Feature/1135 formatter #896
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'Staging-Deploy' | |
| on: | |
| pull_request: | |
| types: | |
| - closed | |
| branches: [ main ] | |
| jobs: | |
| get-e2e-files: | |
| runs-on: ubuntu-24.04 | |
| outputs: | |
| file_list: ${{ steps.generate-file-list.outputs.file_list }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Generate file list | |
| id: generate-file-list | |
| run: | | |
| FILES=$(ls frontend/cypress/e2e | jq -R . | jq -s . | jq -c) | |
| echo $FILES | |
| echo "file_list=$FILES" >> $GITHUB_OUTPUT | |
| update-version: | |
| if: github.event.pull_request.merged == true | |
| runs-on: ubuntu-24.04 | |
| outputs: | |
| okr-docker-image: ${{ vars.NEW_VALUE_URL }}:${{ steps.store-version.outputs.version}}-STAGING | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| token: ${{secrets.VERSION_TOKEN}} | |
| - name: Generate and Set New Version | |
| run: mvn build-helper:parse-version versions:set -DnewVersion=\${parsedVersion.majorVersion}.\${parsedVersion.minorVersion}.\${parsedVersion.nextIncrementalVersion} -DgenerateBackupPoms=false | |
| - name: Extract Maven project version | |
| run: echo "version=$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec)" >> $GITHUB_OUTPUT | |
| id: store-version | |
| - name: Set New Snapshot Version | |
| run: mvn build-helper:parse-version versions:set -DnewVersion=${{ steps.store-version.outputs.version}}-SNAPSHOT -DgenerateBackupPoms=false | |
| - name: Commit and Push Changes | |
| shell: bash | |
| env: | |
| COMMITPREFIX: '[VU]' | |
| run: | | |
| git config --global user.email "[email protected]" | |
| git config --global user.name "GitHub Actions" | |
| git add . || { | |
| echo "No files were changed, so we did not commit anything" | |
| exit 1 | |
| } | |
| git commit -m "$COMMITPREFIX Automated version update" || { | |
| echo "No changes to commit, skipping push" | |
| exit 0 | |
| } | |
| git push -f origin main | |
| build-docker-image: | |
| needs: update-version | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK ${{vars.JAVA_VERSION}} | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: ${{vars.JAVA_VERSION}} | |
| distribution: 'adopt' | |
| - name: Set up node ${{vars.NODE_VERSION}} | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{vars.NODE_VERSION}} | |
| - name: Install Dependencies | |
| run: cd ./frontend && npm ci | |
| - name: Build frontend with Angular | |
| run: cd ./frontend && npm run build | |
| - name: Build backend with Maven | |
| run: mvn -B clean package --file pom.xml -P build-for-docker | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build the docker image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: docker/Dockerfile | |
| tags: ${{ needs.update-version.outputs.okr-docker-image}} | |
| load: true | |
| push: false | |
| outputs: type=docker,dest=/tmp/okr-docker-image.tar | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: okr-image | |
| path: /tmp/okr-docker-image.tar | |
| - name: print imagetags | |
| run: echo ${{ needs.update-version.outputs.okr-docker-image}} | |
| e2e-docker: | |
| runs-on: ubuntu-24.04 | |
| needs: [build-docker-image,update-version,get-e2e-files] | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| file: ${{ fromJSON(needs.get-e2e-files.outputs.file_list) }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: okr-image | |
| path: /tmp | |
| - name: Load image | |
| run: docker load --input /tmp/okr-docker-image.tar | |
| - name: Run keyloak server | |
| run: cd docker && docker compose up -d keycloak-pitc | |
| - name: run Springboot okr application | |
| run: | | |
| docker run --network=host \ | |
| -e SPRING_PROFILES_ACTIVE=integration-test \ | |
| ${{ needs.update-version.outputs.okr-docker-image}} & | |
| - name: set node version | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{vars.NODE_VERSION}} | |
| - name: Cypress run e2e tests | |
| uses: cypress-io/github-action@v6 | |
| with: | |
| build: npm i -D cypress | |
| working-directory: frontend | |
| install: false | |
| wait-on: 'http://pitc.okr.localhost:8080/config, http://localhost:8544' | |
| wait-on-timeout: 120 | |
