Quotly Build Pipeline #11
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Quotly Build Pipeline | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - main | |
| jobs: | |
| run_integration_tests: | |
| runs-on: self-hosted | |
| env: | |
| RUNNER_TOOL_CACHE: /toolcache | |
| permissions: | |
| contents: read | |
| statuses: read | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Lint Dockerfile | |
| uses: super-linter/[email protected] | |
| env: | |
| DEFAULT_BRANCH: origin/main | |
| GITHUB_TOKEN: ${{ secrets.QUOTLY_TOKEN }} | |
| FILTER_REGEX_INCLUDE: .*[Dd]ockerfile$ | |
| VALIDATE_DOCKERFILE: true | |
| - name: Lint Java | |
| uses: super-linter/[email protected] | |
| env: | |
| DEFAULT_BRANCH: origin/main | |
| GITHUB_TOKEN: ${{ secrets.QUOTLY_TOKEN }} | |
| FILTER_REGEX_INCLUDE: src/.*\.java$ | |
| VALIDATE_JAVA: true | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: 'temurin' | |
| java-version: 17 | |
| cache: 'maven' | |
| - name: Run backend tests | |
| run: | | |
| chmod +x mvnw | |
| ./mvnw test | |
| build_and_push_docker_image: | |
| runs-on: self-hosted | |
| needs: run_integration_tests | |
| env: | |
| RUNNER_TOOL_CACHE: /toolcache | |
| services: | |
| docker: | |
| image: docker:19.03.12 | |
| options: --privileged | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: 'temurin' | |
| java-version: 17 | |
| cache: 'maven' | |
| - name: Generate docker image tag | |
| id: tag | |
| run: | | |
| REPOSITORY_OWNER=$(echo '${{ github.repository_owner }}' | tr '[:upper:]' '[:lower:]') | |
| BRANCH_NAME=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}} | |
| BRANCH_NAME=${BRANCH_NAME/'/#'/-} | |
| BRANCH_NAME=${BRANCH_NAME//[^a-zA-Z0-9-]/} | |
| if [ "$BRANCH_NAME" == "main" ]; then | |
| DATE_TAG=$(date +'%Y.%m') | |
| BUILD_NUMBER=$(echo $GITHUB_RUN_NUMBER) | |
| DOCKER_IMAGE_TAG="${DATE_TAG}.${BUILD_NUMBER}" | |
| DOCKER_IMAGE_NAME="ghcr.io/${REPOSITORY_OWNER}/quotly-release" | |
| else | |
| BUILD_NUMBER=$(echo $GITHUB_RUN_NUMBER) | |
| DOCKER_IMAGE_TAG="${BRANCH_NAME}.${BUILD_NUMBER}" | |
| DOCKER_IMAGE_NAME="ghcr.io/${REPOSITORY_OWNER}/quotly-staging" | |
| fi | |
| echo "::set-output name=tag::$DOCKER_IMAGE_TAG" | |
| echo "::set-output name=name::$DOCKER_IMAGE_NAME" | |
| - name: Build backend | |
| run: | | |
| chmod +x mvnw | |
| ./mvnw versions:set -DnewVersion=${{ steps.tag.outputs.tag }} | |
| ./mvnw package -Dquarkus.package.jar.type=uber-jar -DskipTests | |
| - name: Build Docker image | |
| run: | | |
| TAG=${{ steps.tag.outputs.tag }} | |
| docker build -t quotly:$TAG . | |
| - name: Login to Github Packages | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ vars.DOCKER_USERNAME }} | |
| password: ${{ secrets.QUOTLY_TOKEN }} | |
| - name: Push Docker image | |
| run: | | |
| DOCKER_IMAGE_TAG=${{ steps.tag.outputs.tag }} | |
| DOCKER_IMAGE_NAME=${{ steps.tag.outputs.name }} | |
| docker tag quotly:$DOCKER_IMAGE_TAG $DOCKER_IMAGE_NAME:$DOCKER_IMAGE_TAG | |
| docker push $DOCKER_IMAGE_NAME:$DOCKER_IMAGE_TAG | |
| - name: Clean up old staging images | |
| if: endsWith(steps.tag.outputs.name, 'staging') | |
| run: | | |
| REPO_OWNER=$(echo '${{ github.repository_owner }}' | tr '[:upper:]' '[:lower:]') | |
| REPO_NAME=${{ github.event.repository.name }} | |
| REPO=ghcr.io/$REPO_OWNER/$REPO_NAME-staging | |
| TOKEN=${{ secrets.QUOTLY_TOKEN }} | |
| TAGS=$(curl -H "Authorization: Bearer $TOKEN" -s "https://ghcr.io/v2/$REPO/tags/list" | jq -r '.tags[]' | sort -r) | |
| echo -e "Found tags:\n$TAGS" | |
| KEEP=5 | |
| COUNT=0 | |
| for TAG in $TAGS; do | |
| if [[ $COUNT -ge $KEEP ]]; then | |
| echo "Deleting $TAG" | |
| DIGEST=$(curl -H "Authorization: Bearer $TOKEN" -sI "https://ghcr.io/v2/$REPO/manifests/$TAG" | grep docker-content-digest | awk '{print $2}' | tr -d $'\r') | |
| if [ -n "$DIGEST" ]; then | |
| curl -H "Authorization: Bearer $TOKEN" -X DELETE "https://ghcr.io/v2/$REPO/manifests/$DIGEST" | |
| else | |
| echo "Failed to get digest for $TAG" | |
| fi | |
| fi | |
| COUNT=$((COUNT + 1)) | |
| done |