feat(#21): deploy

Author: jhagestedt

.github/workflows/ci-main.yml

@@ -20,40 +20,36 @@ jobs:
           ~/.m2/repository
         key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
     - name: version
-      run: >-
-        APP_SHA=$(git rev-parse --short ${GITHUB_SHA});
-        APP_REV=$(git rev-list --tags --max-count=1);
-        APP_TAG=$(git describe --tags ${APP_REV} 2> /dev/null || echo 0.0.0);
-        APP_VERSION=${APP_TAG}-${APP_SHA};
-        echo "APP_SHA=${APP_SHA}" >> ${GITHUB_ENV};
-        echo "APP_TAG=${APP_TAG}" >> ${GITHUB_ENV};
-        echo "APP_VERSION=${APP_VERSION}" >> ${GITHUB_ENV};
+      run: |-
+        APP_SHA=$(git rev-parse --short ${GITHUB_SHA})
+        APP_LATEST_REV=$(git rev-list --tags --max-count=1)
+        APP_LATEST_TAG=$(git describe --tags ${APP_LATEST_REV} 2> /dev/null || echo 0.0.0)
+        echo "APP_VERSION=${APP_LATEST_TAG}-${APP_SHA}" >> ${GITHUB_ENV}
     - name: mvn
-      run: >-
-        mvn versions:set
-        --batch-mode
-        --file ./pom.xml
-        --settings ./settings.xml
-        --define newVersion="${APP_VERSION}";
-        mvn clean verify
-        --batch-mode
-        --file ./pom.xml
-        --settings ./settings.xml
-        --define app.packages.username="${APP_PACKAGES_USERNAME}"
-        --define app.packages.password="${APP_PACKAGES_PASSWORD}";
+      run: |-
+        mvn versions:set \
+        --batch-mode \
+        --file ./pom.xml \
+        --settings ./settings.xml \
+        --define newVersion="${APP_VERSION}"
+        mvn clean verify \
+        --batch-mode \
+        --file ./pom.xml \
+        --settings ./settings.xml \
+        --define app.packages.username="${APP_PACKAGES_USERNAME}" \
+        --define app.packages.password="${APP_PACKAGES_PASSWORD}"
       env:
         APP_PACKAGES_USERNAME: ${{ github.actor }}
         APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
     - name: docker
-      run: >-
-        echo "${APP_PACKAGES_PASSWORD}" |
-        docker login "${APP_PACKAGES_URL}"
-        --username "${APP_PACKAGES_USERNAME}"
-        --password-stdin;
-        docker build .
-        --file ./Dockerfile
-        --tag "${APP_PACKAGES_URL}:${APP_VERSION}";
-        docker push "${APP_PACKAGES_URL}:${APP_VERSION}";
+      run: |-
+        echo "${APP_PACKAGES_PASSWORD}" | docker login "${APP_PACKAGES_URL}" \
+        --username "${APP_PACKAGES_USERNAME}" \
+        --password-stdin
+        docker build . \
+        --file ./Dockerfile \
+        --tag "${APP_PACKAGES_URL}:${APP_VERSION}"
+        docker push "${APP_PACKAGES_URL}:${APP_VERSION}"
       env:
         APP_PACKAGES_URL: docker.pkg.github.com/${{ github.repository }}/dgca-issuance-service
         APP_PACKAGES_USERNAME: ${{ github.actor }}

.github/workflows/ci-pull-request.yml

@@ -22,17 +22,17 @@ jobs:
           ~/.m2/repository
         key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
     - name: mvn
-      run: >-
-        mvn clean package
-        --batch-mode
-        --file ./pom.xml
-        --settings ./settings.xml
-        --define app.packages.username="${APP_PACKAGES_USERNAME}"
-        --define app.packages.password="${APP_PACKAGES_PASSWORD}";
+      run: |-
+        mvn clean package \
+        --batch-mode \
+        --file ./pom.xml \
+        --settings ./settings.xml \
+        --define app.packages.username="${APP_PACKAGES_USERNAME}" \
+        --define app.packages.password="${APP_PACKAGES_PASSWORD}"
       env:
         APP_PACKAGES_USERNAME: ${{ github.actor }}
         APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
     - name: docker
-      run: >-
-        docker build .
-        --file ./Dockerfile;
+      run: |-
+        docker build . \
+        --file ./Dockerfile

.github/workflows/ci-release-notes.yml

@@ -6,20 +6,14 @@ on:
 jobs:
   release-notes:
     runs-on: ubuntu-20.04
+    env:
+      APP_VERSION: ${{ github.event.release.tag_name }}
     steps:
     - uses: actions/checkout@v2
       with:
         fetch-depth: 0
-    - name: version
-      run: >-
-        APP_SHA=$(git rev-parse --short ${GITHUB_SHA});
-        APP_TAG=${GITHUB_REF/refs\/tags\/}
-        APP_VERSION=${APP_TAG};
-        echo "APP_SHA=${APP_SHA}" >> ${GITHUB_ENV};
-        echo "APP_TAG=${APP_TAG}" >> ${GITHUB_ENV};
-        echo "APP_VERSION=${APP_VERSION}" >> ${GITHUB_ENV};
     - name: release-notes
-      run: npx github-release-notes release --override --tags ${APP_TAG}
+      run: npx github-release-notes release --override --tags ${APP_VERSION}
       env:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         GREN_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/ci-release.yml

