Update build/publish workflow #27
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Publish Libraries | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - fix-workflows | |
| pull_request: | |
| workflow_dispatch: # Allow manual trigger | |
| inputs: | |
| forcePublish: | |
| description: 'Force publish snapshots of libraries to Artifactory even if not main branch' | |
| type: boolean | |
| default: 'false' # boolean values are actually strings | |
| required: false | |
| env: | |
| ARTIFACTORY_URL: ${{ secrets.ARTIFACTORY_URL }} | |
| jobs: | |
| build: | |
| runs-on: self-hosted | |
| env: | |
| AWS_REGION: ${{ vars.AWS_REGION }} | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@v3 | |
| - name: Set up JDK | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'corretto' | |
| - name: Set up Gradle | |
| uses: gradle/actions/setup-gradle@v4 | |
| with: | |
| gradle-version: '7.2' | |
| - name: Set env vars from AWS params | |
| uses: cmsgov/ab2d-bcda-dpc-platform/actions/aws-params-env-action@main | |
| with: | |
| params: | | |
| ARTIFACTORY_URL=/artifactory/url | |
| ARTIFACTORY_USER=/artifactory/user | |
| ARTIFACTORY_PASSWORD=/artifactory/password | |
| SONAR_HOST_URL=/sonarqube/url | |
| SONAR_TOKEN=/sonarqube/token | |
| - name: Build and test libraries | |
| run: gradle clean test --info -b build.gradle | |
| - name: Build JARs | |
| run: gradle jar --info -b build.gradle | |
| - name: SonarQube Analysis | |
| run: | | |
| gradle sonarqube \ | |
| -Dsonar.projectKey=ab2d-lib-project \ | |
| -Dsonar.host.url=$SONAR_HOST_URL \ | |
| -Dsonar.login=$SONAR_TOKEN | |
| - name: Quality Gate | |
| id: sonarqube-quality-gate-check | |
| uses: sonarsource/sonarqube-quality-gate-action@master | |
| with: | |
| scanMetadataReportFile: build/sonar/report-task.txt | |
| timeout-minutes: 10 | |
| - name: Generate SBOM | |
| run: gradle cyclonedxBom | |
| - name: Publish libraries from main branch | |
| if: github.ref == 'refs/heads/main' | |
| run: | | |
| # Check for artifacts to deploy | |
| versionPublishedList=$(SUPPRESS_LOGGING_BRANCH_CLASSIFIER=true gradle -q lookForArtifacts) | |
| deployScript="" | |
| for entry in $(echo "$versionPublishedList" | tr "'''" "\n"); do | |
| buildName=$(echo "$entry" | cut -d":" -f1) | |
| isPublished=$(echo "$entry" | cut -d":" -f2) | |
| if [ "$isPublished" == "false" ]; then | |
| echo "Deploying $buildName" | |
| deployScript+="$buildName:artifactoryPublish " | |
| fi | |
| done | |
| if [ "$deployScript" != "" ]; then | |
| gradle $deployScript -b build.gradle | |
| else | |
| echo "No artifacts to publish." | |
| fi | |
| - name: Force publish libraries | |
| if: inputs.forcePublish == 'true' | |
| run: gradle artifactoryPublish -b build.gradle |