Skip to content

Build, Test, and Deploy otc (DEV env) services for specific partner #280

Build, Test, and Deploy otc (DEV env) services for specific partner

Build, Test, and Deploy otc (DEV env) services for specific partner #280

Workflow file for this run

name: Build, Test, and Deploy otc (DEV env) services for specific partner
on:
# push:
# branches:
# - dev
workflow_dispatch:
inputs:
partner_name:
type: string
description: 'The name of the partner (provided during workflow execution)'
required: true
default: default
jobs:
build:
runs-on: ubuntu-20.04
strategy:
matrix:
java: [ 17 ]
name: Build OPEX and run tests with java ${{ matrix.java }} (otc)
env:
TAG: otc-dev
PARTNER: ${{ github.event.inputs.partner_name || 'default' }}
steps:
- name: Checkout Source Code
uses: actions/checkout@v2
- name: Setup Java
uses: actions/setup-java@v2
with:
distribution: 'adopt'
java-package: jdk
java-version: ${{ matrix.java }}
- name: Fetch partners config
id: download_partners_data
run: |
curl -L -o partner_mappings.yml -H "Authorization: token ${{secrets.PARTNERS_ACCESS_TOKEN}} " https://raw.githubusercontent.com/opexdev/partners/main/partner_mappings.yml
- name: Pars partners config file
id: read_partners_data
run: |
yaml() {
python3 -c "import yaml;print(yaml.safe_load(open('$1'))$2)"
}
export SSH_HOST=$(yaml partner_mappings.yml "['partners']['${{env.PARTNER}}']['SSH_HOST']")
export SSH_DIR=$(yaml partner_mappings.yml "['partners']['${{env.PARTNER}}']['SSH_DIR']")
export SSH_PRIVATE_KEY=$(yaml partner_mappings.yml "['partners']['${{env.PARTNER}}']['SSH_PRIVATE_KEY']")
export SSH_USER=$(yaml partner_mappings.yml "['partners']['${{env.PARTNER}}']['SSH_USER']")
export PASSWORD=$(yaml partner_mappings.yml "['partners']['${{env.PARTNER}}']['PASSWORD']")
export ENV_PATH=$(yaml partner_mappings.yml "['partners']['${{env.PARTNER}}']['ENV_PATH']")
export SSH_PORT=$(yaml partner_mappings.yml "['partners']['${{env.PARTNER}}']['SSH_PORT']")
echo "::add-mask::$SSH_HOST"
echo "::add-mask::$SSH_DIR"
echo "::add-mask::$SSH_PRIVATE_KEY"
echo "::add-mask::$SSH_USER"
echo "::add-mask::$PASSWORD"
echo "::add-mask::$ENV_PATH"
echo "::add-mask::$SSH_PORT"
echo "SSH_HOST=$SSH_HOST" >> $GITHUB_OUTPUT
echo "SSH_DIR=$SSH_DIR" >> $GITHUB_OUTPUT
echo "SSH_PRIVATE_KEY=$SSH_PRIVATE_KEY" >> $GITHUB_OUTPUT
echo "SSH_USER=$SSH_USER" >> $GITHUB_OUTPUT
echo "PASSWORD=$PASSWORD" >> $GITHUB_OUTPUT
echo "ENV_PATH=$ENV_PATH" >> $GITHUB_OUTPUT
echo "SSH_PORT=$SSH_PORT" >> $GITHUB_OUTPUT
- name: Decrypt data
id: decrypt_data
run: |
echo ${{ steps.read_partners_data.outputs.SSH_HOST }} | openssl aes-256-cbc -d -a -pass pass:${{secrets.PARTNERS_KEY }} > decrypted_ssh_host.txt
echo ${{ steps.read_partners_data.outputs.SSH_DIR }} | openssl aes-256-cbc -d -a -pass pass:${{secrets.PARTNERS_KEY }} > decrypted_dir.txt
echo ${{ steps.read_partners_data.outputs.SSH_USER }} | openssl aes-256-cbc -d -a -pass pass:${{secrets.PARTNERS_KEY }} > decrypted_user.txt
