|
| 1 | +# Workflow to automatically build the Herald plugin JAR and deploy it |
| 2 | +# to a running omcsi (open-mc-server-infrastructure) instance. |
| 3 | +# |
| 4 | +# ─── Setup ─────────────────────────────────────────────────────────────────── |
| 5 | +# Required GitHub repository secrets: |
| 6 | +# OMCSI_DEPLOY_URL – Base URL of your omcsi instance, |
| 7 | +# e.g. https://mc.example.com:8092 |
| 8 | +# OMCSI_DEPLOY_TOKEN – The value set as DEPLOY_AUTH_TOKEN in your omcsi .env |
| 9 | +# |
| 10 | +# Required GitHub repository variables: |
| 11 | +# PLUGIN_JAR_NAME – Filename of the plugin JAR on the server, |
| 12 | +# e.g. Herald.jar (the file that will be replaced) |
| 13 | +# |
| 14 | +# Optional GitHub repository variables: |
| 15 | +# DEPLOY_BRANCH – Branch that triggers a deployment (default: main) |
| 16 | +# ───────────────────────────────────────────────────────────────────────────── |
| 17 | + |
| 18 | +name: Deploy Plugin to omcsi |
| 19 | + |
| 20 | +# Trigger on pushes (branch-gated via the job condition) and on manual runs |
| 21 | +# via the "Run workflow" button in the Actions tab. |
| 22 | +# Note: ${{ vars.* }} expressions are NOT evaluated inside the `on:` event |
| 23 | +# filter – only inside job steps and conditions. |
| 24 | +on: |
| 25 | + push: |
| 26 | + workflow_dispatch: |
| 27 | + |
| 28 | +jobs: |
| 29 | + build-and-deploy: |
| 30 | + name: Build and Deploy Plugin |
| 31 | + # Run on manual dispatch (any branch) or when the pushed branch matches |
| 32 | + # DEPLOY_BRANCH (default: main). |
| 33 | + if: ${{ github.event_name == 'workflow_dispatch' || github.ref_name == (vars.DEPLOY_BRANCH || 'main') }} |
| 34 | + runs-on: ubuntu-latest |
| 35 | + permissions: |
| 36 | + contents: read |
| 37 | + |
| 38 | + steps: |
| 39 | + - name: Checkout code |
| 40 | + uses: actions/checkout@v4 |
| 41 | + |
| 42 | + - name: Set up JDK 21 |
| 43 | + uses: actions/setup-java@v4 |
| 44 | + with: |
| 45 | + distribution: temurin |
| 46 | + java-version: '21' |
| 47 | + |
| 48 | + - name: Setup Gradle |
| 49 | + uses: gradle/actions/setup-gradle@v4 |
| 50 | + |
| 51 | + - name: Build plugin JAR |
| 52 | + run: gradle build |
| 53 | + |
| 54 | + - name: Locate built JAR |
| 55 | + id: locate-jar |
| 56 | + run: | |
| 57 | + # Locate candidate JARs, excluding *-sources / *-javadoc JARs, |
| 58 | + # and ensure there is exactly one to avoid deploying the wrong artifact. |
| 59 | + JAR_FILES=$(find build/libs -maxdepth 1 -type f -name '*.jar' \ |
| 60 | + ! -name '*-sources.jar' \ |
| 61 | + ! -name '*-javadoc.jar' | sort) |
| 62 | +
|
| 63 | + JAR_COUNT=$(printf '%s\n' "${JAR_FILES}" | grep -c . || true) |
