Skip to content

Commit 32395d3

Browse files
bogdandinabogdandina
committed
feat(79895): split job in ci & cd
1 parent 48e333e commit 32395d3

3 files changed

Lines changed: 109 additions & 118 deletions

File tree

.github/workflows/ci-cd-java.yml

Lines changed: 34 additions & 44 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,6 @@
11
name: ci-cd-java.yml
22

3-
permissions:
4-
contents: read
5-
packages: read
3+
permissions: {}
64

75
on:
86
workflow_call:
@@ -32,9 +30,12 @@ env:
3230
IMAGE_NAME_MIXED_CASE: "${{ github.repository }}"
3331

3432
jobs:
35-
build-check-test-push:
36-
name: Build, check, test, push
33+
ci:
34+
name: Build, check, test
3735
runs-on: ubuntu-latest
36+
permissions:
37+
contents: read
38+
packages: read
3839
steps:
3940
- name: Checkout
4041
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
@@ -67,28 +68,12 @@ jobs:
6768
ref: ${{ steps.resolve_shared_workflow_ref.outputs.shared_workflow_ref }}
6869
path: .shared-workflows
6970

70-
- name: Check if release build
71-
id: release_check
72-
env:
73-
PERFORM_RELEASE_INPUT: ${{ inputs.performRelease }}
74-
run: |
75-
PERFORM_RELEASE=false
76-
if [[ "${GITHUB_REF}" == "refs/heads/main" || \
77-
"${GITHUB_REF}" == "refs/heads/develop" || \
78-
"${GITHUB_REF}" == "refs/heads/aks-dev" || \
79-
"${GITHUB_REF}" == refs/tags/* ]]; then
80-
PERFORM_RELEASE=true
81-
elif [[ "${PERFORM_RELEASE_INPUT}" == "true" ]]; then
82-
PERFORM_RELEASE=true
83-
fi
84-
echo "perform_release=${PERFORM_RELEASE}" >> "$GITHUB_OUTPUT"
85-
8671
- name: Setup JDK
8772
uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4.8.0
8873
with:
8974
distribution: 'temurin'
9075
java-version: '25'
91-
cache: ${{ steps.release_check.outputs.perform_release != 'true' && 'maven' || '' }}
76+
cache: 'maven'
9277

9378
- name: Validate Java version consistency
9479
working-directory: ${{ inputs.workingDirectory }}
@@ -177,31 +162,43 @@ jobs:
177162
name: 'app.jar'
178163
path: '/app/app.jar'
179164

165+
release:
166+
name: Build & push Docker image
167+
needs: ci
168+
if: >-
169+
github.ref == 'refs/heads/main' ||
170+
github.ref == 'refs/heads/develop' ||
171+
github.ref == 'refs/heads/aks-dev' ||
172+
startsWith(github.ref, 'refs/tags/') ||
173+
inputs.performRelease == true
174+
runs-on: ubuntu-latest
175+
environment: docker-hub-release
176+
permissions:
177+
contents: read
178+
steps:
179+
- name: Checkout
180+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
181+
with:
182+
clean: 'true'
183+
180184
- name: Set Docker Image Name
185+
env:
186+
IMAGE_NAME_INPUT: ${{ inputs.imageName }}
181187
run: |
182188
OWNER="${GITHUB_REPOSITORY%%/*}"
183189
184-
if [[ -n "${{ inputs.imageName }}" ]]; then
185-
IMAGE_NAME="${OWNER,,}/${{ inputs.imageName }}"
190+
if [[ -n "${IMAGE_NAME_INPUT}" ]]; then
191+
IMAGE_NAME="${OWNER,,}/${IMAGE_NAME_INPUT}"
186192
else
187193
IMAGE_NAME="${GITHUB_REPOSITORY,,}"
188194
fi
189195
190196
echo "IMAGE_NAME=${IMAGE_NAME}" >> "$GITHUB_ENV"
191197
192-
- name: Build Docker Image
193-
uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
194-
with:
195-
context: ${{ inputs.workingDirectory }}
196-
push: 'false'
197-
tags: 'hsldevcom/${{ env.IMAGE_NAME }}:${{ github.sha }}'
198-
secrets: |
199-
github_token=${{ secrets.GITHUB_TOKEN }}
200-
build-args:
201-
GITHUB_ACTOR=${{ github.actor }}
198+
- name: Setup Docker Buildx
199+
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
202200

