Devops/tweak openid for different access url #930
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Build CWMS Data API | |
on: | |
push: | |
branches: | |
- develop | |
- 'release/**' | |
pull_request: | |
branches: | |
- develop | |
jobs: | |
build: | |
name: build and test | |
runs-on: ubuntu-latest | |
outputs: | |
thewar: ${{steps.thebuild.outputs.WARFILE}} | |
steps: | |
- name: checkout code | |
uses: actions/checkout@v2 | |
- name: setup java | |
uses: actions/setup-java@v1 | |
with: | |
java-version: '8' | |
java-package: jdk | |
- name: build and test | |
id: thebuild | |
run: ./gradlew build --info --init-script init.gradle | |
- name: Upload WAR | |
uses: actions/upload-artifact@v2 | |
with: | |
name: warfile | |
path: cwms-data-api/build/libs/${{steps.thebuild.outputs.WARFILE}} | |
retention-days: 1 | |
if-no-files-found: error | |
- name: Build docker image | |
run: docker build -t cda:build-latest . | |
release: | |
if: github.event_name == 'push' && startsWith(github.ref,'refs/heads/release') | |
name: Create and push releases | |
needs: build | |
runs-on: ubuntu-latest | |
steps: | |
- name: checkout code | |
uses: actions/checkout@v2 | |
- name: setup java | |
uses: actions/setup-java@v1 | |
with: | |
java-version: '8' | |
java-package: jdk | |
- name: Download all workflow run artifacts from build | |
id: artifacts | |
uses: actions/download-artifact@v2 | |
with: | |
path: ./ | |
- name: get version | |
id: get_version | |
run: .github/workflows/get_version.sh | |
- name: show version | |
run: echo ${VERSION} | |
- name: tag repo | |
uses: actions/github-script@v3 | |
with: | |
github-token: ${{secrets.GITHUB_TOKEN}} | |
script: | | |
github.git.createRef({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
ref: "refs/tags/${{env.VERSION}}", | |
sha: context.sha | |
}) | |
- name: Create Release | |
id: create_release | |
uses: actions/create-release@v1 | |
env: | |
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN }} | |
with: | |
tag_name: ${{env.VERSION}} | |
release_name: Release ${{env.VERSION}} | |
- name: Upload Tomcat War | |
id: upload-war | |
uses: actions/upload-release-asset@v1 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
upload_url: ${{ steps.create_release.outputs.upload_url }} | |
asset_path: warfile/${{ needs.build.outputs.thewar}} | |
asset_name: ${{ env.WAR_FILE_NAME}} | |
asset_content_type: application/x-webarchive | |
- name: Login to Alt Registry | |
uses: docker/[email protected] | |
id: login-alt | |
with: | |
registry: ${{ secrets.ALT_REGISTRY }} | |
username: ${{ secrets.ALT_REG_USER }} | |
password: ${{ secrets.ALT_REG_PASSWORD }} | |
- name: Build docker image | |
env: | |
IMAGE_TAG: ${{env.VERSION}} | |
ALT_REGISTRY: ${{secrets.ALT_REGISTRY}} | |
run: | | |
docker build -t cda:build-latest . | |
docker tag cda:build-latest $ALT_REGISTRY/cwms/data-api:$IMAGE_TAG | |
docker tag cda:build-latest $ALT_REGISTRY/cwms/data-api:latest | |
docker push $ALT_REGISTRY/cwms/data-api:$IMAGE_TAG | |
docker push $ALT_REGISTRY/cwms/data-api:latest | |
- name: Logout of ALT registry | |
if: ${{ always() }} | |
run: docker logout ${{ steps.login-alt.outputs.registry }} | |
publish: | |
if: github.event_name == 'push' && startsWith(github.ref,'refs/heads/develop') | |
name: API Container Image | |
# The type of runner that the job will run on | |
runs-on: ubuntu-latest | |
needs: build | |
# Steps represent a sequence of tasks that will be executed as part of the job | |
steps: | |
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
- name: checkout code | |
uses: actions/checkout@v2 | |
- name: setup java | |
uses: actions/setup-java@v1 | |
with: | |
java-version: '8' | |
java-package: jdk | |
- name: get Data-API version | |
id: get_version | |
run: .github/workflows/get_version.sh | |
- name: Configure AWS credentials | |
if: ${{ always() }} | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.CWBICI_DEVELOP_AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.CWBICI_DEVELOP_AWS_SECRET_ACCESS_KEY }} | |
aws-region: ${{ secrets.CWBICI_DEVELOP_AWS_REGION }} | |
- name: Login to Amazon ECR | |
if: ${{ success() }} | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v1 | |
- name: Login to Alt Registry | |
uses: docker/[email protected] | |
id: login-alt | |
with: | |
registry: ${{ secrets.ALT_REGISTRY }} | |
username: ${{ secrets.ALT_REG_USER }} | |
password: ${{ secrets.ALT_REG_PASSWORD }} | |
- name: Build, tag, and push image to Amazon ECR (cwms/data-api) | |
if: ${{ success() }} | |
env: | |
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
# do not change to cwms-data-api; upstream config also requires change | |
ECR_REPOSITORY: cwms-radar-api | |
IMAGE_TAG: ${{env.VERSION}} | |
ALT_REGISTRY: ${{ secrets.ALT_REGISTRY }} | |
run: | | |
docker build -t cda:build-latest . | |
docker tag cda:build-latest $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | |
docker tag cda:build-latest $ECR_REGISTRY/$ECR_REPOSITORY:latest | |
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | |
docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest | |
docker tag cda:build-latest $ALT_REGISTRY/cwms/data-api:$IMAGE_TAG | |
docker tag cda:build-latest $ALT_REGISTRY/cwms/data-api:latest-dev | |
docker push $ALT_REGISTRY/cwms/data-api:$IMAGE_TAG | |
docker push $ALT_REGISTRY/cwms/data-api:latest-dev | |
- name: Logout of Amazon ECR | |
if: ${{ always() }} | |
run: docker logout ${{ steps.login-ecr.outputs.registry }} | |
- name: Logout of ALT registry | |
if: ${{ always() }} | |
run: docker logout ${{ steps.login-alt.outputs.registry }} |