From 3c524e3f2a0a644d649246e370532aad7fd3ea50 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 29 Aug 2024 13:19:43 +0000 Subject: [PATCH 01/31] chore(deps): add renovate.json --- renovate.json | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 renovate.json diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..3623e31 --- /dev/null +++ b/renovate.json @@ -0,0 +1,6 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": [ + "local>3dwardch3ng/renovate-config" + ] +} From 3d6d9cb014f235f1ed4cd7358c173cddb041186a Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Thu, 29 Aug 2024 23:20:34 +1000 Subject: [PATCH 02/31] update gitignore --- .gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index 524f096..0fc479a 100644 --- a/.gitignore +++ b/.gitignore @@ -22,3 +22,5 @@ # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml hs_err_pid* replay_pid* + +/.idea/ From eb243a11de7d275517cf595692e6712b2f6a534e Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Thu, 29 Aug 2024 23:22:40 +1000 Subject: [PATCH 03/31] add document --- CODEOWNERS | 3 ++ CODE_OF_CONDUCT.md | 128 +++++++++++++++++++++++++++++++++++++++++++++ SECURITY.md | 28 ++++++++++ 3 files changed, 159 insertions(+) create mode 100644 CODEOWNERS create mode 100644 CODE_OF_CONDUCT.md create mode 100644 SECURITY.md diff --git a/CODEOWNERS b/CODEOWNERS new file mode 100644 index 0000000..4b66db0 --- /dev/null +++ b/CODEOWNERS @@ -0,0 +1,3 @@ +# Repository CODEOWNERS + +@3dwardCh3nG \ No newline at end of file diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..e964f15 --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,128 @@ +# Contributor Covenant Code of Conduct + +## Our Pledge + +We as members, contributors, and leaders pledge to make participation in our +community a harassment-free experience for everyone, regardless of age, body +size, visible or invisible disability, ethnicity, sex characteristics, gender +identity and expression, level of experience, education, socio-economic status, +nationality, personal appearance, race, religion, or sexual identity +and orientation. + +We pledge to act and interact in ways that contribute to an open, welcoming, +diverse, inclusive, and healthy community. + +## Our Standards + +Examples of behavior that contributes to a positive environment for our +community include: + +* Demonstrating empathy and kindness toward other people +* Being respectful of differing opinions, viewpoints, and experiences +* Giving and gracefully accepting constructive feedback +* Accepting responsibility and apologizing to those affected by our mistakes, + and learning from the experience +* Focusing on what is best not just for us as individuals, but for the + overall community + +Examples of unacceptable behavior include: + +* The use of sexualized language or imagery, and sexual attention or + advances of any kind +* Trolling, insulting or derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others' private information, such as a physical or email + address, without their explicit permission +* Other conduct which could reasonably be considered inappropriate in a + professional setting + +## Enforcement Responsibilities + +Community leaders are responsible for clarifying and enforcing our standards of +acceptable behavior and will take appropriate and fair corrective action in +response to any behavior that they deem inappropriate, threatening, offensive, +or harmful. + +Community leaders have the right and responsibility to remove, edit, or reject +comments, commits, code, wiki edits, issues, and other contributions that are +not aligned to this Code of Conduct, and will communicate reasons for moderation +decisions when appropriate. + +## Scope + +This Code of Conduct applies within all community spaces, and also applies when +an individual is officially representing the community in public spaces. +Examples of representing our community include using an official e-mail address, +posting via an official social media account, or acting as an appointed +representative at an online or offline event. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported to the community leaders responsible for enforcement at +edward@cheng.sydney. +All complaints will be reviewed and investigated promptly and fairly. + +All community leaders are obligated to respect the privacy and security of the +reporter of any incident. + +## Enforcement Guidelines + +Community leaders will follow these Community Impact Guidelines in determining +the consequences for any action they deem in violation of this Code of Conduct: + +### 1. Correction + +**Community Impact**: Use of inappropriate language or other behavior deemed +unprofessional or unwelcome in the community. + +**Consequence**: A private, written warning from community leaders, providing +clarity around the nature of the violation and an explanation of why the +behavior was inappropriate. A public apology may be requested. + +### 2. Warning + +**Community Impact**: A violation through a single incident or series +of actions. + +**Consequence**: A warning with consequences for continued behavior. No +interaction with the people involved, including unsolicited interaction with +those enforcing the Code of Conduct, for a specified period of time. This +includes avoiding interactions in community spaces as well as external channels +like social media. Violating these terms may lead to a temporary or +permanent ban. + +### 3. Temporary Ban + +**Community Impact**: A serious violation of community standards, including +sustained inappropriate behavior. + +**Consequence**: A temporary ban from any sort of interaction or public +communication with the community for a specified period of time. No public or +private interaction with the people involved, including unsolicited interaction +with those enforcing the Code of Conduct, is allowed during this period. +Violating these terms may lead to a permanent ban. + +### 4. Permanent Ban + +**Community Impact**: Demonstrating a pattern of violation of community +standards, including sustained inappropriate behavior, harassment of an +individual, or aggression toward or disparagement of classes of individuals. + +**Consequence**: A permanent ban from any sort of public interaction within +the community. