[HNC-578] - Create process for Pentaho CUST case builds #7
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Pentaho merge workflow | ||
| on: | ||
| workflow_call: | ||
| inputs: | ||
| modules_to_build: | ||
| type: string | ||
| required: false | ||
| description: > | ||
| The modules to build when running from the root of the project. Defaults to everything ('.'). | ||
| Using this option builds only the modules you specify, regardless of whether those modules have changes. | ||
| modules_to_always_build_in_addition_to_those_with_changes: | ||
| type: string | ||
| required: false | ||
| description: > | ||
| When using the default behavior of building only changed modules (i.e., 'modules_to_build' is NOT specified), | ||
| use this option to list any modules you want to build in addition to those that have changes. | ||
| version: | ||
| type: string | ||
| required: true | ||
| description: "Version to be built" | ||
| base_version: | ||
| type: string | ||
| required: true | ||
| description: "Base version to be taken in consideration for dependencies" | ||
| slack_channels: | ||
| type: string | ||
| required: true | ||
| description: "Slack channel(s) to send notifications to." | ||
| arti_host: | ||
| required: false | ||
| type: string | ||
| default: https://one.hitachivantara.com | ||
| description: "Artifactory's Host name" | ||
| sonar_project_key: | ||
| required: true | ||
| type: string | ||
| description: "Sonar's project identifier key" | ||
| sonar_url: | ||
| required: false | ||
| type: string | ||
| description: "Sonar's URL" | ||
| default: https://sonar.orl.eng.hitachivantara.com | ||
| blackduck_project_key: | ||
| required: false | ||
| type: string | ||
| description: "Project key for Blackduck" | ||
| default: "Pentaho" # it's either "Pentaho" or "Pentaho SHIMS" on Orion | ||
| blackduck_server_url: | ||
| required: false | ||
| type: string | ||
| description: "Server URL for Blackduck" | ||
| default: https://orion.orl.eng.hitachivantara.com | ||
| blackduck_additional_args: | ||
| required: false | ||
| type: string | ||
| description: "Extra additional args for blackduck scan" | ||
| default: "" | ||
| additional_mvn_directives: | ||
| required: false | ||
| type: string | ||
| description: "Extra additional directives for the Maven command" | ||
| default: "" | ||
| test_scenario_json: | ||
| required: false | ||
| type: string | ||
| description: "For PDI plugin integration tests, path to the json file containing test scenarios for each plugin" | ||
| run_snapshot: | ||
| required: true | ||
| type: boolean | ||
| default: true | ||
| description: 'should the snapshot build run' | ||
| run_versioning: | ||
| required: true | ||
| type: boolean | ||
| default: true | ||
| description: 'should the versioning run on the RC build' | ||
| env: | ||
| VERSION: "${{ inputs.version }}" | ||
| BASE_VERSION: "${{ inputs.base_version }}" | ||
| SLACK_CHANNEL: "${{ inputs.slack_channels }}" | ||
| BUILD_NAME: "${{ github.event.repository.name }}-$VERSION" | ||
| SONAR_PROJECT_KEY: ${{ inputs.sonar_project_key }} | ||
| SONAR_HOST_URL: ${{ inputs.sonar_url }} | ||
| SONAR_LOGIN: ${{secrets.WINGMAN_SONAR_TOKEN}} | ||
| ARTIFACTORY_HOST: ${{ inputs.arti_host }} | ||
| ARTIFACTORY_BASE_URL: ${ARTIFACTORY_HOST}/artifactory | ||
| RESOLVE_REPO_MIRROR: ${ARTIFACTORY_BASE_URL}/maven | ||
| NEXUS_DEPLOY_USER: ${{ secrets.PENTAHO_CICD_ONE_USER }} | ||
| NEXUS_DEPLOY_PASSWORD: ${{ secrets.PENTAHO_CICD_ONE_KEY }} | ||
| PUBLIC_RELEASE_REPO_URL: ${ARTIFACTORY_BASE_URL}/pntpub-maven-dev | ||
| PRIVATE_RELEASE_REPO: pntprv-maven-dev | ||
| PRIVATE_RELEASE_REPO_URL: ${ARTIFACTORY_BASE_URL}/${PRIVATE_RELEASE_REPO} | ||
| PUBLIC_SNAPSHOT_REPO_URL: ${ARTIFACTORY_BASE_URL}/pntpub-maven-snapshot | ||
