-
Notifications
You must be signed in to change notification settings - Fork 4
124 lines (107 loc) · 3.98 KB
/
deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
name: Maven install
on:
workflow_dispatch:
push:
tags:
- "*"
jobs:
deployment:
permissions:
packages: write
environment: deploy
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Setup Maven
uses: stCarolas/[email protected]
with:
maven-version: 3.8.7
- name: Set up cache
uses: actions/cache@v1
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Determine the version
run: echo ::set-output name=version::$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec)
id: versioncheck
- name: Exit when workflow_dispatch is triggered, and the version does not contain SNAPSHOT in it's name
run: |
echo "Only SNAPSHOT releases can be triggered with the workflow_dispatch"
exit 1
if: github.event_name == 'workflow_dispatch' && ( !endsWith(steps.versioncheck.outputs.version, '-SNAPSHOT'))
- name: Exit when a production build is triggered, and the github tag is not the same as the version in pom.xml
run: |
echo echo "Project version ${{ steps.versioncheck.outputs.version }} does not match git tag ${{ github.ref_name }}"
exit 1
if: github.event_name != 'workflow_dispatch' && steps.versioncheck.outputs.version != github.ref_name
- name: Set up JDK 17 for snapshots
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
cache: 'maven'
server-id: openconext-snapshots
server-username: MAVEN_USERNAME
server-password: MAVEN_PASSWORD
if: ( endsWith(steps.versioncheck.outputs.version, '-SNAPSHOT'))
- name: Set up JDK 17 for releases
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
cache: 'maven'
server-id: openconext-releases
server-username: MAVEN_USERNAME
server-password: MAVEN_PASSWORD
if: ${{!( endsWith(steps.versioncheck.outputs.version, '-SNAPSHOT')) }}
- name: Deploy with Maven
run: mvn --batch-mode deploy -DskipTests
env:
MAVEN_USERNAME: ${{ secrets.BUILD_USERNAME }}
MAVEN_PASSWORD: ${{ secrets.BUILD_PASSWORD }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push the server image
uses: docker/build-push-action@v4
with:
context: server
file: server/docker/Dockerfile
platforms: linux/amd64
push: true
tags: |
ghcr.io/openconext/openconext-access/accessserver:${{ steps.versioncheck.outputs.version }}
- name: Build and push the client image
uses: docker/build-push-action@v4
with:
context: client
file: client/docker/Dockerfile
platforms: linux/amd64
push: true
tags: |
ghcr.io/openconext/openconext-access/accessclient:${{ steps.versioncheck.outputs.version }}
- name: Build and push the welcome image
uses: docker/build-push-action@v4
with:
context: welcome
file: welcome/docker/Dockerfile
platforms: linux/amd64
push: true
tags: |
ghcr.io/openconext/openconext-access/accessswelcome:${{ steps.versioncheck.outputs.version }}
- name: Build and push the provisioning mock image
uses: docker/build-push-action@v4
with:
context: provisioning-mock
file: provisioning-mock/docker/Dockerfile
platforms: linux/amd64
push: true
tags: |
ghcr.io/openconext/openconext-access/accesssprovisioningmock:${{ steps.versioncheck.outputs.version }}