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], +version 2.0, available at +https://www.contributor-covenant.org/version/2/0/code_of_conduct.html. + +Community Impact Guidelines were inspired by [Mozilla's code of conduct +enforcement ladder](https://github.com/mozilla/diversity). + +[homepage]: https://www.contributor-covenant.org + +For answers to common questions about this code of conduct, see the FAQ at +https://www.contributor-covenant.org/faq. Translations are available at +https://www.contributor-covenant.org/translations. \ No newline at end of file diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..028608a --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,28 @@ +# Security Policy + +## Supported Versions + +Use this section to tell people about which versions of your project are +currently being supported with security updates. + +| Version | Supported | +|---------|--------------------| +| v1.x.x | :white_check_mark: | + +## Reporting a Vulnerability + +If you find a security vulnerability affecting any of our supported projects, please +email [edward@cheng.sydney](mailto:edward@cheng.sydney), rather than opening a public issue on GitHub. After receiving +the initial report, we will endeavor to keep you informed of the progress towards a fix and full announcement. We may +ask you for additional information. You are also welcome to propose a patch or solution. + +Report security bugs in third-party modules to the person or team maintaining the module. + +## Coordinated Disclosure + +We aim to patch confirmed vulnerabilities within 30 days or less, disclosing the details of those vulnerabilities when a +patch is published. We ask that you refrain from sharing your report with others while we work on our patch. + +We may want to coordinate an advisory with you to be published simultaneously with the patch, but you are also welcome +to self-disclose after 90 days if you prefer. We will never publish information about you or our communications with you +without your permission. From b9d87477282fb4fac1e7eecb261b588d8636b8c4 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Thu, 29 Aug 2024 23:48:44 +1000 Subject: [PATCH 04/31] add spring config server application --- .mvn/settings.xml | 65 +++++++++++++++++ pom.xml | 69 +++++++++++++++++++ .../cheng/microservice/Application.java | 13 ++++ src/main/resources/application.properties | 2 + 4 files changed, 149 insertions(+) create mode 100644 .mvn/settings.xml create mode 100644 pom.xml create mode 100644 src/main/java/sydney/cheng/microservice/Application.java create mode 100644 src/main/resources/application.properties diff --git a/.mvn/settings.xml b/.mvn/settings.xml new file mode 100644 index 0000000..4c81c02 --- /dev/null +++ b/.mvn/settings.xml @@ -0,0 +1,65 @@ + + + + homelab + + nexus-snapshot::${env.SNAPSHOT_DEPLOYMENT_REPOSITORY_URL} + nexus-release::${env.RELEASE_DEPLOYMENT_REPOSITORY_URL} + + + + nexus-snapshot + Home Lab Nexus Snapshot + + false + + + true + always + warn + + ${env.SNAPSHOT_DEPLOYMENT_REPOSITORY_URL} + default + + + nexus-release + Home Lab Nexus Release + + true + always + warn + + + false + + ${env.RELEASE_DEPLOYMENT_REPOSITORY_URL} + default + + + + + nexus-central + Home Lab Nexus Maven Central + + true + warn + + ${env.NEXUS_CENTRAL_REPOSITORY_URL} + default + + + + + + + nexus-snapshot + ${env.NEXUS_USERNAME} + ${env.NEXUS_PASSWORD} + + + nexus-release + ${env.NEXUS_USERNAME} + ${env.NEXUS_PASSWORD} + + + \ No newline at end of file diff --git a/pom.xml b/pom.xml new file mode 100644 index 0000000..5d3f0f4 --- /dev/null +++ b/pom.xml @@ -0,0 +1,69 @@ + + + 4.0.0 + + + sydney.cheng + ec-super-pom + 1.0.1 + + + ec-config-server + 1.0.0-SNAPSHOT + jar + + + + MIT License + https://www.opensource.org/licenses/mit-license.php + + + + + Edward Cheng + edward@cheng.sydney + cheng.sydney + https://3dwardch3ng.github.io/ + + + + scm:git:git://github.com/3dwardch3ng/ec-config-server.git + scm:git:ssh://github.com:3dwardch3ng/ec-config-server.git + https://github.com/3dwardch3ng/ec-config-server/tree/main + + + GitHub + https://github.com/3dwardch3ng/ec-config-server/issues + + + + 17 + 17 + UTF-8 + + jacoco + reuseReports + ${project.basedir}/../target/site/jacoco/jacoco.xml + java + **/config/* + 3dwardch3ng + https://sonarqube.cluster.edward.sydney + + + + + org.springframework.cloud + spring-cloud-config-server + + + org.springframework.boot + spring-boot-starter-security + + + org.springframework.boot + spring-boot-starter-web + + + \ No newline at end of file diff --git a/src/main/java/sydney/cheng/microservice/Application.java b/src/main/java/sydney/cheng/microservice/Application.java new file mode 100644 index 0000000..71ff6be --- /dev/null +++ b/src/main/java/sydney/cheng/microservice/Application.java @@ -0,0 +1,13 @@ +package sydney.cheng.microservice; + +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.cloud.config.server.EnableConfigServer; + +@SpringBootApplication +@EnableConfigServer +public class Application { + public static void main(String[] arguments) { + SpringApplication.run(Application.class, arguments); + } +} diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties new file mode 100644 index 0000000..d0390b4 --- /dev/null +++ b/src/main/resources/application.properties @@ -0,0 +1,2 @@ +server.port=8888 +spring.cloud.config.server.git.uri: file://opt/config \ No newline at end of file From 54762aed8eeb14b5fd4ae89e1a814c6a53f160f8 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Thu, 29 Aug 2024 23:58:32 +1000 Subject: [PATCH 05/31] update config properties --- .github/ISSUE_TEMPLATE/bug_report.md | 38 +++++++++++++++++++++++ .github/ISSUE_TEMPLATE/custom.md | 