diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 14a9213..9068e03 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -4,16 +4,17 @@ name: CI on: # manual trigger workflow_dispatch: -# # runnnig on push to main and develop branches -# push: -# branches: -# - main -# - develop -# # running on pull requests to main and develop branches -# pull_request: -# branches: -# - main -# - develop + # runnnig on push to main and develop branches + # push: + # branches: + # - main + # - develop + # - jfrog_test + # # running on pull requests to main and develop branches + # pull_request: + # branches: + # - main + # - develop # defining global environment variables for all jobs env: @@ -59,19 +60,22 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v3 # cache maven packages step - caching maven packages to speed up the build process. Link to the documentation - https://docs.github.com/en/actions/guides/caching-dependencies-to-speed-up-workflows + + - name: Set up our custom Artifactory instance + uses: actions/setup-java@v1.4.4 + with: # running setup-java again overwrites the settings.xml + java-version: 1.8 + server-id: artifactory # value of repository/id field of the pom.xml + server-username: ARTIFACTORY_USERNAME_REF # env variable name for username of Artifactory server; value can be anything as it is a transient user + server-password: ARTIFACTORY_TOKEN_REF # env variable name for Artifactory access token + # after running this action, the tag contains ${env.ARTIFACTORY_USERNAME_REF} and contains ${env.ARTIFACTORY_TOKEN_REF} + - name: Cache Maven packages uses: actions/cache@v3 # defining cache key and restore keys for the cache step. Link to the documentation - https://docs.github.com/en/actions/guides/caching-dependencies-to-speed-up-workflows#matching-a-cache-key with: path: /root/.m2 # path to the directory where maven packages are stored - /root/.m2 in the container key: ${{ runner.os }}-build-${{ hashFiles('**/pom.xml') }} restore-keys: ${{ runner.os }}-build- - # running liquibase quality checks step to ensure that the database changelogs are well-formed and follow best practices. - # Link to the documentation - https://docs.liquibase.com/tools-integrations/liquibase-quality-checks/overview.html - # Using the Liquibase Maven plugin, you can run Liquibase Quality Checks on your changelogs. - # The plugin is available in the Maven Central repository. Link to Maven Central - https://search.maven.org/artifact/org.liquibase/liquibase-maven-plugin - - name: Running Liquibase Quality Checks to ensure that the database changelogs are well-formed and follow best practices - run: | - mvn process-resources liquibase:checks.run # runnning code scanning with CodeQL. Link to the documentation - https://docs.github.com/en/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning # first step is to initialize CodeQL - name: Initialize CodeQL @@ -89,9 +93,22 @@ jobs: # autobuild with codeql # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v2 + # https://www.schakko.de/2020/05/24/how-to-use-a-private-maven-repository-in-artifactory-with-github-actions/ + - name: Build with Maven + run: mvn -B package + env: + # assign the environment variable env.ARTIFACTORY_TOKEN_REF with the previously configured ARTIFACTORY_TOKEN + ARTIFACTORY_TOKEN_REF: ${{ secrets.ARTIFACTORY_TOKEN }} + # assign the environment variable env.ARTIFACTORY_USERNAME_REF with the previously configured ARTIFACTORY_USERNAME + ARTIFACTORY_USERNAME_REF: ${{ secrets.ARTIFACTORY_USERNAME }} + # running liquibase quality checks step to ensure that the database changelogs are well-formed and follow best practices. + # Link to the documentation - https://docs.liquibase.com/tools-integrations/liquibase-quality-checks/overview.html + # Using the Liquibase Maven plugin, you can run Liquibase Quality Checks on your changelogs. + # The plugin is available in the Maven Central repository. Link to Maven Central - https://search.maven.org/artifact/org.liquibase/liquibase-maven-plugin + - name: Running Liquibase Quality Checks to ensure that the database changelogs are well-formed and follow best practices + run: | + mvn process-resources liquibase:checks.run # performing Code Quality Analysis with CodeQL. Link to the documentation - https://docs.github.com/en/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v2 @@ -109,8 +126,6 @@ jobs: needs: # needs build job and runner-indexes job to be completed before running the uat-parallel-tests job - build - runner-indexes - container: - image: mrkostin/maven:3.6.0-alpine-git-curl-jq # ruinning the job in a container - mrkostin/maven:3.6.0-alpine-git-curl-jq services: # oracle service container oracle: # service name - oracle. This name is used to access the service container from the job container as the host name. @@ -132,6 +147,16 @@ jobs: steps: - name: Checkout repository # checkout the repository uses: actions/checkout@v3.0.2 + + - name: Set up our custom Artifactory instance + uses: actions/setup-java@v1.4.4 + with: # running setup-java again overwrites the settings.xml + java-version: 8 + server-id: artifactory # value of repository/id field of the pom.xml + server-username: ARTIFACTORY_USERNAME_REF # env variable name for username of Artifactory server; value can be anything as it is a transient user + server-password: ARTIFACTORY_TOKEN_REF # env variable name for Artifactory access token + # after running this action, the tag contains ${env.ARTIFACTORY_USERNAME_REF} and contains ${env.ARTIFACTORY_TOKEN_REF} + # caching the maven packages to speed up the build process. # Link to the documentation - https://docs.github.com/en/actions/guides/caching-dependencies-to-speed-up-workflows - name: Cache Maven packages @@ -160,6 +185,7 @@ jobs: mkdir test_results unzip my_artifact.zip -d test_results 2> /dev/null || true + # split-tests action - splits the tests into x number of groups # based on the total number of github-hosted runners and junit previous test results by time and line count. # Link to the action - https://github.com/marketplace/actions/split-tests @@ -174,15 +200,23 @@ jobs: line-count: true # split the tests based on the junit test results by line count # run the tests in parallel looping through the test-suite output from the split-tests action - run: 'echo "This runner will execute the following tests: ${{ steps.split-tests.outputs.test-suite }}"' + - run: | + echo "here are the contents of the settings.xml file: " + cat ~/.m2/settings.xml - run: | LIST="${{ steps.split-tests.outputs.test-suite }}" for file in $LIST do # sleep for 20 seconds to avoid the ORA-12514: TNS:listener does not currently know of service requested in connect descriptor error sleep 20 - mvn -Dtest=$(basename $file | sed -e "s/.java/,/" | tr -d '\r\n') -e test -Dspring.datasource.url=${{ secrets.LIQUIBASE_COMMAND_URL }} -Dspring.datasource.username=${{ secrets.LIQUIBASE_COMMAND_USERNAME }} -Dspring.datasource.password=${{ secrets.LIQUIBASE_COMMAND_PASSWORD }} -Dspring.liquibase.change-log=classpath:db/changelog/changelog_version-3.2.oracle.sql -Dserver.port=8086 -Duser.timezone=CST + mvn -Dtest=$(basename $file | sed -e "s/.java/,/" | tr -d '\r\n') -e test -Dspring.datasource.url=${{ secrets.LIQUIBASE_COMMAND_URL2 }} -Dspring.datasource.username=${{ secrets.LIQUIBASE_COMMAND_USERNAME }} -Dspring.datasource.password=${{ secrets.LIQUIBASE_COMMAND_PASSWORD }} -Dspring.liquibase.change-log=classpath:db/changelog/changelog_version-3.2.oracle.sql -Dserver.port=8086 -Duser.timezone=CST done - + env: + # assign the environment variable env.ARTIFACTORY_TOKEN_REF with the previously configured ARTIFACTORY_TOKEN + ARTIFACTORY_TOKEN_REF: ${{ secrets.ARTIFACTORY_TOKEN }} + # assign the environment variable env.ARTIFACTORY_USERNAME_REF with the previously configured ARTIFACTORY_USERNAME + ARTIFACTORY_USERNAME_REF: ${{ secrets.ARTIFACTORY_USERNAME }} + - uses: actions/upload-artifact@v3 # upload the test results as an artifact with: name: Test Results diff --git a/.github/workflows/publish_packages.yml b/.github/workflows/publish_packages.yml new file mode 100644 index 0000000..7d5a189 --- /dev/null +++ b/.github/workflows/publish_packages.yml @@ -0,0 +1,56 @@ +name: "Publish package to GitHub Packages" +on: + # manual trigger + workflow_dispatch: + release: + types: [created] + # # runnnig on push to main and develop branches + # push: + # branches: + # - main + # - develop + # - jfrog_test + # # running on pull requests to main and develop branches + # pull_request: + # branches: + # - main + # - develop + +jobs: + build_and_publish_packages: + # build job will run on ubuntu-latest github-hosted runner + runs-on: ubuntu-latest + # defining permissions for the job - read contents, write packages, write id-token. Link to the documentation - https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idpermissions + # security-events permission is required for CodeQL analysis + # enforcing policy for the job - only users with write access to the repository can trigger the job. Link to the documentation - https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idenforce_admins + permissions: + actions: read + contents: read + packages: write + id-token: write + security-events: write + + # defining steps for the job as explained above + steps: + - name: Checkout repository + uses: actions/checkout@v3 # cache maven packages step - caching maven packages to speed up the build process. Link to the documentation - https://docs.github.com/en/actions/guides/caching-dependencies-to-speed-up-workflows + + - uses: actions/setup-java@v3 + with: # running setup-java again overwrites the settings.xml + java-version: '11' + distribution: 'adopt' + + - name: Cache Maven packages + uses: actions/cache@v3 # defining cache key and restore keys for the cache step. Link to the documentation - https://docs.github.com/en/actions/guides/caching-dependencies-to-speed-up-workflows#matching-a-cache-key + with: + path: /root/.m2 # path to the directory where maven packages are stored - /root/.m2 in the container + key: ${{ runner.os }}-build-${{ hashFiles('**/pom.xml') }} + restore-keys: ${{ runner.os }}-build- + + - name: Build with Maven + run: mvn -B package + + - name: Publish package + run: mvn --batch-mode deploy + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/pom.xml b/pom.xml index e28a102..ca1b6ab 100644 --- a/pom.xml +++ b/pom.xml @@ -9,8 +9,8 @@ net.codejava - SalesManager - 0.0.6-SNAPSHOT + salesmanager + 0.0.8-SNAPSHOT demo Demo project for Spring Boot @@ -19,8 +19,56 @@ local.liquibase.properties + + + + github + GitHub Packages + https://maven.pkg.github.com/octodemo/java-springboot-demo + + true + + + + + + + + + + artifactory + my-repo + https://tsviz.jfrog.io/artifactory/tsvi_test + + + + + org.springframework.boot spring-boot-starter-jdbc @@ -71,6 +119,29 @@ + org.springframework.boot spring-boot-maven-plugin