Skip to content

Java CI with Maven

Java CI with Maven #44

Workflow file for this run

# This workflow will build a Java project with Maven
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
name: Java CI with Maven
on:
push:
branches: [ "develop","feature/*","hotfix/*" ]
workflow_dispatch:
permissions:
id-token: write
contents: read
jobs:
build:
runs-on: ubuntu-latest
environment: develop # for azure oidc
env:
IMAGE_TAG: ${{ github.sha }}
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Checkout manifest repo
uses: actions/checkout@v3
with:
repository: nautible/nautible-app-ms-product-manifest
path: nautible-app-ms-product-manifest
token: ${{ secrets.PAT }}
- name: Set up JDK 11
uses: actions/setup-java@v1
with:
java-version: 11
- name: Cache Maven packages
uses: actions/cache@v2
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
# AWS
- name: pacakge with Maven for aws
run: mvn -B package -Dcloud=aws --file pom.xml -Dquarkus.package.type=fast-jar
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/nautible-dev-githubactions-ecr-access-role
aws-region: ap-northeast-1
- name: Login to Amazon public ECR
id: login-ecr
run: |
aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/nautible
- name: Product Build, tag, and push image to Amazon ECR
id: build-image-service-ecr
env:
DOCKER_BUILDKIT: 1
ECR_REGISTRY: public.ecr.aws/nautible
ECR_REPOSITORY: nautible-app-ms-product
run: |
cd $GITHUB_WORKSPACE/nautible-app-ms-product-build
docker build --cache-from=$ECR_REGISTRY/$ECR_REPOSITORY:latest --build-arg BUILDKIT_INLINE_CACHE=1 -t $ECR_REGISTRY/$ECR_REPOSITORY:latest -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f ./src/main/docker/Dockerfile.jvm .
docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
# Azure
- name: pacakge with Maven for Azure
run: |
cd $GITHUB_WORKSPACE
mvn -B clean package -Dcloud=azure --file pom.xml -Dquarkus.package.type=fast-jar
- name: Login via Azure CLI
id: login-acr
uses: azure/login@v1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Login Azure Acr
id: login-azure-acr
run: |
az acr login -n nautibledevacr
- name: Product Build, tag, and push image to Azure ACR
id: build-image-service-acr
env:
DOCKER_BUILDKIT: 1
ACR_REGISTRY: nautibledevacr.azurecr.io
ACR_REPOSITORY: nautible-app-ms-product
run: |
cd $GITHUB_WORKSPACE/nautible-app-ms-product-build
docker build --cache-from=$ACR_REGISTRY/$ACR_REPOSITORY:latest --build-arg BUILDKIT_INLINE_CACHE=1 -t $ACR_REGISTRY/$ACR_REPOSITORY:latest -t $ACR_REGISTRY/$ACR_REPOSITORY:$IMAGE_TAG -f ./src/main/docker/Dockerfile.jvm .
docker push $ACR_REGISTRY/$ACR_REPOSITORY:latest
docker push $ACR_REGISTRY/$ACR_REPOSITORY:$IMAGE_TAG
- name: update feature branch image tag
id: update-feature-branch-image-tag
if: startsWith(github.ref_name, 'feature/')
env:
TOKEN: ${{ secrets.PAT }}
BRANCH: ${{ github.ref_name }}
APP_NAME: product
ACR_REGISTRY: nautibledevacr.azurecr.io
run: |
cd $GITHUB_WORKSPACE/nautible-app-ms-$APP_NAME-manifest
HTTP_STATUS=$(curl -H "Accept: application/vnd.github+json" -H "Authorization: token $TOKEN" https://api.github.com/repos/nautible/nautible-app-ms-$APP_NAME-manifest/branches/$BRANCH -o /dev/null -w '%{http_code}\n' -s)
if [ "$HTTP_STATUS" != '200' ]; then
echo 'couldnt find remote branch. skip update manifest.'
exit 0
fi
git fetch origin $BRANCH && git checkout $BRANCH
sed -i 's/image: public.ecr.aws\/nautible\/nautible-app-ms-'$APP_NAME':\(.*\)/image: public.ecr.aws\/nautible\/nautible-app-ms-'$APP_NAME':'$IMAGE_TAG'/' ./overlays/aws/dev/$APP_NAME-deployment.yaml
sed -i 's/image: '$ACR_REGISTRY'\/nautible-app-ms-'$APP_NAME':\(.*\)/image: '$ACR_REGISTRY'\/nautible-app-ms-'$APP_NAME':'$IMAGE_TAG'/' ./overlays/azure/dev/$APP_NAME-deployment.yaml
git config user.name github-actions
git config user.email github-actions@github.com
git add .
git commit -m "update manifest"
git push
- name: pull request
id: pull-request
if: github.ref_name == 'develop' || startsWith(github.ref_name, 'hotfix/')
env:
TOKEN: ${{ secrets.PAT }}
BRANCH: ${{ github.ref_name }}
TAG: update-image-feature-${{ github.sha }}
APP_NAME: product
ACR_REGISTRY: nautibledevacr.azurecr.io
run: |
cd $GITHUB_WORKSPACE/nautible-app-ms-$APP_NAME-manifest
git fetch origin $BRANCH && git checkout $BRANCH
git checkout -b $TAG $BRANCH
sed -i 's/image: public.ecr.aws\/nautible\/nautible-app-ms-'$APP_NAME':\(.*\)/image: public.ecr.aws\/nautible\/nautible-app-ms-'$APP_NAME':'$IMAGE_TAG'/' ./overlays/aws/dev/$APP_NAME-deployment.yaml
sed -i 's/image: '$ACR_REGISTRY'\/nautible-app-ms-'$APP_NAME':\(.*\)/image: '$ACR_REGISTRY'\/nautible-app-ms-'$APP_NAME':'$IMAGE_TAG'/' ./overlays/azure/dev/$APP_NAME-deployment.yaml
git config user.name github-actions
git config user.email github-actions@github.com
git add .
git commit -m "update manifest"
git push --set-upstream origin $TAG
curl -X POST -H "Accept: application/vnd.github.v3+json" -H "Authorization: token $TOKEN" "https://api.github.com/repos/nautible/nautible-app-ms-$APP_NAME-manifest/pulls" -d '{"title": "new image deploy request", "head": "nautible:'$TAG'", "base": "'$BRANCH'"}' -o /dev/null -w 'httpstatus:%{http_code}\n' -s