Skip to content
API_CI_CD_Workflow

API_CI_CD_Workflow #256

Sign in to view logs

API_CI_CD_Workflow

API_CI_CD_Workflow #256

Workflow file for this run

.github/workflows/API_CI_CD_Workflow.yaml at 8048408
name: API_CI_CD_Workflow # Define the name of the workflow
on:
# push:
# branches:
# - qa-master
# - master
workflow_dispatch:
inputs:
knowhow_common_branch:
description: "Type the Branch to use from knowhow-common repo"
required: true
default: "develop"
type: string
test:
description: "Run tests"
required: true
default: "true"
type: choice
options:
- "false"
- "true"
env:
description: "Environment to deploy"
required: true
default: "dev"
type: choice
options:
- dev
- dev1
- qa
- stage
mongock_operation:
description: "Select Operation Type to deploy"
required: true
default: "com.publicissapient.kpidashboard.apis.mongock.upgrade"
type: choice
options:
- com.publicissapient.kpidashboard.apis.mongock.upgrade
- com.publicissapient.kpidashboard.apis.mongock.installation
mongock_start_version:
description: "Start version for Mongock(e.g: 1.0.0)"
required: true
default: "13.0.0"
type: string
mongock_end_version:
description: "End version for Mongock(e.g: 1.0.0)"
required: true
default: "14.0.0"
type: string
env:
IMAGE_NAME: knowhow-api
ACR_NAME: ${{ secrets.SPEEDTOOLS_ACR_NAME }} # without .azurecr.io
ACR_LOGIN_SERVER: ${{ secrets.SPEEDTOOLS_ACR_LOGIN_SERVER }} # e.g. myacr.azurecr.io
BITBUCKET_HELM_REPO: ${{ secrets.SPEEDTOOLS_BITBUCKET_HELM_REPO }} # HTTPS clone URL (without creds)
sonartoken: ${{ secrets.SONARQUBE_TOKEN }} # Secret for SonarQube authentication
sonarurl: ${{ secrets.SONARURL }} # SonarQube URL stored in secrets
GITHUB_HEAD_NAME: $GITHUB_HEAD_REF # Store the head branch name used in sonarqube
jobs:
# ✅ knowhow-api Build skipping test
build:
runs-on: ubuntu-latest
timeout-minutes: 30
outputs:
argocd_app_name: ${{ steps.set_env.outputs.argocd_app_name }}
steps:
- name: Set IMAGE_TAG and values file
id: set_env
run: |
ENV="${{ github.event.inputs.env }}"
if [[ "$ENV" == "qa" ]]; then
echo "IMAGE_TAG=qa-${GITHUB_SHA::8}" >> $GITHUB_ENV
echo "VALUES_FILE=values-qa.yaml" >> $GITHUB_ENV
echo "ARGOCD_APP_NAME=knowhow-api-qa" >> $GITHUB_ENV
echo "argocd_app_name=knowhow-api-qa" >> $GITHUB_OUTPUT
elif [[ "$ENV" == "stage" ]]; then
echo "IMAGE_TAG=master-${GITHUB_SHA::8}" >> $GITHUB_ENV
echo "VALUES_FILE=values-stage.yaml" >> $GITHUB_ENV
echo "ARGOCD_APP_NAME=knowhow-api-stage" >> $GITHUB_ENV
echo "argocd_app_name=knowhow-api-stage" >> $GITHUB_OUTPUT
elif [[ "$ENV" == "dev1" ]]; then
echo "IMAGE_TAG=dev1-${GITHUB_SHA::8}" >> $GITHUB_ENV
echo "VALUES_FILE=values-dev1.yaml" >> $GITHUB_ENV
echo "ARGOCD_APP_NAME=knowhow-api-dev1" >> $GITHUB_ENV
echo "argocd_app_name=knowhow-api-dev1" >> $GITHUB_OUTPUT
else
echo "IMAGE_TAG=dev-${GITHUB_SHA::8}" >> $GITHUB_ENV
echo "VALUES_FILE=values-dev.yaml" >> $GITHUB_ENV
echo "ARGOCD_APP_NAME=knowhow-api-dev" >> $GITHUB_ENV
echo "argocd_app_name=knowhow-api-dev" >> $GITHUB_OUTPUT
fi
- name: Checkout Repository
uses: actions/checkout@v2
- name: Set Up Java
uses: actions/setup-java@v2
with:
distribution: "adopt"
java-version: "17"
- name: Cache Maven packages
uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
# ✅ Configure Maven to use GitHub Package Registry for knowhow-ai-gateway-client
- name: Configure Maven to use GitHub Packages
run: |
mkdir -p ~/.m2
cat > ~/.m2/settings.xml <<EOF
<settings>
<servers>
<server>
<id>github</id>
<username>${{ github.actor }}</username>
<password>${{ secrets.MAVEN_TOKEN }}</password>
</server>
</servers>
<profiles>
<profile>
<id>github</id>
<repositories>
<repository>
<id>github</id>
<url>https://maven.pkg.github.com/PublicisSapient/knowhow-ai-gateway-client</url>
</repository>
</repositories>
</profile>
</profiles>
<activeProfiles>
<activeProfile>github</activeProfile>
</activeProfiles>
</settings>
EOF
# ✅ Clone & Build knowhow-common dependency
- name: Clone & Build knowhow-common dependency
run: |
BRANCH_TO_CLONE="${{ github.event.inputs.knowhow_common_branch }}"
