Skip to content

Commit

Permalink
Merge pull request #939 from puzzle/844-demo_properties_github_action
Browse files Browse the repository at this point in the history
okr #844: properties and github action for demo umgebung
  • Loading branch information
pizzi-cato authored Jun 5, 2024
2 parents 089280b + c842b4f commit 4d29bb1
Show file tree
Hide file tree
Showing 2 changed files with 249 additions and 0 deletions.
242 changes: 242 additions & 0 deletions .github/workflows/demo-deploy-action.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,242 @@
name: 'Demo-Deploy'

on:
pull_request:
types:
- closed
branches: [ main ]

jobs:
update-version:
if: github.event.pull_request.merged == true
runs-on: ubuntu-22.04
outputs:
okr-docker-image: ${{ vars.NEW_VALUE_URL }}:${{ steps.store-version.outputs.version}}-DEMO
steps:
- uses: actions/checkout@v4
with:
token: ${{secrets.VERSION_TOKEN}}

- name: Generate and Set New Version
run: mvn build-helper:parse-version versions:set -DnewVersion=\${parsedVersion.majorVersion}.\${parsedVersion.minorVersion}.\${parsedVersion.nextIncrementalVersion} -DgenerateBackupPoms=false

- name: Extract Maven project version
run: echo "version=$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec)" >> $GITHUB_OUTPUT
id: store-version

- name: Set New Snapshot Version
run: mvn build-helper:parse-version versions:set -DnewVersion=${{ steps.store-version.outputs.version}}-SNAPSHOT -DgenerateBackupPoms=false

- name: Commit and Push Changes
shell: bash
env:
COMMITPREFIX: '[VU]'
run: |
git config --global user.email "[email protected]"
git config --global user.name "GitHub Actions"
git add . || {
echo "No files were changed, so we did not commit anything"
exit 1
}
git commit -m "$COMMITPREFIX Automated version update" || {
echo "No changes to commit, skipping push"
exit 0
}
git push -f origin main
build-docker-image:
needs: update-version
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4

- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'adopt'

- name: Set up node 18
uses: actions/setup-node@v4
with:
node-version: 18.17.1

- name: Install Dependencies
run: cd ./frontend && npm ci

- name: Build frontend with Angular
run: cd ./frontend && npm run build

- name: Build backend with Maven
run: mvn -B clean package --file pom.xml -P build-for-docker

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Build the docker image
uses: docker/build-push-action@v5
with:
context: .
file: docker/Dockerfile
tags: ${{ needs.update-version.outputs.okr-docker-image}}
load: true
push: false
outputs: type=docker,dest=/tmp/okr-docker-image.tar

- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: okr-image
path: /tmp/okr-docker-image.tar

- name: print imagetags
run: echo ${{ needs.update-version.outputs.okr-docker-image}}

e2e-docker:
runs-on: ubuntu-22.04
needs: [build-docker-image,update-version]
steps:
- uses: actions/checkout@v4

- name: Download artifact
uses: actions/download-artifact@v4
with:
name: okr-image
path: /tmp

- name: Load image
run: docker load --input /tmp/okr-docker-image.tar

- name: show images
run: docker image ls -a

- name: Run docker image
run: |
docker run --network=host \
-p 8080:8080 \
-e SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER-URI=http://localhost:8544/realms/pitc \
-e SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_JWK-SET-URI=http://localhost:8544/realms/pitc/protocol/openid-connect/certs \
-e SPRING_SECURITY_OAUTH2_RESOURCESERVER_OPAQUETOKEN_CLIENT-ID=pitc_okr_demo \
-e SPRING_PROFILES_ACTIVE-ID=integration-test \
-e SPRING_DATASOURCE_URL="jdbc:h2:mem:db;DB_CLOSE_DELAY=-1" \
-e SPRING_DATASOURCE_USERNAME=user \
-e SPRING_DATASOURCE_PASSWORD=sa \
-e SPRING_FLYWAY_LOCATIONS="classpath:db/h2-db/database-h2-schema,classpath:db/h2-db/data-test-h2" \
${{ needs.update-version.outputs.okr-docker-image}} &
- name: run keycloak docker
run: |
docker run \
-e KEYCLOAK_ADMIN=admin \
-e KEYCLOAK_ADMIN_PASSWORD=keycloak \
-v ./docker/config/realm-export.json:/opt/keycloak/data/import/realm.json \
-p 8544:8080 \
quay.io/keycloak/keycloak:23.0.1 \
start-dev --import-realm &
- uses: abhi1693/[email protected]
with:
browser: chrome
version: latest

