Build and publish Docker distributions to Github Container Registry ghcr.io

Build and publish Docker distributions to Github Container Registry ghcr.io #12

Workflow file for this run

.github/workflows/build-dev-release.yml at 356e14d

	name: Build and publish Docker distributions to Github Container Registry ghcr.io

	on: workflow_dispatch

	jobs:
	get-previous-tag:
	name: Get previous tag
	runs-on: ubuntu-20.04
	steps:
	- uses: actions/checkout@v4
	with:
	ref: ${{ github.ref }}
	fetch-depth: 100
	fetch-tags: true
	- id: previous-tag
	run: \|
	FOUND_TAG=$(git tag --list --sort=-version:refname '..*-dev' \| head --lines 2 \| tail --lines 1)
	echo "result=$FOUND_TAG" >> "$GITHUB_OUTPUT"
	[[ -z $(echo "$FOUND_TAG") ]] && { echo "No tag found..."; exit 1; } \|\| { echo "Tag found: ${FOUND_TAG}"; }
	outputs:
	tag: ${{ steps.previous-tag.outputs.result }}
	changes:
	name: Collect changed files
	runs-on: ubuntu-20.04
	needs:
	- get-previous-tag
	outputs:
	app: ${{ steps.filter.outputs.app }}
	grpc: ${{ steps.filter.outputs.grpc }}
	core: ${{ steps.filter.outputs.core }}
	oracle: ${{ steps.filter.outputs.oracle }}
	steps:
	- uses: actions/checkout@v3
	- uses: dorny/paths-filter@v3
	id: filter
	with:
	base: ${{ needs.get-previous-tag.outputs.tag }}
	filters: \|
	app:
	- 'app/gradle.properties'
	grpc:
	- 'grpc/gradle.properties'
	core:
	- 'core/gradle.properties'
	oracle:
	- 'oracle/gradle.properties'
	grpc-version:
	name: Extract grpc version
	uses: th2-net/.github/.github/workflows/compound-prebuild-java-workflow.yml@main
	with:
	project-path: grpc
	app-version:
	name: Extract app version
	uses: th2-net/.github/.github/workflows/compound-prebuild-java-workflow.yml@main
	with:
	project-path: app
	oracle-version:
	name: Extract oracle version
	uses: th2-net/.github/.github/workflows/compound-prebuild-java-workflow.yml@main
	with:
	project-path: oracle

	build-and-publish-grpc-java:
	name: Build and publish Java gRPC distributions
	runs-on: 'ubuntu-20.04'
	needs:
	- changes
	if: ${{ needs.changes.outputs.grpc == 'true' }}
	steps:
	- uses: actions/checkout@v4
	- name: Set up JDK 'zulu' '11'
	uses: actions/setup-java@v4
	with:
	distribution: 'zulu'
	java-version: '11'
	- name: Setup Gradle
	uses: gradle/gradle-build-action@v3
	- name: Build with Gradle
	run: ./gradlew --info -Pversion_suffix='dev' clean build :grpc-read-db:publish closeAndReleaseSonatypeStagingRepository
	env:
	ORG_GRADLE_PROJECT_sonatypeUsername: ${{ secrets.SONATYPE_NEXUS_USERNAME }}
	ORG_GRADLE_PROJECT_sonatypePassword: ${{ secrets.SONATYPE_NEXUS_PASSWORD }}
	ORG_GRADLE_PROJECT_signingKey: ${{ secrets.SONATYPE_GPG_ARMORED_KEY }}
	ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.SONATYPE_SIGNING_PASSWORD }}

	build-and-publish-grpc-python:
	name: Build and publish Python distributions to PyPI
	needs:
	- build-and-publish-grpc-java
	- grpc-version
	- changes
	if: ${{ needs.changes.outputs.grpc == 'true' }}
	uses: th2-net/.github/.github/workflows/compaund-python-grpc-pypi-publication.yml@main
	with:
	custom-version: ${{ needs.grpc-version.outputs.version }}rc1
	project-path: grpc
	secrets:
	pypi_password: ${{ secrets.PYPI_PASSWORD }}

	build-and-publish-core-java:
	name: Build and publish Java core distributions
	runs-on: 'ubuntu-20.04'
	needs:
	- build-and-publish-grpc-java
	- changes
	if: (needs.changes.outputs.core == 'true' \|\| needs.changes.outputs.grpc == 'true') && !cancelled()
	steps:
	- uses: actions/checkout@v4
	- name: Set up JDK 'zulu' '11'
	uses: actions/setup-java@v4
	with:
	distribution: 'zulu'
	java-version: '11'
	- name: Setup Gradle
	uses: gradle/gradle-build-action@v3
	- name: Build with Gradle
	run: ./gradlew --info -Pversion_suffix='dev' clean build :read-db-core:publish closeAndReleaseSonatypeStagingRepository
	env:
	ORG_GRADLE_PROJECT_sonatypeUsername: ${{ secrets.SONATYPE_NEXUS_USERNAME }}
	ORG_GRADLE_PROJECT_sonatypePassword: ${{ secrets.SONATYPE_NEXUS_PASSWORD }}
	ORG_GRADLE_PROJECT_signingKey: ${{ secrets.SONATYPE_GPG_ARMORED_KEY }}
	ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.SONATYPE_SIGNING_PASSWORD }}

