fix: health probes #418
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
push: | |
branches: | |
- main | |
permissions: | |
contents: write | |
pull-requests: write | |
packages: write | |
name: release-please | |
jobs: | |
release-please: | |
runs-on: ubuntu-latest | |
outputs: | |
das_client--release_created: ${{ steps.release.outputs.das_client--release_created }} | |
das_client--version: ${{ steps.release.outputs.das_client--version }} | |
das_client--tag_name: ${{ steps.release.outputs.das_client--tag_name }} | |
sfera-mock--release_created: ${{ steps.release.outputs.sfera-mock--release_created }} | |
sfera-mock--version: ${{ steps.release.outputs.sfera-mock--version }} | |
sfera-mock--tag_name: ${{ steps.release.outputs.sfera-mock--tag_name }} | |
backend--release_created: ${{ steps.release.outputs.backend--release_created }} | |
backend--version: ${{ steps.release.outputs.backend--version }} | |
backend--tag_name: ${{ steps.release.outputs.backend--tag_name }} | |
webapp--release_created: ${{ steps.release.outputs.webapp--release_created }} | |
webapp--version: ${{ steps.release.outputs.webapp--version }} | |
webapp--tag_name: ${{ steps.release.outputs.webapp--tag_name }} | |
steps: | |
- uses: googleapis/release-please-action@v4 | |
id: release | |
das-client-ios-release: | |
needs: release-please | |
if: needs.release-please.outputs.das_client--release_created | |
runs-on: macos-latest | |
concurrency: | |
group: das-client-ios-release | |
defaults: | |
run: | |
working-directory: das_client | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- uses: actions/setup-java@v4 | |
with: | |
distribution: 'temurin' | |
java-version: '17' | |
- uses: subosito/flutter-action@v2 | |
with: | |
flutter-version: '3.27.1' | |
- name: Install the Apple signing certificate and appstore connect key | |
env: | |
SBB_APPSTORE_BASE64: ${{ secrets.SBB_APPSTORE_BASE64 }} | |
SBB_APPSTORE_P12_PASSWORD: ${{ secrets.SBB_APPSTORE_P12_PASSWORD }} | |
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
APPSTORE_CONNECT_PRIVATE_KEY_BASE64: ${{ secrets.APPSTORE_CONNECT_PRIVATE_KEY_BASE64 }} | |
run: | | |
# create variables | |
SBB_CERTIFICATE_PATH=$RUNNER_TEMP/sbb_appstore.p12 | |
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db | |
APPSTORE_CONNECT_PRIVATE_KEY_PATH=~/AuthKey.p8 | |
# import certificate and private key from secrets | |
echo -n "$SBB_APPSTORE_BASE64" | base64 --decode -o $SBB_CERTIFICATE_PATH | |
echo -n "$APPSTORE_CONNECT_PRIVATE_KEY_BASE64" | base64 --decode -o $APPSTORE_CONNECT_PRIVATE_KEY_PATH | |
# create temporary keychain | |
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH | |
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
# import certificate to keychain | |
security import $SBB_CERTIFICATE_PATH -P "$SBB_APPSTORE_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH | |
security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
security list-keychain -d user -s $KEYCHAIN_PATH | |
- name: 'Download Provisioning Profiles DEV' | |
uses: apple-actions/download-provisioning-profiles@v3 | |
with: | |
bundle-id: 'ch.sbb.das.dev' | |
issuer-id: ${{ secrets.APPSTORE_CONNECT_ISSUER_ID }} | |
api-key-id: ${{ secrets.APPSTORE_CONNECT_KEY_ID }} | |
api-private-key: ${{ secrets.APPSTORE_CONNECT_PRIVATE_KEY }} | |
- name: 'Download Provisioning Profiles INTE' | |
uses: apple-actions/download-provisioning-profiles@v3 | |
with: | |
bundle-id: 'ch.sbb.das.inte' | |
issuer-id: ${{ secrets.APPSTORE_CONNECT_ISSUER_ID }} | |
api-key-id: ${{ secrets.APPSTORE_CONNECT_KEY_ID }} | |
api-private-key: ${{ secrets.APPSTORE_CONNECT_PRIVATE_KEY }} | |
- name: 'Download Provisioning Profiles PROD' | |
