Merge pull request #3 from my0373/test

Added all the workflows and docs to the main branch
This commit is contained in:
Matt York 2023-10-15 14:45:52 +01:00 committed by GitHub
commit 0644d908b8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 297 additions and 33 deletions

138
.github/workflows/ci-learning.yml vendored Normal file
View file

@ -0,0 +1,138 @@
# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
name: Java CI with Maven (more complex)
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
jobs:
# The source build job is designed to ensure that the source...
# * builds
# *
source-build:
runs-on: ubuntu-latest
strategy:
matrix:
java: [ '17' ]
steps:
- uses: actions/checkout@v3
- name: Set up JDK ${{matrix.java}}
uses: actions/setup-java@v2
with:
java-version: ${{matrix.java}}
distribution: 'adopt'
cache: maven
- name: Setup JFrog CLI
uses: jfrog/setup-jfrog-cli@v3
env:
JF_URL: ${{ secrets.JF_URL }}
JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
- name: Build with Maven Wrapper
run: ./mvnw -B package
- name: Validate Maven dependencies
run: mvn dependency:analyze
- name: Run Maven tests
run: mvn test
container-build:
runs-on: ubuntu-latest
strategy:
matrix:
java: [ '17' ]
steps:
- uses: actions/checkout@v3
- name: Set up JDK ${{matrix.java}}
uses: actions/setup-java@v2
with:
java-version: ${{matrix.java}}
distribution: 'adopt'
cache: maven
- name: Build the Maven container image
run: ./mvnw spring-boot:build-image
- name: Retag image with jfrog repo
run: docker tag spring-petclinic:3.1.0-SNAPSHOT my0373.jfrog.io/my0373-docker/spring-petclinic:3.1.0-SNAPSHOT
- name: Export the built image to a tar file
env:
IMAGE_NAME: my0373.jfrog.io/my0373-docker/spring-petclinic:3.1.0-SNAPSHOT
run: docker save $IMAGE_NAME > /tmp/petclinic.tar
- name: Upload Image as an artifact
uses: actions/upload-artifact@v2
with:
name: app
path: /tmp/petclinic.tar
publish-build:
needs: [source-build, container-build]
runs-on: ubuntu-latest
strategy:
matrix:
java: [ '17' ]
steps:
- name: Download artifacts (Docker images) from previous workflows
uses: actions/download-artifact@v2
with:
name: app
path: /tmp/petclinic/
- name: Load Docker images from previous workflows
run: |
docker load --input /tmp/petclinic/petclinic.tar
- name: List all the container images on the runner
run: docker image ls
- name: Setup JFrog CLI
uses: jfrog/setup-jfrog-cli@v3
env:
JF_URL: ${{ secrets.JF_URL }}
JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
- name: Scan Image for vulnerabilities
run:
jf docker scan my0373.jfrog.io/my0373-docker/spring-petclinic:3.1.0-SNAPSHOT
- name: Build Tag and push Docker Image
env:
IMAGE_NAME: my0373.jfrog.io/my0373-docker/spring-petclinic:3.1.0-SNAPSHOT
run:
jf docker push $IMAGE_NAME
- name: Publish Build info With JFrog CLI
env:
# Generated and maintained by GitHub
JFROG_CLI_BUILD_NAME: spring-petclinic
# JFrog organization secret
JFROG_CLI_BUILD_NUMBER : ${{ github.run_number }}
run: |
# Export the build name and build nuber
# Collect environment variables for the build
# jf rt build-collect-env
# Collect VCS details from git and add them to the build
# jf rt build-add-git
# Publish build info
# jf rt build-publish