| browser: chrome | |
| headed: false | |
| config: baseUrl=http://pitc.okr.localhost:8080 | |
| spec: cypress/e2e/${{ matrix.file }} | |
| - uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: cypress-screenshots for ${{ matrix.file }} | |
| path: frontend/cypress/screenshots | |
| upload-to-quay: | |
| runs-on: ubuntu-latest | |
| needs: [update-version, e2e-docker] #[e2e-docker, update-version] | |
| steps: | |
| - name: Checkout project | |
| uses: actions/checkout@v4 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: okr-image | |
| path: /tmp | |
| - name: Load image | |
| run: docker load --input /tmp/okr-docker-image.tar | |
| - name: show images | |
| run: docker image ls -a | |
| - name: Log in to Quay registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ secrets.QUAY_REGISTRY }} | |
| username: ${{ secrets.QUAY_USERNAME }} | |
| password: ${{ secrets.QUAY_TOKEN }} | |
| - name: Push | |
| run: docker push ${{ needs.update-version.outputs.okr-docker-image}} | |
| - name: Install yq | |
| shell: bash | |
| env: | |
| VERSION: v4.25.2 | |
| BINARY: yq_linux_amd64 | |
| run: | | |
| wget -q https://github.com/mikefarah/yq/releases/download/${VERSION}/${BINARY}.tar.gz -O - |\ | |
| tar xz && mv ${BINARY} /usr/local/bin/yq | |
| - name: Update YAML file | |
| shell: bash | |
| env: | |
| COMMITPREFIX: '[CTS]' | |
| run: | | |
| curl -s --header "PRIVATE-TOKEN: ${{secrets.GITLAB_ACCESS_TOKEN}}" "${{vars.TARGET_GITLAB_REPOSITORY}}/files/${{vars.GITLAB_FILEPATH}}?ref=${{vars.TARGET_GITLAB_REFERENCE}}" -H "Accept: application/json" -H "Content-Type: application/json" | jq -r '.content' | base64 --decode > response.yaml | |
| yq -i "${{vars.YAML_PATH}} = \"${{needs.update-version.outputs.okr-docker-image}}\"" response.yaml | |
| UPDATED_CONTENT=$(cat response.yaml) | |
| curl --request PUT --header 'PRIVATE-TOKEN: ${{secrets.GITLAB_ACCESS_TOKEN}}' -F "branch=${{vars.TARGET_GITLAB_REFERENCE}}" -F "[email protected]" -F "author_name=GitLab Actions" -F "content=${UPDATED_CONTENT}" -F "commit_message=$COMMITPREFIX Automated changes to ${{vars.FILEPATH_COMMIT}}" "${{vars.TARGET_GITLAB_REPOSITORY}}/files/${{vars.GITLAB_FILEPATH}}" | |
| generate-and-push-sbom: | |
| runs-on: ubuntu-latest | |
| needs: [upload-to-quay] | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@v4 | |
| - name: Install cdxgen | |
| working-directory: frontend | |
| run: npm install -g @cyclonedx/[email protected] | |
| - name: 'Generate SBOM for maven dependencies' | |
| working-directory: backend | |
| run: mvn org.cyclonedx:cyclonedx-maven-plugin:makeAggregateBom | |
| - name: 'Generate SBOM for npm dependencies' | |
| working-directory: frontend | |
| run: cdxgen -o ../sbom-npm.xml -t npm . | |
| - name: 'Merge frontend and backend SBOMs' | |
| run: | | |
| docker run --rm -v $(pwd):/data cyclonedx/cyclonedx-cli merge --input-files data/backend/target/bom.xml data/sbom-npm.xml --output-file data/sbom.xml | |
| - name: 'Push merged SBOM to dependency track' | |
| env: | |
| PROJECT_NAME: okr-staging | |
| run: | | |
| curl --verbose -s --location --request POST ${{ secrets.DEPENDENCY_TRACK_URL }} \ | |
| --header "X-Api-Key: ${{ secrets.SECRET_OWASP_DT_KEY }}" \ | |
| --header "Content-Type: multipart/form-data" \ | |
| --form "autoCreate=true" \ | |
| --form "projectName=${PROJECT_NAME:-$GITHUB_REPOSITORY}" \ | |
| --form "projectVersion=latest" \ | |
| --form "[email protected]" | |
| sonarqube: | |
| runs-on: ubuntu-latest | |
| needs: [upload-to-quay] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK ${{ vars.JAVA_VERSION }} | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: ${{ vars.JAVA_VERSION }} | |
| distribution: 'temurin' | |
| - name: Set up node ${{ vars.NODE_VERSION }} | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ vars.NODE_VERSION }} | |
| - name: Install frontend dependencies | |
| run: cd frontend && npm ci | |
| - name: Generate frontend test coverage | |
| run: cd frontend && npm run test -- --coverage | |
| - name: Build and analyze | |
| run: mvn clean verify sonar:sonar -Dsonar.login=${{ secrets.SONAR_TOKEN }} -Dsonar.host.url=${{vars.SONAR_HOST_URL}} |