diff --git a/.github/workflows/ci-learning.yml b/.github/workflows/ci-learning.yml new file mode 100644 index 000000000..19fabaf76 --- /dev/null +++ b/.github/workflows/ci-learning.yml @@ -0,0 +1,138 @@ +# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time +# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven + +name: Java CI with Maven (more complex) + +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + +jobs: + + # The source build job is designed to ensure that the source... + # * builds + # * + source-build: + + runs-on: ubuntu-latest + strategy: + matrix: + java: [ '17' ] + + steps: + - uses: actions/checkout@v3 + - name: Set up JDK ${{matrix.java}} + uses: actions/setup-java@v2 + with: + java-version: ${{matrix.java}} + distribution: 'adopt' + cache: maven + + - name: Setup JFrog CLI + uses: jfrog/setup-jfrog-cli@v3 + env: + JF_URL: ${{ secrets.JF_URL }} + JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} + + - name: Build with Maven Wrapper + run: ./mvnw -B package + + - name: Validate Maven dependencies + run: mvn dependency:analyze + + - name: Run Maven tests + run: mvn test + + + container-build: + + runs-on: ubuntu-latest + strategy: + matrix: + java: [ '17' ] + + steps: + - uses: actions/checkout@v3 + - name: Set up JDK ${{matrix.java}} + uses: actions/setup-java@v2 + with: + java-version: ${{matrix.java}} + distribution: 'adopt' + cache: maven + + - name: Build the Maven container image + run: ./mvnw spring-boot:build-image + + - name: Retag image with jfrog repo + run: docker tag spring-petclinic:3.1.0-SNAPSHOT my0373.jfrog.io/my0373-docker/spring-petclinic:3.1.0-SNAPSHOT + + - name: Export the built image to a tar file + env: + IMAGE_NAME: my0373.jfrog.io/my0373-docker/spring-petclinic:3.1.0-SNAPSHOT + run: docker save $IMAGE_NAME > /tmp/petclinic.tar + + - name: Upload Image as an artifact + uses: actions/upload-artifact@v2 + with: + name: app + path: /tmp/petclinic.tar + + + publish-build: + needs: [source-build, container-build] + + runs-on: ubuntu-latest + strategy: + matrix: + java: [ '17' ] + + steps: + - name: Download artifacts (Docker images) from previous workflows + uses: actions/download-artifact@v2 + with: + name: app + path: /tmp/petclinic/ + + + - name: Load Docker images from previous workflows + run: | + docker load --input /tmp/petclinic/petclinic.tar + + - name: List all the container images on the runner + run: docker image ls + + + - name: Setup JFrog CLI + uses: jfrog/setup-jfrog-cli@v3 + env: + JF_URL: ${{ secrets.JF_URL }} + JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} + + - name: Scan Image for vulnerabilities + run: + jf docker scan my0373.jfrog.io/my0373-docker/spring-petclinic:3.1.0-SNAPSHOT + + + - name: Build Tag and push Docker Image + env: + IMAGE_NAME: my0373.jfrog.io/my0373-docker/spring-petclinic:3.1.0-SNAPSHOT + run: + jf docker push $IMAGE_NAME + + + - name: Publish Build info With JFrog CLI + env: + # Generated and maintained by GitHub + JFROG_CLI_BUILD_NAME: spring-petclinic + # JFrog organization secret + JFROG_CLI_BUILD_NUMBER : ${{ github.run_number }} + run: | + # Export the build name and build nuber + # Collect environment variables for the build + # jf rt build-collect-env + # Collect VCS details from git and add them to the build + # jf rt build-add-git + # Publish build info + # jf rt build-publish \ No newline at end of file diff --git a/.github/workflows/ci-minimal.yml b/.github/workflows/ci-minimal.yml new file mode 100644 index 000000000..bbd942e2e --- /dev/null +++ b/.github/workflows/ci-minimal.yml @@ -0,0 +1,94 @@ +# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time +# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven + +name: Minimal build requirements for the petclinic application. + +# The workflow will execute on Push / PR as well as manually running. +on: + push: + branches: + - 'main' + + pull_request: + branches: + - 'main' + + +# The actual workflow jobs. I've split some of these up to +# allow more flexibility in future. +jobs: + + # The source build job is designed to ensure that the source... + # * builds + # * + source-build: + + runs-on: ubuntu-latest + strategy: + matrix: + java: [ '17' ] + + steps: + # Checkout the current repository + - uses: actions/checkout@v3 + + # Set up Java 17 on the runner + - name: Set up JDK ${{matrix.java}} + uses: actions/setup-java@v2 + with: + java-version: ${{matrix.java}} + distribution: 'adopt' + cache: maven + + # Configure the JFrog CLI with the secrets we've saved. + - name: Setup JFrog CLI + uses: jfrog/setup-jfrog-cli@v3 + env: + JF_URL: ${{ secrets.JF_URL }} + JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} + + # Use