diff --git a/.github/workflows/gradle-build-poc.yml b/.github/workflows/gradle-build-poc.yml new file mode 100644 index 000000000..6f033cc0e --- /dev/null +++ b/.github/workflows/gradle-build-poc.yml @@ -0,0 +1,134 @@ +name: Gradle Build & Deploy - POC +on: + push: + branches: + # - 'develop' + - '2486-create-new-pipeline-for-updated-build-deployment' +env: + PROJECT_ID: ${{ secrets.PROJECT_ID }} + PROJECT_NAME: ${{ secrets.PROJECT_NAME }} + RUN_REGION: us-central1 + SERVICE_NAME: checkins-develop +jobs: + build: + runs-on: ubuntu-latest + environment: + name: DEV-POC + # url: ${{ env.CLOUD_RUN_ADDRESS }}/ + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + - id: 'auth_with_gcp' + uses: 'google-github-actions/auth@v2' + with: + project_id: '${{env.PROJECT_ID}}' + workload_identity_provider: '${{secrets.WORKLOAD_IDENTITY_PROVIDER}}' + service_account: '${{secrets.GCLOUD_SERVICEACCOUNT}}' + - id: 'secrets' + uses: 'google-github-actions/get-secretmanager-secrets@v2' + with: + secrets: |- + cloud_run_address:${{env.PROJECT_ID}}/CLOUD_RUN_ADDRESS + cloud_db_connection_name:${{env.PROJECT_ID}}/CLOUD_DB_CONNECTION_NAME + - name: Set up Node LTS + uses: actions/setup-node@v4 + with: + node-version: '20' + - name: Set up JDK 21 + uses: actions/setup-java@v4 + with: + distribution: 'temurin' # See 'Supported distributions' for available options + java-version: 21 + - name: Cache SonarQube packages + uses: actions/cache@v4 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + - name: Cache Gradle packages + uses: actions/cache@v4 + with: + path: ~/.gradle/caches + key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }} + restore-keys: ${{ runner.os }}-gradle + - name: Validate Gradle wrapper + uses: gradle/wrapper-validation-action@e6e38bacfdf1a337459f332974bb2327a31aaf4b + - name: Build with Gradle + uses: gradle/gradle-build-action@4137be6a8bf7d7133955359dbd952c0ca73b1021 + with: + arguments: assemble + env: + VITE_APP_API_URL: ${{steps.secrets.outputs.cloud_run_address}} + - name: Gradle runs tests + uses: gradle/gradle-build-action@4137be6a8bf7d7133955359dbd952c0ca73b1021 + with: + arguments: check +# - name: Do SonarQube checks +# uses: gradle/gradle-build-action@4137be6a8bf7d7133955359dbd952c0ca73b1021 +# with: +# arguments: sonarqube --info +# env: +# GITHUB_TOKEN: ${{ secrets.GIT_HUB_TOKEN }} +# SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} +# SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + - name: Setup python + run: | + sudo apt-get install python2.7 + - name: Export gcloud related env variable + run: export CLOUDSDK_PYTHON="/usr/bin/python2" + # Setup gcloud CLI + - uses: google-github-actions/setup-gcloud@v2 + with: + version: "477.0.0" + # service_account_key: ${{ secrets.RUN_SA_KEY }} + # project_id: ${{ secrets.RUN_PROJECT }} + - name: Auth Configure Docker + run: |- + gcloud --quiet auth configure-docker + - name: Build the Docker image + run: |- + cd server + docker build --tag "gcr.io/$PROJECT_ID/$SERVICE_NAME:$GITHUB_SHA" . + - name: Push the Docker image to Google Container Registry + run: |- + cd server + docker push "gcr.io/$PROJECT_ID/$SERVICE_NAME:$GITHUB_SHA" + - name: Deploy image to Cloud Run + run: |- + gcloud run deploy "$SERVICE_NAME" \ + --project "$PROJECT_NAME" \ + --region "$RUN_REGION" \ + --image "gcr.io/$PROJECT_NAME/$SERVICE_NAME:$GITHUB_SHA" \ + --memory 1Gi \ + --add-cloudsql-instances ${{steps.secrets.outputs.cloud_db_connection_name }} \ + --set-secrets "CLOUD_DB_CONNECTION_NAME=CLOUD_DB_CONNECTION_NAME:latest" \ + --set-secrets "DB_NAME=DB_NAME:latest" \ + --set-secrets "DATASOURCES_DEFAULT_PASSWORD=DATASOURCES_DEFAULT_PASSWORD:latest" \ + --set-secrets "DATASOURCES_DEFAULT_USERNAME=DATASOURCES_DEFAULT_USERNAME:latest" \ + --set-secrets "AES_KEY=AES_KEY:latest" \ + --set-secrets "OAUTH_CLIENT_ID=OAUTH_CLIENT_ID:latest" \ + --set-secrets "OAUTH_CLIENT_SECRET=OAUTH_CLIENT_SECRET:latest" \ + --set-secrets "OAUTH_CALLBACK_URI=OAUTH_CALLBACK_URI:latest" \ + --set-secrets "DIRECTORY_ID=DIRECTORY_ID:latest" \ + --set-secrets "TYPE=SA_KEY_TYPE:latest" \ + --set-secrets "PROJECT_ID=PROJECT_ID:latest" \ + --set-secrets "PRIVATE_KEY_ID=PRIVATE_KEY_ID:latest" \ + --set-secrets "PRIVATE_KEY=PRIVATE_KEY:latest" \ + --set-secrets "CLIENT_EMAIL=CLIENT_EMAIL:latest" \ + --set-secrets "CLIENT_ID=CLIENT_ID:latest" \ + --set-secrets "AUTH_URI=AUTH_URI:latest" \ + --set-secrets "TOKEN_URI=TOKEN_URI:latest" \ + --set-secrets "AUTH_PROVIDER_X509_CERT_URL=AUTH_PROVIDER_X509_CERT_URL:latest" \ + --set-secrets "CLIENT_X509_CERT_URL=CLIENT_X509_CERT_URL:latest" \ + --set-secrets "GSUITE_SUPER_ADMIN=GSUITE_SUPER_ADMIN:latest" \ + --set-secrets "MJ_APIKEY_PUBLIC=MJ_APIKEY_PUBLIC:latest" \ + --set-secrets "MJ_APIKEY_PRIVATE=MJ_APIKEY_PRIVATE:latest" \ + --set-secrets "WEB_ADDRESS=CLOUD_RUN_ADDRESS:latest" \ + --set-secrets "FROM_ADDRESS=FROM_ADDRESS:latest" \ + --set-env-vars "FROM_NAME=Check-Ins - DEVELOP" \ + --set-secrets "MICRONAUT_ENVIRONMENTS=MICRONAUT_ENVIRONMENTS:latest" \ + --platform "managed" \ + --max-instances 2 \ + --allow-unauthenticated +