valtimo/.github/workflows/backend_build_push_docker_image.yml at next-minor · Baseflow/valtimo · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
name: Backend - build and push docker image

permissions:
  contents: read

on:
  workflow_call:
    inputs:
      backend_libraries_build_artifact_name:
        required: true
        description: Name of the backend build artifact to download with 'download-artifact'
        type: "string"
    outputs:
      built_test_image:
        description: "Tag of the test Docker image that was built"
        value: ${{ jobs.generate_tags.outputs.test_primary_tag }}
      built_prod_image:
        description: "Tag of the production Docker image that was built"
        value: ${{ jobs.generate_tags.outputs.production_primary_tag }}

env:
  BRANCH_NAME: ${{ github.head_ref || github.ref_name }}

jobs:
  assemble:
    strategy:
      matrix:
        build_type: ["production", "test"]

    runs-on: ubuntu-latest
    name: "assemble-${{ matrix.build_type }}"
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Set up JDK
        uses: actions/setup-java@v4
        with:
          distribution: "temurin"
          java-version: "21"

      - name: Download built libraries
        uses: actions/download-artifact@v4
        with:
          name: ${{ inputs.backend_libraries_build_artifact_name }}
          path: .

      - run: ./gradlew -PincludeDev=${{ matrix.build_type == 'test'}} :backend:app:gzac:assemble

      - name: Prepare deployment folder
        run: |
          mkdir backend/deployment
          mv backend/app/gzac/build/ backend/app/gzac/Dockerfile backend/deployment/

      - name: Archive deployment folder
        uses: actions/upload-artifact@v4
        with:
          name: gzac-app-backend-deployment-${{ matrix.build_type }}
          path: backend/deployment/
          retention-days: 1

  generate_tags:
    runs-on: ubuntu-latest
    outputs:
      test_tags: ${{ steps.generate_tags_test.outputs.tags }}
      production_tags: ${{ steps.generate_tags_production.outputs.tags }}
      test_primary_tag: ${{ steps.primary_tag_test.outputs.tag }}
      production_primary_tag: ${{ steps.primary_tag_production.outputs.tag }}
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
      - name: Resolve backend tree hash
        id: backend_tree
        run: echo "tree=$(git rev-parse HEAD:backend)" >> "$GITHUB_OUTPUT"
      - name: Generate image tags (test)
        id: generate_tags_test
        uses: docker/metadata-action@v5
        with:
          images: ghcr.io/${{ github.repository }}/gzac-backend
          tags: |
            type=raw,value=${{ env.BRANCH_NAME }}-test.${{ github.run_number }}
            type=raw,value=commit-test-${{ github.sha }}
            type=raw,value=contents-test-${{ steps.backend_tree.outputs.tree }}
          flavor: |
            latest=false

      - name: Extract primary image tag (test)
        id: primary_tag_test
        run: |
          full_tag='${{ fromJson(steps.generate_tags_test.outputs.json).tags[0] }}'
          echo "tag=${full_tag##*:}" >> "$GITHUB_OUTPUT"

      - name: Generate image tags (production)
        id: generate_tags_production
        uses: docker/metadata-action@v5
        with:
          images: ghcr.io/${{ github.repository }}/gzac-backend
          tags: |
            type=raw,value=${{ env.BRANCH_NAME }}-production.${{ github.run_number }}
            type=raw,value=commit-production-${{ github.sha }}
            type=raw,value=contents-production-${{ steps.backend_tree.outputs.tree }}
          flavor: |
            latest=false

      - name: Extract primary image tag (production)
        id: primary_tag_production
        run: |
          full_tag='${{ fromJson(steps.generate_tags_production.outputs.json).tags[0] }}'
          echo "tag=${full_tag##*:}" >> "$GITHUB_OUTPUT"

  build_image:
    strategy:
      matrix:
        build_type: ["production", "test"]
    runs-on: ubuntu-latest
    needs:
      - assemble
      - generate_tags
    permissions:
      contents: read
      packages: write

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Log in to GitHub Container Registry
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Download deployment artifact
        uses: actions/download-artifact@v4
        with:
          name: gzac-app-backend-deployment-${{ matrix.build_type }}
          path: backend/deployment/

      - name: Set up Buildx
        uses: docker/setup-buildx-action@v3
        with:
          driver: docker-container
          install: true

      - name: Build and push Docker image
        uses: docker/build-push-action@v6
        with:
          file: ./backend/deployment/Dockerfile
          context: backend/deployment/
          push: true
          tags: ${{ matrix.build_type == 'production' && needs.generate_tags.outputs.production_tags || needs.generate_tags.outputs.test_tags }}
          cache-from: type=gha
          cache-to: type=gha,mode=max