diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml deleted file mode 100644 index 3009a552b..000000000 --- a/.github/workflows/build.yml +++ /dev/null @@ -1,141 +0,0 @@ -name: Build - -on: - push: - pull_request: - branches: [ master ] - -jobs: - build-maven: - runs-on: ${{ matrix.os }} - strategy: - matrix: - java: [ '8', '11', '17', '21' ] - os: [ 'ubuntu-latest', 'macos-latest', 'windows-latest' ] - fail-fast: false - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - submodules: recursive - - name: Java ${{ matrix.Java }} (${{ matrix.os }}) - uses: actions/setup-java@v4 - with: - java-version: ${{ matrix.java }} - distribution: 'zulu' - - name: Cache Maven packages - uses: actions/cache@v4 - with: - path: ~/.m2/repository - key: ${{ runner.os }}-m2-repository-${{ hashFiles('**/pom.xml') }} - restore-keys: ${{ runner.os }}-m2-repository - - name: Build with Maven - env: - MAVEN_OPTS: -Dhttps.protocols=TLSv1.2 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120 -Dmaven.wagon.http.retryHandler.requestSentEnabled=true -Dmaven.wagon.http.retryHandler.count=10 - run: mvn --batch-mode --errors --update-snapshots package --file pom.xml - - name: Upload artifacts - uses: actions/upload-artifact@v4 - with: - name: ${{ matrix.os }}-${{ matrix.java }} - retention-days: 5 - path: | - openig-war/target/*.war - openig-docker/target/Dockerfile* - build-docker: - runs-on: 'ubuntu-latest' - services: - registry: - image: registry:2 - ports: - - 5000:5000 - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - submodules: recursive - - name: Get latest release version - shell: bash - run: | - export git_version_last="$(curl -i -o - --silent https://api.github.com/repos/OpenIdentityPlatform/OpenIG/releases/latest | grep -m1 "\"name\"" | cut -d\" -f4)" ; echo "last release: $git_version_last" - echo "release_version=$git_version_last" >> $GITHUB_ENV - - name: Docker meta - id: meta - uses: docker/metadata-action@v5 - with: - images: | - localhost:5000/${{ github.repository }} - tags: | - type=raw,value=latest - type=raw,value=${{ env.release_version }} - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - with: - driver-opts: network=host - - name: Build image - uses: docker/build-push-action@v5 - continue-on-error: true - with: - context: ./openig-docker - file: ./openig-docker/Dockerfile - build-args: | - VERSION=${{ env.release_version }} - platforms: linux/amd64, linux/arm64/8, linux/arm/v7, linux/ppc64le, linux/s390x - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - - name: Docker test - shell: bash - run: | - docker run --rm -it -d --name=test localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }} - timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test | grep -q \"healthy\"; do sleep 10; done' - build-docker-alpine: - runs-on: 'ubuntu-latest' - services: - registry: - image: registry:2 - ports: - - 5000:5000 - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - submodules: recursive - - name: Get latest release version - shell: bash - run: | - export git_version_last="$(curl -i -o - --silent https://api.github.com/repos/OpenIdentityPlatform/OpenIG/releases/latest | grep -m1 "\"name\"" | cut -d\" -f4)" ; echo "last release: $git_version_last" - echo "release_version=$git_version_last" >> $GITHUB_ENV - - name: Docker meta - id: meta - uses: docker/metadata-action@v5 - with: - images: | - localhost:5000/${{ github.repository }} - tags: | - type=raw,value=alpine - type=raw,value=${{ env.release_version }}-alpine - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - with: - driver-opts: network=host - - name: Build image - uses: docker/build-push-action@v5 - continue-on-error: true - with: - context: ./openig-docker - file: ./openig-docker/Dockerfile-alpine - build-args: | - VERSION=${{ env.release_version }} - platforms: linux/amd64,linux/arm64/8, linux/s390x, linux/386, linux/arm/v7, linux/arm/v6, linux/ppc64le - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - - name: Docker test - shell: bash - run: | - docker run --rm -it -d --name=test localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}-alpine - timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test | grep -q \"healthy\"; do sleep 10; done' diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 89e1e39f6..d7b18ee82 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -1,14 +1,9 @@ -name: Package/Deploy +name: Package/Deploy on: - workflow_dispatch: - workflow_run: - branches: [ master ] - workflows: ["Build","Release"] - types: [completed] + push: jobs: deploy-maven: - if: ${{ github.event.workflow_run.conclusion == 'success' }} runs-on: 'ubuntu-latest' steps: - name: Print github context @@ -33,37 +28,12 @@ jobs: path: ~/.m2/repository key: ${{ runner.os }}-m2-repository-${{ hashFiles('**/pom.xml') }} restore-keys: ${{ runner.os }}-m2-repository - - name: Install gpg secret key - env: - GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} - if: ${{ env.GPG_PRIVATE_KEY!