10 ++++++ .github/ISSUE_TEMPLATE/feature_request.md | 20 ++++++++++++ src/main/resources/application.properties | 2 -- src/main/resources/application.yml | 37 ++++++++++++++++++++++ src/main/resources/bootstrap.yaml | 5 +++ 6 files changed, 110 insertions(+), 2 deletions(-) create mode 100644 .github/ISSUE_TEMPLATE/bug_report.md create mode 100644 .github/ISSUE_TEMPLATE/custom.md create mode 100644 .github/ISSUE_TEMPLATE/feature_request.md delete mode 100644 src/main/resources/application.properties create mode 100644 src/main/resources/application.yml create mode 100644 src/main/resources/bootstrap.yaml diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 0000000..dd84ea7 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,38 @@ +--- +name: Bug report +about: Create a report to help us improve +title: '' +labels: '' +assignees: '' + +--- + +**Describe the bug** +A clear and concise description of what the bug is. + +**To Reproduce** +Steps to reproduce the behavior: +1. Go to '...' +2. Click on '....' +3. Scroll down to '....' +4. See error + +**Expected behavior** +A clear and concise description of what you expected to happen. + +**Screenshots** +If applicable, add screenshots to help explain your problem. + +**Desktop (please complete the following information):** + - OS: [e.g. iOS] + - Browser [e.g. chrome, safari] + - Version [e.g. 22] + +**Smartphone (please complete the following information):** + - Device: [e.g. iPhone6] + - OS: [e.g. iOS8.1] + - Browser [e.g. stock browser, safari] + - Version [e.g. 22] + +**Additional context** +Add any other context about the problem here. diff --git a/.github/ISSUE_TEMPLATE/custom.md b/.github/ISSUE_TEMPLATE/custom.md new file mode 100644 index 0000000..48d5f81 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/custom.md @@ -0,0 +1,10 @@ +--- +name: Custom issue template +about: Describe this issue template's purpose here. +title: '' +labels: '' +assignees: '' + +--- + + diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 0000000..bbcbbe7 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,20 @@ +--- +name: Feature request +about: Suggest an idea for this project +title: '' +labels: '' +assignees: '' + +--- + +**Is your feature request related to a problem? Please describe.** +A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] + +**Describe the solution you'd like** +A clear and concise description of what you want to happen. + +**Describe alternatives you've considered** +A clear and concise description of any alternative solutions or features you've considered. + +**Additional context** +Add any other context or screenshots about the feature request here. diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties deleted file mode 100644 index d0390b4..0000000 --- a/src/main/resources/application.properties +++ /dev/null @@ -1,2 +0,0 @@ -server.port=8888 -spring.cloud.config.server.git.uri: file://opt/config \ No newline at end of file diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml new file mode 100644 index 0000000..54cc3be --- /dev/null +++ b/src/main/resources/application.yml @@ -0,0 +1,37 @@ +server: + port: 8888 + +management: + endpoints: + web: + exposure: + include: '*' + endpoint: + env: + post: + enabled: true + web: + exposure: + include: '*' + health: + show-details: always + +spring: + cloud: + kubernetes: + discovery: + enabled: false + all-namespaces: false + service-labels: + spring-boot: true + enabled: false + config: + server: + git: + uri: file://opt/config + health: + enabled: false + +eureka: + client: + enabled: false \ No newline at end of file diff --git a/src/main/resources/bootstrap.yaml b/src/main/resources/bootstrap.yaml new file mode 100644 index 0000000..69b7b18 --- /dev/null +++ b/src/main/resources/bootstrap.yaml @@ -0,0 +1,5 @@ +application: + name: ec-config-server +spring: + application: + name: ${application.name} \ No newline at end of file From edd84158727fb8f12b6dfeb198f03d313f11d977 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 00:36:35 +1000 Subject: [PATCH 06/31] update config properties --- .../resources/application-k3s-cluster.yml | 10 +++++++ src/main/resources/application.yml | 27 ++++++++++--------- 2 files changed, 24 insertions(+), 13 deletions(-) create mode 100644 src/main/resources/application-k3s-cluster.yml diff --git a/src/main/resources/application-k3s-cluster.yml b/src/main/resources/application-k3s-cluster.yml new file mode 100644 index 0000000..9390a3c --- /dev/null +++ b/src/main/resources/application-k3s-cluster.yml @@ -0,0 +1,10 @@ +spring: + cloud: + kubernetes: + discovery: + all-namespaces: false + service-labels: + spring-boot: true +eureka: + client: + enabled: false \ No newline at end of file diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 54cc3be..05ba5fc 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -10,27 +10,28 @@ management: env: post: enabled: true + logfile: + external-file: '/app/log/${spring.application.name}.log' web: exposure: include: '*' health: show-details: always +logging: + file: + name: '/app/log/${spring.application.name}.log' + spring: + profiles: + active: native cloud: - kubernetes: - discovery: - enabled: false - all-namespaces: false - service-labels: - spring-boot: true - enabled: false - config: - server: - git: - uri: file://opt/config - health: - enabled: false + config: + server: + native: + search-locations: ${CONFIG_NATIVE_SEARCH_LOCATION:/opt/config} + health: + enabled: false eureka: client: From 53b70abba04f5323b2a2c34fa817f99c239ccafd Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 00:37:02 +1000 Subject: [PATCH 07/31] add Dockerfile --- Dockerfile | 8 ++++++++ pom.xml | 1 - script/entrypoint.sh | 14 ++++++++++++++ 3 files changed, 22 insertions(+), 1 deletion(-) create mode 100644 Dockerfile create mode 100644 script/entrypoint.sh diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..b9e3905 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,8 @@ +FROM bitnami/java:17-debian-12 + +COPY target/*.jar /app/app.jar + +COPY script/entrypoint.sh /opt/scripts/entrypoint.sh +RUN chmod 0740 /opt/scripts/entrypoint.sh + +CMD /opt/scripts/entrypoint.sh \ No newline at end of file diff --git a/pom.xml b/pom.xml index 5d3f0f4..94ad21d 100644 --- a/pom.xml +++ b/pom.xml @@ -12,7 +12,6 @@ ec-config-server 1.0.0-SNAPSHOT - jar diff --git a/script/entrypoint.sh b/script/entrypoint.sh new file mode 100644 index 0000000..af05428 --- /dev/null +++ b/script/entrypoint.sh @@ -0,0 +1,14 @@ +#!