Requisito Extraction #347
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
push: | |
# Publish `master` as Docker `latest` image. | |
branches: | |
- main | |
# Publish `v1.2.3` tags as releases. | |
tags: | |
- v* | |
# Run tests for any PRs. | |
pull_request: | |
env: | |
GITHUB_WORKFLOW: dati-semantic-backend | |
REGISTRY: ghcr.io | |
IMAGE_NAME: ${{ github.repository }} | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- name: checkout code | |
uses: actions/checkout@v2 | |
- name: caching | |
uses: actions/cache@v1 | |
with: | |
path: ~/.gradle/caches | |
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*') }} | |
restore-keys: | | |
${{ runner.os }}-gradle- | |
- name: Create Build Artifact | |
run: ./gradlew clean build | |
- name: SpotBugs Check | |
run: ./gradlew spotbugsMain spotbugsTest | |
owasp: | |
runs-on: ubuntu-latest | |
steps: | |
- name: checkout code | |
uses: actions/checkout@v2 | |
- name: Dependency Check | |
run: ./gradlew dependencyCheckAnalyze | |
publish: | |
runs-on: ubuntu-latest | |
if: github.event_name != 'pull_request' | |
permissions: | |
contents: read | |
packages: write | |
needs: | |
- build | |
- owasp | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v2 | |
- name: Log in to the Github Container registry | |
uses: docker/login-action@v1 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: caching | |
uses: actions/cache@v1 | |
with: | |
path: ~/.gradle/caches | |
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*') }} | |
restore-keys: | | |
${{ runner.os }}-gradle- | |
- name: build and push image | |
run: | | |
IMAGE="$REGISTRY/$IMAGE_NAME" | |
TAG="$(date +'%Y%m%d')-${{github.run_number}}-$(git rev-parse --short HEAD)" | |
SOURCE_LABEL="org.opencontainers.image.source=${{github.server_url}}/$IMAGE_NAME" | |
BRANCH_LABEL="org.opencontainers.image.source.branch=$(git rev-parse --abbrev-ref HEAD)" | |
TITLE_LABEL="org.opencontainers.image.title=dati-semantic-backend" | |
./gradlew jib --image="$IMAGE:$TAG" -Djib.container.labels="$SOURCE_LABEL,$BRANCH_LABEL,$TITLE_LABEL" -Djib.to.tags="$TAG,latest" | |
deploy: | |
runs-on: ubuntu-latest | |
if: github.event_name != 'pull_request' | |
permissions: | |
contents: read | |
packages: write | |
needs: | |
- publish | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v2 | |
- name: extract image | |
id: extractImage | |
run: | | |
IMAGE="$REGISTRY/$IMAGE_NAME" | |
TAG="$(date +'%Y%m%d')-${{github.run_number}}-$(git rev-parse --short HEAD)" | |
echo "##[set-output name=imageName;]${IMAGE}:${TAG}" | |
- uses: convictional/[email protected] | |
with: | |
owner: teamdigitale | |
repo: dati-semantic-kubernetes | |
github_token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} | |
workflow_file_name: update-config.yaml | |
ref: dev | |
wait_interval: 20 | |
inputs: '{"serviceName": "dati-semantic-backend", "imageWithNewTag": "${{ steps.extractImage.outputs.imageName }}"}' |