uses: apple-actions/download-provisioning-profiles@v3 | |
with: | |
bundle-id: 'ch.sbb.das' | |
issuer-id: ${{ secrets.APPSTORE_CONNECT_ISSUER_ID }} | |
api-key-id: ${{ secrets.APPSTORE_CONNECT_KEY_ID }} | |
api-private-key: ${{ secrets.APPSTORE_CONNECT_PRIVATE_KEY }} | |
- run: | | |
flutter pub get | |
flutter pub run build_runner build --delete-conflicting-outputs | |
- name: Build and Deploy iOS App DEV | |
env: | |
APPSTORE_CONNECT_KEY_ID: ${{ secrets.APPSTORE_CONNECT_KEY_ID }} | |
APPSTORE_CONNECT_ISSUER_ID: ${{ secrets.APPSTORE_CONNECT_ISSUER_ID }} | |
run: | | |
flutter build ipa --flavor dev -t lib/main_dev.dart --release --no-codesign | |
xcodebuild -exportArchive -archivePath "build/ios/archive/DAS Dev.xcarchive" -exportOptionsPlist ios/exportOptionsRelease.plist -authenticationKeyIssuerID "$APPSTORE_CONNECT_ISSUER_ID" -authenticationKeyID "$APPSTORE_CONNECT_KEY_ID" -authenticationKeyPath ~/AuthKey.p8 | |
- name: Build and Deploy iOS App INTE | |
env: | |
APPSTORE_CONNECT_KEY_ID: ${{ secrets.APPSTORE_CONNECT_KEY_ID }} | |
APPSTORE_CONNECT_ISSUER_ID: ${{ secrets.APPSTORE_CONNECT_ISSUER_ID }} | |
run: | | |
flutter build ipa --flavor inte -t lib/main_inte.dart --release --no-codesign | |
xcodebuild -exportArchive -archivePath "build/ios/archive/DAS Inte.xcarchive" -exportOptionsPlist ios/exportOptionsRelease.plist -authenticationKeyIssuerID "$APPSTORE_CONNECT_ISSUER_ID" -authenticationKeyID "$APPSTORE_CONNECT_KEY_ID" -authenticationKeyPath ~/AuthKey.p8 | |
- name: Build and Deploy iOS App PROD | |
env: | |
APPSTORE_CONNECT_KEY_ID: ${{ secrets.APPSTORE_CONNECT_KEY_ID }} | |
APPSTORE_CONNECT_ISSUER_ID: ${{ secrets.APPSTORE_CONNECT_ISSUER_ID }} | |
run: | | |
flutter build ipa --flavor prod -t lib/main_prod.dart --release --no-codesign | |
xcodebuild -exportArchive -archivePath "build/ios/archive/DAS.xcarchive" -exportOptionsPlist ios/exportOptionsRelease.plist -authenticationKeyIssuerID "$APPSTORE_CONNECT_ISSUER_ID" -authenticationKeyID "$APPSTORE_CONNECT_KEY_ID" -authenticationKeyPath ~/AuthKey.p8 | |
das-client-android-release: | |
needs: release-please | |
if: needs.release-please.outputs.das_client--release_created | |
runs-on: macos-latest | |
concurrency: | |
group: das-client-android-release | |
defaults: | |
run: | |
working-directory: das_client | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- uses: actions/setup-java@v4 | |
with: | |
distribution: 'temurin' | |
java-version: '17' | |
- uses: subosito/flutter-action@v2 | |
with: | |
flutter-version: '3.27.1' | |
- name: Prepare Flutter Android Build | |
env: | |
ANDROID_KEYSTORE_STRING: ${{ secrets.ANDROID_KEYSTORE }} | |
ANDROID_KEYSTORE: ${{ github.workspace }}/das_client/android/das.keystore | |
ANDROID_KEYSTORE_PASSWORD: ${{ secrets.ANDROID_KEYSTORE_PASSWORD }} | |
ANDROID_KEY_ALIAS: ${{ secrets.ANDROID_KEY_ALIAS }} | |
ANDROID_KEY_PASSWORD: ${{ secrets.ANDROID_KEY_PASSWORD }} | |
run: | | |
echo $ANDROID_KEYSTORE_STRING | base64 -d > $ANDROID_KEYSTORE | |
echo "ANDROID_KEYSTORE=$ANDROID_KEYSTORE" >> "$GITHUB_ENV" | |
echo "ANDROID_KEYSTORE_PASSWORD=$ANDROID_KEYSTORE_PASSWORD" >> "$GITHUB_ENV" | |
echo "ANDROID_KEY_ALIAS=$ANDROID_KEY_ALIAS" >> "$GITHUB_ENV" | |
echo "ANDROID_KEY_PASSWORD=$ANDROID_KEY_PASSWORD" >> "$GITHUB_ENV" | |
flutter pub get | |
flutter pub run build_runner build --delete-conflicting-outputs | |
- run: flutter test | |
- run: flutter build appbundle --flavor dev -t lib/main_dev.dart | |
- run: flutter build appbundle --flavor inte -t lib/main_inte.dart | |
- run: flutter build appbundle --flavor prod -t lib/main_prod.dart | |
- name: Upload DEV App | |
uses: r0adkll/[email protected] | |
with: | |
serviceAccountJsonPlainText: ${{ secrets.ANDROID_SERVICE_ACCOUNT_JSON }} | |
