GHA Migration (#2594) #850
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Master/Release branch workflow | |
on: | |
push: | |
branches: | |
- master | |
- release/** | |
schedule: | |
- cron: '0 5 * * 3' | |
env: | |
JAVA_VERSION: "11" | |
AWS_REGION: eu-west-1 | |
GIT_USERNAME: ${{ secrets.BOT_GITHUB_USERNAME }} | |
GIT_EMAIL: ${{ secrets.BOT_GITHUB_EMAIL }} | |
GIT_PASSWORD: ${{ secrets.BOT_GITHUB_TOKEN }} | |
DOCKERHUB_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | |
DOCKERHUB_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
MAVEN_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} | |
MAVEN_USERNAME: ${{ secrets.NEXUS_USERNAME }} | |
QUAY_PASSWORD: ${{ secrets.QUAY_PASSWORD }} | |
QUAY_USERNAME: ${{ secrets.QUAY_USERNAME }} | |
GITHUB_ACTIONS_DEPLOY_TIMEOUT: 60 | |
BASE_BUILD_NUMBER: 10000 | |
# Release version has to start with real version (7.1.0-....) for the docker image to build successfully. | |
RELEASE_VERSION: 7.1.0.4 | |
DEVELOPMENT_VERSION: 7.1.0.5-SNAPSHOT | |
jobs: | |
run_ci: | |
uses: ./.github/workflows/ci.yml | |
secrets: inherit | |
docker_latest: | |
name: "Update latest and Single Pipeline <acs>-<build> images" | |
runs-on: ubuntu-latest | |
needs: [run_ci] | |
if: > | |
!(failure() || cancelled()) && | |
!contains(github.event.head_commit.message, '[skip docker_latest]') && | |
github.ref_name == 'master' && github.event_name != 'pull_request' | |
services: | |
registry: | |
image: registry:2 | |
ports: | |
- 5000:5000 | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
persist-credentials: false | |
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected] | |
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected] | |
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected] | |
with: | |
java-version: ${{ env.JAVA_VERSION }} | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
with: | |
platforms: linux/amd64,linux/arm64 | |
- name: "Build" | |
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} | |
run: | | |
bash ./scripts/ci/init.sh | |
bash ./scripts/ci/build.sh | |
- name: Compute final build number | |
run: | | |
echo "COMPUTED_BUILD_NUMBER=$(( $BASE_BUILD_NUMBER + $BUILD_NUMBER ))" >> $GITHUB_ENV | |
- name: "Update images" | |
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} | |
run: mvn -B -V clean install -ntp -DskipTests -Dmaven.javadoc.skip=true -Dbuild-number=${COMPUTED_BUILD_NUMBER} -Pags -Ppush-docker-images,pipeline | |
- name: "Clean Maven cache" | |
run: bash ./scripts/ci/cleanup_cache.sh | |
release: | |
name: "Release and Copy to S3 Staging Bucket" | |
runs-on: ubuntu-latest | |
needs: [docker_latest] | |
if: > | |
!(failure() || cancelled()) && | |
contains(github.event.head_commit.message, '[release]') && | |
github.event_name != 'pull_request' | |
services: | |
registry: | |
image: registry:2 | |
ports: | |
- 5000:5000 | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
persist-credentials: false | |
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected] | |
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected] | |
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected] | |
with: | |
java-version: ${{ env.JAVA_VERSION }} | |
- uses: actions/setup-python@v4 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
with: | |
platforms: linux/amd64,linux/arm64 | |
- name: "Build" | |
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} | |
run: | | |
bash ./scripts/ci/init.sh | |
bash ./scripts/ci/build.sh | |
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected] | |
with: | |
username: ${{ env.GIT_USERNAME }} | |
email: ${{ env.GIT_EMAIL }} | |
global: true | |
- name: Compute final build number | |
run: | | |
echo "COMPUTED_BUILD_NUMBER=$(( $BASE_BUILD_NUMBER + $BUILD_NUMBER ))" >> $GITHUB_ENV | |
- name: "Release" | |
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} | |
run: | | |
bash scripts/ci/verify_release_tag.sh | |
