cwms-data-api/.github/workflows/release.yml at 00a52585e923621151c37f8fb060f9cdc0baa666 · USACE/cwms-data-api · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
---
name: Nightly Release - Build
on:
  workflow_call:
    inputs:
      branch:
       type: string
       required: true
      nightly:
        type: boolean
        required: true
    secrets:
      token:
       required: false
      registry:
        required: false
      registry_user:
        required: false
      registry_password:
        required: false
    outputs:
      api_image:
        description: GHCR.io image tag for downstream consumption
        value: ${{ jobs.release.outputs.api_image }}
      migration_image:
        description: Modified CWMS Schema installer image
        value: ${{ jobs.release.outputs.migration_image }}
  workflow_dispatch:
    inputs:
      branch:
        type: choice
        required: true
        description: Which Branch to make the build from
        options:
          - develop
      nightly:
        type: boolean
        required: true
        description: Is this part of a "nightly" workflow?
        default: true

jobs:
  release:
    runs-on: ubuntu-latest
    permissions:
        packages: write
        contents: write
    outputs:
      api_image: ${{steps.set_image.outputs.api_image}}
      migration_image: ${{steps.migration-publish.outputs.image}}
    steps:
      - name: checkout code
        uses: actions/checkout@v4.2.2
        with:
          ref: ${{inputs.branch}}
      - name: setup java
        uses: actions/setup-java@v4.6.0
        with:
          distribution: 'temurin'
          java-version: '8'
          cache: 'gradle'
      - name: Set version
        if: inputs.nightly == true
        run: echo "VERSION=${{inputs.branch}}-nightly" >> $GITHUB_ENV
      - name: Set version
        if: inputs.nightly == false
        run: echo "VERSION=${{inputs.branch}}" >> $GITHUB_ENV
      - name: Sanitize repo for container image names
        run: |
          REPO=`echo "${{github.repository}}" | tr  '[:upper:]' '[:lower:]'`
          echo "REPO=$REPO" >> $GITHUB_ENV
      - name: show version
        run: echo ${VERSION}
      - name: build war
        run: ./gradlew build --info --init-script init.gradle -PversionOverride=$VERSION
      - name: Create GitHub Release
        id: create_release
        # Allow testing withing creating a release
        if: github.event_name != 'pull_request' && github.event.ref == 'refs/heads/develop'
        uses: softprops/action-gh-release@v2.1.0
        with:
          files: cwms-data-api/build/libs/cwms-data-api-${{env.VERSION}}.war
          tag_name: ${{env.VERSION}}
          generate_release_notes: true
          token: ${{ secrets.token != null && secrets.token || secrets.GITHUB_TOKEN }}
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3.10.0
      - name: Docker meta
        id: meta
        uses: docker/metadata-action@v5.7.0
        with:
          images: |
            ${{secrets.registry != null && secrets.registry ||secrets.HEC_PUB_REGISTRY}}/cwms/data-api
            ghcr.io/${{env.REPO}}
          tags: |
            type=sha
            type=ref,event=tag
            type=schedule,pattern=nightly
            type=schedule,pattern={{date 'YYYY.MM.DD'}}
            type=schedule,pattern={{date 'YYYY.MM.DD-hhmmss'}}
      - name: Log in to the Container registry
        id: login-ghcr
        uses: docker/login-action@v3.3.0
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.token != null && secrets.token || secrets.GITHUB_TOKEN }}
      - name: Login to HEC Public Registry
        uses: docker/login-action@v3.3.0
        id: login-hec
        with:
          registry: ${{ secrets.registry != null && secrets.registry ||secrets.HEC_PUB_REGISTRY }}
          username: ${{ secrets.registry_user != null && secrets.registry_user || secrets.ALT_REG_USER }}
          password: ${{ secrets.registry_password != null && secrets.registry_password || secrets.ALT_REG_PASSWORD }}
      - name: Build and push
        uses: docker/build-push-action@v6.16.0
        with:
          context: "."
          # This is not conditional on pull_request as we want access to these if we are manually running it.
          push: true
          sbom: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
      - name: Set Output Image
        id: set_image
        run: |
          echo "api_image=ghcr.io/${REPO}:$VERSION" >> $GITHUB_OUTPUT
      - name: Setup Database Migration Image
        id: migration
        uses: ./.github/actions/database-migration-image
        with:
          base-image: ghcr.io/hydrologicengineeringcenter/cwms-database/cwms/schema_installer
          tag: latest-dev
      - name: Publish migration container
        id: migration-publish
        run: |
          IMAGE=ghcr.io/${REPO}-schema-migration:$VERSION
          docker tag ${{steps.migration.outputs.image}} $IMAGE
          docker push $IMAGE
          echo "image=$IMAGE" >> $GITHUB_OUTPUT
      - name: Logout of HEC pub registry
        if: ${{ always() }}
        run: |
          docker logout ${{ steps.login-hec.outputs.registry }}
      - name: Logout of GH registry
        if: ${{ always() }}
        run: |
          docker logout ${{ steps.login-ghcr.outputs.registry }}