packageName: ch.sbb.das.client.dev | |
releaseFiles: das_client/build/app/outputs/bundle/devRelease/app-dev-release.aab | |
track: internal | |
status: draft | |
- name: Upload INTE App | |
uses: r0adkll/[email protected] | |
with: | |
serviceAccountJsonPlainText: ${{ secrets.ANDROID_SERVICE_ACCOUNT_JSON }} | |
packageName: ch.sbb.das.client.inte | |
releaseFiles: das_client/build/app/outputs/bundle/inteRelease/app-inte-release.aab | |
track: internal | |
status: draft | |
- name: Upload PROD App | |
uses: r0adkll/[email protected] | |
with: | |
serviceAccountJsonPlainText: ${{ secrets.ANDROID_SERVICE_ACCOUNT_JSON }} | |
packageName: ch.sbb.das.client | |
releaseFiles: das_client/build/app/outputs/bundle/prodRelease/app-prod-release.aab | |
track: internal | |
status: draft | |
sfera-mock-release: | |
needs: release-please | |
if: needs.release-please.outputs.sfera-mock--release_created | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: sfera-mock | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-java@v4 | |
with: | |
java-version: '21' | |
distribution: 'temurin' | |
cache: 'maven' | |
- name: Login to GitHub Container Registry | |
run: echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io --username ${{ github.actor }} --password-stdin | |
- name: Create container image | |
env: | |
IMAGE_ID: ghcr.io/${{ github.repository }}/sfera-mock | |
VERSION: ${{ needs.release-please.outputs.sfera-mock--version }} | |
run: | | |
# Convert to lowercase | |
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]') | |
mvn spring-boot:build-image \ | |
-Dmaven.test.skip=true \ | |
-Dspring-boot.build-image.imageName=$IMAGE_ID:$VERSION | |
docker push $IMAGE_ID:$VERSION | |
docker tag $IMAGE_ID:$VERSION $IMAGE_ID:latest | |
docker push $IMAGE_ID:latest | |
backend-release: | |
needs: release-please | |
if: needs.release-please.outputs.backend--release_created | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: backend | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-java@v4 | |
with: | |
java-version: '21' | |
distribution: 'temurin' | |
cache: 'maven' | |
- name: Login to GitHub Container Registry | |
run: echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io --username ${{ github.actor }} --password-stdin | |
- name: Create container image | |
env: | |
IMAGE_ID: ghcr.io/${{ github.repository }}/backend | |
VERSION: ${{ needs.release-please.outputs.backend--version }} | |
run: | | |
# Convert to lowercase | |
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]') | |
mvn spring-boot:build-image \ | |
-Dmaven.test.skip=true \ | |
-Dspring-boot.build-image.imageName=$IMAGE_ID:$VERSION | |
docker push $IMAGE_ID:$VERSION | |
docker tag $IMAGE_ID:$VERSION $IMAGE_ID:latest | |
docker push $IMAGE_ID:latest | |
webapp-release: | |
needs: release-please | |
if: needs.release-please.outputs.webapp--release_created | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: webapp | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version-file: 'webapp/.nvmrc' | |
cache: 'npm' | |
cache-dependency-path: 'webapp/package-lock.json' | |
- name: Login to GitHub Container Registry | |
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u $ --password-stdin | |
- name: Create container image | |
env: | |
IMAGE_REPO: ghcr.io/${{ github.repository }}/webapp | |
IMAGE_TAG: ${{ needs.release-please.outputs.webapp--version }} | |
DOCKER_BUILDKIT: 1 | |
run: | | |
# Convert to lowercase | |
IMAGE_REPO=$(echo $IMAGE_REPO | tr '[A-Z]' '[a-z]') | |
docker build -t $IMAGE_REPO:$IMAGE_TAG . | |
docker push $IMAGE_REPO:$IMAGE_TAG | |
docker tag $IMAGE_REPO:$IMAGE_TAG $IMAGE_REPO:latest | |
docker push $IMAGE_REPO:latest | |