| PRIVATE_SNAPSHOT_REPO: pntprv-maven-snapshot | ||
| PRIVATE_SNAPSHOT_REPO_URL: ${ARTIFACTORY_BASE_URL}/${PRIVATE_SNAPSHOT_REPO} | ||
| DOCKER_PULL_HOST: one.hitachivantara.com/docker/ | ||
| DOCKER_PUBLIC_PUSH_HOST: one.hitachivantara.com/pntpub-docker-dev/ | ||
| DOCKER_PRIVATE_PUSH_HOST: one.hitachivantara.com/pntprv-docker-dev/ | ||
| jobs: | ||
| setup-maven-settings: | ||
| name: Setup Maven settings | ||
| runs-on: [ k8s ] | ||
| container: | ||
| image: one.hitachivantara.com/devops-docker-release/pentaho/actions-common:20240305.137 | ||
| credentials: | ||
| username: ${{ secrets.PENTAHO_CICD_ONE_USER }} | ||
| password: ${{ secrets.PENTAHO_CICD_ONE_KEY }} | ||
| volumes: | ||
| - /home/runner/caches/pentaho/.m2:/root/.m2 | ||
| steps: | ||
| - name: Retrieve settings file | ||
| id: common-maven | ||
| uses: pentaho/actions-common@stable | ||
| - name: Copy settings.xml to .m2 directory | ||
| shell: sh | ||
| run: | | ||
| cp "${{ steps.common-maven.outputs.settings-file-path }}" /root/.m2 | ||
| snapshot: | ||
| if: ${{ inputs.run_snapshot == 'true' }} | ||
| name: Update Snapshots | ||
| needs: setup-maven-settings | ||
| runs-on: [ k8s ] | ||
| container: | ||
| image: one.hitachivantara.com/devops-docker-release/pentaho/actions-common:20240305.137 | ||
| credentials: | ||
| username: ${{ secrets.PENTAHO_CICD_ONE_USER }} | ||
| password: ${{ secrets.PENTAHO_CICD_ONE_KEY }} | ||
| volumes: | ||
| - /home/runner/caches/pentaho/.m2:/root/.m2 | ||
| steps: | ||
| - run: | | ||
| echo ${{ needs.setup-maven-settings.env }} | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 | ||
| - name: Determine which changes occurred | ||
| if: ${{ inputs.modules_to_build == '' }} | ||
| id: change_detection | ||
| uses: hv-actions/change-detection-builder@stable | ||
| - name: Build code and deploy artifacts | ||
| uses: lumada-common-services/gh-composite-actions@stable | ||
| with: | ||
| command: | | ||
| mvn clean deploy -DskipTests -amd \ | ||
| -pl "${{ inputs.modules_to_build || format('{0},{1}', inputs.modules_to_always_build, steps.change_detection.outputs.changed_modules) }}" | ||
| env: | ||
| cmd_type: BUILD | ||
| release-candidate: | ||
| name: Build Release Candidate | ||
| needs: setup-maven-settings | ||
| runs-on: [ k8s ] | ||
| env: | ||
| JFROG_CLI_BUILD_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} | ||
| container: | ||
| image: one.hitachivantara.com/devops-docker-release/pentaho/actions-common:20240305.137 | ||
| credentials: | ||
| username: ${{ secrets.PENTAHO_CICD_ONE_USER }} | ||
| password: ${{ secrets.PENTAHO_CICD_ONE_KEY }} | ||
| volumes: | ||
| - /home/runner/caches/pentaho/.m2:/root/.m2 | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 | ||
| - run: git config --global --add safe.directory /__w/${{ github.event.repository.name }}/${{ github.event.repository.name }} | ||
| - name: Determine which changes occurred | ||
| if: ${{ inputs.modules_to_build == '' }} | ||
| id: change_detection | ||
| uses: hv-actions/change-detection-builder@stable | ||
| - name: Determine version | ||
| id: version | ||
| run: | | ||
| version="${{ env.VERSION }}" | ||
| if [[ "${{ inputs.run_versioning}}" == "true" ]]; then | ||
| version="${version}-${{ github.run_number }}" | ||
| fi | ||
| echo "current-version=$version" >> $GITHUB_OUTPUT | ||
| - name: Version set | ||
| if: ${{ inputs.run_snapshot == 'true' }} | ||
| run: | | ||
| sed -i 's/BASE_VERSION/${{ env.BASE_VERSION }}/g' .github/release-versions.properties | ||
| sed -i 's/BUILD_NBR/${{ github.run_number }}/g' .github/release-versions.properties | ||
| java -DRELEASE_MODE=true -jar /version-merger.jar . \ | ||
| -f .github/release-versions.properties \ | ||
