From bf6f37d6f0a892ff44de3fc9bc7f49e36f455e7d Mon Sep 17 00:00:00 2001
From: Emmanuel Bruno <emmanuel.bruno@univ-tln.fr>
Date: Fri, 28 Oct 2022 15:09:53 +0200
Subject: [PATCH] initial release.
---
.github/workflows/ci.yml | 87 +++++++++++++++++++++++++++++++++++
.github/workflows/cleanup.yml | 12 +++++
checkVersions.sh | 3 ++
ci-settings.xml | 37 +++++++++++++++
mvn.sh | 15 ++++++
sonar.sh | 7 +++
6 files changed, 161 insertions(+)
create mode 100644 .github/workflows/ci.yml
create mode 100644 .github/workflows/cleanup.yml
create mode 100755 checkVersions.sh
create mode 100644 ci-settings.xml
create mode 100755 mvn.sh
create mode 100755 sonar.sh
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
new file mode 100644
index 0000000..8a722e1
--- /dev/null
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,87 @@
+## A simple example to use Github Actions for Java CI with docker and maven
+# We build the project using maven.
+# Maven is run in a dedicated docker container
+# The credentials are set as env variables in a specific ci-settings.xml
+# The ENV variables are stored as Github Secrets
+#
+# The secrets are set in CLI with the github client.
+# The following examples set them at organisation level (GITHUB_ORG variable)
+# bash -c 'for secret in GITHUBLOGIN GITHUBPASSWORD DOCKER_USERNAME DOCKER_PASSWORD SONAR_URL SONAR_TOKEN; do \
+# eval gh secret set $secret --app actions --body ${!secret} --org $GITHUB_ORG --visibility all; \
+# done'
+name: Java CI
+
+# on every push
+on: [push]
+
+env:
+ GITHUBLOGIN: ${{secrets.GITHUBLOGIN}}
+ GITHUBPASSWORD: ${{secrets.GITHUBPASSWORD}}
+ DOCKER_USERNAME: ${{secrets.DOCKER_USERNAME}}
+ DOCKER_PASSWORD: ${{secrets.DOCKER_PASSWORD}}
+ SONAR_URL: ${{secrets.SONAR_URL}}
+ SONAR_TOKEN: ${{secrets.SONAR_TOKEN}}
+
+jobs:
+ # This job build, test, package and deploy the artefact
+ maven-build:
+ # The tags on the runner
+ runs-on: [self-hosted, Linux]
+
+ steps:
+ #we get the content of the repository
+ - uses: actions/checkout@v3
+
+ # build the project in a docker container with a specific maven settings.xml
+ # it uses env variables from github secrets for the credentials
+ # to github, dockerhub and sonar.
+ - name: Build and test with Maven in docker
+ run: ./CI_Java/mvn.sh clean verify
+ - name: Deploy Maven Artifacts
+ run: ./CI_Java/mvn.sh deploy
+ - name: Notify dedicated teams channel of Success
+ uses: dragos-cojocari/ms-teams-notification@v1.0.0
+ if: ${{ success() }}
+ with:
+ github-token: ${{ github.token }} # this will use the runner's token.
+ ms-teams-webhook-uri: ${{ secrets.MSTEAMS_WEBHOOK }}
+ notification-summary: Build and Deploy success.
+ notification-color: 28a745
+ timezone: Europe/Paris
+ - name: Notify dedicated teams channel of Failure
+ uses: dragos-cojocari/ms-teams-notification@v1.0.0
+ if: ${{ failure() }}
+ with:
+ github-token: ${{ github.token }} # this will use the runner's token.
+ ms-teams-webhook-uri: ${{ secrets.MSTEAMS_WEBHOOK }}
+ notification-summary: Build and Deploy failure.
+ notification-color: dc3545
+ timezone: Europe/Paris
+
+ # This job publish the successsite for develop branch
+ maven-site:
+ runs-on: [self-hosted, Linux]
+ needs: maven-build
+ # Develop branch only
+ if: github.ref == 'refs/heads/develop'
+ steps:
+ - name: Build and deploy site with Maven
+ run: ./CI_Java/mvn.sh site:site site-deploy
+ - name: Notify dedicated teams channel of Success
+ uses: dragos-cojocari/ms-teams-notification@v1.0.0
+ if: ${{ success() }}
+ with:
+ github-token: ${{ github.token }} # this will use the runner's token.
+ ms-teams-webhook-uri: ${{ secrets.MSTEAMS_WEBHOOK }}
+ notification-summary: Web site deployed.
