Skip to content

Commit

Permalink
feat: Quarkus and Java upgrade + Azure access tokens cache (#79)
Browse files Browse the repository at this point in the history
  • Loading branch information
@antoniotarricone
antoniotarricone authored Apr 24, 2024
1 parent b578a8f commit e29fcd6
Show file tree
Hide file tree
Showing 84 changed files with 4,311 additions and 5,205 deletions.
39 changes: 30 additions & 9 deletions .github/workflows/build-n-push-main.yml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: Build and push
name: Build, push and update

on:
workflow_dispatch:
Expand All @@ -9,7 +9,7 @@ on:
description: Skip unit-test

jobs:
build_and_push_main:
build_push_update:
runs-on: ubuntu-latest

permissions:
Expand All @@ -34,7 +34,7 @@ jobs:
uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8
id: cache-jdk
with:
key: OpenJDK17U-jdk_x64_linux_hotspot_17.0.7_7.tar.gz
key: OpenJDK21U-jdk_x64_linux_hotspot_21.0.2_13.tar.gz
path: |
${{ runner.temp }}/jdk_setup.tar.gz
${{ runner.temp }}/jdk_setup.sha256
Expand All @@ -45,8 +45,8 @@ jobs:
- name: Download JDK and verify its hash
if: steps.cache-jdk.outputs.cache-hit != 'true'
run: |
echo "e9458b38e97358850902c2936a1bb5f35f6cffc59da9fcd28c63eab8dbbfbc3b ${{ runner.temp }}/jdk_setup.tar.gz" >> ${{ runner.temp }}/jdk_setup.sha256
curl -L "https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.7%2B7/OpenJDK17U-jdk_x64_linux_hotspot_17.0.7_7.tar.gz" -o "${{ runner.temp }}/jdk_setup.tar.gz"
echo "454bebb2c9fe48d981341461ffb6bf1017c7b7c6e15c6b0c29b959194ba3aaa5 ${{ runner.temp }}/jdk_setup.tar.gz" >> ${{ runner.temp }}/jdk_setup.sha256
curl -L "https://github.com/adoptium/temurin21-binaries/releases/download/jdk-21.0.2%2B13/OpenJDK21U-jdk_x64_linux_hotspot_21.0.2_13.tar.gz" -o "${{ runner.temp }}/jdk_setup.tar.gz"
sha256sum --check --status "${{ runner.temp }}/jdk_setup.sha256"
#
Expand All @@ -57,7 +57,7 @@ jobs:
with:
distribution: "jdkfile"
jdkFile: "${{ runner.temp }}/jdk_setup.tar.gz"
java-version: "17"
java-version: "21"
cache: maven

#
Expand All @@ -67,7 +67,7 @@ jobs:
uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8
id: cache-maven
with:
key: apache-maven-3.9.2-bin.tar.gz
key: apache-maven-3.9.6-bin.tar.gz
path: |
${{ runner.temp }}/maven_setup.tar.gz
${{ runner.temp }}/maven_setup.sha256
Expand All @@ -78,8 +78,8 @@ jobs:
- name: Download Maven and verify its hash
if: steps.cache-maven.outputs.cache-hit != 'true'
run: |
echo "809ef3220c6d179195c06c324cb9a6d34d8ecba566c5cfd8eb83167bc034117d ${{ runner.temp }}/maven_setup.tar.gz" >> ${{ runner.temp }}/maven_setup.sha256
curl -L "https://archive.apache.org/dist/maven/maven-3/3.9.2/binaries/apache-maven-3.9.2-bin.tar.gz" -o "${{ runner.temp }}/maven_setup.tar.gz"
echo "6eedd2cae3626d6ad3a5c9ee324bd265853d64297f07f033430755bd0e0c3a4b ${{ runner.temp }}/maven_setup.tar.gz" >> ${{ runner.temp }}/maven_setup.sha256
curl -L "https://archive.apache.org/dist/maven/maven-3/3.9.6/binaries/apache-maven-3.9.6-bin.tar.gz" -o "${{ runner.temp }}/maven_setup.tar.gz"
sha256sum --check --status "${{ runner.temp }}/maven_setup.sha256"
#
Expand Down Expand Up @@ -112,3 +112,24 @@ jobs:
run: |
echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
docker push -a ghcr.io/${{ github.repository }}
#
# Login to Azure.
#
- name: Login to Azure
uses: azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}

