checkout before jdk install??? #147

Workflow file for this run

.github/workflows/docker_build.yml at c68af72

	name: Docker Build

	on:
	# workflow_dispatch:
	push:

	permissions:
	id-token: write
	contents: read

	env:
	VAULT_PW: ${{ secrets.VAULT_PW }}
	REPORT_COVERAGE: true
	DPC_CA_CERT: ${{ secrets.DPC_CA_CERT }}
	ENV: "github-ci"

	jobs:
	docker_build_rails_apps:
	runs-on: self-hosted
	strategy:
	matrix:
	ecr_repository: [ web-portal, web-admin, web ]
	include:
	# note this is confusing, but make ci-web-portal points to dpc-web-portal-test.sh which runs
	# docker compose -p ... dpc_web
	- ecr_repository: web-portal
	make_command: make ci-portal
	- ecr_repository: web-admin
	make_command: make ci-admin-portal
	- ecr_repository: web
	make_command: make ci-web-portal
	steps:
	- name: Install python3
	run: sudo dnf install python3

	- name: "Checkout code"
	uses: actions/checkout@v4

	- name: Install docker compose manually
	run: \|
	sudo mkdir -p /usr/local/lib/docker/cli-plugins
	sudo curl -SL https://github.com/docker/compose/releases/download/v2.32.4/docker-compose-linux-x86_64 -o /usr/local/lib/docker/cli-plugins/docker-compose
	sudo chown root:root /usr/local/lib/docker/cli-plugins/docker-compose
	sudo chmod +x /usr/local/lib/docker/cli-plugins/docker-compose

	- name: Build specified app
	run: ${{ matrix.make_command }}

	- name: gzip the image
	run: docker save dpc-${{ matrix.ecr_repository }}:latest \| gzip > ${{ runner.temp }}/dpc_${{ matrix.ecr_repository }}_latest.tar.gz
	- name: upload tar artifact
	uses: actions/upload-artifact@v4
	with:
	name: dpc-${{ matrix.ecr_repository }}
	path: ${{ runner.temp }}/dpc_${{ matrix.ecr_repository }}_latest.tar.gz
	retention-days: 1

	docker_push_all_apps:
	runs-on: self-hosted
	strategy:
	matrix:
	ecr_repository: [ web-portal, web-admin, web, api, attribution, aggregation, consent ]
	env:
	ECR_REPOSITORY: ${{ matrix.ecr_repository }}
	needs: [ docker_build_rails_apps, docker_build_java ]
	steps:
	- name: Download artifact
	uses: actions/download-artifact@v4
	with:
	name: dpc-${{ matrix.ecr_repository }}
	path: ${{ runner.temp }}
	- name: Load docker image from artifact download
	run: \|
	docker load --input ${{ runner.temp }}/dpc_${{ matrix.ecr_repository }}_latest.tar.gz
	docker image ls -a

	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-region: ${{ vars.AWS_REGION }}
	role-to-assume: arn:aws:iam::${{ secrets.ACCOUNT_ID }}:role/delegatedadmin/developer/dpc-dev-github-actions
	- name: Login to Amazon ECR
	id: login-ecr
	uses: aws-actions/amazon-ecr-login@v2

	- name: Push to ECR
	env:
	REGISTRY: ${{ steps.login-ecr.outputs.registry }}
	IMAGE_TAG: ${{ github.sha }}
	run: \|
	docker tag dpc-$ECR_REPOSITORY:latest $REGISTRY/dpc-$ECR_REPOSITORY:latest
	docker tag dpc-$ECR_REPOSITORY:latest $REGISTRY/dpc-$ECR_REPOSITORY:$IMAGE_TAG
	docker push $REGISTRY/dpc-$ECR_REPOSITORY:$IMAGE_TAG


	docker_build_java: # builds dpc-api, dpc-attribution, dpc-aggregation, and dpc-consent
	runs-on: self-hosted
	steps:
	- name: "Set up Ansible"
	run: \|
	sudo dnf -y install python3 python3-pip
	pip install ansible

	- name: "Install npm for Postman tests"
	run: \|
	sudo dnf -y install nodejs
	npm --version

