Skip to content

Commit

Permalink
chore: [SRTP-116] improve building workflow of pipeline CD (#21)
Browse files Browse the repository at this point in the history
  • Loading branch information
and-mora authored Nov 29, 2024
1 parent 85aafae commit ecf5ed8
Showing 1 changed file with 37 additions and 91 deletions.
128 changes: 37 additions & 91 deletions .github/workflows/post-merge.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ on:
- main

jobs:
post_merge:
versioning:
runs-on: ubuntu-22.04

permissions:
Expand All @@ -18,26 +18,17 @@ jobs:
new_version: ${{ steps.semantic.outputs.new_release_version }}

steps:
#
# Checkout the source code.
#
- name: Checkout the source code
- name: "Checkout the source code"
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2
with:
fetch-depth: 0

#
# Install Node.
#
- name: Install Node
- name: "Install Node"
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af #v4.1.0
with:
node-version: "20.18.0"

#
# Calculate of the new version (dry-run).
#
- name: Calculate of the new version (dry-run)
- name: "Calculate of the new version (dry-run)"
uses: cycjimmy/semantic-release-action@b1b432f13acb7768e0c8efdec416d363a57546f2 # 4.1.1
id: semantic
env:
Expand All @@ -51,8 +42,8 @@ jobs:
dry_run: true

dev_deployment:
needs: post_merge
if: needs.post_merge.outputs.new_release_published == 'true'
needs: versioning
if: needs.versioning.outputs.new_release_published == 'true'
runs-on: ubuntu-22.04
environment: cstar-d-weu-rtp

Expand All @@ -62,65 +53,55 @@ jobs:
contents: write # Create a new release.

outputs:
digest: ${{ steps.stable-image.outputs.digest }}
digest: ${{ steps.image.outputs.digest }}

steps:
#
# Checkout the source code.
#
- name: Checkout the source code
- name: "Checkout the source code"
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2
with:
token: ${{ secrets.GIT_PAT }}

#
# RELEASE CANDIDATE - Update of gradle.properties with the RC new version.
#
- name: RELEASE CANDIDATE - Update of gradle.properties with the new version
- name: "Update of gradle.properties with the new version"
run: |
sed -i -e "s/version=.*/version=${{ needs.post_merge.outputs.new_version }}-RC/g" gradle.properties
sed -i -e "s/version=.*/version=${{ needs.versioning.outputs.new_version }}/g" gradle.properties
# todo sonar
#
# RELEASE CANDIDATE - Build and push native container image.
#
- name: Log in to the Container registry
- name: "Log in to the Container registry"
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: https://ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GIT_PAT }}

- name: Set up QEMU
- name: "Set up QEMU"
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0

- name: Set up Docker Buildx
- name: "Set up Docker Buildx"
uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1

- name: Build the app image
id: rc-image
- name: "Build the app image"
id: image
uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0
with:
push: true
context: .
file: src/main/docker/Dockerfile
platforms: linux/amd64
tags: ghcr.io/${{ github.repository }}:latest, ghcr.io/${{ github.repository }}:${{ needs.post_merge.outputs.new_version }}-RC
tags: ghcr.io/${{ github.repository }}:latest, ghcr.io/${{ github.repository }}:${{ needs.versioning.outputs.new_version }}-RC
secrets: |
"gh_token=${{ secrets.GIT_PAT }}"
#
# Setup Terraform
# RELEASE CANDIDATE - Update Container App.
#
- name: Setup Terraform
- name: "Setup Terraform"
uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2
with:
terraform_version: 1.9.7

#
# RELEASE CANDIDATE - Update Container App.
#
- name: RELEASE CANDIDATE - Update Container App
- name: "RELEASE CANDIDATE - Update Container App"
shell: bash
working-directory: src/main/terraform
env:
Expand All @@ -129,7 +110,7 @@ jobs:
ARM_TENANT_ID: "${{ secrets.AZURE_TENANT_ID }}"
run: |
terraform init -backend-config="env/cstar-d-weu-rtp/backend.tfvars" -reconfigure
terraform apply -var-file="env/cstar-d-weu-rtp/terraform.tfvars" -var="rtp_activator_image=ghcr.io/${{ github.repository }}:${{ needs.post_merge.outputs.new_version }}-RC@${{ steps.rc-image.outputs.digest }}" -auto-approve -lock-timeout=300s
terraform apply -var-file="env/cstar-d-weu-rtp/terraform.tfvars" -var="rtp_activator_image=ghcr.io/${{ github.repository }}:${{ needs.versioning.outputs.new_version }}-RC@${{ steps.image.outputs.digest }}" -auto-approve -lock-timeout=300s
# #
# # Install Newman.
Expand All @@ -151,22 +132,15 @@ jobs:
# --env-var "correctClientSecretForVasLayer=${{ secrets.NEWMAN_IT__CORRECTCLIENTSECRETFORVASLAYER }}" \
# --env-var "clientSecretForMilDebtPosition=${{ secrets.NEWMAN_IT__CLIENTSECRETFORMILDEBTPOSITION }}"

