Skip to content

Commit

Permalink
Added GitHub action
Browse files Browse the repository at this point in the history
  • Loading branch information
@Vitolo-Andrea
Vitolo-Andrea committed Oct 21, 2024
1 parent e92221d commit eb5a63a
Show file tree
Hide file tree
Showing 8 changed files with 516 additions and 0 deletions.
79 changes: 79 additions & 0 deletions .devops/code-review-pipelines.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
# Build your Java project and run tests with Apache Maven.
# Add steps that analyze code, save build artifacts, deploy, and more:
# https://docs.microsoft.com/azure/devops/pipelines/languages/java

trigger:
- main

pool:
#vmImage: 'ubuntu-latest'
vmImage: ubuntu-22.04

#variables:
# MAVEN_CACHE_FOLDER: $(Pipeline.Workspace)/.m2/repository
# MAVEN_OPTS: '-Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'

steps:
# - task: Cache@2
# inputs:
# key: 'maven | "$(Agent.OS)" | pom.xml'
# restoreKeys: |
# maven | "$(Agent.OS)"
# maven
# path: $(MAVEN_CACHE_FOLDER)
# displayName: Cache Maven local repo

- task: SonarCloudPrepare@1
displayName: 'Prepare SonarCloud analysis configuration'
inputs:
SonarCloud: '$(SONARCLOUD_SERVICE_CONN)'
organization: '$(SONARCLOUD_ORG)'
scannerMode: Other
extraProperties: |
sonar.projectKey=$(SONARCLOUD_PROJECT_KEY)
sonar.projectName=$(SONARCLOUD_PROJECT_NAME)
sonar.exclusions='**/enums/**, **/model/**, **/stub/**, **/dto/**, **/*Constant*, **/*Config.java, **/*Scheduler.java, **/*Application.java, **/src/test/**, **/Dummy*.java'
# - task: DownloadSecureFile@1
# displayName: 'download settings.xml for Maven'
# name: settingsxml
# inputs:
# secureFile: '$(SETTINGS_XML_RO_SECURE_FILE_NAME)'
# retryCount: '2'

# options: '-B -s $(settingsxml.secureFilePath)'
- task: Maven@3
inputs:
mavenPomFile: 'pom.xml'
goals: 'clean org.jacoco:jacoco-maven-plugin:0.8.8:prepare-agent verify org.jacoco:jacoco-maven-plugin:0.8.8:report org.jacoco:jacoco-maven-plugin:0.8.8:report-aggregate '
options: '-B'
publishJUnitResults: true
testResultsFiles: '**/surefire-reports/TEST-*.xml'
javaHomeOption: 'JDKVersion'
jdkVersionOption: '1.17'
mavenVersionOption: 'Default'
mavenAuthenticateFeed: false
effectivePomSkip: false
sonarQubeRunAnalysis: false
- bash: xmlReportPaths=$(find "$(pwd)" -path '*jacoco.xml' | sed 's/.*/&/' | tr '\n' ','); echo "##vso[task.setvariable variable=xmlReportPaths]$xmlReportPaths"
displayName: finding jacoco.xml

# options: '-B -s $(settingsxml.secureFilePath) -Dsonar.coverage.jacoco.xmlReportPaths=$(xmlReportPaths)'

- task: Maven@3
inputs:
mavenPomFile: 'pom.xml'
goals: 'sonar:sonar'
options: '-B -Dsonar.coverage.jacoco.xmlReportPaths=$(xmlReportPaths)'
publishJUnitResults: false
javaHomeOption: 'JDKVersion'
jdkVersionOption: '1.17'
mavenVersionOption: 'Default'
mavenAuthenticateFeed: false
effectivePomSkip: false
sonarQubeRunAnalysis: true
isJacocoCoverageReportXML: false
sqMavenPluginVersionChoice: 'latest'
- task: SonarCloudPublish@1
inputs:
pollingTimeoutSec: '300'
192 changes: 192 additions & 0 deletions .devops/deploy-pipelines.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,192 @@
# Build and push image to Azure Container Registry; Deploy to Azure Kubernetes Service
# https://docs.microsoft.com/azure/devops/pipelines/languages/docker

parameters:
- name: 'executeBuild'
displayName: 'Launch maven and docker build'
type: boolean
default: true

trigger:
branches:
include:
- release-*
- main
paths:
include:
- src/*
- helm/*
- pom.xml
- Dockerfile

pr: none

resources:
- repo: self

variables:

# vmImageNameDefault: 'ubuntu-latest'
vmImageNameDefault: ubuntu-22.04

imageRepository: '$(K8S_IMAGE_REPOSITORY_NAME)'
deployNamespace: '$(DEPLOY_NAMESPACE)'
helmReleaseName : '$(HELM_RELEASE_NAME)'
settingsXmlROsecureFileName: '$(SETTINGS_XML_RO_SECURE_FILE_NAME)'
settingsXmlSecureFileName: '$(SETTINGS_XML_RO_SECURE_FILE_NAME)'
canDeploy: true