/bin/sh + +if test "${SPRING_PROFILES_ACTIVE}" != ''; +then + echo "spring active profile is "$SPRING_PROFILES_ACTIVE + JAVA_OPTIONS="$JAVA_OPTIONS -Dspring.profiles.active=cloud,native,$SPRING_PROFILES_ACTIVE" +fi + +if test "${LOCAL_DOCKER_ENV}" = 'true'; +then + JAVA_OPTIONS="$JAVA_OPTIONS -Dspring.profiles.active=native" +fi + +java $JAVA_OPTIONS -jar /app/app.jar \ No newline at end of file From 06655b7cde0d44f499bbdfcc7218f5a4bf5f29fb Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 01:00:54 +1000 Subject: [PATCH 08/31] test maven build pipeline --- .../workflows/build-and-publish-develop.yml | 35 +++++++++++++++++++ .mvn/settings.xml | 24 ------------- 2 files changed, 35 insertions(+), 24 deletions(-) create mode 100644 .github/workflows/build-and-publish-develop.yml diff --git a/.github/workflows/build-and-publish-develop.yml b/.github/workflows/build-and-publish-develop.yml new file mode 100644 index 0000000..ff59df9 --- /dev/null +++ b/.github/workflows/build-and-publish-develop.yml @@ -0,0 +1,35 @@ +name: ci + +on: + workflow_dispatch: + push: + branches: + - develop + +env: + REGISTRY_IMAGE: edeedeeed/ec-config-server + +jobs: + build-java: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: write + packages: write + name: Build Java Package and Publish + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - uses: actions/setup-java@v4.2.2 + with: + distribution: zulu + java-version: 17 + - name: Maven Publish + env: + SNAPSHOT_DEPLOYMENT_REPOSITORY_URL: ${{ secrets.SNAPSHOT_DEPLOYMENT_REPOSITORY_URL }} + RELEASE_DEPLOYMENT_REPOSITORY_URL: ${{ secrets.RELEASE_DEPLOYMENT_REPOSITORY_URL }} + run: | + mvn -B deploy \ + -P homelab \ + --settings=${{ github.workspace }}/.mvn/settings.xml \ No newline at end of file diff --git a/.mvn/settings.xml b/.mvn/settings.xml index 4c81c02..f893417 100644 --- a/.mvn/settings.xml +++ b/.mvn/settings.xml @@ -36,30 +36,6 @@ default - - - nexus-central - Home Lab Nexus Maven Central - - true - warn - - ${env.NEXUS_CENTRAL_REPOSITORY_URL} - default - - - - - nexus-snapshot - ${env.NEXUS_USERNAME} - ${env.NEXUS_PASSWORD} - - - nexus-release - ${env.NEXUS_USERNAME} - ${env.NEXUS_PASSWORD} - - \ No newline at end of file From b00225f6eda0d748b03e8f9738625be9f8fd36cd Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 01:05:25 +1000 Subject: [PATCH 09/31] update nexus authentication for pipeline --- .github/workflows/build-and-publish-develop.yml | 2 ++ .mvn/settings.xml | 12 ++++++++++++ 2 files changed, 14 insertions(+) diff --git a/.github/workflows/build-and-publish-develop.yml b/.github/workflows/build-and-publish-develop.yml index ff59df9..7c6a2bf 100644 --- a/.github/workflows/build-and-publish-develop.yml +++ b/.github/workflows/build-and-publish-develop.yml @@ -27,6 +27,8 @@ jobs: java-version: 17 - name: Maven Publish env: + NEXUS_USERNAME: 'edward' + NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} SNAPSHOT_DEPLOYMENT_REPOSITORY_URL: ${{ secrets.SNAPSHOT_DEPLOYMENT_REPOSITORY_URL }} RELEASE_DEPLOYMENT_REPOSITORY_URL: ${{ secrets.RELEASE_DEPLOYMENT_REPOSITORY_URL }} run: | diff --git a/.mvn/settings.xml b/.mvn/settings.xml index f893417..03ef155 100644 --- a/.mvn/settings.xml +++ b/.mvn/settings.xml @@ -38,4 +38,16 @@ + + + nexus-snapshot + ${env.NEXUS_USERNAME} + ${env.NEXUS_PASSWORD} + + + nexus-release + ${env.NEXUS_USERNAME} + ${env.NEXUS_PASSWORD} + + \ No newline at end of file From 70aa53bc2d911d20089a2f1978b49ba313adfddc Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 01:07:36 +1000 Subject: [PATCH 10/31] update docker base image version --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index b9e3905..ca26ef3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM bitnami/java:17-debian-12 +FROM bitnami/java:17.0.12-10-debian-12-r4 COPY target/*.jar /app/app.jar From 9411333865c5143f0bc47adc2b281e7a2568041a Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 01:21:13 +1000 Subject: [PATCH 11/31] test docker build and merge --- .../workflows/build-and-publish-develop.yml | 102 +++++++++++++++++- 1 file changed, 101 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-and-publish-develop.yml b/.github/workflows/build-and-publish-develop.yml index 7c6a2bf..11f7e71 100644 --- a/.github/workflows/build-and-publish-develop.yml +++ b/.github/workflows/build-and-publish-develop.yml @@ -34,4 +34,104 @@ jobs: run: | mvn -B deploy \ -P homelab \ - --settings=${{ github.workspace }}/.mvn/settings.xml \ No newline at end of file + --settings=${{ github.workspace }}/.mvn/settings.xml + build-docker: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + platform: + - linux/amd64 + - linux/arm64 + steps: + - name: Prepare + run: | + platform=${{ matrix.platform }} + echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - uses: actions/setup-java@v4.2.2 + with: + distribution: zulu + java-version: 17 + - name: Maven Package + env: + NEXUS_USERNAME: 'edward' + NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} + SNAPSHOT_DEPLOYMENT_REPOSITORY_URL: ${{ secrets.SNAPSHOT_DEPLOYMENT_REPOSITORY_URL }} + RELEASE_DEPLOYMENT_REPOSITORY_URL: ${{ secrets.RELEASE_DEPLOYMENT_REPOSITORY_URL }} + run: | + mvn -B package \ + -P homelab \ + --settings=${{ github.workspace }}/.mvn/settings.xml + - name: Docker meta + - id: Setup Docker Metadata + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY_IMAGE }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ vars.