diff --git a/.github/workflows/aam-backend-service-analyse.yml b/.github/workflows/aam-backend-service-analyse.yml deleted file mode 100644 index 2dbca6b..0000000 --- a/.github/workflows/aam-backend-service-analyse.yml +++ /dev/null @@ -1,62 +0,0 @@ -name: aam-backend-service-analyse - -on: - push: - branches: - - main - paths: - - '.github/workflows/aam-backend-service-analyse.yml' - - 'application/aam-backend-service/**' - pull_request: - types: [ opened, synchronize, reopened, ready_for_review ] - -jobs: - test_coverage: - name: Run tests and coverage calculation - runs-on: ubuntu-latest - permissions: - packages: read - defaults: - run: - working-directory: application/aam-backend-service - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Set up Java - uses: actions/setup-java@v4 - with: - distribution: 'corretto' - java-version: 17 - cache: 'gradle' - - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GHCR_PULL_SECRET }} - - - name: Run Tests and generate Jacoco Test Report - env: - JACOCO_SOURCE_PATH: application/aam-backend-service/src/main/kotlin - run: | - ./gradlew jacocoTestReport --no-daemon - - - name: Publish code coverage to code climate - uses: paambaati/codeclimate-action@v5.0.0 - env: - CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }} - JACOCO_SOURCE_PATH: application/aam-backend-service/src/main/kotlin - with: - coverageLocations: application/aam-backend-service/build/reports/jacoco/test/jacocoTestReport.xml:jacoco - - - name: Add code coverage to PR - uses: madrapps/jacoco-report@v1.6.1 - with: - paths: application/aam-backend-service/build/reports/jacoco/test/jacocoTestReport.xml - token: ${{ secrets.GITHUB_TOKEN }} - min-coverage-overall: 80 - min-coverage-changed-files: 80 - title: Code Coverage Analyse - update-comment: true diff --git a/.github/workflows/aam-backend-service-build-and-publish-pr.yml b/.github/workflows/aam-backend-service-build-and-publish-pr.yml deleted file mode 100644 index bba98c9..0000000 --- a/.github/workflows/aam-backend-service-build-and-publish-pr.yml +++ /dev/null @@ -1,51 +0,0 @@ -name: aam-backend-service-build-and-publish-pr - -on: - pull_request: - paths: - - '.github/workflows/aam-backend-service-build-and-publish-pr.yml' - - 'application/aam-backend-service/**' - workflow_dispatch: - -jobs: - push_pr_build_to_registry: - name: Build aam-backend-service and publish to container registry - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Set up JDK 17 - uses: actions/setup-java@v4 - with: - distribution: 'corretto' - java-version: 17 - cache: 'gradle' - - - name: Build application - working-directory: application/aam-backend-service - run: ./gradlew installDist - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Build and push - uses: docker/build-push-action@v5 - with: - platforms: linux/amd64,linux/arm64 - context: ./application/aam-backend-service - push: true - tags: ghcr.io/aam-digital/aam-backend-service:pr-${{ github.event.number }} diff --git a/.github/workflows/aam-backend-service-build-and-publish.yml b/.github/workflows/aam-backend-service-build-and-publish.yml index e45b1ec..101d944 100644 --- a/.github/workflows/aam-backend-service-build-and-publish.yml +++ b/.github/workflows/aam-backend-service-build-and-publish.yml @@ -1,30 +1,128 @@ name: aam-backend-service-build-and-publish on: - release: - types: [ released ] + pull_request: + paths: + - '.github/workflows/aam-backend-service-build-and-publish.yml' + - 'application/aam-backend-service/**' + push: + tags: + - "*" + branches: + - main + paths: + - '.github/workflows/aam-backend-service-build-and-publish.yml' + - 'application/aam-backend-service/**' +env: + REGISTRY_IMAGE: ghcr.io/aam-digital/aam-backend-service jobs: - build_and_publish: - name: Build aam-backend-service and publish to container registry - runs-on: ubuntu-latest + test: + strategy: + fail-fast: false + matrix: + platform: + - linux/amd64 + # - linux/arm64 # disabled until carbone/carbone-ee is available as arm64 docker image + os: + - ubuntu-latest + - [ self-hosted, Linux, ARM64 ] + exclude: + - platform: linux/arm64 + os: ubuntu-latest + - platform: linux/amd64 + os: [ self-hosted, Linux, ARM64 ] + runs-on: ${{ matrix.os }} permissions: - contents: read - packages: write + packages: read + pull-requests: write + defaults: + run: + working-directory: application/aam-backend-service steps: - - name: Checkout repository + - name: Checkout repository files uses: actions/checkout@v4 - - name: Set up JDK 17 + - name: Set up Java uses: actions/setup-java@v4 with: distribution: 'corretto' - java-version: 17 + java-version: 21 cache: 'gradle' - - name: Build application - working-directory: application/aam-backend-service - run: ./gradlew installDist + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GHCR_PULL_SECRET }} + + - name: Run Tests and generate Jacoco Test Report + env: + JACOCO_SOURCE_PATH: application/aam-backend-service/src/main/kotlin + run: | + ./gradlew jacocoTestReport --no-daemon + + - name: Publish code coverage to code climate + uses: paambaati/codeclimate-action@v9.0.0 + env: + CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }} + JACOCO_SOURCE_PATH: application/aam-backend-service/src/main/kotlin + with: + coverageLocations: application/aam-backend-service/build/reports/jacoco/test/jacocoTestReport.xml:jacoco + + - name: Add code coverage to PR + uses: madrapps/jacoco-report@v1.7.1 + if: ${{ github.event.ref == '' }} + with: + paths: application/aam-backend-service/build/reports/jacoco/test/jacocoTestReport.xml + token: ${{ secrets.GITHUB_TOKEN }} + min-coverage-overall: 80 + min-coverage-changed-files: 80 + title: Code Coverage Analyse + update-comment: true + + build: + strategy: + fail-fast: false + matrix: + platform: + - linux/amd64 + - linux/arm64 + os: + - ubuntu-latest + - [ self-hosted, Linux, ARM64 ] + exclude: + - platform: linux/arm64 + os: ubuntu-latest + - platform: linux/amd64 + os: [ self-hosted, Linux, ARM64 ] + runs-on: ${{ matrix.os }} + permissions: + contents: read + packages: write + steps: + - name: Checkout repository files + uses: actions/checkout@v4 + + - name: Extract tag (release) + if: ${{ github.event.ref != '' }} + run: echo "TAG=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV + + - name: Extract tag (pull request) + if: ${{ github.event.ref == '' }} + run: echo "TAG=pr-${{ github.event.number }}" >> $GITHUB_ENV + + - name: Prepare Platform + run: | + platform=${{ matrix.platform }} + echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV + + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY_IMAGE }} - name: Set up QEMU uses: docker/setup-qemu-action@v3 @@ -39,15 +137,136 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Parse version tag + - name: Create export directories run: | - TAG_VERSION=$(echo ${{ github.event.release.tag_name }} | cut -d'/' -f2) - echo "TAG_VERSION=$TAG_VERSION" >> $GITHUB_ENV + mkdir -p ./tmp/build/${{ env.PLATFORM_PAIR }} + mkdir -p ./tmp/digests - - name: Build and push - uses: docker/build-push-action@v5 + - name: Build Image and push by digest + id: build + uses: docker/build-push-action@v6 with: - platforms: linux/amd64,linux/arm64 + platforms: ${{ matrix.platform }} context: ./application/aam-backend-service - push: true - tags: ghcr.io/aam-digital/aam-backend-service:${{ env.TAG_VERSION }},ghcr.io/aam-digital/aam-backend-service:latest + target: build + labels: ${{ steps.meta.outputs.labels }} + outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true + cache-from: type=gha + cache-to: type=gha,mode=min + env: + SOURCE_DATE_EPOCH: 0 + + - name: Export digest + run: | + digest="${{ steps.build.outputs.digest }}" + touch "./tmp/digests/${digest#sha256:}" + + - name: Upload digest + uses: actions/upload-artifact@v4 + with: + name: digests-${{ env.PLATFORM_PAIR }} + path: ./tmp/digests/* + if-no-files-found: error + retention-days: 1 + + merge: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + needs: + - build + steps: + - name: Download digests + uses: actions/download-artifact@v4 + with: + path: ./tmp/digests + pattern: digests-* + merge-multiple: true + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY_IMAGE }} + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Create manifest list and push + working-directory: ./tmp/digests + run: | + docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ + $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) + + publish: + name: Publish aam-backend-service Release + runs-on: ubuntu-latest + if: ${{ github.event.ref != '' }} # release + needs: + - test + permissions: + contents: write # to be able to publish a GitHub release + issues: write # to be able to comment on released issues + pull-requests: write # to be able to comment on released pull requests + defaults: + run: + working-directory: application/aam-backend-service + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + fetch-tags: true + + - name: Install Rust toolchain + run: rustup update --no-self-update + + - name: Install conventional_commits_next_version + run: cargo install conventional_commits_next_version --version ^6 + + - name: Set current tag and version + run: | + CURRENT_TAG=$(git