#1019: Q1 mit Daten von Q2 überschreiben #53

Workflow file for this run

.github/workflows/demo-deploy-action.yml at 44ebcb5

	name: 'Demo-Deploy'

	on:
	pull_request:
	types:
	- closed
	branches: [ multitenancy_main ]

	jobs:
	update-version:
	if: github.event.pull_request.merged == true
	runs-on: ubuntu-22.04
	outputs:
	okr-docker-image: ${{ vars.NEW_VALUE_URL }}:${{ steps.store-version.outputs.version}}-DEMO
	steps:
	- uses: actions/checkout@v4
	with:
	token: ${{secrets.VERSION_TOKEN}}

	- name: Generate and Set New Version
	run: mvn build-helper:parse-version versions:set -DnewVersion=\${parsedVersion.majorVersion}.\${parsedVersion.minorVersion}.\${parsedVersion.nextIncrementalVersion} -DgenerateBackupPoms=false

	- name: Extract Maven project version
	run: echo "version=$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec)" >> $GITHUB_OUTPUT
	id: store-version

	- name: Set New Snapshot Version
	run: mvn build-helper:parse-version versions:set -DnewVersion=${{ steps.store-version.outputs.version}}-SNAPSHOT -DgenerateBackupPoms=false

	- name: Commit and Push Changes
	shell: bash
	env:
	COMMITPREFIX: '[VU]'
	run: \|
	git config --global user.email "actions@github.com"
	git config --global user.name "GitHub Actions"
	git add . \|\| {
	echo "No files were changed, so we did not commit anything"
	exit 1
	}
	git commit -m "$COMMITPREFIX Automated version update" \|\| {
	echo "No changes to commit, skipping push"
	exit 0
	}
	git push -f origin multitenancy_main

	build-docker-image:
	needs: update-version
	runs-on: ubuntu-22.04
	steps:
	- uses: actions/checkout@v4

	- name: Set up JDK 17
	uses: actions/setup-java@v4
	with:
	java-version: '17'
	distribution: 'adopt'

	- name: Set up node 18
	uses: actions/setup-node@v4
	with:
	node-version: 18.17.1

	- name: Install Dependencies
	run: cd ./frontend && npm ci

	- name: Build frontend with Angular
	run: cd ./frontend && npm run build

	- name: Build backend with Maven
	run: mvn -B clean package --file pom.xml -P build-for-docker

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Build the docker image
	uses: docker/build-push-action@v5
	with:
	context: .
	file: docker/Dockerfile
	tags: ${{ needs.update-version.outputs.okr-docker-image}}
	load: true
	push: false
	outputs: type=docker,dest=/tmp/okr-docker-image.tar

	- name: Upload artifact
	uses: actions/upload-artifact@v4
	with:
	name: okr-image
	path: /tmp/okr-docker-image.tar

	- name: print imagetags
	run: echo ${{ needs.update-version.outputs.okr-docker-image}}

	# e2e-docker:
	# runs-on: ubuntu-22.04
	# needs: [build-docker-image,update-version]
	# steps:
	# - uses: actions/checkout@v4
	#
	# - name: Download artifact
	# uses: actions/download-artifact@v4
	# with:
	# name: okr-image
	# path: /tmp
	#
	# - name: Load image
	# run: docker load --input /tmp/okr-docker-image.tar
	#
	# - name: show images
	# run: docker image ls -a
	#
	# - name: Run docker image
	# run: \|
	# docker run --network=host \
	# -p 8080:8080 \
	# -e SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER-URI=http://localhost:8544/realms/pitc \
	# -e SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_JWK-SET-URI=http://localhost:8544/realms/pitc/protocol/openid-connect/certs \
	# -e SPRING_SECURITY_OAUTH2_RESOURCESERVER_OPAQUETOKEN_CLIENT-ID=pitc_okr_staging \
	# -e SPRING_PROFILES_ACTIVE-ID=integration-test \
	# -e SPRING_DATASOURCE_URL="jdbc:h2:mem:db;DB_CLOSE_DELAY=-1" \
	# -e SPRING_DATASOURCE_USERNAME=user \
	# -e SPRING_DATASOURCE_PASSWORD=sa \
	# -e SPRING_FLYWAY_LOCATIONS="classpath:db/h2-db/database-h2-schema,classpath:db/h2-db/data-test-h2" \
	# ${{ needs.update-version.outputs.okr-docker-image}} &
	#
	# - name: run keycloak docker
	# run: \|
	# docker run \
	# -e KEYCLOAK_ADMIN=admin \
	# -e KEYCLOAK_ADMIN_PASSWORD=keycloak \
	# -v ./docker/config/realm-export.json:/opt/keycloak/data/import/realm.json \
	# -p 8544:8080 \
	# quay.io/keycloak/keycloak:23.0.1 \
	# start-dev --import-realm &
	#
	# - uses: abhi1693/setup-browser@v0.3.5
	# with:
	# browser: chrome
	# version: latest
	#
	# - name: Cypress run e2e tests
	# uses: cypress-io/github-action@v6
	# with:
	# build: npm i -D cypress
	# install: false
	# wait-on: 'http://pitc.okr.localhost:8080/config, http://pitc.okr.localhost:4200, http://localhost:8544'
	# wait-on-timeout: 120
	# browser: chrome
	# headed: true
	# working-directory: frontend
	# config: baseUrl=http://pitc.okr.localhost:8080
	#
	# - uses: actions/upload-artifact@v4
	# if: always()
	# with:
	# name: cypress-screenshots
	# path: frontend/cypress/screenshots

