-
Notifications
You must be signed in to change notification settings - Fork 467
123 lines (113 loc) · 4.1 KB
/
cicd_3-trunk.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
# Trunk Checks Workflow
#
# This workflow is triggered on pushes to the master branch or manually via workflow_dispatch.
# It orchestrates a comprehensive set of checks, builds, tests, and deployments for the trunk (master) branch.
#
# Key features:
# - Triggered on push to master or manual dispatch
# - Configurable options for reusing previous builds and running all tests
# - Comprehensive checks including build, tests, SonarQube analysis, and CLI artifact building
# - Deployment to the trunk environment
# - Final reporting of the workflow status
name: '-3 Trunk Workflow'
on:
push:
branches:
- master
workflow_dispatch:
inputs:
reuse-previous-build:
description: 'Indicates if the workflow should reuse the previous build'
type: boolean
default: true
build-on-missing-artifacts:
type: boolean
description: 'Indicates if the workflow should build on missing artifacts'
default: false
run-all-tests:
description: 'Run all tests'
type: boolean
default: false
jobs:
# Initialize the trunk check process
initialize:
name: Initialize
uses: ./.github/workflows/cicd_comp_initialize-phase.yml
with:
reuse-previous-build: ${{ inputs.reuse-previous-build || github.event_name != 'workflow_dispatch' }}
build-on-missing-artifacts: ${{ inputs.build-on-missing-artifacts || github.event_name != 'workflow_dispatch' }}
# Build job - only runs if no artifacts were found during initialization
build:
name: Trunk Build
needs: [ initialize ]
if: needs.initialize.outputs.found_artifacts == 'false'
uses: ./.github/workflows/cicd_comp_build-phase.yml
permissions:
contents: read
packages: write
# Test job - runs various tests
test:
name: Trunk Test
needs: [ initialize,build ]
if: always() && !failure() && !cancelled()
uses: ./.github/workflows/cicd_comp_test-phase.yml
with:
run-all-tests: ${{ inputs.run-all-tests || false }}
artifact-run-id: ${{ needs.initialize.outputs.artifact-run-id }}
secrets:
DOTCMS_LICENSE: ${{ secrets.DOTCMS_LICENSE }}
permissions:
contents: read
packages: write
# SonarQube analysis job
sonar:
name: Trunk SonarQube
needs: [ initialize,test ]
if: always() && !failure() && !cancelled()
uses: ./.github/workflows/cicd_comp_sonarqube-phase.yml
with:
artifact-run-id: ${{ needs.initialize.outputs.artifact-run-id }}
secrets:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
# CLI Build job - builds CLI artifacts
build-cli:
name: CLI Build
needs: [ initialize,test ]
if: always() && !failure() && !cancelled()
uses: ./.github/workflows/cicd_comp_cli-native-build-phase.yml
with:
buildNativeImage: true
artifact-run-id: ${{ needs.initialize.outputs.artifact-run-id }}
branch: ${{ github.ref }}
# Deployment job - deploys to the trunk environment
deployment:
needs: [ initialize,build-cli,sonar,test ]
if: always() && !failure() && !cancelled()
uses: ./.github/workflows/cicd_comp_deployment-phase.yml
with:
artifact-run-id: ${{ needs.initialize.outputs.artifact-run-id }}
environment: trunk
secrets:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
EE_REPO_USERNAME: ${{ secrets.EE_REPO_USERNAME }}
EE_REPO_PASSWORD: ${{ secrets.EE_REPO_PASSWORD }}
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
# Finalize job - aggregates results from previous jobs
finalize:
name: Finalize
if: always()
needs: [ initialize, build, build-cli, test, sonar, deployment]
uses: ./.github/workflows/cicd_comp_finalize-phase.yml
with:
artifact-run-id: ${{ needs.initialize.outputs.artifact-run-id }}
needsData: ${{ toJson(needs) }}
# Report job - generates and sends the final workflow report
report:
name: Report
if: always()
needs: [ finalize ]
uses: ./.github/workflows/cicd_post-workflow-reporting.yml
secrets:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}