-
Notifications
You must be signed in to change notification settings - Fork 5
137 lines (118 loc) · 4.51 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
name: Build
concurrency:
group: ${{ github.workflow }}-${{ github.ref_name }}
cancel-in-progress: true
on:
push:
branches:
- master
pull_request:
branches-ignore:
- 'release-please-*'
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
# Disabling shallow clone is recommended for improving relevancy of reporting for sonar
fetch-depth: 0
- name: Cache local M2 repository
uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-lein-${{ hashFiles('**/project.clj') }}
restore-keys: |
${{ runner.os }}-lein-
- name: Cache local M2 repository
- name: Cache local NPM repository
uses: actions/cache@v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- name: Install zopfli
run: sudo apt-get install -y zopfli
- name: Verify signature NuvlaBox script
run: ./.github/verify_signature.sh
- name: Set up JDK 21
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '21'
- name: Set PR commit SHA in environment variables useful for build version
if: github.event_name == 'pull_request'
run: echo "GITHUB_PR_COMMIT_SHA=${{ github.event.pull_request.head.sha }}" >> $GITHUB_ENV
- name: Setup Sonar Scanner
uses: warchant/setup-sonar-scanner@v7
with:
version: 4.6.2.2472
- name: Run Sonar Scanner
env:
# provide GITHUB_TOKEN to get access to secrets.SONARQUBE_TOKEN
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
working-directory: code
run: sonar-scanner
-Dsonar.login=${{ secrets.SONARQUBE_TOKEN }}
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }}
- name: SonarQube Quality Gate check
uses: sonarsource/[email protected]
# Force to fail step after specific time
timeout-minutes: 5
with:
scanMetadataReportFile: code/.scannerwork/report-task.txt
env:
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
- name: Extract branch name and substitute slashes
shell: bash
run: echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" | tr '/' '-' >> $GITHUB_OUTPUT
id: extract_branch
- name: Build time
run: echo "BUILD_TIME=$(date --utc +%FT%T.%3NZ)" >> $GITHUB_ENV
- name: Install npm deps
working-directory: code
run: npm ci --legacy-peer-deps
- name: Build with lein
working-directory: code
run: lein install
- name: Copy relevant files and pre-compress them
run: |
mkdir -p container/target/dependency/ui/public
cp -r code/resources/public/ container/target/dependency/ui/
rm container/target/dependency/ui/public/ui/js/manifest.edn container/target/dependency/ui/public/ui/index.html.template
find container/target/dependency/ui/public/ui -type f -not -name version -a -not -name config.json -a -not -name nuvla-logo.png -exec zopfli {} \;
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.SIXSQ_DOCKER_USERNAME }}
password: ${{ secrets.SIXSQ_DOCKER_PASSWORD }}
- name: Build and push Docker image
uses: docker/build-push-action@v6
with:
context: ./container
file: container/Dockerfile
build-args: |
GIT_BRANCH=${{ github.head_ref || github.ref_name }}
GIT_BUILD_TIME=${{ env.BUILD_TIME }}
GIT_COMMIT_ID=${{ env.GITHUB_PR_COMMIT_SHA || github.sha }}
PACKAGE_TAG=${{ needs.trigger-release.outputs.tag_name }}
GITHUB_RUN_NUMBER=${{ github.run_number }}
GITHUB_RUN_ID=${{ github.run_id }}
PROJECT_URL=${{ github.server_url }}/${{ github.repository }}
push: true
tags: >
nuvladev/ui:${{ steps.extract_branch.outputs.branch }}
notify:
if: always()
name: Post Workflow Status To Slack
needs:
- build
runs-on: ubuntu-latest
steps:
- uses: Gamesight/slack-workflow-status@master
with:
repo_token: ${{secrets.GITHUB_TOKEN}}
slack_webhook_url: ${{secrets.SLACK_WEBHOOK_URL}}