mirror of
https://github.com/spring-projects/spring-petclinic.git
synced 2025-04-24 19:32:48 +00:00
115 lines
3.8 KiB
YAML
115 lines
3.8 KiB
YAML
name: Build and Deploy Spring Boot Image
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
sonarcloud:
|
|
uses: ./.github/workflows/sonarcloud.yml
|
|
secrets:
|
|
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
|
|
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
|
|
SLACK_CI_CHANNEL_ID: ${{ secrets.SLACK_CI_CHANNEL_ID }}
|
|
|
|
build-and-push:
|
|
needs: sonarcloud
|
|
runs-on: ubuntu-latest
|
|
environment: docker-push # Requires review before proceeding
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up JDK 17
|
|
uses: actions/setup-java@v4
|
|
with:
|
|
java-version: '17'
|
|
distribution: 'temurin'
|
|
|
|
- name: Build Image with Maven
|
|
run: ./mvnw spring-boot:build-image -Dspring-boot.build-image.imageName=${{ secrets.DOCKERHUB_USERNAME }}/petclinic:${{ github.sha }} --no-transfer-progress
|
|
|
|
- name: Log in to Docker Hub
|
|
uses: docker/login-action@v3
|
|
with:
|
|
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
|
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
|
|
|
- name: Push Image to Docker Hub
|
|
run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/petclinic:${{ github.sha }}
|
|
|
|
deploy-staging:
|
|
needs: build-and-push
|
|
runs-on: ubuntu-latest
|
|
environment: staging
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Configure AWS Credentials with LabRole
|
|
uses: aws-actions/configure-aws-credentials@v4
|
|
with:
|
|
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/LabRole
|
|
aws-region: us-east-1
|
|
role-session-name: GitHubActionsSession
|
|
|
|
- name: Setup Terraform
|
|
uses: hashicorp/setup-terraform@v3
|
|
with:
|
|
terraform_version: 1.5.0
|
|
|
|
- name: Terraform Init
|
|
run: terraform init
|
|
working-directory: ./terraform
|
|
|
|
- name: Terraform Apply Staging
|
|
run: terraform apply -auto-approve -var "image_tag=${{ github.sha }}" -var "environment=staging" -var "dockerhub_username=${{ secrets.DOCKERHUB_USERNAME }}"
|
|
working-directory: ./terraform
|
|
|
|
- name: Send Slack Notification (Staging Complete, Pending Production Review)
|
|
uses: slackapi/slack-github-action@v2.0.0
|
|
with:
|
|
method: chat.postMessage
|
|
token: ${{ secrets.SLACK_BOT_TOKEN }}
|
|
payload: |
|
|
channel: ${{ secrets.SLACK_PROD_CHANNEL_ID }}
|
|
text: "Staging Deployment Complete: ${{ job.status }} for commit ${{ github.sha }}. Production deployment is pending review in GitHub Actions."
|
|
|
|
deploy-production:
|
|
needs: deploy-staging
|
|
runs-on: ubuntu-latest
|
|
environment: production # Requires review before proceeding
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Configure AWS Credentials with LabRole
|
|
uses: aws-actions/configure-aws-credentials@v4
|
|
with:
|
|
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/LabRole
|
|
aws-region: us-east-1
|
|
role-session-name: GitHubActionsSession
|
|
|
|
- name: Setup Terraform
|
|
uses: hashicorp/setup-terraform@v3
|
|
with:
|
|
terraform_version: 1.5.0
|
|
|
|
- name: Terraform Init
|
|
run: terraform init
|
|
working-directory: ./terraform
|
|
|
|
- name: Terraform Apply Production
|
|
run: terraform apply -auto-approve -var "image_tag=${{ github.sha }}" -var "environment=production" -var "dockerhub_username=${{ secrets.DOCKERHUB_USERNAME }}"
|
|
working-directory: ./terraform
|
|
|
|
- name: Send Slack Notification (Production)
|
|
uses: slackapi/slack-github-action@v2.0.0
|
|
with:
|
|
method: chat.postMessage
|
|
token: ${{ secrets.SLACK_BOT_TOKEN }}
|
|
payload: |
|
|
channel: ${{ secrets.SLACK_PROD_CHANNEL_ID }}
|
|
text: "Production Deployment: ${{ job.status }} for commit ${{ github.sha }}"
|