Skip to content

✨ handle application approved/declined #278

✨ handle application approved/declined

✨ handle application approved/declined #278

Workflow file for this run

name: Build
on:
workflow_dispatch:
push:
branches:
- "main"
paths-ignore:
- '.gitignore'
- 'CODEOWNERS'
- 'LICENSE'
- '*.md'
pull_request:
paths-ignore:
- '.gitignore'
- 'CODEOWNERS'
- 'LICENSE'
- '*.md'
env:
JAVA_VERSION: 21
JAVA_DISTRO: temurin
GH_BOT_EMAIL: "41898282+github-actions[bot]@users.noreply.github.com"
GH_BOT_NAME: "GitHub Action"
GRAALVM_DIST: graalvm-community
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: write
packages: write
steps:
- uses: actions/checkout@v4
- name: Set up JDK 21
uses: actions/setup-java@v4
with:
java-version: 21
distribution: 'temurin'
cache: maven
- name: Generate cache key
id: image-cache-key
run: |
echo "cache_key=build-image-cache-$(/bin/date -u "+%Y-%U")" >> $GITHUB_OUTPUT
- name: Restore cached build image
id: cache-restore
uses: actions/cache/restore@v4
with:
path: build-image/mandrel.tar
key: ${{ steps.image-cache-key.outputs.cache_key }}
- name: Download build image
if: steps.cache-restore.outputs.cache-hit != 'true'
run: |
mkdir -p build-image
docker pull quay.io/quarkus/ubi-quarkus-mandrel-builder-image:jdk-21
docker save quay.io/quarkus/ubi-quarkus-mandrel-builder-image:jdk-21 -o build-image/mandrel.tar
- uses: actions/cache/save@v4
id: cache-save
if: always()
with:
path: build-image/mandrel.tar
key: ${{ steps.image-cache-key.outputs.cache_key }}
- name: Load build image
id: load-build-image
run: |
docker load -i build-image/mandrel.tar
- name: Project metadata
id: metadata
run: |
SNAPSHOT=$(yq '.release.snapshot-version' .github/project.yml)
echo "snapshot=${SNAPSHOT}" >> $GITHUB_OUTPUT
- name: Build with Maven
run: |
./mvnw -B -ntp formatter:validate verify
- name: Build and run in native mode
id: mvn-native-build
env:
MAVEN_OPTS: "-Xmx1g"
run: |
./mvnw -B -ntp verify -DskipTests -DskipFormat \
-Dnative \
-Dquarkus.native.container-build=true \
-Dquarkus.container-image.build=true
- name: Update release with snapshot artifact
if: ${{ github.event_name == 'push' && github.repository == 'commonhaus/automation' }}
id: mvn-release-snapshot
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SNAPSHOT: ${{ steps.metadata.outputs.snapshot }}
run: |
git config user.name ${{ env.GH_BOT_NAME }}
git config user.email ${{ env.GH_BOT_EMAIL }}
CB=commonhaus-bot-${SNAPSHOT}-runner
ls -al ./commonhaus-bot/target
gh release upload "${SNAPSHOT}" --clobber ./commonhaus-bot/target/${CB}.jar#${CB}.jar
gh release upload "${SNAPSHOT}" --clobber ./commonhaus-bot/target/${CB}#${CB}
CB=cf-admin-bot-${SNAPSHOT}-runner
ls -al ./cf-admin-bot/target
gh release upload "${SNAPSHOT}" --clobber ./cf-admin-bot/target/${CB}.jar#${CB}.jar
gh release upload "${SNAPSHOT}" --clobber ./cf-admin-bot/target/${CB}#${CB}
echo "Update tag for $SNAPSHOT"
git push origin :refs/tags/$SNAPSHOT
git tag -f $SNAPSHOT
git push --tags
echo "Update $SNAPSHOT release"
gh release edit "${SNAPSHOT}" -t "${SNAPSHOT}" --prerelease
- name: Log in to the Container registry
if: ${{ github.event_name == 'push' && github.repository == 'commonhaus/automation' }}
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Publish OCI (native)
if: ${{ github.event_name == 'push' && github.repository == 'commonhaus/automation' }}
id: publish-oci
env:
SNAPSHOT: ${{ steps.metadata.outputs.snapshot }}
run: |
image="commonhaus/commonhaus-bot:${SNAPSHOT}"
docker tag "${image}" "ghcr.io/${image}"
docker push "ghcr.io/${image}"
image="commonhaus/cf-admin-bot:${SNAPSHOT}"
docker tag "${image}" "ghcr.io/${image}"
docker push "ghcr.io/${image}"
- name: Mark snapshot release as non-draft
if: ${{ github.event_name == 'push' && github.repository == 'commonhaus/automation' }}
id: update-snapshot-release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SNAPSHOT: ${{ steps.metadata.outputs.snapshot }}
run: |
gh release edit "${SNAPSHOT}" --draft=false
gh release view "${SNAPSHOT}"
- name: Delete snapshots artifacts from cache
run: find ~/.m2 -name \*-SNAPSHOT -type d -exec rm -rf {} +
deploy:
if: ${{ github.event_name == 'push' && github.repository == 'commonhaus/automation' }}
needs: build
runs-on: ubuntu-latest
permissions:
contents: read
concurrency:
group: "deploy"
steps:
- name: Set up SSH
run: |
mkdir -p ~/.ssh/
echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts
echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
sudo chmod 600 ~/.ssh/id_rsa
shell: bash
env:
SSH_PRIVATE_KEY: ${{secrets.SSH_PRIVATE_KEY}}
SSH_KNOWN_HOSTS: ${{secrets.SSH_KNOWN_HOSTS}}
- name: Update CF Bot
run: |
ssh $SSH_PORT $SSH_USER_HOST "$SSH_BOT_UPDATE"
shell: bash
env:
SSH_USER_HOST: ${{secrets.SSH_USER_HOST}}
SSH_PORT: ${{secrets.SSH_PORT}}
SSH_BOT_UPDATE: ${{secrets.SSH_BOT_UPDATE}}
- name: Cleanup
run: |
rm ~/.ssh/id_rsa
rm ~/.ssh/known_hosts
shell: bash