-
Notifications
You must be signed in to change notification settings - Fork 39
132 lines (115 loc) · 4.49 KB
/
DEPLOY_SNAPSHOTS.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
name: Deploy snapshots
on:
push:
branches:
- main
workflow_dispatch: { }
defaults:
run:
# use bash shell by default to ensure pipefail behavior is the default
# see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference
shell: bash
jobs:
deploy-snapshots:
name: Deploy snapshot artifacts
runs-on: ubuntu-latest
concurrency: deploy-snapshots
steps:
- uses: actions/checkout@v4
- name: Import Secrets
id: secrets # important to refer to it in later steps
uses: hashicorp/vault-action@v3.0.0
with:
url: ${{ secrets.VAULT_ADDR }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
exportEnv: false # we rely on step outputs, no need for environment variables
secrets: |
secret/data/products/connectors/ci/common DOCKERHUB_USER;
secret/data/products/connectors/ci/common DOCKERHUB_PASSWORD;
secret/data/products/connectors/ci/common ARTIFACTORY_USR;
secret/data/products/connectors/ci/common ARTIFACTORY_PSW;
- name: Restore cache
uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Setup Java Build
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '21'
server-id: camunda-nexus
server-username: MAVEN_USERNAME
server-password: MAVEN_PASSWORD
# Use CI Nexus as co-located pull-through cache for Maven artifacts via ~/.m2/settings.xml
- name: 'Create settings.xml'
uses: s4u/maven-settings-action@v3.1.0
with:
githubServer: false
servers: |
[{
"id": "camunda-nexus",
"username": "${{ steps.secrets.outputs.ARTIFACTORY_USR }}",
"password": "${{ steps.secrets.outputs.ARTIFACTORY_PSW }}"
}]
mirrors: '[{"url": "https://repository.nexus.camunda.cloud/content/groups/internal/", "id": "camunda-nexus", "mirrorOf": "camunda-nexus", "name": "camunda Nexus"}]'
- name: Build Artifacts
run: mvn -B compile generate-sources source:jar javadoc:jar deploy -DskipTests
env:
MAVEN_USERNAME: ${{ steps.secrets.outputs.ARTIFACTORY_USR }}
MAVEN_PASSWORD: ${{ steps.secrets.outputs.ARTIFACTORY_PSW }}
- name: Lint Connector Bundle Dockerfile - SaaS
uses: hadolint/hadolint-action@v3.1.0
with:
dockerfile: bundle/camunda-saas-bundle/Dockerfile
- name: Lint Connector Bundle Dockerfile - default-bundle
uses: hadolint/hadolint-action@v3.1.0
with:
dockerfile: bundle/default-bundle/Dockerfile
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: 'arm64,arm'
- name: Set up Docker Build
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ steps.secrets.outputs.DOCKERHUB_USER }}
password: ${{ steps.secrets.outputs.DOCKERHUB_PASSWORD }}
- name: Build and Push Docker Image tag SNAPSHOT - connector-runtime
uses: docker/build-push-action@v6
with:
context: connector-runtime/connector-runtime-application/
push: true
tags: camunda/connectors:SNAPSHOT
platforms: linux/amd64,linux/arm64
provenance: false
- name: Build and Push Docker Image tag SNAPSHOT - bundle-default
uses: docker/build-push-action@v6
with:
context: bundle/default-bundle/
push: true
tags: camunda/connectors-bundle:SNAPSHOT
platforms: linux/amd64,linux/arm64
provenance: false
- name: Build and Push Docker Image tag SNAPSHOT - bundle-saas
uses: docker/build-push-action@v6
with:
context: bundle/camunda-saas-bundle/
push: true
tags: camunda/connectors-bundle-saas:SNAPSHOT
platforms: linux/amd64,linux/arm64
provenance: false
helm-deploy:
needs: deploy-snapshots
name: Helm chart Integration Tests
uses: ./.github/workflows/INTEGRATION_TEST.yml
secrets: inherit
with:
connectors-version: SNAPSHOT
release-branch: main