From 997dbaba149abf597b95dda7997fa849ab107972 Mon Sep 17 00:00:00 2001
From: oluwolenpbc <127983913+oluwolenpbc@users.noreply.github.com>
Date: Fri, 7 Feb 2025 14:20:57 -0500
Subject: [PATCH] PLT-833 test ab2d-libs workflows (#425)

Co-authored-by: oluwolenpbc <boluwole@brians-MacBook-Pro-4.local>
---
 .github/workflows/build.yaml   | 97 ++++++++++++++++++++++++++++++++++
 .github/workflows/publish.yaml | 68 ++++++++++++++++++++++++
 2 files changed, 165 insertions(+)
 create mode 100644 .github/workflows/build.yaml
 create mode 100644 .github/workflows/publish.yaml

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
new file mode 100644
index 00000000..3f30de73
--- /dev/null
+++ b/.github/workflows/build.yaml
@@ -0,0 +1,97 @@
+name: Build and Publish Libraries
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+
+env:
+  ARTIFACTORY_URL: ${{ secrets.ARTIFACTORY_URL }}
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v3
+
+      - name: Set up JDK
+        uses: actions/setup-java@v3
+        with:
+          java-version: '17'
+          distribution: 'corretto'
+
+      - name: Set up Gradle
+        uses: gradle/gradle-build-action@v2
+        with:
+          gradle-version: '8.10'
+
+      - name: Build Libraries
+        env:
+          ARTIFACTORY_USER: ${{ secrets.ARTIFACTORY_USER }}
+          ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}
+        run: gradle -b build.gradle
+
+      - name: Test Libraries
+        env:
+          ARTIFACTORY_USER: ${{ secrets.ARTIFACTORY_USER }}
+          ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}
+        run: gradle clean test --info -b build.gradle
+
+      - name: Build Jars
+        env:
+          ARTIFACTORY_USER: ${{ secrets.ARTIFACTORY_USER }}
+          ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}
+        run: gradle jar --info -b build.gradle
+
+      - name: SonarQube Analysis
+        env:
+          ARTIFACTORY_USER: ${{ secrets.ARTIFACTORY_USER }}
+          ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        run: |
+          gradle sonarqube \
+            -Dsonar.projectKey=ab2d-lib-project \
+            -Dsonar.host.url=https://sonarqube.cloud.cms.gov \
+            -Dsonar.login=${{ secrets.SONAR_TOKEN }}
+
+      - name: Quality Gate
+        id: quality-gate
+        uses: sonarsource/sonarcloud-github-action@v2
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+        timeout-minutes: 10
+
+      - name: Generate SBOM
+        env:
+          ARTIFACTORY_USER: ${{ secrets.ARTIFACTORY_USER }}
+          ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}
+        run: gradle cyclonedxBom
+
+      - name: Publish Libraries
+        if: github.ref == 'refs/heads/main'
+        env:
+          ARTIFACTORY_USER: ${{ secrets.ARTIFACTORY_USER }}
+          ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}
+        run: |
+          # Check for artifacts to deploy
+          versionPublishedList=$(gradle -q lookForArtifacts)
+
+          deployScript=""
+          for entry in $(echo "$versionPublishedList" | tr "'''" "\n"); do
+            buildName=$(echo "$entry" | cut -d":" -f1)
+            isPublished=$(echo "$entry" | cut -d":" -f2)
+
+            if [ "$isPublished" == "false" ]; then
+              echo "Deploying $buildName"
+              deployScript+="$buildName:artifactoryPublish "
+            fi
+          done
+
+          if [ "$deployScript" != "" ]; then
+            gradle $deployScript -b build.gradle
+          else
+            echo "No artifacts to publish."
+          fi
diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml
new file mode 100644
index 00000000..b09d806d
--- /dev/null
+++ b/.github/workflows/publish.yaml
@@ -0,0 +1,68 @@
+iname: publish
+
+on:
+  pull_request:
+  workflow_call:
+    inputs:
+      environment:
+        required: true
+        type: string
+      module:
+        required: true
+        type: string
+  workflow_dispatch:
+    inputs:
+      environment:
+        required: true
+        type: choice
+        options:
+          - dev
+          - test
+      module:
+        required: true
+        type: choice
+        options:
+          - api
+          - worker
+
+jobs:
+  publish:
+    runs-on: self-hosted
+
+    env:
+      ARTIFACTORY_URL: ${{ secrets.ARTIFACTORY_URL }}
+      ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: true
+      AWS_REGION: ${{ vars.AWS_REGION }}
+      DEPLOYMENT_ENV: ${{ vars[format('{0}_DEPLOYMENT_ENV', inputs.environment)] }}
+
+    steps:
+      - name: Checkout AB2D-Libs Repository
+        uses: actions/checkout@v4
+
+      - name: Set up JDK
+        uses: actions/setup-java@v3
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+
+      - name: Set up Gradle
+        uses: gradle/gradle-build-action@v2
+        with:
+          gradle-version: '8.10'
+
+      - name: Set env vars from AWS params
+        uses: cmsgov/ab2d-bcda-dpc-platform/actions/aws-params-env-action@main
+        env:
+          AWS_REGION: ${{ vars.AWS_REGION }}
+        with:
+          params: |
+            ARTIFACTORY_URL=/artifactory/url
+            ARTIFACTORY_USER=/artifactory/user
+            ARTIFACTORY_PASSWORD=/artifactory/password     
+      - name: Publish Libraries
+        run: |
+          echo "Publishing libraries using Gradle..."
+          gradle artifactoryPublish -b build.gradle --info \
+            -Dusername="${ARTIFACTORY_USER}" \
+            -Dpassword="${ARTIFACTORY_PASSWORD}" \
+            -Drepository_url="${ARTIFACTORY_URL}"