromJSON(inputs.secrets).AUTODEPLOYER_ID }} + private_key: ${{ fromJSON(inputs.secrets).AUTODEPLOYER_KEY }} + + - name: Trigger deployments + shell: bash + env: + DEPLOYER_TOKEN: ${{ steps.generate-token.outputs.token }} + run: | + set -ue + + IMAGE_NAME='${{ inputs.repository-name }}' + VERSION='${{ inputs.version }}' + + for env in $( ls auto-deploy/*.env.json ) ; do + + ENVIRONMENT=$( jq -r '.environment' "$env" ) + COMPONENT=$( jq -r '.component' "$env" ) + SERVICE=$( jq -r '.service' "$env" ) + + if [ -z "$ENVIRONMENT" ] || [ "$ENVIRONMENT" = "null" ] ; then + echo "ERROR: Missing environment in $env" + exit 1 + fi + + if [ -z "$COMPONENT" ] || [ "$COMPONENT" = "null" ] ; then + COMPONENT="$REPOSITORY_NAME" + fi + + if [ -z "$SERVICE" ]|| [ "$SERVICE" = "null" ] ; then + SERVICE="$REPOSITORY_NAME" + fi + + DISPATCH_EVENT="$REPOSITORY_NAME calls update version to $VERSION for $COMPONENT/$SERVICE in $ENVIRONMENT" + + BODY='{ + "event_type": "update_version_event", + "client_payload": { + "dispatch_event": "'"$DISPATCH_EVENT"'", + "environment": "'"$ENVIRONMENT"'", + "component": "'"$COMPONENT"'", + "service": "'"$SERVICE"'", + "version": "'"$VERSION"'" + } + }' + + echo "$DISPATCH_EVENT" + + curl -H "Accept: application/vnd.github.everest-preview+json" \ + -H "Authorization: token ${DEPLOYER_TOKEN}" \ + --request POST \ + --data "${BODY}" \ + https://api.github.com/repos/sympower/environments/dispatches + + echo "Done: $DISPATCH_EVENT" + + done \ No newline at end of file diff --git a/.github/actions/format-version/action.yml b/.github/actions/format-version/action.yml new file mode 100644 index 0000000..fce6c95 --- /dev/null +++ b/.github/actions/format-version/action.yml @@ -0,0 +1,30 @@ +name: 'Format version' +description: 'Format version' +inputs: + style-as-release: + description: "true/false flag to format version in release style (yyyy.MM.dd.hh.mm-hash) or as branch reference" + required: true +outputs: + version: + description: Version number of the image released to ECR + value: ${{ steps.format-version.outputs.version }} +runs: + using: "composite" + steps: + - id: format-version + name: "Format version" + shell: bash + run: | + set -eu + + IS_RELEASE_STYLE='${{ inputs.style-as-release }}' + + if [ "$IS_RELEASE_STYLE" = "true" ] ; then + currentDate=$(date +"%Y.%m.%d.%H.%M") ; + tag=$(echo $GITHUB_SHA | cut -c 1-7) ; + echo "version=$(echo $currentDate-$tag)" >> $GITHUB_OUTPUT ; + else + REF_NAME=${GITHUB_HEAD_REF:-${GITHUB_REF_NAME}} + tag=$(echo ${REF_NAME} | cut -c 1-20 | tr / -) ; + echo "version=$(echo $tag)" >> $GITHUB_OUTPUT ; + fi \ No newline at end of file diff --git a/.github/actions/run-tests/action.yml b/.github/actions/run-tests/action.yml new file mode 100644 index 0000000..7e2e9d6 --- /dev/null +++ b/.github/actions/run-tests/action.yml @@ -0,0 +1,92 @@ +name: 'Run Tests' +description: 'Run tests, behaviour tests and integration tests' +runs: + using: "composite" + steps: + - name: Run unit tests + shell: bash + run: ./gradlew test --parallel --continue --stacktrace + + - name: Check test XML files exist + id: search-test-results + shell: bash + run: | + if find . | grep test-results/test | grep -q xml$ ; then + echo "TEST_RESULTS_EXIST=true" >> "$GITHUB_ENV" + else + echo "TEST_RESULTS_EXIST=false" >> "$GITHUB_ENV" + fi + + - name: Unit test report + if: env.TEST_RESULTS_EXIST + uses: phoenix-actions/test-reporting@v12 + continue-on-error: true + env: + NODE_OPTIONS: --max-old-space-size=4096 + with: + name: Unit test results + path: '**/test-results/test/*.xml' + reporter: java-junit + fail-on-error: false + output-to: step-summary + + + + - name: Run behaviour tests + shell: bash + run: ./gradlew behaviourTest --parallel --continue --stacktrace + + - name: Check behaviourTest XML files exist + id: search-behaviourTest-results + shell: bash + run: | + if find . | grep test-results/behaviourTest | grep -q xml$ ; then + echo "BEHAVIOUR_TEST_RESULTS_EXIST=true" >> "$GITHUB_ENV" + else + echo "BEHAVIOUR_TEST_RESULTS_EXIST=false" >> "$GITHUB_ENV" + fi + + - name: Behaviour test report + if: env.BEHAVIOUR_TEST_RESULTS_EXIST + uses: phoenix-actions/test-reporting@v12 + continue-on-error: true + env: + NODE_OPTIONS: --max-old-space-size=4096 + with: + name: Behaviour test results + path: '**/test-results/behaviourTest/*.xml' + reporter: java-junit + fail-on-error: false + output-to: step-summary + + + - name: Run integration tests + shell: bash + run: ./gradlew integrationTest --parallel --continue --stacktrace + + - name: Check integrationTest XML files exist + id: search-integrationTest-results + shell: bash + run: | + if find . | grep test-results/integrationTest | grep -q xml$ ; then + echo "INTEGRATION_TEST_RESULTS_EXIST=true" >> "$GITHUB_ENV" + else + echo "INTEGRATION_TEST_RESULTS_EXIST=false" >> "$GITHUB_ENV" + fi + + - name: Integration test report + if: env.INTEGRATION_TEST_RESULTS_EXIST + uses: phoenix-actions/test-reporting@v12 + continue-on-error: true + env: + NODE_OPTIONS: --max-old-space-size=4096 + with: + name: Integration test results + path: '**/test-results/integrationTest/*.xml' + reporter: java-junit + fail-on-error: false + output-to: step-summary + + - name: Create test reports + shell: bash + run: ./gradlew testCodeCoverageReport behaviourTestCodeCoverageReport integrationTestCodeCoverageReport jacocoTestReport -x test -x behaviourTest -x integrationTest --parallel --continue --stacktrace diff --git a/.github/actions/setup-build-environment/action.yml b/.github/actions/setup-build-environment/action.yml new file mode 100644 index 0000000..f731660 --- /dev/null +++ b/.github/actions/setup-build-environment/action.yml @@ -0,0 +1,73 @@ +name: 'Setup Build Environment' +description: 'Setup OpenJDK, Checkout, Login to AWS ECR' +inputs: + secrets: + description: 'Secrets required for the build' + required: true + default: '{}' +runs: + using: "composite" + steps: + - uses: actions/checkout@v4 + with: + # Disabling shallow clone is recommended for improving relevancy of reporting + fetch-depth: 0 + + - name: Setup Gradle + uses: gradle/gradle-build-action@v2 + with: + gradle-home-cache-cleanup: true + + - name: Cache SonarCloud packages + uses: actions/cache@v3 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + + - name: Set up JDK 17 + uses: actions/setup-java@v3 + with: + java-version: '17' + distribution: 'temurin' + + - id: set-environment + name: Set environment + shell: bash + run: | + set -ue ; + + mkdir -p ~/.gradle + CONF_FILE=~/.gradle/gradle.properties + + echo '# Gradle configuration' > "$CONF_FILE" + + echo 'sympowerMavenRepoPublicUrl=${{ fromJSON(inputs.secrets).MAVEN_REPO_PUBLIC_URL }}' >> "$CONF_FILE" + echo 'sympowerMavenRepoSnapshotsUrl=${{ fromJSON(inputs.secrets).MAVEN_REPO_SNAPSHOTS_URL }}' >> "$CONF_FILE" + echo 'sympowerMavenRepoReleasesUrl=${{ fromJSON(inputs.secrets).MAVEN_REPO_RELEASES_URL }}' >> "$CONF_FILE" + + echo 