Merge pull request #15 from vincejv/migrate-to-maven-central

Migrate to maven central & modularize project
vincejv · Oct 16, 2022 · 9ee7ca2 · 9ee7ca2
2 parents 4880208 + c75d3cf
commit 9ee7ca2
Show file tree

Hide file tree

Showing 94 changed files with 2,200 additions and 178 deletions.
diff --git a/.dockerignore b/.dockerignore
@@ -1,3 +1,5 @@
-.git
-target
-.idea
+*
+!*core/target/*-runner
+!*core/target/*-runner.jar
+!*core/target/lib/*
+!*core/target/quarkus-app/*
diff --git a/.gcloudignore b/.gcloudignore
@@ -1,3 +1,2 @@
-.git
 target
 .idea
diff --git a/.github/workflows/google-cloudrun-docker.yml b/.github/workflows/google-cloudrun-docker.yml
diff --git a/.github/workflows/release-dev.yml b/.github/workflows/release-dev.yml
@@ -0,0 +1,190 @@
+name: GCP Cloud Run CI/CD Dev
+
+on:
+  push:
+    branches-ignore:
+      - main
+
+env:
+  PROJECT_ID: fpi-sms-api
+  REGISTRY: asia.gcr.io
+  GHUB_REPO_NAME: fpi-sms-api
+  SERVICE: fpi-sms-api-dev
+  REGION: asia-east1
+  SONAR_PROJECT_KEY: vincejv_fpi-sms-api
+  NATIVE_IMAGE_BUILDER: quay.io/quarkus/ubi-quarkus-mandrel:22.2-java17
+  SERVICE_CPU: 1000m
+  SERVICE_MEMORY: 384Mi
+  SERVICE_ENV: dev
+
+jobs:
+
+  pre_job:
+    name: Duplicate checks
+    runs-on: ubuntu-latest
+    if: ${{ !contains(github.event.head_commit.message, 'docs-update(') }} # skip for commits containing 'docs-update('
+    outputs:
+      should_skip: ${{ steps.skip_check.outputs.should_skip }}
+      paths_result: ${{ steps.skip_check.outputs.paths_result }}
+    steps:
+      - name: Skip duplicate actions
+        id: skip_check
+        uses: fkirc/skip-duplicate-actions@v5
+        with:
+          concurrent_skipping: same_content_newer
+          cancel_others: true
+
+  code_quality_checks:
+    name: Code quality checks
+    runs-on: ubuntu-latest
+    needs: pre_job
+    if: needs.pre_job.outputs.should_skip != 'true'
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+
+      - name: Set up JDK 17
+        uses: actions/setup-java@v3
+        with:
+          distribution: temurin
+          java-version: 17
+          cache: maven
+
+      - name: Cache SonarCloud packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.sonar/cache
+          key: ${{ runner.os }}-sonar
+          restore-keys: ${{ runner.os }}-sonar
+
+      - name: Build and analyze
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=${{ env.SONAR_PROJECT_KEY }} -Dsonar.qualitygate.wait=true
+
+  deploy_to_cloud:
+    name: Deploy to Cloud Run
+    runs-on: ubuntu-latest
+    needs: code_quality_checks
+    permissions:
+      contents: read
+      packages: write
+      id-token: write
+    environment: Development
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0  # for jgitver to generate the version
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Set up JDK 17
+        uses: actions/setup-java@v3
+        with:
+          distribution: temurin
+          java-version: 17
+          cache: maven
+
+      - name: Generate native image
+        run: mvn -B package -Pnative -Dquarkus.native.container-build=true -Dquarkus.native.builder-image=${{ env.NATIVE_IMAGE_BUILDER }}
+
+      - name: Google Auth
+        id: gcp-auth
+        uses: google-github-actions/auth@v0
+        with:
+          token_format: 'access_token'
+          workload_identity_provider: '${{ secrets.WIF_PROVIDER }}'
+          service_account: '${{ secrets.WIF_SERVICE_ACCOUNT }}'
+
+      - name: Login to Google Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: 'oauth2accesstoken'
+          password: ${{ steps.gcp-auth.outputs.access_token }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.PROJECT_ID }}/${{ env.GHUB_REPO_NAME }}/${{ env.SERVICE }}:${{ github.sha }}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v3
+        with:
+          context: .
+          push: true
+          tags: ${{ env.REGISTRY }}/${{ env.PROJECT_ID }}/${{ env.GHUB_REPO_NAME }}/${{ env.SERVICE }}:${{ github.sha }}   # ${{ steps.meta.outputs.tags }} - (For public repositories like docker hub)
+          labels: ${{ steps.meta.outputs.labels }}
+          build-args: |
+            GITHUB_USERNAME=${{ github.actor }}
+            GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
+
+      - name: Deploy to Cloud Run
+        id: deploy
+        uses: google-github-actions/deploy-cloudrun@v0
+        with:
+          service: ${{ env.SERVICE }}
+          region: ${{ env.REGION }}
+          image: ${{ env.REGISTRY }}/${{ env.PROJECT_ID }}/${{ env.GHUB_REPO_NAME }}/${{ env.SERVICE }}:${{ github.sha }}
+          project_id: ${{ env.PROJECT_ID }}
+          flags: --cpu ${{ env.SERVICE_CPU }} --memory ${{ env.SERVICE_MEMORY }}
+          env_vars: |
+            OIDC_CLIENT_ID=${{ secrets.OIDC_CLIENT_ID }}
+            OIDC_AUTH_URL=${{ secrets.OIDC_AUTH_URL }}
+            SMS_API_KEY=${{ secrets.SMS_API_KEY }}
+            SMS_SID=${{ secrets.SMS_SID }}
+            M360_BROADCAST_URL=${{ secrets.M360_BROADCAST_URL }}
+          secrets: |
+            MONGO_CONN_STRING=vbl_mongo_connection_string:latest
+            OIDC_SECRET=oidc_secret_keycloak:latest
+            SMS_SECRET=m360_secret_api_key:latest
+            FPI_MO_WEBHOOK_KEY=fpi_mo_incoming_webook_key:latest
+            FPI_DLR_WEBHOOK_KEY=fpi_dlr_incoming_webhook_key:latest
+            FPI_GEN_WEBHOOK_KEY=fpi_gen_incoming_webhook_key:latest
+          labels: |
+            env=${{ env.SERVICE_ENV }}
+
+      - name: Configure cloud run
+        run: |-
+          gcloud run services add-iam-policy-binding ${{ env.SERVICE }} --member=allUsers --role=roles/run.invoker --region=${{ env.REGION }}          
+
+      - name: Show Output
+        run: echo ${{ steps.deploy.outputs.url }}
+
+  deploy_to_central:
+    name: Release artifact to central
+    runs-on: ubuntu-latest
+    needs: deploy_to_cloud  # only deploy to central if successfully deployed to cloud run environment
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+
+      - name: Set up JDK 17
+        uses: actions/setup-java@v3
+        with:
+          distribution: temurin
+          java-version: 17
+          cache: maven
+          server-id: ossrh
+          server-username: MAVEN_USERNAME
+          server-password: MAVEN_PASSWORD
+          gpg-private-key: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}
+          gpg-passphrase: MAVEN_GPG_PASSPHRASE
+
+      - name: Build and release to central repo
+        env:
+          MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
+          MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
+          MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }}
+        run: mvn -B deploy -Prelease-for-oss
-Original file line number
+Diff line change
@@ -1,3 +1,2 @@
-    .git
     target
     .idea