2.b Build & Push Image Only #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 2.b Build & Push Image Only | |
on: | |
workflow_dispatch: | |
env: | |
REGISTRY: ghcr.io | |
IMAGE_NAME: ldes-server | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
outputs: | |
version: ${{ steps.determine-version.outputs.version }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up JDK 18 | |
uses: actions/setup-java@v4 | |
with: | |
distribution: zulu | |
java-version: 21 | |
- name: Cache SonarCloud packages | |
uses: actions/cache@v4 | |
with: | |
path: ~/.sonar/cache | |
key: ${{ runner.os }}-sonar | |
restore-keys: ${{ runner.os }}-sonar | |
- name: Cache Maven packages | |
uses: actions/cache@v4 | |
with: | |
path: ~/.m2 | |
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.os }}-m2 | |
# Maven | |
- name: Set up Maven Central Repository | |
uses: actions/setup-java@v4 | |
with: | |
java-version: '21' | |
distribution: 'zulu' | |
server-id: ossrh | |
server-username: MAVEN_USERNAME | |
server-password: MAVEN_PASSWORD | |
gpg-private-key: ${{ secrets.OSSRH_GPG_SECRET_KEY }} | |
gpg-passphrase: MAVEN_GPG_PASSPHRASE | |
- name: Determine version | |
id: determine-version | |
run: | | |
export VERSION=$(mvn help:evaluate -Dexpression="project.version" -q -DforceStdout) | |
echo "version=$VERSION" >> $GITHUB_OUTPUT | |
- name: Analyse & publish package | |
run: | | |
mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=Informatievlaanderen_VSDS-LDESServer4J -Pcoverage | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }} | |
MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }} | |
MAVEN_GPG_PASSPHRASE: ${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }} | |
- name: Upload JARs | |
uses: actions/upload-artifact@v4 | |
with: | |
name: artifacts | |
path: | | |
**/*with-dependencies.jar | |
**/*application.jar | |
create-image: | |
runs-on: ubuntu-latest | |
needs: build | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Download JARs | |
uses: actions/download-artifact@v4 | |
with: | |
name: artifacts | |
path: .github | |
- name: Define docker variables | |
run: | | |
if [[ "${{ github.ref }}" == "refs/heads/main" ]]; then | |
echo "IMAGE_TAG=${{ needs.build.outputs.version }}" >> $GITHUB_ENV | |
echo "IMAGES=ldes/${{ env.IMAGE_NAME }}" >> $GITHUB_ENV | |
if [[ "${{ needs.build.outputs.version }}" != *"SNAPSHOT"* ]]; then | |
echo "LATEST=latest" >> $GITHUB_ENV | |
fi | |
else | |
echo "IMAGE_TAG=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_ENV | |
echo "IMAGES=${{ env.REGISTRY }}/Informatievlaanderen/${{ env.IMAGE_NAME }}" >> $GITHUB_ENV | |
echo "LATEST=latest" >> $GITHUB_ENV | |
fi | |
- name: Log in to the DockerHub Container registry | |
if: github.ref_name == 'main' | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKER_USER }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: Log in to the GitHub Container registry | |
if: github.ref_name != 'main' | |
uses: docker/login-action@v3 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: Informatievlaanderen | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Extract metadata (tags, labels) for Docker | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: ${{ env.IMAGES }} | |
tags: | | |
type=raw,value=${{env.IMAGE_TAG}} | |
type=raw,value=${{env.LATEST}} | |
- name: Build and push Docker image | |
uses: docker/build-push-action@v6 | |
with: | |
context: .github | |
push: true | |
tags: ${{ steps.meta.outputs.tags }} | |
platforms: linux/amd64,linux/arm64 |