Merge pull request #470 from halkyonio/dependabot/maven/quarkus-vault… #359
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Primaza Push Build | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: [ main ] | |
| paths-ignore: | |
| - 'scripts/**' # Ignores bash scripts | |
| - '*.md' # Ignores .md files at the root of the repository | |
| - '**/*.md' # Ignores .md files within subdirectories | |
| jobs: | |
| build: | |
| strategy: | |
| matrix: | |
| java-version: [ 17 ] | |
| uses: ./.github/workflows/checkout-maven-build.yml | |
| with: | |
| java-version: ${{ matrix.java-version }} | |
| repository: ${{ github.event.pull_request.head.repo.full_name }} | |
| verify-in-kubernetes: | |
| name: Verify in Kubernetes | |
| runs-on: ubuntu-latest | |
| needs: build | |
| strategy: | |
| matrix: | |
| java-version: [ 17 ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: 'temurin' | |
| java-version: ${{ matrix.java-version }} | |
| cache: 'maven' | |
| #- name: Kubernetes KinD Cluster | |
| # uses: container-tools/kind-action@v2 | |
| # with: | |
| # version: v0.11.1 | |
| # registry: true | |
| - name: Setup Kubernetes using kind and deploy a local container registry | |
| run: | | |
| curl -s -L "https://raw.githubusercontent.com/snowdrop/k8s-infra/main/kind/kind.sh" | bash -s install | |
| - name: Generate Helm chart, build/push the docker image and install Primaza | |
| run: .github/install_primaza.sh ${{ github.repository }} $(git rev-parse --short HEAD) | |
| - name: Register Kind cluster in Primaza | |
| run: .github/register_local_kind_cluster_in_primaza.sh kube-system,sb | |
| - name: Create Postgresql Service in Primaza | |
| run: | | |
| # First, we install Postgresql via Helm. | |
| helm repo add bitnami https://charts.bitnami.com/bitnami | |
| helm install postgresql bitnami/postgresql --version 11.9.1 --set auth.username=superman --set auth.password=superman | |
| ## the service endpoint should be: "tcp:5432" | |
| # Next, we register the Postgresql service in Primaza | |
| .github/register_service_in_primaza.sh postgresql 11 tcp:5432 postgresql | |
| - name: (Only if it failed) Log Primaza traces at failures | |
| if: failure() | |
| run: .github/print_primaza_logs.sh | |
| verify-e2e-example-in-kubernetes: | |
| name: Verify Super Hero workshop in Kubernetes | |
| runs-on: ubuntu-latest | |
| needs: [ build, verify-in-kubernetes ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: 'temurin' | |
| java-version: 17 | |
| cache: 'maven' | |
| - name: Kubernetes KinD Cluster | |
| uses: container-tools/kind-action@v2 | |
| with: | |
| version: v0.11.1 | |
| registry: true | |
| - name: Start Primaza | |
| run: .github/install_primaza.sh ${{ github.repository }} ${{ github.event.pull_request.head.sha }} | |
| - name: Install the Quarkus Super Hero application | |
| run: | | |
| KUBERNETES_NAMESPACE=app | |
| kubectl create namespace $KUBERNETES_NAMESPACE | |
| git clone https://github.com/quarkusio/quarkus-super-heroes | |
| cd quarkus-super-heroes/rest-heroes | |
| # install service binding extension | |
| mvn quarkus:add-extension -Dextensions="quarkus-kubernetes-service-binding" | |
| # remove the third party installations via templates (we'll install these services using Primaza :) ) | |
| rm -rf src/main/kubernetes | |
| # remove the default application.yml as we'll provide a different one with our Helm properties | |
| rm -rf src/main/resources/application.yml | |
| # copy the import.sql file from | |
| cp deploy/db-init/initialize-tables.sql src/main/resources/ | |
| cat > src/main/resources/application.properties << "EOF" | |
| quarkus.application.name=rest-heroes | |
| quarkus.http.port=8080 | |
| quarkus.hibernate-orm.sql-load-script=initialize-tables.sql | |
| quarkus.hibernate-orm.database.generation=drop-and-create | |
| quarkus.container-image.build=true | |
| quarkus.container-image.builder=docker | |
| quarkus.container-image.group=superhero | |
| quarkus.container-image.tag=1.0 | |
| quarkus.kubernetes.deployment-target=kubernetes | |
| EOF | |
| # install application | |
| mvn clean package -DskipTests \ | |
| -Dquarkus.container-image.push=true \ | |
| -Dquarkus.container-image.registry=$KIND_REGISTRY \ | |
| -Dquarkus.kubernetes.namespace=$KUBERNETES_NAMESPACE \ | |
| -Dquarkus.kubernetes.deploy=true | |
