name: RELEASE - Build and Publish Maven Artifact and Docker Image on: workflow_dispatch: push: branches: - main env: NEXUS_USERNAME: 'edward' NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} MAVEN_PUBLIC_REPOSITORY_URL: ${{ secrets.MAVEN_PUBLIC_REPOSITORY_URL }} SNAPSHOT_DEPLOYMENT_REPOSITORY_URL: ${{ secrets.SNAPSHOT_DEPLOYMENT_REPOSITORY_URL }} RELEASE_DEPLOYMENT_REPOSITORY_URL: ${{ secrets.RELEASE_DEPLOYMENT_REPOSITORY_URL }} REGISTRY_IMAGE: edeedeeed/ec-config-server jobs: build-java: runs-on: ubuntu-latest permissions: id-token: write contents: write packages: write name: Build Java Package and Publish steps: - uses: actions/checkout@v4 with: fetch-depth: 0 - uses: actions/setup-java@v4.3.0 if: ${{ hashFiles('**/pom.xml') }} with: java-version: 17 distribution: zulu cache: 'maven' - name: maven-settings-xml-action uses: whelk-io/maven-settings-xml-action@v22 with: profiles: > [{ "id": "homelab", "properties": { "altSnapshotDeploymentRepository": "nexus-snapshot::${env.SNAPSHOT_DEPLOYMENT_REPOSITORY_URL}", "altReleaseDeploymentRepository": "nexus-release::${env.RELEASE_DEPLOYMENT_REPOSITORY_URL}" } }] repositories: > [{ "id": "maven-public", "url": "${env.MAVEN_PUBLIC_REPOSITORY_URL}", "snapshots": { "enabled": "true" } }] servers: > [{ "id": "nexus-snapshot", "username": "${env.NEXUS_USERNAME}", "password": "${env.NEXUS_PASSWORD}" }, { "id": "nexus-release", "username": "${env.NEXUS_USERNAME}", "password": "${env.NEXUS_PASSWORD}" }] - name: Config Git run: | git config --global user.email "edward@cheng.sydney" git config --global user.name "3dwardch3ng" git config --global core.autocrlf input - name: Start release run: | mvn gitflow:release-start -B -DpushRemote=true -DallowSnapshots=true \ -P homelab - name: Maven Publish run: | mvn -B deploy -P homelab - name: Finish release env: GITHUB_ACTOR: 3dwardch3ng GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} run: | mvn gitflow:release-finish -B -DpushRemote=true -DallowSnapshots=true -P homelab build-docker: runs-on: ubuntu-latest needs: - build-java strategy: fail-fast: false matrix: platform: - linux/amd64 - linux/arm64 steps: - uses: actions/checkout@v4 with: ref: main fetch-depth: 1 - uses: actions/setup-java@v4.3.0 if: ${{ hashFiles('**/pom.xml') }} with: java-version: 17 distribution: zulu cache: 'maven' - name: maven-settings-xml-action uses: whelk-io/maven-settings-xml-action@v22 with: profiles: > [{ "id": "homelab", "properties": { "altSnapshotDeploymentRepository": "nexus-snapshot::${env.SNAPSHOT_DEPLOYMENT_REPOSITORY_URL}", "altReleaseDeploymentRepository": "nexus-release::${env.RELEASE_DEPLOYMENT_REPOSITORY_URL}" } }] repositories: > [{ "id": "maven-public", "url": "${env.MAVEN_PUBLIC_REPOSITORY_URL}", "snapshots": { "enabled": "true" } }] servers: > [{ "id": "nexus-snapshot", "username": "${env.NEXUS_USERNAME}", "password": "${env.NEXUS_PASSWORD}" }, { "id": "nexus-release", "username": "${env.NEXUS_USERNAME}", "password": "${env.NEXUS_PASSWORD}" }] - name: Maven Package run: | mvn -B package -P homelab - name: Prepare run: | platform=${{ matrix.platform }} echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV - name: Docker meta id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY_IMAGE }} - name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push by digest id: build uses: docker/build-push-action@v6 with: context: . platforms: ${{ matrix.platform }} labels: ${{ steps.meta.outputs.labels }} outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true - name: Export digest run: | mkdir -p /tmp/digests digest="${{ steps.build.outputs.digest }}" touch "/tmp/digests/${digest#sha256:}" - name: Upload digest uses: actions/upload-artifact@v4 with: name: digests-${{ env.PLATFORM_PAIR }} path: /tmp/digests/* if-no-files-found: error retention-days: 1 merge-docker: runs-on: ubuntu-latest needs: - build-docker steps: - uses: actions/checkout@v4 with: ref: main fetch-depth: 1 - uses: actions/setup-java@v4.3.0 if: ${{ hashFiles('**/pom.xml') }} with: java-version: 17 distribution: zulu cache: 'maven' - name: maven-settings-xml-action uses: whelk-io/maven-settings-xml-action@v22 with: profiles: > [{ "id": "homelab", "properties": { "altSnapshotDeploymentRepository": "nexus-snapshot::${env.SNAPSHOT_DEPLOYMENT_REPOSITORY_URL}", "altReleaseDeploymentRepository": "nexus-release::${env.RELEASE_DEPLOYMENT_REPOSITORY_URL}" } }] repositories: > [{ "id": "maven-public", "url": "${env.MAVEN_PUBLIC_REPOSITORY_URL}", "snapshots": { "enabled": "true" } }] servers: > [{ "id": "nexus-snapshot", "username": "${env.NEXUS_USERNAME}", "password": "${env.NEXUS_PASSWORD}" }, { "id": "nexus-release", "username": "${env.NEXUS_USERNAME}", "password": "${env.NEXUS_PASSWORD}" }] - name: Extract Maven project version id: project-version run: | VERSION=$( mvn help:evaluate -Dexpression=project.version -q -DforceStdout -P homelab) echo "version=$VERSION" >> $GITHUB_OUTPUT - name: Show extracted Maven project version run: echo ${{ steps.project-version.outputs.version }} - name: Download digests uses: actions/download-artifact@v4 with: path: /tmp/digests pattern: digests-* merge-multiple: true - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Docker meta id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY_IMAGE }} # generate Docker tags based on the following events/attributes tags: | type=ref,event=branch type=sha type=sha,prefix={{branch}}- type=raw,value={{branch}}-{{date 'YYYYMMDD'}} type=raw,value={{branch}}-${{ steps.project-version.outputs.version }} type=raw,value=${{ steps.project-version.outputs.version }} type=raw,value=latest - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Create manifest list and push working-directory: /tmp/digests run: | docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) - name: Inspect image run: | docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }}