This repository has been archived by the owner on Mar 14, 2024. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 5
226 lines (205 loc) · 8.51 KB
/
backend.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
name: Backend
# Suppress Spinner because it appears as warnings
env:
SUPPRESS_SPINNER: true
# Controls when the action will run. Triggers the workflow on push or pull request
on:
push:
branches:
- 'master'
paths:
- '*'
- '.github/workflows/backend.yml'
- 'common/**'
- 'backend/**'
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
build:
# The type of runner that the job will run on
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v2
with:
fetch-depth: 0 # Required to retrieve git history
# Get repo metadata so we can use it in the build scripts
- name: Repo metadata
id: repo
uses: actions/github-script@v5
with:
script: |
const repo = await github.rest.repos.get({owner: context.repo.owner, repo: context.repo.repo})
return repo.data
# Caching
- name: Cache Gradle deps
uses: actions/cache@v2
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: |
${{ runner.os }}-gradle-
- name: Cache NPM
uses: actions/cache@v2
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "::set-output name=dir::$(yarn cache dir)"
- name: Cache Yarn
uses: actions/cache@v2
id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- name: Cache SonarCloud packages
uses: actions/cache@v1
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
# Setup Environments
- name: Setup Java
uses: actions/[email protected]
with:
distribution: 'temurin'
java-version: '11' # The JDK version to make available on the path.
java-package: jdk # (jre, jdk, or jdk+fx) - defaults to jdk
architecture: x64 # (x64 or x86) - defaults to x64
- name: Setup Node
uses: actions/[email protected]
with:
node-version: '14'
- id: install-secret-key
name: Install gpg secret key
run: |
cat <(echo -e "${{ secrets.OSSRH_GPG_SECRET_KEY }}") | gpg --batch --import
gpg --list-secret-keys --keyid-format LONG
- name: Setup dotnet
uses: actions/setup-dotnet@v3
with:
dotnet-version: 5.0.x
- name: Build Server Projects
run: ./gradlew clean && ./gradlew build
- name: Cleanup Gradle Cache
# Remove some files from the Gradle cache, so they aren't cached by GitHub Actions.
# Restoring these files from a GitHub Actions cache might cause problems for future builds.
run: |
rm -f ~/.gradle/caches/modules-2/modules-2.lock
rm -f ~/.gradle/caches/modules-2/gc.properties
- name: Release Server Projects
env:
OSSRH_USER: ${{ secrets.OSSRH_USER }}
OSSRH_USER_TOKEN: ${{ secrets.OSSRH_USER_TOKEN }}
GITHUB_TOKEN: ${{ github.token }}
run: |
./gradlew publish \
-PversionPostfix=SNAPSHOT \
-Psigning.gnupg.passphrase=${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }} \
-Psigning.gnupg.keyName=$(gpg --list-secret-keys --keyid-format LONG | grep "sec" | awk -F'[/ ]' '{print $5}' | head -n 1)
# Analyze
- name: Analyze sprout-core
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_CORE }}
GITHUB_TOKEN: ${{ github.token }}
run: ./gradlew :sprout-core:sonarqube --info
- name: Analyze sprout-spring-boot-starter
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_STARTER }}
GITHUB_TOKEN: ${{ github.token }}
run: ./gradlew :sprout-spring-boot-starter:sonarqube --info
- name: Analyze sprout-server
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_SERVER }}
GITHUB_TOKEN: ${{ github.token }}
run: ./gradlew :sprout-server:sonarqube --info
- name: Analyze sprout-modules-forms
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_FORMS }}
GITHUB_TOKEN: ${{ github.token }}
run: ./gradlew :sprout-modules-forms:sonarqube --info
# Setup for Docker build
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
# Cache Docker layers
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
# Set some output variables based on the repo metadata
- name: Prepare Server Docker Image
id: prep_server_docker
run: |
DOCKER_IMAGE=savantly/sprout-server
VERSION=noop
if [ "${{ github.event_name }}" = "schedule" ]; then
VERSION=nightly
elif [[ $GITHUB_REF == refs/tags/* ]]; then
VERSION=${GITHUB_REF#refs/tags/}
elif [[ $GITHUB_REF == refs/heads/* ]]; then
VERSION=$(echo ${GITHUB_REF#refs/heads/} | sed -r 's#/+#-#g')
if [ "${{ github.event.repository.default_branch }}" = "$VERSION" ]; then
VERSION=latest
fi
elif [[ $GITHUB_REF == refs/pull/* ]]; then
VERSION=pr-${{ github.event.number }}
fi
TAGS="${DOCKER_IMAGE}:${VERSION}"
if [[ $VERSION =~ ^v[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
MINOR=${VERSION%.*}
MAJOR=${MINOR%.*}
TAGS="$TAGS,${DOCKER_IMAGE}:${MINOR},${DOCKER_IMAGE}:${MAJOR},${DOCKER_IMAGE}:latest"
elif [ "${{ github.event_name }}" = "push" ]; then
TAGS="$TAGS,${DOCKER_IMAGE}:sha-${GITHUB_SHA::8}"
fi
echo ::set-output name=version::${VERSION}
echo ::set-output name=tags::${TAGS}
echo ::set-output name=created::$(date -u +'%Y-%m-%dT%H:%M:%SZ')
# Build and push server docker image
- name: Build and push
id: docker_build_server
uses: docker/build-push-action@v2
with:
context: ./backend/server
file: ./backend/server/Dockerfile
platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.prep_server_docker.outputs.tags }}
labels: |
org.opencontainers.image.title=${{ fromJson(steps.repo.outputs.result).name }}
org.opencontainers.image.description=${{ fromJson(steps.repo.outputs.result).description }}
org.opencontainers.image.url=${{ fromJson(steps.repo.outputs.result).html_url }}
org.opencontainers.image.source=${{ fromJson(steps.repo.outputs.result).clone_url }}
org.opencontainers.image.version=${{ steps.prep_server_docker.outputs.version }}
org.opencontainers.image.created=${{ steps.prep_server_docker.outputs.created }}
org.opencontainers.image.revision=${{ github.sha }}
org.opencontainers.image.licenses=${{ fromJson(steps.repo.outputs.result).license.spdx_id }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
- name: Login to Heroku
uses: akhileshns/[email protected]
with:
heroku_api_key: ${{secrets.HEROKU_API_KEY}}
heroku_app_name: ""
heroku_email: ${{secrets.HEROKU_EMAIL}}
justlogin: true
- name: Deploy to Heroku
run: ./scripts/deployHeroku.sh