From f01a390e483a671da2ef13ddca1fb695f5c9017e Mon Sep 17 00:00:00 2001 From: Mike Neilson Date: Fri, 13 Dec 2024 14:57:21 +0000 Subject: [PATCH 1/3] Update OS image. --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index b758187f1..a03f829b4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,7 +5,7 @@ WORKDIR /builddir COPY . /builddir/ RUN gradle clean prepareDockerBuild --info --no-daemon -FROM alpine:3.20.3 as tomcat_base +FROM alpine:3.21.0 as tomcat_base RUN apk --no-cache upgrade && \ apk --no-cache add \ openjdk8-jre \ From 953c730c0e1e8ab5a9c34052aecf40a7a99936af Mon Sep 17 00:00:00 2001 From: Mike Neilson Date: Fri, 13 Dec 2024 15:52:01 +0000 Subject: [PATCH 2/3] Remove job dependency. --- .github/workflows/deploy.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index bd39701ad..aef81e368 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -11,7 +11,6 @@ jobs: release: if: ${{ github.event.workflow_run.conclusion == 'success' }} name: Create and push releases - needs: build runs-on: ubuntu-latest steps: - name: checkout code From 952d72f4b3200308b02b40801cf40dfa5631b827 Mon Sep 17 00:00:00 2001 From: Mike Neilson Date: Fri, 13 Dec 2024 17:44:30 +0000 Subject: [PATCH 3/3] Rearrange build and release structure to allow more automation of development and production releases. --- .github/workflows/build.yml | 8 +- .github/workflows/deploy.yml | 74 --------------- .github/workflows/nightly-schedule.yml | 19 ++++ .github/workflows/release.yml | 121 +++++++++++++++++++++++++ build.gradle | 2 +- 5 files changed, 142 insertions(+), 82 deletions(-) delete mode 100644 .github/workflows/deploy.yml create mode 100644 .github/workflows/nightly-schedule.yml create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 0d0842ff5..d30a2d2ad 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -28,12 +28,6 @@ jobs: run: ./gradlew build --info --init-script init.gradle - name: integration tests run: ./gradlew integrationtest --info --init-script init.gradle - - name: Upload WAR - uses: actions/upload-artifact@v4.4.3 - with: - name: warfile - path: cwms-data-api/build/libs/${{steps.thebuild.outputs.WARFILE}} - retention-days: 1 - if-no-files-found: error - name: Build docker image run: docker build -t cda:build-latest . + # No upload, we're just verifying that nothing broke the docker image. diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml deleted file mode 100644 index aef81e368..000000000 --- a/.github/workflows/deploy.yml +++ /dev/null @@ -1,74 +0,0 @@ ---- -name: Release images and war -on: - workflow_run: - workflows: ["Build And Test CWMS Data API"] - branches: ["develop"] - types: - - completed - -jobs: - release: - if: ${{ github.event.workflow_run.conclusion == 'success' }} - name: Create and push releases - runs-on: ubuntu-latest - steps: - - name: checkout code - uses: actions/checkout@v4.2.2 - - name: setup java - uses: actions/setup-java@v4.5.0 - with: - distribution: 'temurin' - java-version: '8' - cache: 'gradle' - - name: Download all workflow run artifacts from build - id: artifacts - uses: actions/download-artifact@v4.1.8 - with: - path: ./ - - name: get version - id: get_version - run: .github/workflows/get_version.sh - - name: show version - run: echo ${VERSION} - - name: Create Release - id: create_release - uses: softprops/action-gh-release@v2.1.0 - with: - files: warfile/${{ needs.build.outputs.thewar}} - tag_name: ${{env.VERSION}} - generate_release_notes: true - - name: Login to Alt Registry - uses: docker/login-action@v3.3.0 - id: login-alt - with: - registry: ${{ secrets.ALT_REGISTRY }} - username: ${{ secrets.ALT_REG_USER }} - password: ${{ secrets.ALT_REG_PASSWORD }} - - name: Login to Alt Public Registry - uses: docker/login-action@v3.3.0 - id: login-alt2 - with: - registry: ${{ secrets.HEC_PUB_REGISTRY }} - username: ${{ secrets.ALT_REG_USER }} - password: ${{ secrets.ALT_REG_PASSWORD }} - - name: Build docker image - env: - IMAGE_TAG: ${{env.VERSION}} - ALT_REGISTRY: ${{secrets.ALT_REGISTRY}} - HEC_PUB_REGISTRY: ${{secrets.HEC_PUB_REGISTRY}} - run: | - docker build -t cda:build-latest . - docker tag cda:build-latest $ALT_REGISTRY/cwms/data-api:$IMAGE_TAG - docker tag cda:build-latest $ALT_REGISTRY/cwms/data-api:latest - docker tag cda:build-latest $HEC_PUB_REGISTRY/cwms/data-api:$IMAGE_TAG - docker tag cda:build-latest $HEC_PUB_REGISTRY/cwms/data-api:latest - docker push $ALT_REGISTRY/cwms/data-api:$IMAGE_TAG - docker push $ALT_REGISTRY/cwms/data-api:latest - docker push $HEC_PUB_REGISTRY/cwms/data-api:$IMAGE_TAG - docker push $HEC_PUB_REGISTRY/cwms/data-api:latest - - name: Logout of ALT registry - if: ${{ always() }} - run: | - docker