diff --git a/.github/workflows/post-merge.yml b/.github/workflows/post-merge.yml index 876091e..150ac77 100644 --- a/.github/workflows/post-merge.yml +++ b/.github/workflows/post-merge.yml @@ -7,7 +7,7 @@ on: - main jobs: - post_merge: + versioning: runs-on: ubuntu-22.04 permissions: @@ -18,26 +18,17 @@ jobs: new_version: ${{ steps.semantic.outputs.new_release_version }} steps: - # - # Checkout the source code. - # - - name: Checkout the source code + - name: "Checkout the source code" uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2 with: fetch-depth: 0 - # - # Install Node. - # - - name: Install Node + - name: "Install Node" uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af #v4.1.0 with: node-version: "20.18.0" - # - # Calculate of the new version (dry-run). - # - - name: Calculate of the new version (dry-run) + - name: "Calculate of the new version (dry-run)" uses: cycjimmy/semantic-release-action@b1b432f13acb7768e0c8efdec416d363a57546f2 # 4.1.1 id: semantic env: @@ -51,8 +42,8 @@ jobs: dry_run: true dev_deployment: - needs: post_merge - if: needs.post_merge.outputs.new_release_published == 'true' + needs: versioning + if: needs.versioning.outputs.new_release_published == 'true' runs-on: ubuntu-22.04 environment: cstar-d-weu-rtp @@ -62,63 +53,53 @@ jobs: contents: write # Create a new release. outputs: - digest: ${{ steps.stable-image.outputs.digest }} + digest: ${{ steps.image.outputs.digest }} steps: - # - # Checkout the source code. - # - - name: Checkout the source code + - name: "Checkout the source code" uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2 - # - # RELEASE CANDIDATE - Update of gradle.properties with the RC new version. - # - - name: RELEASE CANDIDATE - Update of gradle.properties with the new version + - name: "Update of gradle.properties with the new version" run: | - sed -i -e "s/version=.*/version=${{ needs.post_merge.outputs.new_version }}-RC/g" gradle.properties + sed -i -e "s/version=.*/version=${{ needs.versioning.outputs.new_version }}/g" gradle.properties -# todo sonar # # RELEASE CANDIDATE - Build and push native container image. # - - name: Log in to the Container registry + - name: "Log in to the Container registry" uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: registry: https://ghcr.io username: ${{ github.actor }} password: ${{ secrets.GIT_PAT }} - - name: Set up QEMU + - name: "Set up QEMU" uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 - - name: Set up Docker Buildx + - name: "Set up Docker Buildx" uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1 - - name: Build the app image - id: rc-image + - name: "Build the app image" + id: image uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 with: push: true context: . file: src/main/docker/Dockerfile platforms: linux/amd64 - tags: ghcr.io/${{ github.repository }}:latest, ghcr.io/${{ github.repository }}:${{ needs.post_merge.outputs.new_version }}-RC + tags: ghcr.io/${{ github.repository }}:latest, ghcr.io/${{ github.repository }}:${{ needs.versioning.outputs.new_version }}-RC secrets: | "gh_token=${{ secrets.GIT_PAT }}" # - # Setup Terraform + # RELEASE CANDIDATE - Update Container App. # - - name: Setup Terraform + - name: "Setup Terraform" uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2 with: terraform_version: 1.9.7 - # - # RELEASE CANDIDATE - Update Container App. - # - - name: RELEASE CANDIDATE - Update Container App + - name: "RELEASE CANDIDATE - Update Container App" shell: bash working-directory: src/main/terraform env: @@ -127,7 +108,7 @@ jobs: ARM_TENANT_ID: "${{ secrets.AZURE_TENANT_ID }}" run: | terraform init -backend-config="env/cstar-d-weu-rtp/backend.tfvars" -reconfigure - terraform apply -var-file="env/cstar-d-weu-rtp/terraform.tfvars" -var="rtp_activator_image=ghcr.io/${{ github.repository }}:${{ needs.post_merge.outputs.new_version }}-RC@${{ steps.rc-image.outputs.digest }}" -auto-approve -lock-timeout=300s + terraform apply -var-file="env/cstar-d-weu-rtp/terraform.tfvars" -var="rtp_activator_image=ghcr.io/${{ github.repository }}:${{ needs.versioning.outputs.new_version }}-RC@${{ steps.image.outputs.digest }}" -auto-approve -lock-timeout=300s # # # # Install Newman. @@ -149,22 +130,15 @@ jobs: # --env-var "correctClientSecretForVasLayer=${{ secrets.NEWMAN_IT__CORRECTCLIENTSECRETFORVASLAYER }}" \ # --env-var "clientSecretForMilDebtPosition=${{ secrets.NEWMAN_IT__CLIENTSECRETFORMILDEBTPOSITION }}" - # - # STABLE - Update of gradle.properties with the new version. - # - - name: STABLE - Update of gradle.properties with the new version + - name: "STABLE - Push of gradle.properties with the new version" run: | - sed -i -e "s/version=.