1.0.30 #222
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD | |
on: | |
pull_request: | |
types: [opened, synchronize, reopened, closed] | |
branches: | |
- main | |
release: | |
types: [published] | |
concurrency: | |
group: ${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
prepare: | |
runs-on: ubuntu-latest | |
outputs: | |
tag_version: ${{ steps.set-tag-version.outputs.TAG_VERSION }} | |
push_image: ${{ steps.set-push-image.outputs.PUSH_IMAGE }} | |
deploy: ${{ steps.set-deploy.outputs.DEPLOY }} | |
environment: ${{ steps.set-deploy.outputs.ENVIRONMENT }} | |
env: | |
pr_merged: ${{ github.event_name == 'pull_request' && github.event.pull_request.merged == true }} | |
release_published: ${{ github.event_name == 'release' && github.event.action == 'published' }} | |
steps: | |
- name: Validate release target branch | |
if: ${{ github.event_name == 'release' }} | |
run: | | |
if [[ "${{ github.event.release.target_commitish }}" != "${{ github.event.repository.default_branch }}" ]]; then | |
echo "Release target branch is not the default branch" | |
exit 1 | |
fi | |
- name: Set tag version | |
id: set-tag-version | |
shell: bash | |
run: | | |
if [ -n "${{ github.event.release.tag_name }}" ]; then | |
echo "Setting TAG_VERSION to ${{ github.event.release.tag_name }}" | |
echo "TAG_VERSION=${{ github.event.release.tag_name }}" >> "$GITHUB_OUTPUT" | |
else | |
echo "Setting TAG_VERSION to `echo ${{ github.sha }} | cut -c1-7`" | |
echo "TAG_VERSION=`echo ${{ github.sha }} | cut -c1-7`" >> "$GITHUB_OUTPUT" | |
fi | |
- name: Set push image | |
id: set-push-image | |
shell: bash | |
run: | | |
if [[ ${{env.pr_merged}} == true || ${{env.release_published}} == true ]]; then | |
echo "Setting PUSH_IMAGE to true" | |
echo "PUSH_IMAGE=true" >> "$GITHUB_OUTPUT" | |
else | |
echo "Setting PUSH_IMAGE to false" | |
echo "PUSH_IMAGE=false" >> "$GITHUB_OUTPUT" | |
fi | |
- name: Set deploy | |
id: set-deploy | |
shell: bash | |
run: | | |
if [[ ${{env.pr_merged}} == true ]]; then | |
echo "Setting DEPLOY to true" | |
echo "Setting ENVIRONMENT to staging" | |
echo "DEPLOY=true" >> "$GITHUB_OUTPUT" | |
echo "ENVIRONMENT=STAGING" >> "$GITHUB_OUTPUT" | |
elif [[ ${{env.release_published}} == true ]]; then | |
echo "Setting DEPLOY to true" | |
echo "Setting ENVIRONMENT to production" | |
echo "DEPLOY=true" >> "$GITHUB_OUTPUT" | |
echo "ENVIRONMENT=PRODUCTION" >> "$GITHUB_OUTPUT" | |
else | |
echo "Setting DEPLOY to false" | |
echo "DEPLOY=false" >> "$GITHUB_OUTPUT" | |
fi | |
build-and-test: | |
if: github.event_name != 'release' | |
runs-on: ubuntu-latest | |
needs: prepare | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v2 | |
with: | |
distribution: 'adopt' | |
java-version: '17' | |
- name: Compile | |
run: | | |
echo "Compiling the code" | |
./mvnw compile | |
- name: Test | |
run: | | |
echo "Running the tests" | |
./mvnw test | |
- name: Add coverage to PR | |
id: jacoco | |
uses: madrapps/[email protected] | |
with: | |
paths: | | |
${{ github.workspace }}/target/site/jacoco/jacoco.xml | |
token: ${{ secrets.GITHUB_TOKEN }} | |
min-coverage-overall: 40 | |
min-coverage-changed-files: 60 | |
title: Coverage report | |
skip-if-no-changes: true | |
build-image-push: | |
if: always() | |
runs-on: ubuntu-latest | |
needs: [prepare, build-and-test] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Login to Docker Hub | |
uses: docker/login-action@v1 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: Extract metadata (tags, labels) for Docker | |
uses: docker/metadata-action@v3 | |
with: | |
images: ${{ github.event.repository.name }}:${{ needs.prepare.outputs.tag_version }} | |
- name: Build and push image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
file: Dockerfile | |
push: ${{ needs.prepare.outputs.push_image }} | |
tags: ${{ secrets.DOCKER_USERNAME }}/${{ github.event.repository.name }}:${{ needs.prepare.outputs.tag_version }} | |
deploy: | |
runs-on: ubuntu-latest | |
needs: [prepare, build-image-push] | |
if: always() && (needs.build-image-push.result == 'success' && needs.prepare.outputs.deploy == 'true') | |
steps: | |
- name: Login to Docker Hub | |
uses: docker/login-action@v1 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: Set permissions for private key | |
run: | | |
echo "${{ secrets.AWS_EC2_PRIVATE_KEY }}" > key.pem | |
chmod 600 key.pem | |
- name: Pull Docker image | |
run: | | |
ssh -o StrictHostKeyChecking=no -i key.pem [email protected] 'sudo docker pull ${{ secrets.DOCKER_USERNAME }}/${{ github.event.repository.name }}:${{ needs.prepare.outputs.tag_version }}' | |
- name: Stop running container | |
run: | | |
ssh -o StrictHostKeyChecking=no -i key.pem [email protected] 'sudo docker stop spring-boot-tests-cicd || true' | |
ssh -o StrictHostKeyChecking=no -i key.pem [email protected] 'sudo docker rm spring-boot-tests-cicd || true' | |
- name: Run new container | |
run: | | |
ssh -o StrictHostKeyChecking=no -i key.pem [email protected] 'sudo docker run -d --name spring-boot-tests-cicd -p 8080:8080 ${{ secrets.DOCKER_USERNAME }}/${{ github.event.repository.name }}:${{ needs.prepare.outputs.tag_version }}' |