203201
- name: Extract Docker metadata
204-
if: ${{ steps.release_check.outputs.perform_release == 'true' }}
205202
id: meta
206203
uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0
207204
with:
@@ -214,26 +211,19 @@ jobs:
214211
org.opencontainers.image.title=${{ env.IMAGE_NAME }}
215212
org.opencontainers.image.vendor=hsldevcom
216213
217-
- name: Setup Docker Buildx
218-
if: ${{ steps.release_check.outputs.perform_release == 'true' }}
219-
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
220-
221214
- name: Login to Docker Hub
222-
if: ${{ steps.release_check.outputs.perform_release == 'true' }}
223215
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
224216
with:
225217
username: ${{ secrets.DOCKER_HUB_INFODEVOPS_USERNAME }}
226218
password: ${{ secrets.DOCKER_HUB_INFODEVOPS_TOKEN }}
227219

228220
- name: Build & Push Docker image
229-
if: ${{ steps.release_check.outputs.perform_release == 'true' }}
230221
uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
231222
with:
232223
context: ${{ inputs.workingDirectory }}
233-
push: ${{ steps.release_check.outputs.perform_release }}
224+
push: true
234225
tags: ${{ steps.meta.outputs.tags }}
235226
labels: ${{ steps.meta.outputs.labels }}
236227
secrets: |
237228
github_token=${{ secrets.GITHUB_TOKEN }}
238-
build-args: |
239-
GITHUB_ACTOR=${{ github.actor }}
229+
github_actor=${{ github.actor }}

.github/workflows/ci-cd-kotlin.yml

Lines changed: 31 additions & 37 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,6 @@
11
name: ci-cd-kotlin.yml
22

3-
permissions:
4-
contents: read
5-
packages: read
3+
permissions: {}
64

75
on:
86
workflow_call:
@@ -34,9 +32,12 @@ env:
3432
IMAGE_NAME_MIXED_CASE: "${{ github.repository }}"
3533

3634
jobs:
37-
build-check-test-push:
38-
name: Build, check, test, push
35+
ci:
36+
name: Build, check, test
3937
runs-on: ubuntu-latest
38+
permissions:
39+
contents: read
40+
packages: read
4041
steps:
4142
- name: Checkout
4243
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
@@ -68,28 +69,12 @@ jobs:
6869
ref: ${{ env.SHARED_WORKFLOW_REF }}
6970
path: .shared-workflows
7071

71-
- name: Check if release build
72-
id: release_check
73-
env:
74-
PERFORM_RELEASE_INPUT: ${{ inputs.performRelease }}
75-
run: |
76-
PERFORM_RELEASE=false
77-
if [[ "${GITHUB_REF}" == "refs/heads/main" || \
78-
"${GITHUB_REF}" == "refs/heads/develop" || \
79-
"${GITHUB_REF}" == "refs/heads/aks-dev" || \
80-
"${GITHUB_REF}" == refs/tags/* ]]; then
81-
PERFORM_RELEASE=true
82-
elif [[ "${PERFORM_RELEASE_INPUT}" == "true" ]]; then
83-
PERFORM_RELEASE=true
84-
fi
85-
echo "perform_release=${PERFORM_RELEASE}" >> "$GITHUB_OUTPUT"
86-
8772
- name: Setup JDK
8873
uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4.8.0
8974
with:
9075
distribution: 'temurin'
9176
java-version: '11'
92-
cache: ${{ steps.release_check.outputs.perform_release != 'true' && 'gradle' || '' }}
77+
cache: 'gradle'
9378

