.github/workflows/deploy.yaml #16
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| config_branch: | |
| description: 'Use branch for testing configuration changes' | |
| required: false | |
| type: string | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| SERVICE_PROJECT: oneteam-example | |
| SERVICE_NAME: java-maven-pipeline-example | |
| JOB: buildByToken/buildWithParameters?job=oneteam-example/java-maven-pipeline-example | |
| URL: https://cd.io.nrs.gov.bc.ca | |
| PACKAGE_REPO: https://maven.pkg.github.com/bcgov/java-maven-pipeline-example | |
| jobs: | |
| deploy-build: | |
| name: Deploy development version | |
| if: ${{ ! startsWith(github.ref, 'refs/tags/') }} | |
| runs-on: ubuntu-latest | |
| outputs: | |
| project_version: ${{ steps.set-build-output.outputs.project_version }} | |
| build_guid: ${{ steps.set-build-output.outputs.build_guid }} | |
| build_number: ${{ steps.set-build-output.outputs.build_number }} | |
| artifact_name: ${{ steps.set-build-output.outputs.artifact_name }} | |
| artifact_sha256: ${{ steps.set-build-output.outputs.artifact_sha256 }} | |
| download_url: ${{ steps.set-download-url.outputs.download_url }} | |
| steps: | |
| - name: Set build output | |
| id: set-build-output | |
| run: | | |
| RESPONSE=$(curl -s -X 'POST' \ | |
| "${BROKER_URL}/v1/intention/search?where=%7B%22actions.action%22%3A%22package-build%22%2C%22actions.service.project%22%3A%22${SERVICE_PROJECT}%22%2C%22actions.service.name%22%3A%22${SERVICE_NAME}%22%2C%22actions.package.buildVersion%22%3A%22${GITHUB_SHA}%22%7D&offset=0&limit=1" \ | |
| -H 'accept: application/json' \ | |
| -H 'Authorization: Bearer '"${BROKER_JWT}"'' \ | |
| -d '') | |
| echo "project_version=$(echo ${RESPONSE} | jq -r '.data[].actions[].package.version')" >> $GITHUB_OUTPUT | |
| echo "build_guid=$(echo ${RESPONSE} | jq -r '.data[].id')" >> $GITHUB_OUTPUT | |
| echo "build_number=$(echo ${RESPONSE} | jq -r '.data[].actions[].package.buildNumber')" >> $GITHUB_OUTPUT | |
| echo "artifact_name=$(echo ${RESPONSE} | jq -r '.data[].actions[].artifacts[].name')" >> $GITHUB_OUTPUT | |
| artifact_checksum=$(echo ${RESPONSE} | jq -r '.data[].actions[].artifacts[].checksum') | |
| echo "artifact_sha256=${artifact_checksum#sha256:}" >> $GITHUB_OUTPUT | |
| env: | |
| BROKER_URL: https://broker.io.nrs.gov.bc.ca | |
| BROKER_JWT: ${{ secrets.BROKER_JWT }} | |
| SERVICE_PROJECT: ${{ env.SERVICE_PROJECT }} | |
| SERVICE_NAME: ${{ env.SERVICE_NAME }} | |
| GITHUB_SHA: ${{ github.sha }} | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| fetch-tags: true | |
| ref: ${{ github.ref }} | |
| - name: Set up Java | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '8' | |
| distribution: 'temurin' | |
| cache: maven | |
| - name: Set download URL | |
| id: set-download-url | |
| run: | | |
| sudo apt-get -qq install libxml2-utils | |
| GROUP_ID=$(mvn help:evaluate -Dexpression=project.groupId -q -DforceStdout --file ./pom.xml) | |