# If the branch is develop or a feature branch starting with CEN, deploy in DEV environment
${{ if startsWith(variables['Build.SourceBranch'], 'refs/heads/release-dev') }}:
environment: 'DEV'
dockerRegistryServiceConnection: '$(DEV_CONTAINER_REGISTRY_SERVICE_CONN)'
kubernetesServiceConnection: '$(DEV_KUBERNETES_SERVICE_CONN)'
containerRegistry: '$(DEV_CONTAINER_REGISTRY_NAME)'
selfHostedAgentPool: $(DEV_AGENT_POOL)

${{ elseif startsWith(variables['Build.SourceBranch'], 'refs/heads/release-uat') }}:
environment: 'UAT'
dockerRegistryServiceConnection: '$(UAT_CONTAINER_REGISTRY_SERVICE_CONN)'
kubernetesServiceConnection: '$(UAT_KUBERNETES_SERVICE_CONN)'
containerRegistry: '$(UAT_CONTAINER_REGISTRY_NAME)'
selfHostedAgentPool: $(UAT_AGENT_POOL)

${{ elseif or(eq(variables['Build.SourceBranch'], 'refs/heads/main'),eq(variables['Build.SourceBranch'], 'refs/heads/release-prod')) }}:
environment: 'PROD'
dockerRegistryServiceConnection: '$(PROD_CONTAINER_REGISTRY_SERVICE_CONN)'
kubernetesServiceConnection: '$(PROD_KUBERNETES_SERVICE_CONN)'
containerRegistry: '$(PROD_CONTAINER_REGISTRY_NAME)'
selfHostedAgentPool: $(PROD_AGENT_POOL)

${{ else }}:
environment: 'DEV'
dockerRegistryServiceConnection: '$(DEV_CONTAINER_REGISTRY_SERVICE_CONN)'
kubernetesServiceConnection: '$(DEV_KUBERNETES_SERVICE_CONN)'
containerRegistry: '$(DEV_CONTAINER_REGISTRY_NAME)'
selfHostedAgentPool: $(DEV_AGENT_POOL)

stages:
- stage: 'pom_version'
displayName: Release
condition: eq(variables.canDeploy, true)
jobs:
- job: POM
displayName: POM
pool:
vmImage: $(vmImageNameDefault)
steps:
- task: Bash@3
displayName: Get POM version
name: getpomversion
condition: and(succeeded(), eq(variables.canDeploy, true))
inputs:
targetType: 'inline'
script: |
version=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)
echo "##vso[task.setvariable variable=outputpomversion;isOutput=true]$version"
failOnStderr: true

- stage: 'build'
displayName: 'Build_and_Publish_to_${{ variables.environment }}'
dependsOn: 'pom_version'
variables:
pomversion: $[ stageDependencies.Release.POM.outputs['getpomversion.outputpomversion'] ]
jobs:
- job: Build
displayName: Build
pool:
vmImage: $(vmImageNameDefault)
steps:
- task: Docker@2
condition: and(succeeded(), ${{ parameters.executeBuild }})
displayName: 'Publish_image_to_${{ variables.environment }}'
inputs:
containerRegistry: '$(dockerRegistryServiceConnection)'
repository: '$(imageRepository)'
command: 'buildAndPush'
tags: |
$(Build.BuildId)
latest
$(pomversion)
# - task: PublishPipelineArtifact@1
# displayName: 'Publish Artifact manifests'
# condition: and(succeeded(), eq(variables.canDeploy, true))
# inputs:
# targetPath: '$(Build.Repository.LocalPath)/manifests'
# artifact: 'manifests'
# publishLocation: 'pipeline'

- stage: 'publish_artifact_helm'
displayName: 'Publish_artifact_Helm'
dependsOn: ['build']
jobs:
- job: Publish_artifact_helm
displayName: Publish_artifact_helm
pool:
vmImage: $(vmImageNameDefault)
steps:
- task: PublishPipelineArtifact@1
displayName: 'Publish Artifact manifests'
condition: succeeded()
inputs:
targetPath: '$(Build.Repository.LocalPath)/helm'
artifact: 'helm'
publishLocation: 'pipeline'

