From 8e58014ba7cad06cdc3df5916e5d450a5876c799 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Skaar=2C=20Bj=C3=B8rn-Andre?= Date: Tue, 7 Nov 2023 22:25:08 +0100 Subject: [PATCH] Add github actions. Build to dapla-pseudo-maven repo in AR --- .github/labels.yml | 66 ++++++++++++++ .github/release-drafter.yml | 59 +++++++++++++ .github/workflows/build.yml | 86 ++++++++++++++++++ .github/workflows/labeler.yml | 19 ++++ .github/workflows/release-drafter.yml | 30 +++++++ .github/workflows/release.yml | 121 ++++++++++++++++++++++++++ pom.xml | 10 +-- 7 files changed, 384 insertions(+), 7 deletions(-) create mode 100644 .github/labels.yml create mode 100644 .github/release-drafter.yml create mode 100644 .github/workflows/build.yml create mode 100644 .github/workflows/labeler.yml create mode 100644 .github/workflows/release-drafter.yml create mode 100644 .github/workflows/release.yml diff --git a/.github/labels.yml b/.github/labels.yml new file mode 100644 index 0000000..82bb9b9 --- /dev/null +++ b/.github/labels.yml @@ -0,0 +1,66 @@ +--- +# Labels names are important as they are used by Release Drafter to decide +# regarding where to record them in changelog or if to skip them. +# +# The repository labels will be automatically configured using this file and +# the GitHub Action https://github.com/marketplace/actions/github-labeler. +- name: breaking + description: Breaking Changes + color: bfd4f2 +- name: bug + description: Something isn't working + color: d73a4a +- name: build + description: Build System and Dependencies + color: bfdadc +- name: ci + description: Continuous Integration + color: 4a97d6 +- name: dependencies + description: Pull requests that update a dependency file + color: 0366d6 +- name: documentation + description: Improvements or additions to documentation + color: 0075ca +- name: duplicate + description: This issue or pull request already exists + color: cfd3d7 +- name: enhancement + description: New feature or request + color: a2eeef +- name: github_actions + description: Pull requests that update Github_actions code + color: "000000" +- name: good first issue + description: Good for newcomers + color: 7057ff +- name: help wanted + description: Extra attention is needed + color: 008672 +- name: invalid + description: This doesn't seem right + color: e4e669 +- name: performance + description: Performance + color: "016175" +- name: python + description: Pull requests that update Python code + color: 2b67c6 +- name: question + description: Further information is requested + color: d876e3 +- name: refactoring + description: Refactoring + color: ef67c4 +- name: removal + description: Removals and Deprecations + color: 9ae7ea +- name: style + description: Style + color: c120e5 +- name: testing + description: Testing + color: b1fc6f +- name: wontfix + description: This will not be worked on + color: ffffff \ No newline at end of file diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml new file mode 100644 index 0000000..f86c79d --- /dev/null +++ b/.github/release-drafter.yml @@ -0,0 +1,59 @@ +categories: + - title: ":boom: Breaking Changes" + label: "breaking" + - title: ":rocket: Features" + label: "enhancement" + - title: ":fire: Removals and Deprecations" + label: "removal" + - title: ":beetle: Fixes" + label: "bug" + - title: ":racehorse: Performance" + label: "performance" + - title: ":rotating_light: Testing" + label: "testing" + - title: ":construction_worker: Continuous Integration" + label: "ci" + - title: ":books: Documentation" + label: "documentation" + - title: ":hammer: Refactoring" + label: "refactoring" + - title: ":lipstick: Style" + label: "style" + - title: ":package: Dependencies" + labels: + - "dependencies" + - "build" + +autolabeler: + - label: 'documentation' + branch: + - '/docs{0,1}\/.+/' + - label: 'bug' + branch: + - '/fix\/.+/' + title: + - '/fix/i' + - label: 'enhancement' + branch: + - '/feat\/.+/' + body: + - '/JIRA-[0-9]{1,4}/' + - label: 'refactoring' + branch: + - '/refactor\/.+/' + title: + - '/^refactor/i' + - label: 'testing' + branch: + - '/test\/.+/' + - label: 'breaking' + title: + - '/breaking change/i' + - label: 'ci' + files: + - '.github/*' + +template: | + ## Changes + + $CHANGES diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..ec4ba52 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,86 @@ +name: Build + +on: + push: + branches: + - master + pull_request: + branches: + - master + +env: + REGISTRY: europe-north1-docker.pkg.dev/artifact-registry-5n/dapla-pseudo-maven + IMAGE: dapla-dlp-pseudo-func + TAG: ${{ github.ref_name }}-${{ github.sha }} + +jobs: + build: + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + + steps: + - uses: actions/checkout@v3 + + - name: Set up JDK 21 + uses: actions/setup-java@v3 + with: + java-version: 21 + distribution: zulu + + - name: Authenticate to Google Cloud + id: auth + uses: google-github-actions/auth@v1.1.1 + with: + workload_identity_provider: "projects/848539402404/locations/global/workloadIdentityPools/gh-actions/providers/gh-actions" + service_account: "gh-actions-dapla-pseudo@artifact-registry-5n.iam.gserviceaccount.com" + token_format: access_token + + - name: Cache Maven packages + uses: actions/cache@v3 + with: + path: ~/.m2 + key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} + restore-keys: ${{ runner.os }}-m2 + + - name: Build with Maven + run: mvn --batch-mode -P ssb-bip package + + - name: Extract build metadata for Docker + id: metadata + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE }} + tags: | + type=ref,event=branch + type=ref,event=pr + type=raw,value=latest,enable={{is_default_branch}} + type=semver,pattern=v{{version}} + type=semver,pattern=v{{major}}.