Merge pull request #15 from entando/ENGPM-555

ENGPM-555 Added missing merge from develop

.github/pr-title-checker-config.json

@@ -0,0 +1,14 @@
+{
+    "LABEL": {
+        "name": "title needs correct naming convention",
+        "color": "EEEEEE"
+    },
+    "CHECKS": {
+        "regexp": "[A-Z]{2,5}-[0-9]{1,5}"
+    },
+    "MESSAGES": {
+        "success": "All OK",
+        "failure": "Failing PR test",
+        "notice": "Check the naming convention rules to naming PRs"
+    }
+}

.github/workflows/pr.yml

@@ -91,45 +91,45 @@ jobs:
   # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   # SCANS
-  scans:
-    needs: [ 'prepare', 'full-build' ]
-    runs-on: ubuntu-latest
-    if: ${{ needs.prepare.outputs.SCAN_MATRIX != '' }}
-    strategy:
-      max-parallel: 5
-      fail-fast: false
-      matrix:
-        mtx-step: ${{fromJson(needs.prepare.outputs.SCAN_MATRIX)}}
-
-    steps:
-      #~ CHECKOUT
-      - name: "CHECKOUT"
-        run: |
-          ${{ secrets.ENTANDO_OPT_PPL_INSTALL_CMD }}
-          ~/ppl-run checkout-branch pr --lcd "$LOCAL_CLONE_DIR"
-      #~ SCAN
-      - name: "Run the matrix step ${{ matrix.mtx-step }}"
-        run: |
-          MTX_STEP="${{ matrix.mtx-step }}"
-
-          ~/ppl-run generic GENERATE-REQUIREMENT-SPEC "MTX_REQUIREMENT" "$MTX_STEP" >> $GITHUB_ENV
-          for spec in (("${{ env.MTX_REQUIREMENT }}")); do
-            case "${{ env.MTX_REQUIREMENT }}" in
-              ENTANDO-REQ-GITHUB-SPECIAL)
-                export GITHUB_TOKEN="${{ secrets.GITHUB_TOKEN }}"
-                ;;
-              ENTANDO-REQ-SNYK)
-                export SNYK_TOKEN="${{ secrets.SNYK_TOKEN }}"
-                ;;
-              ENTANDO-REQ-POST-DEP)
-                export ENTANDO_OPT_OKD_LOGIN_TOKEN="${{ secrets.ENTANDO_OPT_OKD_LOGIN_TOKEN }}"
-                export ENTANDO_OPT_IMAGE_REGISTRY_CREDENTIALS="${{ secrets.ENTANDO_OPT_IMAGE_REGISTRY_CREDENTIALS }}"
-                export ENTANDO_OPT_DOCKER_USERNAME="${{ secrets.ENTANDO_OPT_DOCKER_USERNAME }}"
-                export ENTANDO_OPT_DOCKER_PASSWORD="${{ secrets.ENTANDO_OPT_DOCKER_PASSWORD }}"
-                export ENTANDO_OPT_TEST_TLS_CRT="${{ secrets.ENTANDO_OPT_TEST_TLS_CRT }}"
-                export ENTANDO_OPT_TEST_TLS_KEY="${{ secrets.ENTANDO_OPT_TEST_TLS_KEY }}"
-                ;;
-            esac
-          done
-
-          ~/ppl-run generic "$MTX_STEP" --id "$MTX_STEP" --lcd "$LOCAL_CLONE_DIR"
+#  scans:
+#    needs: [ 'prepare', 'full-build' ]
+#    runs-on: ubuntu-latest
+#    if: ${{ needs.prepare.outputs.SCAN_MATRIX != '' }}
+#    strategy:
+#      max-parallel: 5
+#      fail-fast: false
+#      matrix:
+#        mtx-step: ${{fromJson(needs.prepare.outputs.SCAN_MATRIX)}}
+#      
+#    steps:
+#      #~ CHECKOUT
+#      - name: "CHECKOUT"
+#        run: |
+#          ${{ secrets.ENTANDO_OPT_PPL_INSTALL_CMD }}
+#          ~/ppl-run checkout-branch pr --lcd "$LOCAL_CLONE_DIR"
+#      #~ SCAN
+#      - name: "Run the matrix step ${{ matrix.mtx-step }}"
+#        run: |
+#          MTX_STEP="${{ matrix.mtx-step }}"
+#
+#          ~/ppl-run generic GENERATE-REQUIREMENT-SPEC "MTX_REQUIREMENT" "$MTX_STEP" >> $GITHUB_ENV
+#          for spec in (("${{ env.MTX_REQUIREMENT }}")); do
+#            case "${{ env.MTX_REQUIREMENT }}" in
+#              ENTANDO-REQ-GITHUB-SPECIAL)
+#                export GITHUB_TOKEN="${{ secrets.GITHUB_TOKEN }}"
+#                ;;
+#              ENTANDO-REQ-SNYK)
+#                export SNYK_TOKEN="${{ secrets.SNYK_TOKEN }}"
+#                ;;
+#              ENTANDO-REQ-POST-DEP)
+#                export ENTANDO_OPT_OKD_LOGIN_TOKEN="${{ secrets.ENTANDO_OPT_OKD_LOGIN_TOKEN }}"
+#                export ENTANDO_OPT_IMAGE_REGISTRY_CREDENTIALS="${{ secrets.ENTANDO_OPT_IMAGE_REGISTRY_CREDENTIALS }}"
+#                export ENTANDO_OPT_DOCKER_USERNAME="${{ secrets.ENTANDO_OPT_DOCKER_USERNAME }}"
+#                export ENTANDO_OPT_DOCKER_PASSWORD="${{ secrets.ENTANDO_OPT_DOCKER_PASSWORD }}"
+#                export ENTANDO_OPT_TEST_TLS_CRT="${{ secrets.ENTANDO_OPT_TEST_TLS_CRT }}"
+#                export ENTANDO_OPT_TEST_TLS_KEY="${{ secrets.ENTANDO_OPT_TEST_TLS_KEY }}"
+#                ;;
+#            esac
+#          done
+#
+#          ~/ppl-run generic "$MTX_STEP" --id "$MTX_STEP" --lcd "$LOCAL_CLONE_DIR"