logout ${{ steps.login-alt.outputs.registry }} - docker logout ${{ steps.login-alt2.outputs.registry }} diff --git a/.github/workflows/nightly-schedule.yml b/.github/workflows/nightly-schedule.yml new file mode 100644 index 000000000..8baa3046d --- /dev/null +++ b/.github/workflows/nightly-schedule.yml @@ -0,0 +1,19 @@ +name: Nightly Releases - Schedule +on: + schedule: + - cron: "3 0 * * *" + +jobs: + main: + permissions: + packages: write + contents: write + uses: ./.github/workflows/release.yml + secrets: + token: ${{ secrets.GITHUB_TOKEN }} + registry: ${{ secrets.HEC_PUB_REGISTRY}} + registry_user: ${{ secrets.ALT_REG_USER }} + registry_password: ${{ secrets.ALT_REG_PASSWORD }} + with: + branch: "develop" + nightly: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 000000000..27b76d0b4 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,121 @@ +--- +name: Nightly Release - Build +on: + workflow_call: + inputs: + branch: + type: string + required: true + nightly: + type: boolean + required: true + secrets: + token: + required: false + registry: + required: false + registry_user: + required: false + registry_password: + required: false + workflow_dispatch: + inputs: + branch: + type: choice + required: true + description: Which Branch to make the build from + options: + - develop + nightly: + type: boolean + required: true + description: Is this part of a "nightly" workflow? + default: true + +jobs: + release-nightly: + runs-on: ubuntu-latest + permissions: + packages: write + contents: write + steps: + - name: checkout code + uses: actions/checkout@v4.2.2 + with: + ref: ${{inputs.branch}} + - name: setup java + uses: actions/setup-java@v4.5.0 + with: + distribution: 'temurin' + java-version: '8' + cache: 'gradle' + - name: Set version + if: inputs.nightly + run: echo "VERSION=${{inputs.branch}}-nightly" >> $GITHUB_ENV + - name: Set version + run: echo "VERSION=${{inputs.branch}}" >> $GITHUB_ENV" + - name: show version + run: echo ${VERSION} + - name: build war + run: ./gradlew build --info --init-script init.gradle -PversionOverride=$VERSION + - name: Create GitHub Release + id: create_release + uses: softprops/action-gh-release@v2.1.0 + with: + files: cwms-data-api/build/libs/cwms-data-api-${{env.VERSION}}.war + tag_name: ${{env.VERSION}} + generate_release_notes: true + token: ${{ secrets.token != null && secrets.token || secrets.GITHUB_TOKEN }} + - name: Log in to the Container registry + id: login-ghcr + uses: docker/login-action@v4.5.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.token != null && secrets.token || secrets.GITHUB_TOKEN }} + - name: Login to HEC Public Registry + uses: docker/login-action@v4.5.0 + id: login-hec + with: + registry: ${{ secrets.registry != null && secrets.registry ||secrets.HEC_PUB_REGISTRY }} + username: ${{ secrets.registry_user != null && secrets.registry_user || secrets.ALT_REG_USER }} + password: ${{ secrets.registry_password != null && secrets.registry_password || secrets.ALT_REG_PASSWORD }} + - name: Build docker image + env: + IMAGE_TAG: ${{env.VERSION}} + ALT_REGISTRY: ${{secrets.ALT_REGISTRY}} + HEC_PUB_REGISTRY: ${{secrets.HEC_PUB_REGISTRY}} + run: | + HEC_PUB_REGISTRY="${{secrets.registry != null && secrets.registry ||secrets.HEC_PUB_REGISTRY}}"" + REPO=`echo "${{github.repository}}" | tr '[:upper:]' '[:lower:]'` + docker build -t cda:build-latest . + docker tag cda:build-latest ghcr.io/${REPO}:$VERSION + docker tag cda:build-latest $HEC_PUB_REGISTRY/cwms/data-api:$VERSION + docker push $HEC_PUB_REGISTRY/cwms/data-api:$VERSION + docker push ghcr.io/${REPO}:$VERSION + - name: Logout of HEC pub registry + if: ${{ always() }} + run: | + docker logout ${{ steps.login-hec.outputs.registry }} + - name: Logout of GH registry + if: ${{ always() }} + run: | + docker logout ${{ steps.login-ghcr.outputs.registry }} +--- +name: Tagged Release +on: + push: + tags: + - '[0-9][0-9][0-9][0-9].[09][0-9].[0-9]' + - '[0-9][0-9][0-9][0-9].[09][0-9].[0-9]-*+' +jobs: + release: + uses: ./.github/workflows/release.yml + secrets: + token: ${{ secrets.GITHUB_TOKEN }} + registry: ${{ secrets.HEC_PUB_REGISTRY}} + registry_user: ${{ secrets.ALT_REG_USER }} + registry_password: ${{ secrets.ALT_REG_PASSWORD }} + with: + branch: ${{github.ref_name}} + nightly: false diff --git a/build.gradle b/build.gradle index 09cca233f..11ab2dac1 100644 --- a/build.gradle +++ b/build.gradle @@ -22,5 +22,5 @@ def static versionLabel(gitInfo) { allprojects { apply plugin: 'cda.java-conventions' group = 'mil.army.usace.hec.cwms' - version = versionLabel(versionDetails()) + version = project.findProperty("versionOverride") ?: versionLabel(versionDetails()) }