=''}} - run: | - cat <(echo -e "${{ secrets.GPG_PRIVATE_KEY }}") | gpg --batch --import - gpg --list-secret-keys --keyid-format LONG - name: Build package local env: - MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }} - MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }} MAVEN_OPTS: -Dhttps.protocols=TLSv1.2 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120 -Dmaven.wagon.http.retryHandler.requestSentEnabled=true -Dmaven.wagon.http.retryHandler.count=10 if: ${{ !(github.event.workflow_run.event=='push' && env.MAVEN_USERNAME!='' && env.MAVEN_PASSWORD!='')}} - run: mvn --batch-mode --errors --update-snapshots -Dgpg.passphrase=${{ secrets.GPG_PASSPHRASE }} package --file pom.xml - - name: Publish to the Maven Central Repository - env: - MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }} - MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }} - MAVEN_OPTS: -Dhttps.protocols=TLSv1.2 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120 -Dmaven.wagon.http.retryHandler.requestSentEnabled=true -Dmaven.wagon.http.retryHandler.count=10 - if: ${{ github.event.workflow_run.event=='push' && env.MAVEN_USERNAME!='' && env.MAVEN_PASSWORD!=''}} - run: mvn --batch-mode --errors --update-snapshots -Dgpg.passphrase=${{ secrets.GPG_PASSPHRASE }} deploy --file pom.xml - - name: Upload artifacts OpenIG Server Only Component - uses: actions/upload-artifact@v4 - with: - name: OpenIG Server - path: openig-war/target/*.war - - name: Upload artifacts OpenIG Dockerfile - uses: actions/upload-artifact@v4 - with: - name: OpenIG Dockerfile - path: openig-docker/target/Dockerfile* + run: mvn --batch-mode --errors --update-snapshots package --file pom.xml + - name: Configure Git User run: | git config --global user.name "Open Identity Platform Community" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml deleted file mode 100644 index 75dd3b73c..000000000 --- a/.github/workflows/release.yml +++ /dev/null @@ -1,203 +0,0 @@ -name: Release - -on: - workflow_dispatch: - inputs: - releaseVersion: - description: "Default version to use when preparing a release." - required: true - default: "X.Y.Z" - developmentVersion: - description: "Default version to use for new local working copy." - required: true - default: "X.Y.Z-SNAPSHOT" -jobs: - release-maven: - runs-on: 'ubuntu-latest' - steps: - - name: Print github context - env: - GITHUB_CONTEXT: ${{ toJSON(github) }} - run: echo "$GITHUB_CONTEXT" - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - submodules: recursive - - name: Set up Java for publishing to Maven Central Repository OSS - uses: actions/setup-java@v4 - with: - java-version: '8' - distribution: 'temurin' - server-id: ossrh - server-username: MAVEN_USERNAME - server-password: MAVEN_PASSWORD - - name: Cache Maven packages - uses: actions/cache@v4 - with: - path: ~/.m2/repository - key: ${{ runner.os }}-m2-repository-${{ hashFiles('**/pom.xml') }} - restore-keys: ${{ runner.os }}-m2-repository - - name: Install gpg secret key - env: - GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} - if: ${{ env.GPG_PRIVATE_KEY!=''}} - run: | - cat <(echo -e "${{ secrets.GPG_PRIVATE_KEY }}") | gpg --batch --import - gpg --list-secret-keys --keyid-format LONG - git config --global user.signingkey B02611B009E5302EB58D102D6C2EDF3C90D33841 - - name: Configure Git User - run: | - git config --global user.name "Open Identity Platform Community" - git config --global user.email "open-identity-platform-openig@googlegroups.com" - - name: Release and publish to the Maven Central Repository - env: - GITHUB_ACTOR: ${{ github.actor }} - GITHUB_TOKEN: ${{ github.token }} - MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }} - MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }} - MAVEN_OPTS: -Dhttps.protocols=TLSv1.2 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120 -Dmaven.wagon.http.retryHandler.requestSentEnabled=true -Dmaven.wagon.http.retryHandler.count=10 - if: ${{ env.MAVEN_USERNAME!