documentation - new password management policy (#3965) #8
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "datafeeder" | |
| on: | |
| workflow_dispatch: | |
| push: | |
| paths: | |
| - ".github/workflows/datafeeder.yml" | |
| - "commons/**" | |
| - "security-proxy-spring-integration/**" | |
| - "datafeeder/**" | |
| - "datafeeder-ui/**" | |
| pull_request: | |
| paths: | |
| - ".github/workflows/datafeeder.yml" | |
| - "commons/**" | |
| - "security-proxy-spring-integration/**" | |
| - "datafeeder/**" | |
| - "datafeeder-ui/**" | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 45 | |
| steps: | |
| - name: "Checking out" | |
| uses: actions/checkout@v1 | |
| - name: "Setting up Java" | |
| uses: actions/setup-java@v2 | |
| with: | |
| java-version: '11' | |
| distribution: 'adopt' | |
| cache: 'maven' | |
| server-id: geOrchestra-artifactory | |
| server-username: ARTIFACTORY_USERNAME_REF | |
| server-password: ARTIFACTORY_TOKEN_REF | |
| - name: "Installing & checking formatting" | |
| run: ./mvnw install -pl :datafeeder --also-make -P-all,datafeeder --no-transfer-progress -B -Dfmt.action=validate -Dadditionalparam=-Xdoclint:none -DskipTests | |
| # note "-pl :datafeeder --also-make" builds only the project and its dependencies | |
| - name: "Running Unit Tests" | |
| run: ./mvnw test -pl :datafeeder -P-all,datafeeder -ntp -Dfmt.skip=true -Dadditionalparam=-Xdoclint:none | |
| # pull images, fetches in parallel docker layers and speeds up the process | |
| - name: "Pull required docker images for integration testing" | |
| working-directory: datafeeder/ | |
| run: docker compose pull -q | |
| - name: "Up docker images for integration testing" | |
| working-directory: datafeeder/ | |
| run: docker compose up -d --wait | |
| - name: "Running Integration Tests" | |
| working-directory: datafeeder/ | |
| run: ../mvnw verify -P-all,datafeeder -DskipITs=false -DskipTests -ntp -Dfmt.skip=true -Dadditionalparam=-Xdoclint:none | |
| - name: Getting image tag | |
| if: github.repository == 'georchestra/georchestra' && github.actor != 'dependabot[bot]' | |
| id: version | |
| run: echo ::set-output name=VERSION::$(echo $GITHUB_REF | cut -d / -f 3) | |
| - name: "Building docker image" | |
| if: github.repository == 'georchestra/georchestra' && github.actor != 'dependabot[bot]' | |
| run: ./mvnw -f datafeeder/ clean package docker:build -Pdocker -DskipTests -DdockerImageName=georchestra/datafeeder:${{ steps.version.outputs.VERSION }} | |
| - name: "Building docker image (frontend)" | |
| if: github.repository == 'georchestra/georchestra' && github.actor != 'dependabot[bot]' | |
| run: ./mvnw -f datafeeder-ui/ clean package docker:build -Pdocker -DskipTests -DdockerImageName=georchestra/datafeeder-frontend:${{ steps.version.outputs.VERSION }} | |
| - name: "Logging in docker.io" | |
| if: github.repository == 'georchestra/georchestra' && github.actor != 'dependabot[bot]' && github.event_name != 'pull_request' | |
| uses: azure/docker-login@v1 | |
| with: | |
| username: '${{ secrets.DOCKER_HUB_USERNAME }}' | |
| password: '${{ secrets.DOCKER_HUB_PASSWORD }}' | |
| - name: "Pushing latest images to docker.io" | |
| if: github.ref == 'refs/heads/master' && github.repository == 'georchestra/georchestra' && github.actor != 'dependabot[bot]' | |
| run: | | |
| docker tag georchestra/datafeeder:${{ steps.version.outputs.VERSION }} georchestra/datafeeder:latest | |
| docker tag georchestra/datafeeder-frontend:${{ steps.version.outputs.VERSION }} georchestra/datafeeder-frontend:latest | |
| docker push georchestra/datafeeder:latest | |
| docker push georchestra/datafeeder-frontend:latest | |
| - name: "Pushing release branch to docker.io (22.x series)" | |
| if: contains(github.ref, 'refs/heads/22.') && github.repository == 'georchestra/georchestra' && github.actor != 'dependabot[bot]' && github.event_name != 'pull_request' | |
| run: | | |
| docker push georchestra/datafeeder:${{ steps.version.outputs.VERSION }} | |
| docker push georchestra/datafeeder-frontend:${{ steps.version.outputs.VERSION }} | |
| - name: "Pushing release tag to docker.io (22.x series)" | |
| if: contains(github.ref, 'refs/tags/22.') && github.repository == 'georchestra/georchestra' && github.actor != 'dependabot[bot]' && github.event_name != 'pull_request' | |
| run: | | |
| docker push georchestra/datafeeder:${{ steps.version.outputs.VERSION }} | |
| docker push georchestra/datafeeder-frontend:${{ steps.version.outputs.VERSION }} | |
| - name: "Publish war in artifactory" | |
| run: ./mvnw deploy -pl :datafeeder -P-all,datafeeder -DskipTests -ntp -Dfmt.skip=true | |
| if: github.actor != 'dependabot[bot]' && github.event_name != 'pull_request' | |
| continue-on-error: true | |
| env: | |
| ARTIFACTORY_TOKEN_REF: ${{ secrets.ARTIFACTORY_TOKEN }} | |
| ARTIFACTORY_USERNAME_REF: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| - name: "Remove SNAPSHOT jars from repository" | |
| if: github.actor != 'dependabot[bot]' && github.event_name != 'pull_request' | |
| run: | | |
| find .m2/repository -name "*SNAPSHOT*" -type d | xargs rm -rf {} |