#
# Update Container App.
#
- name: Update Container App
uses: azure/CLI@fa0f960f00db49b95fdb54328a767aee31e80105
with:
inlineScript: |
az config set extension.use_dynamic_install=yes_without_prompt
az containerapp update -n ${{ secrets.AZURE_CONTAINER_APP_NAME }} -g ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} --image ghcr.io/${{ github.repository }}:$BRANCH_NAME
42 changes: 25 additions & 17 deletions .github/workflows/post-merge.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,10 +20,6 @@ jobs:
packages: write
contents: write

#outputs:
# new_release_published: ${{ steps.semantic.outputs.new_release_published }}
# new_release_version: ${{ steps.semantic.outputs.new_release_version }}

steps:
#
# Checkout the source code.
Expand Down Expand Up @@ -58,7 +54,7 @@ jobs:
uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8
id: cache-jdk
with:
key: OpenJDK17U-jdk_x64_linux_hotspot_17.0.7_7.tar.gz
key: OpenJDK21U-jdk_x64_linux_hotspot_21.0.2_13.tar.gz
path: |
${{ runner.temp }}/jdk_setup.tar.gz
${{ runner.temp }}/jdk_setup.sha256
Expand All @@ -69,8 +65,8 @@ jobs:
- name: Download JDK and verify its hash
if: steps.semantic.outputs.new_release_published == 'true' && steps.cache-jdk.outputs.cache-hit != 'true'
run: |
echo "e9458b38e97358850902c2936a1bb5f35f6cffc59da9fcd28c63eab8dbbfbc3b ${{ runner.temp }}/jdk_setup.tar.gz" >> ${{ runner.temp }}/jdk_setup.sha256
curl -L "https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.7%2B7/OpenJDK17U-jdk_x64_linux_hotspot_17.0.7_7.tar.gz" -o "${{ runner.temp }}/jdk_setup.tar.gz"
echo "454bebb2c9fe48d981341461ffb6bf1017c7b7c6e15c6b0c29b959194ba3aaa5 ${{ runner.temp }}/jdk_setup.tar.gz" >> ${{ runner.temp }}/jdk_setup.sha256
curl -L "https://github.com/adoptium/temurin21-binaries/releases/download/jdk-21.0.2%2B13/OpenJDK21U-jdk_x64_linux_hotspot_21.0.2_13.tar.gz" -o "${{ runner.temp }}/jdk_setup.tar.gz"
sha256sum --check --status "${{ runner.temp }}/jdk_setup.sha256"
#
Expand All @@ -82,7 +78,7 @@ jobs:
with:
distribution: "jdkfile"
jdkFile: "${{ runner.temp }}/jdk_setup.tar.gz"
java-version: "17"
java-version: "21"
cache: maven

#
Expand All @@ -93,7 +89,7 @@ jobs:
uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8
id: cache-maven
with:
key: apache-maven-3.9.2-bin.tar.gz
key: apache-maven-3.9.6-bin.tar.gz
path: |
${{ runner.temp }}/maven_setup.tar.gz
${{ runner.temp }}/maven_setup.sha256
Expand All @@ -104,8 +100,8 @@ jobs:
- name: Download Maven and verify its hash
if: steps.semantic.outputs.new_release_published == 'true' && steps.cache-maven.outputs.cache-hit != 'true'
run: |
echo "809ef3220c6d179195c06c324cb9a6d34d8ecba566c5cfd8eb83167bc034117d ${{ runner.temp }}/maven_setup.tar.gz" >> ${{ runner.temp }}/maven_setup.sha256
curl -L "https://archive.apache.org/dist/maven/maven-3/3.9.2/binaries/apache-maven-3.9.2-bin.tar.gz" -o "${{ runner.temp }}/maven_setup.tar.gz"
echo "6eedd2cae3626d6ad3a5c9ee324bd265853d64297f07f033430755bd0e0c3a4b ${{ runner.temp }}/maven_setup.tar.gz" >> ${{ runner.temp }}/maven_setup.sha256
curl -L "https://archive.apache.org/dist/maven/maven-3/3.9.6/binaries/apache-maven-3.9.6-bin.tar.gz" -o "${{ runner.temp }}/maven_setup.tar.gz"
sha256sum --check --status "${{ runner.temp }}/maven_setup.sha256"
#
Expand Down Expand Up @@ -139,7 +135,7 @@ jobs:
#
- name: RELEASE CANDIDATE - Build native executable
if: steps.semantic.outputs.new_release_published == 'true'
run: ${{ runner.temp }}/maven/bin/mvn clean package -Pnative -Dmaven.test.skip=true -Dquarkus.native.container-build=true -Dquarkus.native.builder-image=quay.io/quarkus/ubi-quarkus-mandrel-builder-image@sha256:05baf3fd2173f6f25ad35216b6b066c35fbfb97f06daba75efb5b22bc0a85b9c -s ${{ runner.temp }}/settings.xml --no-transfer-progress
run: ${{ runner.temp }}/maven/bin/mvn clean package -Pnative -Dmaven.test.skip=true -Dquarkus.native.container-build=true -Dquarkus.native.builder-image=quay.io/quarkus/ubi-quarkus-mandrel-builder-image@sha256:ce70e1a8016471ff0fc9c8f048cd9e37afddacd3de37ed0bca74201d102e45f5 -s ${{ runner.temp }}/settings.xml --no-transfer-progress