| - name: Register Kind cluster in Primaza | |
| run: .github/register_local_kind_cluster_in_primaza.sh kube-system,sb | |
| - name: Wait until rest-heroes is registered in Primaza | |
| run: | | |
| PRIMAZA_KUBERNETES_NAMESPACE=sb | |
| POD_NAME=$(kubectl get pod -l app.kubernetes.io/name=primaza-app -n $PRIMAZA_KUBERNETES_NAMESPACE -o name) | |
| APPLICATION=$(kubectl exec -i $POD_NAME --container primaza-app -n $PRIMAZA_KUBERNETES_NAMESPACE -- sh -c "curl -H 'Accept: application/json' -s localhost:8080/applications/name/rest-heroes") | |
| if [ $(echo "$APPLICATION" | jq -r '.name') != "rest-heroes" ] | |
| then | |
| echo "Primaza didn't discovery the rest-heroes application: $APPLICATION" | |
| exit 1 | |
| fi | |
| - name: Create Postgresql Service in Primaza | |
| run: | | |
| KUBERNETES_NAMESPACE=app | |
| USERNAME=superman | |
| PASSWORD=superman | |
| TYPE=postgresql | |
| DATABASE_NAME=database | |
| CREDENTIAL_TYPE=basic | |
| # First, we install Postgresql via Helm. | |
| helm repo add bitnami https://charts.bitnami.com/bitnami | |
| helm install postgresql bitnami/postgresql --namespace $KUBERNETES_NAMESPACE --version 11.9.1 --set auth.username=$USERNAME --set auth.password=$PASSWORD --set auth.database=$DATABASE_NAME | |
| ## the service endpoint should be: "tcp:5432" | |
| # Next, we register the Postgresql service in Primaza | |
| .github/register_service_in_primaza.sh postgresql 11 tcp:5432 $TYPE | |
| # And finally the credentials | |
| .github/register_service_credential_in_primaza.sh postgresql-credentials postgresql $USERNAME $PASSWORD $DATABASE_NAME $CREDENTIAL_TYPE | |
| - name: Register claim | |
| run: .github/register_claim_in_primaza.sh heroClaimDb postgresql-11 | |
| - name: Bind application to claim | |
| run: .github/bind_application_to_claim_in_primaza.sh rest-heroes heroClaimDb | |
| - id: wait-for-super-hero | |
| name: rest-heroes should now be up and running | |
| run: | | |
| KUBERNETES_NAMESPACE=app | |
| # Ready means that the application is now binded with the service, so we're ok! | |
| kubectl wait --timeout=160s --for=condition=available deployment rest-heroes -n $KUBERNETES_NAMESPACE | |
| - name: (Only if it failed) Log Primaza traces at failures | |
| if: failure() | |
| run: .github/print_PRIMAZA_logs.sh | |
| - name: (Only if it failed) Log Rest Heroes traces at failures | |
| if: failure() | |
| run: | | |
| KUBERNETES_NAMESPACE=app | |
| echo "Deployment resource:" | |
| kubectl get deployment rest-heroes -o yaml -n $KUBERNETES_NAMESPACE | |
| echo "Logs of the deployment:" | |
| kubectl logs deploy/rest-heroes --all-containers=true -n $KUBERNETES_NAMESPACE | |
| echo "Print secret: " | |
| kubectl get secret rest-heroes-secret -o yaml -n $KUBERNETES_NAMESPACE | |
| POD_NAME=$(kubectl get pod -l app.kubernetes.io/name=rest-heroes -n $KUBERNETES_NAMESPACE -o name) | |
| echo "Describe pod:" | |
| kubectl describe $POD_NAME -n $KUBERNETES_NAMESPACE | |
| echo "Logs of running pod:" | |
| kubectl logs $POD_NAME -n $KUBERNETES_NAMESPACE | |
| echo "Logs of terminated pod:" | |
| kubectl logs -p $POD_NAME -n $KUBERNETES_NAMESPACE | |
| push: | |
| name: Push Images to Quay.io and update Helm Charts | |
| runs-on: ubuntu-latest | |
| needs: [ build, verify-in-kubernetes, verify-e2e-example-in-kubernetes ] | |
| strategy: | |
| matrix: | |
| java: [ 17 ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| name: checkout | |
| - uses: actions/setup-java@v4 | |
| with: | |
| java-version: ${{ matrix.java }} | |
| distribution: 'adopt' | |
| cache: 'maven' | |
| - name: Quay.io Login | |
| run: docker login quay.io -u="${{secrets.QUAY_USER}}" -p="${{secrets.QUAY_TOKEN}}" | |
| - name: Build the image and push it | |
| run: | | |
| mvn clean install \ | |
| -DskipTests \ | |
| -Dquarkus.container-image.build=true \ | |
| -Dquarkus.container-image.push=true \ | |
| -Dquarkus.container-image.registry=quay.io \ | |
| -Dquarkus.container-image.group=halkyonio \ | |
| -Dquarkus.container-image.tag=$(git rev-parse --short HEAD) \ | |
| -Dgithub.repo=${{ github.repository }} \ | |
| -Dgit.sha.commit=$(git rev-parse --short HEAD) | |
| - name: Repository Dispatch | |
| uses: peter-evans/repository-dispatch@v3 | |
| with: | |
| token: ${{ secrets.REPO_TOKEN }} | |
| repository: halkyonio/helm-charts | |
| event-type: update_charts |