174 lines
4.8 KiB
YAML
174 lines
4.8 KiB
YAML
# This workflow uses actions that are not certified by GitHub.
|
|
# They are provided by a third-party and are governed by
|
|
# separate terms of service, privacy policy, and support
|
|
# documentation.
|
|
|
|
# GitHub recommends pinning actions to a commit SHA.
|
|
# To get a newer version, you will need to update the SHA.
|
|
# You can also reference a tag or branch, but the action may change without warning.
|
|
|
|
name: "CD: Publish C4PO to Docker Hub"
|
|
|
|
on:
|
|
push:
|
|
branches: [ "main" ]
|
|
|
|
env:
|
|
ANGULAR_PATH: security-c4po-angular
|
|
API_PATH: security-c4po-api
|
|
REPORTING_PATH: security-c4po-reporting
|
|
CFG_PATH: security-c4po-cfg
|
|
|
|
jobs:
|
|
|
|
angular_job:
|
|
name: "Angular Job"
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: "Check out code"
|
|
uses: actions/checkout@v3
|
|
|
|
- name: "Use Node.js 16.x"
|
|
uses: actions/setup-node@v1
|
|
with:
|
|
node-version: '16.x'
|
|
cache: 'npm'
|
|
|
|
- name: "Install NPM dependencies"
|
|
run: |
|
|
cd $ANGULAR_PATH
|
|
npm ci
|
|
|
|
- name: "Build assets"
|
|
run: |
|
|
cd $ANGULAR_PATH
|
|
npm run build --if-present
|
|
|
|
- name: "Run tests"
|
|
run: |
|
|
cd $ANGULAR_PATH
|
|
npm test
|
|
|
|
api_job:
|
|
name: "API Job"
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: "Check out code"
|
|
uses: actions/checkout@v3
|
|
|
|
- name: "Set up JDK 11"
|
|
uses: actions/setup-java@v3
|
|
with:
|
|
java-version: '11'
|
|
distribution: 'temurin'
|
|
|
|
- name: "Setup Gradle"
|
|
uses: gradle/gradle-build-action@v2
|
|
with:
|
|
gradle-version: 6.5
|
|
|
|
- name: "Execute Gradle build"
|
|
run: |
|
|
cd $API_PATH
|
|
./gradlew clean bootJar -x dependencyCheckAnalyze
|
|
|
|
- uses: actions/upload-artifact@v3
|
|
with:
|
|
name: API-jar
|
|
path: security-c4po-api/build/libs/
|
|
|
|
reporting_job:
|
|
name: "Reporting Job"
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: "Check out code"
|
|
uses: actions/checkout@v3
|
|
|
|
- name: "Set up JDK 11"
|
|
uses: actions/setup-java@v3
|
|
with:
|
|
java-version: '11'
|
|
distribution: 'temurin'
|
|
|
|
- name: "Setup Gradle"
|
|
uses: gradle/gradle-build-action@v2
|
|
with:
|
|
gradle-version: 6.5
|
|
|
|
- name: "Execute Gradle build"
|
|
run: |
|
|
cd $REPORTING_PATH
|
|
./gradlew clean bootJar
|
|
|
|
- uses: actions/upload-artifact@v3
|
|
with:
|
|
name: REPORTING-jar
|
|
path: security-c4po-reporting/build/libs/
|
|
|
|
push_c4po_to_docker_hub:
|
|
name: "Push images to Docker Hub"
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
needs: [angular_job, api_job, reporting_job]
|
|
|
|
steps:
|
|
- name: "Check out the repo"
|
|
uses: actions/checkout@v3
|
|
|
|
- name: "Log in to Docker Hub"
|
|
uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
|
|
with:
|
|
username: ${{ secrets.DOCKER_HUB_USERNAME }}
|
|
password: ${{ secrets.DOCKER_HUB_TOKEN }}
|
|
|
|
- name: "Extract metadata (tags, labels) for Docker"
|
|
id: meta
|
|
uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
|
|
with:
|
|
images: cellecram/security-c4po # my-docker-hub-namespace/my-docker-hub-repository
|
|
|
|
- name: Download jar api artifact
|
|
uses: actions/download-artifact@v3
|
|
with:
|
|
name: API-jar
|
|
path: security-c4po-api/build/libs/
|
|
|
|
- name: Download jar reporting artifact
|
|
uses: actions/download-artifact@v3
|
|
with:
|
|
name: REPORTING-jar
|
|
path: security-c4po-reporting/build/libs/
|
|
|
|
- name: "Set up Docker Buildx"
|
|
uses: docker/setup-buildx-action@94ab11c41e45d028884a99163086648e898eed25 #v1
|
|
|
|
- name: "Buildx & Push Docker images for AMD64 & ARM64"
|
|
run: |
|
|
cd $CFG_PATH
|
|
docker buildx build --push \
|
|
--platform linux/amd64,linux/arm64 \
|
|
--tag cellecram/security-c4po:mongo ./c4po-db
|
|
docker buildx build --push \
|
|
--platform linux/amd64,linux/arm64 \
|
|
--tag cellecram/security-c4po:keycloak ./c4po-keycloak
|
|
docker buildx build --push \
|
|
--build-arg JAR_FILE_REPORT=./build/libs/security-c4po-reporting-0.0.1-SNAPSHOT.jar \
|
|
--build-arg SPRING_PROFILES_ACTIVE=COMPOSE \
|
|
--platform linux/amd64,linux/arm64 \
|
|
--tag cellecram/security-c4po:reporting ../security-c4po-reporting
|
|
docker buildx build --push \
|
|
--build-arg JAR_FILE_API=./build/libs/security-c4po-api-0.0.1-SNAPSHOT.jar \
|
|
--build-arg SPRING_PROFILES_ACTIVE=COMPOSE \
|
|
--platform linux/amd64,linux/arm64 \
|
|
--tag cellecram/security-c4po:api ../security-c4po-api
|
|
docker buildx build --push \
|
|
--platform linux/amd64,linux/arm64 \
|
|
--tag cellecram/security-c4po:angular ../security-c4po-angular
|