git clone --branch $BRANCH_TO_CLONE https://github.com/PublicisSapient/knowhow-common.git
cd knowhow-common
mvn clean install -Ddockerfile.skip=true
# ✅ Get common version using Maven Help Plugin
- name: Get common version using Maven Help Plugin
run: |
cd knowhow-common
COMMON_VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)
echo "COMMON_VERSION=$COMMON_VERSION"
echo "COMMON_VERSION=$COMMON_VERSION" >> $GITHUB_ENV
# ✅ Updating the common version in api projects
- name: Updating the common version in api project
run: |
mvn versions:use-dep-version \
-Dincludes=com.publicissapient.kpidashboard:common \
-DdepVersion=$COMMON_VERSION \
-DforceVersion=true
# ✅ Code Formatting Check (Spotless)
- name: Code Formatting Check
run: mvn spotless:check
# ✅ Build & Test knowhoiw-api with both dependencies: common + ai-gateway-client
- name: Build & skip Test knowhow-api
if: ${{ github.event.inputs.test == 'false' }}
run: mvn clean install -Ddockerfile.skip=true -DskipTests
# ✅ Build & Test knowhow-api with both dependencies: common + ai-gateway-client
- name: Build & Test knowhow-api
if: ${{ github.event.inputs.test == 'true' }}
run: mvn clean install -Ddockerfile.skip=true
# ✅ SonarQube Analysis - knowhow-api
- name: SonarQube Analysis - knowhow-api
if: ${{ github.event.inputs.test == 'true' }}
run: |
mvn sonar:sonar -Dsonar.projectKey=ENGINEERING.KPIDASHBOARD.CUSTOMAPI \
-Dsonar.projectName=ENGINEERING.KPIDASHBOARD.CUSTOMAPI \
-Dsonar.branch.name=${{ env.GITHUB_HEAD_NAME }} \
-Dsonar.host.url=${{ secrets.SONARQUBE_HOST }} \
-Dsonar.login=${{ secrets.SONARQUBE_TOKEN }} -f pom.xml
# ✅ Check SonarQube Quality Gate - knowhow-api
- name: Check SonarQube Quality Gate - knowhow-api
if: ${{ github.event.inputs.test == 'true' }}
run: |
chmod +x SonarQG.sh
./SonarQG.sh ./target/sonar/report-task.txt
- name: Build & Push Docker Image
run: |
docker login $ACR_LOGIN_SERVER --username ${{ secrets.SPEEDTOOLS_ACR_USERNAME }} --password ${{ secrets.SPEEDTOOLS_ACR_PASSWORD }}
docker build -t $ACR_LOGIN_SERVER/$IMAGE_NAME:$IMAGE_TAG .
docker push $ACR_LOGIN_SERVER/$IMAGE_NAME:$IMAGE_TAG
echo "IMAGE_TAG=$IMAGE_TAG" >> $GITHUB_ENV
- name: Checkout Helm charts from Bitbucket
run: |
git clone ${{ secrets.SPEEDTOOLS_BITBUCKET_HELM_REPO }}
cd build-configurations/KnowHOW-Deploy/knowhow-api
# Update values.yaml image tag
yq -i ".image.tag = \"${IMAGE_TAG}\"" $VALUES_FILE
# Update Mongock values
yq -i ".mongock.startversion = \"${{ github.event.inputs.mongock_start_version }}\"" $VALUES_FILE
yq -i ".mongock.endversion = \"${{ github.event.inputs.mongock_end_version }}\"" $VALUES_FILE
yq -i ".mongock.migrationpackage = \"${{ github.event.inputs.mongock_operation }}\"" $VALUES_FILE
git config user.name "github-actions"
git config user.email "github-actions@github.com"
git add $VALUES_FILE
git diff --cached --quiet || git commit -m "Update image tag and mongocd values to ${IMAGE_TAG}"
git push origin HEAD
deploy:
runs-on: github-actions-self-hosted-runner
timeout-minutes: 15
needs: build
env:
ARGOCD_APP_NAME: ${{ needs.build.outputs.argocd_app_name }}
steps:
- name: Install ArgoCD CLI
run: |
# Define a writable path within the runner's home directory
export ARGO_PATH="$HOME/bin"
mkdir -p $ARGO_PATH
# Download ArgoCD CLI to the new path
curl -sSL -o "$ARGO_PATH/argocd" \
https://github.com/argoproj/argo-cd/releases/latest/download/argocd-linux-amd64
# Make the downloaded file executable
chmod +x "$ARGO_PATH/argocd"
# Add the new path to the shell's PATH
echo "$ARGO_PATH" >> $GITHUB_PATH
- name: ArgoCD CLI Login
run: |
argocd login argocd-server \
--username ${{ secrets.SPEEDTOOLS_ARGOCD_USERNAME}} \
--password ${{ secrets.SPEEDTOOLS_ARGOCD_PASSWORD }} \
--plaintext
# Sync the application
- name: Sync application
id: sync-app
run: argocd app sync ${{ env.ARGOCD_APP_NAME }}
# Wait for the application to become healthy
- name: Wait for application health
run: argocd app wait ${{ env.ARGOCD_APP_NAME }} --health --timeout 300