-
Notifications
You must be signed in to change notification settings - Fork 57
199 lines (182 loc) · 8.22 KB
/
build.yml
File metadata and controls
199 lines (182 loc) · 8.22 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
name: Build and Push Docker Image
# Trigger workflow on tag pushes (e.g., v1.0.0, release-1.2.3)
on:
push:
tags:
- '*'
jobs:
# First job: Build root POM and jobs-core module
# This job serves as the foundation for all other parallel jobs
# It builds the root POM, builds jobs-core, and uploads Maven repository
# All other jobs depend on this job and download the Maven repository from it
root-pom-build-and-jobs-core:
runs-on: ubuntu-latest
outputs:
# Output the Maven cache key for potential use by other jobs
maven-cache-key: ${{ steps.cache-maven.outputs.cache-primary-key }}
steps:
# Step 1: Checkout the source code from the tag
- uses: actions/checkout@v3
# Step 2: Set up Java 11 environment for building
# Uses Temurin distribution for better performance and reliability
- name: Set up JDK11
uses: actions/setup-java@v3
with:
java-version: '11'
distribution: 'temurin'
cache: 'maven' # Additional Maven caching provided by setup-java
# Step 3: Cache Maven dependencies to speed up builds
# This caches the ~/.m2/repository directory between workflow runs
# The cache key is based on the hash of all pom.xml files
- name: Cache Maven packages
id: cache-maven
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
# Step 4: Build root POM and jobs-core module
# This step performs a comprehensive build of the jobs-core module
- name: Build root POM and jobs-core
run: |
# First, build only the root POM (parent project) without building modules
# -N flag means "non-recursive" - only build the current project
mvn clean install -N -DskipTests
# Then build the jobs-core module
cd jobs-core
mvn clean install -DskipTests
# Step 5: Upload Maven repository as artifact
# This makes the built dependencies available to parallel jobs
# All other jobs will download this to avoid rebuilding dependencies
- name: Upload Maven local repository
uses: actions/upload-artifact@v4.6.2
with:
name: maven-repo
path: ~/.m2/repository
retention-days: 1 # Keep for 1 day to allow for debugging
# Final job: Build Docker image and push to registry
# This job builds all modules and jobs-distribution, then creates Docker image
# It only depends on the foundation job that provides the base Maven repository
build-and-push-docker:
needs: root-pom-build-and-jobs-core
runs-on: ubuntu-latest
steps:
# Step 1: Checkout the source code (needed for Docker build context)
- name: Checkout code
uses: actions/checkout@v3
# Step 2: Set up Java 11 environment
- name: Set up JDK11
uses: actions/setup-java@v3
with:
java-version: '11'
distribution: 'temurin'
cache: 'maven'
# Step 2a: Set up specific Maven version for consistency
- name: Set up Maven 3.8.7
uses: s4u/setup-maven-action@v1.11.0
with:
maven-version: 3.8.7
# Step 2b: Install ImageMagick (required for notification module)
- name: Install ImageMagick
run: |
sudo apt-get update
sudo apt-get install -y imagemagick
# Step 3: Download the Maven repository from the first job
# This contains all the built dependencies needed for jobs-distribution
- name: Restore Maven local repository
uses: actions/download-artifact@v4.3.0
with:
name: maven-repo
path: ~/.m2/repository
# Step 3a: Build all modules sequentially to ensure dependencies are available
# Since parallel artifact sharing is complex, build all modules here
- name: Build all modules for jobs-distribution
run: |
# Build notification module
cd notification
mvn clean install -DskipTests
cd ..
# Build lms-jobs module
cd lms-jobs
mvn clean install -DskipTests
cd ..
# Build user-org-jobs module
cd user-org-jobs
mvn clean install -DskipTests
cd ..
# Build ml-jobs module
cd ml-jobs
mvn clean install -DskipTests
cd ..
# Step 3b: Verify all artifacts are available
- name: Verify Maven artifacts
run: |
echo "Checking Maven repository structure..."
find ~/.m2/repository/org/sunbird -name "*.jar" -o -name "*.pom" | head -20
echo "Total sunbird artifacts: $(find ~/.m2/repository/org/sunbird -name "*.jar" | wc -l)"
# Step 4: Cache Maven packages (same as other jobs)
# This ensures we have the same caching benefits in this job
- name: Cache Maven packages
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
# Step 5: Authenticate with Docker registry
# Supports multiple registry providers: GCP, Azure, Docker Hub, or GitHub Container Registry
- name: Login Docker Registry
run: |
case "${{ vars.REGISTRY_PROVIDER }}" in
"gcp")
# Google Cloud Platform Container Registry
echo "${{ secrets.GCP_SERVICE_ACCOUNT_KEY }}" | base64 --decode > $HOME/gcloud-key.json
gcloud auth activate-service-account --key-file=$HOME/gcloud-key.json
gcloud auth configure-docker ${{ secrets.REGISTRY_NAME }}
REGISTRY_URL=$(echo "${{ secrets.REGISTRY_URL }}" | tr '[:upper:]' '[:lower:]')
;;
"azure" | "dockerhub")
# Azure Container Registry or Docker Hub
echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login "${{ secrets.REGISTRY_NAME }}" \
--username "${{ secrets.REGISTRY_USERNAME }}" --password-stdin
REGISTRY_URL="$(echo "${{ secrets.REGISTRY_URL }}/$(basename "${{ github.workspace }}")" | tr '[:upper:]' '[:lower:]')"
;;
*)
# Default: GitHub Container Registry (ghcr.io)
REPO_NAME_LOWERCASE=$(echo "${GITHUB_REPOSITORY}" | tr '[:upper:]' '[:lower:]')
echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
REGISTRY_URL="ghcr.io/$REPO_NAME_LOWERCASE"
;;
esac
echo "REGISTRY_URL=${REGISTRY_URL}" >> $GITHUB_ENV
# Step 6: Build the jobs-distribution module
# This module creates the final distribution package that gets included in the Docker image
# It depends on all the modules built in the parallel jobs
- name: Build jobs-distribution
working-directory: jobs-distribution
run: |
# Package the distribution (creates jobs-distribution-1.0.tar.gz)
# This contains all the job JARs and dependencies
mvn package -DskipTests
# Step 7: Build Docker image
# Uses the Dockerfile in jobs-distribution directory
# The image contains the Flink runtime and our job distribution
- name: Build Docker Image
working-directory: jobs-distribution
run: |
# Create image tag from git ref and commit SHA
# Format: <tag-name>_<first-7-chars-of-sha>
# Example: v1.0.0_a1b2c3d
IMAGE_TAG=$(echo "${{ github.ref_name }}_$(echo $GITHUB_SHA | cut -c1-7)" | tr '[:upper:]' '[:lower:]')
# Build the Docker image
# The Dockerfile copies jobs-distribution-1.0.tar.gz and extracts it
docker build -t ${REGISTRY_URL}:${IMAGE_TAG} .
# Make the image tag available to subsequent steps
echo "IMAGE_TAG=${IMAGE_TAG}" >> $GITHUB_ENV
# Step 8: Push the Docker image to the registry
- name: Push Docker Image
run: |
# Push the tagged image to the configured registry
docker push ${REGISTRY_URL}:${IMAGE_TAG}
echo "Successfully built and pushed Docker image: ${REGISTRY_URL}:${IMAGE_TAG}"