.github/workflows/publication.yml

@@ -1,81 +1,84 @@
-name: Internal Snapshot Publication
+name: PUB
 
 on:
   push:
     tags:
       - 'v*'
 
 env:
-  ENTANDO_OPT_USE_PPL_TAG: "v1.4.1"
-  ENTANDO_OPT_DATA_REPO: "${{ secrets.ENTANDO_OPT_DATA_REPO }}"
-  ENTANDO_OPT_DATA_REPO_TOKEN: "${{ secrets.ENTANDO_OPT_DATA_REPO_TOKEN }}"
-  ENTANDO_OPT_ENVIRONMENT_NAMES: "${{ secrets.ENTANDO_OPT_ENVIRONMENT_NAMES }}"
-  ENTANDO_OPT_FEATURES: "${{ secrets.ENTANDO_OPT_FEATURES }}"
-  ENTANDO_OPT_GLOBAL_FEATURES: "${{ secrets.ENTANDO_OPT_GLOBAL_FEATURES }}"
-  ENTANDO_OPT_LOG_LEVEL: "${{ secrets.ENTANDO_OPT_LOG_LEVEL }}"
-  ENTANDO_OPT_CUSTOM_ENV: "${{ secrets.ENTANDO_OPT_CUSTOM_ENV }}"
-  PPL_CONTEXT: ${{ toJson(github) }}
-  LOCAL_CLONE_DIR: "local-checkout"
+  PPL_TEMPLATE_VERSION: "v2.0.0"
+  ENTANDO_BOT_TOKEN: ${{ secrets.ENTANDO_BOT_TOKEN }}
+  PR_CHECKER_PATH: ".github/pr-title-checker-config.json"
 
+  DOCKER_IMAGE_BASE_NAME: entando/entando-java-base
+  DOCKER_IMAGE_ARCHITECTURE: linux/amd64,linux/arm64
+  DOCKER_IMAGE_CONTEXT: .
+  DOCKER_IMAGE_FILE: Dockerfile
+  DOCKER_IMAGE_PUSH: true
 
 jobs:
-  # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-  # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-  # PUBLICATION
+
+  check-pr:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: thehanimo/[email protected]
+        with:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          pass_on_octokit_error: false
+          configuration_path: ${{ env.PR_CHECKER_PATH }}
 
