Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: [SRTP-116] improve building workflow of pipeline CD #21

Merged
merged 2 commits into from
Nov 29, 2024
Merged

chore: [SRTP-116] improve building workflow of pipeline CD #21

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
642ea30
improve building workflow of pipeline CD
and-mora Nov 21, 2024
8efac31
change post_merge job name to versioning
and-mora Nov 21, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
128 changes: 37 additions & 91 deletions .github/workflows/post-merge.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ on:
- main

jobs:
post_merge:
versioning:
runs-on: ubuntu-22.04

permissions:
Expand All @@ -18,26 +18,17 @@ jobs:
new_version: ${{ steps.semantic.outputs.new_release_version }}

steps:
#
# Checkout the source code.
#
- name: Checkout the source code
- name: "Checkout the source code"
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2
with:
fetch-depth: 0

#
# Install Node.
#
- name: Install Node
- name: "Install Node"
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af #v4.1.0
with:
node-version: "20.18.0"

#
# Calculate of the new version (dry-run).
#
- name: Calculate of the new version (dry-run)
- name: "Calculate of the new version (dry-run)"
uses: cycjimmy/semantic-release-action@b1b432f13acb7768e0c8efdec416d363a57546f2 # 4.1.1
id: semantic
env:
Expand All @@ -51,8 +42,8 @@ jobs:
dry_run: true

dev_deployment:
needs: post_merge
if: needs.post_merge.outputs.new_release_published == 'true'
needs: versioning
if: needs.versioning.outputs.new_release_published == 'true'
runs-on: ubuntu-22.04
environment: cstar-d-weu-rtp

Expand All @@ -62,63 +53,53 @@ jobs:
contents: write # Create a new release.

outputs:
digest: ${{ steps.stable-image.outputs.digest }}
digest: ${{ steps.image.outputs.digest }}

steps:
#
# Checkout the source code.
#
- name: Checkout the source code
- name: "Checkout the source code"
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2

#
# RELEASE CANDIDATE - Update of gradle.properties with the RC new version.
#
- name: RELEASE CANDIDATE - Update of gradle.properties with the new version
- name: "Update of gradle.properties with the new version"
run: |
sed -i -e "s/version=.*/version=${{ needs.post_merge.outputs.new_version }}-RC/g" gradle.properties
sed -i -e "s/version=.*/version=${{ needs.versioning.outputs.new_version }}/g" gradle.properties

# todo sonar
#
# RELEASE CANDIDATE - Build and push native container image.
#
- name: Log in to the Container registry
- name: "Log in to the Container registry"
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: https://ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GIT_PAT }}

- name: Set up QEMU
- name: "Set up QEMU"
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0

- name: Set up Docker Buildx
- name: "Set up Docker Buildx"
uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1

- name: Build the app image
id: rc-image
- name: "Build the app image"
id: image
uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0
with:
push: true
context: .
file: src/main/docker/Dockerfile
platforms: linux/amd64
tags: ghcr.io/${{ github.repository }}:latest, ghcr.io/${{ github.repository }}:${{ needs.post_merge.outputs.new_version }}-RC
tags: ghcr.io/${{ github.repository }}:latest, ghcr.io/${{ github.repository }}:${{ needs.versioning.outputs.new_version }}-RC
secrets: |
"gh_token=${{ secrets.GIT_PAT }}"

#
# Setup Terraform
# RELEASE CANDIDATE - Update Container App.
#
- name: Setup Terraform
- name: "Setup Terraform"
uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2
with:
terraform_version: 1.9.7

#
# RELEASE CANDIDATE - Update Container App.
#
- name: RELEASE CANDIDATE - Update Container App
- name: "RELEASE CANDIDATE - Update Container App"
shell: bash
working-directory: src/main/terraform
env:
Expand All @@ -127,7 +108,7 @@ jobs:
ARM_TENANT_ID: "${{ secrets.AZURE_TENANT_ID }}"
run: |
terraform init -backend-config="env/cstar-d-weu-rtp/backend.tfvars" -reconfigure
terraform apply -var-file="env/cstar-d-weu-rtp/terraform.tfvars" -var="rtp_activator_image=ghcr.io/${{ github.repository }}:${{ needs.post_merge.outputs.new_version }}-RC@${{ steps.rc-image.outputs.digest }}" -auto-approve -lock-timeout=300s
terraform apply -var-file="env/cstar-d-weu-rtp/terraform.tfvars" -var="rtp_activator_image=ghcr.io/${{ github.repository }}:${{ needs.versioning.outputs.new_version }}-RC@${{ steps.image.outputs.digest }}" -auto-approve -lock-timeout=300s

# #
# # Install Newman.
Expand All @@ -149,22 +130,15 @@ jobs:
# --env-var "correctClientSecretForVasLayer=${{ secrets.NEWMAN_IT__CORRECTCLIENTSECRETFORVASLAYER }}" \
# --env-var "clientSecretForMilDebtPosition=${{ secrets.NEWMAN_IT__CLIENTSECRETFORMILDEBTPOSITION }}"