#
# RELEASE CANDIDATE - Build Docker image.
Expand Down Expand Up @@ -169,15 +165,27 @@ jobs:
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}

#
# RELEASE CANDIDATE - Update Container App.
# RELEASE CANDIDATE - Update Container App + OpenAPI descriptor on APIM
#
- name: RELEASE CANDIDATE - Update Container App
- name: RELEASE CANDIDATE - Update Container App + OpenAPI descriptor on APIM
if: steps.semantic.outputs.new_release_published == 'true'
uses: azure/CLI@fa0f960f00db49b95fdb54328a767aee31e80105
with:
inlineScript: |
az config set extension.use_dynamic_install=yes_without_prompt
az containerapp update -n ${{ secrets.AZURE_CONTAINER_APP_NAME }} -g ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} --image ghcr.io/${{ github.repository }}:${{ steps.semantic.outputs.new_release_version }}-RC
az containerapp update -n ${{ secrets.AZURE_CONTAINER_APP_NAME }} -g ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} --subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }} -i ghcr.io/${{ github.repository }}:${{ steps.semantic.outputs.new_release_version }}-RC
API_DATA=$(az apim api show --resource-group ${{ secrets.AZURE_APIM_RESOURCE_GROUP }} --service-name ${{ secrets.AZURE_APIM_NAME }} --api-id ${{ secrets.AZURE_APIM_API_ID }} --subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }} --query "{path:path, serviceUrl:serviceUrl}")
API_PATH=$(echo $API_DATA | jq -r '.path')
API_SERVICE_URL=$(echo $API_DATA | jq -r '.serviceUrl')
az apim api import \
--resource-group ${{ secrets.AZURE_APIM_RESOURCE_GROUP }} \
--service-name ${{ secrets.AZURE_APIM_NAME }} \
--api-id ${{ secrets.AZURE_APIM_API_ID }} \
--specification-format OpenApi \
--specification-path src/main/resources/META-INF/openapi.yaml \
--path $API_PATH \
--service-url $API_SERVICE_URL \
--subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }}
#
# Install Node.
Expand Down Expand Up @@ -236,7 +244,7 @@ jobs:
#
- name: STABLE - Build native executable
if: steps.semantic.outputs.new_release_published == 'true'
run: ${{ runner.temp }}/maven/bin/mvn clean package -Pnative -Dmaven.test.skip=true -Dquarkus.native.container-build=true -Dquarkus.native.builder-image=quay.io/quarkus/ubi-quarkus-mandrel-builder-image@sha256:05baf3fd2173f6f25ad35216b6b066c35fbfb97f06daba75efb5b22bc0a85b9c -s ${{ runner.temp }}/settings.xml --no-transfer-progress
run: ${{ runner.temp }}/maven/bin/mvn clean package -Pnative -Dmaven.test.skip=true -Dquarkus.native.container-build=true -Dquarkus.native.builder-image=quay.io/quarkus/ubi-quarkus-mandrel-builder-image@sha256:ce70e1a8016471ff0fc9c8f048cd9e37afddacd3de37ed0bca74201d102e45f5 -s ${{ runner.temp }}/settings.xml --no-transfer-progress