	- name: Install docker compose manually
	run: \|
	sudo mkdir -p /usr/local/lib/docker/cli-plugins
	sudo curl -SL https://github.com/docker/compose/releases/download/v2.32.4/docker-compose-linux-x86_64 -o /usr/local/lib/docker/cli-plugins/docker-compose
	sudo chown root:root /usr/local/lib/docker/cli-plugins/docker-compose
	sudo chmod +x /usr/local/lib/docker/cli-plugins/docker-compose

	- name: "Checkout code"
	uses: actions/checkout@v4

	- name: "Set up JDK 11"
	uses: actions/setup-java@v3
	with:
	java-version: "11"
	distribution: "corretto"
	cache: maven

	- name: Install Maven 3.6.3
	run: \|
	export PATH="$PATH:/opt/maven/bin"
	echo "PATH=$PATH" >> $GITHUB_ENV
	if mvn -v; then echo "Maven already installed" && exit 0; else echo "Installing Maven"; fi
	tmpdir="$(mktemp -d)"
	curl -LsS https://archive.apache.org/dist/maven/maven-3/3.6.3/binaries/apache-maven-3.6.3-bin.tar.gz \| tar xzf - -C "$tmpdir"
	sudo rm -rf /opt/maven
	sudo mv "$tmpdir/apache-maven-3.6.3" /opt/maven

	- name: Clean maven
	run: mvn -ntp -U clean

	- name: Build ci app
	id: api-build
	run: \|
	export PATH=$PATH:~/.local/bin
	make ci-app

	# add extra commands to log docker containers during failure
	- name: Consent Logs
	if: ${{ failure() && steps.api-build.outcome == 'failure' }}
	run: docker logs start-v1-app-consent-1
	- name: Attribution Logs
	if: ${{ failure() && steps.api-build.outcome == 'failure' }}
	run: docker logs start-v1-app-attribution-1
	- name: Aggregation Logs
	if: ${{ failure() && steps.api-build.outcome == 'failure' }}
	run: docker logs start-v1-app-aggregation-1
	- name: Api Logs
	if: ${{ failure() && steps.api-build.outcome == 'failure' }}
	run: docker logs start-v1-app-api-1

	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-region: ${{ vars.AWS_REGION }}
	role-to-assume: arn:aws:iam::${{ secrets.ACCOUNT_ID }}:role/delegatedadmin/developer/dpc-dev-github-actions

	- name: Login to Amazon ECR
	id: login-ecr
	uses: aws-actions/amazon-ecr-login@v2

	- name: gzip image (1 of 4) - API
	run: docker save ${{ steps.login-ecr.outputs.registry }}/dpc-api:latest \| gzip > ${{ runner.temp }}/dpc_api_latest.tar.gz
	- name: upload tar artifact (1 of 4) - API
	uses: actions/upload-artifact@v4
	with:
	name: dpc-api
	path: ${{ runner.temp }}/dpc_api_latest.tar.gz
	retention-days: 1

	- name: gzip image (2 of 4) - Attribution
	run: docker save ${{ steps.login-ecr.outputs.registry }}/dpc-attribution:latest \| gzip > ${{ runner.temp }}/dpc_attribution_latest.tar.gz
	- name: upload tar artifact (2 of 4) - Attribution
	uses: actions/upload-artifact@v4
	with:
	name: dpc-attribution
	path: ${{ runner.temp }}/dpc_attribution_latest.tar.gz
	retention-days: 1

	- name: gzip image (3 of 4) - Aggregation
	run: docker save ${{ steps.login-ecr.outputs.registry }}/dpc-aggregation:latest \| gzip > ${{ runner.temp }}/dpc_aggregation_latest.tar.gz
	- name: upload tar artifact (3 of 4) - Aggregation
	uses: actions/upload-artifact@v4
	with:
	name: dpc-attribution
	path: ${{ runner.temp }}/dpc_aggregation_latest.tar.gz
	retention-days: 1

	- name: gzip image (4 of 4) - Consent
	run: docker save ${{ steps.login-ecr.outputs.registry }}/dpc-consent:latest \| gzip > ${{ runner.temp }}/dpc_consent_latest.tar.gz
	- name: upload tar artifact (4 of 4) - Consent
	uses: actions/upload-artifact@v4
	with:
	name: dpc-consent
	path: ${{ runner.temp }}/dpc_consent_latest.tar.gz
	retention-days: 1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

checkout before jdk install??? #147

Workflow file

checkout before jdk install??? #147

Jobs

Run details

Workflow file for this run