echo ${{ steps.read_partners_data.outputs.PASSWORD }} | openssl aes-256-cbc -d -a -pass pass:${{secrets.PARTNERS_KEY }} > decrypted_password.txt
curl -L -o priv_file.txt -H "Authorization: token ${{secrets.PARTNERS_ACCESS_TOKEN}} " https://raw.githubusercontent.com/opexdev/partners/main/${{ steps.read_partners_data.outputs.SSH_PRIVATE_KEY }}
cat priv_file.txt | openssl aes-256-cbc -d -a -pass pass:${{secrets.PARTNERS_KEY }} > decrypted_private_key.txt
export SSH_SECRET_NN=$( cat decrypted_private_key.txt | tr -s '\r\n' '#')
export user_ssh=$(cat decrypted_user.txt)
export ssh_dir=$(cat decrypted_dir.txt)
export ssh_host=$(cat decrypted_ssh_host.txt)
export env_path=${{ steps.read_partners_data.outputs.ENV_PATH }}
export ssh_port=${{ steps.read_partners_data.outputs.SSH_PORT}}
export server_pass=$(cat decrypted_password.txt)
echo "::add-mask::$ssh_dir"
echo "::add-mask::$SSH_SECRET_NN"
echo "::add-mask::$ssh_host"
echo "::add-mask::$env_path"
echo "::add-mask::$server_pass"
echo "::add-mask::$user_ssh"
echo "::add-mask::$ssh_port"
echo "ssh_user=$user_ssh" >> $GITHUB_OUTPUT
echo "ssh_dir=$ssh_dir" >> $GITHUB_OUTPUT
echo "ssh_host=$ssh_host" >> $GITHUB_OUTPUT
echo "ssh_secret=$SSH_SECRET_NN" >> $GITHUB_OUTPUT
echo "env_path=$env_path" >> $GITHUB_OUTPUT
echo "ssh_port=$ssh_port" >> $GITHUB_OUTPUT
echo "password=$server_pass" >> $GITHUB_OUTPUT
- name: Build
run: |
mvn -pl common -am -B -T 1C clean install -Potc
mvn -pl wallet,bc-gateway -amd -B -T 1C clean install -Potc
- name: Run Tests
run: |
mvn -pl common -am -B -T 1C -Dskip.unit.tests=false surefire:test
mvn -pl wallet,bc-gateway -amd -B -T 1C -Dskip.unit.tests=false surefire:test
- name: Build Docker images
run: docker compose -f docker-compose-otc.build.yml build
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Push images to GitHub Container Registry
run: docker compose -f docker-compose-otc.build.yml push
- name: Pull docker images in dest server
env:
token: ${{secrets.PARTNERS_ACCESS_TOKEN}}
run: |
export SSH_USER=${{steps.decrypt_data.outputs.ssh_user }}
export SSH_DIR=${{ steps.decrypt_data.outputs.ssh_dir }}
export SSH_HOST=${{ steps.decrypt_data.outputs.ssh_host }}
export SERVER_PASSWORD='${{ steps.decrypt_data.outputs.password }}'
export ENV_PATH=${{ steps.decrypt_data.outputs.env_path }}
export SSH_PORT=${{ steps.decrypt_data.outputs.ssh_port }}
sshpass -p $SERVER_PASSWORD ssh -o StrictHostKeyChecking=no "$SSH_USER"@"$SSH_HOST" -p "$SSH_PORT" " \
cd "$SSH_DIR"; \
curl https://raw.githubusercontent.com/opexdev/partners/main/"$ENV_PATH" -L -o .env -H 'Authorization:token $token' ; \
echo '$SERVER_PASSWORD' | sudo -S docker compose -f docker-compose-otc.yml pull; \
echo '$SERVER_PASSWORD' | sudo -S docker network create --driver bridge otc-network || true; \
echo '$SERVER_PASSWORD' | sudo -S docker compose -f docker-compose-otc.yml -f docker-compose-otc.local.yml up -d && exit "