Skip to content

Update ci-api.yaml

Update ci-api.yaml #26

Workflow file for this run

name: Continuous Integration for API Suivie Physique
on:
push:
branches:
- main
- dev
pull_request:
branches:
- main
- dev
workflow_dispatch:
jobs:
compile:
name: Compile Suivie Physique API
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup JDK 17
uses: actions/setup-java@v4.2.1
with:
distribution: 'corretto'
java-version: 17
- name: Cache Maven packages
uses: actions/cache@v2
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
- name: Compile API
run: |
cd backend
mvn -B clean compile
test:
name: Unit Test Suivie Physique API
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup JDK 17
uses: actions/setup-java@v4.2.1
with:
distribution: 'corretto'
java-version: 17
- name: Cache Maven packages
uses: actions/cache@v2
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
- name: Run Unit Test API
run: |
cd backend
mvn clean test
secret-scan:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Secret Scanning
uses: trufflesecurity/trufflehog@main
with:
extra_args: --only-verified
sca:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- name: Run Snyk to check for vulnerabilities
uses: snyk/actions/maven-3-jdk-17@master
continue-on-error: true # To make sure that SARIF upload gets called
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: --sarif-file-output=snyk.sarif
- name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: snyk.sarif
coverage:
name: Code Coverage Suivie Physique API
runs-on: ubuntu-latest
env:
DEEPSOURCE_DSN: ${{ secrets.DEEPSOURCE_DSN }}
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: DeepSource Test Coverage
uses: DeepSourceCorp/test-coverage-action@v1.1.2
with:
dsn: DEEPSOURCE_DSN
- name: Install DeepSource CLI
run: |
curl https://deepsource.io/cli | sh
- name: Generate coverage report
run: |
touch ./coverage.out
./bin/deepsource report --analyzer test-coverage --key java --value-file ./coverage.out
- name: Upload coverage report as artifact
uses: actions/upload-artifact@v2
with:
name: coverage-report
path: coverage.out
- name: Download coverage report
uses: actions/download-artifact@v2
with:
name: coverage-report
path: .
build:
name: Build Suivie Physique API
runs-on: ubuntu-latest
needs: [compile, test, coverage]
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup JDK 17
uses: actions/setup-java@v4.2.1
with:
distribution: 'corretto'
java-version: 17
- name: Cache Maven packages
uses: actions/cache@v2
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
- name: Build API
run: |
cd backend
mvn -B clean package -DskipTests
build-push-image:
name: Build Docker Image for Suivie Physique API
runs-on: ubuntu-latest
needs: [build]
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup JDK 17
uses: actions/setup-java@v4.2.1
with:
distribution: 'corretto'
java-version: 17
- name: Cache Maven packages
uses: actions/cache@v2
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
- name: Extract API version
id: extract_version
run: |
cd backend
echo "API_VERSION=$(./mvnw -q -Dexec.executable='echo' -Dexec.args='${project.version}' --non-recursive exec:exec)" >> $GITHUB_OUTPUT
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Dockerhub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: Build Docker Image & Push to DockerHub
uses: docker/build-push-action@v5
with:
context: backend
file: docker/backend/Dockerfile
push: true
platforms: linux/amd64,linux/arm64
tags: dotcipher1/sp-api:latest
# deploy:
# name: Deploy Suivie Physique API
# runs-on: self-hosted
# needs: [build-push-image]
# steps:
# - name: Checkout code
# uses: actions/checkout@v4
#
# - name: Setup JDK 17
# uses: actions/setup-jdk@v4
# with:
# distribution: 'corretto'
# java-version: 17
#
# - name: Create deployment folder
# run: ssh ${{ secrets.VPS_USERNAME }}@${{ secrets.VPS_IP }} "mkdir -p ci-cd"
#
# - name: Copy deployment files
# run: scp docker-compose.yml ${{ secrets.VPS_USERNAME }}@${{ secrets.VPS_IP }}:ci-cd/docker-compose.yml
#
# - name: Set ENV & Deploy API
# run: |
# ssh ${{ secrets.VPS_USERNAME }}@${{ secrets.VPS_IP }} <<EOF
# cd ci-cd
# docker-compose -f docker-compose.yml pull -q
# docker-compose -f docker-compose.yml up -d
# EOF