	upload-to-quay:
	runs-on: ubuntu-latest
	# needs: [e2e-docker, update-version]
	needs: [build-docker-image, update-version]
	steps:
	- uses: actions/checkout@v4

	- name: Download artifact
	uses: actions/download-artifact@v4
	with:
	name: okr-image
	path: /tmp

	- name: Load image
	run: docker load --input /tmp/okr-docker-image.tar

	- name: show images
	run: docker image ls -a

	- name: Log in to Quay registry
	uses: docker/login-action@v3
	with:
	registry: ${{ secrets.QUAY_REGISTRY }}
	username: ${{ secrets.QUAY_USERNAME }}
	password: ${{ secrets.QUAY_TOKEN }}

	- name: Push
	run: docker push ${{ needs.update-version.outputs.okr-docker-image}}

	- name: Install yq
	shell: bash
	env:
	VERSION: v4.25.2
	BINARY: yq_linux_amd64
	run: \|
	wget -q https://github.com/mikefarah/yq/releases/download/${VERSION}/${BINARY}.tar.gz -O - \|\
	tar xz && mv ${BINARY} /usr/local/bin/yq

	# - name: Update YAML file
	# shell: bash
	# env:
	# COMMITPREFIX: '[CTS]'
	# run: \|
	# curl -s --header "PRIVATE-TOKEN: ${{secrets.GITLAB_ACCESS_TOKEN}}" "${{vars.TARGET_GITLAB_REPOSITORY}}/files/deployments/overlays/demo/okr-demo-deploy.yaml?ref=${{vars.TARGET_GITLAB_REFERENCE}}" -H "Accept: application/json" -H "Content-Type: application/json" \| jq -r '.content' \| base64 --decode > response.yaml
	# yq -i "${{vars.YAML_PATH}} = \"${{needs.update-version.outputs.okr-docker-image}}\"" response.yaml
	# UPDATED_CONTENT=$(cat response.yaml)
	# curl --request PUT --header 'PRIVATE-TOKEN: ${{secrets.GITLAB_ACCESS_TOKEN}}' -F "branch=${{vars.TARGET_GITLAB_REFERENCE}}" -F "author_email=actions@gitlab.com" -F "author_name=GitLab Actions" -F "content=${UPDATED_CONTENT}" -F "commit_message=$COMMITPREFIX Automated changes to ${{vars.FILEPATH_COMMIT}}" "${{vars.TARGET_GITLAB_REPOSITORY}}/files/deployments/overlays/demo/okr-demo-deploy.yaml"

	generate-and-push-sbom:
	runs-on: ubuntu-latest
	needs: [upload-to-quay]
	steps:
	- name: Checkout Repository
	uses: actions/checkout@v4

	- name: Install cdxgen
	working-directory: frontend
	run: npm install -g @cyclonedx/cdxgen@8.6.0

	- name: 'Generate SBOM for maven dependencies'
	working-directory: backend
	run: mvn org.cyclonedx:cyclonedx-maven-plugin:makeAggregateBom

	- name: 'Generate SBOM for npm dependencies'
	working-directory: frontend
	run: cdxgen -o ../sbom-npm.xml -t npm .

	- name: 'Merge frontend and backend SBOMs'
	run: \|
	docker run --rm -v $(pwd):/data cyclonedx/cyclonedx-cli merge --input-files data/backend/target/bom.xml data/sbom-npm.xml --output-file data/sbom.xml

	- name: 'Push merged SBOM to dependency track'
	env:
	PROJECT_NAME: okr-demo
	run: \|
	curl --verbose -s --location --request POST ${{ secrets.DEPENDENCY_TRACK_URL }} \
	--header "X-Api-Key: ${{ secrets.SECRET_OWASP_DT_KEY }}" \
	--header "Content-Type: multipart/form-data" \
	--form "autoCreate=true" \
	--form "projectName=${PROJECT_NAME:-$GITHUB_REPOSITORY}" \
	--form "projectVersion=latest" \
	--form "bom=@sbom.xml"

	clean-up:
	needs: [generate-and-push-sbom]
	runs-on: ubuntu-latest

	steps:
	- name: remove dockers
	run: docker ps -aq \| xargs -r docker rm -f

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

#1019: Q1 mit Daten von Q2 überschreiben #53

Workflow file

#1019: Q1 mit Daten von Q2 überschreiben #53

Jobs

Run details

Workflow file for this run