Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AAE-10135: turn build-and-tag-maven GH reusable workflow into an acti… #105

Merged
merged 2 commits into from
Oct 5, 2022
Merged

AAE-10135: turn build-and-tag-maven GH reusable workflow into an acti… #105

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
5a809d7
AAE-10135: turn build-and-tag-maven GH reusable workflow into an action
atchertchian Jul 29, 2022
a038a42
AAE-10135: fix build output and switch maven parameters to new name
atchertchian Oct 4, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
148 changes: 148 additions & 0 deletions .github/actions/maven-build-and-tag/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,148 @@
name: Build and tag Maven project
description: Build and tag Maven project
inputs:
java-version:
description: The Java version to perform the build
required: false
default: '11'
java-distribution:
description: The Java distribution to perform the build
required: false
default: 'temurin'
property-to-update:
description: Property to update in addition to the version of the pom file
required: false
extra-maven-opts:
description: Extra maven options for the build command line
required: false
maven-username:
description: Nexus user name
required: true
maven-password:
description: Nexus password
required: true
quay-username:
description: Quay.io user name
required: true
quay-password:
description: Quay.io password
required: true
docker-username:
description: Docker.io user name
required: true
docker-password:
description: Docker.io password
required: true
Comment on lines +24 to +35
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe those could be optional since it depends on the packages you are building if they need to push to quay or docker or both

you could also skip docker-login steps depending on those inputs empty or not (otherwise they will fail)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IIRC, we always need to login to Docker Hub, even when we are pushing images to quay.io, that's because some base images and images used by integration tests are hosted in Docker Hub and without login, we run out of quota to pull those images.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah for your specific use case it's fine but I am always thinking if there is more room to make this action reusable in different contexts

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It makes sense to make it as reusable as possible, but I prefer to minimize the amount of work without anticipating too much. The risk is spending time adding logic that will never be used. We can always evolve the implementation to cover new scenarios when they are needed. Does it make sense?

git-username:
description: The username to commit on the git repository
required: true

outputs:
version:
description: "The version of the new tag created by this workflow"
value: ${{ steps.update-pom-to-next-version.outputs.next-prerelease }}

runs:
using: composite
steps:
- uses: actions/checkout@v3

- name: Set up JDK
uses: actions/setup-java@a18c333f3f14249953dab3e186e5e21bf3390f1d
with:
java-version: ${{ inputs.java-version }}
distribution: ${{ inputs.java-distribution }}
cache: 'maven'

- name: Update pom files to the new version
id: update-pom-to-next-version
if: github.event_name == 'push'
uses: Alfresco/alfresco-build-tools/.github/actions/update-pom-to-next-pre-release@v1.16.0
with:
property-to-update: ${{ inputs.property-to-update }}
maven-cli-opts: --show-version --no-transfer-progress --settings settings.xml
env:
MAVEN_USERNAME: ${{ inputs.maven-username }}
MAVEN_PASSWORD: ${{ inputs.maven-password }}

- name: Set version env variable
if: github.event_name == 'push'
env:
VERSION: ${{ steps.update-pom-to-next-version.outputs.next-prerelease }}
shell: bash
run: |
echo "VERSION=$VERSION" >> $GITHUB_ENV

- name: Login to DockerHub Registry
if: github.event_name == 'push'
uses: docker/login-action@v2
with:
registry: docker.io
username: ${{ inputs.docker-username }}
password: ${{ inputs.docker-password }}

- name: Login to Quay.io Docker Registry
uses: docker/login-action@v2
with:
registry: quay.io
username: ${{ inputs.quay-username }}
password: ${{ inputs.quay-password }}

- name: Define Maven Command
id: define_maven_command
shell: bash
run: |
if [ $DO_PUSH == 'true' ]
then
echo "::set-output name=command::deploy"
else
echo "::set-output name=command::verify"
fi
env:
DO_PUSH: ${{ github.event_name == 'push' }}

- name: Build and Test with Maven (and maybe Deploy)
shell: bash
run: mvn ${{ steps.define_maven_command.outputs.command }} ${{ env.MAVEN_CLI_OPTS}} ${{ inputs.extra-maven-opts }}
env:
MAVEN_CLI_OPTS: --show-version --no-transfer-progress --settings settings.xml -Dlogging.root.level=off -Dspring.main.banner-mode=off -Ddocker.skip
MAVEN_USERNAME: ${{ inputs.maven-username }}
MAVEN_PASSWORD: ${{ inputs.maven-password }}