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Build and push by digest + id: build + uses: docker/build-push-action@v6 + with: + platforms: ${{ matrix.platform }} + labels: ${{ steps.meta.outputs.labels }} + outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true + - name: Export digest + run: | + mkdir -p /tmp/digests + digest="${{ steps.build.outputs.digest }}" + touch "/tmp/digests/${digest#sha256:}" + - name: Upload digest + uses: actions/upload-artifact@v4 + with: + name: digests-${{ env.PLATFORM_PAIR }} + path: /tmp/digests/* + if-no-files-found: error + retention-days: 1 + merge-docker: + runs-on: ubuntu-latest + needs: + - build-docker + steps: + - name: Download digests + uses: actions/download-artifact@v4 + with: + path: /tmp/digests + pattern: digests-* + merge-multiple: true + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY_IMAGE }} + # generate Docker tags based on the following events/attributes + tags: | + type=schedule,{{date 'YYYYMMDD'}} + type=ref,event=branch + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=semver,pattern={{major}} + type=sha + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ vars.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Create manifest list and push + working-directory: /tmp/digests + run: | + docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ + $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) + - name: Inspect image + run: | + docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }} \ No newline at end of file From 77276d04315cc2df62ac2bdd4bfc46ab0e22a8c5 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 01:22:23 +1000 Subject: [PATCH 12/31] test docker build and merge --- .github/workflows/build-and-publish-develop.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-and-publish-develop.yml b/.github/workflows/build-and-publish-develop.yml index 11f7e71..31e1b3c 100644 --- a/.github/workflows/build-and-publish-develop.yml +++ b/.github/workflows/build-and-publish-develop.yml @@ -66,7 +66,8 @@ jobs: -P homelab \ --settings=${{ github.workspace }}/.mvn/settings.xml - name: Docker meta - - id: Setup Docker Metadata + - name: Setup Docker Metadata + id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY_IMAGE }} From dcba9ab9729e424b22a8ddafdcb3693920ea8dd7 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 01:25:23 +1000 Subject: [PATCH 13/31] test docker build and merge --- .github/workflows/build-and-publish-develop.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/build-and-publish-develop.yml b/.github/workflows/build-and-publish-develop.yml index 31e1b3c..f0fb0f8 100644 --- a/.github/workflows/build-and-publish-develop.yml +++ b/.github/workflows/build-and-publish-develop.yml @@ -65,7 +65,6 @@ jobs: mvn -B package \ -P homelab \ --settings=${{ github.workspace }}/.mvn/settings.xml - - name: Docker meta - name: Setup Docker Metadata id: meta uses: docker/metadata-action@v5 From 0fff1072e92e15032b95902191df821ec717a1c4 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 01:43:00 +1000 Subject: [PATCH 14/31] test docker build and merge --- .github/workflows/build-and-publish-develop.yml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-and-publish-develop.yml b/.github/workflows/build-and-publish-develop.yml index f0fb0f8..2da448b 100644 --- a/.github/workflows/build-and-publish-develop.yml +++ b/.github/workflows/build-and-publish-develop.yml @@ -44,10 +44,6 @@ jobs: - linux/amd64 - linux/arm64 steps: - - name: Prepare - run: | - platform=${{ matrix.platform }} - echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV - uses: actions/checkout@v4 with: fetch-depth: 0 @@ -65,13 +61,19 @@ jobs: mvn -B package \ -P homelab \ --settings=${{ github.workspace }}/.mvn/settings.xml - - name: Setup Docker Metadata + - name: Prepare + run: | + platform=${{ matrix.platform }} + echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV + - name: Docker meta id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY_IMAGE }} - name: Set up QEMU uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 - name: Login to Docker Hub uses: docker/login-action@v3 with: From 43005cc358058b7bca253a3de60aac578bb30531 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 08:33:12 +1000 Subject: [PATCH 15/31] update renovate maven repositories --- renovate.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/renovate.json b/renovate.json index 3623e31..20f725b 100644 --- a/renovate.json +++ b/renovate.json @@ -2,5 +2,15 @@ "$schema": "https://docs.renovatebot.com/renovate-schema.json", "extends": [ "local>3dwardch3ng/renovate-config" + ], + "packageRules": [ + { + "matchDatasources": ["maven"], + "registryUrls": [ + "https://nexus.cluster.edward.sydney/repository/maven-releases", + "https://nexus.cluster.edward.sydney/repository/maven-snapshots", + "https://repo.maven.apache.org/maven2" + ] + } ] } From ca66f74e2fd8f50a5cc6c70b026807c409e0ea98 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 08:37:15 +1000 Subject: [PATCH 16/31] test docker build and merge --- .github/workflows/build-and-publish-develop.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-and-publish-develop.yml b/.github/workflows/build-and-publish-develop.yml index 2da448b..65fcad8 100644 --- a/.github/workflows/build-and-publish-develop.yml +++ b/.github/workflows/build-and-publish-develop.yml @@ -1,4 +1,4 @@ -name: ci +name: Build and Publish Maven Artifact and Docker Image (Develop) on: workflow_dispatch: From 2390bb3fb57e61264b0e368346f075b0e05e6e98 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 08:40:22 +1000 Subject: [PATCH 17/31] update Dockerfile --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index ca26ef3..2ce5c46 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,8 @@ FROM bitnami/java:17.0.12-10-debian-12-r4 -COPY target/*.jar /app/app.jar +COPY ec-config-server/target/*.jar /app/app.jar -COPY script/entrypoint.sh /opt/scripts/entrypoint.sh +COPY ec-config-server/script/entrypoint.sh /opt/scripts/entrypoint.sh RUN chmod 0740 /opt/scripts/entrypoint.sh CMD /opt/scripts/entrypoint.sh \ No newline at end of file From cce9facef4a6a974dc9e4324619b03177ab028d9 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 08:46:03 +1000 Subject: [PATCH 18/31] test pipeline --- .github/workflows/build-and-publish-develop.