#
# STABLE - Update of gradle.properties with the new version.
#
- name: STABLE - Update of gradle.properties with the new version
- name: "STABLE - Push of gradle.properties with the new version"
run: |
sed -i -e "s/version=.*/version=${{ needs.post_merge.outputs.new_version }}/g" gradle.properties
git config user.name "GitHub Workflow"
git config user.email "<>"
git add gradle.properties
git commit -m "Updated with new version ${{ needs.post_merge.outputs.new_version }}"
git commit -m "Updated with new version ${{ needs.versioning.outputs.new_version }}"
git push origin main
#
# Calculation of the new version (again) with tagging + releasing + etc.
#
- name: Calculation of the new version (w/o dry_run) and put tag
- name: "Calculation of the new version (w/o dry_run) and put tag"
uses: cycjimmy/semantic-release-action@b1b432f13acb7768e0c8efdec416d363a57546f2 # 4.1.1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Expand All @@ -179,37 +153,15 @@ jobs:
dry_run: false

#
# STABLE - Build and push native container image.
# STABLE - Re-tagging (remove -RC and add version tag) and push native container image.
#
- name: Log in to the Container registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: https://ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GIT_PAT }}

- name: Set up QEMU
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1

- name: Build the app image
id: stable-image
uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0
with:
push: true
context: .
file: src/main/docker/Dockerfile
platforms: linux/amd64
tags: ghcr.io/${{ github.repository }}:latest, ghcr.io/${{ github.repository }}:${{ needs.post_merge.outputs.new_version }}
secrets: |
"gh_token=${{ secrets.GIT_PAT }}"
- name: Re-tag the app image
run: |
docker image tag ghcr.io/${{ github.repository }}:latest ghcr.io/${{ github.repository }}:${{ needs.versioning.outputs.new_version }}
docker rmi ghcr.io/${{ github.repository }}:${{ needs.versioning.outputs.new_version }}-RC
docker image push --all-tags ghcr.io/${{ github.repository }}:${{ needs.versioning.outputs.new_version }}
#
# STABLE - Update Container App.
#
- name: STABLE - Update Container App
- name: "STABLE - Update Container App"
shell: bash
working-directory: src/main/terraform
env:
Expand All @@ -218,12 +170,12 @@ jobs:
ARM_TENANT_ID: "${{ secrets.AZURE_TENANT_ID }}"
run: |
terraform init -backend-config="env/cstar-d-weu-rtp/backend.tfvars" -reconfigure
terraform apply -var-file="env/cstar-d-weu-rtp/terraform.tfvars" -var="rtp_activator_image=ghcr.io/${{ github.repository }}:${{ needs.post_merge.outputs.new_version }}@${{ steps.stable-image.outputs.digest }}" -auto-approve -lock-timeout=300s
terraform apply -var-file="env/cstar-d-weu-rtp/terraform.tfvars" -var="rtp_activator_image=ghcr.io/${{ github.repository }}:${{ needs.versioning.outputs.new_version }}@${{ steps.image.outputs.digest }}" -auto-approve -lock-timeout=300s
uat_deployment:
needs: [ post_merge, dev_deployment]
needs: [ versioning, dev_deployment]

if: needs.post_merge.outputs.new_release_published == 'true'
if: needs.versioning.outputs.new_release_published == 'true'

runs-on: ubuntu-22.04

Expand All @@ -233,24 +185,18 @@ jobs:
id-token: write

steps:
#
# Checkout the source code.
#
- name: Checkout the source code
- name: "Checkout the source code"
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2

#
# Setup Terraform
# Update Container App.
#
- name: Setup Terraform
uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2
with:
terraform_version: 1.9.7

#
# Update Container App.
#
- name: STABLE - Update Container App
- name: "STABLE - Update Container App"
shell: bash
working-directory: src/main/terraform
env:
Expand All @@ -259,4 +205,4 @@ jobs:
ARM_TENANT_ID: "${{ secrets.AZURE_TENANT_ID }}"
run: |
terraform init -backend-config="env/cstar-u-weu-rtp/backend.tfvars" -reconfigure
terraform apply -var-file="env/cstar-u-weu-rtp/terraform.tfvars" -var="rtp_activator_image=ghcr.io/${{ github.repository }}:${{ needs.post_merge.outputs.new_version }}@${{ needs.dev_deployment.outputs.digest }}" -auto-approve -lock-timeout=300s
terraform apply -var-file="env/cstar-u-weu-rtp/terraform.tfvars" -var="rtp_activator_image=ghcr.io/${{ github.repository }}:${{ needs.versioning.outputs.new_version }}@${{ needs.dev_deployment.outputs.digest }}" -auto-approve -lock-timeout=300s

0 comments on commit ecf5ed8

Please sign in to comment.