From 7b16600584da49d0a504f7cdaa1066ba41f2b20e Mon Sep 17 00:00:00 2001
From: Janno Kusman <138101867+jann0k@users.noreply.github.com>
Date: Wed, 4 Sep 2024 16:07:15 +0300
Subject: [PATCH] GitHub workflow action: create docker images on release (#7)
---
.github/workflows/maven-release.yml | 42 ++++++++++++++++++++++++++++-
README.md | 12 +++++++--
cdoc2-shared-crypto/pom.xml | 7 +++++
get-server/pom.xml | 13 +++++++++
put-server/pom.xml | 13 +++++++++
5 files changed, 84 insertions(+), 3 deletions(-)
diff --git a/.github/workflows/maven-release.yml b/.github/workflows/maven-release.yml
index 254c330..b2df34f 100644
--- a/.github/workflows/maven-release.yml
+++ b/.github/workflows/maven-release.yml
@@ -9,7 +9,6 @@ on:
jobs:
publish:
-
runs-on: ubuntu-latest
permissions:
contents: read
@@ -28,3 +27,44 @@ jobs:
run: mvn deploy -s $GITHUB_WORKSPACE/settings.xml
env:
GITHUB_TOKEN: ${{ github.token }}
+
+ # test if username and password are correct (may still fail if no write access or wrong package name)
+ - name: Log in to the Container registry
+ uses: docker/login-action@v3
+ with:
+ registry: ghcr.io
+ username: ${{ github.actor }}
+ password: ${{ github.token }}
+
+ - name: Build Docker/OCI images and publish to GH Container registry (ghcr.io)
+ run: |
+ mvn spring-boot:build-image -f get-server \
+ -s $GITHUB_WORKSPACE/settings.xml \
+ -Dmaven.test.skip=true \
+ -Dspring-boot.build-image.publish=true \
+ -Ddocker.publishRegistry.url=${REGISTRY} \
+ -Ddocker.publishRegistry.username=${USERNAME} \
+ -Ddocker.publishRegistry.password=${GITHUB_TOKEN} \
+ -Dspring-boot.build-image.imageName=${REGISTRY}/${GITHUB_REPOSITORY_OWNER}/cdoc2-get-server:${TAG}-${GITHUB_SHA} \
+ -Dspring-boot.build-image.tags=${REGISTRY}/${GITHUB_REPOSITORY_OWNER}/cdoc2-get-server:latest
+ mvn spring-boot:build-image -f put-server \
+ -s $GITHUB_WORKSPACE/settings.xml \
+ -Dmaven.test.skip=true \
+ -Dspring-boot.build-image.publish=true \
+ -Ddocker.publishRegistry.url=${REGISTRY} \
+ -Ddocker.publishRegistry.username=${USERNAME} \
+ -Ddocker.publishRegistry.password=${GITHUB_TOKEN} \
+ -Dspring-boot.build-image.imageName=${REGISTRY}/${GITHUB_REPOSITORY_OWNER}/cdoc2-put-server:${TAG}-${GITHUB_SHA} \
+ -Dspring-boot.build-image.tags=${REGISTRY}/${GITHUB_REPOSITORY_OWNER}/cdoc2-put-server:latest
+ env:
+ REGISTRY: ghcr.io
+ USERNAME: ${{ github.actor }}
+ GITHUB_TOKEN: ${{ github.token }}
+ # Note: git tag can contain more symbols than Container registry, allowed for docker tag:
+ # lowercase and uppercase letters, digits, underscores, periods, and hyphens.
+ # Note: imageName tag is built from git tag which can be different from module version
+ TAG: ${{ github.event.release.tag_name }}
+ # use open-eid Maven repo for dependencies download, see pom.xml
+ MAVEN_REPO: open-eid/cdoc2-capsule-server
+
+
diff --git a/README.md b/README.md
index 40a4ee6..540c901 100644
--- a/README.md
+++ b/README.md
@@ -73,6 +73,13 @@ by [defining repository variable](https://docs.github.com/en/actions/writing-wor
See [getting-started.md](getting-started.md) and [admin-guide.md](admin-guide.md)
+### Running pre-built Docker/OCI images
+
+Download `cdoc2-put-server` and `cdoc2-get-server` images from [open-eid Container registry](https://github.com/open-eid?ecosystem=container&tab=packages)
+
+[ghcr.io login](https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry#authenticating-with-a-personal-access-token-classic)
+
+TODO: Configuring Docker images
## Releasing and versioning
@@ -80,8 +87,9 @@ See [VERSIONING.md](https://github.com/open-eid/cdoc2-java-ref-impl/blob/master/
### GitHub release
-[Create release](https://docs.github.com/en/repositories/releasing-projects-on-github/managing-releases-in-a-repository#creating-a-release) on tag done by VERSIONING.md process. It will trigger `maven-release.yml` workflow that
-will deploy Maven packages to GitHub Maven package repository.
+[Create release](https://docs.github.com/en/repositories/releasing-projects-on-github/managing-releases-in-a-repository#creating-a-release) on tag done by [VERSIONING.md](https://github.com/open-eid/cdoc2-java-ref-impl/blob/master/VERSIONING.md) process.
+It will trigger `maven-release.yml` workflow that will deploy Maven packages to GitHub Maven package repository
+and build & publish Docker/OCI images.
## Related projects
diff --git a/cdoc2-shared-crypto/pom.xml b/cdoc2-shared-crypto/pom.xml
index fc40ad0..6c04449 100644
--- a/cdoc2-shared-crypto/pom.xml
+++ b/cdoc2-shared-crypto/pom.xml
@@ -111,6 +111,13 @@
+
+ org.apache.maven.plugins
+ maven-deploy-plugin
+ 3.1.3
+
+
+
diff --git a/get-server/pom.xml b/get-server/pom.xml
index 107359f..63c887d 100644
--- a/get-server/pom.xml
+++ b/get-server/pom.xml
@@ -417,10 +417,23 @@
${java.version}
true
+
${bp.dependency.mirror}
true
+
+ ${spring-boot.build-image.tags}
+
+
+
+ ${docker.publishRegistry.url}
+
+ ${docker.publishRegistry.username}
+
+ ${docker.publishRegistry.password}
+
+
diff --git a/put-server/pom.xml b/put-server/pom.xml
index 8276a86..fcaee0f 100644
--- a/put-server/pom.xml
+++ b/put-server/pom.xml
@@ -416,10 +416,23 @@
${java.version}
true
+
${bp.dependency.mirror}
true
+
+ ${spring-boot.build-image.tags}
+
+
+
+ ${docker.publishRegistry.url}
+
+ ${docker.publishRegistry.username}
+
+ ${docker.publishRegistry.password}
+
+