create commiter containers

2026-02-06 15:06:50 +00:00 · 2024-06-20 09:35:12 +02:00 · 2024-06-20 09:35:12 +02:00 · e0ac6a3e54
commit e0ac6a3e54
parent b15798e05d
2 changed files with 76 additions and 21 deletions
--- a/.github/workflows/build_contributer_container.yml
+++ b/.github/workflows/build_contributer_container.yml
@ -0,0 +1,68 @@
+name: Comment on the pull request
+
+# read-write repo token
+# access to secrets
+on:
+  workflow_run:
+    workflows: [Build on Pull Request]
+    types:
+      - completed
+
+jobs:
+  upload:
+    runs-on: ubuntu-latest
+    if: >
+      github.event.workflow_run.event == 'pull_request' &&
+      github.event.workflow_run.conclusion == 'success'
+    steps:
+      - name: 'Download artifact'
+        uses: actions/github-script@v3.1.0
+        with:
+          script: |
+            var artifacts = await github.actions.listWorkflowRunArtifacts({
+               owner: context.repo.owner,
+               repo: context.repo.repo,
+               run_id: ${{github.event.workflow_run.id }},
+            });
+            var matchArtifact = artifacts.data.artifacts.filter((artifact) => {
+              return artifact.name == "pr"
+            })[0];
+            var download = await github.actions.downloadArtifact({
+               owner: context.repo.owner,
+               repo: context.repo.repo,
+               artifact_id: matchArtifact.id,
+               archive_format: 'zip',
+            });
+            var fs = require('fs');
+            fs.writeFileSync('${{github.workspace}}/pr.zip', Buffer.from(download.data));
+      - run: unzip pr.zip
+      - name: Get user from file
+        run: echo "USER_NAME=$(pr/UN)" >> $GITHUB_ENV
+
+      - name: prepare the artifact
+        run: |
+          mkdir -p obp-api/target/
+          cp pr/obp-api-1.*.war obp-api/target/obp-api-1.10.1.war
+
+      - name: Build the Docker image
+        run: |
+          echo "${{ secrets.DOCKER_HUB_TOKEN }}" | docker login -u "${{ secrets.DOCKER_HUB_USERNAME }}" --password-stdin docker.io
+          docker build . --file .github/Dockerfile_PreBuild --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/obp-api-${{ env.USER_NAME }}:$GITHUB_SHA --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/obp-api-${{ env.USER_NAME }}:latest 
+          docker push docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }} --all-tags
+          echo docker done
+
+      - uses: sigstore/cosign-installer@main
+
+      - name: Write signing key to disk (only needed for `cosign sign --key`)
+        run: echo "${{ secrets.COSIGN_PRIVATE_KEY }}" > cosign.key
+
+      - name: Sign container image
+        run: |
+          cosign sign -y --key cosign.key \
+            docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }}:develop
+          cosign sign -y --key cosign.key \
+                      docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/obp-api-${{ github.event.pull_request.user.login }}:latest
+          cosign sign -y --key cosign.key \
+                      docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/obp-api-${{ github.event.pull_request.user.login }}:$GITHUB_SHA
+        env:
+          COSIGN_PASSWORD: "${{secrets.COSIGN_PASSWORD}}"
--- a/.github/workflows/build_pull_request.yml
+++ b/.github/workflows/build_pull_request.yml
@ -75,28 +75,15 @@ jobs:

          echo consents.allowed=true >> obp-api/src/main/resources/props/test.default.props
          MAVEN_OPTS="-Xmx3G -Xss2m" mvn clean package -Pprod
-      - name: Build the Docker image
+      - name: Save user name and .war artifact
        run: |
-          echo "${{ secrets.DOCKER_HUB_TOKEN }}" | docker login -u "${{ secrets.DOCKER_HUB_USERNAME }}" --password-stdin docker.io
-          docker build . --file .github/Dockerfile_PreBuild --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/obp-api-${{ github.event.pull_request.user.login }}:$GITHUB_SHA --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/obp-api-${{ github.event.pull_request.user.login }}:latest 
-          docker push docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }} --all-tags
-          echo docker done
-
-      - uses: sigstore/cosign-installer@main
-
-      - name: Write signing key to disk (only needed for `cosign sign --key`)
-        run: echo "${{ secrets.COSIGN_PRIVATE_KEY }}" > cosign.key
-
-      - name: Sign container image
-        run: |
-          cosign sign -y --key cosign.key \
-            docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }}:develop
-          cosign sign -y --key cosign.key \
-                      docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/obp-api-${{ github.event.pull_request.user.login }}:latest
-          cosign sign -y --key cosign.key \
-                      docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/obp-api-${{ github.event.pull_request.user.login }}:$GITHUB_SHA
-        env:
-          COSIGN_PASSWORD: "${{secrets.COSIGN_PASSWORD}}"
+          mkdir -p ./pr
+          echo ${{ github.event.pull_request.user.login }} > ./pr/UN
+          cp obp-api/target/obp-api-1.*.war ./pr/
+      - uses: actions/upload-artifact@v2
+        with:
+          name: pr
+          path: pr/