'sympowerMavenRepoUsername=${{ fromJSON(inputs.secrets).MAVEN_REPO_USER }}' >> "$CONF_FILE" + echo 'sympowerMavenRepoPassword=${{ fromJSON(inputs.secrets).MAVEN_REPO_PASS }}' >> "$CONF_FILE" + + echo 'pactbroker.url=${{ fromJSON(inputs.secrets).PACT_BROKER_BASE_URL }}' >> "$CONF_FILE" + echo 'pactbroker.auth.username=${{ fromJSON(inputs.secrets).PACT_BROKER_USERNAME }}' >> "$CONF_FILE" + echo 'pactbroker.auth.password=${{ fromJSON(inputs.secrets).PACT_BROKER_PASSWORD }}' >> "$CONF_FILE" + + echo 'registryHost=${{ fromJSON(inputs.secrets).DOCKER_REGISTRY_HOST }}' >> "$CONF_FILE" + + ## Configure environment variables + echo "REPOSITORY_NAME=$(echo '${{ github.repository }}' | awk -F '/' '{print $2}')" >> $GITHUB_ENV + echo PACT_BROKER_BASE_URL=${{ fromJSON(inputs.secrets).PACT_BROKER_BASE_URL }} >> $GITHUB_ENV + echo PACT_BROKER_USERNAME=${{ fromJSON(inputs.secrets).PACT_BROKER_USERNAME }} >> $GITHUB_ENV + echo PACT_BROKER_PASSWORD=${{ fromJSON(inputs.secrets).PACT_BROKER_PASSWORD }} >> $GITHUB_ENV + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ fromJSON(inputs.secrets).AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ fromJSON(inputs.secrets).AWS_SECRET_ACCESS_KEY }} + aws-region: 'eu-central-1' + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v2 \ No newline at end of file diff --git a/.github/actions/upload-build-artifacts/action.yml b/.github/actions/upload-build-artifacts/action.yml new file mode 100644 index 0000000..61ccabe --- /dev/null +++ b/.github/actions/upload-build-artifacts/action.yml @@ -0,0 +1,27 @@ +name: 'Upload Artifacts' +description: 'Zip and upload build artifacts' +runs: + using: "composite" + steps: + - name: Zip artifacts + shell: bash + if: always() + run: | + set -ue ; + found_files=$(find . -type f -path "*/build/reports/*" -print) + + if [ -n "$found_files" ]; then + echo "Directory exists, running zip command..." + echo "$found_files" | xargs zip -r reports.zip + else + echo "Directory does not exist, skipping zip command." + fi + + - name: Upload build results + if: always() + uses: actions/upload-artifact@v3 + with: + name: results + retention-days: 1 + path: | + reports.zip \ No newline at end of file diff --git a/.github/actions/upload-pacts/action.yml b/.github/actions/upload-pacts/action.yml new file mode 100644 index 0000000..0f51cf8 --- /dev/null +++ b/.github/actions/upload-pacts/action.yml @@ -0,0 +1,26 @@ +name: 'Upload Pacts' +description: 'Upload pacts to the pact broker' +inputs: + version: + description: 'Version pact to be uploaded' + required: true +runs: + using: "composite" + steps: + - name: Upload Pacts + shell: bash + run: | + set -ue ; + for PACT_DIR in $( find . | grep build/pacts$ | sed 's/^.\///' ) ; do + echo "Uploading pacts in: ${PACT_DIR}" + docker run --rm \ + -w ${PWD} \ + -v ${PWD}:${PWD} \ + -e PACT_BROKER_BASE_URL \ + -e PACT_BROKER_USERNAME \ + -e PACT_BROKER_PASSWORD \ + pactfoundation/pact-cli:0.50.0.27 \ + publish \ + ${PWD}/${PACT_DIR} \ + --consumer-app-version "${{ inputs.version }}" + done \ No newline at end of file diff --git a/.github/actions/upload-schema/action.yml b/.github/actions/upload-schema/action.yml new file mode 100644 index 0000000..b4ad950 --- /dev/null +++ b/.github/actions/upload-schema/action.yml @@ -0,0 +1,59 @@ +name: 'Upload Schema' +description: 'If there are changes to schema, upload it to Nexus' +inputs: + version: + description: 'Version of the artifact to be published' + required: true + gistID: + description: 'ID of the gist with the version badge to update' + required: true + secrets: + description: 'Secrets required for the build' + required: true + default: '{}' + schema-module: + description: 'Gradle module ťo check for schema file changes' + default: 'schema' +runs: + using: "composite" + steps: + - name: Check if schema exists + shell: bash + run: | + if [ -d "${{ inputs.schema-module }}" ]; then + echo "HAS_SCHEMA=true" >> $GITHUB_ENV ; + else + echo "HAS_SCHEMA=false" >> $GITHUB_ENV ; + fi + + - name: Check for changes in schema + if: env.HAS_SCHEMA == 'true' + id: schema-files + uses: tj-actions/changed-files@v39 + with: + since_last_remote_commit: "true" + files: ${{ inputs.schema-module }}/** + + - name: Upload schema + shell: bash + if: + env.HAS_SCHEMA == 'true' + && steps.schema-files.outputs.any_modified == 'true' + run: | + set -eu + + ./gradlew publish --parallel --continue --stacktrace \ + -Ptag=${{ inputs.version }} + + - name: Update Schema Version Badge + if: + env.HAS_SCHEMA == 'true' + && steps.schema-files.outputs.any_modified == 'true' + uses: schneegans/dynamic-badges-action@v1.6.0 + with: + auth: ${{ fromJSON(inputs.secrets).GIST_SECRET }} + gistID: ${{ inputs.gistID }} + filename: ${{ env.REPOSITORY_NAME }}-schema.json + label: Schema Version + message: ${{ env.VERSION }} + color: orange \ No newline at end of file diff --git a/.github/workflows/release-for-testing.yml b/.github/workflows/release-for-testing.yml index a2dd365..8de6694 100644 --- a/.github/workflows/release-for-testing.yml +++ b/.github/workflows/release-for-testing.yml @@ -8,135 +8,39 @@ on: version: description: Version number of the image released to ECR value: ${{ jobs.build.outputs.version }} - secrets: - AWS_ACCESS_KEY_ID: - required: true - AWS_SECRET_ACCESS_KEY: - required: true - MAVEN_REPO_PUBLIC_URL: - required: true - MAVEN_REPO_SNAPSHOTS_URL: - required: true - MAVEN_REPO_RELEASES_URL: - required: true - MAVEN_REPO_USER: - required: true - MAVEN_REPO_PASS: - required: true - DOCKER_REGISTRY_HOST: - required: true jobs: build: runs-on: ubuntu-latest + env: + IS_DEFAULT_BRANCH: ${{ contains('refs/heads/main, refs/heads/master', github.ref) }} + secrets: ${{ toJSON(secrets) }} outputs: version: ${{ env.VERSION }} steps: - - uses: actions/checkout@v4 + - id: setup-build-environment + name: "Setup build environment" + uses: sympower/sympower-actions/.github/actions/setup-build-environment@TECH-1140-split-workflow-into-composite-actions with: - # Disabling shallow clone is recommended for improving relevancy of reporting - fetch-depth: 0 - - - name: Setup Gradle - uses: gradle/gradle-build-action@v2 + secrets: ${{ env.secrets }} + - id: format-version + name: "Format version" + uses: sympower/sympower-actions/.github/actions/format-version@TECH-1140-split-workflow-into-composite-actions with: - gradle-home-cache-cleanup: true - - - name: Cache SonarCloud packages - uses: actions/cache@v3 + style-as-release: ${{ env.IS_DEFAULT_BRANCH }} + - id: build-and-upload-docker-image + name: "Build and upload Docker Image" + uses: sympower/sympower-actions/.github/actions/build-and-upload-docker-image@TECH-1140-split-workflow-into-composite-actions with: - path: ~/.sonar/cache - key: ${{ runner.os }}-sonar - restore-keys: ${{ runner.os }}-sonar - - - name: Set up JDK 17 - uses: actions/setup-java@v3 + version: ${{ steps.format-version.outputs.version }} + - id: upload-schema + name: "Upload schema" + uses: sympower/sympower-actions/.github/actions/upload-schema@TECH-1140-split-workflow-into-composite-actions with: - java-version: '17' - distribution: 'temurin' - - - name: Grant execute permission for gradlew - run: chmod +x gradlew - - - name: Set env - run: | - set -ue ; - tag=$(echo ${GITHUB_HEAD_REF:-${GITHUB_REF_NAME}} | cut -c 1-20 | tr / -) ; - echo "VERSION=$(echo $tag)" >> $GITHUB_ENV ; - shell: bash - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: 'eu-central-1' - - - name: Login to Amazon ECR - id: login-ecr - uses: aws-actions/amazon-ecr-login@v2 - - - name: Build Docker Image - run: | - set -ue ; - ./gradlew jib --parallel --continue --stacktrace \ - -Djib.from.platforms=linux/amd64,linux/arm64 \ - -PsympowerMavenRepoPublicUrl="${{ secrets.MAVEN_REPO_PUBLIC_URL }}" \ - -PsympowerMavenRepoSnapshotsUrl="${{ secrets.MAVEN_REPO_SNAPSHOTS_URL }}" \ - -PsympowerMavenRepoReleasesUrl="${{ secrets.MAVEN_REPO_RELEASES_URL }}" \ - -PsympowerMavenRepoUsername="${{ secrets.MAVEN_REPO_USER }}" \ - -PsympowerMavenRepoPassword="${{ secrets.MAVEN_REPO_PASS }}" \ - -PregistryHost="${{ secrets.DOCKER_REGISTRY_HOST }}" \ - -Ptag="${{ env.VERSION }}" ; - - - name: Check if schema exists - run: | - if [ -d "/schema" ]; then - echo "HAS_SCHEMA=true" >> $GITHUB_ENV ; - else - echo "HAS_SCHEMA=false" >> $GITHUB_ENV ; - fi - - - name: Check for changes in schema - if: env.HAS_SCHEMA == 'true' - id: schema-files - uses: tj-actions/changed-files@v39 - with: - since_last_remote_commit: "true" - files: schema/** - - - name: Upload schema - if: - env.HAS_SCHEMA == 'true' - && steps.files.outputs.any_modified == 'true' - run: | - set -ue ; - ./gradlew publish --parallel --continue --stacktrace \ - -PsympowerMavenRepoPublicUrl="${{ secrets.MAVEN_REPO_PUBLIC_URL }}" \ - -PsympowerMavenRepoSnapshotsUrl="${{ secrets.MAVEN_REPO_SNAPSHOTS_URL }}" \ - -PsympowerMavenRepoReleasesUrl="${{ secrets.MAVEN_REPO_RELEASES_URL }}" \ - -PsympowerMavenRepoUsername="${{ secrets.MAVEN_REPO_USER }}" \ - -PsympowerMavenRepoPassword="${{ secrets.MAVEN_REPO_PASS }}" \ - -Ptag="${{ env.VERSION }}" ; - - - name: Zip artifacts - if: always() - run: | - set -ue ; - found_files=$(find . -type f -path "*/build/reports/*" -print) - - if [ -n "$found_files" ]; then - echo "Directory exists, running zip command..." - echo "$found_files" | xargs zip -r reports.zip - else - echo "Directory does not exist, skipping zip command." - fi - - - name: Upload build results + secrets: ${{ env.secrets }} + version: ${{ steps.format-version.outputs.version }} + gistID: "not-used" + - id: upload-build-artifacts + name: "Upload build artifacts" if: always() - uses: actions/upload-artifact@v3 - with: - name: results - retention-days: 1 - path: | - reports.zip + uses: sympower/sympower-actions/.github/actions/upload-build-artifacts@TECH-1140-split-workflow-into-composite-actions \ No newline at end of file diff --git a/.github/workflows/release-new-version.yml b/.github/workflows/release-new-version.yml index 2d21d1a..439d341 100644 --- a/.github/workflows/release-new-version.yml +++ b/.github/workflows/release-new-version.yml @@ -12,308 +12,73 @@ on: version: description: Version number of the image released to ECR value: ${{ jobs.build.outputs.version }} - secrets: - GIT_TOKEN: - required: true - SONAR_TOKEN: - required: true - AWS_ACCESS_KEY_ID: - required: true - AWS_SECRET_ACCESS_KEY: - required: true - GIST_SECRET: - required: true - MAVEN_REPO_PUBLIC_URL: - required: true - MAVEN_REPO_SNAPSHOTS_URL: - required: true - MAVEN_REPO_RELEASES_URL: - required: true - MAVEN_REPO_USER: - required: true - MAVEN_REPO_PASS: - required: true - DOCKER_REGISTRY_HOST: - required: true - PACT_BROKER_BASE_URL: - required: true - PACT_BROKER_USERNAME: - required: true - PACT_BROKER_PASSWORD: - required: true - AUTODEPLOYER_ID: - required: true - AUTODEPLOYER_KEY: - required: true - jobs: build: runs-on: ubuntu-latest + env: + IS_DEFAULT_BRANCH: ${{ contains('refs/heads/main, refs/heads/master', github.ref) }} + secrets: ${{ toJSON(secrets) }} outputs: version: ${{ env.VERSION }} steps: - - uses: actions/checkout@v4 + - id: setup-build-environment + name: "Setup build environment" + uses: sympower/sympower-actions/.github/actions/setup-build-environment@TECH-1140-split-workflow-into-composite-actions with: - # Disabling shallow clone is recommended for improving relevancy of reporting - fetch-depth: 0 - - - name: Setup Gradle - uses: gradle/gradle-build-action@v2 + secrets: ${{ env.secrets }} + - id: format-version + name: "Format version" + uses: sympower/sympower-actions/.github/actions/format-version@TECH-1140-split-workflow-into-composite-actions with: - gradle-home-cache-cleanup: true - - - name: Cache SonarCloud packages - uses: actions/cache@v3 + style-as-release: ${{ env.IS_DEFAULT_BRANCH }} + - id: run-tests + name: "Run tests" + uses: sympower/sympower-actions/.github/actions/run-tests@TECH-1140-split-workflow-into-composite-actions + - id: code-analysis + name: "Code analysis" + uses: sympower/sympower-actions/.github/actions/code-analysis@TECH-1140-split-workflow-into-composite-actions with: - path: ~/.sonar/cache - key: ${{ runner.os }}-sonar - restore-keys: ${{ runner.os }}-sonar - - - name: Set up JDK 17 - uses: actions/setup-java@v3 + secrets: ${{ env.secrets }} + - id: build-and-upload-docker-image + name: "Build and upload Docker Image" + if: env.IS_DEFAULT_BRANCH == 'true' + uses: sympower/sympower-actions/.github/actions/build-and-upload-docker-image@TECH-1140-split-workflow-into-composite-actions with: - java-version: '17' - distribution: 'temurin' - - - name: Grant execute permission for gradlew - run: chmod +x gradlew - - - name: Build with Gradle - env: - GITHUB_TOKEN: ${{ secrets.GIT_TOKEN }} # Needed to get PR information, if any - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: | - set -ue ; - ./gradlew build integrationTest sonar --parallel --continue --stacktrace \ - -PsympowerMavenRepoPublicUrl="${{ secrets.MAVEN_REPO_PUBLIC_URL }}" \ - -PsympowerMavenRepoSnapshotsUrl="${{ secrets.MAVEN_REPO_SNAPSHOTS_URL }}" \ - -PsympowerMavenRepoReleasesUrl="${{ secrets.MAVEN_REPO_RELEASES_URL }}" \ - -PsympowerMavenRepoUsername="${{ secrets.MAVEN_REPO_USER }}" \ - -PsympowerMavenRepoPassword="${{ secrets.MAVEN_REPO_PASS }}" \ - -Ppactbroker.url="${{ secrets.PACT_BROKER_BASE_URL }}" \ - -Ppactbroker.auth.username="${{ secrets.PACT_BROKER_USERNAME }}" \ - -Ppactbroker.auth.password="${{ secrets.PACT_BROKER_PASSWORD }}" \ - -Ptag="${GITHUB_SHA::7}" ; - - - name: Set env - run: | - set -ue ; - currentDate=$(date +"%Y.%m.%d.%H.