9479
- name: Validate Java version consistency
9580
env:
@@ -106,24 +91,24 @@ jobs:
10691
if: ${{ inputs.runTestsInsideDocker }}
10792
env:
10893
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
109-
GITHUB_ACTOR_ARG: ${{ github.actor }}
94+
GITHUB_ACTOR: ${{ github.actor }}
11095
DOCKER_BUILDKIT: "1"
11196
run: |
11297
cat > /tmp/Dockerfile.test << DOCKERFILE
11398
# syntax=docker/dockerfile:1
11499
# check=error=true
115100
FROM ${TEST_BASE_IMAGE}
116101
WORKDIR /usr/app
117-
ARG GITHUB_ACTOR=github-actions
118102
COPY . .
119103
RUN --mount=type=secret,id=github_token \
104+
--mount=type=secret,id=github_actor \
120105
export GITHUB_TOKEN="\$(cat /run/secrets/github_token)" && \
121-
export GITHUB_ACTOR="\$GITHUB_ACTOR" && \
106+
export GITHUB_ACTOR="\$(cat /run/secrets/github_actor)" && \
122107
./gradlew test --stacktrace --no-daemon
123108
DOCKERFILE
124109
docker build \
125110
--secret id=github_token,env=GITHUB_TOKEN \
126-
--build-arg "GITHUB_ACTOR=${GITHUB_ACTOR_ARG}" \
111+
--secret id=github_actor,env=GITHUB_ACTOR \
127112
-f /tmp/Dockerfile.test \
128113
.
129114
@@ -169,22 +154,33 @@ jobs:
169154
GITHUB_ACTOR: ${{ github.actor }}
170155
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
171156

157+
release:
158+
name: Build & push Docker image
159+
needs: ci
160+
if: >-
161+
github.ref == 'refs/heads/main' ||
162+
github.ref == 'refs/heads/develop' ||
163+
github.ref == 'refs/heads/aks-dev' ||
164+
startsWith(github.ref, 'refs/tags/') ||
165+
inputs.performRelease == true
166+
runs-on: ubuntu-latest
167+
environment: docker-hub-release
168+
permissions:
169+
contents: read
170+
steps:
171+
- name: Checkout
172+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
173+
with:
174+
clean: 'true'
175+
172176
- name: Lowercase Docker Image Name
173177
run: |
174178
echo "IMAGE_NAME=${IMAGE_NAME_MIXED_CASE,,}" >> "${GITHUB_ENV}"
175-
- name: Build Docker Image
176-
uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
177-
with:
178-
context: .
179-
push: 'false'
180-
tags: 'hsldevcom/${{ env.IMAGE_NAME }}:${{ github.sha }}'
181179
182180
- name: Setup Docker Buildx
183-
if: steps.release_check.outputs.perform_release == 'true'
184181
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
185182

186183
- name: Extract Docker metadata
187-
if: steps.release_check.outputs.perform_release == 'true'
188184
id: meta
189185
uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0
190186
with:
@@ -198,17 +194,15 @@ jobs:
198194
org.opencontainers.image.vendor=hsldevcom
199195
200196
- name: Login to Docker Hub
201-
if: steps.release_check.outputs.perform_release == 'true'
202197
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
203198
with:
204199
username: ${{ secrets.DOCKER_HUB_INFODEVOPS_USERNAME }}
205200
password: ${{ secrets.DOCKER_HUB_INFODEVOPS_TOKEN }}
206201

207202
- name: Build & Push Docker image
208-
if: steps.release_check.outputs.perform_release == 'true'
209203
uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
210204
with:
211205
context: .
212-
push: ${{ steps.release_check.outputs.perform_release }}
206+
push: true
213207
tags: ${{ steps.meta.outputs.tags }}
214208
labels: ${{ steps.meta.outputs.labels }}

0 commit comments

Comments
 (0)