Introduction of GitHub actions and GitLab Pages workflow #2
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| push: | |
| branches: ["main"] | |
| pull_request: | |
| branches: ["main"] | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| name: "Build and Verify" | |
| outputs: | |
| sha_sort: ${{ steps.vars.outputs.sha_short }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set vars | |
| id: vars | |
| run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: "17" | |
| distribution: "temurin" | |
| cache: maven | |
| - name: Build with Maven | |
| run: mvn --batch-mode -V -U verify -Dsurefire.useFile=false | |
| - name: Publish Test Report | |
| uses: mikepenz/action-junit-report@v4 | |
| if: success() || failure() | |
| with: | |
| report_paths: "**/target/surefire-reports/**/*.xml" | |
| - name: Archive Service | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: dist-service | |
| path: | | |
| service/target/quarkus-app | |
| - name: Archive CLI | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: dist-cli | |
| path: | | |
| cli/target/quarkus-app | |
| image-service: | |
| runs-on: ubuntu-latest | |
| name: "Image / Service" | |
| needs: build | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Download Service | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: dist-service | |
| path: service/target/quarkus-app | |
| - name: Build Image | |
| id: build-image | |
| uses: redhat-actions/buildah-build@v2 | |
| with: | |
| image: sbomer-service | |
| tags: latest ${{ needs.build.outputs.sha_sort }} | |
| containerfiles: | | |
| ./images/sbomer-service/Containerfile | |
| - name: Push to Quay | |
| id: push-to-quay | |
| uses: redhat-actions/push-to-registry@v2 | |
| with: | |
| image: ${{ steps.build-image.outputs.image }} | |
| tags: ${{ steps.build-image.outputs.tags }} | |
| registry: ${{ secrets.REGISTRY_ORG_STAGE }} | |
| username: ${{ secrets.REGISTRY_USER_STAGE }} | |
| password: ${{ secrets.REGISTRY_PASSWORD_STAGE }} | |
| image-cache: | |
| runs-on: ubuntu-latest | |
| name: "Image / Cache" | |
| needs: build | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Populate certificates | |
| run: | | |
| mkdir certs | |
| echo $IT_ROOT_CA_2022 > certs/2022-IT-Root-CA.pem | |
| - name: Build Image | |
| id: build-image | |
| uses: redhat-actions/buildah-build@v2 | |
| with: | |
| image: sbomer-cache | |
| tags: latest ${{ needs.build.outputs.sha_sort }} | |
| containerfiles: | | |
| ./images/sbomer-cache/Containerfile | |
| - name: Push to Quay | |
| id: push-to-quay | |
| uses: redhat-actions/push-to-registry@v2 | |
| with: | |
| image: ${{ steps.build-image.outputs.image }} | |
| tags: ${{ steps.build-image.outputs.tags }} | |
| registry: ${{ secrets.REGISTRY_ORG_STAGE }} | |
| username: ${{ secrets.REGISTRY_USER_STAGE }} | |
| password: ${{ secrets.REGISTRY_PASSWORD_STAGE }} | |
| image-generator: | |
| runs-on: ubuntu-latest | |
| name: "Image / Generator" | |
| needs: build | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Populate certificates | |
| run: | | |
| mkdir certs | |
| echo $IT_ROOT_CA_2022 > certs/2022-IT-Root-CA.pem | |
| echo $IT_ROOT_CA_2015 > certs/2015-IT-Root-CA.pem | |
| echo $CA_CHAIN > rhcs-ca-chain-2022-cross-signed-2015.crt | |
| - name: Download CLI | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: dist-cli | |
| path: cli/target/quarkus-app | |
| - name: Build Image | |
| id: build-image | |
| uses: redhat-actions/buildah-build@v2 | |
| with: | |
| image: sbomer-generator | |
| tags: latest ${{ needs.build.outputs.sha_sort }} | |
| containerfiles: | | |
| ./images/sbomer-generator/Containerfile | |
| - name: Push to Quay | |
| id: push-to-quay | |
| uses: redhat-actions/push-to-registry@v2 | |
| with: | |
| image: ${{ steps.build-image.outputs.image }} | |
| tags: ${{ steps.build-image.outputs.tags }} | |
| registry: ${{ secrets.REGISTRY_ORG_STAGE }} | |
| username: ${{ secrets.REGISTRY_USER_STAGE }} | |
| password: ${{ secrets.REGISTRY_PASSWORD_STAGE }} |