='' && env.MAVEN_PASSWORD!='' }} - run: mvn --batch-mode -Darguments="-Dgpg.passphrase=${{ secrets.GPG_PASSPHRASE }}" -DsignTag=true -DtagNameFormat="${{ github.event.inputs.releaseVersion }}" -DreleaseVersion=${{ github.event.inputs.releaseVersion }} -DdevelopmentVersion=${{ github.event.inputs.developmentVersion }} release:prepare release:perform --file pom.xml - - name: Release on GitHub - uses: softprops/action-gh-release@v2 - with: - name: ${{ github.event.inputs.releaseVersion }} - tag_name: ${{ github.event.inputs.releaseVersion }} - draft: false - prerelease: false - fail_on_unmatched_files: false - generate_release_notes: true - files: | - openig-war/target/*.war - openig-docker/target/Dockerfile* - - - uses: actions/checkout@v4 - continue-on-error: true - with: - repository: ${{ github.repository }}.wiki - path: ${{ github.event.repository.name }}.wiki - fetch-depth: 0 - - name: Publish docs to wiki - continue-on-error: true - shell: bash - env: - GITHUB_ACTOR: ${{ github.actor }} - GITHUB_TOKEN: ${{ github.token }} - run: | - cd ${{ github.event.repository.name }}.wiki - rm -rf docbkx - mv ../openig-doc/target/docbkx ../${{ github.event.repository.name }}.wiki - git add -A - git commit -a -m "upload docs after release ${{ github.event.inputs.releaseVersion }}" - git tag -f ${{ github.event.inputs.releaseVersion }} - git push --quiet --force - git push --quiet --force origin ${{ github.event.inputs.releaseVersion }} - - uses: actions/checkout@v4 - continue-on-error: true - with: - repository: OpenIdentityPlatform/doc.openidentityplatform.org - path: doc.openidentityplatform.org - token: ${{ secrets.OIP_PAT_GH_TOKEN }} - - name: Publish docs to site - continue-on-error: true - shell: bash - run: | - export REPO_NAME_LC=$(echo '${{github.event.repository.name}}' | tr '[:upper:]' '[:lower:]') - export TAG_NAME='${{github.event.repository.name}}-${{ github.event.inputs.releaseVersion }}' - cd doc.openidentityplatform.org - git tag -f '${TAG_NAME}' - git push --quiet --force origin '${TAG_NAME}' - release-docker: - runs-on: 'ubuntu-latest' - needs: - - release-maven - steps: - - uses: actions/checkout@v4 - with: - ref: ${{ github.event.inputs.releaseVersion }} - fetch-depth: 1 - submodules: recursive - - name: Docker meta - id: meta - uses: docker/metadata-action@v5 - with: - images: | - ${{ github.repository }} - ghcr.io/${{ github.repository }}/${{ github.event.repository.name }} - tags: | - type=raw,value=latest - type=raw,value=${{ github.event.inputs.releaseVersion }} - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - name: Login to DockerHub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - name: Login to GHCR - uses: docker/login-action@v2 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push image - uses: docker/build-push-action@v5 - continue-on-error: true - with: - context: ./openig-docker - file: ./openig-docker/Dockerfile - build-args: | - VERSION=${{ github.event.inputs.releaseVersion }} - platforms: linux/amd64, linux/arm64/8, linux/arm/v7, linux/ppc64le, linux/s390x - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - release-docker-alpine: - runs-on: 'ubuntu-latest' - needs: - - release-maven - steps: - - uses: actions/checkout@v4 - with: - ref: ${{ github.event.inputs.releaseVersion }} - fetch-depth: 1 - submodules: recursive - - name: Docker meta (alpine) - id: meta - uses: docker/metadata-action@v5 - with: - images: | - ${{ github.repository }} - ghcr.io/${{ github.repository }}/${{ github.event.repository.name }} - tags: | - type=raw,value=alpine - type=raw,value=${{ github.event.inputs.releaseVersion }}-alpine - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - name: Login to DockerHub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - name: Login to GHCR - uses: docker/login-action@v2 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push image - continue-on-error: true - uses: docker/build-push-action@v5 - with: - context: ./openig-docker - file: ./openig-docker/Dockerfile-alpine - build-args: | - VERSION=${{ github.event.inputs.releaseVersion }} - platforms: linux/amd64,linux/arm64/8, linux/s390x, linux/386, linux/arm/v7, linux/arm/v6, linux/ppc64le - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} \ No newline at end of file