+ notification-color: 28a745
+ timezone: Europe/Paris
+ - name: Notify dedicated teams channel of Failure
+ uses: dragos-cojocari/ms-teams-notification@v1.0.0
+ if: ${{ failure() }}
+ with:
+ github-token: ${{ github.token }} # this will use the runner's token.
+ ms-teams-webhook-uri: ${{ secrets.MSTEAMS_WEBHOOK }}
+ notification-summary: Failed to deploy web site.
+ notification-color: dc3545
+ timezone: Europe/Paris
\ No newline at end of file
diff --git a/.github/workflows/cleanup.yml b/.github/workflows/cleanup.yml
new file mode 100644
index 0000000..8218a52
--- /dev/null
+++ b/.github/workflows/cleanup.yml
@@ -0,0 +1,12 @@
+name: Delete Old Snpashot Package # on every push
+on: [push]
+jobs:
+ cleanup:
+ # The tags on the runner
+ runs-on: [self-hosted, Linux]
+ steps:
+ - uses: smartsquaregmbh/delete-old-packages@v0.5.0
+ with:
+ keep: 1
+ names: |
+ fr.univtln.bruno.demos.archetypes.demomavenarchetype
diff --git a/checkVersions.sh b/checkVersions.sh
new file mode 100755
index 0000000..e7c0fea
--- /dev/null
+++ b/checkVersions.sh
@@ -0,0 +1,3 @@
+mvn versions:display-dependency-updates
+mvn versions:display-plugin-updates
+mvn versions:display-property-updates
diff --git a/ci-settings.xml b/ci-settings.xml
new file mode 100644
index 0000000..3ccf09a
--- /dev/null
+++ b/ci-settings.xml
@@ -0,0 +1,37 @@
+<!-- A MAVEN SETTINGS FILE TO BE USED IN CI -->
+<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
+ https://maven.apache.org/xsd/settings-1.0.0.xsd">
+
+ <servers>
+ <server>
+ <id>github</id>
+ <username>${env.GITHUBLOGIN}</username>
+ <password>${env.GITHUBPASSWORD}</password>
+ </server>
+ <server>
+ <id>dockerhub</id>
+ <username>${env.DOCKER_USERNAME}</username>
+ <password>${env.DOCKER_PASSWORD}</password>
+ </server>
+ <server>
+ <id>github.pages</id>
+ <username>git</username>
+ <configuration>
+ <scmVersionType>branch</scmVersionType>
+ <scmVersion>gh-pages</scmVersion>
+ </configuration>
+ </server>
+ </servers>
+
+ <profiles>
+ <profile>
+ <id>sonar</id>
+ <properties>
+ <sonar.host.url>${env.SONAR_URL}</sonar.host.url>
+ <sonar.login>${env.SONAR_TOKEN}</sonar.login>
+ </properties>
+ </profile>
+ </profiles>
+
+</settings>
diff --git a/mvn.sh b/mvn.sh
new file mode 100755
index 0000000..ef07a41
--- /dev/null
+++ b/mvn.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+export MAVEN_IMAGE=brunoe/maven:3.8.6-eclipse-temurin-17
+docker run \
+ --env GITHUBLOGIN=$GITHUBLOGIN \
+ --env GITHUBPASSWORD=$GITHUBPASSWORD \
+ --mount type=bind,source=${HOME}/.m2,target=/var/maven/.m2 \
+ --mount type=bind,source=${HOME}/.ssh,target=/home/user/.ssh \
+ --mount type=bind,source=${HOME}/.gitconfig,target=/home/user/.gitconfig,readonly \
+ --mount type=bind,source="$(pwd)",target=/usr/src/mymaven \
+ --workdir /usr/src/mymaven \
+ --rm \
+ --env PUID=`id -u` -e PGID=`id -g` \
+ --env MAVEN_CONFIG=/var/maven/.m2 \
+ $MAVEN_IMAGE \
+ runuser --user user --group user -- mvn -B -e -T 1C -Duser.home=/var/maven --settings /usr/src/mymaven/CI_Java/ci-settings.xml "$@"
diff --git a/sonar.sh b/sonar.sh
new file mode 100755
index 0000000..59f54c6
--- /dev/null
+++ b/sonar.sh
@@ -0,0 +1,7 @@
+./mvn.sh sonar:sonar \
+ -D sonar.branch.name=$(git rev-parse --abbrev-ref HEAD|tr / _ ) \
+ -DskipTests=true \
+ -Dsonar.language=java \
+ -Dsonar.report.export.path=sonar-report.json \
+ -Dsonar.host.url=http://localhost:9000 \
+ --activate-profiles sonar
--
GitLab