From a9b75ff1462dc404d2096208da4c5d7ed6bd2208 Mon Sep 17 00:00:00 2001 From: Kipchumba Bett Date: Fri, 2 Feb 2024 11:35:46 +0300 Subject: [PATCH] OZ-438: Use shared GitHub Actions workflows (#39) --- .../workflows/check-deps-build-publish.yml | 38 ------------ .github/workflows/check-deps.yml | 24 ++++++++ .github/workflows/ci.yml | 35 +++++++++++ .../workflows/compare-dependency-reports.sh | 61 ------------------- .github/workflows/validate-build-publish.yml | 40 ------------ 5 files changed, 59 insertions(+), 139 deletions(-) delete mode 100644 .github/workflows/check-deps-build-publish.yml create mode 100644 .github/workflows/check-deps.yml create mode 100644 .github/workflows/ci.yml delete mode 100644 .github/workflows/compare-dependency-reports.sh delete mode 100644 .github/workflows/validate-build-publish.yml diff --git a/.github/workflows/check-deps-build-publish.yml b/.github/workflows/check-deps-build-publish.yml deleted file mode 100644 index 7476a77..0000000 --- a/.github/workflows/check-deps-build-publish.yml +++ /dev/null @@ -1,38 +0,0 @@ -name: Check for dependency changes - -on: - workflow_dispatch: - schedule: - - cron: '*/60 * * * *' - -jobs: - check-for-dependency-changes: - outputs: - hasChanged: ${{ steps.compareDependencyChanges.outputs.hasChanged }} - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v3 - - - name: Set up JDK 8 - uses: actions/setup-java@v2 - with: - distribution: "temurin" - java-version: "8" - cache: "maven" - - - name: Check for dependency changes - id: compareDependencyChanges - run: bash .github/workflows/compare-dependency-reports.sh - - build-and-publish: - needs: check-for-dependency-changes - uses: mekomsolutions/mekom-github-workflow-maven/.github/workflows/build-publish-workflow.yml@main - with: - webhook-url: https://openmrs-cd.mekomsolutions.net/generic-webhook-trigger/invoke - secrets: - NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} - NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} - OCD3_USERNAME: ${{ secrets.OCD3_USERNAME }} - OCD3_PASSWORD: ${{ secrets.OCD3_PASSWORD }} - if: ${{ needs.check-for-dependency-changes.outputs.hasChanged == '1' }} diff --git a/.github/workflows/check-deps.yml b/.github/workflows/check-deps.yml new file mode 100644 index 0000000..e2e5a9b --- /dev/null +++ b/.github/workflows/check-deps.yml @@ -0,0 +1,24 @@ +name: Check for dependency changes + +on: + workflow_dispatch: + schedule: + - cron: '*/60 * * * *' + +jobs: + check-deps: + uses: mekomsolutions/shared-github-workflow/.github/workflows/maven-check-deps-build-publish.yml@main + with: + java-version: "8" + secrets: + NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} + NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} + + notify-ocd3: + needs: check-deps + uses: mekomsolutions/shared-github-workflow/.github/workflows/ocd3-notify.yml@main + with: + webhook-url: ${{ secrets.OCD3_WEBHOOK_URL }} + secrets: + OCD3_USERNAME: ${{ secrets.OCD3_USERNAME }} + OCD3_PASSWORD: ${{ secrets.OCD3_PASSWORD }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..94269bd --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,35 @@ +name: CI + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + release: + types: [published] + +jobs: + validate: + uses: mekomsolutions/shared-github-workflow/.github/workflows/maven-build-test.yml@main + with: + java-version: "8" + maven-args: "-P validator" # OMRS config validation + secrets: + NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} + NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} + + pre-release: + if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} + needs: validate + uses: mekomsolutions/shared-github-workflow/.github/workflows/maven-publish.yml@main + secrets: + NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} + NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} + + release: + if: ${{ github.event_name == 'release' }} + needs: validate + uses: mekomsolutions/shared-github-workflow/.github/workflows/maven-publish.yml@main + secrets: + NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} + NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} diff --git a/.github/workflows/compare-dependency-reports.sh b/.github/workflows/compare-dependency-reports.sh deleted file mode 100644 index a62390d..0000000 --- a/.github/workflows/compare-dependency-reports.sh +++ /dev/null @@ -1,61 +0,0 @@ -#!