diff --git a/.github/workflows/release-publish.yml b/.github/workflows/release-publish.yml index 255384d..bba3ad3 100644 --- a/.github/workflows/release-publish.yml +++ b/.github/workflows/release-publish.yml @@ -70,55 +70,15 @@ jobs: - name: Checkout repository uses: actions/checkout@v3 - - name: Set up JDK 17 - uses: actions/setup-java@v2 - with: - java-version: '17' - distribution: 'temurin' - - - name: Build project extensions - run: ./gradlew clean build - - - name: Install cosign - if: github.event_name != 'pull_request' - uses: sigstore/cosign-installer@v2.6.0 - with: - cosign-release: 'v1.13.1' - - - name: Setup Docker buildx - uses: docker/setup-buildx-action@v2 - - - name: Log into registry ${{ env.REGISTRY }} - if: github.event_name != 'pull_request' - uses: docker/login-action@v3 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Extract Docker metadata - id: meta - uses: docker/metadata-action@v4 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + - name: Login to GitHub Container Registry + run: echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin - - name: Build and push Docker image - id: build-and-push - uses: docker/build-push-action@v4 - with: - context: ./clearing-house-edc/launchers/connector-prod - push: ${{ github.event_name != 'pull_request' }} - tags: ${{ needs.release.outputs.new_tag_version }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=gha - cache-to: type=gha,mode=max - platforms: linux/amd64,linux/arm64 - secrets: | - "gpc=gpr.user=${{ github.actor }} - gpr.key=${{ secrets.GITHUB_TOKEN }}" + - name: Build Docker image + env: + DOCKER_IMAGE_TAG: ${{ needs.release.outputs.new_tag_version }} + run: cd clearing-house-edc && docker build -t ghcr.io/truzzt/ids-basecamp-clearing/ch-edc:$DOCKER_IMAGE_TAG -f launchers/connector-prod/Dockerfile . - - name: Sign the published Docker image - if: ${{ github.event_name != 'pull_request' }} + - name: Push Docker image env: - COSIGN_EXPERIMENTAL: "true" - run: echo "${{ needs.release.outputs.new_tag_version }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }} + DOCKER_IMAGE_TAG: ${{ needs.release.outputs.new_tag_version }} + run: docker push ghcr.io/truzzt/ids-basecamp-clearing/ch-edc:$DOCKER_IMAGE_TAG \ No newline at end of file diff --git a/clearing-house-edc/launchers/connector-prod/Dockerfile b/clearing-house-edc/launchers/connector-prod/Dockerfile index 02287d8..66284fe 100644 --- a/clearing-house-edc/launchers/connector-prod/Dockerfile +++ b/clearing-house-edc/launchers/connector-prod/Dockerfile @@ -1,16 +1,16 @@ -FROM openjdk:17-slim-buster +FROM gradle:7-jdk17 AS build + +COPY --chown=gradle:gradle . /home/gradle/project/ +WORKDIR /home/gradle/project/ +RUN ./gradlew clean build -RUN apt update \ - && apt install -y curl \ - && rm -rf /var/cache/apt/archives /var/lib/apt/lists +FROM openjdk:17-slim-buster WORKDIR /app -COPY ./build/libs/clearing-house-edc.jar /app +COPY --from=build /home/gradle/project/launchers/connector-prod/build/libs/clearing-house-edc.jar /app ENV WEB_HTTP_PORT="8181" ENV WEB_HTTP_PATH="/api" -HEALTHCHECK --interval=5s --timeout=5s --retries=10 CMD curl --fail http://localhost:8111/api/check/health - ENTRYPOINT [ "sh", "-c", "exec java $ENV_JVM_ARGS -jar clearing-house-edc.jar"]