%M") ; - tag=$(echo $GITHUB_SHA | cut -c 1-7) ; - echo "VERSION=$(echo $currentDate-$tag)" >> $GITHUB_ENV ; - echo "REPOSITORY_NAME=$(echo '${{ github.repository }}' | awk -F '/' '{print $2}')" >> $GITHUB_ENV - shell: bash - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1-node16 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: 'eu-central-1' - - - name: Login to Amazon ECR - id: login-ecr - uses: aws-actions/amazon-ecr-login@v2 - - - name: Build Docker Image - if: - contains(' - refs/heads/main - refs/heads/master - ', github.ref) - run: | - set -ue ; - ./gradlew jib --parallel --continue --stacktrace \ - -Djib.from.platforms=linux/amd64,linux/arm64 \ - -PsympowerMavenRepoPublicUrl="${{ secrets.MAVEN_REPO_PUBLIC_URL }}" \ - -PsympowerMavenRepoSnapshotsUrl="${{ secrets.MAVEN_REPO_SNAPSHOTS_URL }}" \ - -PsympowerMavenRepoReleasesUrl="${{ secrets.MAVEN_REPO_RELEASES_URL }}" \ - -PsympowerMavenRepoUsername="${{ secrets.MAVEN_REPO_USER }}" \ - -PsympowerMavenRepoPassword="${{ secrets.MAVEN_REPO_PASS }}" \ - -PregistryHost="${{ secrets.DOCKER_REGISTRY_HOST }}" \ - -Ptag="${{ env.VERSION }}" ; - + version: ${{ steps.format-version.outputs.version }} - name: Update Service Version Badge - if: - contains(' - refs/heads/main - refs/heads/master - ', github.ref) + if: env.IS_DEFAULT_BRANCH == 'true' uses: schneegans/dynamic-badges-action@v1.6.0 with: auth: ${{ secrets.GIST_SECRET }} gistID: ${{ inputs.gistID }} filename: ${{ env.REPOSITORY_NAME }}-service.json label: Service Version - message: ${{ env.VERSION }} + message: ${{ inputs.version }} color: blue - - - name: Check if schema exists - if: - contains(' - refs/heads/main - refs/heads/master - ', github.ref) - run: | - if [ -d "schema" ]; then - echo "HAS_SCHEMA=true" >> $GITHUB_ENV ; - else - echo "HAS_SCHEMA=false" >> $GITHUB_ENV ; - fi - - - name: Check for changes in schema - if: - contains(' - refs/heads/main - refs/heads/master - ', github.ref) - && env.HAS_SCHEMA == 'true' - id: schema-files - uses: tj-actions/changed-files@v39 + - id: upload-schema + name: "Upload schema" + if: env.IS_DEFAULT_BRANCH == 'true' + uses: sympower/sympower-actions/.github/actions/upload-schema@TECH-1140-split-workflow-into-composite-actions with: - since_last_remote_commit: "true" - files: schema/** - - - name: Upload schema - if: - contains(' - refs/heads/main - refs/heads/master - ', github.ref) - && env.HAS_SCHEMA == 'true' - && steps.schema-files.outputs.any_modified == 'true' - run: | - set -ue ; - ./gradlew publish --parallel --continue --stacktrace \ - -PsympowerMavenRepoPublicUrl=${{ secrets.MAVEN_REPO_PUBLIC_URL }} \ - -PsympowerMavenRepoSnapshotsUrl=${{ secrets.MAVEN_REPO_SNAPSHOTS_URL }} \ - -PsympowerMavenRepoReleasesUrl=${{ secrets.MAVEN_REPO_RELEASES_URL }} \ - -PsympowerMavenRepoUsername=${{ secrets.MAVEN_REPO_USER }} \ - -PsympowerMavenRepoPassword=${{ secrets.MAVEN_REPO_PASS }} \ - -Ptag="${{ env.VERSION }}" ; - - - name: Update Schema Version Badge - if: - contains(' - refs/heads/main - refs/heads/master - ', github.ref) - && env.HAS_SCHEMA == 'true' - && steps.schema-files.outputs.any_modified == 'true' - uses: schneegans/dynamic-badges-action@v1.6.0 - with: - auth: ${{ secrets.GIST_SECRET }} + version: ${{ steps.format-version.outputs.version }} + secrets: ${{ env.secrets }} gistID: ${{ inputs.gistID }} - filename: ${{ env.REPOSITORY_NAME }}-schema.json - label: Schema Version - message: ${{ env.VERSION }} - color: orange - - - name: Upload Pacts - if: - contains(' - refs/heads/main - refs/heads/master - ', github.ref) - run: | - set -ue ; - for PACT_DIR in $( find . | grep build/pacts$ | sed 's/^.