Merge pull request #200 from chethann007/latest-vuln-fix #5
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Deploy | |
| on: | |
| push: | |
| tags: | |
| - '*' # Trigger this workflow on any git tag push | |
| jobs: | |
| ghcr-build-and-deploy: | |
| runs-on: ubuntu-latest # Use the latest available Ubuntu runner | |
| permissions: | |
| contents: read # Allows reading repository contents | |
| packages: write # Allows writing to GitHub Packages (GHCR) | |
| env: | |
| REGISTRY: ghcr.io # Define GitHub Container Registry as the target registry | |
| steps: | |
| # Set up Java Development Kit (JDK) 11 | |
| - name: Set up JDK 11 | |
| uses: actions/setup-java@v2 | |
| with: | |
| distribution: 'temurin' # Use the Temurin distribution of OpenJDK | |
| java-version: '11' # Set Java version to 11 | |
| # Check out the repository code | |
| - name: Checkout code | |
| uses: actions/checkout@v2 | |
| with: | |
| fetch-depth: 0 # Ensure full history is fetched, needed for tags | |
| # Cache local Maven dependencies to speed up builds | |
| - name: Cache Maven packages | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.m2/repository | |
| key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-maven- | |
| # Build the project and generate test reports (without skipping tests) | |
| - name: Build and run test cases | |
| run: | | |
| mvn clean install -DskipTests # Initial install, skipping tests | |
| cd service | |
| mvn clean verify surefire-report:report # Run tests and generate reports | |
| # Generate and display a detailed test report in the GitHub Actions UI | |
| - name: Test Summary | |
| uses: dorny/[email protected] | |
| if: always() # Ensure this runs even if previous steps fail | |
| with: | |
| name: Test Results | |
| path: '**/surefire-reports/*.xml' # Look for JUnit XML test reports | |
| reporter: java-junit | |
| fail-on-error: false | |
| only-summary: false | |
| list-tests: 'all' # Include full list of tests in the summary | |
| # Package the application using Play Framework's dist goal | |
| - name: Package build artifact (Play dist) | |
| run: mvn -f service/pom.xml play2:dist | |
| # Move the packaged artifact to the root directory for easier access | |
| - name: Moving the artifact to the root directory | |
| run: | | |
| mv service/target/group-service-1.0.0-dist.zip . | |
| # Upload the packaged artifact to GitHub as a workflow artifact | |
| - name: Upload artifact | |
| uses: actions/[email protected] | |
| with: | |
| name: groups-service-dist | |
| path: | | |
| service/target/group-service-*-dist.zip | |
| # Extract Docker image name and tag from GitHub variables | |
| - name: Extract image tag details | |
| id: image_vars | |
| run: | | |
| REPO_LOWER=$(echo "${GITHUB_REPOSITORY}" | tr '[:upper:]' '[:lower:]') | |
| SHORT_SHA=$(git rev-parse HEAD | cut -c1-7) | |
| TAG_LOWER=$(echo "${GITHUB_REF_NAME}" | tr '[:upper:]' '[:lower:]') | |
| IMAGE_NAME=${{ env.REGISTRY }}/${REPO_LOWER} | |
| IMAGE_TAG=${TAG_LOWER}_${SHORT_SHA}_${GITHUB_RUN_NUMBER} | |
| echo "IMAGE_NAME=${IMAGE_NAME}" >> $GITHUB_ENV | |
| echo "IMAGE_TAG=${IMAGE_TAG}" >> $GITHUB_ENV | |
| # Authenticate Docker to GitHub Container Registry (GHCR) | |
| - name: Log in to GitHub Container Registry (GHCR) | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| # Build the Docker image and push it to GHCR | |
| - name: Build and push Docker image to GHCR | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: . # Docker context (root of the repository) | |
| file: ./Dockerfile # Path to Dockerfile | |
| push: true # Push the image to the registry | |
| tags: ${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }} # Full image tag |