   publication:
-    outputs:
-      POST_PUB_DOCKER_SCAN: ${{ steps.START.outputs.POST_PUB_DOCKER_SCAN }}
-      POST_DEP_TESTS: ${{ steps.START.outputs.POST_DEP_TESTS }}
-    env:
-      ENTANDO_BOT_TOKEN: ${{ secrets.ENTANDO_BOT_TOKEN }}
     runs-on: ubuntu-latest
+
     steps:
-      - name: "PR PIPELINE START"
-        id: START
-        run: |
-          ${{ secrets.ENTANDO_OPT_PPL_INSTALL_CMD }}
-          ~/ppl-run status-report
-      #~ CHECKOUT
-      - name: "CHECKOUT"
-        id: CHECKOUT
-        run: |
-          ~/ppl-run \
-            .. checkout-branch --id "CHECKOUT FOR PUBLICATION" \
-                  --lcd "$LOCAL_CLONE_DIR" \
-                  --token "$ENTANDO_BOT_TOKEN" \
-            .. pr-preflight-checks --only flags --lcd "$LOCAL_CLONE_DIR" \
-          ;
-          ~/ppl-run generic GENERATE-BUILD-CACHE-KEY "BUILD_CACHE_KEY" --lcd "$LOCAL_CLONE_DIR" >> $GITHUB_ENV
-          ~/ppl-run generic GENERATE-BUILD-TARGET-DIR "BUILD_TARGET_DIR" --lcd "$LOCAL_CLONE_DIR" >> $GITHUB_ENV
-      #~ BUILD CACHE
-      #- name: "Cache Build Dir"
-        #id: build-cache
-        #uses: actions/cache@v2
-        #with:
-          #path: "${{ env.LOCAL_CLONE_DIR}}/${{ env.BUILD_TARGET_DIR }}/"
-          #key: "${{ runner.os }}-enp-build-${{ env.BUILD_CACHE_KEY }}"
-      #~ PUBLISH THE ARTIFACT
-      - name: "Publish package"
-        run: |
-          ~/ppl-run generic PUBLISH \
-            --id "PUBLICATION" \
-            --lcd "$LOCAL_CLONE_DIR"
-        env:
-          NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }}
-          NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }}
-      #~ PUBLISH TO DOCKER
-      - name: "Publish image"
-        env:
-          ENTANDO_OPT_DOCKER_PASSWORD: "${{ secrets.ENTANDO_OPT_DOCKER_PASSWORD }}"
-          ENTANDO_OPT_DOCKER_ALT_PASSWORD: "${{ secrets.ENTANDO_OPT_DOCKER_ALT_PASSWORD }}"
-        run: |
-          ~/ppl-run generic PUBLISH-IMAGE --lcd "$LOCAL_CLONE_DIR"
 
-      #~ POST SCAN
-      - name: "Post-scan container"
-        env:
-          SNYK_ORG: "${{ secrets.SNYK_ORG }}"
-          SNYK_TOKEN: "${{ secrets.SNYK_TOKEN }}"
-        run: |
-          ~/ppl-run generic SCAN-IMAGE --lcd "$LOCAL_CLONE_DIR"
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: |
+            ${{ env.DOCKER_IMAGE_BASE_NAME }}
+          tags: |
+            type=schedule
+            type=ref,event=branch
+            type=ref,event=pr,value={{base_ref}}
+            type=ref,event=tag
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+            type=sha
+            type=raw,event=pr,value={{base_ref}}
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+        with:
+          platforms: ${{ env.DOCKER_IMAGE_ARCHITECTURE }}
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.ENTANDO_OPT_DOCKER_USERNAME }}
+          password: ${{ secrets.ENTANDO_OPT_DOCKER_PASSWORD }}
+
+      - name: Login to RHT
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ secrets.ENTANDO_RHT_DOCKER_REGISTRY }}
+          username: ${{ secrets.ENTANDO_RHT_DOCKER_USERNAME }}
+          password: ${{ secrets.ENTANDO_RHT_DOCKER_PASSWORD }}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v4
+        with:
+          context: ${{ env.DOCKER_IMAGE_CONTEXT }}
+          file: ${{ env.DOCKER_IMAGE_FILE }}
+          push: ${{ env.DOCKER_IMAGE_PUSH }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          platforms: ${{ env.DOCKER_IMAGE_ARCHITECTURE }}

Dockerfile

@@ -21,7 +21,7 @@ ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' \
     HOME=/deployments
 # Install java and the run-java script
 # Also set up permissions for user `1001`
-RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \
+RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} tzdata-java \
     && microdnf update \
     && microdnf clean all \
     && mkdir /deployments \

entando-pipelines

@@ -1 +1 @@
-ENTANDO_PPL_CONFIG=release/7.1
+ENTANDO_PPL_CONFIG=release/7.3