Add support for Ory auth #444
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Continuous integration, including test and integration test | |
name: CI | |
# Run in master and dev branches and in all pull requests to those branches | |
on: | |
push: | |
branches: [ master, dev ] | |
pull_request: | |
branches: [ master, dev ] | |
jobs: | |
# Build and test the code | |
kotlin: | |
# The type of runner that the job will run on | |
runs-on: ubuntu-latest | |
# Steps represent a sequence of tasks that will be executed as part of the job | |
steps: | |
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-java@v3 | |
with: | |
distribution: temurin | |
java-version: 17 | |
- name: Setup Gradle | |
uses: gradle/gradle-build-action@v2 | |
- name: Compile code | |
run: ./gradlew assemble | |
# Gradle check | |
- name: Check | |
run: ./gradlew check | |
# Build and test the code | |
node: | |
# The type of runner that the job will run on | |
runs-on: ubuntu-latest | |
# Steps represent a sequence of tasks that will be executed as part of the job | |
steps: | |
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
- uses: actions/checkout@v3 | |
- name: Use Node.js 18 | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
cache: yarn | |
cache-dependency-path: '**/yarn.lock' | |
# Install npm dependencies | |
- name: Install Yarn dependencies | |
working-directory: ./authorizer-app | |
run: yarn install | |
- name: Yarn build | |
working-directory: ./authorizer-app | |
run: yarn build | |
# Build and push tagged release backend docker image | |
dockerBackend: | |
# The type of runner that the job will run on | |
runs-on: ubuntu-latest | |
env: | |
DOCKER_IMAGE: radarbase/radar-rest-source-auth-backend | |
# Steps represent a sequence of tasks that will be executed as part of the job | |
steps: | |
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
- uses: actions/checkout@v3 | |
- name: Login to Docker Hub | |
uses: docker/login-action@v2 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
# Add Docker labels and tags | |
- name: Docker meta | |
id: docker_meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: ${{ env.DOCKER_IMAGE }} | |
# Setup docker build environment | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Cache layers | |
id: cache-buildx | |
uses: actions/cache@v3 | |
with: | |
path: /tmp/.buildx-cache | |
key: ${{ runner.os }}-buildx-backend-${{ hashFiles('authorizer-app-backend/Dockerfile', '**/*.gradle.kts', 'gradle.properties', 'authorizer-app-backend/src/main/**') }} | |
restore-keys: | | |
${{ runner.os }}-buildx-backend- | |
- name: Cache parameters | |
id: cache-parameters | |
run: | | |
if [ "${{ steps.cache-buildx.outputs.cache-hit }}" = "true" ]; then | |
echo "cache-to=" >> $GITHUB_OUTPUT | |
echo "load-cache-from=type=local,src=/tmp/.buildx-cache" >> $GITHUB_OUTPUT | |
else | |
echo "cache-to=type=local,dest=/tmp/.buildx-cache-new,mode=max" >> $GITHUB_OUTPUT | |
echo "load-cache-from=type=local,src=/tmp/.buildx-cache-new" >> $GITHUB_OUTPUT | |
fi | |
- name: Build backend docker | |
uses: docker/build-push-action@v3 | |
with: | |
context: . | |
file: ./authorizer-app-backend/Dockerfile | |
platforms: linux/amd64,linux/arm64 | |
cache-from: type=local,src=/tmp/.buildx-cache | |
cache-to: ${{ steps.cache-parameters.outputs.cache-to }} | |
push: ${{ github.event_name != 'pull_request' }} | |
tags: ${{ steps.docker_meta.outputs.tags }} | |
# Use runtime labels from docker_meta_backend as well as fixed labels | |
labels: | | |
${{ steps.docker_meta.outputs.labels }} | |
maintainer=Nivethika Mahasivam <[email protected]>, Pauline Conde <[email protected]>, Bastiaan de Graaf <[email protected]> | |
org.opencontainers.image.description=RADAR-base rest sources authorizer backend application | |
org.opencontainers.image.authors=Nivethika Mahasivam <[email protected]>, Pauline Conde <[email protected]>, Bastiaan de Graaf <[email protected]> | |
org.opencontainers.image.vendor=RADAR-base | |
org.opencontainers.image.licenses=Apache-2.0 | |
