From c8c46ec9ad82d2f7e7ceae86d7e361036c7decce Mon Sep 17 00:00:00 2001 From: Assad Riaz Date: Tue, 24 Dec 2024 12:49:11 +0100 Subject: [PATCH 1/4] Update gha ci workflow, tag git repo with docker tag, add step to trigger downstream build --- .github/workflows/ci.yml | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 12a00ad9..da48a7fc 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -55,12 +55,35 @@ jobs: java-version: 21 distribution: temurin cache: maven + - name: set variables + run: | + echo "GHA_DOCKER_PUSH_IMAGE_TAG=`date +%Y-%m-%dT%H-%M`" >> $GITHUB_ENV - name: Build container image with Jib, push to container repo run: | - image_date=`date +%Y-%m-%dT%H-%M` mvn --batch-mode compile \ com.google.cloud.tools:jib-maven-plugin:build \ - -Djib.to.tags=latest,"$image_date" \ + -Djib.to.tags=latest,${{ env.GHA_DOCKER_PUSH_IMAGE_TAG }} \ -Dmaven.test.skip \ -P prettierSkip + + - name: Tag default branch with the container image tag ${{ env.GHA_DOCKER_PUSH_IMAGE_TAG }} + id: tag-version + run: | + git config user.name github-actions[bot] + git config user.email 41898282+github-actions[bot]@users.noreply.github.com + git tag --annotate "$GHA_DOCKER_PUSH_IMAGE_TAG" -m "chore(tag): $GHA_DOCKER_PUSH_IMAGE_TAG [skip ci]" --force + git push origin "$GHA_DOCKER_PUSH_IMAGE_TAG" --force + + - name: Trigger downstream CI + run: | + repo_owner="entur" + repo_name="lamassu-deployment-config" + event_type="trigger-downstream-ci" + service="lamassu" + echo "Triggering downstream CI for $service with version $GHA_DOCKER_PUSH_IMAGE_TAG" + curl -X POST \ + -H "Authorization: token ${{ secrets.GITFLOW_PAT }}" \ + -H "Accept: application/vnd.github.everest-preview+json" \ + -H "Content-Type: application/json" https://api.github.com/repos/$repo_owner/$repo_name/dispatches \ + -d "{\"event_type\": \"$event_type\", \"client_payload\": {\"service\": \"$service\", \"version\": \"$GHA_DOCKER_PUSH_IMAGE_TAG\", \"unit\": false, \"integration\": true}}" \ No newline at end of file From 96c1c14b3ffb579095db9627ef7850c0a0029db0 Mon Sep 17 00:00:00 2001 From: Assad Riaz Date: Tue, 24 Dec 2024 12:54:34 +0100 Subject: [PATCH 2/4] Add sonar scan in ci workflow --- .github/workflows/ci.yml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index da48a7fc..e0d5a28e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -36,6 +36,23 @@ jobs: mvn --batch-mode jacoco:prepare-agent test jacoco:report -Dprettier.nodePath=node -Dprettier.npmPath=npm mvn --batch-mode jib:dockerBuild -Dmaven.test.skip -P prettierSkip + - name: Sonar Scan + env: + SONAR_TOKEN: ${{ secrets.ENTUR_SONAR_PASSWORD }} + SONAR_PROJECT_NAME: ${{ github.event.repository.name }} + SONAR_PROJECT_KEY: entur_${{ github.event.repository.name }} + run: | + mvn -s .github/workflows/settings.xml \ + org.jacoco:jacoco-maven-plugin:prepare-agent verify \ + org.jacoco:jacoco-maven-plugin:report sonar:sonar \ + -P prettierSkip \ + -Dmaven.main.skip \ + -DskipTests \ + -Dsonar.projectKey=${SONAR_PROJECT_KEY} \ + -Dsonar.organization=enturas-github \ + -Dsonar.projectName=${SONAR_PROJECT_NAME} \ + -Dsonar.host.url=https://sonarcloud.io \ + -Dsonar.token=${SONAR_TOKEN} image: # only build and push the image when it's a commit to master in Entur's repository From 7ba87a5aa8ca13ba03b9a49e352622687c9481c0 Mon Sep 17 00:00:00 2001 From: Assad Riaz Date: Tue, 24 Dec 2024 12:55:26 +0100 Subject: [PATCH 3/4] Delete circleci config --- .circleci/config.yml | 123 ------------------------------------------- 1 file changed, 123 deletions(-) delete mode 100644 .circleci/config.yml diff --git a/.circleci/config.yml b/.circleci/config.yml deleted file mode 100644 index bd35d622..00000000 --- a/.circleci/config.yml +++ /dev/null @@ -1,123 +0,0 @@ -version: 2.1 - -aliases: - - &jfrog-login - name: Rename jfrog environment variable for maven setting.xml - command: | - echo "export JFROG_USER=$ARTIFACTORY_USER" >> $BASH_ENV - echo "export JFROG_PASS=$ARTIFACTORY_PASSWORD" >> $BASH_ENV - - &post_build - name: Trigger downstream builds - command: | - wget https://raw.githubusercontent.com/entur/circleci-toolbox-image-java11/master/tools/trigger_build_v2.sh -O .circleci/trigger_build_v2.sh - chmod +x .circleci/trigger_build_v2.sh - echo 'export CIRCLE_SHA1="$CIRCLE_SHA1"' >> $BASH_ENV - echo 'export CIRCLE_PROJECT_REPONAME="$CIRCLE_PROJECT_REPONAME"' >> $BASH_ENV - .circleci/trigger_build_v2.sh "entur/lamassu-deployment-config.git" "master" "$(git log -1 --pretty=%B)" - - &sonar-scan - name: Sonar scan - command: | - mvn -s .circleci/settings.xml \ - org.jacoco:jacoco-maven-plugin:prepare-agent verify \ - org.jacoco:jacoco-maven-plugin:report sonar:sonar \ - -P prettierSkip \ - -Dmaven.main.skip \ - -DskipTests \ - -Dsonar.projectKey=entur_${CIRCLE_PROJECT_REPONAME} \ - -Dsonar.organization=${SONAR_ORG} \ - -Dsonar.projectName=${CIRCLE_PROJECT_REPONAME} \ - -Dsonar.host.url=https://sonarcloud.io \ - -Dsonar.token=${ENTUR_SONAR_PASSWORD} -jobs: - test: - docker: - - image: cimg/openjdk:21.0.2-node - auth: - username: $DOCKERHUB_LOGIN - password: $DOCKERHUB_PASSWORD - environment: - MAVEN_OPTS: -Xmx3G - steps: - - checkout - - restore_cache: - keys: - - dep-cache-v2-{{ checksum "pom.xml" }} - - dep-cache-v2- - - run: - name: Download Maven settings - command: wget https://raw.githubusercontent.com/entur/circleci-toolbox-image-java11/master/tools/m2/settings.xml -O .circleci/settings.xml - - run: *jfrog-login - - run: - name: Refresh cache - command: mvn org.apache.maven.plugins:maven-dependency-plugin:3.1.0:go-offline -s .circleci/settings.xml - - save_cache: - paths: - - ~/.m2 - key: dep-cache-v2-{{ checksum "pom.xml" }} - # Cannot use -o because of snapshot dependencies. - - run: - name: Run Maven verify - command: mvn verify -s .circleci/settings.xml -Dprettier.nodePath=node -Dprettier.npmPath=npm - - run: *sonar-scan - - run: - name: Save test results - command: | - mkdir -p ~/junit/ - find . -type f -regex ".*/target/surefire-reports/.*xml" -exec cp {} ~/junit/ \; - find . -type f -regex ".*/target/surefire-reports/.*dumpstream" -exec cp {} ~/junit/ \; - find . -type f -regex ".*/target/surefire-reports/.*log" -exec cp {} ~/junit/ \; - when: always - - store_test_results: - path: ~/junit - - store_artifacts: - path: ~/junit - - persist_to_workspace: - root: ~/project - paths: - - target - - .circleci - build: - docker: - - image: cimg/openjdk:21.0.2-node - auth: - username: $DOCKERHUB_LOGIN - password: $DOCKERHUB_PASSWORD - environment: - MAVEN_OPTS: -Xmx3G - steps: - - checkout - - restore_cache: - keys: - - dep-cache-v2-{{ checksum "pom.xml" }} - - dep-cache-v2- - - run: - name: Download Maven settings - command: wget https://raw.githubusercontent.com/entur/circleci-toolbox-image-java11/master/tools/m2/settings.xml -O .circleci/settings.xml - - run: *jfrog-login - - run: - name: Refresh cache - command: mvn org.apache.maven.plugins:maven-dependency-plugin:3.1.0:go-offline -s .circleci/settings.xml - - save_cache: - paths: - - ~/.m2 - key: dep-cache-v2-{{ checksum "pom.xml" }} - # Cannot use -o because of snapshot dependencies. - - run: mvn deploy -s .circleci/settings.xml -P prettierSkip -DskipTests - - run: *post_build - -workflows: - version: 2.1 - release: - jobs: - - test: - name: test-release - context: global - - build: - name: build-release - context: global - filters: - branches: - only: - - master - requires: - - test-release From 2788bd06d52099fd691318b24a7114799c41b205 Mon Sep 17 00:00:00 2001 From: Assad Riaz Date: Tue, 24 Dec 2024 13:11:50 +0100 Subject: [PATCH 4/4] update ci workflow --- .github/workflows/ci.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e0d5a28e..214e52bd 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -42,12 +42,11 @@ jobs: SONAR_PROJECT_NAME: ${{ github.event.repository.name }} SONAR_PROJECT_KEY: entur_${{ github.event.repository.name }} run: | - mvn -s .github/workflows/settings.xml \ + mvn -DskipTests \ org.jacoco:jacoco-maven-plugin:prepare-agent verify \ org.jacoco:jacoco-maven-plugin:report sonar:sonar \ -P prettierSkip \ -Dmaven.main.skip \ - -DskipTests \ -Dsonar.projectKey=${SONAR_PROJECT_KEY} \ -Dsonar.organization=enturas-github \ -Dsonar.projectName=${SONAR_PROJECT_NAME} \