- name: Echo Longest Tests run
shell: bash
run: find . -name TEST-*.xml -exec grep -h testcase {} \; | awk -F '"' '{printf("%s#%s() - %.3fms\n", $4, $2, $6); }' | sort -n -k 3 | tail -20

- name: Define Docker Push
id: define_docker_push
shell: bash
run: |
if [ $DO_PUSH == 'true' ]
then
echo "::set-output name=command::--push"
fi
env:
DO_PUSH: ${{ github.event_name == 'push' }}

- name: Docker Build (and maybe Push)
shell: bash
run: |
TAG="${TAG:-$(echo ${GITHUB_HEAD_REF:-$GITHUB_REF_NAME} | sed -e 's/[^-_.[:alnum:]]/_/g')}"
sh ./build-and-push-docker-images.sh
env:
PUSH_OPTION: ${{ steps.define_docker_push.outputs.command }}
TAG: ${{env.VERSION}}

- uses: Alfresco/alfresco-build-tools/.github/actions/git-commit-changes@v1.16.0
if: github.event_name == 'push'
with:
username: ${{ inputs.git-username }}
add-options: -u
commit-message: "release $VERSION"

- name: Create and push tag
if: github.event_name == 'push'
shell: bash
run: |
git tag -a $VERSION -m "Release version $VERSION"
git push origin $VERSION
100 changes: 13 additions & 87 deletions .github/workflows/build-and-tag-maven.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,98 +15,24 @@ on:
version:
description: "The version of the new tag created by this workflow"
value: ${{ jobs.build.outputs.version }}

jobs:
build:
name: Build
runs-on: ubuntu-latest
outputs:
version: ${{ steps.update-pom-to-next-version.outputs.next-prerelease }}
version: ${{ steps.build.outputs.version }}
steps:
- uses: actions/checkout@v3
- name: Set up JDK 11
uses: actions/setup-java@a18c333f3f14249953dab3e186e5e21bf3390f1d
with:
java-version: '11'
distribution: 'temurin'
cache: 'maven'

- name: Update pom files to the new version
id: update-pom-to-next-version
if: ${{ github.event_name == 'push' }}
uses: Alfresco/alfresco-build-tools/.github/actions/update-pom-to-next-pre-release@v1.16.0
- run: echo "This reusable workflow is deprecated, use Alfresco/alfresco-build-tools/.github/actions/maven-build-and-tag instead."
- uses: Alfresco/alfresco-build-tools/.github/actions/maven-build-and-tag@AAE-10135-change-maven-build-workflow-to-action
id: build
with:
property-to-update: ${{ inputs.property-to-update }}
maven-cli-opts: --show-version --no-transfer-progress --settings settings.xml
env:
MAVEN_USERNAME: ${{ secrets.NEXUS_USERNAME }}
MAVEN_PASSWORD: ${{ secrets.NEXUS_PASSWORD }}

- name: Set version env variable
if: ${{ github.event_name == 'push' }}
env:
VERSION: ${{ steps.update-pom-to-next-version.outputs.next-prerelease }}
run: |
echo "VERSION=$VERSION" >> $GITHUB_ENV

- name: Login to DockerHub Registry
if: ${{ github.event_name == 'push' }}
uses: docker/login-action@v2
with:
registry: docker.io
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}

- name: Login to Quay.io Docker Registry
uses: docker/login-action@v2
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}

- name: Define Maven Command
id: define_maven_command
run: |
if [ $DO_PUSH == 'true' ]
then
echo "::set-output name=command::deploy"
else
echo "::set-output name=command::verify"
fi
env:
DO_PUSH: ${{ github.event_name == 'push' }}
- name: Build and Test with Maven (and maybe Deploy)
run: mvn ${{ steps.define_maven_command.outputs.command }} ${{ env.MAVEN_CLI_OPTS}} ${{ inputs.extra-maven-opts }}
env:
MAVEN_CLI_OPTS: --show-version --no-transfer-progress --settings settings.xml -Dlogging.root.level=off -Dspring.main.banner-mode=off -Ddocker.skip
MAVEN_USERNAME: ${{ secrets.NEXUS_USERNAME }}
MAVEN_PASSWORD: ${{ secrets.NEXUS_PASSWORD }}
- name: Echo Longest Tests run
run: find . -name TEST-*.xml -exec grep -h testcase {} \; | awk -F '"' '{printf("%s#%s() - %.3fms\n", $4, $2, $6); }' | sort -n -k 3 | tail -20
- name: Define Docker Push
id: define_docker_push
run: |
if [ $DO_PUSH == 'true' ]
then
echo "::set-output name=command::--push"
fi
env:
DO_PUSH: ${{ github.event_name == 'push' }}
- name: Docker Build (and maybe Push)
run: |
TAG="${TAG:-$(echo ${GITHUB_HEAD_REF:-$GITHUB_REF_NAME} | sed -e 's/[^-_.[:alnum:]]/_/g')}"
sh ./build-and-push-docker-images.sh
env:
PUSH_OPTION: ${{ steps.define_docker_push.outputs.command }}
TAG: ${{env.VERSION}}
- uses: Alfresco/alfresco-build-tools/.github/actions/git-commit-changes@v1.16.0
if: ${{ github.event_name == 'push' }}
with:
username: ${{ secrets.BOT_GITHUB_USERNAME }}
add-options: -u
commit-message: "release $VERSION"

