Skip to content

Test/check token (#9) #65

Test/check token (#9)

Test/check token (#9) #65

Workflow file for this run

name: Build and release
on:
push:
tags:
- 'v*'
pull_request:
branches:
- main
workflow_dispatch:
concurrency:
group: ci-${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
BROKER_URL: https://broker.io.nrs.gov.bc.ca
BROKER_JWT: ${{ secrets.broker_jwt_0e727e83_f027_426a_a31c_d7c1cceaddf6 }}
SERVICE_PROJECT: oneteam-example
SERVICE_NAME: java-maven-pipeline-example
jobs:
check_token_expiration:
uses: ./.github/workflows/check-token.yaml
secrets:
token: ${{ secrets.broker_jwt_0e727e83_f027_426a_a31c_d7c1cceaddf6 }}
build-release:
name: Build and release
runs-on: ubuntu-latest
needs: check_token_expiration
permissions:
contents: read
packages: write
outputs:
project_version: ${{ steps.set-build-output-parameters.outputs.project_version }}
intention_id: ${{ steps.set-intention-id.outputs.intention_id }}
branch: $${{ steps.set-branch.outputs.branch }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-tags: true
ref: ${{ github.ref }}
- name: Set up Java
uses: actions/setup-java@v4
with:
java-version: '8'
distribution: 'temurin'
cache: maven
- name: Set branch
id: set-branch
if: ${{ ! startsWith(github.ref, 'refs/tags/v') }}
run: |
if [[ ${{ startsWith(github.ref, 'refs/heads/') }} = true ]]; then
echo "branch=${{ github.ref_name }}" >> "$GITHUB_OUTPUT"
fi
if [[ ${{ startsWith(github.ref, 'refs/pull/') }} = true ]]; then
echo "branch=${{ github.head_ref }}" >> "$GITHUB_OUTPUT"
fi
- name: Update pom.xml
id: update-repo
if: ${{ startsWith(github.ref, 'refs/tags/v') }}
shell: bash
run: |
TAG=${{ github.ref_name }}
VERSION=${TAG#v}
echo "VERSION=${VERSION}" >> $GITHUB_ENV
mvn versions:set -DnewVersion=${VERSION} --file ./pom.xml
- name: Set build output parameters
id: set-build-output-parameters
run: |
echo "project_version=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout --file ./pom.xml)" >> $GITHUB_OUTPUT
echo "artifact_id=$(mvn help:evaluate -Dexpression=project.artifactId -q -DforceStdout --file ./pom.xml)" >> $GITHUB_OUTPUT
echo "package_type=$(mvn help:evaluate -Dexpression=project.packaging -q -DforceStdout --file ./pom.xml)" >> $GITHUB_OUTPUT
echo "git_commit=$(git rev-parse --verify HEAD)" >> $GITHUB_OUTPUT
echo "build_guid=uuid::$(uuidgen)" >> $GITHUB_OUTPUT
- name: Build intention
run: sh ./.github/workflows/build-intention.sh
env:
EVENT_REASON: Build ${{ github.ref_name }}
GITHUB_REPOSITORY: ${{ github.repository}}
GITHUB_RUN_ID: ${{ github.run_id}}
PACKAGE_BUILD_GUID: ${{ steps.set-build-output-parameters.outputs.build_guid }}
PACKAGE_BUILD_NUMBER: ${{ github.run_number }}
PACKAGE_BUILD_VERSION: ${{ steps.set-build-output-parameters.outputs.git_commit }}
PACKAGE_TYPE: ${{ steps.set-build-output-parameters.outputs.package_type }}
PACKAGE_VERSION: ${{ steps.set-build-output-parameters.outputs.project_version }}
- name: Open intention
uses: bcgov-nr/action-broker-intention-open@v2
with:
broker_jwt: ${{ secrets.broker_jwt_0e727e83_f027_426a_a31c_d7c1cceaddf6 }}
intention_path: intention.json
quickstart: true
- name: Set intention ID for deployment job
id: set-intention-id
run: |
echo "intention_id=${INTENTION_ID}" >> $GITHUB_OUTPUT
env:
INTENTION_ID: ${{ env.INTENTION_ID }}
- name: Publish artifact
id: publish-artifact
run: |
ARTIFACT_NAME="${ARTIFACT_ID}-${PROJECT_VERSION}.${PACKAGE_TYPE}"
mvn --batch-mode -Dmaven.test.skip=true -Pgithub deploy --file ./pom.xml
echo "artifact_sha256=$(sha256sum ./target/${ARTIFACT_NAME} | awk '{ print $1 }')" >> $GITHUB_OUTPUT
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PROJECT_VERSION: ${{ steps.set-build-output-parameters.outputs.project_version }}
ARTIFACT_ID: ${{ steps.set-build-output-parameters.outputs.artifact_id }}
PACKAGE_TYPE: ${{ steps.set-build-output-parameters.outputs.package_type }}
- name: Send build info
run: |
curl -s POST ${{ env.BROKER_URL }}/v1/intention/action/patch \
-H 'Content-Type: application/json' \
-H 'X-Broker-Token: '"${BUILD_TOKEN}"'' \
-d '{"package":{"checksum": "sha256:'${ARTIFACT_SHA256}'"}}'
env:
ARTIFACT_SHA256: ${{ steps.publish-artifact.outputs.artifact_sha256 }}
BUILD_TOKEN: ${{ env.ACTION_TOKEN_BUILD }}
- name: Close intention
uses: bcgov-nr/action-broker-intention-close@v1
with:
intention_token: ${{ env.INTENTION_TOKEN }}