- stage: 'deploy'
displayName: 'Deploy to ${{ variables.environment }} K8S'
dependsOn: ['publish_artifact_helm']
condition: and(succeeded(), eq(variables.canDeploy, true))
variables:
pomversion: $[ stageDependencies.Release.POM.outputs['getpomversion.outputpomversion'] ]
jobs:
- deployment: 'Deploy_to_${{ variables.environment }}'
displayName: 'Deploy to ${{ variables.environment }} K8S'
pool:
name: $(selfHostedAgentPool)
environment: '$(environment)'
strategy:
runOnce:
deploy:
steps:
- download: none
- task: DownloadPipelineArtifact@2
inputs:
buildType: 'current'
artifactName: 'helm'
targetPath: '$(Pipeline.Workspace)/helm'
- task: KubectlInstaller@0
- task: Bash@3
name: helm_dependency_build
displayName: Helm dependency build
inputs:
workingDirectory: '$(Pipeline.Workspace)/helm'
targetType: 'inline'
script: |
helm repo add pagopa-microservice https://pagopa.github.io/aks-microservice-chart-blueprint
helm dep build
failOnStderr: true
- task: HelmDeploy@0
displayName: Helm upgrade
inputs:
kubernetesServiceEndpoint: ${{ variables.kubernetesServiceConnection }}
namespace: '$(deployNamespace)'
command: upgrade
chartType: filepath
chartPath: $(Pipeline.Workspace)/helm
chartName: ${{ variables.helmReleaseName }}
releaseName: ${{ variables.helmReleaseName }}
valueFile: "$(Pipeline.Workspace)/helm/values-${{ lower(variables.environment) }}.yaml"
install: true
waitForExecution: true
arguments: "--timeout 5m0s --debug"
- task: KubernetesManifest@0
displayName: Patch
inputs:
kubernetesServiceConnection: ${{ variables.kubernetesServiceConnection }}
namespace: '$(deployNamespace)'
action: patch
kind: deployment
name: '$(helmReleaseName)-microservice-chart'
mergeStrategy: strategic
patch: '{"spec":{"template":{"metadata":{"annotations":{"buildNumber":"$(Build.BuildNumber)"}}}}}'
28 changes: 28 additions & 0 deletions .github/PULL_REQUEST_TEMPLATE.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
<!--- Please always add a PR description as if nobody knows anything about the context these changes come from. -->
<!--- Even if we are all from our internal team, we may not be on the same page. -->
<!--- Write this PR as you were contributing to a public OSS project, where nobody knows you and you have to earn their trust. -->
<!--- This will improve our projects in the long run! Thanks. -->

### List of changes

<!--- Describe your changes in detail -->

### Motivation and context

<!--- Why is this change required? What problem does it solve? -->

### Type of changes

- [ ] Add new feature
- [ ] Update existing feature
- [ ] Remove existing feature
- [ ] Other changes

### Does this introduce a breaking change?

- [ ] Yes
- [ ] No

### Other information

<!-- Any other information that is important to this PR such as screenshots of how the component looks before and after the change. -->
61 changes: 61 additions & 0 deletions .github/workflows/code-review.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
name: SonarCloud Analysis

on:
push:
branches:
- main
- release-*
pull_request:
types:
- opened
- edited
- synchronize

jobs:
sonarcloud:
name: SonarCloud Analysis
runs-on: ubuntu-latest

steps:
- name: Checkout code
uses: actions/checkout@v4.1.7
with:
fetch-depth: 0 # Fetch all history for all branches and tags

- name: Set up JDK 17
uses: actions/setup-java@v4.2.1
with:
distribution: 'adopt'
java-version: '17'

- name: Cache Maven packages
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Build and test with Maven
run: mvn clean org.jacoco:jacoco-maven-plugin:0.8.8:prepare-agent verify org.jacoco:jacoco-maven-plugin:0.8.8:report org.jacoco:jacoco-maven-plugin:0.8.8:report-aggregate -B

- name: Generate JaCoCo XML Report
run: mvn org.jacoco:jacoco-maven-plugin:0.8.8:report -Djacoco.reportFormat=xml -B

- name: SonarCloud Scan
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
mvn sonar:sonar \
-Dsonar.projectKey=${{ vars.SONARCLOUD_PROJECT_KEY }} \
-Dsonar.organization=${{ vars.SONARCLOUD_ORG }} \
-Dsonar.host.url=https://sonarcloud.io \
-Dsonar.token=${{ secrets.SONAR_TOKEN }} \
-Dsonar.java.binaries=target/classes \
-Dsonar.junit.reportPaths=target/surefire-reports \
-Dsonar.coverage.jacoco.xmlReportPaths=target/site/jacoco/jacoco.xml \
-Dsonar.exclusions=**/configuration/**,**/enums/**,**/model/**,**/stub/**,**/dto/**,**/*Constant*,**/*Config.java,**/*Scheduler.java,**/*Application.java,**/src/test/**,**/Dummy*.java
- name: Fetch all branches
run: git fetch --all
Loading

0 comments on commit eb5a63a

Please sign in to comment.