{{minor}} + type=semver,pattern=v{{major}} + type=raw,value=${{ env.TAG }}, enable=true + + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v2 + + - name: Login to Docker registry + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: "oauth2accesstoken" + password: "${{ steps.auth.outputs.access_token }}" + + - name: Build and push docker image to Artifact Registry + uses: docker/build-push-action@v4 + with: + context: . + file: Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.metadata.outputs.tags }} + labels: ${{ steps.metadata.outputs.labels }} + + - name: Image digest + run: echo ${{ steps.docker_build.outputs.digest }} diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml new file mode 100644 index 0000000..19d5246 --- /dev/null +++ b/.github/workflows/labeler.yml @@ -0,0 +1,19 @@ +name: Labeler + +on: + push: + branches: + - master + +jobs: + labeler: + runs-on: ubuntu-latest + steps: + - name: Check out the repository + uses: actions/checkout@v3 + + # Reads labels from .github/labels.yml + - name: Run Labeler + uses: crazy-max/ghaction-github-labeler@v4 + with: + skip-delete: true diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml new file mode 100644 index 0000000..c0d6ab8 --- /dev/null +++ b/.github/workflows/release-drafter.yml @@ -0,0 +1,30 @@ +name: Release Drafter + +on: + push: + branches: + - master + # pull_request event is required only for autolabeler + pull_request: + types: + - opened + - reopened + - synchronize + +permissions: + contents: read + +jobs: + update_release_draft: + permissions: + # write permission is required to create a GitHub release + contents: write + # write permission is required for autolabeler + # otherwise, read permission is required at least + pull-requests: write + runs-on: ubuntu-latest + steps: + # Draft the next Release notes as Pull Requests are merged into master + - uses: release-drafter/release-drafter@v5 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..36cab8a --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,121 @@ +name: Release + +on: + push: + branches: + - release + +env: + REGISTRY: europe-north1-docker.pkg.dev/artifact-registry-5n/dapla-platform-docker + IMAGE: dapla-team-api + +jobs: + release: + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + + steps: + - uses: actions/checkout@v3 + with: + ref: refs/heads/master + + - name: Set up JDK 21 + uses: actions/setup-java@v3 + with: + java-version: 21 + distribution: zulu + server-id: github + + - name: Authenticate to Google Cloud + id: auth + uses: google-github-actions/auth@v1.1.1 + with: + workload_identity_provider: "projects/848539402404/locations/global/workloadIdentityPools/gh-actions/providers/gh-actions" + service_account: "gh-actions-dapla-platform@artifact-registry-5n.iam.gserviceaccount.com" + token_format: access_token + + - name: Cache Maven packages + uses: actions/cache@v3 + with: + path: ~/.m2 + key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} + restore-keys: ${{ runner.os }}-m2 + + - name: Configure Git user + run: | + git config user.email "ghactions@ssb.no" + git config user.name "GitHub Actions" + + - name: Perform release and publish jar + id: release_jar + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + mvn --batch-mode -P ssb-bip -DskipTests release:prepare + TAG=$(git describe --abbrev=0 --tags) + echo "tag=${TAG}" >> $GITHUB_OUTPUT + mvn --batch-mode -P ssb-bip -DskipTests release:perform + ARTIFACT_ID=$(mvn help:evaluate -Dexpression=project.artifactId -q -DforceStdout) + echo "artifact_id=${ARTIFACT_ID}" >> $GITHUB_OUTPUT + ARTIFACT_PATH=$(realpath ./target/$ARTIFACT_ID*.jar) + echo "artifact_path=${ARTIFACT_PATH}" >> $GITHUB_OUTPUT + + - env: + EVENT_CONTEXT: ${{ toJSON(github.event) }} + run: | + echo $EVENT_CONTEXT + + - name: Create GitHub release draft + uses: release-drafter/release-drafter@v5 + id: create_github_release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + tag: ${{ steps.release_jar.outputs.tag }} + + - name: Publish GitHub release + uses: eregon/publish-release@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + release_id: ${{ steps.create_github_release.outputs.id }} + + - name: Extract build metadata for Docker + id: metadata + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE }} + tags: | + type=ref,event=branch + type=ref,event=pr + type=raw,value=latest,enable={{is_default_branch}} + type=semver,pattern=v{{version}} + type=semver,pattern=v{{major}}.{{minor}} + type=semver,pattern=v{{major}} + type=raw,value=${{ steps.release_jar.outputs.tag }}, enable=true + + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v2 + + - name: Login to Docker registry + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: "oauth2accesstoken" + password: "${{ steps.auth.outputs.access_token }}" + + - name: Build and push docker image to Artifact Registry + uses: docker/build-push-action@v4 + with: + context: . + file: Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.metadata.outputs.tags }} + labels: ${{ steps.metadata.outputs.labels }} + + - name: Image digest + run: echo ${{ steps.docker_build.outputs.digest }} diff --git a/pom.xml b/pom.xml index 78c7d77..512e973 100644 --- a/pom.xml +++ b/pom.xml @@ -13,7 +13,7 @@ ${java.version} ${java.version} UTF-8 - artifactregistry://europe-north1-maven.pkg.dev/artifact-registry-14da + artifactregistry://europe-north1-maven.pkg.dev/artifact-registry-5n/dapla-pseudo-maven 3.24.2 @@ -220,9 +220,7 @@ artifact-registry - - artifactregistry://europe-north1-maven.pkg.dev/artifact-registry-14da/maven-releases - + ${artifact-registry.url}/maven-releases true @@ -232,9 +230,7 @@ artifact-registry-snapshot - - artifactregistry://europe-north1-maven.pkg.dev/artifact-registry-14da/maven-snapshots - + ${artifact-registry.url}/maven-snapshots false