Skip to content

Commit

Permalink
Imagen julkaisu omaan workflowiin
Browse files Browse the repository at this point in the history
  • Loading branch information
@a544jh
a544jh committed Jan 14, 2025
1 parent ca1aa7e commit 383792e
Show file tree
Hide file tree
Showing 4 changed files with 116 additions and 90 deletions.
5 changes: 2 additions & 3 deletions .github/actions/build_koski/action.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,9 @@
name: "Build Koski app + tests"
inputs:
commithash:
required: false
required: true
type: string
description: "Commit hash to build"
default: ${{ github.sha }}
runs:
using: composite
steps:
Expand Down Expand Up @@ -51,4 +50,4 @@ runs:
uses: actions/cache/save@v4
with:
path: target/
key: ${{ runner.os }}-target-${{ github.sha }}
key: ${{ runner.os }}-target-${{ inputs.commithash }}
2 changes: 2 additions & 0 deletions .github/workflows/all_tests.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@ jobs:
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/build_koski
with:
commithash: ${{ github.sha }}
lint_koski:
name: Lint Koski
runs-on: ${{ inputs.runs-on }}
Expand Down
103 changes: 16 additions & 87 deletions .github/workflows/deploy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,23 @@ env:

run-name: Deploy to ${{ inputs.environment }}
jobs:
build:
name: Build Koski
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/build_koski
with:
commithash: ${{ inputs.commithash }}
publish_image:
name: Publish Koski Docker Image
needs: [build]
uses: ./.github/workflows/publish_image.yml
with:
commithash: ${{ inputs.commithash }}
checkbuilddeploy:
name: Build and deploy
name: Deploy
needs: [publish_image]
environment:
name: ${{ github.event.inputs.environment }}
runs-on: ubuntu-20.04
Expand All @@ -25,92 +40,6 @@ jobs:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.inputs.commithash }}
# Number of commits to fetch. 0 indicates all history for all branches and tags.
fetch-depth: 0

- name: Print git diff with master branch
run: |
echo "Changed files:"
git diff --name-only origin/master...
echo "Changes to files:"
git diff origin/master...
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1-node16
with:
role-to-assume: ${{ secrets.ECR_ROLE }}
role-duration-seconds: 3600
role-session-name: KoskiDeploymentEcr-${{ github.event.inputs.environment }}-${{ github.event.inputs.commithash }}
aws-region: eu-west-1

- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
with:
registries: ${{ secrets.ECR_ACCOUNT_ID }}
mask-password: "true"

- name: Check if container image already exists in ECR
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: koski
IMAGE_TAG: ${{ github.event.inputs.commithash }}
id: check-image
run: |
echo "image-exists=$(docker manifest inspect $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG > /dev/null 2>&1 ; echo $?)" >> $GITHUB_OUTPUT
- name: Cache Maven packages
uses: actions/cache@v3
if: steps.check-image.outputs.image-exists != '0'
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Cache Node modules
uses: actions/cache@v3
if: steps.check-image.outputs.image-exists != '0'
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- name: Set up Java 11
uses: actions/setup-java@v4
if: steps.check-image.outputs.image-exists != '0'
with:
java-version: "11"
architecture: "x64"
distribution: "zulu"
cache: "maven"

- name: Setup settings.xml
uses: s4u/maven-settings-action@v2.8.0
if: steps.check-image.outputs.image-exists != '0'
with:
servers: '[{"id": "github","configuration": {"httpHeaders": {"property": {"name": "Authorization","value": "Bearer ${{ secrets.GITHUB_TOKEN }}"}}}}]'

- name: Build application and publish it to Github Packages
if: steps.check-image.outputs.image-exists != '0'
run: make dist version=${{ github.event.inputs.commithash }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Build, tag, and push image to Amazon ECR
if: steps.check-image.outputs.image-exists != '0'
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: koski
IMAGE_TAG: ${{ github.event.inputs.commithash }}
run: |
docker build -f docker-build/Dockerfile -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG --build-arg KOSKI_VERSION=$IMAGE_TAG .
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1-node16
with:
Expand Down
96 changes: 96 additions & 0 deletions .github/workflows/publish_image.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,96 @@
name: Publish
on:
workflow_dispatch:
inputs:
commithash:
description: "Commit hash (version) of the image to package and publish"
required: true
env:
DOCKER_BUILDKIT: 1
SSH_AUTH_SOCK: /tmp/ssh_agent.sock

jobs:
publish:
name: Publish Koski Docker image
runs-on: ubuntu-20.04
permissions:
id-token: write
contents: read
packages: write
steps:
- uses: actions/checkout@v4
with:
ref: ${{ inputs.commithash }}

- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1-node16
with:
role-to-assume: ${{ secrets.ECR_ROLE }}
role-duration-seconds: 3600
role-session-name: KoskiPublishEcr-${{ inputs.commithash }}
aws-region: eu-west-1

- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
with:
registries: ${{ secrets.ECR_ACCOUNT_ID }}
mask-password: "true"

- name: Check if container image already exists in ECR
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: koski
IMAGE_TAG: ${{ inputs.commithash }}
id: check-image
run: |
echo "image-exists=$(docker manifest inspect $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG > /dev/null 2>&1 ; echo $?)" >> $GITHUB_OUTPUT
- name: Cache Maven packages
uses: actions/cache@v3
if: steps.check-image.outputs.image-exists != '0'
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Set up Java 11
uses: actions/setup-java@v4
if: steps.check-image.outputs.image-exists != '0'
with:
java-version: "11"
architecture: "x64"
distribution: "zulu"
cache: "maven"

- name: Setup settings.xml
uses: s4u/maven-settings-action@v2.8.0
if: steps.check-image.outputs.image-exists != '0'
with:
servers: '[{"id": "github","configuration": {"httpHeaders": {"property": {"name": "Authorization","value": "Bearer ${{ secrets.GITHUB_TOKEN }}"}}}}]'

- name: Restore target dir
uses: actions/cache/restore@v4
with:
path: "target/"
key: ${{ runner.os }}-target-${{ inputs.commithash }}
fail-on-cache-miss: "true"

- name: Build application and publish it to Github Packages
if: steps.check-image.outputs.image-exists != '0'
run: |
make dist version=${{ inputs.commithash }}
mvn war:war deploy:deploy --batch-mode -Dmaven.skip.install=true -DaltDeploymentRepository=github::default::https://maven.pkg.github.com/Opetushallitus/koski
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Build, tag, and push image to Amazon ECR
if: steps.check-image.outputs.image-exists != '0'
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: koski
IMAGE_TAG: ${{ inputs.commithash }}
run: |
docker build -f docker-build/Dockerfile -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG --build-arg KOSKI_VERSION=$IMAGE_TAG .
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG

0 comments on commit 383792e

Please sign in to comment.