test fetching access token correctly #15
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build, Test, and Deploy otc services for specific partner (DEV env) | |
| on: | |
| push: | |
| branches: | |
| - Automatic_deployment | |
| workflow_dispatch: | |
| inputs: | |
| partner_name: | |
| type: string | |
| description: 'The name of the partner (provided during workflow execution)' | |
| required: true | |
| default: default | |
| jobs: | |
| build: | |
| runs-on: ubuntu-20.04 | |
| strategy: | |
| matrix: | |
| java: [ 17 ] | |
| name: Build OPEX and run tests with java ${{ matrix.java }} (otc) | |
| env: | |
| TAG: otc-pr | |
| PARTNER: ${{ github.event.inputs.partner_name || 'default' }} | |
| steps: | |
| - name: Checkout Source Code | |
| uses: actions/checkout@v2 | |
| - name: Setup Java | |
| uses: actions/setup-java@v2 | |
| with: | |
| distribution: 'adopt' | |
| java-package: jdk | |
| java-version: ${{ matrix.java }} | |
| - name: load partners config | |
| id: download_partners_data | |
| run: | | |
| echo $PARTNER | |
| echo ${{secrets.PARTNERS_ACCESS_TOKEN}} | |
| curl -L -o partner_mappings.yml -H "Authorization: token token ${{secrets.PARTNERS_ACCESS_TOKEN}} " https://raw.githubusercontent.com/opexdev/partners/main/partner_mappings.yml | |
| cat partner_mappings.yml | |
| - name: Fetch Partner data | |
| uses: christian-ci/action-yaml-github-output@v2 | |
| id: read_partners_data | |
| with: | |
| file_path: partner_mappings.yml | |
| main_key: partners | |
| sub_key: ${{env.PARTNER}} | |
| - name: parse-yaml-file | |
| run: | | |
| echo ${{env.PARTNER}} | |
| echo "ssh private key: ${{ steps.read_partners_data.outputs.SSH_PRIVATE_KEY }}" | |
| echo "ssh dir: ${{ steps.read_partners_data.outputs.SSH_DIR }}" | |
| echo "ssh host: ${{ steps.read_partners_data.outputs.SSH_HOST }}" | |
| echo "ssh user : ${{ steps.read_partners_data.outputs.SSH_USER }}" | |
| - name: Decrypt data | |
| run: | | |
| echo ${{ steps.read_partners_data.outputs.SSH_HOST }} | openssl aes-256-cbc -d -a -pass pass:${{secrets.PARTNERS_KEY }} > decrypted_ssh_host.txt | |
| echo ${{ steps.read_partners_data.outputs.SSH_DIR }} | openssl aes-256-cbc -d -a -pass pass:${{secrets.PARTNERS_KEY }} > decrypted_dir.txt | |
| echo ${{ steps.read_partners_data.outputs.SSH_USER }} | openssl aes-256-cbc -d -a -pass pass:${{secrets.PARTNERS_KEY }} > decrypted_user.txt | |
| curl -L -o priv_file.txt -H "Authorization: token token ${{secrets.PARTNERS_ACCESS_TOKEN}} " https://raw.githubusercontent.com/opexdev/partners/main/${{ steps.read_partners_data.outputs.SSH_PRIVATE_KEY }} | |
| cat priv_file.txt | openssl aes-256-cbc -d -a -pass pass:${{secrets.PARTNERS_KEY }} > decrypted_private_key.txt | |
| export SSH_HOST=$(cat decrypted_ssh_host.txt) | |
| export SSH_DIR=$(cat decrypted_dir.txt) | |
| export SSH_USER=$(cat decrypted_user.txt) | |
| export SSH_SECRET=$(cat decrypted_private_key.txt) | |
| echo $SSH_SECRET | |
| echo $SSH_USER | |
| - name: Build | |
| run: | | |
| mvn -pl common -am -B -T 1C clean install -Potc | |
| mvn -pl wallet,bc-gateway -amd -B -T 1C clean install -Potc | |
| - name: Run Tests | |
| run: | | |
| mvn -pl common -am -B -T 1C -Dskip.unit.tests=false surefire:test | |
| mvn -pl wallet,bc-gateway -amd -B -T 1C -Dskip.unit.tests=false surefire:test | |
| - name: Build Docker images | |
| run: docker compose -f docker-compose-otc.build.yml build | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v1 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Push images to GitHub Container Registry | |
| run: docker compose -f docker-compose-otc.build.yml push | |
| deploy: | |
| name: deploy docker-compose on remote host | |
| runs-on: ubuntu-20.04 | |
| needs: build | |
| env: | |
| TAG: otc-pr | |
| steps: | |
| - name: set ssh keys | |
| run: | | |
| install -m 600 -D /dev/null ~/.ssh/id_rsa | |
| echo "$SSH_SECRET" > ~/.ssh/id_rsa | |
| ssh-keyscan -H "$SSH_HOST" >~/.ssh/known_hosts | |
| - name: pull docker images in dest server | |
| run: | | |
| ssh "$SSH_USER"@"$SSH_HOST" "cd "$SSH_DIR" \ | |
| && git pull origin dev \ | |
| && docker compose -f docker-compose-otc.yml pull \ | |
| && docker compose -f docker-compose-otc.yml -f docker-compose-otc.local.yml up -d && exit " |