/usr/bin/env bash -set -e - -# Download the remote dependency report -remoteRepoUrl=https://nexus.mekomsolutions.net/repository/maven-public - -# Parse artifact details from project pom.xml -echo "Parsing details from project pom.xml..." -version=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout) -artifactId=$(mvn help:evaluate -Dexpression=project.artifactId -q -DforceStdout) -groupId=$(mvn help:evaluate -Dexpression=project.groupId -q -DforceStdout) -classifier=$(mvn help:evaluate -Dexpression=dependencyReportClassifier -q -DforceStdout) -artifact=${groupId}:${artifactId}:${version}:txt:${classifier} - -# Set the dependency report file name -filename=${artifactId}-${version}-${classifier}.txt -absolutePath=/tmp/$filename - -# Remove previous file if any -rm -f ${absolutePath} - -# Fetch the remote dependency report -echo "Fetch remote dependency report..." -set +e -mvn org.apache.maven.plugins:maven-dependency-plugin:3.6.0:get -DremoteRepositories=${remoteRepoUrl} -Dartifact=${artifact} -Dtransitive=false -mvn org.apache.maven.plugins:maven-dependency-plugin:3.6.0:copy -Dartifact=${artifact} -DoutputDirectory=/tmp/ -Dmdep.useBaseVersion=true -set -e - -# If no dependency report was fetched, create an empty one. -if [ ! -f "$absolutePath" ]; then - echo "Remote dependency file is not found at '${absolutePath}'. Creating an empty one and continue." - touch ${absolutePath} -else - echo "Remote dependency file saved at '${absolutePath}'." -fi - -# Build the local dependency report -echo "Compile a local dependency report..." -mvn clean compile - -# Compare the 2 files. Will exit with 0 if no change, 1 if changes -echo "Compare both dependency reports..." -set +e -diff ${absolutePath} ./target/${filename} -diff_rc=$? -set -e - -if [ $diff_rc -eq 0 ]; then - echo "No dependency change. Exit (0)" -elif [ $diff_rc -eq 1 ]; then - echo "One or more dependency has changed. Exit (1)" -else - echo "Unknown error occured." -fi - -set +e -# Export result code to be used in later steps of the GitHub worklow. -echo hasChanged=$diff_rc >> "$GITHUB_OUTPUT" -set -e - -exit 0 diff --git a/.github/workflows/validate-build-publish.yml b/.github/workflows/validate-build-publish.yml deleted file mode 100644 index d391e2a..0000000 --- a/.github/workflows/validate-build-publish.yml +++ /dev/null @@ -1,40 +0,0 @@ -name: Validate and optionally publish (if pushed on main) - -on: - pull_request: - branches: [main] - push: - workflow_dispatch: - -jobs: - validate: - runs-on: ubuntu-latest - strategy: - matrix: - java: ["8"] - - steps: - - uses: actions/checkout@v3 - - - name: Set up JDK ${{ matrix.java }} - uses: actions/setup-java@v3 - with: - distribution: "temurin" - java-version: ${{ matrix.java }} - cache: "maven" - - - name: Validate - # Temporary disable OMRS config validation - run: mvn --batch-mode --update-snapshots clean install -P validator - - build-and-publish: - needs: validate - uses: mekomsolutions/mekom-github-workflow-maven/.github/workflows/build-publish-workflow.yml@main - with: - webhook-url: https://openmrs-cd.mekomsolutions.net/generic-webhook-trigger/invoke - secrets: - NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} - NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} - OCD3_USERNAME: ${{ secrets.OCD3_USERNAME }} - OCD3_PASSWORD: ${{ secrets.OCD3_PASSWORD }} - if: ${{ github.ref == 'refs/heads/main' }}