- name: Create and push tag
if: ${{ github.event_name == 'push' }}
run: |
git tag -a $VERSION -m "Release version $VERSION"
git push origin $VERSION
extra-maven-opts: ${{ inputs.extra-maven-opts }}
nexus-username: ${{ secrets.NEXUS_USERNAME }}
nexus-password: ${{ secrets.NEXUS_PASSWORD }}
quay-username: ${{ secrets.QUAY_USERNAME }}
quay-password: ${{ secrets.QUAY_PASSWORD }}
docker-username: ${{ secrets.DOCKER_USERNAME }}
docker-password: ${{ secrets.DOCKER_PASSWORD }}
git-username: ${{ secrets.BOT_GITHUB_USERNAME }}
40 changes: 25 additions & 15 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ Shared [Travis CI](https://travis-ci.com/), [GitHub Actions](https://docs.github
- [get-commit-message](#get-commit-message)
- [git-commit-changes](#git-commit-changes)
- [git-latest-tag](#git-latest-tag)
- [maven-build-and-tag](#maven-build-and-tag)
- [maven-deploy-file](#maven-deploy-file)
- [maven-update-pom-version](#maven-update-pom-version)
- [maven-release](#maven-release)
Expand All @@ -56,7 +57,6 @@ Shared [Travis CI](https://travis-ci.com/), [GitHub Actions](https://docs.github
- [veracode](#veracode)
- [Reusable workflows provided by us](#reusable-workflows-provided-by-us)
- [helm-publish-new-package-version.yml](#helm-publish-new-package-versionyml)
- [build-and-tag-maven.yml](#build-and-tag-mavenyml)
- [Cookbook](#cookbook)
- [Serialize pull request builds](#serialize-pull-request-builds)
- [Known issues](#known-issues)
Expand Down Expand Up @@ -452,6 +452,30 @@ Gets the latest tag for the given pattern. The result is returned in the output
pattern: 1.0.0-alpha*
```

### maven-build-and-tag

Check out, builds a maven project and docker images, generating a new alpha version for it on push events:

- publish maven artifacts to Nexus
- push docker images to quay.io
- create GitHub tag for the new alpha release

```yaml
outputs:
version: ${{ steps.build-and-tag.outputs.version }}
steps:
- uses: Alfresco/alfresco-build-tools/.github/actions/maven-build-and-tag@ref
id: build-and-tag
with:
maven-username: ${{ secrets.NEXUS_USERNAME }}
maven-password: ${{ secrets.NEXUS_PASSWORD }}
quay-username: ${{ secrets.QUAY_USERNAME }}
quay-password: ${{ secrets.QUAY_PASSWORD }}
docker-username: ${{ secrets.DOCKER_USERNAME }}
docker-password: ${{ secrets.DOCKER_PASSWORD }}
git-username: ${{ secrets.BOT_GITHUB_USERNAME }}
```

### maven-deploy-file

Upload one or more files to a maven server, without requiring the presence of a
Expand Down Expand Up @@ -713,20 +737,6 @@ Calculates the new alpha version, creates new git tag and publishes the new pack
secrets: inherit
```

### build-and-tag-maven.yml

Builds a maven project and generates the new alpha version for it:

- publish maven artifacts to Nexus
- push docker images to quay.io
- create GitHub tag for the new alpha release

```yaml
build:
uses: Alfresco/alfresco-build-tools/.github/workflows/build-and-tag-maven.yml@ref
secrets: inherit
```

## Cookbook

This section contains a list of recipes and common patterns organized by desired
Expand Down