| GROUP_ID_PATH="${GROUP_ID//.//}" | |
| PACKAGE_TYPE=$(mvn help:evaluate -Dexpression=project.packaging -q -DforceStdout --file ./pom.xml) | |
| curl -LO "${PACKAGE_REPO}/${GROUP_ID_PATH}/${SERVICE_NAME}/${PROJECT_VERSION}/maven-metadata.xml" -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" | |
| TIMESTAMP=$(xmllint --xpath '//metadata/versioning/snapshot/timestamp/text()' maven-metadata.xml) | |
| BUILD_NUMBER=$(xmllint --xpath '//metadata/versioning/snapshot/buildNumber/text()' maven-metadata.xml) | |
| SNAPSHOT_VERSION="${PROJECT_VERSION//SNAPSHOT/$TIMESTAMP-$BUILD_NUMBER}" | |
| ARTIFACT_NAME="${SERVICE_NAME}-${SNAPSHOT_VERSION}.${PACKAGE_TYPE}" | |
| DOWNLOAD_URL="${PACKAGE_REPO}/${GROUP_ID_PATH}/${SERVICE_NAME}/${PROJECT_VERSION}/${ARTIFACT_NAME}" | |
| echo "${DOWNLOAD_URL}" | |
| echo "download_url=$(echo ${DOWNLOAD_URL})" >> $GITHUB_OUTPUT | |
| env: | |
| SERVICE_NAME: ${{ env.SERVICE_NAME }} | |
| PROJECT_VERSION: ${{ steps.set-build-output.outputs.project_version }} | |
| PACKAGE_REPO: ${{ env.PACKAGE_REPO }} | |
| deploy-tag: | |
| name: Deploy release version | |
| if: ${{ startsWith(github.ref, 'refs/tags/') }} | |
| runs-on: ubuntu-latest | |
| outputs: | |
| project_version: ${{ steps.set-tag-output.outputs.project_version }} | |
| build_guid: ${{ steps.set-tag-output.outputs.build_guid }} | |
| build_number: ${{ steps.set-tag-output.outputs.build_number }} | |
| artifact_name: ${{ steps.set-tag-output.outputs.artifact_name }} | |
| artifact_sha256: ${{ steps.set-tag-output.outputs.artifact_sha256 }} | |
| download_url: ${{ steps.set-download-url.outputs.download_url }} | |
| steps: | |
| - name: Set tag output | |
| id: set-tag-output | |
| run: | | |
| TAG=${{ github.ref_name }} | |
| PROJECT_VERSION=${TAG#v} | |
| RESPONSE=$(curl -s -X 'POST' \ | |
| "${BROKER_URL}/v1/intention/search?where=%7B%22actions.action%22%3A%22package-build%22%2C%22actions.service.project%22%3A%22${SERVICE_PROJECT}%22%2C%22actions.service.name%22%3A%22${SERVICE_NAME}%22%2C%22actions.package.version%22%3A%22${PROJECT_VERSION}%22%7D&offset=0&limit=1" \ | |
| -H 'accept: application/json' \ | |
| -H 'Authorization: Bearer '"${BROKER_JWT}"'' \ | |
| -d '') | |
| echo "project_version=${PROJECT_VERSION}" >> $GITHUB_OUTPUT | |
| echo "build_guid=$(echo ${RESPONSE} | jq -r '.data[].id')" >> $GITHUB_OUTPUT | |
| echo "build_number=$(echo ${RESPONSE} | jq -r '.data[].actions[].package.buildNumber')" >> $GITHUB_OUTPUT | |
| echo "artifact_name=$(echo ${RESPONSE} | jq -r '.data[].actions[].artifacts[].name')" >> $GITHUB_OUTPUT | |
| artifact_checksum=$(echo ${RESPONSE} | jq -r '.data[].actions[].artifacts[].checksum') | |
| echo "artifact_sha256=${artifact_checksum#sha256:}" >> $GITHUB_OUTPUT | |
| env: | |
| BROKER_URL: https://broker.io.nrs.gov.bc.ca | |
| BROKER_JWT: ${{ secrets.BROKER_JWT }} | |
| SERVICE_PROJECT: ${{ env.SERVICE_PROJECT }} | |
