From e45e2b1db6530ab23147261fc21106de50b541b4 Mon Sep 17 00:00:00 2001 From: Marek Goldmann Date: Fri, 26 Jan 2024 16:51:26 +0100 Subject: [PATCH] ci: guard jobs --- .github/workflows/build.yml | 211 ++++++++++++++++++------------------ 1 file changed, 107 insertions(+), 104 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 47300b9ad..6a37a60f0 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -7,79 +7,81 @@ on: branches: ["main"] jobs: - # build: - # runs-on: ubuntu-latest - # name: "Build and Verify" + build: + runs-on: ubuntu-latest + name: "Build and Verify" - # outputs: - # sha_sort: ${{ steps.vars.outputs.sha_short }} + outputs: + sha_sort: ${{ steps.vars.outputs.sha_short }} - # steps: - # - uses: actions/checkout@v4 - # - name: Set vars - # id: vars - # run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT - # - name: Set up JDK 17 - # uses: actions/setup-java@v3 - # with: - # java-version: "17" - # distribution: "temurin" - # cache: maven - # - name: Build with Maven - # run: mvn --batch-mode -V -U verify -Dsurefire.useFile=false - # - name: Publish Test Report - # uses: mikepenz/action-junit-report@v4 - # if: success() || failure() - # with: - # report_paths: "**/target/surefire-reports/**/*.xml" - # - name: Archive Service - # uses: actions/upload-artifact@v4 - # with: - # name: dist-service - # path: | - # service/target/quarkus-app - # - name: Archive CLI - # uses: actions/upload-artifact@v4 - # with: - # name: dist-cli - # path: | - # cli/target/quarkus-app + steps: + - uses: actions/checkout@v4 + - name: Set vars + id: vars + run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT + - name: Set up JDK 17 + uses: actions/setup-java@v3 + with: + java-version: "17" + distribution: "temurin" + cache: maven + - name: Build with Maven + run: mvn --batch-mode -V -U verify -Dsurefire.useFile=false + - name: Publish Test Report + uses: mikepenz/action-junit-report@v4 + if: success() || failure() + with: + report_paths: "**/target/surefire-reports/**/*.xml" + - name: Archive Service + uses: actions/upload-artifact@v4 + with: + name: dist-service + path: | + service/target/quarkus-app + - name: Archive CLI + uses: actions/upload-artifact@v4 + with: + name: dist-cli + path: | + cli/target/quarkus-app - # image-service: - # runs-on: ubuntu-latest - # name: "Image / Service" - # needs: build - # steps: - # - uses: actions/checkout@v4 - # - name: Download Service - # uses: actions/download-artifact@v4 - # with: - # name: dist-service - # path: service/target/quarkus-app - # - name: Build Image - # id: build-image - # uses: redhat-actions/buildah-build@v2 - # with: - # image: sbomer-service - # layers: true - # tags: latest ${{ needs.build.outputs.sha_sort }} - # containerfiles: | - # ./images/sbomer-service/Containerfile + image-service: + runs-on: ubuntu-latest + if: github.ref == 'refs/heads/main' + name: "Image / Service" + needs: build + steps: + - uses: actions/checkout@v4 + - name: Download Service + uses: actions/download-artifact@v4 + with: + name: dist-service + path: service/target/quarkus-app + - name: Build Image + id: build-image + uses: redhat-actions/buildah-build@v2 + with: + image: sbomer-service + layers: true + tags: latest ${{ needs.build.outputs.sha_sort }} + containerfiles: | + ./images/sbomer-service/Containerfile - # - name: Push to Quay - # id: push-to-quay - # uses: redhat-actions/push-to-registry@v2 - # with: - # image: ${{ steps.build-image.outputs.image }} - # tags: ${{ steps.build-image.outputs.tags }} - # registry: ${{ secrets.REGISTRY_ORG_STAGE }} - # username: ${{ secrets.REGISTRY_USER_STAGE }} - # password: ${{ secrets.REGISTRY_PASSWORD_STAGE }} + - name: Push to Quay + id: push-to-quay + uses: redhat-actions/push-to-registry@v2 + with: + image: ${{ steps.build-image.outputs.image }} + tags: ${{ steps.build-image.outputs.tags }} + registry: ${{ secrets.REGISTRY_ORG_STAGE }} + username: ${{ secrets.REGISTRY_USER_STAGE }} + password: ${{ secrets.REGISTRY_PASSWORD_STAGE }} image-cache: runs-on: ubuntu-latest + if: github.ref == 'refs/heads/main' name: "Image / Cache" - # needs: build + needs: build steps: - uses: actions/checkout@v4 - name: Populate certificates @@ -108,43 +110,44 @@ jobs: username: ${{ secrets.REGISTRY_USER_STAGE }} password: ${{ secrets.REGISTRY_PASSWORD_STAGE }} - # image-generator: - # runs-on: ubuntu-latest - # name: "Image / Generator" - # needs: build - # steps: - # - uses: actions/checkout@v4 - # - name: Populate certificates - # env: - # IT_ROOT_CA_2022: ${{ secrets.IT_ROOT_CA_2022 }} - # IT_ROOT_CA_2015: ${{ secrets.IT_ROOT_CA_2015 }} - # CA_CHAIN: ${{ secrets.CA_CHAIN }} - # run: | - # mkdir certs - # echo $IT_ROOT_CA_2022 > certs/2022-IT-Root-CA.pem - # echo $IT_ROOT_CA_2015 > certs/2015-IT-Root-CA.pem - # echo $CA_CHAIN > certs/rhcs-ca-chain-2022-cross-signed-2015.crt - # - name: Download CLI - # uses: actions/download-artifact@v4 - # with: - # name: dist-cli - # path: cli/target/quarkus-app - # - name: Build Image - # id: build-image - # uses: redhat-actions/buildah-build@v2 - # with: - # image: sbomer-generator - # layers: true - # tags: latest ${{ needs.build.outputs.sha_sort }} - # containerfiles: | - # ./images/sbomer-generator/Containerfile + image-generator: + runs-on: ubuntu-latest + if: github.ref == 'refs/heads/main' + name: "Image / Generator" + needs: build + steps: + - uses: actions/checkout@v4 + - name: Populate certificates + env: + IT_ROOT_CA_2022: ${{ secrets.IT_ROOT_CA_2022 }} + IT_ROOT_CA_2015: ${{ secrets.IT_ROOT_CA_2015 }} + CA_CHAIN: ${{ secrets.CA_CHAIN }} + run: | + mkdir certs + echo $IT_ROOT_CA_2022 > certs/2022-IT-Root-CA.pem + echo $IT_ROOT_CA_2015 > certs/2015-IT-Root-CA.pem + echo $CA_CHAIN > certs/rhcs-ca-chain-2022-cross-signed-2015.crt + - name: Download CLI + uses: actions/download-artifact@v4 + with: + name: dist-cli + path: cli/target/quarkus-app + - name: Build Image + id: build-image + uses: redhat-actions/buildah-build@v2 + with: + image: sbomer-generator + layers: true + tags: latest ${{ needs.build.outputs.sha_sort }} + containerfiles: | + ./images/sbomer-generator/Containerfile - # - name: Push to Quay - # id: push-to-quay - # uses: redhat-actions/push-to-registry@v2 - # with: - # image: ${{ steps.build-image.outputs.image }} - # tags: ${{ steps.build-image.outputs.tags }} - # registry: ${{ secrets.REGISTRY_ORG_STAGE }} - # username: ${{ secrets.REGISTRY_USER_STAGE }} - # password: ${{ secrets.REGISTRY_PASSWORD_STAGE }} + - name: Push to Quay + id: push-to-quay + uses: redhat-actions/push-to-registry@v2 + with: + image: ${{ steps.build-image.outputs.image }} + tags: ${{ steps.build-image.outputs.tags }} + registry: ${{ secrets.REGISTRY_ORG_STAGE }} + username: ${{ secrets.REGISTRY_USER_STAGE }} + password: ${{ secrets.REGISTRY_PASSWORD_STAGE }}