Skip to content
🤪 Unstable integration & delivery

Update unstable-cicd.yaml #410

Sign in to view logs

Update unstable-cicd.yaml

Update unstable-cicd.yaml #410

Workflow file for this run

.github/workflows/unstable-cicd.yaml at fcf5b8e
# 🏃‍♀️ Continuous Integration and Delivery: Unstable
# =================================================
#
# Note: for this workflow to succeed, the following secrets must be installed
# in the repository or inherited from the organization:
#
# ``ADMIN_GITHUB_TOKEN``
# A personal access token of a user with collaborator or better access to
# the project repository. You can generate this by visiting GitHub →
# Settings → Developer settings → Personal access tokens → Generate new
# token. Give the token scopes on ``repo``, ``write:packages``,
# ``delete:packages``, ``workflow``, and ``read:gpg_key``.
# ``CODE_SIGNING_KEY``
# A *private* key with which we can sign artifacts.
# ``OSSRH_USERNAME``
# Username for the Central Repository.
# ``OSSRH_USERNAME``
# Password for the Central Repository.
---
name: 🤪 Unstable integration & delivery
# Driving Event
# -------------
#
# What event starts this workflow: a push to ``main`` (or ``master`` in old
# parlance).
on:
push:
branches:
- develop
workflow_dispatch:
concurrency: roundup
# What to Do
# ----------
#
# Round up, yee-haw!
jobs:
unstable-assembly:
name: 🧩 Unstable Assembly
runs-on: ubuntu-latest
if: github.actor != 'pdsen-ci'
steps:
-
name: 💳 Checkout
uses: actions/checkout@v3
with:
lfs: true
fetch-depth: 0
token: ${{secrets.ADMIN_GITHUB_TOKEN}}
-
name: 💵 Maven Cache
uses: actions/cache@v3
with:
path: ~/.m2/repository
# The "key" used to indicate a set of cached files is the operating system runner
# plus "mvn" for Maven-specific builds, plus a hash of the `pom.xml` files, which
# should uniquely identify the dependent jars; plus "pds" because we pds-prefix
# everything with "pds" in PDS—even when the context is obvious! 😅
key: pds-${{runner.os}}-mvn-${{hashFiles('**/pom.xml')}}
# To restore a set of files, we only need to match a prefix of the saved key.
restore-keys: pds-${{runner.os}}-mvn-
-
name: 🤠 Roundup
uses: NASA-PDS/roundup-action@stable
with:
assembly: unstable
packages: openjdk17-jdk
env:
ossrh_username: ${{secrets.OSSRH_USERNAME}}
ossrh_password: ${{secrets.OSSRH_PASSWORD}}
CODE_SIGNING_KEY: ${{secrets.CODE_SIGNING_KEY}}
ADMIN_GITHUB_TOKEN: ${{secrets.ADMIN_GITHUB_TOKEN}}
-
name: 🫙 Jar File Determination
id: jarrer
run: echo "jar_file=$(find ./service/target/ -maxdepth 1 -regextype posix-extended -regex '.*/registry-api-service-[0-9]+\.[0-9]+\.[0-9]+(-SNAPSHOT)?\.jar')" >> $GITHUB_OUTPUT
-
name: 💳 Docker Hub Identification
uses: docker/login-action@v2
with:
username: ${{secrets.DOCKERHUB_USERNAME}}
password: ${{secrets.DOCKERHUB_TOKEN}}
-
name: 🎰 QEMU Multiple Machine Emulation
uses: docker/setup-qemu-action@v2
-
name: 🚢 Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: 🧱 Image Construction and Publication
uses: docker/build-push-action@v3
with:
context: ./
file: ./docker/Dockerfile
build-args: api_jar=${{steps.jarrer.outputs.jar_file}}
platforms: linux/amd64,linux/arm64
push: true
tags: ${{secrets.DOCKERHUB_USERNAME}}/registry-api-service:latest
-
name: ∫ Integration tests … hold onto your hats, pardners
run: |
git clone --quiet https://github.com/NASA-PDS/registry.git
cd registry/docker/certs
./generate-certs.sh
cd ..
docker image pull ${{secrets.DOCKERHUB_USERNAME}}/registry-api-service:latest
docker image inspect ${{secrets.DOCKERHUB_USERNAME}}/registry-api-service:latest >/dev/null
docker compose \
--ansi never --profile int-registry-batch-loader --project-name registry \
up --detach --quiet-pull
docker compose \
--ansi never --profile int-registry-batch-loader --project-name registry \
run --rm --no-TTY reg-api-integration-test-with-wait
...
# -*- mode: yaml; indent: 4; fill-column: 120; coding: utf-8 -*-