| SERVICE_NAME: ${{ env.SERVICE_NAME }} | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| fetch-tags: true | |
| ref: ${{ github.ref }} | |
| - name: Set up Java | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '8' | |
| distribution: 'temurin' | |
| cache: maven | |
| - name: Set download URL | |
| id: set-download-url | |
| run: | | |
| sudo apt-get -qq install libxml2-utils | |
| GROUP_ID=$(mvn help:evaluate -Dexpression=project.groupId -q -DforceStdout --file ./pom.xml) | |
| GROUP_ID_PATH="${GROUP_ID//.//}" | |
| PACKAGE_TYPE=$(mvn help:evaluate -Dexpression=project.packaging -q -DforceStdout --file ./pom.xml) | |
| ARTIFACT_NAME="${SERVICE_NAME}-${PROJECT_VERSION}.${PACKAGE_TYPE}" | |
| DOWNLOAD_URL="${PACKAGE_REPO}/${GROUP_ID_PATH}/${SERVICE_NAME}/${PROJECT_VERSION}/${ARTIFACT_NAME}" | |
| echo "${DOWNLOAD_URL}" | |
| echo "download_url=$(echo ${DOWNLOAD_URL})" >> $GITHUB_OUTPUT | |
| env: | |
| SERVICE_NAME: ${{ env.SERVICE_NAME }} | |
| PROJECT_VERSION: ${{ steps.set-tag-output.outputs.project_version }} | |
| PACKAGE_REPO: ${{ env.PACKAGE_REPO }} | |
| submit-job: | |
| name: Submit job | |
| if: | | |
| always() && | |
| ((needs.deploy-build.result == 'success' && needs.deploy-tag.result == 'skipped') || | |
| (needs.deploy-build.result == 'skipped' && needs.deploy-tag.result == 'success')) | |
| needs: [deploy-build, deploy-tag] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Submit a job to Jenkins | |
| run: | | |
| curl \ | |
| --data-urlencode "token=${{ secrets.JENKINS_TOKEN }}" \ | |
| --data-urlencode "githubToken=${{ secrets.GITHUB_TOKEN }}" \ | |
| --data-urlencode "artifactSha256=${ARTIFACT_SHA256}" \ | |
| --data-urlencode "projectVersion=${PROJECT_VERSION}" \ | |
| --data-urlencode "gitBranch=${{ github.ref_name }}" \ | |
| --data-urlencode "intentionId=${BUILD_GUID}" \ | |
| --data-urlencode "gitTag=${{ (startsWith(github.ref, 'refs/tags/') && github.ref_name) || '' }}" \ | |
| --data-urlencode "configBranch=${{ inputs.config_branch || '' }}" \ | |
| --data-urlencode "downloadUrl=${DOWNLOAD_URL}" \ | |
| --data-urlencode "downloadType=GITHUB" \ | |
| -H "Connection: close" \ | |
| ${{ env.URL }}/${{ env.JOB }} | |
| env: | |
| PROJECT_VERSION: ${{ needs.deploy-build.outputs.project_version || needs.deploy-tag.outputs.project_version }} | |
| BUILD_GUID: ${{ needs.deploy-build.outputs.build_guid || needs.deploy-tag.outputs.build_guid }} | |
| BUILD_NUMBER: ${{ needs.deploy-build.outputs.build_number || needs.deploy-tag.outputs.build_number }} | |
| ARTIFACT_SHA256: ${{ needs.deploy-build.outputs.artifact_sha256 || needs.deploy-tag.outputs.artifact_sha256 }} | |
| DOWNLOAD_URL: ${{ needs.deploy-build.outputs.download_url || needs.deploy-tag.outputs.download_url }} | |
| # The automatically generated GitHub token will expire when the workflow ends. We need to wait so the job has time to clone the repo. | |
| - name: Sleep for 30 seconds | |
| run: sleep 30s | |
| shell: bash |