- name: Cypress run e2e tests
uses: cypress-io/github-action@v6
with:
build: npm i -D cypress
install: false
wait-on: 'http://localhost:8080/config, http://localhost:8544'
wait-on-timeout: 120
browser: chrome
headed: true
working-directory: frontend
config: baseUrl=http://localhost:8080

upload-to-quay:
runs-on: ubuntu-latest
needs: [e2e-docker, update-version]
steps:
- uses: actions/checkout@v4

- name: Download artifact
uses: actions/download-artifact@v4
with:
name: okr-image
path: /tmp

- name: Load image
run: docker load --input /tmp/okr-docker-image.tar

- name: show images
run: docker image ls -a

- name: Log in to Quay registry
uses: docker/login-action@v3
with:
registry: ${{ secrets.QUAY_REGISTRY }}
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_TOKEN }}

- name: Push
run: docker push ${{ needs.update-version.outputs.okr-docker-image}}

- name: Install yq
shell: bash
env:
VERSION: v4.25.2
BINARY: yq_linux_amd64
run: |
wget -q https://github.com/mikefarah/yq/releases/download/${VERSION}/${BINARY}.tar.gz -O - |\
tar xz && mv ${BINARY} /usr/local/bin/yq
- name: Update YAML file
shell: bash
env:
COMMITPREFIX: '[CTS]'
run: |
curl -s --header "PRIVATE-TOKEN: ${{secrets.GITLAB_ACCESS_TOKEN}}" "${{vars.TARGET_GITLAB_REPOSITORY}}/files/${{vars.GITLAB_FILEPATH}}?ref=${{vars.TARGET_GITLAB_REFERENCE}}" -H "Accept: application/json" -H "Content-Type: application/json" | jq -r '.content' | base64 --decode > response.yaml
yq -i "${{vars.YAML_PATH}} = \"${{needs.update-version.outputs.okr-docker-image}}\"" response.yaml
UPDATED_CONTENT=$(cat response.yaml)
curl --request PUT --header 'PRIVATE-TOKEN: ${{secrets.GITLAB_ACCESS_TOKEN}}' -F "branch=${{vars.TARGET_GITLAB_REFERENCE}}" -F "[email protected]" -F "author_name=GitLab Actions" -F "content=${UPDATED_CONTENT}" -F "commit_message=$COMMITPREFIX Automated changes to ${{vars.FILEPATH_COMMIT}}" "${{vars.TARGET_GITLAB_REPOSITORY}}/files/${{vars.GITLAB_FILEPATH}}"
generate-and-push-sbom:
runs-on: ubuntu-latest
needs: [upload-to-quay]
steps:
- name: Checkout Repository
uses: actions/checkout@v4

- name: Install cdxgen
working-directory: frontend
run: npm install -g @cyclonedx/[email protected]

- name: 'Generate SBOM for maven dependencies'
working-directory: backend
run: mvn org.cyclonedx:cyclonedx-maven-plugin:makeAggregateBom

- name: 'Generate SBOM for npm dependencies'
working-directory: frontend
run: cdxgen -o ../sbom-npm.xml -t npm .

- name: 'Merge frontend and backend SBOMs'
run: |
docker run --rm -v $(pwd):/data cyclonedx/cyclonedx-cli merge --input-files data/backend/target/bom.xml data/sbom-npm.xml --output-file data/sbom.xml
- name: 'Push merged SBOM to dependency track'
env:
PROJECT_NAME: okr-demo
run: |
curl --verbose -s --location --request POST ${{ secrets.DEPENDENCY_TRACK_URL }} \
--header "X-Api-Key: ${{ secrets.SECRET_OWASP_DT_KEY }}" \
--header "Content-Type: multipart/form-data" \
--form "autoCreate=true" \
--form "projectName=${PROJECT_NAME:-$GITHUB_REPOSITORY}" \
--form "projectVersion=latest" \
--form "[email protected]"
clean-up:
needs: [generate-and-push-sbom]
runs-on: ubuntu-latest

steps:
- name: remove dockers
run: docker ps -aq | xargs -r docker rm -f
7 changes: 7 additions & 0 deletions backend/src/main/resources/application-demo.properties
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
# logging level for staging
logging.level.org.springframework=debug

spring.security.oauth2.resourceserver.opaquetoken.client-id=pitc_okr_demo

okr.user.champion.usernames=jbrantschen
okr.clientcustomization.customstyles.okr-topbar-background-color=#fa8072

0 comments on commit 4d29bb1

Please sign in to comment.