| 64 | + if [ "${JAR_COUNT}" -eq 0 ]; then |
| 65 | + echo "❌ No JAR found in build/libs/" |
| 66 | + exit 1 |
| 67 | + fi |
| 68 | +
|
| 69 | + if [ "${JAR_COUNT}" -ne 1 ]; then |
| 70 | + echo "❌ Expected exactly one deployable JAR in build/libs/, but found ${JAR_COUNT}:" |
| 71 | + printf '%s\n' "${JAR_FILES}" |
| 72 | + exit 1 |
| 73 | + fi |
| 74 | +
|
| 75 | + JAR_FILE="${JAR_FILES}" |
| 76 | + echo "jar_file=${JAR_FILE}" >> "$GITHUB_OUTPUT" |
| 77 | + echo "✅ Found JAR: ${JAR_FILE}" |
| 78 | +
|
| 79 | + - name: Deploy plugin to omcsi |
| 80 | + env: |
| 81 | + DEPLOY_TOKEN: ${{ secrets.OMCSI_DEPLOY_TOKEN }} |
| 82 | + DEPLOY_URL: ${{ secrets.OMCSI_DEPLOY_URL }} |
| 83 | + JAR_FILE: ${{ steps.locate-jar.outputs.jar_file }} |
| 84 | + run: | |
| 85 | + PLUGIN_JAR_NAME="${{ vars.PLUGIN_JAR_NAME }}" |
| 86 | + if [ -z "${PLUGIN_JAR_NAME}" ]; then |
| 87 | + echo "❌ PLUGIN_JAR_NAME variable is not set" |
| 88 | + exit 1 |
| 89 | + fi |
| 90 | +
|
| 91 | + if [ -z "${DEPLOY_URL}" ]; then |
| 92 | + echo "❌ OMCSI_DEPLOY_URL secret is not set or is empty" |
| 93 | + exit 1 |
| 94 | + fi |
| 95 | +
|
| 96 | + if [ -z "${DEPLOY_TOKEN}" ]; then |
| 97 | + echo "❌ OMCSI_DEPLOY_TOKEN secret is not set or is empty" |
| 98 | + exit 1 |
| 99 | + fi |
| 100 | +
|
| 101 | + RESPONSE_BODY=$(mktemp) |
| 102 | + trap 'rm -f "${RESPONSE_BODY}"' EXIT |
| 103 | + HTTP_STATUS=$(curl --silent --write-out "%{http_code}" \ |
| 104 | + --output "${RESPONSE_BODY}" \ |
| 105 | + --request POST \ |
| 106 | + --header "Authorization: Bearer ${DEPLOY_TOKEN}" \ |
| 107 | + --form "pluginName=${PLUGIN_JAR_NAME}" \ |
| 108 | + --form "file=@${JAR_FILE}" \ |
| 109 | + --form "branch=${{ github.ref_name }}" \ |
| 110 | + --form "repoUrl=${{ github.server_url }}/${{ github.repository }}" \ |
| 111 | + "${DEPLOY_URL}/api/plugins/deploy") || { |
| 112 | + echo "❌ curl failed – network error or invalid URL" |
| 113 | + exit 1 |
| 114 | + } |
| 115 | +
|
| 116 | + if [ "${HTTP_STATUS}" -eq 200 ]; then |
| 117 | + echo "✅ Plugin deployed successfully (HTTP ${HTTP_STATUS})" |
| 118 | + elif [ "${HTTP_STATUS}" -eq 401 ]; then |
| 119 | + echo "❌ Authentication failed – check OMCSI_DEPLOY_TOKEN (HTTP ${HTTP_STATUS})" |
| 120 | + echo "Response body:"; cat "${RESPONSE_BODY}" |
| 121 | + exit 1 |
| 122 | + elif [ "${HTTP_STATUS}" -eq 400 ]; then |
| 123 | + echo "❌ Bad request – check PLUGIN_JAR_NAME and the uploaded JAR (HTTP ${HTTP_STATUS})" |
| 124 | + echo "Response body:"; cat "${RESPONSE_BODY}" |
| 125 | + exit 1 |
| 126 | + else |
| 127 | + echo "❌ Deployment failed (HTTP ${HTTP_STATUS})" |
| 128 | + echo "Response body:"; cat "${RESPONSE_BODY}" |
| 129 | + exit 1 |
| 130 | + fi |
0 commit comments