94
.github/workflows/ci-minimal.yml vendored Normal file
View file

@ -0,0 +1,94 @@
# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
name: Minimal build requirements for the petclinic application.
# The workflow will execute on Push / PR as well as manually running.
on:
push:
branches:
- 'main'
pull_request:
branches:
- 'main'
# The actual workflow jobs. I've split some of these up to
# allow more flexibility in future.
jobs:
# The source build job is designed to ensure that the source...
# * builds
# *
source-build:
runs-on: ubuntu-latest
strategy:
matrix:
java: [ '17' ]
steps:
# Checkout the current repository
- uses: actions/checkout@v3
# Set up Java 17 on the runner
- name: Set up JDK ${{matrix.java}}
uses: actions/setup-java@v2
with:
java-version: ${{matrix.java}}
distribution: 'adopt'
cache: maven
# Configure the JFrog CLI with the secrets we've saved.
- name: Setup JFrog CLI
uses: jfrog/setup-jfrog-cli@v3
env:
JF_URL: ${{ secrets.JF_URL }}
JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
# Use the Maven wrapper to build the code.
- name: Build the Petclinic Package
run: ./mvnw -B package
# Run the maven dependency analyzer
- name: Validate Maven dependencies
run: mvn dependency:analyze
# Run the maven tests
- name: Run Maven tests
run: mvn test
# Build the container image
- name: Build the Maven container image
run: ./mvnw spring-boot:build-image
# In order to upload the image to Artifactory, we'll retag the image.
- name: Retag image with jfrog repo
run: docker tag spring-petclinic:3.1.0-SNAPSHOT my0373.jfrog.io/my0373-docker/spring-petclinic:3.1.0-SNAPSHOT
# We push the image into artifactory
- name: Push Docker Image to Artifactory
env:
IMAGE_NAME: my0373.jfrog.io/my0373-docker/spring-petclinic:3.1.0-SNAPSHOT
run:
jf docker push $IMAGE_NAME
# - name: Scan for vulnerabilities
# run:
# jf scan *
# - name: Publish Build info With JFrog CLI
# env:
# # Generated and maintained by GitHub
# JFROG_CLI_BUILD_NAME: spring-petclinic
# # JFrog organization secret
# JFROG_CLI_BUILD_NUMBER : ${{ github.run_number }}
# run: |
# # Export the build name and build nuber
# # Collect environment variables for the build
# jf rt build-collect-env
# # Collect VCS details from git and add them to the build
# jf rt build-add-git
# # Publish build info
# jf rt build-publish

View file

@ -1,32 +0,0 @@
# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
name: Java CI with Maven
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
java: [ '17' ]
steps:
- uses: actions/checkout@v3
- name: Set up JDK ${{matrix.java}}
uses: actions/setup-java@v2
with:
java-version: ${{matrix.java}}
distribution: 'adopt'
cache: maven
- name: Build with Maven Wrapper
run: ./mvnw -B package
- name: Run Maven tests
run: mvn test

65
Docs/simple.md Normal file
View file

@ -0,0 +1,65 @@
# The "Simple" GitHub Actions pipeline
This repository makes use of a GitHub actions pipeline. We'll be using a workflow to achieve this.
## The steps
In order to successfully build, our workflow must
1. Pull the code from the main branch of the git repo [here](https://github.com/spring-projects/spring-petclinic).
1. Ensure that Java 17 is installed on the GitHub runner.
1. Use the Maven wrapper to build the source.
1. Run the Maven tests for the source
1. Use Maven to check dependencies
1. Package the code into a docker container
1. tag the container with the required name
1. Push the container into the Artifactory Repository
# Using the image
In order to use the image, you will first need docker installed on your local system.
__Authenticate to your container registry with your login__
```console
foo@bar:~$ docker login -u [your-login] my0373.jfrog.io
```
__Note:__
*Please replace ```[your-login]``` with your artifactory login.*
__Pull the container image to your local system__
```console
foo@bar:~$ docker pull my0373.jfrog.io/my0373-docker/spring-petclinic:3.1.0-SNAPSHOT
```
__Run the container image.__
```console
foo@bar:~$ docker run -d -p 8080:8080 spring-petclinic:3.1.0-SNAPSHOT
```
__Note:__
*Here I am exposing the site on port 8080. Please change to your requirements.*
The Image can be viewed in artifactory [here](https://my0373.jfrog.io/ui/repos/tree/General/my0373-docker-local/spring-petclinic).
# Testing the application
Once the container is running, you should be able to connect on port 8080 on the target system.
Assuming this is your local system, open a browser to http://127.0.0.1:8080/.
# Security scan
As part of the build, I've executed an xray scan of the repository and attached the scans in the
### Code Compilation
The first step of the build process is to build
GitHub link to the repo including
Github Actions workflow files within that repo
Docker file within that repo
readme.md file explaining the work and how to run the project
Bonus Deliverable: XRay Scan Data export (JSON format) for your image

View file

@ -1 +0,0 @@
1