#
# STABLE - Build Docker image.
Expand All @@ -263,4 +271,4 @@ jobs:
with:
inlineScript: |
az config set extension.use_dynamic_install=yes_without_prompt
az containerapp update -n ${{ secrets.AZURE_CONTAINER_APP_NAME }} -g ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} --image ghcr.io/${{ github.repository }}:${{ steps.semantic.outputs.new_release_version }}
az containerapp update -n ${{ secrets.AZURE_CONTAINER_APP_NAME }} -g ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} --subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }} -i ghcr.io/${{ github.repository }}:${{ steps.semantic.outputs.new_release_version }}
14 changes: 7 additions & 7 deletions .github/workflows/pr-validation.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,40 +52,40 @@ jobs:
uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8
id: cache-jdk
with:
key: OpenJDK17U-jdk_x64_linux_hotspot_17.0.7_7.tar.gz
key: OpenJDK21U-jdk_x64_linux_hotspot_21.0.2_13.tar.gz
path: |
${{ runner.temp }}/jdk_setup.tar.gz
${{ runner.temp }}/jdk_setup.sha256
- name: Download JDK and verify its hash
if: steps.cache-jdk.outputs.cache-hit != 'true'
run: |
echo "e9458b38e97358850902c2936a1bb5f35f6cffc59da9fcd28c63eab8dbbfbc3b ${{ runner.temp }}/jdk_setup.tar.gz" >> ${{ runner.temp }}/jdk_setup.sha256
curl -L "https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.7%2B7/OpenJDK17U-jdk_x64_linux_hotspot_17.0.7_7.tar.gz" -o "${{ runner.temp }}/jdk_setup.tar.gz"
echo "454bebb2c9fe48d981341461ffb6bf1017c7b7c6e15c6b0c29b959194ba3aaa5 ${{ runner.temp }}/jdk_setup.tar.gz" >> ${{ runner.temp }}/jdk_setup.sha256
curl -L "https://github.com/adoptium/temurin21-binaries/releases/download/jdk-21.0.2%2B13/OpenJDK21U-jdk_x64_linux_hotspot_21.0.2_13.tar.gz" -o "${{ runner.temp }}/jdk_setup.tar.gz"
sha256sum --check --status "${{ runner.temp }}/jdk_setup.sha256"
- name: Setup JDK
uses: actions/setup-java@5ffc13f4174014e2d4d4572b3d74c3fa61aeb2c2
with:
distribution: "jdkfile"
jdkFile: "${{ runner.temp }}/jdk_setup.tar.gz"
java-version: "17"
java-version: "21"
cache: maven

- name: Cache Maven
uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8
id: cache-maven
with:
key: apache-maven-3.9.2-bin.tar.gz
key: apache-maven-3.9.6-bin.tar.gz
path: |
${{ runner.temp }}/maven_setup.tar.gz
${{ runner.temp }}/maven_setup.sha256
- name: Download Maven and verify its hash
if: steps.cache-maven.outputs.cache-hit != 'true'
run: |
echo "809ef3220c6d179195c06c324cb9a6d34d8ecba566c5cfd8eb83167bc034117d ${{ runner.temp }}/maven_setup.tar.gz" >> ${{ runner.temp }}/maven_setup.sha256
curl -L "https://archive.apache.org/dist/maven/maven-3/3.9.2/binaries/apache-maven-3.9.2-bin.tar.gz" -o "${{ runner.temp }}/maven_setup.tar.gz"
echo "6eedd2cae3626d6ad3a5c9ee324bd265853d64297f07f033430755bd0e0c3a4b ${{ runner.temp }}/maven_setup.tar.gz" >> ${{ runner.temp }}/maven_setup.sha256
curl -L "https://archive.apache.org/dist/maven/maven-3/3.9.6/binaries/apache-maven-3.9.6-bin.tar.gz" -o "${{ runner.temp }}/maven_setup.tar.gz"
sha256sum --check --status "${{ runner.temp }}/maven_setup.sha256"
- name: Setup Maven
Expand Down
83 changes: 0 additions & 83 deletions .github/workflows/validate-manually.yml
View file

This file was deleted.

Loading

0 comments on commit e29fcd6

Please sign in to comment.