\///' ) ; do - echo "Uploading pacts in: ${PACT_DIR}" - docker run --rm \ - -w ${PWD} \ - -v ${PWD}:${PWD} \ - -e PACT_BROKER_BASE_URL=${{ secrets.PACT_BROKER_BASE_URL }} \ - -e PACT_BROKER_USERNAME=${{ secrets.PACT_BROKER_USERNAME }} \ - -e PACT_BROKER_PASSWORD=${{ secrets.PACT_BROKER_PASSWORD }} \ - pactfoundation/pact-cli:0.50.0.27 \ - publish \ - ${PWD}/${PACT_DIR} \ - --consumer-app-version "${{ env.VERSION }}" - done - - - uses: tibdex/github-app-token@v2 - id: generate-token + - id: upload-pacts + name: "Upload pacts" + if: env.IS_DEFAULT_BRANCH == 'true' + uses: sympower/sympower-actions/.github/actions/upload-pacts@TECH-1140-split-workflow-into-composite-actions with: - app_id: ${{ secrets.AUTODEPLOYER_ID }} - private_key: ${{ secrets.AUTODEPLOYER_KEY }} - - - name: Trigger deployments - env: - DEPLOYER_TOKEN: ${{ steps.generate-token.outputs.token }} - if : - contains(' - refs/heads/main - refs/heads/master - ', github.ref) - run: | - set -ue - - REPOSITORY_NAME='${{ env.REPOSITORY_NAME }}' - VERSION='${{ env.VERSION }}' - - for env in $( ls auto-deploy/*.env.json ) ; do - - ENVIRONMENT=$( jq -r '.environment' "$env" ) - COMPONENT=$( jq -r '.component' "$env" ) - SERVICE=$( jq -r '.service' "$env" ) - - if [ -z "$ENVIRONMENT" ] || [ "$ENVIRONMENT" = "null" ] ; then - echo "ERROR: Missing environment in $env" - exit 1 - fi - - if [ -z "$COMPONENT" ] || [ "$COMPONENT" = "null" ] ; then - COMPONENT="$REPOSITORY_NAME" - fi - - if [ -z "$SERVICE" ]|| [ "$SERVICE" = "null" ] ; then - SERVICE="$REPOSITORY_NAME" - fi - - DISPATCH_EVENT="$REPOSITORY_NAME calls update version to $VERSION for $COMPONENT/$SERVICE in $ENVIRONMENT" - - BODY='{ - "event_type": "update_version_event", - "client_payload": { - "dispatch_event": "'"$DISPATCH_EVENT"'", - "environment": "'"$ENVIRONMENT"'", - "component": "'"$COMPONENT"'", - "service": "'"$SERVICE"'", - "version": "'"$VERSION"'" - } - }' - - echo "$DISPATCH_EVENT" - - curl -H "Accept: application/vnd.github.everest-preview+json" \ - -H "Authorization: token ${DEPLOYER_TOKEN}" \ - --request POST \ - --data "${BODY}" \ - https://api.github.com/repos/sympower/environments/dispatches - - echo "Done: $DISPATCH_EVENT" - - done - - - name: Zip artifacts - if: always() - run: | - set -ue ; - found_files=$(find . -type f -path "*/build/reports/*" -print) - - if [ -n "$found_files" ]; then - echo "Directory exists, running zip command..." - echo "$found_files" | xargs zip -r reports.zip - else - echo "Directory does not exist, skipping zip command." - fi - - - name: Upload build results - if: always() - uses: actions/upload-artifact@v3 + version: ${{ steps.format-version.outputs.version }} + - id: deploy-staging + name: "Deploy staging" + if: env.IS_DEFAULT_BRANCH == 'true' + uses: sympower/sympower-actions/.github/actions/deploy-staging@TECH-1140-split-workflow-into-composite-actions with: - name: results - retention-days: 1 - path: | - reports.zip + secrets: ${{ env.secrets }} + version: ${{ steps.format-version.outputs.version }} + default-name: ${{ env.REPOSITORY_NAME }} + - id: upload-build-artifacts + name: "Upload build artifacts" + if: always() + uses: sympower/sympower-actions/.github/actions/upload-build-artifacts@TECH-1140-split-workflow-into-composite-actions diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index bebbda1..4af4be4 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -50,7 +50,7 @@ jobs: run: chmod +x gradlew - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1-node16 + uses: aws-actions/configure-aws-credentials@v4 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}