Deploy #223
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy | |
on: | |
workflow_dispatch: | |
inputs: | |
config_branch: | |
description: 'Use branch for testing configuration changes' | |
required: false | |
type: string | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
env: | |
SERVICE_PROJECT: oneteam-example | |
SERVICE_NAME: java-maven-pipeline-example | |
JOB: buildByToken/buildWithParameters?job=oneteam-example/java-maven-pipeline-example | |
URL: https://cd.io.nrs.gov.bc.ca | |
PACKAGE_REPO: https://maven.pkg.github.com/bcgov/java-maven-pipeline-example | |
jobs: | |
deploy-build: | |
name: Deploy development version | |
if: ${{ ! startsWith(github.ref, 'refs/tags/') }} | |
runs-on: ubuntu-latest | |
outputs: | |
project_version: ${{ steps.set-build-output.outputs.project_version }} | |
build_guid: ${{ steps.set-build-output.outputs.build_guid }} | |
build_number: ${{ steps.set-build-output.outputs.build_number }} | |
artifact_name: ${{ steps.set-build-output.outputs.artifact_name }} | |
artifact_sha256: ${{ steps.set-build-output.outputs.artifact_sha256 }} | |
download_url: ${{ steps.set-download-url.outputs.download_url }} | |
steps: | |
- name: Set build output | |
id: set-build-output | |
run: | | |
RESPONSE=$(curl -s -X 'POST' \ | |
"${BROKER_URL}/v1/intention/search?where=%7B%22actions.action%22%3A%22package-build%22%2C%22actions.service.project%22%3A%22${SERVICE_PROJECT}%22%2C%22actions.service.name%22%3A%22${SERVICE_NAME}%22%2C%22actions.package.buildVersion%22%3A%22${GITHUB_SHA}%22%7D&offset=0&limit=1" \ | |
-H 'accept: application/json' \ | |
-H 'Authorization: Bearer '"${BROKER_JWT}"'' \ | |
-d '') | |
echo "project_version=$(echo ${RESPONSE} | jq -r '.data[].actions[].package.version')" >> $GITHUB_OUTPUT | |
echo "build_guid=$(echo ${RESPONSE} | jq -r '.data[].id')" >> $GITHUB_OUTPUT | |
echo "build_number=$(echo ${RESPONSE} | jq -r '.data[].actions[].package.buildNumber')" >> $GITHUB_OUTPUT | |
echo "artifact_name=$(echo ${RESPONSE} | jq -r '.data[].actions[].artifacts[].name')" >> $GITHUB_OUTPUT | |
artifact_checksum=$(echo ${RESPONSE} | jq -r '.data[].actions[].artifacts[].checksum') | |
echo "artifact_sha256=${artifact_checksum#sha256:}" >> $GITHUB_OUTPUT | |
env: | |
BROKER_URL: https://broker.io.nrs.gov.bc.ca | |
BROKER_JWT: ${{ secrets.BROKER_JWT }} | |
SERVICE_PROJECT: ${{ env.SERVICE_PROJECT }} | |
SERVICE_NAME: ${{ env.SERVICE_NAME }} | |
GITHUB_SHA: ${{ github.sha }} | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
fetch-tags: true | |
ref: ${{ github.ref }} | |
- name: Set up Java | |
uses: actions/setup-java@v4 | |
with: | |
java-version: '8' | |
distribution: 'temurin' | |
cache: maven | |
- name: Set download URL | |
id: set-download-url | |
run: | | |
sudo apt-get -qq install libxml2-utils | |
GROUP_ID=$(mvn help:evaluate -Dexpression=project.groupId -q -DforceStdout --file ./pom.xml) | |
GROUP_ID_PATH="${GROUP_ID//.//}" | |
PACKAGE_TYPE=$(mvn help:evaluate -Dexpression=project.packaging -q -DforceStdout --file ./pom.xml) | |
curl -LO "${PACKAGE_REPO}/${GROUP_ID_PATH}/${SERVICE_NAME}/${PROJECT_VERSION}/maven-metadata.xml" -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" | |
TIMESTAMP=$(xmllint --xpath '//metadata/versioning/snapshot/timestamp/text()' maven-metadata.xml) | |
BUILD_NUMBER=$(xmllint --xpath '//metadata/versioning/snapshot/buildNumber/text()' maven-metadata.xml) | |
SNAPSHOT_VERSION="${PROJECT_VERSION//SNAPSHOT/$TIMESTAMP-$BUILD_NUMBER}" | |
ARTIFACT_NAME="${SERVICE_NAME}-${SNAPSHOT_VERSION}.${PACKAGE_TYPE}" | |
DOWNLOAD_URL="${PACKAGE_REPO}/${GROUP_ID_PATH}/${SERVICE_NAME}/${PROJECT_VERSION}/${ARTIFACT_NAME}" | |
echo "${DOWNLOAD_URL}" | |
echo "download_url=$(echo ${DOWNLOAD_URL})" >> $GITHUB_OUTPUT | |
env: | |
SERVICE_NAME: ${{ env.SERVICE_NAME }} | |
PROJECT_VERSION: ${{ steps.set-build-output.outputs.project_version }} | |
PACKAGE_REPO: ${{ env.PACKAGE_REPO }} | |
deploy-tag: | |
name: Deploy release version | |
if: ${{ startsWith(github.ref, 'refs/tags/') }} | |
runs-on: ubuntu-latest | |
outputs: | |
project_version: ${{ steps.set-tag-output.outputs.project_version }} | |
build_guid: ${{ steps.set-tag-output.outputs.build_guid }} | |
build_number: ${{ steps.set-tag-output.outputs.build_number }} | |