*/version=${{ needs.post_merge.outputs.new_version }}/g" gradle.properties git config user.name "GitHub Workflow" git config user.email "<>" git add gradle.properties - git commit -m "Updated with new version ${{ needs.post_merge.outputs.new_version }}" + git commit -m "Updated with new version ${{ needs.versioning.outputs.new_version }}" git push origin main - # - # Calculation of the new version (again) with tagging + releasing + etc. - # - - name: Calculation of the new version (w/o dry_run) and put tag + - name: "Calculation of the new version (w/o dry_run) and put tag" uses: cycjimmy/semantic-release-action@b1b432f13acb7768e0c8efdec416d363a57546f2 # 4.1.1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -177,37 +151,15 @@ jobs: dry_run: false # - # STABLE - Build and push native container image. + # STABLE - Re-tagging (remove -RC and add version tag) and push native container image. # - - name: Log in to the Container registry - uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 - with: - registry: https://ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GIT_PAT }} - - - name: Set up QEMU - uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1 - - - name: Build the app image - id: stable-image - uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 - with: - push: true - context: . - file: src/main/docker/Dockerfile - platforms: linux/amd64 - tags: ghcr.io/${{ github.repository }}:latest, ghcr.io/${{ github.repository }}:${{ needs.post_merge.outputs.new_version }} - secrets: | - "gh_token=${{ secrets.GIT_PAT }}" + - name: Re-tag the app image + run: | + docker image tag ghcr.io/${{ github.repository }}:latest ghcr.io/${{ github.repository }}:${{ needs.versioning.outputs.new_version }} + docker rmi ghcr.io/${{ github.repository }}:${{ needs.versioning.outputs.new_version }}-RC + docker image push --all-tags ghcr.io/${{ github.repository }}:${{ needs.versioning.outputs.new_version }} - # - # STABLE - Update Container App. - # - - name: STABLE - Update Container App + - name: "STABLE - Update Container App" shell: bash working-directory: src/main/terraform env: @@ -216,12 +168,12 @@ jobs: ARM_TENANT_ID: "${{ secrets.AZURE_TENANT_ID }}" run: | terraform init -backend-config="env/cstar-d-weu-rtp/backend.tfvars" -reconfigure - terraform apply -var-file="env/cstar-d-weu-rtp/terraform.tfvars" -var="rtp_activator_image=ghcr.io/${{ github.repository }}:${{ needs.post_merge.outputs.new_version }}@${{ steps.stable-image.outputs.digest }}" -auto-approve -lock-timeout=300s + terraform apply -var-file="env/cstar-d-weu-rtp/terraform.tfvars" -var="rtp_activator_image=ghcr.io/${{ github.repository }}:${{ needs.versioning.outputs.new_version }}@${{ steps.image.outputs.digest }}" -auto-approve -lock-timeout=300s uat_deployment: - needs: [ post_merge, dev_deployment] + needs: [ versioning, dev_deployment] - if: needs.post_merge.outputs.new_release_published == 'true' + if: needs.versioning.outputs.new_release_published == 'true' runs-on: ubuntu-22.04 @@ -231,24 +183,18 @@ jobs: id-token: write steps: - # - # Checkout the source code. - # - - name: Checkout the source code + - name: "Checkout the source code" uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2 # - # Setup Terraform + # Update Container App. # - name: Setup Terraform uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2 with: terraform_version: 1.9.7 - # - # Update Container App. - # - - name: STABLE - Update Container App + - name: "STABLE - Update Container App" shell: bash working-directory: src/main/terraform env: @@ -257,4 +203,4 @@ jobs: ARM_TENANT_ID: "${{ secrets.AZURE_TENANT_ID }}" run: | terraform init -backend-config="env/cstar-u-weu-rtp/backend.tfvars" -reconfigure - terraform apply -var-file="env/cstar-u-weu-rtp/terraform.tfvars" -var="rtp_activator_image=ghcr.io/${{ github.repository }}:${{ needs.post_merge.outputs.new_version }}@${{ needs.dev_deployment.outputs.digest }}" -auto-approve -lock-timeout=300s + terraform apply -var-file="env/cstar-u-weu-rtp/terraform.tfvars" -var="rtp_activator_image=ghcr.io/${{ github.repository }}:${{ needs.versioning.outputs.new_version }}@${{ needs.dev_deployment.outputs.digest }}" -auto-approve -lock-timeout=300s