	build-and-publish-oracle-extension-java:
	name: Build and publish Java oracle extension distributions
	runs-on: 'ubuntu-20.04'
	needs:
	- build-and-publish-core-java
	- changes
	if: \|
	always() &&
	(needs.changes.outputs.oracle == 'true' \|\| needs.changes.outputs.core == 'true')
	steps:
	- uses: actions/checkout@v4
	- name: Set up JDK 'zulu' '11'
	uses: actions/setup-java@v4
	with:
	distribution: 'zulu'
	java-version: '11'
	- name: Setup Gradle
	uses: gradle/gradle-build-action@v3
	- name: Build with Gradle
	run: ./gradlew --info -Pversion_suffix='dev' clean build :read-db-oracle-extension:publish closeAndReleaseSonatypeStagingRepository
	env:
	ORG_GRADLE_PROJECT_sonatypeUsername: ${{ secrets.SONATYPE_NEXUS_USERNAME }}
	ORG_GRADLE_PROJECT_sonatypePassword: ${{ secrets.SONATYPE_NEXUS_PASSWORD }}
	ORG_GRADLE_PROJECT_signingKey: ${{ secrets.SONATYPE_GPG_ARMORED_KEY }}
	ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.SONATYPE_SIGNING_PASSWORD }}
	owasp-scan:
	if: "!cancelled()"
	uses: th2-net/.github/.github/workflows/owasp-gradle-scan.yml@main
	with:
	multiproject: true
	secrets:
	nvd-api-key: ${{ secrets.NVD_APIKEY }}
	license-scan:
	if: "!cancelled()"
	uses: th2-net/.github/.github/workflows/license_check.yml@main
	needs:
	- app-version
	with:
	version: ${{ needs.app-version.outputs.version }}-dev
	publish-docker:
	name: Build and publish docker image
	needs:
	- build-and-publish-oracle-extension-java
	- app-version
	- changes
	if: \|
	(needs.changes.outputs.app == 'true' \|\| needs.changes.outputs.grpc == 'true' \|\| needs.changes.outputs.core == 'true' \|\| needs.changes.outputs.oracle == 'true')
	&& !cancelled()
	uses: th2-net/.github/.github/workflows/compaund-java-docker-push.yml@main
	with:
	docker-username: ${{ github.actor }}
	version: ${{ needs.app-version.outputs.version }}-dev
	versionNumber: ${{ needs.app-version.outputs.version }}
	dockerContext: '.'
	gradleProjectPath: 'app'
	gradleParameters: '["clean", "build", "dockerPrepare"]'
	secrets:
	docker-password: ${{ secrets.GITHUB_TOKEN }}
	trivy-docker-scan:
	name: Scan Docker image for vulnerabilities
	if: needs.publish-docker.result == 'success' && !cancelled()
	needs:
	- publish-docker
	- app-version
	uses: th2-net/.github/.github/workflows/trivy-scan-github.yml@main
	with:
	image-path: ghcr.io/${{ github.repository }}:${{ needs.app-version.outputs.version }}-dev
	target: 'os,library'
	sensitivity: 'CRITICAL,HIGH,MEDIUM'
	create-grpc-tag:
	if: needs.build-and-publish-grpc-java.result == 'success' && needs.build-and-publish-grpc-python.result == 'success' && !cancelled()
	name: Create and push gRPC tag
	needs: [ grpc-version, build-and-publish-grpc-java, build-and-publish-grpc-python ]
	uses: th2-net/.github/.github/workflows/compaund-git-tag-push.yml@main
	with:
	tagName: ${{ needs.grpc-version.outputs.version }}-grpc-dev
	create-oracle-tag:
	if: needs.build-and-publish-oracle-extension-java.result == 'success'&& !cancelled()
	name: Create and push oracle extension tag
	needs: [ oracle-version, build-and-publish-oracle-extension-java ]
	uses: th2-net/.github/.github/workflows/compaund-git-tag-push.yml@main
	with:
	tagName: ${{ needs.oracle-version.outputs.version }}-oracle-dev
	create-app-tag:
	if: needs.publish-docker.result == 'success' && needs.build-and-publish-core-java.result == 'success' && !cancelled()
	name: Create and push app tag
	needs: [ app-version, publish-docker, build-and-publish-core-java ]
	uses: th2-net/.github/.github/workflows/compaund-git-tag-push.yml@main
	with:
	tagName: ${{ needs.app-version.outputs.version }}-dev

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Build and publish Docker distributions to Github Container Registry ghcr.io #12

Workflow file

Build and publish Docker distributions to Github Container Registry ghcr.io #12

Jobs

Run details

Workflow file for this run