chore: enable start springboot by docker in Makefile #48
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: TWallet backend CI | |
on: | |
push: | |
branches: [ master ,sonar* ] | |
pull_request: | |
branches: [ master ] | |
jobs: | |
build: | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@v1 | |
with: | |
languages: ${{ matrix.language }} | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v2 | |
with: | |
java-version: 11 | |
distribution: 'adopt' | |
- name: Setup Gradle | |
uses: gradle/[email protected] | |
- name: Build | |
run: ./gradlew --no-daemon -Penv=dev -PGITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} clean build -x test | |
- name: Cache | |
uses: actions/upload-artifact@v2 | |
with: | |
name: tw-wallet-backend | |
path: build/ | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@v1 | |
sonar: | |
needs: build | |
name: sonar | |
runs-on: ubuntu-20.04 | |
permissions: | |
actions: read | |
contents: read | |
security-events: write | |
strategy: | |
fail-fast: false | |
matrix: | |
language: [ 'java' ] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v1 | |
with: | |
java-version: 11 | |
- name: download | |
uses: actions/download-artifact@v2 | |
with: | |
name: tw-wallet-backend | |
- name: Cache SonarCloud packages | |
uses: actions/cache@v1 | |
with: | |
path: ~/.sonar/cache | |
key: ${{ runner.os }}-sonar | |
restore-keys: ${{ runner.os }}-sonar | |
- name: Cache Gradle packages | |
uses: actions/cache@v1 | |
with: | |
path: ~/.gradle/caches | |
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }} | |
restore-keys: ${{ runner.os }}-gradle | |
- name: sonar check | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
run: ./gradlew --no-daemon -Penv=dev sonarqube --info | |
delpoy: | |
needs: [ build,sonar ] | |
name: deploy | |
if: ${{ github.event_name == 'push' }} | |
runs-on: ubuntu-20.04 | |
env: | |
DB_USERNAME: ${{ secrets.DB_USERNAME }} | |
DB_PASSWORD: ${{ secrets.DB_PASSWORD }} | |
DB_URL: ${{ secrets.DB_URL }} | |
DB_NAME: ${{ secrets.DB_NAME }} | |
NODE1_PRIVATE_KEY: ${{ secrets.NODE1_PRIVATE_KEY }} | |
TWPOINT_CONTRACT_ADDRESS: ${{ secrets.TWPOINT_CONTRACT_ADDRESS }} | |
IDENTITY_REGISTRY_CONTRACT_ADDRESS: ${{ secrets.IDENTITY_REGISTRY_CONTRACT_ADDRESS }} | |
HEALTH_VERIFICATION_CLAIM_CONTRACT_ADDRESS: ${{ secrets.HEALTH_VERIFICATION_CLAIM_CONTRACT_ADDRESS }} | |
HEALTH_VERIFICATION_CLAIM_ISSUER_ADDRESS: ${{ secrets.HEALTH_VERIFICATION_CLAIM_ISSUER_ADDRESS }} | |
HEALTH_VERIFICATION_CLAIM_ISSUER_PRIVATE_KEY: ${{ secrets.HEALTH_VERIFICATION_CLAIM_ISSUER_PRIVATE_KEY }} | |
RPC_URL: ${{ secrets.RPC_URL }} | |
HOST_IP: ${{ secrets.HOST_IP }} | |
IMAGE_NAME: ${{ secrets.DOCKER_REGISTRY }}/tw-wallet | |
IMAGE_TAG_PREFIX: gba-build | |
NAMESPACE: tw-wallet-backend-ns | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v2 | |
with: | |
java-version: 11 | |
distribution: 'adopt' | |
- name: Setup Gradle | |
uses: gradle/[email protected] | |
- name: Migration | |
run: ./gradlew --no-daemon -Penv=dev flywayMigrate -i | |
- name: Build | |
run: ./gradlew --no-daemon -Penv=dev clean build -x test | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: ${{ secrets.AWS_REGION }} | |
- name: Login to Amazon ECR | |
uses: docker/[email protected] | |
with: | |
registry: ${{ secrets.DOCKER_REGISTRY }} | |
- name: Build and push image to Amazon ECR | |
run: | | |
docker build -t $IMAGE_NAME:$IMAGE_TAG_PREFIX-$GITHUB_RUN_NUMBER . | |
docker push $IMAGE_NAME:$IMAGE_TAG_PREFIX-$GITHUB_RUN_NUMBER | |
docker rmi $IMAGE_NAME:$IMAGE_TAG_PREFIX-$GITHUB_RUN_NUMBER | |
- name: Create namespace if not exist | |
run: | | |
aws eks update-kubeconfig --region cn-northwest-1 --name cn-eks-c0 | |
kubectl get namespaces $NAMESPACE || kubectl create namespace $NAMESPACE | |
- name: Deploy | |
env: | |
RELEASE_NAME: tw-wallet-backend | |
CHART: ./helm | |
run: | | |
helm -n $NAMESPACE upgrade --install $RELEASE_NAME $CHART --set image.tag=$IMAGE_TAG_PREFIX-$GITHUB_RUN_NUMBER --set image.repository=$IMAGE_NAME | |
- name: Get Status | |
id: get_status | |
run: | | |
if [[ ${{ job.status }} == 'success' ]] | |
then | |
MESSAGE="✅ Success - The <https://github.com/tw-bc-group/tw-wallet-backend/actions/runs/${{ github.run_id }}|build #${{ github.run_number }}> is deployed, please check if <https://wallet.cn.blockchain.thoughtworks.cn/v1/contracts/identities|it works>." | |
else | |
MESSAGE="❌ Failure - The <https://github.com/tw-bc-group/tw-wallet-backend/actions/runs/${{ github.run_id }}|build #${{ github.run_number }}> is not deployed" | |
fi | |
echo "::set-output name=message::$MESSAGE" | |
- name: Google Chat Notification | |
uses: Co-qn/google-chat-notification@releases/v1 | |
with: | |
name: Build | |
url: ${{ secrets.WEBHOOKTOGCHAT }} | |
status: ${{ job.status }} | |
if: always() |