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/build-and-publish-develop.yml b/.github/workflows/build-and-publish-develop.yml index 65fcad8..e7fdf11 100644 --- a/.github/workflows/build-and-publish-develop.yml +++ b/.github/workflows/build-and-publish-develop.yml @@ -61,6 +61,13 @@ jobs: mvn -B package \ -P homelab \ --settings=${{ github.workspace }}/.mvn/settings.xml + - name: Display directories + run: | + pwd + ls + ls ./ec-config-server + ls ./ec-config-server/target + ls ./ec-config-server/script - name: Prepare run: | platform=${{ matrix.platform }} From bf6e8ae1e310e2330b4e1d2720f57d34d0ba0adb Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 08:50:01 +1000 Subject: [PATCH 19/31] test pipeline --- .github/workflows/build-and-publish-develop.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-and-publish-develop.yml b/.github/workflows/build-and-publish-develop.yml index e7fdf11..d7c9cd4 100644 --- a/.github/workflows/build-and-publish-develop.yml +++ b/.github/workflows/build-and-publish-develop.yml @@ -65,9 +65,10 @@ jobs: run: | pwd ls - ls ./ec-config-server - ls ./ec-config-server/target - ls ./ec-config-server/script + echo "target dir" + ls ./target + echo "script dir" + ls ./script - name: Prepare run: | platform=${{ matrix.platform }} From da19cee82399433b780fb07ef8411633846a46c1 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 08:50:31 +1000 Subject: [PATCH 20/31] test pipeline --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 2ce5c46..ca26ef3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,8 @@ FROM bitnami/java:17.0.12-10-debian-12-r4 -COPY ec-config-server/target/*.jar /app/app.jar +COPY target/*.jar /app/app.jar -COPY ec-config-server/script/entrypoint.sh /opt/scripts/entrypoint.sh +COPY script/entrypoint.sh /opt/scripts/entrypoint.sh RUN chmod 0740 /opt/scripts/entrypoint.sh CMD /opt/scripts/entrypoint.sh \ No newline at end of file From a595a848ce61340b3a28e2760630beedb489a6dd Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 09:05:03 +1000 Subject: [PATCH 21/31] update Dockerfile --- Dockerfile | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index ca26ef3..2c22260 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,24 @@ -FROM bitnami/java:17.0.12-10-debian-12-r4 +FROM bitnami/java:17.0.12-10-debian-12-r4 AS builder -COPY target/*.jar /app/app.jar +WORKDIR /opt -COPY script/entrypoint.sh /opt/scripts/entrypoint.sh +RUN apt update && apt upgrade -y + +FROM builder AS app + +WORKDIR /app + +RUN addgroup -g 1001 app && adduser -u 1001 -G app -D app +RUN rm -rf /var/cache/apk/* \ + && chown app /app + +COPY --chown=1001 --from=builder /opt /opt + +USER 1001 + +COPY --chown=1001 target/*.jar /app/app.jar + +COPY --chown=1001 script/entrypoint.sh /opt/scripts/entrypoint.sh RUN chmod 0740 /opt/scripts/entrypoint.sh CMD /opt/scripts/entrypoint.sh \ No newline at end of file From 19217fc3e8a03f075abd3d29d4722c4b7bf396f3 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 09:05:46 +1000 Subject: [PATCH 22/31] update Dockerfile --- Dockerfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 2c22260..a61b25d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -9,8 +9,7 @@ FROM builder AS app WORKDIR /app RUN addgroup -g 1001 app && adduser -u 1001 -G app -D app -RUN rm -rf /var/cache/apk/* \ - && chown app /app +RUN chown app /app COPY --chown=1001 --from=builder /opt /opt From c4344ae5957a11029ffb427957f92e41c99006fb Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 09:11:36 +1000 Subject: [PATCH 23/31] update Dockerfile --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index a61b25d..bcc532f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,7 +8,7 @@ FROM builder AS app WORKDIR /app -RUN addgroup -g 1001 app && adduser -u 1001 -G app -D app +RUN adduser --system --group --uid 1001 --home /app --no-create-home --quiet --shell /bin/bash app RUN chown app /app COPY --chown=1001 --from=builder /opt /opt From f28eab3fdd23780a975bd6d33c55860de718394d Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 09:19:20 +1000 Subject: [PATCH 24/31] update Dockerfile --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index bcc532f..fc57880 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,8 +8,8 @@ FROM builder AS app WORKDIR /app -RUN adduser --system --group --uid 1001 --home /app --no-create-home --quiet --shell /bin/bash app -RUN chown app /app +RUN addgroup --gid 1001 app && adduser --uid 1001 --gid 1001 --home /app +RUN apt clean && chown app /app COPY --chown=1001 --from=builder /opt /opt From f3935fa526c1ff4eafecbcec33fad53b6c97ca65 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 09:32:54 +1000 Subject: [PATCH 25/31] test pipeline --- .github/workflows/build-and-publish-develop.yml | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/.github/workflows/build-and-publish-develop.yml b/.github/workflows/build-and-publish-develop.yml index d7c9cd4..72754eb 100644 --- a/.github/workflows/build-and-publish-develop.yml +++ b/.github/workflows/build-and-publish-develop.yml @@ -61,14 +61,6 @@ jobs: mvn -B package \ -P homelab \ --settings=${{ github.workspace }}/.mvn/settings.xml - - name: Display directories - run: | - pwd - ls - echo "target dir" - ls ./target - echo "script dir" - ls ./script - name: Prepare run: | platform=${{ matrix.platform }} @@ -91,6 +83,7 @@ jobs: id: build uses: docker/build-push-action@v6 with: + context: . platforms: ${{ matrix.platform }} labels: ${{ steps.meta.outputs.labels }} outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true From 873a742b7432e61ee6ecdb76cff5049c92745ad3 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 09:36:15 +1000 Subject: [PATCH 26/31] update Dockerfile --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index