ops18 · ops18 · Mar 21, 2022 · Mar 11, 2022 · Mar 11, 2022 · Mar 11, 2022
diff --git a/.github/workflows/release-new-yaml → .github/release-new b/.github/workflows/release-new-yaml → .github/release-new
@@ -50,9 +50,8 @@ jobs:
 
       - name: Increment version
         run: |
-          git config --local user.email "[email protected]"
-          git config --local user.name "shubham.hatwar"
-          go version 
+          git config --local user.email ""
+          git config --local user.name ""
 
       - name: Check if there are changes
         id: changes
@@ -81,7 +80,6 @@ jobs:
     if: needs.bump-version.outputs.status != 'failure'
     outputs:
       status: ${{ steps.failure.outputs.status }}
-      #changelog: ${{ steps.convert_jira_links.outputs.replaced }}
     steps:
       - name: Checkout codebase
         uses: actions/checkout@v2
@@ -98,15 +96,6 @@ jobs:
           tag_prefix: ''
           custom_release_rules: config:patch:Configuration Changes,chore:patch:Miscellaneous,
 
-      #- name: Convert JIRA links
-      #  id: convert_jira_links
-      #  uses: frabert/[email protected]
-      #  with:
-      #    pattern: '([A-Z]{3,4}-[0-9]+)'
-      #    string: ${{ steps.tag_version.outputs.changelog }}
-      #    replace-with: '[$1](https://jira.digital.ingka.com/browse/$1)'
-      #    flags: 'g'
-
       - name: Create Release
         id: create_release
         uses: actions/create-release@v1
@@ -122,4 +111,4 @@ jobs:
       - name: Report failure status
         id: failure
         if: ${{ failure() }}
-        run: echo "::set-output name=status::failure"
+        run: echo "::set-output name=status::failure"
diff --git a/.github/workflows/release-tag.yaml → .github/release-tag b/.github/workflows/release-tag.yaml → .github/release-tag
diff --git a/.github/workflows/develop.yaml → .github/workflows/develop-go-yaml b/.github/workflows/develop.yaml → .github/workflows/develop-go-yaml
@@ -70,7 +70,7 @@ jobs:
       contents: 'read'
       id-token: 'write'
     #env:
-    #  IMAGE_NAME: gcr.io/ingka-apim-global-dev/go-code
+    #  IMAGE_NAME: gcr.io/${{secrets.GCP_PROJECT_NAME}}/go-code
     steps:
     - uses: actions/checkout@v2
 
@@ -89,25 +89,18 @@ jobs:
       run: gcloud auth configure-docker --quiet
 
     - name: Build and tag Docker Image
-      run: docker build -t gcr.io/ingka-apim-global-dev/go-code:${{ env.GIT_SHA }} .
+      run: docker build -t gcr.io/${{secrets.GCP_PROJECT_NAME}}/go-code:${{ env.GIT_SHA }} .
 
     - name: Scan image
       uses: anchore/scan-action@v3
       id: scan
       with:
-        image: "gcr.io/ingka-apim-global-dev/go-code:${{ env.GIT_SHA }}"
+        image: "gcr.io/${{secrets.GCP_PROJECT_NAME}}/go-code:${{ env.GIT_SHA }}"
         acs-report-enable: true
         severity-cutoff: critical
         fail-build: false
         debug: true
 
     - name: Inspect action SARIF report
       run: cat ${{ steps.scan.outputs.sarif }}
-
-  #  - name: Push Docker image to GCR
-  #    run: docker push gcr.io/ingka-apim-global-dev/go-code:${{ env.GIT_SHA }}
-########################----------Cloud Run Configuration------------------############################### 
-  #  - name: Deploy go code to cloud run
-  #    id: deploy
-  #    run: gcloud run deploy rest-api --image gcr.io/ingka-apim-global-dev/go-code:${{ env.GIT_SHA }} --platform managed --region europe-west4  --allow-unauthenticated --max-instances=1 --port=8000  --ingress=internal --timeout=30 --concurrency=80 --vpc-connector=projects/ingka-apim-global-dev/locations/europe-west4/connectors/kong-gw-cloudrun
-########################----------Cloud Run Configuration------------------############################### 
+
diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml
@@ -1,4 +1,4 @@
-name: Go
+name: Go for stage deployment
 