@@ -4,8 +4,10 @@ on:
     types:
     - created
 jobs:
-  release:
+  build:
     runs-on: ubuntu-20.04
+    env:
+      APP_VERSION: ${{ github.event.release.tag_name }}
     steps:
     - uses: actions/setup-java@v2
       with:
@@ -19,51 +21,73 @@ jobs:
         path: |
           ~/.m2/repository
         key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
-    - name: version
-      run: >-
-        APP_SHA=$(git rev-parse --short ${GITHUB_SHA});
-        APP_TAG=${GITHUB_REF/refs\/tags\/}
-        APP_VERSION=${APP_TAG};
-        echo "APP_SHA=${APP_SHA}" >> ${GITHUB_ENV};
-        echo "APP_TAG=${APP_TAG}" >> ${GITHUB_ENV};
-        echo "APP_VERSION=${APP_VERSION}" >> ${GITHUB_ENV};
     - name: mvn
-      run: >-
-        mvn versions:set
-        --batch-mode
-        --file ./pom.xml
-        --settings ./settings.xml
-        --define newVersion="${APP_VERSION}";
-        mvn clean deploy
-        --batch-mode
-        --file ./pom.xml
-        --settings ./settings.xml
-        --define app.packages.username="${APP_PACKAGES_USERNAME}"
-        --define app.packages.password="${APP_PACKAGES_PASSWORD}";
+      run: |-
+        mvn versions:set \
+        --batch-mode \
+        --file ./pom.xml \
+        --settings ./settings.xml \
+        --define newVersion="${APP_VERSION}"
+        mvn clean deploy \
+        --batch-mode \
+        --file ./pom.xml \
+        --settings ./settings.xml \
+        --define app.packages.username="${APP_PACKAGES_USERNAME}" \
+        --define app.packages.password="${APP_PACKAGES_PASSWORD}"
       env:
         APP_PACKAGES_USERNAME: ${{ github.actor }}
         APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
     - name: docker
-      run: >-
-        echo "${APP_PACKAGES_PASSWORD}" |
-        docker login "${APP_PACKAGES_URL}"
-        --username "${APP_PACKAGES_USERNAME}"
-        --password-stdin;
-        docker build .
-        --file ./Dockerfile
-        --tag "${APP_PACKAGES_URL}:latest"
-        --tag "${APP_PACKAGES_URL}:${APP_VERSION}";
-        docker push "${APP_PACKAGES_URL}:latest";
-        docker push "${APP_PACKAGES_URL}:${APP_VERSION}";
+      run: |-
+        echo "${APP_PACKAGES_PASSWORD}" | docker login "${APP_PACKAGES_URL}" \
+        --username "${APP_PACKAGES_USERNAME}" \
+        --password-stdin
+        docker build . \
+        --file ./Dockerfile \
+        --tag "${APP_PACKAGES_URL}:latest" \
+        --tag "${APP_PACKAGES_URL}:${APP_VERSION}"
+        docker push "${APP_PACKAGES_URL}:latest"
+        docker push "${APP_PACKAGES_URL}:${APP_VERSION}"
       env:
         APP_PACKAGES_URL: docker.pkg.github.com/${{ github.repository }}/dgca-issuance-service
         APP_PACKAGES_USERNAME: ${{ github.actor }}
         APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
     - name: assets
-      run: >-
-        gh release upload ${APP_TAG}
-        --clobber
-        ./target/openapi.json#openapi-${APP_TAG}.json
-        ./target/generated-resources/licenses.xml#licenses-${APP_TAG}.xml
+      run: |-
+        gh release upload ${APP_VERSION} \
+        --clobber \
+        ./target/openapi.json#openapi-${APP_VERSION}.json \
+        ./target/generated-resources/licenses.xml#licenses-${APP_VERSION}.xml
       env:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  deploy:
+    runs-on: ubuntu-20.04
+    environment: dev
+    needs:
+    - build
+    env:
+      APP_VERSION: ${{ github.event.release.tag_name }}
+    steps:
+    - name: cf setup
+      run: |-
+        curl -sL "https://packages.cloudfoundry.org/stable?release=${CF_RELEASE}&version=${CF_VERSION}" | \
+        sudo tar -zx -C /usr/local/bin
+      env:
+        CF_VERSION: 7.2.0
+        CF_RELEASE: linux64-binary
+    - name: cf push
+      run: |-
+        cf api ${CF_API}
+        cf auth
+        cf target -o ${CF_ORG} -s ${CF_SPACE}
+        cf push ${APP_NAME} --docker-image ${APP_IMAGE}:${APP_VERSION} --docker-username ${CF_DOCKER_USERNAME}
+      env:
+        APP_NAME: dgca-issuance-service
+        APP_IMAGE: docker.pkg.github.com/${{ github.repository }}/dgca-issuance-service
+        CF_API: ${{ secrets.CF_API }}
+        CF_ORG: ${{ secrets.CF_ORG }}
+        CF_SPACE: ${{ secrets.CF_SPACE }}
+        CF_USERNAME: ${{ secrets.CF_USERNAME }}
+        CF_PASSWORD: ${{ secrets.CF_PASSWORD }}
+        CF_DOCKER_USERNAME: ${{ github.actor }}
+        CF_DOCKER_PASSWORD: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/ci-sonar.yml

@@ -25,13 +25,13 @@ jobs:
           ~/.m2/repository
         key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
     - name: mvn
-      run: >-
-        mvn verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
-        --batch-mode
-        --file ./pom.xml
-        --settings ./settings.xml
-        --define app.packages.username="${APP_PACKAGES_USERNAME}"
-        --define app.packages.password="${APP_PACKAGES_PASSWORD}";
+      run: |-
+        mvn verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \
+        --batch-mode \
+        --file ./pom.xml \
+        --settings ./settings.xml \
+        --define app.packages.username="${APP_PACKAGES_USERNAME}" \
+        --define app.packages.password="${APP_PACKAGES_PASSWORD}"
       env:
         SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}