diff --git a/.github/workflows/continuous-delivery.yaml b/.github/workflows/continuous-delivery.yaml new file mode 100644 index 0000000..42f692e --- /dev/null +++ b/.github/workflows/continuous-delivery.yaml @@ -0,0 +1,137 @@ +name: Continuous Delivery (CD) +on: + # "Build and publish" on merged + # Actually, there's no "merged" event. + # A "push" event is occurred after the pull request "close" event with "merged" true condition. + # The "push" event could replace "merged" event. + push: + branches: + # - main + - testcicd + #tags: + # - "v*.*.*" + paths-ignore: + - "**.md" + - ".gitignore" + - ".git/**" + - "CODE_OF_CONFUCT.md" + - "CONTRIBUTING.md" + - "LICENSE" + - "README.md" + +env: + DOCKER_REGISTRY_NAME: cloudbaristaorg + GHCR_REGISTRY_NAME: ${{ github.repository_owner }} + IMAGE_NAME: ${{ github.event.repository.name }} + +jobs: + # The job key is "publish-container-image" + publish-container-image: + # Job name is "Publish a container image" + name: Publish a container image + + #if: github.repository_owner == 'cloud-barista' + + runs-on: ubuntu-22.04 + + steps: + - name: Checkout source code + uses: actions/checkout@v4 + + - name: Extract metadata from Git reference and GitHub events + id: meta + uses: docker/metadata-action@v5 + with: + images: | + # image name for Docker Hub + ${{env.DOCKER_REGISTRY_NAME}}/${{env.IMAGE_NAME}} + # image name for GitHub Container Registry (GHCR) + ghcr.io/${{env.GHCR_REGISTRY_NAME}}/${{env.IMAGE_NAME}} + tags: | + # See `tags` input: https://github.com/docker/metadata-action?tab=readme-ov-file#tags-input + ## Tags for a push tag event + # minimal (e.g., 1.2.3) + type=semver,enable=true,pattern={{version}} + # type=semver,pattern={{major}}.{{minor}} + ## Tags for a push branch event + # Tags to reflect the last commit of the active branch + type=edge,enable=true,branch=main + ## Other types (currently the followings may be out of scope in this project) + ## Tags for a push branch event + # minimal (short sha) + # type=sha,enable=true,format=short + ## Tags for a push or pull_request event + # type=ref,event=branch + # type=ref,event=tag + # type=ref,event=pr + ## Tags for a schedule event - handlebars with timezone (e.g. 20200110-093000) + # type=schedule,enable=true,pattern={{date 'YYYYMMDD-hhmmss' tz='Asia/Tokyo'}} + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + with: + platforms: all + + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v3 + + - name: Cache Docker layers + uses: actions/cache@v4 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-buildx- + + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + java-version: '17' + distribution: 'temurin' + + - name: grant execute permission for gradlew + run: chmod +x gradlew + shell: bash + + - name: Build with Gradle Wrapper + run: ./gradlew clean build --stacktrace + + # - name: Build image + # env: + # IMAGE_NAME: devops:latest + # run: docker build . --file Dockerfile --tag aaaaaaa:latest + + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + + + + # TODO: Create a PAT with `read:packages` and `write:packages` scopes and save it as an Actions secret `CR_PAT` + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.CR_PAT }} + + - name: Build and publish + id: docker_build + uses: docker/build-push-action@v6 + with: + builder: ${{ steps.buildx.outputs.name }} + context: ./ + file: ./Dockerfile + target: prod + platforms: linux/amd64 # linux/arm/v7,linux/arm64,linux/386,linux/ppc64le,linux/s390x,linux/arm/v6 + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache + + - name: Image digest + run: echo ${{ steps.docker_build.outputs.digest }}