 on:
   push:
@@ -70,7 +70,7 @@ jobs:
       contents: 'read'
       id-token: 'write'
     #env:
-    #  IMAGE_NAME: gcr.io/ingka-apim-global-dev/go-code
+    #  IMAGE_NAME: gcr.io/${{secrets.GCP_PROJECT_NAME}}/go-code
     steps:
     - uses: actions/checkout@v2
 
@@ -89,25 +89,18 @@ jobs:
       run: gcloud auth configure-docker --quiet
 
     - name: Build and tag Docker Image
-      run: docker build -t gcr.io/ingka-apim-global-dev/go-code:${{ env.GIT_SHA }} .
+      run: docker build -t gcr.io/${{secrets.GCP_PROJECT_NAME}}/go-code:${{ env.GIT_SHA }} .
 
     - name: Scan image
       uses: anchore/scan-action@v3
       id: scan
       with:
-        image: "gcr.io/ingka-apim-global-dev/go-code:${{ env.GIT_SHA }}"
+        image: "gcr.io/${{secrets.GCP_PROJECT_NAME}}/go-code:${{ env.GIT_SHA }}"
         acs-report-enable: true
         severity-cutoff: critical
         fail-build: false
         debug: true
 
     - name: Inspect action SARIF report
       run: cat ${{ steps.scan.outputs.sarif }}
-
-    - name: Push Docker image to GCR
-      run: docker push gcr.io/ingka-apim-global-dev/go-code:${{ env.GIT_SHA }}
-########################----------Cloud Run Configuration------------------############################### 
-    - name: Deploy go code to cloud run
-      id: deploy
-      run: gcloud run deploy rest-api --image gcr.io/ingka-apim-global-dev/go-code:${{ env.GIT_SHA }} --platform managed --region europe-west4  --allow-unauthenticated --max-instances=1 --port=8000  --ingress=internal --timeout=30 --concurrency=80 --vpc-connector=projects/ingka-apim-global-dev/locations/europe-west4/connectors/kong-gw-cloudrun
-########################----------Cloud Run Configuration------------------############################### 
+
diff --git a/.github/workflows/spring-develop.yaml b/.github/workflows/spring-develop.yaml
@@ -0,0 +1,86 @@
+name: Spring Develop Branch CI/CD
+
+on:
+  push:
+    branches: [ develop ]
+  pull_request:
+    branches: [ develop ]
+jobs:
+  spring-test:
+    runs-on: ubuntu-latest
+    if: github.event_name == 'pull_request'
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Set up JDK 11
+        uses: actions/setup-java@v1
+        with:
+          java-version: 11.0.4
+
+      - name: Maven Package
+        run: mvn -B clean package -DskipTests
+        working-directory: spring-boot/
+
+      - name: Maven Verify
+        run: mvn -B clean verify -Pintegration-test
+        working-directory: spring-boot/
+
+      - name: Build Package
+        run: mvn -Dmaven.test.failure.ignore clean package
+        working-directory: spring-boot/
+
+  Docker-Lint:
+    runs-on: ubuntu-latest
+    if: github.event_name == 'pull_request'
+    needs: spring-test
+    steps:
+      - uses: actions/checkout@v2 
+
+      #- uses: hadolint/[email protected]
+      #  with:
+      #    dockerfile: "./spring-boot/Dockerfile" 
+
+  Docker-build-deploy:
+    runs-on: ubuntu-latest
+    needs: Docker-Lint
+    if: github.event_name == 'pull_request'
+    permissions:
+      contents: 'read'
+      id-token: 'write'
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Set up JDK 11
+        uses: actions/setup-java@v1
+        with:
+          java-version: 11.0.4
+
+      - name: Update tag to GIT_SHA env property with commit short sha
