tincheck/.gitea/workflows/build.yaml

name: Build & Release
on:
  push:
    branches: [master]
    tags:
      - '[0-9]+.[0-9]+.[0-9]+'

env:
  ORG_GRADLE_PROJECT_BUILD_VERSION: ${{ gitea.ref_name }}
  ORG_GRADLE_PROJECT_DOCKER_REGISTRY: ${{ secrets.DOCKER_REGISTRY }}
  ENDPOINT: services-1
  STACK: tincheck
  IMAGE: com.devsoap/tincheck
  TAG: ${{ gitea.ref_name }}
  RUNNER_TOOL_CACHE: /toolcache

jobs:
  build-application:
    runs-on: node20
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
        with:
          ssh-key: ${{ secrets.SSH_JOHN_PRIVATE_KEY }}
      - name: Configure SSH Agent
        uses: webfactory/ssh-agent@v0.8.0
        with:
          ssh-private-key: ${{ secrets.SSH_JOHN_PRIVATE_KEY }}
      - name: Configure Java project
        uses: actions/setup-java@v4
        with:
          distribution: 'temurin'
          java-version: '17'
          cache: 'gradle'
      - name: Cache Java dependencies
        uses: actions/cache@v3
        env:
          cache-name: cache-java-dependencies
        with:
          path: ~/.gradle
          key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/build.gradle') }}
          restore-keys: |
            ${{ runner.os }}-build-${{ env.cache-name }}-
            ${{ runner.os }}-build-
            ${{ runner.os }}-            
      - name: Run Unit tests
        run: ./gradlew --info --stacktrace test --fail-fast
      - name: Build Distribution
        run: ./gradlew --info --stacktrace installDist
      - name: Save distribution
        uses: actions/upload-artifact@v3
        with:
          name: tincheck-${{env.TAG}}
          path: build/install/tincheck

  build-docker-image:
      if: ${{ needs.build-application.result == 'success' && startsWith(gitea.ref, 'refs/tags/') }}
      needs: build-application
      runs-on: node20
      container:
        image: catthehacker/ubuntu:act-20.04
      steps:
        - name: Checkout Docker file
          uses: actions/checkout@v4
          with:
            ssh-key: ${{ secrets.SSH_JOHN_PRIVATE_KEY }}
            sparse-checkout: Dockerfile
            sparse-checkout-cone-mode: false
        - name: Download distribution
          uses: actions/download-artifact@v3
          with:
            name: tincheck-${{env.TAG}}
            path: dist
        - name: Set up Docker Buildx
          uses: docker/setup-buildx-action@v2
        - name: Login to Devsoap Container Registry
          uses: docker/login-action@v2
          with:
            registry: ${{ secrets.DOCKER_REGISTRY }}
            username: ${{ secrets.DOCKER_REGISTRY_USER }}
            password: ${{ secrets.DOCKER_REGISTRY_PASSWORD }}
        - name: Build docker image
          uses: docker/build-push-action@v4
          with:
            file: Dockerfile
            push: true
            tags: |
              ${{secrets.DOCKER_REGISTRY}}/${{env.IMAGE}}:${{env.TAG}}
              ${{secrets.DOCKER_REGISTRY}}/${{env.IMAGE}}:latest              

  deploy-to-production:
    if: ${{ needs.build-docker-image.result == 'success' }}
    needs: build-docker-image
    runs-on: node20
    steps:
      - name: Checkout infrastructure config
        run: |
          echo "Cloning repository ${{ env.REPOSITORY_URL }}"
          git clone -v --depth=1 ${{ env.REPOSITORY_URL }} infra          
        env:
          REPOSITORY_URL: ${{ env.GIT_REPO_USER }}@${{ env.GIT_REPO_INTERNAL }}:${{ env.DEVSOAP_INFRA_GIT_REPO }}
      - name: Setup Git config
        working-directory: infra
        run: |
          git config user.email "code@devsoap.com"
          git config user.name "Devsoap Code CI/CD"          
      - name: Update image version
        working-directory: infra
        run: |
          sed -i -r "s|/$IMAGE:(.*?)|/$IMAGE:$TAG|g" $ENDPOINT/$STACK/docker-compose.yml
          git diff -U0          
      - name: Push changes
        working-directory: infra
        run: |
          git commit -am "Updated $ENDPOINT/$STACK/$IMAGE to $TAG"
          git push origin master