Skip to content

Ushcode/4/Update-workflows-for-CICD#5

Draft
Ushcode wants to merge 13 commits intomainfrom
Ushcode/4/Update-workflows-for-CICD
Draft

Ushcode/4/Update-workflows-for-CICD#5
Ushcode wants to merge 13 commits intomainfrom
Ushcode/4/Update-workflows-for-CICD

Conversation

@Ushcode
Copy link
Member

@Ushcode Ushcode commented Feb 14, 2025

No description provided.

@Ushcode Ushcode self-assigned this Feb 14, 2025
Ushcode
Ushcode commented Feb 14, 2025
View reviewed changes
Copy link
Member Author

@Ushcode Ushcode left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • Update CI workflow
  • Add a test passing check
  • Clean up maven repository credentials

github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 14, 2025
View reviewed changes
github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 14, 2025
View reviewed changes
.github/workflows/docker-ci.yml
PASSWORD: ${{github.token}}

- name: Log in to GitHub Container Registry
uses: docker/login-action@v3

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium

Unpinned 3rd party Action 'Docker Image CI' step
Uses Step
Loading
uses 'docker/login-action' with ref 'v3', not a pinned commit hash
.github/workflows/docker-ci.yml
password: ${{ secrets.GITHUB_TOKEN }}

- name: Build docker image and push to ghcr
uses: docker/build-push-action@v6

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium

Unpinned 3rd party Action 'Docker Image CI' step
Uses Step
Loading
uses 'docker/build-push-action' with ref 'v6', not a pinned commit hash
gpeb2
gpeb2 reviewed Feb 14, 2025
View reviewed changes
.github/scripts/check-version.sh
Comment on lines +34 to +42
# Update version in code/pom.xml
POM_XML="code/pom.xml"
if [ -f "$POM_XML" ]; then
sed -i -E "s|<version>[0-9]+\.[0-9]+\.[0-9]+</version>|<version>$VERSION</version>|" "$POM_XML"
echo "Updated version in $POM_XML to $VERSION"
else
echo -e "\e[31mError\e[0m: $POM_XML not found"
exit 1
fi
Copy link
Member

@gpeb2 gpeb2 Feb 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this can be removed if we make use of the mvnw script(s) to read the version number from the VERSION file and then append -Drevision=$VERSION onto the mvn calls.

Copy link
Member Author

@Ushcode Ushcode Feb 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay cool I didn't actually look at your credo agent handling of this yet is that what you used there?

.github/scripts/check-version.sh
Comment on lines +44 to +52
# Update image version in docker-compose.yml
DOCKER_COMPOSE="docker-compose.yml"
if [ -f "$DOCKER_COMPOSE" ]; then
sed -i.bak -E "s|(image: .+:).+|\1$VERSION|" "$DOCKER_COMPOSE" && rm "$DOCKER_COMPOSE.bak"
echo "Updated image version in $DOCKER_COMPOSE to $VERSION"
else
echo -e "\e[31mError\e[0m: $DOCKER_COMPOSE not found"
exit 1
fi
Copy link
Member

@gpeb2 gpeb2 Feb 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ideally this would be handled using a variable in the Docker compose file.

Copy link
Member Author

@Ushcode Ushcode Feb 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah probably better alright. I was thinking it was nice to see the changed file in PRs but probably pointless if compose file never changes otherwise

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gpeb2 gpeb2 gpeb2 left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@Ushcode Ushcode

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Ushcode @gpeb2