diff --git a/.github/workflows/codecov.yml b/.github/workflows/codecov.yml index 6ff39af..fc3d840 100644 --- a/.github/workflows/codecov.yml +++ b/.github/workflows/codecov.yml @@ -1,25 +1,25 @@ -# This is based on: -# https://github.com/codecov/example-java-maven/blob/main/.github/workflows/ci.yml -name: Codecov -on: [push, pull_request] -jobs: - run: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Set up JDK 11 - uses: actions/setup-java@v1 - with: - java-version: 17 - - name: Install dependencies - run: mvn install -DskipTests=true -Dmaven.javadoc.skip=true -B -V - - name: Run tests and collect coverage - run: mvn -B test - - name: Upload coverage to Codecov - uses: codecov/codecov-action@v4 - with: - # To find this token, and how it is stored in the repo, see: - # https://docs.codecov.com/docs/adding-the-codecov-token - token: ${{ secrets.CODECOV_TOKEN }} - slug: google/fhir-gateway \ No newline at end of file +## This is based on: +## https://github.com/codecov/example-java-maven/blob/main/.github/workflows/ci.yml +#name: Codecov +#on: [push, pull_request] +#jobs: +# run: +# runs-on: ubuntu-latest +# steps: +# - name: Checkout +# uses: actions/checkout@v4 +# - name: Set up JDK 11 +# uses: actions/setup-java@v1 +# with: +# java-version: 17 +# - name: Install dependencies +# run: mvn install -DskipTests=true -Dmaven.javadoc.skip=true -B -V +# - name: Run tests and collect coverage +# run: mvn -B test +# - name: Upload coverage to Codecov +# uses: codecov/codecov-action@v4 +# with: +# # To find this token, and how it is stored in the repo, see: +# # https://docs.codecov.com/docs/adding-the-codecov-token +# token: ${{ secrets.CODECOV_TOKEN }} +# slug: google/fhir-gateway \ No newline at end of file diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 931d139..8adff8b 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -1,82 +1,82 @@ -# For most projects, this workflow file will not need changing; you simply need -# to commit it to your repository. +## For most projects, this workflow file will not need changing; you simply need +## to commit it to your repository. +## +## You may wish to alter this file to override the set of languages analyzed, +## or to provide custom queries or build logic. +## +## ******** NOTE ******** +## We have attempted to detect the languages in your repository. Please check +## the `language` matrix defined below to confirm you have the correct set of +## supported CodeQL languages. +## +#name: "CodeQL" # -# You may wish to alter this file to override the set of languages analyzed, -# or to provide custom queries or build logic. +#on: +# push: +# branches: [ "main" ] +# pull_request: +# # The branches below must be a subset of the branches above +# branches: [ "main" ] +# schedule: +# - cron: '25 21 * * 6' # -# ******** NOTE ******** -# We have attempted to detect the languages in your repository. Please check -# the `language` matrix defined below to confirm you have the correct set of -# supported CodeQL languages. +#jobs: +# analyze: +# name: Analyze +# runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} +# timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }} +# permissions: +# actions: read +# contents: read +# security-events: write # -name: "CodeQL" - -on: - push: - branches: [ "main" ] - pull_request: - # The branches below must be a subset of the branches above - branches: [ "main" ] - schedule: - - cron: '25 21 * * 6' - -jobs: - analyze: - name: Analyze - runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} - timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }} - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: [ 'java', 'python' ] - # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby', 'swift' ] - # Use only 'java' to analyze code written in Java, Kotlin or both - # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both - # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support - - steps: - - uses: actions/setup-java@v4 - with: - distribution: 'temurin' - java-version: '17' - - - name: Checkout repository - uses: actions/checkout@v3 - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - - # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs - # queries: security-extended,security-and-quality - - - # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v2 - - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun - - # If the Autobuild fails above, remove it and uncomment the following three lines. - # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. - - # - run: | - # echo "Run, Build Application using script" - # ./location_of_script_within_repo/buildscript.sh - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 - with: - category: "/language:${{matrix.language}}" +# strategy: +# fail-fast: false +# matrix: +# language: [ 'java', 'python' ] +# # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby', 'swift' ] +# # Use only 'java' to analyze code written in Java, Kotlin or both +# # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both +# # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support +# +# steps: +# - uses: actions/setup-java@v4 +# with: +# distribution: 'temurin' +# java-version: '17' +# +# - name: Checkout repository +# uses: actions/checkout@v3 +# +# # Initializes the CodeQL tools for scanning. +# - name: Initialize CodeQL +# uses: github/codeql-action/init@v2 +# with: +# languages: ${{ matrix.language }} +# # If you wish to specify custom queries, you can do so here or in a config file. +# # By default, queries listed here will override any specified in a config file. +# # Prefix the list here with "+" to use these queries and those in the config file. +# +# # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs +# # queries: security-extended,security-and-quality +# +# +# # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). +# # If this step fails, then you should remove it and run the build manually (see below) +# - name: Autobuild +# uses: github/codeql-action/autobuild@v2 +# +# # ℹī¸ Command-line programs to run using the OS shell. +# # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun +# +# # If the Autobuild fails above, remove it and uncomment the following three lines. +# # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. +# +# # - run: | +# # echo "Run, Build Application using script" +# # ./location_of_script_within_repo/buildscript.sh +# +# - name: Perform CodeQL Analysis +# uses: github/codeql-action/analyze@v2 +# with: +# category: "/language:${{matrix.language}}" diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml new file mode 100644 index 0000000..1f206ed --- /dev/null +++ b/.github/workflows/docker-build.yml @@ -0,0 +1,62 @@ +name: Build and Push Docker Image + +# Trigger the workflow on push to main branch or pull requests +on: + push: + branches: + - development + pull_request: + branches: + - development + +jobs: + build: + runs-on: ubuntu-latest + + steps: + # Step 1: Checkout the repository + - name: Checkout repository + uses: actions/checkout@v3 + + # Step 2: Set up Docker Buildx (required for multi-stage builds) + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + # Step 3: Set up Node.js and jq (for JSON parsing) + - name: Set up Node.js + uses: actions/setup-node@v3 + with: + node-version: '16' + + - name: Install jq (JSON parser) + run: sudo apt-get update && sudo apt-get install -y jq + + # Step 4: Extract platform information from roles-config.json + - name: Extract platform from roles-config.json + id: extract_platform + run: | + PLATFORM=$(jq -r '.baseUrl.platform' ./roles-config.json) + echo "PLATFORM=$PLATFORM" >> $GITHUB_ENV + + # Step 5: Log in to Docker Hub using credentials from GitHub secrets + - name: Log in to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_PASSWORD }} + + # Step 6: Build and tag the Docker image + - name: Build and tag Docker image + run: | + DOCKERHUB_USERNAME="${{ secrets.DOCKERHUB_USERNAME }}" + REPOSITORY_NAME="openchanjo_gateway" + IMAGE_TAG="${DOCKERHUB_USERNAME}/${REPOSITORY_NAME}:${{ env.PLATFORM }}" + docker buildx build --platform linux/amd64 -t $IMAGE_TAG . + + # Step 7: Push the image to Docker Hub + - name: Push Docker image + run: | + DOCKERHUB_USERNAME="${{ secrets.DOCKERHUB_USERNAME }}" + REPOSITORY_NAME="openchanjo_gateway" + IMAGE_TAG="${DOCKERHUB_USERNAME}/${REPOSITORY_NAME}:${{ env.PLATFORM }}" + docker push $IMAGE_TAG diff --git a/Dockerfile b/Dockerfile index b6e1adf..6065fa9 100755 --- a/Dockerfile +++ b/Dockerfile @@ -8,15 +8,7 @@ RUN npm cache clean -f && npm install -g n && n stable # Set the working directory inside the container WORKDIR /app -# Copy everything from the local repository to the container -#COPY server/ ./server/ -#COPY plugins/ ./plugins/ -#COPY exec/ ./exec/ -#COPY coverage/ ./coverage/ -#COPY .github/ ./.github -#COPY license-header.txt . -#COPY pom.xml . - +# Copy everything COPY . . # Build the project using Maven @@ -34,8 +26,5 @@ COPY --from=build /app/exec/target/fhir-gateway-exec.jar ./fhir-gateway-exec.jar # Expose the application port (adjust this based on your app's configuration) EXPOSE 8080 -#ENV TOKEN_ISSUER="https://keycloak.intellisoftkenya.com/realms/master" -#ENV PROXY_TO="https://openchanjotest.intellisoftkenya.com/chanjo-hapi/fhir/" - # Run the application ENTRYPOINT java -jar fhir-gateway-exec.jar --server.port=${PROXY_PORT} diff --git a/build.sh b/build.sh index 90bdf03..27a980e 100755 --- a/build.sh +++ b/build.sh @@ -1,31 +1,45 @@ #!/bin/bash -# -# Copyright 2021-2023 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# Fail on any error. -set -e -# Display commands being run. -# WARNING: please only enable 'set -x' if necessary for debugging, and be very -# careful if you handle credentials (e.g. from Keystore) with 'set -x': -# statements like "export VAR=$(cat /tmp/keystore/credentials)" will result in -# the credentials being printed in build logs. -# Additionally, recursive invocation with credentials as command-line -# parameters, will print the full command, with credentials, in the build logs. -# set -x -export BUILD_ID=${KOKORO_BUILD_ID:-local} -#gcloud auth configure-docker us-docker.pkg.dev -#./e2e-test/e2e.sh -docker push us-docker.pkg.dev/fhir-proxy-build/stable/fhir-gateway:${BUILD_ID} + +# Variables +DOCKERHUB_USERNAME="davidnjau21" +REPOSITORY_NAME="open_chanjo" +DOCKERFILE_PATH="./Dockerfile" +CONFIG_FILE="./server/src/main/resources/roles-config.json" + +# Extract platform information from roles-config.json +PLATFORM=$(jq -r '.baseUrl.platform' $CONFIG_FILE) + +# Check if jq is installed (jq is used to parse JSON) +if ! [ -x "$(command -v jq)" ]; then + echo "Error: jq is not installed. Install it by running 'sudo apt-get install jq' or use your package manager." + exit 1 +fi + +# Check if platform is available +if [ -z "$PLATFORM" ]; then + echo "Error: Could not read platform information from $CONFIG_FILE." + exit 1 +fi + +# Build the Docker image +IMAGE_TAG="${DOCKERHUB_USERNAME}/${REPOSITORY_NAME}:${PLATFORM}" +echo "Building Docker image with tag: $IMAGE_TAG" +docker build -t $IMAGE_TAG -f $DOCKERFILE_PATH . + +# Check if Docker build was successful +if [ $? -ne 0 ]; then + echo "Error: Docker image build failed." + exit 1 +fi + +# Push the image to Docker Hub +echo "Pushing image to Docker Hub: $IMAGE_TAG" +docker push $IMAGE_TAG + +# Check if Docker push was successful +if [ $? -ne 0 ]; then + echo "Error: Failed to push Docker image to Docker Hub." + exit 1 +fi + +echo "Docker image $IMAGE_TAG pushed successfully." diff --git a/server/src/main/resources/roles-config.json b/server/src/main/resources/roles-config.json index b1acfbe..8ccf311 100644 --- a/server/src/main/resources/roles-config.json +++ b/server/src/main/resources/roles-config.json @@ -1,6 +1,6 @@ { "baseUrl": { - "platform": "LIVE", + "platform": "TESTING", "url": "https://openchanjotest.intellisoftkenya.com/", "fhir": "chanjo-hapi/fhir/", "auth": "auth/provider/me",