+        run: echo "GIT_SHA=`echo ${GITHUB_SHA} | cut -c1-8`" >> $GITHUB_ENV
+        id: version
+
+      - id: 'auth'
+        name: 'Authenticate to Google Cloud'
+        uses: 'google-github-actions/auth@v0'
+        with:
+          workload_identity_provider: ${{secrets.WIP_PROVIDER}}
+          service_account: ${{secrets.WIP_SA}}
+
+      - name: Configure Docker Authentication
+        run: gcloud auth configure-docker --quiet
+
+      - name: Build and tag Docker Image
+        run: docker build -t gcr.io/${{secrets.GCP_PROJECT_NAME}}/spring-code:${{ env.GIT_SHA }} ./spring-boot/
+
+      - name: Scan image
+        uses: anchore/scan-action@v3
+        id: scan
+        with:
+          image: "gcr.io/${{secrets.GCP_PROJECT_NAME}}/spring-code:${{ env.GIT_SHA }}"
+          acs-report-enable: true
+          severity-cutoff: critical
+          fail-build: false
+          debug: true
+
+      - name: Inspect action SARIF report
+        run: cat ${{ steps.scan.outputs.sarif }}
diff --git a/.github/workflows/test-release.yaml b/.github/workflows/test-release.yaml
@@ -0,0 +1,85 @@
+name: "Go for prod deployment"
+
+on:
+  workflow_dispatch:
+    inputs:
+      email:
+        description: 'Enter your email address'
+        required: true
+  push:
+    tags:
+      - 'v*'
+
+jobs:
+
+# <---------------  CHECK SEMVER FORMAT ---------------->
+  check-semver:
+    name: Check Semantic Version
+    runs-on: ubuntu-latest
+    env:
+      SEM_VER_REGEX: "^v[0-9]+\\.[0-9]+\\.[0-9]+$"
+    steps:
+      - name: Checkout the code
+        uses: actions/checkout@v2
+
+      - name: Slugify github variables
+        uses: rlespinasse/github-slug-action@v4
+
+      - name: Check SemVerRegex
+        run: |
+          if (echo ${{ env.GITHUB_REF_SLUG }} | grep -Eq ${{ env.SEM_VER_REGEX }}); then
+            echo "Semantic Versioning check of tag ${{ env.GITHUB_REF_SLUG }} passed! Continuing"
+            exit 0
+          else
+            echo "Tag ${{ env.GITHUB_REF_SLUG }} does not meet the versioning REGEX: ${{ env.SEM_VER_REGEX }}"
+            echo "Please remove the Git tag and create a new one in the correct format"
+            exit 1
+          fi
+
+  Docker-build-deploy:
+    runs-on: ubuntu-latest
+    needs: check-semver
+    permissions:
+      contents: 'read'
+      id-token: 'write'
+
+    steps:
+    - uses: actions/checkout@v2
+
+    - name: Update tag to GIT_SHA env property with commit short sha
+      run: echo "GIT_SHA=`echo ${GITHUB_SHA} | cut -c1-8`" >> $GITHUB_ENV
+      id: version
+
+    - id: 'auth'
+      name: 'Authenticate to Google Cloud'
+      uses: 'google-github-actions/auth@v0'
+      with:
+        workload_identity_provider: ${{secrets.WIP_PROVIDER}}
+        service_account: ${{secrets.WIP_SA}}
+
+    - name: Configure Docker Authentication
+      run: gcloud auth configure-docker --quiet
+
+    - name: Build and tag Docker Image
+      run: docker build -t gcr.io/${{secrets.GCP_PROJECT_NAME}}go-code:${{ env.GIT_SHA }} .
+
+    - name: Scan image
+      uses: anchore/scan-action@v3
+      id: scan
+      with:
+        image: "gcr.io/${{secrets.GCP_PROJECT_NAME}}/go-code:${{ env.GIT_SHA }}"
+        acs-report-enable: true
+        severity-cutoff: critical
+        fail-build: false
+        debug: true
+
