Skip to content
Build + Docker Uberjar

Merge pull request #139 from leeebai/2.0.0 #1

Sign in to view logs

Merge pull request #139 from leeebai/2.0.0

Merge pull request #139 from leeebai/2.0.0 #1

Workflow file for this run

.github/workflows/uberjar.yml at 5b89506
name: Build + Docker Uberjar
on:
push:
paths-ignore:
- 'docs/**'
- 'frontend/test/**'
- 'enterprise/frontend/test/**'
- ".**"
- "test*"
jobs:
build:
name: Build MB ${{ matrix.edition }}
runs-on: ubuntu-20.04
timeout-minutes: 40
strategy:
matrix:
edition: [ee, oss]
env:
MB_EDITION: ${{ matrix.edition }}
INTERACTIVE: false
steps:
- name: Check out the code
uses: actions/checkout@v3
- name: Prepare front-end environment
uses: ./.github/actions/prepare-frontend
- name: Prepare back-end environment
uses: ./.github/actions/prepare-backend
- name: Build
run: ./bin/build
- name: Prepare uberjar artifact
uses: ./.github/actions/prepare-uberjar-artifact
check_jar_health:
runs-on: ubuntu-20.04
name: Is ${{ matrix.edition }} (java ${{ matrix.java-version }}) healthy?
needs: build
timeout-minutes: 10
strategy:
matrix:
edition: [ee, oss]
java-version: [11, 17]
steps:
- name: Prepare JRE (Java Run-time Environment)
uses: actions/setup-java@v3
with:
java-package: jre
java-version: ${{ matrix.java-version }}
distribution: 'temurin'
- run: java -version
- uses: actions/download-artifact@v2
name: Retrieve uberjar artifact
with:
name: metabase-${{ matrix.edition }}-uberjar
- name: Launch uberjar
run: java -jar ./target/uberjar/metabase.jar &
- name: Wait for Metabase to start
run: while ! curl -s 'http://localhost:3000/api/health' | grep '{"status":"ok"}'; do sleep 1; done
containerize_test_and_push_container:
runs-on: ubuntu-20.04
name: Containerize ${{ matrix.edition }}
needs: check_jar_health
strategy:
matrix:
edition: [ee, oss]
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
- name: Extract and clean branch name
shell: bash
run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/} | sed 's/[^-._a-zA-Z0-9]/-/g')"
id: extract_branch
- name: Check out the code (Dockerfile needed)
uses: actions/checkout@v3
- name: Download uploaded artifacts to insert into container
uses: actions/download-artifact@v2
with:
name: metabase-${{ matrix.edition }}-uberjar
path: bin/docker/
- name: Move the ${{ matrix.edition }} uberjar to the context dir
run: mv bin/docker/target/uberjar/metabase.jar bin/docker/.
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
with:
driver-opts: network=host
- name: Build ${{ matrix.edition }} container
uses: docker/build-push-action@v2
with:
context: bin/docker/.
platforms: linux/amd64
network: host
tags: localhost:5000/metabase-dev:${{ steps.extract_branch.outputs.branch }}-${{ matrix.edition }}
no-cache: true
push: true
- name: Launch ${{ matrix.edition }} container
run: docker run --rm -dp 3000:3000 localhost:5000/metabase-dev:${{ steps.extract_branch.outputs.branch }}-${{ matrix.edition }}
timeout-minutes: 5
- name: Is Docker running?
run: docker ps
- name: Wait for Metabase to start and reach 100% health
run: while ! curl -s 'http://localhost:3000/api/health' | grep '{"status":"ok"}'; do sleep 1; done
timeout-minutes: 1
- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Retag and push images if master or main (ee)
if: ${{ (github.ref_name == 'master' || github.ref_name == 'main') && matrix.edition == 'ee' }}
run: docker tag localhost:5000/metabase-dev:${{ steps.extract_branch.outputs.branch }}-ee metabase/metabase-enterprise-head:latest && docker push metabase/metabase-enterprise-head:latest
- name: Retag and push images if master or main (oss)
if: ${{ (github.ref_name == 'master' || github.ref_name == 'main') && matrix.edition == 'oss' }}
run: docker tag localhost:5000/metabase-dev:${{ steps.extract_branch.outputs.branch }}-oss metabase/metabase-head:latest && docker push metabase/metabase-head:latest
- name: Retag and push images if branch
if: ${{ !(startsWith(github.ref_name,'master') || startsWith(github.ref_name,'main') || startsWith(github.ref_name,'backport')) && matrix.edition == 'ee' }}
run: docker tag localhost:5000/metabase-dev:${{ steps.extract_branch.outputs.branch }}-ee metabase/metabase-dev:${{ steps.extract_branch.outputs.branch }} && docker push metabase/metabase-dev:${{ steps.extract_branch.outputs.branch }}
- name: Run Trivy vulnerability scanner if master or main (ee)
if: ${{ (github.ref_name == 'master' || github.ref_name == 'main') && matrix.edition == 'ee' }}
uses: aquasecurity/trivy-action@master
with:
image-ref: docker.io/metabase/metabase-enterprise-head:latest
format: sarif
output: trivy-results.sarif
- name: Run Trivy vulnerability scanner if master or main (oss)
if: ${{ (github.ref_name == 'master' || github.ref_name == 'main') && matrix.edition == 'oss' }}
uses: aquasecurity/trivy-action@master
with:
image-ref: docker.io/metabase/metabase-head:latest
format: sarif
output: trivy-results.sarif
- name: Run Trivy vulnerability scanner if dev branch
if: ${{ !(startsWith(github.ref_name,'master') || startsWith(github.ref_name,'main') || startsWith(github.ref_name,'backport')) && matrix.edition == 'ee' }}
uses: aquasecurity/trivy-action@master
with:
image-ref: docker.io/metabase/metabase-dev:${{ steps.extract_branch.outputs.branch }}
format: sarif
output: trivy-results.sarif
- name: Upload Trivy scan results to GitHub Security tab if master or main (ee)
if: ${{ (github.ref_name == 'master' || github.ref_name == 'main') && matrix.edition == 'ee' }}
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: 'trivy-results.sarif'
- name: Upload Trivy scan results to GitHub Security tab if master or main (oss)
if: ${{ (github.ref_name == 'master' || github.ref_name == 'main') && matrix.edition == 'oss' }}
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: 'trivy-results.sarif'
- name: Upload Trivy scan results to GitHub Security tab if dev branch
if: ${{ !(startsWith(github.ref_name,'master') || startsWith(github.ref_name,'main') || startsWith(github.ref_name,'backport')) && matrix.edition == 'ee' }}
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: 'trivy-results.sarif'