fc57880..d9647e0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,7 +8,7 @@ FROM builder AS app WORKDIR /app -RUN addgroup --gid 1001 app && adduser --uid 1001 --gid 1001 --home /app +RUN addgroup --gid 1001 app && adduser --uid 1001 --gid 1001 --home /app app RUN apt clean && chown app /app COPY --chown=1001 --from=builder /opt /opt From fc0e1e3be6918e23c2ab2f27981934eb45d959ce Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 10:10:43 +1000 Subject: [PATCH 27/31] test pipeline for tags --- .github/workflows/build-and-publish-develop.yml | 13 +++++++++---- Dockerfile | 4 +++- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-and-publish-develop.yml b/.github/workflows/build-and-publish-develop.yml index 72754eb..0798cf5 100644 --- a/.github/workflows/build-and-publish-develop.yml +++ b/.github/workflows/build-and-publish-develop.yml @@ -61,6 +61,11 @@ jobs: mvn -B package \ -P homelab \ --settings=${{ github.workspace }}/.mvn/settings.xml + - name: Extract Maven project version + id: project-version + run: echo ::set-output name=version::$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec) + - name: Show extracted Maven project version + run: echo ${{ steps.project-version.outputs.version }} - name: Prepare run: | platform=${{ matrix.platform }} @@ -119,12 +124,12 @@ jobs: images: ${{ env.REGISTRY_IMAGE }} # generate Docker tags based on the following events/attributes tags: | - type=schedule,{{date 'YYYYMMDD'}} type=ref,event=branch - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} - type=semver,pattern={{major}} type=sha + type=sha,prefix={{branch}}- + type=raw,value={{branch}}-{{date 'YYYYMMDD'}} + type=raw,value={{branch}}-${{ steps.project-version.outputs.version }} + type=raw,value=${{ steps.project-version.outputs.version }} - name: Login to Docker Hub uses: docker/login-action@v3 with: diff --git a/Dockerfile b/Dockerfile index d9647e0..3c4bb40 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,4 +20,6 @@ COPY --chown=1001 target/*.jar /app/app.jar COPY --chown=1001 script/entrypoint.sh /opt/scripts/entrypoint.sh RUN chmod 0740 /opt/scripts/entrypoint.sh -CMD /opt/scripts/entrypoint.sh \ No newline at end of file +CMD /opt/scripts/entrypoint.sh + +EXPOSE 8100 \ No newline at end of file From efdbc8e3d374dc8923a8646485704db1ed0676f0 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 10:16:28 +1000 Subject: [PATCH 28/31] test pipeline for tags --- .../workflows/build-and-publish-develop.yml | 21 ++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-and-publish-develop.yml b/.github/workflows/build-and-publish-develop.yml index 0798cf5..bd6decf 100644 --- a/.github/workflows/build-and-publish-develop.yml +++ b/.github/workflows/build-and-publish-develop.yml @@ -61,11 +61,6 @@ jobs: mvn -B package \ -P homelab \ --settings=${{ github.workspace }}/.mvn/settings.xml - - name: Extract Maven project version - id: project-version - run: echo ::set-output name=version::$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec) - - name: Show extracted Maven project version - run: echo ${{ steps.project-version.outputs.version }} - name: Prepare run: | platform=${{ matrix.platform }} @@ -109,6 +104,22 @@ jobs: needs: - build-docker steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - uses: actions/setup-java@v4.2.2 + with: + distribution: zulu + java-version: 17 + - name: Extract Maven project version + id: project-version + run: | + echo ::set-output name=version::\ + $(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' \ + --non-recursive exec:exec -P homelab \ + --settings=${{ github.workspace }}/.mvn/settings.xml) + - name: Show extracted Maven project version + run: echo ${{ steps.project-version.outputs.version }} - name: Download digests uses: actions/download-artifact@v4 with: From 60618a0a23cc24fec004a3bdc05519fce901374b Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 10:22:57 +1000 Subject: [PATCH 29/31] test pipeline for tags --- .github/workflows/build-and-publish-develop.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build-and-publish-develop.yml b/.github/workflows/build-and-publish-develop.yml index bd6decf..36adbf3 100644 --- a/.github/workflows/build-and-publish-develop.yml +++ b/.github/workflows/build-and-publish-develop.yml @@ -113,11 +113,13 @@ jobs: java-version: 17 - name: Extract Maven project version id: project-version + env: + NEXUS_USERNAME: 'edward' + NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} + SNAPSHOT_DEPLOYMENT_REPOSITORY_URL: ${{ secrets.SNAPSHOT_DEPLOYMENT_REPOSITORY_URL }} + RELEASE_DEPLOYMENT_REPOSITORY_URL: ${{ secrets.RELEASE_DEPLOYMENT_REPOSITORY_URL }} run: | - echo ::set-output name=version::\ - $(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' \ - --non-recursive exec:exec -P homelab \ - --settings=${{ github.workspace }}/.mvn/settings.xml) + echo "version=$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec -P homelab --settings=${{ github.workspace }}/.mvn/settings.xml) >> $GITHUB_OUTPUT - name: Show extracted Maven project version run: echo ${{ steps.project-version.outputs.version }} - name: Download digests From 4aee4826f36ad1402c11dcf8a98a88c25cfc4855 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 10:27:42 +1000 Subject: [PATCH 30/31] test pipeline for tags --- .github/workflows/build-and-publish-develop.