| commit project.revision=${{ steps.version.outputs.current-version }} \ | ||
| project.version=${{ steps.version.outputs.current-version }} \ | ||
| version=${{ steps.version.outputs.current-version }} \ | ||
| distribution.version=${{ steps.version.outputs.current-version }} \ | ||
| project.stage=master | ||
| - name: Build code, deploy artifacts & run unit-tests | ||
| uses: lumada-common-services/gh-composite-actions@stable | ||
| with: | ||
| command: | | ||
| mvn clean deploy -DskipTests=false -B -Daudit \ | ||
| -Pcicd-release -Drelease -Dbuild.name=${{ env.BUILD_NAME }} -Dbuild.number=${{ github.run_number }} \ | ||
| -pl "${{ inputs.modules_to_build || format('{0},{1}', inputs.modules_to_always_build, steps.change_detection.outputs.changed_modules) }}" \ | ||
| -amd ${{ inputs.additional_mvn_directives }} | ||
| env: | ||
| cmd_type: BUILD,UNIT_TEST | ||
| unit_test_reporter: 'java-junit' | ||
| unit_test_fail_on_error: 'true' | ||
| unit_test_report_path: '**/target/surefire-reports/*.xml' | ||
| - name: Run PDI plugin integration tests | ||
| uses: pentaho/actions-common@stable | ||
| if: ${{ inputs.test_scenario_json }} | ||
| with: | ||
| changed_modules: "${{ steps.change_detection.outputs.changed_modules }}" | ||
| test_scenario_json: "${{ inputs.test_scenario_json }}" | ||
| env: | ||
| run_plugin_integration_tests: true | ||
| BASE_VERSION: "${{ inputs.base_version }}" | ||
| #- name: Blackduck Scan | ||
| # uses: lumada-common-services/[email protected] | ||
| # env: | ||
| # BlackDuck_Project_Version: ${{ steps.version.outputs.current-version }} | ||
| # BlackDuck_Project_Name: "${{ inputs.blackduck_project_key }}" | ||
| # BlackDuck_Api_Token: "${{ secrets.ORION_BLACKDUCK_TOKEN }}" | ||
| # BlackDuck_Url: "${{ inputs.blackduck_server_url }}" | ||
| # ADDITIONAL_ARGS: ${{ inputs.blackduck_additional_args }} | ||
| - name: Sonarqube scan | ||
| continue-on-error: true | ||
| uses: lumada-common-services/gh-composite-actions@stable | ||
| env: | ||
| sonar_utility: sonar-scanner | ||
| sonar_commands: '("-Dsonar.projectKey=${{env.SONAR_PROJECT_KEY}} -Dsonar.host.url=${{env.SONAR_HOST_URL}} -Dsonar.login=${{env.SONAR_LOGIN}}")' | ||
| - name: Tag release | ||
| uses: lumada-common-services/gh-composite-actions@stable | ||
| env: | ||
| Tag_version: "${{ steps.version.outputs.current-version }}" | ||
| push_tag_only: true | ||
| - name: Create artifacts download links | ||
| shell: bash | ||
| run: | | ||
| # jf config add artifactory --interactive=false --enc-password=false --basic-auth-only \ | ||
| # --artifactory-url ${{ env.ARTIFACTORY_BASE_URL }} \ | ||
| # --password ${{ env.NEXUS_DEPLOY_PASSWORD }} \ | ||
| # --user ${{ env.NEXUS_DEPLOY_USER }} | ||
| # | ||
| # resp=$(jf rt search --props "build.name=${{ env.BUILD_NAME }};build.number=${{ github.run_number }}" \ | ||
| # "*-${{ steps.version.outputs.current-version }}.zip") | ||
| # | ||
| # echo "| :gift: Files |" >> $GITHUB_STEP_SUMMARY | ||
| # echo "|:----:|" >> $GITHUB_STEP_SUMMARY | ||
| # | ||
| # echo "$resp" | jq -r '.[].path' | while read -r path; do | ||
| # link_text=$(echo "$path" | sed 's/.*\///') | ||
| # echo "| [ $link_text ](${{ env.ARTIFACTORY_BASE_URL }}/$path) |" >> $GITHUB_STEP_SUMMARY; | ||
| # done | ||
| # TODO: Jfrog's build-info pmaven plugin needs to be added to root POM | ||
| echo "|[Full artifacts list](${{ env.ARTIFACTORY_HOST }}/ui/builds/${{ env.BUILD_NAME }}/${{ github.run_number }})|" >> $GITHUB_STEP_SUMMARY | ||
| - name: Report notifications | ||
| if: always() | ||
| uses: lumada-common-services/gh-composite-actions@stable | ||
| env: | ||
| Slack_Token: ${{ secrets.SLACK_TOKEN }} | ||
| Slack_Channel: ${{ env.SLACK_CHANNEL }} | ||
| report: true | ||