+    - name: Inspect action SARIF report
+      run: cat ${{ steps.scan.outputs.sarif }}
+
+    - name: Push Docker image to GCR
+      run: docker push gcr.io/${{secrets.GCP_PROJECT_NAME}}/go-code:${{ env.GIT_SHA }}
+########################----------Cloud Run Configuration------------------############################### 
+    - name: Deploy go code to cloud run
+      id: deploy
+      run: gcloud run deploy rest-api --image gcr.io/${{secrets.GCP_PROJECT_NAME}}/go-code:${{ env.GIT_SHA }} --platform managed --region europe-west4  --allow-unauthenticated --max-instances=1 --port=8000  --ingress=internal --timeout=30 --concurrency=80 --vpc-connector=projects/${{secrets.GCP_PROJECT_NAME}}/locations/europe-west4/connectors/kong-gw-cloudrun
+########################----------Cloud Run Configuration------------------############################### 
diff --git a/spring-boot/Dockerfile b/spring-boot/Dockerfile
@@ -0,0 +1,24 @@
+# Maven build container 
+
+#FROM maven:3.6.3-openjdk-11 AS maven_build
+
+#COPY pom.xml /tmp/
+
+#COPY src /tmp/src/
+
+#WORKDIR /tmp/
+
+#RUN mvn package
+
+#pull base image
+
+FROM openjdk:latest
+
+#copy hello world to docker image from builder image
+COPY /target/hello-world-0.1.0.jar /data/hello-world-0.1.0.jar
+
+#expose port 8080
+EXPOSE 8080
+
+#default command
+CMD java -jar /data/hello-world-0.1.0.jar
diff --git a/spring-boot/Jenkinsfile b/spring-boot/Jenkinsfile
@@ -0,0 +1,59 @@
+node {
+    // reference to maven
+    // ** NOTE: This 'maven-3.6.1' Maven tool must be configured in the Jenkins Global Configuration.   
+    def mvnHome = tool 'maven-3.6.1'
+
+    // holds reference to docker image
+    def dockerImage
+    // ip address of the docker private repository(nexus)
+
+    def dockerRepoUrl = "localhost:8083"
+    def dockerImageName = "hello-world-java"
+    def dockerImageTag = "${dockerRepoUrl}/${dockerImageName}:${env.BUILD_NUMBER}"
+
+    stage('Clone Repo') { // for display purposes
+      // Get some code from a GitHub repository
+      git 'https://github.com/dstar55/docker-hello-world-spring-boot.git'
+      // Get the Maven tool.
+      // ** NOTE: This 'maven-3.6.1' Maven tool must be configured
+      // **       in the global configuration.           
+      mvnHome = tool 'maven-3.6.1'
+    }    
+
+    stage('Build Project') {
+      // build project via maven
+      sh "'${mvnHome}/bin/mvn' -Dmaven.test.failure.ignore clean package"
+    }
+
+	stage('Publish Tests Results'){
+      parallel(
+        publishJunitTestsResultsToJenkins: {
+          echo "Publish junit Tests Results"
+		  junit '**/target/surefire-reports/TEST-*.xml'
+		  archive 'target/*.jar'
+        },
+        publishJunitTestsResultsToSonar: {
+          echo "This is branch b"
+      })
+    }
+
+    stage('Build Docker Image') {
+      // build docker image
+      sh "whoami"
+      sh "ls -all /var/run/docker.sock"
+      sh "mv ./target/hello*.jar ./data" 
+
+      dockerImage = docker.build("hello-world-java")
+    }
+
+    stage('Deploy Docker Image'){
+
+      // deploy docker image to nexus
+
+      echo "Docker Image Tag Name: ${dockerImageTag}"
+
+      sh "docker login -u admin -p admin123 ${dockerRepoUrl}"
+      sh "docker tag ${dockerImageName} ${dockerImageTag}"
+      sh "docker push ${dockerImageTag}"
+    }
+}