Pbs 108 deploy #412
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time | |
| # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven | |
| # This workflow uses actions that are not certified by GitHub. | |
| # They are provided by a third-party and are governed by | |
| # separate terms of service, privacy policy, and support | |
| # documentation. | |
| name: POD Booking System Server CI with Maven and SonarCloud | |
| on: | |
| push: | |
| branches: [ "main", "develop" ] | |
| pull_request: | |
| branches: [ "main", "develop" ] | |
| jobs: | |
| build: | |
| name: Build and analyze | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis | |
| - name: Set up JDK 21 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '21' | |
| distribution: 'temurin' | |
| cache: maven | |
| - name: Cache SonarCloud packages | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.sonar/cache | |
| key: ${{ runner.os }}-sonar | |
| restore-keys: ${{ runner.os }}-sonar | |
| - name: Cache Maven packages | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.m2 | |
| key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: ${{ runner.os }}-m2 | |
| # Generate application.yml from environment variables | |
| - name: Generate application.yml | |
| run: | | |
| mkdir -p src/main/resources | |
| echo "server:" >> src/main/resources/application.yaml | |
| echo " port: 8080" >> src/main/resources/application.yaml | |
| echo "" >> src/main/resources/application.yaml | |
| echo "openapi:" >> src/main/resources/application.yaml | |
| echo " service: " >> src/main/resources/application.yaml | |
| echo " api-docs: api-service" >> src/main/resources/application.yaml | |
| echo " server: \"${{ secrets.SERVER_API_URL }}\"" >> src/main/resources/application.yaml | |
| echo " title: API Service" >> src/main/resources/application.yaml | |
| echo " version: 1.0.0" >> src/main/resources/application.yaml | |
| echo "spring:" >> src/main/resources/application.yaml | |
| echo " datasource:" >> src/main/resources/application.yaml | |
| echo " url: \"${{ secrets.DATABASE_URL }}\"" >> src/main/resources/application.yaml | |
| echo " username: \"${{ secrets.DATABASE_USERNAME }}\"" >> src/main/resources/application.yaml | |
| echo " password: \"${{ secrets.DATABASE_PASSWORD }}\"" >> src/main/resources/application.yaml | |
| echo " driver-class-name: com.mysql.cj.jdbc.Driver" >> src/main/resources/application.yaml | |
| echo " jpa:" >> src/main/resources/application.yaml | |
| echo " hibernate:" >> src/main/resources/application.yaml | |
| echo " ddl-auto: update" >> src/main/resources/application.yaml | |
| echo " naming:" >> src/main/resources/application.yaml | |
| echo " implicit-strategy: org.hibernate.boot.model.naming.ImplicitNamingStrategyLegacyJpaImpl" >> src/main/resources/application.yaml | |
| echo " physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl" >> src/main/resources/application.yaml | |
| echo " show-sql: true" >> src/main/resources/application.yaml | |
| echo " mail:" >> src/main/resources/application.yaml | |
| echo " host: \"${{ secrets.MAIL_HOST }}\"" >> src/main/resources/application.yaml | |
| echo " port: \"${{ secrets.MAIL_PORT }}\"" >> src/main/resources/application.yaml | |
| echo " username: \"${{ secrets.MAIL_USERNAME }}\"" >> src/main/resources/application.yaml | |
| echo " password: \"${{ secrets.MAIL_PASSWORD }}\"" >> src/main/resources/application.yaml | |
| echo " properties:" >> src/main/resources/application.yaml | |
| echo " mail:" >> src/main/resources/application.yaml | |
| echo " smtp:" >> src/main/resources/application.yaml | |
| echo " auth: true" >> src/main/resources/application.yaml | |
| echo " starttls:" >> src/main/resources/application.yaml | |
| echo " enable: true" >> src/main/resources/application.yaml | |
| echo " security:" >> src/main/resources/application.yaml | |
| echo " oauth2:" >> src/main/resources/application.yaml | |
| echo " client:" >> src/main/resources/application.yaml | |
| echo " registration:" >> src/main/resources/application.yaml | |
| echo " google:" >> src/main/resources/application.yaml | |
| echo " client-id: \"${{ secrets.GOOGLE_CLIENT_ID }}\"" >> src/main/resources/application.yaml | |
| echo " client-secret: \"${{ secrets.GOOGLE_CLIENT_SECRET }}\"" >> src/main/resources/application.yaml | |
| echo " scope:" >> src/main/resources/application.yaml | |
| echo " - email" >> src/main/resources/application.yaml | |
| echo " - profile" >> src/main/resources/application.yaml | |
| echo "" >> src/main/resources/application.yaml | |
| echo "jwt:" >> src/main/resources/application.yaml | |
| echo " JWT_SECRET_ACCESS_TOKEN: \"${{ secrets.JWT_SECRET_ACCESS_TOKEN }}\"" >> src/main/resources/application.yaml | |
| echo " JWT_SECRET_REFRESH_TOKEN: \"${{ secrets.JWT_SECRET_REFRESH_TOKEN }}\"" >> src/main/resources/application.yaml | |
| echo "" >> src/main/resources/application.yaml | |
| echo "google:" >> src/main/resources/application.yaml | |
| echo " success: \"${{ secrets.GOOGLE_SUCCESS }}\"" >> src/main/resources/application.yaml | |
| echo " failure: \"${{ secrets.GOOGLE_FAILURE }}\"" >> src/main/resources/application.yaml | |
| echo "vnpay:" >> src/main/resources/application.yaml | |
| echo " tmn-code: \"${{ secrets.VNPAY_TMN_CODE }}\"" >> src/main/resources/application.yaml | |
| echo " hash-secret: \"${{ secrets.VNPAY_HASH_SECRET }}\"" >> src/main/resources/application.yaml | |
| echo " return-url: \"${{ secrets.VNPAY_RETURN_URL }}\"" >> src/main/resources/application.yaml | |
| echo " url: \"${{ secrets.VNPAY_URL }}\"" >> src/main/resources/application.yaml | |
| - name: Build, test and analyze | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| run: mvn -B verify org.jacoco:jacoco-maven-plugin:report org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=Hoang-Nguyen-Huy_pod-booking-system-server | |
| - name: Build application | |
| run: mvn clean package -DskipTests | |
| - name: Save JAR artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: pod_booking_system_server_jar | |
| path: out/artifacts/pod_booking_system_server_jar/*.jar | |
| deploy: | |
| name: Deploy to Server | |
| runs-on: ubuntu-22.04 | |
| needs: build # Job deploy depend on job build | |
| steps: | |
| - name: Check out code | |
| uses: actions/checkout@v4 | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Build and tag Docker image | |
| run: | | |
| docker build -t hoanghuynguyen/pod-booking-system-server:latest . | |
| - name: Push Docker image to Docker Hub | |
| run: | | |
| docker push hoanghuynguyen/pod-booking-system-server:latest | |
| - name: Deploy to server | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ secrets.SERVER_HOST }} | |
| username: ${{ secrets.SERVER_USER }} | |
| key: ${{ secrets.SERVER_SSH_KEY }} | |
| script: | | |
| cd swp | |
| docker pull hoanghuynguyen/pod-booking-system-server:latest | |
| docker compose up -d | |
| # # Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive | |
| # - name: Update dependency graph | |
| # uses: advanced-security/maven-dependency-submission-action@571e99aab1055c2e71a1e2309b9691de18d6b7d6 |