rename file #9
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI and CD | |
on: | |
push: | |
branches: [main] | |
pull_request: | |
jobs: | |
# ============== | |
# CI task | |
# ============== | |
quality-check: | |
name: Quality Scan | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v1 | |
with: | |
java-version: 17 | |
- name: Cache SonarQube packages | |
uses: actions/cache@v3 | |
with: | |
path: ~/.sonar/cache | |
key: ${{ runner.os }}-sonar | |
restore-keys: ${{ runner.os }}-sonar | |
- name: Cache Gradle packages | |
uses: actions/cache@v3 | |
with: | |
path: ~/.gradle/caches | |
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }} | |
restore-keys: ${{ runner.os }}-gradle | |
- name: Build and analyze | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | |
run: ./gradlew build sonar --info | |
build-and-push-docker-image: | |
name: Build Docker image and push to repositories | |
runs-on: ubuntu-latest | |
needs: quality-check | |
steps: | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v1 | |
with: | |
java-version: 17 | |
- uses: actions/checkout@v4 | |
- name: Unit test outside Docker-compose | |
run: ./gradlew test | |
- name: Setup SHA | |
run: echo "GITHUB_SHA=${GITHUB_SHA}" >> $GITHUB_ENV | |
- name: Integration test inside Docker-compose cleanup | |
run: docker-compose -f docker-compose.test.yml down | |
- name: Integration test inside Docker-compose | |
run: docker-compose -f docker-compose.test.yml up --build --abort-on-container-exit --exit-code-from it_test | |
- name: Build the Docker image | |
run: docker build . --file Dockerfile --tag ghcr.io/aorjoa/devops-java-example:${{ env.GITHUB_SHA }} | |
- name: Login ghcr.io | |
uses: docker/[email protected] | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
logout: true | |
- name: Push to GitHub Container Registry | |
uses: docker/build-push-action@v2 | |
with: | |
context: . | |
tags: | | |
ghcr.io/aorjoa/devops-java-example:${{ env.GITHUB_SHA }} | |
# build on feature branches, push only on main branch | |
push: ${{ github.ref == 'refs/heads/main' }} | |
- name: Image digest | |
run: echo ${{ steps.docker_build.outputs.digest }} | |
# ============== | |
# CD task | |
# ============== | |
# gitops-versioning: | |
# runs-on: ubuntu-latest | |
# needs: build-and-push-docker-image | |
# steps: | |
# - name: checkout | |
# uses: actions/checkout@v4 | |
# with: | |
# repository: aorjoa/devops-argocd | |
# persist-credentials: false | |
# fetch-depth: 0 | |
# - name: change image tag | |
# run: | | |
# git --version | |
# git config user.name "aorjoa" | |
# git config user.email "[email protected]" | |
# sed -i -E "s/ghcr.io\/aorjoa-training\/devops-go-example.*$/ghcr.io\/aorjoa-training\/devops-go-example:${GITHUB_SHA}/" kube-gitops/deployment.yml | |
# git add kube-gitops/deployment.yml | |
# git commit -m "🤖 change docker image version to ${GITHUB_SHA}" | |
# - name: push changes | |
# uses: ad-m/github-push-action@master | |
# with: | |
# github_token: ${{ secrets.PAT }} | |
# repository: aorjoa-training/devops-argocd | |
# branch: main |