@@ -2,80 +2,108 @@ name: "Infra: Image Testing: Deploy"
22
33on :
44 workflow_dispatch :
5+ inputs :
6+ tag :
7+ description : ' Custom tag to use when manually publishing an image'
8+ required : false
59 pull_request :
610 types : ['labeled']
711
812permissions :
9- id-token : write
1013 contents : read
1114 pull-requests : write
15+ packages : write
1216
1317jobs :
14- build :
15- if : ${{ github.event.label.name == 'status/image_testing' }}
18+ metadata :
19+ if : ${{ github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && github. event.label.name == 'status/image_testing') }}
1620 runs-on : ubuntu-latest
21+ outputs :
22+ tag : ${{ steps.collect.outputs.tag }}
23+ sha : ${{ steps.collect.outputs.sha }}
24+ steps :
25+ - id : collect
26+ run : |
27+ if [ "${{ github.event_name }}" = "pull_request" ]; then
28+ echo "tag=pr${{ github.event.pull_request.number }}" >> $GITHUB_OUTPUT
29+ echo "sha=${{ github.event.pull_request.head.sha }}" >> $GITHUB_OUTPUT
30+ else
31+ manual_tag="${{ github.event.inputs.tag }}"
32+ if [ -z "$manual_tag" ]; then
33+ manual_tag="manual-${GITHUB_RUN_ID}"
34+ fi
35+ echo "tag=$manual_tag" >> $GITHUB_OUTPUT
36+ echo "sha=${{ github.sha }}" >> $GITHUB_OUTPUT
37+ fi
38+
39+ jar-build :
40+ needs : metadata
41+ permissions :
42+ contents : read
43+ runs-on : ubuntu-latest
44+ outputs :
45+ version : ${{ steps.build.outputs.version }}
1746 steps :
18- - uses : actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # infered from @v4
47+ - name : Checkout
48+ uses : actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # infered from @v4
1949 with :
20- ref : ${{ github.event.pull_request.head .sha }}
50+ ref : ${{ needs.metadata.outputs .sha }}
2151 token : ${{ github.token }}
22- - name : get branch name
23- id : extract_branch
24- run : |
25- tag='${{ github.event.pull_request.number }}'
26- echo "tag=${tag}" >> $GITHUB_OUTPUT
52+
2753 - name : Set up JDK
2854 uses : actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4
2955 with :
3056 java-version : ' 21'
3157 distribution : ' zulu'
3258 cache : ' gradle'
33- - name : Build
59+
60+ - name : Build jar
3461 id : build
3562 run : |
36- ./mvnw -B -ntp versions:set -DnewVersion=$GITHUB_SHA
37- ./mvnw -B -V -ntp clean package -Pprod -DskipTests
38- export VERSION=$(./mvnw -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec)
39- echo "version=${VERSION}" >> $GITHUB_OUTPUT
40- name : Set up QEMU
41- uses : docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # infered from @v3
42- - name : Set up Docker Buildx
43- id : buildx
44- uses : docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # infered from @v3
45- - name : Cache Docker layers
46- uses : actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # infered from @v4
47- with :
48- path : /tmp/.buildx-cache
49- key : ${{ runner.os }}-buildx-${{ github.sha }}
50- restore-keys : |
51- ${{ runner.os }}-buildx-
52- name : Configure AWS Credentials
53- uses : aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # infered from @v4
54- with :
55- aws-region : us-east-1
56- role-to-assume : ${{ secrets.AWS_ROLE }}
57- - name : Login to Amazon ECR
58- id : login-ecr
59- uses : aws-actions/amazon-ecr-login@9238dd443b7a5941caf19ffbe68be34d4dbd61df # infered from @v4
60- with :
61- registry-type : ' public'
62- - name : Build and push
63- id : docker_build_and_push
64- uses : docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # infered from @v6
63+ version=${{ needs.metadata.outputs.tag }}
64+ echo "version=$version" >> $GITHUB_OUTPUT
65+ ./gradlew clean build \
66+ -x test \
67+ -Pinclude-frontend=true \
68+ -Pversion=$version
69+
70+ name : Upload jar
71+ uses : actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # infered from @v4
6572 with :
66- builder : ${{ steps.buildx.outputs.name }}
67- context : api
68- push : true
69- tags : ${{ vars.ECR_REGISTRY }}/${{ github.repository }}:${{ steps.extract_branch.outputs.tag }}
70- build-args : |
71- JAR_FILE=build/libs/api-${{ steps.build.outputs.version }}.jar
72- cache-from : type=local,src=/tmp/.buildx-cache
73- cache-to : type=local,dest=/tmp/.buildx-cache
74- - name : make comment with private deployment link
73+ name : kafbat-ui-${{ steps.build.outputs.version }}
74+ path : api/build/libs/api-${{ steps.build.outputs.version }}.jar
75+ retention-days : 1
76+
77+ docker-build :
78+ needs : [ metadata, jar-build ]
79+ permissions :
80+ contents : read
81+ uses : ./.github/workflows/docker_build.yml
82+ secrets : inherit
83+ with :
84+ sha : ${{ needs.metadata.outputs.sha }}
85+ version : ${{ needs.jar-build.outputs.version }}
86+
87+ docker-deploy :
88+ needs : [ metadata, jar-build, docker-build ]
89+ permissions :
90+ packages : write
91+ uses : ./.github/workflows/docker_publish.yml
92+ secrets : inherit
93+ with :
94+ version : ${{ needs.jar-build.outputs.version }}
95+ generic_tag : ${{ needs.metadata.outputs.tag }}
96+ registries : ' ["ghcr.io"]'
97+ repository : ${{ format('{0}/kafbat-ui-features', github.repository_owner) }}
98+
99+ notify :
100+ needs : [ metadata, docker-deploy ]
101+ if : ${{ github.event_name == 'pull_request' }}
102+ runs-on : ubuntu-latest
103+ steps :
104+ - name : make comment with image link
75105 uses : peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # infered from @v4
76106 with :
77107 issue-number : ${{ github.event.pull_request.number }}
78108 body : |
79- Image published at ${{ vars.ECR_REGISTRY }}/${{ github.repository }}:${{ steps.extract_branch.outputs.tag }}
80- outputs :
81- tag : ${{ steps.extract_branch.outputs.tag }}
109+ Image published at ghcr.io/${{ format('{0}/kafbat-ui-features', github.repository_owner) }}:${{ needs.metadata.outputs.tag }}
0 commit comments