bash scripts/ci/maven_release.sh $COMPUTED_BUILD_NUMBER | |
bash scripts/ci/prepare_staging_deploy.sh | |
- name: "Clean Maven cache" | |
run: bash ./scripts/ci/cleanup_cache.sh | |
- name: "Configure AWS credentials" | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_S3_STAGING_ACCESS_KEY }} | |
aws-secret-access-key: ${{ secrets.AWS_S3_STAGING_SECRET_KEY }} | |
aws-region: ${{ env.AWS_REGION }} | |
- name: "Deploy to S3 Staging Bucket" | |
run: | | |
aws s3 cp --acl private --recursive ./deploy_dir s3://alfresco-artefacts-staging/alfresco-content-services/release/${BRANCH_NAME}/${COMPUTED_BUILD_NUMBER} | |
aws s3 cp --acl private --recursive ./deploy_dir_share s3://alfresco-artefacts-staging/share/${RELEASE_VERSION} | |
aws s3 cp --acl private --recursive ./deploy_dir_ags s3://alfresco-artefacts-staging/enterprise/RM/${RELEASE_VERSION} | |
bash scripts/ci/copy_share_image_to_docker_hub.sh | |
echo "Finished release and deployed to https://s3.console.aws.amazon.com/s3/buckets/alfresco-artefacts-staging/alfresco-content-services/release/${BRANCH_NAME}/${COMPUTED_BUILD_NUMBER}" | |
publish: | |
name: "Copy to S3 Release Bucket" | |
runs-on: ubuntu-latest | |
needs: [release] | |
if: > | |
!(failure() || cancelled()) && | |
contains(github.event.head_commit.message, '[publish]') && | |
github.event_name != 'pull_request' | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
persist-credentials: false | |
fetch-depth: 0 | |
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected] | |
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected] | |
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected] | |
with: | |
java-version: ${{ env.JAVA_VERSION }} | |
- name: "Init" | |
run: bash ./scripts/ci/init.sh | |
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected] | |
with: | |
username: ${{ env.GIT_USERNAME }} | |
email: ${{ env.GIT_EMAIL }} | |
global: true | |
- name: "Rebuild the artifacts and publish them to enterprise-releases" | |
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }} | |
run: bash scripts/ci/maven_publish.sh | |
- name: "Configure AWS credentials" | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_S3_RELEASE_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_S3_RELEASE_SECRET_ACCESS_KEY }} | |
aws-region: ${{ env.AWS_REGION }} | |
- name: Compute final build number | |
run: | | |
echo "COMPUTED_BUILD_NUMBER=$(( $BASE_BUILD_NUMBER + $BUILD_NUMBER ))" >> $GITHUB_ENV | |
- name: "Deploy to S3 Release Bucket" | |
run: | | |
bash scripts/ci/copy_to_release_bucket.sh $COMPUTED_BUILD_NUMBER | |
bash scripts/ci/copy_share_to_release_bucket.sh | |
bash scripts/ci/copy_ags_to_release_bucket.sh | |
- name: "Clean Maven cache" | |
run: bash ./scripts/ci/cleanup_cache.sh | |
update_downstream: | |
name: "Update acs-community-packaging (after release)" | |
runs-on: ubuntu-latest | |
needs: [publish] | |
if: > | |
!(failure() || cancelled()) && | |
(contains(github.event.head_commit.message, '[downstream]') || (contains(github.event.head_commit.message, '[release]') && | |
!contains(github.event.head_commit.message, '[no downstream]'))) && | |
github.event_name != 'pull_request' | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
persist-credentials: false | |
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected] | |
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected] | |
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected] | |
with: | |
java-version: ${{ env.JAVA_VERSION }} | |
- name: "Init" | |
run: bash ./scripts/ci/init.sh | |
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected] | |
with: | |
username: ${{ env.GIT_USERNAME }} | |
email: ${{ env.GIT_EMAIL }} | |
global: true | |
- name: "Update downstream" | |
run: bash ./scripts/ci/update_downstream.sh | |
env: | |
COMMIT_MESSAGE: ${{ github.event.head_commit.message }} | |
- name: "Clean Maven cache" | |
run: bash ./scripts/ci/cleanup_cache.sh |