diff --git a/.github/workflows/cicd.yaml b/.github/workflows/cicd.yaml new file mode 100644 index 00000000..f0b90e32 --- /dev/null +++ b/.github/workflows/cicd.yaml @@ -0,0 +1,94 @@ +name: CICD + +env: + # 🖊️ EDIT your repository secrets to log into your OpenShift cluster and set up the context. + # See https://github.com/redhat-actions/oc-login#readme for how to retrieve these values. + # To get a permanent token, refer to https://github.com/redhat-actions/oc-login/wiki/Using-a-Service-Account-for-GitHub-Actions + OPENSHIFT_SERVER: ${{ secrets.OPENSHIFT_SERVER }} + OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN }} + # 🖊️ EDIT to set the kube context's namespace after login. Leave blank to use your user's default namespace. + OPENSHIFT_NAMESPACE: exhort + # 🖊️ EDIT to set the deployemnt resource data for image update. + OPENSHIFT_DEPLOYMENT_NAME: exhort-dev + OPENSHIFT_CONTAINER_NAME: exhort + # 🖊️ EDIT to change the image registry settings. + # Registries such as GHCR, Quay.io, and Docker Hub are supported. + IMAGE_REGISTRY: quay.io/ecosystem-appeng + IMAGE_NAME: exhort + IMAGE_TAGS: latest + IMAGE_REGISTRY_USER: ${{ secrets.REGISTRY_USER }} + IMAGE_REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} + # 🖊️ EDIT to change Dockerfile. + DOCKERFILE_PATH: ./src/main/docker/Dockerfile.native-micro + +on: + push: + branches: + - main + tags: + - '*' + +jobs: + build_and_push_image: + runs-on: ubuntu-latest + + if: github.repository == 'RHEcosystemAppEng/exhort' + + outputs: + digest: ${{ steps.push-to-registry.outputs.digest }} + + steps: + - name: Checkout Repository + uses: actions/checkout@v3 + + - name: Setup JDK + uses: actions/setup-java@v3 + with: + distribution: 'temurin' + java-version: '17' + cache: 'maven' + + - name: Build Package with Maven + run: mvn package -Pnative + + - name: Build Image With buildah + id: build-image + uses: redhat-actions/buildah-build@v2 + with: + image: ${{ env.IMAGE_NAME }} + tags: ${{ env.IMAGE_TAGS }} + dockerfiles: | + ${{ env.DOCKERFILE_PATH }} + + - name: Push Image To Registry + id: push-to-registry + uses: redhat-actions/push-to-registry@v2 + with: + image: ${{ steps.build-image.outputs.image }} + tags: ${{ steps.build-image.outputs.tags }} + registry: ${{ env.IMAGE_REGISTRY }} + username: ${{ env.IMAGE_REGISTRY_USER }} + password: ${{ env.IMAGE_REGISTRY_PASSWORD }} + + deploy_to_openshift: + needs: build_and_push_image + runs-on: ubuntu-latest + + steps: + - name: Install oc + uses: redhat-actions/openshift-tools-installer@v1 + with: + oc: 4 + + - name: Log In To OpenShift + uses: redhat-actions/oc-login@v1 + with: + openshift_server_url: ${{ env.OPENSHIFT_SERVER }} + openshift_token: ${{ env.OPENSHIFT_TOKEN }} + insecure_skip_tls_verify: true + namespace: ${{ env.OPENSHIFT_NAMESPACE }} + + - name: Patch Image + run: | + DEPLOYMENT_PATCH=$(printf '{"spec": {"template": {"spec": {"containers": [{"name": "%s", "image": "%s/%s@%s"}]}}}}' ${{ env.OPENSHIFT_CONTAINER_NAME }} ${{ env.IMAGE_REGISTRY }} ${{ env.IMAGE_NAME }} ${{ needs.build_and_push_image.outputs.digest }}) + oc patch deployment ${{ env.OPENSHIFT_DEPLOYMENT_NAME }} -p "${DEPLOYMENT_PATCH}" \ No newline at end of file