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-and-publish-develop.yml b/.github/workflows/build-and-publish-develop.yml index 36adbf3..ea3d3a3 100644 --- a/.github/workflows/build-and-publish-develop.yml +++ b/.github/workflows/build-and-publish-develop.yml @@ -119,7 +119,8 @@ jobs: SNAPSHOT_DEPLOYMENT_REPOSITORY_URL: ${{ secrets.SNAPSHOT_DEPLOYMENT_REPOSITORY_URL }} RELEASE_DEPLOYMENT_REPOSITORY_URL: ${{ secrets.RELEASE_DEPLOYMENT_REPOSITORY_URL }} run: | - echo "version=$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec -P homelab --settings=${{ github.workspace }}/.mvn/settings.xml) >> $GITHUB_OUTPUT + VERSION=$( mvn help:evaluate -Dexpression=project.version -q -DforceStdout -P homelab --settings=${{ github.workspace }}/.mvn/settings.xml) + echo "version=$VERSION" >> $GITHUB_OUTPUT - name: Show extracted Maven project version run: echo ${{ steps.project-version.outputs.version }} - name: Download digests From ab132bcf28297851aacf7f0c4682016c879a5793 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 30 Aug 2024 10:40:59 +1000 Subject: [PATCH 31/31] test release pipeline --- .../workflows/build-and-publish-develop.yml | 2 +- .../workflows/build-and-publish-release.yml | 177 ++++++++++++++++++ 2 files changed, 178 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/build-and-publish-release.yml diff --git a/.github/workflows/build-and-publish-develop.yml b/.github/workflows/build-and-publish-develop.yml index ea3d3a3..a091a76 100644 --- a/.github/workflows/build-and-publish-develop.yml +++ b/.github/workflows/build-and-publish-develop.yml @@ -1,4 +1,4 @@ -name: Build and Publish Maven Artifact and Docker Image (Develop) +name: SNAPSHOT - Build and Publish Maven Artifact and Docker Image on: workflow_dispatch: diff --git a/.github/workflows/build-and-publish-release.yml b/.github/workflows/build-and-publish-release.yml new file mode 100644 index 0000000..3cef448 --- /dev/null +++ b/.github/workflows/build-and-publish-release.yml @@ -0,0 +1,177 @@ +name: RELEASE - Build and Publish Maven Artifact and Docker Image + +on: + workflow_dispatch: + push: + branches: + - main + +env: + REGISTRY_IMAGE: edeedeeed/ec-config-server + +jobs: + build-java: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: write + packages: write + name: Build Java Package and Publish + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - uses: actions/setup-java@v4.2.2 + with: + distribution: zulu + java-version: 17 + - name: Config Git + run: | + git config --global user.email "edward@cheng.sydney" + git config --global user.name "3dwardch3ng" + git config --global core.autocrlf input + - name: Start release + run: | + mvn gitflow:release-start -B -DpushRemote=true -DallowSnapshots=true \ + -P homelab \ + --settings=${{ github.workspace }}/.mvn/settings.xml + - name: Maven Publish + env: + NEXUS_USERNAME: 'edward' + NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} + SNAPSHOT_DEPLOYMENT_REPOSITORY_URL: ${{ secrets.SNAPSHOT_DEPLOYMENT_REPOSITORY_URL }} + RELEASE_DEPLOYMENT_REPOSITORY_URL: ${{ secrets.RELEASE_DEPLOYMENT_REPOSITORY_URL }} + run: | + mvn -B deploy \ + -P homelab \ + --settings=${{ github.workspace }}/.mvn/settings.xml + - name: Finish release + run: | + mvn gitflow:release-finish -B -DpushRemote=true -DallowSnapshots=true \ + -P homelab \ + --settings=${{ github.workspace }}/.mvn/settings.xml + env: + GITHUB_ACTOR: 3dwardch3ng + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + build-docker: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + platform: + - linux/amd64 + - linux/arm64 + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - uses: actions/setup-java@v4.2.2 + with: + distribution: zulu + java-version: 17 + - name: Maven Package + env: + NEXUS_USERNAME: 'edward' + NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} + SNAPSHOT_DEPLOYMENT_REPOSITORY_URL: ${{ secrets.SNAPSHOT_DEPLOYMENT_REPOSITORY_URL }} + RELEASE_DEPLOYMENT_REPOSITORY_URL: ${{ secrets.RELEASE_DEPLOYMENT_REPOSITORY_URL }} + run: | + mvn -B package \ + -P homelab \ + --settings=${{ github.workspace }}/.mvn/settings.xml + - name: Prepare + run: | + platform=${{ matrix.platform }} + echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY_IMAGE }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ vars.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Build and push by digest + id: build + uses: docker/build-push-action@v6 + with: + context: . + platforms: ${{ matrix.platform }} + labels: ${{ steps.meta.outputs.labels }} + outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true + - name: Export digest + run: | + mkdir -p /tmp/digests + digest="${{ steps.build.outputs.digest }}" + touch "/tmp/digests/${digest#sha256:}" + - name: Upload digest + uses: actions/upload-artifact@v4 + with: + name: digests-${{ env.PLATFORM_PAIR }} + path: /tmp/digests/* + if-no-files-found: error + retention-days: 1 + merge-docker: + runs-on: ubuntu-latest + needs: + - build-docker + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - uses: actions/setup-java@v4.2.2 + with: + distribution: zulu + java-version: 17 + - name: Extract Maven project version + id: project-version + env: + NEXUS_USERNAME: 'edward' + NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} + SNAPSHOT_DEPLOYMENT_REPOSITORY_URL: ${{ secrets.SNAPSHOT_DEPLOYMENT_REPOSITORY_URL }} + RELEASE_DEPLOYMENT_REPOSITORY_URL: ${{ secrets.RELEASE_DEPLOYMENT_REPOSITORY_URL }} + run: | + VERSION=$( mvn help:evaluate -Dexpression=project.version -q -DforceStdout -P homelab --settings=${{ github.workspace }}/.mvn/settings.xml) + echo "version=$VERSION" >> $GITHUB_OUTPUT + - name: Show extracted Maven project version + run: echo ${{ steps.project-version.outputs.version }} + - name: Download digests + uses: actions/download-artifact@v4 + with: + path: /tmp/digests + pattern: digests-* + merge-multiple: true + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY_IMAGE }} + # generate Docker tags based on the following events/attributes + tags: | + type=ref,event=branch + type=sha + type=sha,prefix={{branch}}- + type=raw,value={{branch}}-{{date 'YYYYMMDD'}} + type=raw,value={{branch}}-${{ steps.project-version.outputs.version }} + type=raw,value=${{ steps.project-version.outputs.version }} + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ vars.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Create manifest list and push + working-directory: /tmp/digests + run: | + docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ + $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) + - name: Inspect image + run: | + docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }} \ No newline at end of file