the Maven wrapper to build the code. + - name: Build the Petclinic Package + run: ./mvnw -B package + + # Run the maven dependency analyzer + - name: Validate Maven dependencies + run: mvn dependency:analyze + + # Run the maven tests + - name: Run Maven tests + run: mvn test + + # Build the container image + - name: Build the Maven container image + run: ./mvnw spring-boot:build-image + + # In order to upload the image to Artifactory, we'll retag the image. + - name: Retag image with jfrog repo + run: docker tag spring-petclinic:3.1.0-SNAPSHOT my0373.jfrog.io/my0373-docker/spring-petclinic:3.1.0-SNAPSHOT + + # We push the image into artifactory + - name: Push Docker Image to Artifactory + env: + IMAGE_NAME: my0373.jfrog.io/my0373-docker/spring-petclinic:3.1.0-SNAPSHOT + run: + jf docker push $IMAGE_NAME + + # - name: Scan for vulnerabilities + # run: + # jf scan * + + # - name: Publish Build info With JFrog CLI + # env: + # # Generated and maintained by GitHub + # JFROG_CLI_BUILD_NAME: spring-petclinic + # # JFrog organization secret + # JFROG_CLI_BUILD_NUMBER : ${{ github.run_number }} + # run: | + # # Export the build name and build nuber + # # Collect environment variables for the build + # jf rt build-collect-env + # # Collect VCS details from git and add them to the build + # jf rt build-add-git + # # Publish build info + # jf rt build-publish \ No newline at end of file diff --git a/.github/workflows/maven-build.yml b/.github/workflows/maven-build.yml deleted file mode 100644 index 3ea8368a8..000000000 --- a/.github/workflows/maven-build.yml +++ /dev/null @@ -1,32 +0,0 @@ -# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time -# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven - -name: Java CI with Maven - -on: - push: - branches: [ main ] - pull_request: - branches: [ main ] - -jobs: - build: - - runs-on: ubuntu-latest - strategy: - matrix: - java: [ '17' ] - - steps: - - uses: actions/checkout@v3 - - name: Set up JDK ${{matrix.java}} - uses: actions/setup-java@v2 - with: - java-version: ${{matrix.java}} - distribution: 'adopt' - cache: maven - - name: Build with Maven Wrapper - run: ./mvnw -B package - - - name: Run Maven tests - run: mvn test diff --git a/Docs/simple.md b/Docs/simple.md new file mode 100644 index 000000000..e8a2b68e1 --- /dev/null +++ b/Docs/simple.md @@ -0,0 +1,65 @@ +# The "Simple" GitHub Actions pipeline + +This repository makes use of a GitHub actions pipeline. We'll be using a workflow to achieve this. + +## The steps +In order to successfully build, our workflow must + +1. Pull the code from the main branch of the git repo [here](https://github.com/spring-projects/spring-petclinic). +1. Ensure that Java 17 is installed on the GitHub runner. +1. Use the Maven wrapper to build the source. +1. Run the Maven tests for the source +1. Use Maven to check dependencies +1. Package the code into a docker container +1. tag the container with the required name +1. Push the container into the Artifactory Repository + + + +# Using the image +In order to use the image, you will first need docker installed on your local system. + +__Authenticate to your container registry with your login__ +```console +foo@bar:~$ docker login -u [your-login] my0373.jfrog.io +``` +__Note:__ +*Please replace ```[your-login]``` with your artifactory login.* + + +__Pull the container image to your local system__ +```console +foo@bar:~$ docker pull my0373.jfrog.io/my0373-docker/spring-petclinic:3.1.0-SNAPSHOT +``` + +__Run the container image.__ +```console +foo@bar:~$ docker run -d -p 8080:8080 spring-petclinic:3.1.0-SNAPSHOT +``` + +__Note:__ +*Here I am exposing the site on port 8080. Please change to your requirements.* + + +The Image can be viewed in artifactory [here](https://my0373.jfrog.io/ui/repos/tree/General/my0373-docker-local/spring-petclinic). + +# Testing the application +Once the container is running, you should be able to connect on port 8080 on the target system. + +Assuming this is your local system, open a browser to http://127.0.0.1:8080/. + + + + +# Security scan +As part of the build, I've executed an xray scan of the repository and attached the scans in the + +### Code Compilation +The first step of the build process is to build + +GitHub link to the repo including + +Github Actions workflow files within that repo +Docker file within that repo +readme.md file explaining the work and how to run the project +Bonus Deliverable: XRay Scan Data export (JSON format) for your image diff --git a/triggerci.txt b/triggerci.txt deleted file mode 100644 index d00491fd7..000000000 --- a/triggerci.txt +++ /dev/null @@ -1 +0,0 @@ -1