# will use the internal cache from the previous build step, and load it into the current memory | |
- name: Build backend docker locally | |
uses: docker/build-push-action@v3 | |
with: | |
context: ./ | |
file: ./authorizer-app-backend/Dockerfile | |
cache-from: ${{ steps.cache-parameters.outputs.load-cache-from }} | |
load: true | |
tags: ${{ steps.docker_meta.outputs.tags }} | |
- name: Inspect docker image | |
run: docker image inspect ${{ env.DOCKER_IMAGE }}:${{ steps.docker_meta.outputs.version }} | |
- name: Check docker image | |
run: | | |
docker run --rm ${{ env.DOCKER_IMAGE }}:${{ steps.docker_meta.outputs.version }} curl --version | |
docker run --rm ${{ env.DOCKER_IMAGE }}:${{ steps.docker_meta.outputs.version }} authorizer-app-backend --help | |
# Temp fix | |
# https://github.com/docker/build-push-action/issues/252 | |
# https://github.com/moby/buildkit/issues/1896 | |
- name: Move docker build cache | |
if: steps.cache-buildx.outputs.cache-hit != 'true' | |
run: | | |
rm -rf /tmp/.buildx-cache | |
mv /tmp/.buildx-cache-new /tmp/.buildx-cache | |
dockerFrontend: | |
# The type of runner that the job will run on | |
runs-on: ubuntu-latest | |
env: | |
DOCKER_IMAGE: radarbase/radar-rest-source-authorizer | |
# Steps represent a sequence of tasks that will be executed as part of the job | |
steps: | |
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
- uses: actions/checkout@v3 | |
- name: Login to Docker Hub | |
uses: docker/login-action@v2 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
# Add Docker labels and tags | |
- name: Docker meta | |
id: docker_meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: ${{ env.DOCKER_IMAGE }} | |
# Setup docker build environment | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Cache frontend layers | |
id: cache-buildx | |
uses: actions/cache@v3 | |
with: | |
path: /tmp/.buildx-cache | |
key: ${{ runner.os }}-buildx-frontend-${{ hashFiles('authorizer-app/**') }} | |
restore-keys: | | |
${{ runner.os }}-buildx-frontend- | |
- name: Cache parameters | |
id: cache-parameters | |
run: | | |
if [ "${{ steps.cache-buildx.outputs.cache-hit }}" = "true" ]; then | |
echo "cache-to=" >> $GITHUB_OUTPUT | |
echo "load-cache-from=type=local,src=/tmp/.buildx-cache" >> $GITHUB_OUTPUT | |
else | |
echo "cache-to=type=local,dest=/tmp/.buildx-cache-new,mode=max" >> $GITHUB_OUTPUT | |
echo "load-cache-from=type=local,src=/tmp/.buildx-cache-new" >> $GITHUB_OUTPUT | |
fi | |
- name: Build frontend docker | |
uses: docker/build-push-action@v3 | |
with: | |
context: ./authorizer-app | |
platforms: linux/amd64,linux/arm64 | |
cache-from: type=local,src=/tmp/.buildx-cache | |
cache-to: ${{ steps.cache-parameters.outputs.cache-to }} | |
push: ${{ github.event_name != 'pull_request' }} | |
tags: ${{ steps.docker_meta.outputs.tags }} | |
# Use runtime labels from docker_meta as well as fixed labels | |
labels: | | |
${{ steps.docker_meta.outputs.labels }} | |
maintainer=Peyman Mohtashami <[email protected]>, Pauline Conde <[email protected]> | |
org.opencontainers.image.description=RADAR-base rest sources authorizer frontend application | |
org.opencontainers.image.authors=Peyman Mohtashami <[email protected]>, Pauline Conde <[email protected]> | |
org.opencontainers.image.vendor=RADAR-base | |
org.opencontainers.image.licenses=Apache-2.0 | |
- name: Build frontend docker locally | |
uses: docker/build-push-action@v3 | |
with: | |
context: ./authorizer-app | |
cache-from: ${{ steps.cache-parameters.outputs.load-cache-from }} | |
load: true | |
tags: ${{ steps.docker_meta.outputs.tags }} | |
- name: Inspect docker image | |
run: docker image inspect ${{ env.DOCKER_IMAGE }}:${{ steps.docker_meta.outputs.version }} | |
# Temp fix | |
# https://github.com/docker/build-push-action/issues/252 | |
# https://github.com/moby/buildkit/issues/1896 | |
- name: Move docker build cache | |
if: steps.cache-buildx.outputs.cache-hit != 'true' | |
run: | | |
rm -rf /tmp/.buildx-cache | |
mv /tmp/.buildx-cache-new /tmp/.buildx-cache |