Skip to content

FROST deployment improvements for lifecycle actions (#2038) #1391

FROST deployment improvements for lifecycle actions (#2038)

FROST deployment improvements for lifecycle actions (#2038) #1391

Workflow file for this run

name: Maven Build
on:
push:
branches:
- v1.x
- v2.x
- develop
- develop-*
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-20.04
steps:
- name: Checkout Source
uses: actions/checkout@v4
with:
# Disabling shallow clone is recommended for improving relevancy of reporting
fetch-depth: 0
- name: Cache maven repository
uses: actions/cache@v4
with:
path: |
~/.m2/repository
~/.sonar/cache
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-maven
- name: Set up JDK 21
uses: actions/setup-java@v4
with:
distribution: 'adopt'
java-version: 21
- name: Get Date
id: get-date
run: |
echo "date=$(/bin/date -u "+%Y-%m-%dT%H:%M:%S")" >> $GITHUB_OUTPUT
shell: bash
- name: Restore CVD Database from Cache
uses: actions/cache/restore@v4
with:
path: |
~/.m2/repository/org/owasp/dependency-check-data
key: ${{ runner.os }}-maven-owasp-cvedb-${{ steps.get-date.outputs.date }}
restore-keys: ${{ runner.os }}-maven-owasp-cvedb
- name: Update CVD Database
continue-on-error: true
env:
OWASP_OSS_INDEX_USERNAME: ${{ secrets.OWASP_OSS_INDEX_USERNAME }}
OWASP_OSS_INDEX_APIKEY: ${{ secrets.OWASP_OSS_INDEX_APIKEY }}
NIST_NVD_API_KEY: ${{ secrets.NIST_NVD_API_KEY }}
run: |
mvn -B -P owasp -DnvdApiDelay=6000 --settings maven-ci-settings.xml org.owasp:dependency-check-maven:update-only
- name: Save CVD Database to Cache
uses: actions/cache/save@v4
with:
path: |
~/.m2/repository/org/owasp/dependency-check-data
key: ${{ runner.os }}-maven-owasp-cvedb-${{ steps.get-date.outputs.date }}
- name: Check OWASP
env:
OWASP_OSS_INDEX_USERNAME: ${{ secrets.OWASP_OSS_INDEX_USERNAME }}
OWASP_OSS_INDEX_APIKEY: ${{ secrets.OWASP_OSS_INDEX_APIKEY }}
NIST_NVD_API_KEY: ${{ secrets.NIST_NVD_API_KEY }}
run: |
mvn -B -DskipTests -Dmaven.javadoc.skip=true -P owasp -DautoUpdate=false --settings maven-ci-settings.xml org.owasp:dependency-check-maven:aggregate
- name: Build with Maven
run: |
mvn -B -DskipTests -Dmaven.javadoc.skip=true install
- name: Test with Sonar
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
mvn -B verify sonar:sonar -Dsonar.projectKey=FraunhoferIOSB_FROST-Server -Dmaven.javadoc.skip=true -P coverage
echo "Exporting Variables"
export HTTP_NAME=$(mvn -pl FROST-Server.HTTP -Dexec.executable='echo' -Dexec.args='${project.build.finalName}' exec:exec -q)
export MQTTP_NAME=$(mvn -pl FROST-Server.MQTTP -Dexec.executable='echo' -Dexec.args='${project.build.finalName}' exec:exec -q)
export MQTT_NAME=$(mvn -pl FROST-Server.MQTT -Dexec.executable='echo' -Dexec.args='${project.build.finalName}' exec:exec -q)
echo "HTTP_ARTIFACT=${HTTP_NAME}.war" >> $GITHUB_ENV
echo "MQTTP_ARTIFACT=${MQTTP_NAME}.war" >> $GITHUB_ENV
echo "MQTT_ARTIFACT=${MQTT_NAME}-jar-with-dependencies.jar" >> $GITHUB_ENV
export version=$(mvn -Dexec.executable='echo' -Dexec.args='${project.version}' --non-recursive exec:exec -q)
echo "DOCKER_TAG_MASTER=${version}" >> $GITHUB_ENV
echo "DOCKER_TAG_BRANCH=${GITHUB_REF:11}-${version}" >> $GITHUB_ENV
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and push - HTTP - Master branch latest
if: github.ref == 'refs/heads/v2.x'
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64
context: "./FROST-Server.HTTP"
push: true
build-args: |
ARTIFACT_FILE=${{ env.HTTP_ARTIFACT }}
tags: |
fraunhoferiosb/frost-server-http:latest
fraunhoferiosb/frost-server-http:${{ env.DOCKER_TAG_MASTER }}
- name: Build and push - MQTTP - Master branch latest
if: github.ref == 'refs/heads/v2.x'
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64
context: "./FROST-Server.MQTTP"
push: true
build-args: |
ARTIFACT_FILE=${{ env.MQTTP_ARTIFACT }}
tags: |
fraunhoferiosb/frost-server-mqttp:latest
fraunhoferiosb/frost-server-mqttp:${{ env.DOCKER_TAG_MASTER }}
fraunhoferiosb/frost-server:latest
fraunhoferiosb/frost-server:${{ env.DOCKER_TAG_MASTER }}
- name: Build and push - MQTT - Master branch latest
if: github.ref == 'refs/heads/v2.x'
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64
context: "./FROST-Server.MQTT"
push: true
build-args: |
ARTIFACT_FILE=${{ env.MQTT_ARTIFACT }}
tags: |
fraunhoferiosb/frost-server-mqtt:latest
fraunhoferiosb/frost-server-mqtt:${{ env.DOCKER_TAG_MASTER }}
- name: Build and push - HTTP - Develop branch latest
if: startsWith(github.ref, 'refs/heads/develop')
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64
context: "./FROST-Server.HTTP"
push: true
build-args: |
ARTIFACT_FILE=${{ env.HTTP_ARTIFACT }}
tags: |
fraunhoferiosb/frost-server-http:${{ env.DOCKER_TAG_BRANCH }}
- name: Build and push - MQTTP - Develop branch latest
if: startsWith(github.ref, 'refs/heads/develop')
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64
context: "./FROST-Server.MQTTP"
push: true
build-args: |
ARTIFACT_FILE=${{ env.MQTTP_ARTIFACT }}
tags: |
fraunhoferiosb/frost-server:${{ env.DOCKER_TAG_BRANCH }}
fraunhoferiosb/frost-server-mqttp:${{ env.DOCKER_TAG_BRANCH }}
- name: Build and push - MQTT - Develop branch latest
if: startsWith(github.ref, 'refs/heads/develop')
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64
context: "./FROST-Server.MQTT"
push: true
build-args: |
ARTIFACT_FILE=${{ env.MQTT_ARTIFACT }}
tags: |
fraunhoferiosb/frost-server-mqtt:${{ env.DOCKER_TAG_BRANCH }}