artifact_name: ${{ steps.set-tag-output.outputs.artifact_name }} | |
artifact_sha256: ${{ steps.set-tag-output.outputs.artifact_sha256 }} | |
download_url: ${{ steps.set-download-url.outputs.download_url }} | |
steps: | |
- name: Set tag output | |
id: set-tag-output | |
run: | | |
TAG=${{ github.ref_name }} | |
PROJECT_VERSION=${TAG#v} | |
RESPONSE=$(curl -s -X 'POST' \ | |
"${BROKER_URL}/v1/intention/search?where=%7B%22actions.action%22%3A%22package-build%22%2C%22actions.service.project%22%3A%22${SERVICE_PROJECT}%22%2C%22actions.service.name%22%3A%22${SERVICE_NAME}%22%2C%22actions.package.version%22%3A%22${PROJECT_VERSION}%22%7D&offset=0&limit=1" \ | |
-H 'accept: application/json' \ | |
-H 'Authorization: Bearer '"${BROKER_JWT}"'' \ | |
-d '') | |
echo "project_version=${PROJECT_VERSION}" >> $GITHUB_OUTPUT | |
echo "build_guid=$(echo ${RESPONSE} | jq -r '.data[].id')" >> $GITHUB_OUTPUT | |
echo "build_number=$(echo ${RESPONSE} | jq -r '.data[].actions[].package.buildNumber')" >> $GITHUB_OUTPUT | |
echo "artifact_name=$(echo ${RESPONSE} | jq -r '.data[].actions[].artifacts[].name')" >> $GITHUB_OUTPUT | |
artifact_checksum=$(echo ${RESPONSE} | jq -r '.data[].actions[].artifacts[].checksum') | |
echo "artifact_sha256=${artifact_checksum#sha256:}" >> $GITHUB_OUTPUT | |
env: | |
BROKER_URL: https://broker.io.nrs.gov.bc.ca | |
BROKER_JWT: ${{ secrets.BROKER_JWT }} | |
SERVICE_PROJECT: ${{ env.SERVICE_PROJECT }} | |
SERVICE_NAME: ${{ env.SERVICE_NAME }} | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
fetch-tags: true | |
ref: ${{ github.ref }} | |
- name: Set up Java | |
uses: actions/setup-java@v4 | |
with: | |
java-version: '8' | |
distribution: 'temurin' | |
cache: maven | |
- name: Set download URL | |
id: set-download-url | |
run: | | |
sudo apt-get -qq install libxml2-utils | |
GROUP_ID=$(mvn help:evaluate -Dexpression=project.groupId -q -DforceStdout --file ./pom.xml) | |
GROUP_ID_PATH="${GROUP_ID//.//}" | |
PACKAGE_TYPE=$(mvn help:evaluate -Dexpression=project.packaging -q -DforceStdout --file ./pom.xml) | |
ARTIFACT_NAME="${SERVICE_NAME}-${PROJECT_VERSION}.${PACKAGE_TYPE}" | |
DOWNLOAD_URL="${PACKAGE_REPO}/${GROUP_ID_PATH}/${SERVICE_NAME}/${PROJECT_VERSION}/${ARTIFACT_NAME}" | |
echo "${DOWNLOAD_URL}" | |
echo "download_url=$(echo ${DOWNLOAD_URL})" >> $GITHUB_OUTPUT | |
env: | |
SERVICE_NAME: ${{ env.SERVICE_NAME }} | |
PROJECT_VERSION: ${{ steps.set-tag-output.outputs.project_version }} | |
PACKAGE_REPO: ${{ env.PACKAGE_REPO }} | |
submit-job: | |
name: Submit job | |
if: | | |
always() && | |
((needs.deploy-build.result == 'success' && needs.deploy-tag.result == 'skipped') || | |
(needs.deploy-build.result == 'skipped' && needs.deploy-tag.result == 'success')) | |
needs: [deploy-build, deploy-tag] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Submit a job to Jenkins | |
run: | | |
curl \ | |
--data-urlencode "token=${{ secrets.JENKINS_TOKEN }}" \ | |
--data-urlencode "githubToken=${{ secrets.GITHUB_TOKEN }}" \ | |
--data-urlencode "artifactSha256=${ARTIFACT_SHA256}" \ | |
--data-urlencode "projectVersion=${PROJECT_VERSION}" \ | |
--data-urlencode "gitBranch=${{ github.ref_name }}" \ | |
--data-urlencode "intentionId=${BUILD_GUID}" \ | |
--data-urlencode "gitTag=${{ (startsWith(github.ref, 'refs/tags/') && github.ref_name) || '' }}" \ | |
--data-urlencode "configBranch=${{ inputs.config_branch || '' }}" \ | |
--data-urlencode "downloadUrl=${DOWNLOAD_URL}" \ | |
--data-urlencode "downloadType=GITHUB" \ | |
-H "Connection: close" \ | |
${{ env.URL }}/${{ env.JOB }} | |
env: | |
PROJECT_VERSION: ${{ needs.deploy-build.outputs.project_version || needs.deploy-tag.outputs.project_version }} | |
BUILD_GUID: ${{ needs.deploy-build.outputs.build_guid || needs.deploy-tag.outputs.build_guid }} | |
BUILD_NUMBER: ${{ needs.deploy-build.outputs.build_number || needs.deploy-tag.outputs.build_number }} | |
ARTIFACT_SHA256: ${{ needs.deploy-build.outputs.artifact_sha256 || needs.deploy-tag.outputs.artifact_sha256 }} | |
DOWNLOAD_URL: ${{ needs.deploy-build.outputs.download_url || needs.deploy-tag.outputs.download_url }} | |
# The automatically generated GitHub token will expire when the workflow ends. We need to wait so the job has time to clone the repo. | |
- name: Sleep | |
run: sleep 90s | |
shell: bash |