describe --abbrev=0 --tags --match 'aam-backend-service/v*') + CURRENT_VERSION=$(echo $CURRENT_TAG | cut -d'/' -f2) + echo "CURRENT_TAG=$CURRENT_TAG" >> $GITHUB_ENV + echo "CURRENT_VERSION=$CURRENT_VERSION" >> $GITHUB_ENV + + - name: Set from commit hash + run: | + FROM_COMMIT_HASH=$(git rev-list -n 1 ${{ env.CURRENT_TAG }}) + echo "FROM_COMMIT_HASH=$FROM_COMMIT_HASH" >> $GITHUB_ENV + + - name: Calculate next version + run: | + NEXT_VERSION=v$(conventional_commits_next_version \ + --calculation-mode "Batch" \ + --from-commit-hash ${{ env.FROM_COMMIT_HASH }} \ + --from-version ${{ env.CURRENT_VERSION }} \ + --monorepo application/aam-backend-service) + echo "NEXT_VERSION=$NEXT_VERSION" >> $GITHUB_ENV + + - name: Create Release + if: env.CURRENT_VERSION != env.NEXT_VERSION + env: + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + run: | + TAG_NAME=aam-backend-service/${{ env.NEXT_VERSION }} + gh api \ + --method POST \ + -H "Accept: application/vnd.github+json" \ + -H "X-GitHub-Api-Version: 2022-11-28" \ + /repos/Aam-Digital/aam-services/releases \ + -f "tag_name=$TAG_NAME" \ + -f "target_commitish=main" \ + -f "name=$TAG_NAME" \ + -F "draft=false" \ + -F "prerelease=false" \ + -F "generate_release_notes=true" diff --git a/.github/workflows/aam-backend-service-release.yml b/.github/workflows/aam-backend-service-release.yml deleted file mode 100644 index 39f64b6..0000000 --- a/.github/workflows/aam-backend-service-release.yml +++ /dev/null @@ -1,113 +0,0 @@ -name: aam-backend-service-release - -on: - push: - branches: - - main - paths: - - '.github/workflows/aam-backend-service-release.yml' - - '.github/workflows/aam-backend-build-and-publish.yml' - - 'application/aam-backend-service/**' - -jobs: - verify: - name: Verify aam-backend-service - runs-on: ubuntu-latest - defaults: - run: - working-directory: application/aam-backend-service - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Set up Java - uses: actions/setup-java@v4 - with: - distribution: 'corretto' - java-version: 17 - cache: 'gradle' - - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GHCR_PULL_SECRET }} - - - name: Run Tests and generate Jacoco Test Report - env: - JACOCO_SOURCE_PATH: application/aam-backend-service/src/main/kotlin - run: | - ./gradlew jacocoTestReport --no-daemon - - - name: Publish code coverage to code climate - uses: paambaati/codeclimate-action@v5.0.0 - env: - CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }} - JACOCO_SOURCE_PATH: application/aam-backend-service/src/main/kotlin - with: - coverageLocations: application/aam-backend-service/build/reports/jacoco/test/jacocoTestReport.xml:jacoco - - publish: - name: Publish aam-backend-service Release - runs-on: ubuntu-latest - needs: - - verify - permissions: - contents: write # to be able to publish a GitHub release - issues: write # to be able to comment on released issues - pull-requests: write # to be able to comment on released pull requests - defaults: - run: - working-directory: application/aam-backend-service - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - fetch-tags: true - - - name: Install Rust toolchain - run: rustup update --no-self-update - - - name: Install conventional_commits_next_version - run: cargo install conventional_commits_next_version --version ^6 - - - name: Set current tag and version - run: | - CURRENT_TAG=$(git describe --abbrev=0 --tags --match 'aam-backend-service/v*') - CURRENT_VERSION=$(echo $CURRENT_TAG | cut -d'/' -f2) - echo "CURRENT_TAG=$CURRENT_TAG" >> $GITHUB_ENV - echo "CURRENT_VERSION=$CURRENT_VERSION" >> $GITHUB_ENV - - - name: Set from commit hash - run: | - FROM_COMMIT_HASH=$(git rev-list -n 1 ${{ env.CURRENT_TAG }}) - echo "FROM_COMMIT_HASH=$FROM_COMMIT_HASH" >> $GITHUB_ENV - - - name: Calculate next version - run: | - NEXT_VERSION=v$(conventional_commits_next_version \ - --calculation-mode "Batch" \ - --from-commit-hash ${{ env.FROM_COMMIT_HASH }} \ - --from-version ${{ env.CURRENT_VERSION }} \ - --monorepo application/aam-backend-service) - echo "NEXT_VERSION=$NEXT_VERSION" >> $GITHUB_ENV - - - name: Create Release - if: env.CURRENT_VERSION != env.NEXT_VERSION - env: - GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - run: | - TAG_NAME=aam-backend-service/${{ env.NEXT_VERSION }} - gh api \ - --method POST \ - -H "Accept: application/vnd.github+json" \ - -H "X-GitHub-Api-Version: 2022-11-28" \ - /repos/Aam-Digital/aam-services/releases \ - -f "tag_name=$TAG_NAME" \ - -f "target_commitish=main" \ - -f "name=$TAG_NAME" \ - -F "draft=false" \ - -F "prerelease=false" \ - -F "generate_release_notes=true"