#
# STABLE - Update of gradle.properties with the new version.
#
- name: STABLE - Update of gradle.properties with the new version
- name: "STABLE - Push of gradle.properties with the new version"
run: |
sed -i -e "s/version=.*/version=${{ needs.post_merge.outputs.new_version }}/g" gradle.properties
git config user.name "GitHub Workflow"
git config user.email "<>"
git add gradle.properties
git commit -m "Updated with new version ${{ needs.post_merge.outputs.new_version }}"
git commit -m "Updated with new version ${{ needs.versioning.outputs.new_version }}"
git push origin main

#
# Calculation of the new version (again) with tagging + releasing + etc.
#
- name: Calculation of the new version (w/o dry_run) and put tag
- name: "Calculation of the new version (w/o dry_run) and put tag"
uses: cycjimmy/semantic-release-action@b1b432f13acb7768e0c8efdec416d363a57546f2 # 4.1.1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Expand All @@ -177,37 +151,15 @@ jobs:
dry_run: false

#
# STABLE - Build and push native container image.
# STABLE - Re-tagging (remove -RC and add version tag) and push native container image.
#
- name: Log in to the Container registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: https://ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GIT_PAT }}

- name: Set up QEMU
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1

- name: Build the app image
id: stable-image
uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0
with:
push: true
context: .
file: src/main/docker/Dockerfile
platforms: linux/amd64
tags: ghcr.io/${{ github.repository }}:latest, ghcr.io/${{ github.repository }}:${{ needs.post_merge.outputs.new_version }}
secrets: |
"gh_token=${{ secrets.GIT_PAT }}"
- name: Re-tag the app image
run: |
docker image tag ghcr.io/${{ github.repository }}:latest ghcr.io/${{ github.repository }}:${{ needs.versioning.outputs.new_version }}
docker rmi ghcr.io/${{ github.repository }}:${{ needs.versioning.outputs.new_version }}-RC
docker image push --all-tags ghcr.io/${{ github.repository }}:${{ needs.versioning.outputs.new_version }}

#
# STABLE - Update Container App.
#
- name: STABLE - Update Container App
- name: "STABLE - Update Container App"
shell: bash
working-directory: src/main/terraform
env:
Expand All @@ -216,12 +168,12 @@ jobs:
ARM_TENANT_ID: "${{ secrets.AZURE_TENANT_ID }}"
run: |
terraform init -backend-config="env/cstar-d-weu-rtp/backend.tfvars" -reconfigure
terraform apply -var-file="env/cstar-d-weu-rtp/terraform.tfvars" -var="rtp_activator_image=ghcr.io/${{ github.repository }}:${{ needs.post_merge.outputs.new_version }}@${{ steps.stable-image.outputs.digest }}" -auto-approve -lock-timeout=300s
terraform apply -var-file="env/cstar-d-weu-rtp/terraform.tfvars" -var="rtp_activator_image=ghcr.io/${{ github.repository }}:${{ needs.versioning.outputs.new_version }}@${{ steps.image.outputs.digest }}" -auto-approve -lock-timeout=300s

uat_deployment:
needs: [ post_merge, dev_deployment]
needs: [ versioning, dev_deployment]

if: needs.post_merge.outputs.new_release_published == 'true'
if: needs.versioning.outputs.new_release_published == 'true'

runs-on: ubuntu-22.04

Expand All @@ -231,24 +183,18 @@ jobs:
id-token: write

steps:
#
# Checkout the source code.
#
- name: Checkout the source code
- name: "Checkout the source code"
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2

#
# Setup Terraform
# Update Container App.
#
- name: Setup Terraform
uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2
with:
terraform_version: 1.9.7

#
# Update Container App.
#
- name: STABLE - Update Container App
- name: "STABLE - Update Container App"
shell: bash
working-directory: src/main/terraform
env:
Expand All @@ -257,4 +203,4 @@ jobs:
ARM_TENANT_ID: "${{ secrets.AZURE_TENANT_ID }}"
run: |
terraform init -backend-config="env/cstar-u-weu-rtp/backend.tfvars" -reconfigure
terraform apply -var-file="env/cstar-u-weu-rtp/terraform.tfvars" -var="rtp_activator_image=ghcr.io/${{ github.repository }}:${{ needs.post_merge.outputs.new_version }}@${{ needs.dev_deployment.outputs.digest }}" -auto-approve -lock-timeout=300s
terraform apply -var-file="env/cstar-u-weu-rtp/terraform.tfvars" -var="rtp_activator_image=ghcr.io/${{ github.repository }}:${{ needs.versioning.outputs.new_version }}@${{ needs.dev_deployment.outputs.digest }}" -auto-approve -lock-timeout=300s