Build and deploy from branch. #31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build, push and update | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| skip-unit-test: | |
| type: boolean | |
| required: true | |
| description: Skip unit-test | |
| jobs: | |
| build_push_update: | |
| runs-on: ubuntu-latest | |
| environment: dev-cd | |
| permissions: | |
| id-token: write | |
| packages: write | |
| contents: write | |
| steps: | |
| # | |
| # Checkout the source code. | |
| # | |
| - name: Checkout the source code | |
| uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab | |
| with: | |
| token: ${{ secrets.GIT_PAT }} | |
| fetch-depth: 0 | |
| # | |
| # Cache JDK. | |
| # | |
| - name: Cache JDK | |
| uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 | |
| id: cache-jdk | |
| with: | |
| key: OpenJDK21U-jdk_x64_linux_hotspot_21.0.2_13.tar.gz | |
| path: | | |
| ${{ runner.temp }}/jdk_setup.tar.gz | |
| ${{ runner.temp }}/jdk_setup.sha256 | |
| # | |
| # Download JDK and verify its hash. | |
| # | |
| - name: Download JDK and verify its hash | |
| run: | | |
| echo "454bebb2c9fe48d981341461ffb6bf1017c7b7c6e15c6b0c29b959194ba3aaa5 ${{ runner.temp }}/jdk_setup.tar.gz" >> ${{ runner.temp }}/jdk_setup.sha256 | |
| curl -L "https://github.com/adoptium/temurin21-binaries/releases/download/jdk-21.0.2%2B13/OpenJDK21U-jdk_x64_linux_hotspot_21.0.2_13.tar.gz" -o "${{ runner.temp }}/jdk_setup.tar.gz" | |
| sha256sum --check --status "${{ runner.temp }}/jdk_setup.sha256" | |
| # | |
| # Setup JDK. | |
| # | |
| - name: Setup JDK | |
| uses: actions/setup-java@5ffc13f4174014e2d4d4572b3d74c3fa61aeb2c2 | |
| with: | |
| distribution: "jdkfile" | |
| jdkFile: "${{ runner.temp }}/jdk_setup.tar.gz" | |
| java-version: "21" | |
| cache: maven | |
| # | |
| # Cache Maven. | |
| # | |
| - name: Cache Maven | |
| uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 | |
| id: cache-maven | |
| with: | |
| key: apache-maven-3.9.6-bin.tar.gz | |
| path: | | |
| ${{ runner.temp }}/maven_setup.tar.gz | |
| ${{ runner.temp }}/maven_setup.sha256 | |
| # | |
| # Download Maven and verify its hash. | |
| # | |
| - name: Download Maven and verify its hash | |
| run: | | |
| echo "6eedd2cae3626d6ad3a5c9ee324bd265853d64297f07f033430755bd0e0c3a4b ${{ runner.temp }}/maven_setup.tar.gz" >> ${{ runner.temp }}/maven_setup.sha256 | |
| curl -L "https://archive.apache.org/dist/maven/maven-3/3.9.6/binaries/apache-maven-3.9.6-bin.tar.gz" -o "${{ runner.temp }}/maven_setup.tar.gz" | |
| sha256sum --check --status "${{ runner.temp }}/maven_setup.sha256" | |
| # | |
| # RELEASE CANDIDATE - Build native executable. | |
| # | |
| - name: RELEASE CANDIDATE - Build native executable | |
| run: ${{ runner.temp }}/maven/bin/mvn clean package -Pnative -Dmaven.test.skip=true -Dquarkus.native.container-build=true -Dquarkus.native.builder-image=quay.io/quarkus/ubi-quarkus-mandrel-builder-image@sha256:ce70e1a8016471ff0fc9c8f048cd9e37afddacd3de37ed0bca74201d102e45f5 -s ${{ runner.temp }}/settings.xml --no-transfer-progress | |
| # | |
| # Setup Maven. | |
| # | |
| - name: Setup Maven | |
| run: | | |
| mkdir ${{ runner.temp }}/maven | |
| tar -xvf ${{ runner.temp }}/maven_setup.tar.gz -C ${{ runner.temp }}/maven --strip-components=1 | |
| echo "<settings><servers><server><id>github</id><username>${{ secrets.GIT_USER }}</username><password>${{ secrets.GIT_PAT }}</password></server></servers></settings>" >> ${{ runner.temp }}/settings.xml | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| driver-opts: network=host | |
| - name: Build and push | |
| uses: docker/build-push-action@v6 | |
| with: | |
| push: true | |
| file: src/main/docker/Dockerfile.native-micro | |
| tags: ghcr.io/${{ github.repository }}:${{ github.head_ref || github.ref_name }} | |
| # | |
| # Install Node. | |
| # | |
| - name: Install Node | |
| uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c | |
| with: | |
| node-version: "18.16.0" | |
| # | |
| # Install Newman. | |
| # | |
| - name: Install Newman | |
| run: npm install -g newman | |
| # | |
| # Run Postman collection. | |
| # | |
| - name: Run Postman collection | |
| run: | | |
| newman run src/test/postman/mil-papos.postman_collection.json \ | |
| -e src/test/postman/dev.postman_environment.json \ | |
| --env-var "clientIdPsp=${{ secrets.NEWMAN_IT__PSP_TOKEN_CLIENT_ID }}" \ | |
| --env-var "clientSecretPsp=${{ secrets.NEWMAN_IT_PSP_TOKEN_CLIENT_SECRET }}" \ | |
| --env-var "clientIdPa=${{ secrets.NEWMAN_IT__PA_TOKEN_CLIENT_ID }}" \ | |
| --env-var "clientSecretPa=${{ secrets.NEWMAN_IT_PA_TOKEN_CLIENT_SECRET }}" \ | |
| --env-var "clientIdAdm=${{ secrets.NEWMAN_IT__PAPOS_ADMIN_TOKEN_CLIENT_ID }}" \ | |
| --env-var "clientSecretAdm=${{ secrets.NEWMAN_IT_PAPOS_ADMIN_TOKEN_CLIENT_SECRET }}" |