-
Notifications
You must be signed in to change notification settings - Fork 7
136 lines (110 loc) · 3.63 KB
/
ci-cd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
# CI/CD workflow.
#
# You may wish to change the name of the IMAGE_NAME environment variable. This
# variable is used to name the docker image.
#
# Author: Mathias Reker (https://github.com/MathiasReker).
name: CI/CD
on:
push:
# The branches below must match the branches that you would like to trigger on push requests
branches:
- develop
tags:
- 'v*.*.*'
pull_request:
branches:
- '*'
env:
IMAGE_NAME: ci-cd
DEV_BRANCH: develop
jobs:
CI:
runs-on: ubuntu-latest
services:
mysql:
image: mysql:latest
env:
MYSQL_ALLOW_EMPTY_PASSWORD: yes
MYSQL_DATABASE: unittest
ports:
- 3306:3306
options: --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=5
steps:
- uses: actions/checkout@v4
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: 17
distribution: 'temurin'
cache: 'maven'
- name: Configure the application.properties file
run: |
cat >./src/main/resources/application.properties <<EOF
spring.datasource.url=jdbc:mysql://localhost:3306/unittest
spring.datasource.username=root
spring.datasource.password=
spring.jpa.properties.hibernate.jdbc.time_zone=UTC
spring.jpa.hibernate.ddl-auto=create
spring.jpa.open-in-view=false
spring.data.jpa.repositories.bootstrap_mode=default
EOF
- name: Build & Test
run: |
mvn -B verify --file pom.xml
CD:
if: ${{ github.event_name != 'pull_request' }}
runs-on: ubuntu-latest
needs: CI
permissions:
packages: write
contents: read
steps:
- uses: actions/checkout@v4
- name: Build jar file
run: |
mvn clean install -DskipTests
- name: Build image
run: |
docker build . --file Dockerfile --tag "${IMAGE_NAME}" --label "runnumber=${GITHUB_RUN_ID}"
- name: Log in to registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Push image
shell: bash
run: |
# Change all uppercase to lowercase
declare -l TARGET_IMAGE="ghcr.io/${{ github.repository_owner }}/${IMAGE_NAME}"
TAG="${{ github.ref_name }}"
if [ "${{ github.ref_type }}" == tag ]; then
# Strip "v" prefix from git tag name
TAG="${TAG#v}"
elif [ "${TAG}" == "${DEV_BRANCH}" ]; then
# Use Docker `dev` tag instead of git branch name
TAG="dev"
fi
# Display computed values
echo "TARGET_IMAGE:TAG = ${TARGET_IMAGE}:${TAG}"
docker tag "${IMAGE_NAME}" "${TARGET_IMAGE}:${TAG}"
docker push "${TARGET_IMAGE}:${TAG}"
- name: Configure SSH
run: |
mkdir --parents --mode=0700 ~/.ssh
echo "${{ secrets.SSH_PRIVATE_KEY }}" >~/.ssh/github-action.pem
chmod 0600 ~/.ssh/github-action.pem
cat >>~/.ssh/config <<EOF
Host server
HostName ${{ secrets.SSH_HOST }}
User ${{ secrets.SSH_USER }}
IdentityFile ~/.ssh/github-action.pem
StrictHostKeyChecking no
EOF
- name: Push docker compose to remote host
run: |
rsync -e ssh ./docker-compose.yml server:~/
- name: Build the stack
run: |
ssh server 'sudo docker-compose pull; sudo docker-compose up -d --remove-orphans; sudo docker image prune -f'