fix(deps): update dependency org.http4k:http4k-bom to v6.16.0.0 #2940
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ci | |
| on: | |
| push: | |
| branches: | |
| - "**" | |
| env: | |
| APPLICATION_NAME: "GitHubActionsCiDashboard" | |
| CDK_ECR_TAG_NAME: "GitHubActionsCiDashboard" | |
| BUILD_FAILURE_SLACK_CHANNEL: "#experiments-dev-info" | |
| defaults: | |
| run: | |
| # NOTE: A bit stricter than the default bash options used by GitHub Actions | |
| # (bash --noprofile --norc -e -o pipefail {0}) | |
| shell: bash --noprofile --norc -euo pipefail {0} | |
| # NOTE: Set concurrency for the current workflow to 1 | |
| concurrency: ci-${{ github.ref }}-${{ github.workflow }} | |
| jobs: | |
| build-and-deploy: | |
| timeout-minutes: 60 | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| actions: read | |
| contents: read | |
| id-token: write | |
| packages: read | |
| deployments: write | |
| steps: | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| - uses: capralifecycle/actions-lib/check-runtime-dependencies@b4bb65b0ab41499f4829fe99c4b33b0b5a363562 # v1.6.2 | |
| - uses: capralifecycle/actions-lib/parse-config@b4bb65b0ab41499f4829fe99c4b33b0b5a363562 # v1.6.2 | |
| id: config | |
| with: | |
| config-file: ".ldp.json" | |
| - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0 | |
| with: | |
| distribution: "zulu" | |
| java-version: "21" | |
| java-package: jdk | |
| - name: cache mvn | |
| uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4.2.4 | |
| with: | |
| path: ~/.m2/repository | |
| key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-maven- | |
| - name: build and test | |
| env: | |
| SONARCLOUD_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GIT_COMMIT_SHA: ${{ github.sha }} | |
| RUN_NUMBER: ${{ github.run_number }} | |
| BRANCH_NAME: ${{ github.head_ref || github.ref_name }} | |
| run: mvn -B -U verify --no-transfer-progress | |
| - name: show errors | |
| if: ${{ failure() }} | |
| env: | |
| FAILS_FILE: ${{ runner.temp }}/fails.txt | |
| run: | | |
| echo '## Build failure ' >> $GITHUB_STEP_SUMMARY | |
| { find . -type f -path '*target/surefire-reports/*.txt' -exec grep -l -E '(Failures: [^0]|Errors: [^0])' {} >> "${FAILS_FILE}" \; || :; } | |
| { find . -type f -path '*target/failsafe-reports/*.txt' -exec grep -l -E '(Failures: [^0]|Errors: [^0])' {} >> "${FAILS_FILE}" \; || :; } | |
| while IFS="" read -r errorFile || [ -n "$errorFile" ]; do | |
| echo "**${errorFile}** " >> $GITHUB_STEP_SUMMARY | |
| echo '```text' >> $GITHUB_STEP_SUMMARY | |
| cat "${errorFile}" >> $GITHUB_STEP_SUMMARY | |
| echo '```' >> $GITHUB_STEP_SUMMARY | |
| echo '---' >> $GITHUB_STEP_SUMMARY | |
| done < "${FAILS_FILE}" | |
| - uses: capralifecycle/actions-lib/configure-aws-credentials@b4bb65b0ab41499f4829fe99c4b33b0b5a363562 # v1.6.2 | |
| id: aws | |
| with: | |
| aws-account-id: ${{ steps.config.outputs.accountId }} | |
| # NOTE: We use different roles on default and non-default branches | |
| aws-iam-role-name: ${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) && steps.config.outputs.roleName || steps.config.outputs.limitedRoleName }} | |
| authenticate-to-ecr: true | |
| - uses: capralifecycle/actions-lib/generate-tag@b4bb65b0ab41499f4829fe99c4b33b0b5a363562 # v1.6.2 | |
| id: tag | |
| with: | |
| tag-prefix: "${{ env.APPLICATION_NAME }}" | |
| - name: build and conditionally push docker image | |
| env: | |
| ECR_REPOSITORY_URI: "${{ steps.config.outputs.accountId }}.dkr.ecr.eu-west-1.amazonaws.com/${{ steps.config.outputs.ecrRepository }}" | |
| DEFAULT_TAG: "${{ steps.tag.outputs.tag }}" | |
| CONDITIONAL_PUSH: "${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }}" | |
| GIT_COMMIT_SHA: "${{ github.sha }}" | |
| run: | | |
| image_id="$(docker build -q --build-arg service_version=$GIT_COMMIT_SHA .)" | |
| if [ "$CONDITIONAL_PUSH" = "true" ]; then | |
| docker tag "$image_id" "$ECR_REPOSITORY_URI:$DEFAULT_TAG" | |
| docker push "$ECR_REPOSITORY_URI:$DEFAULT_TAG" | |
| fi | |
| - name: trigger production deployment pipelines | |
| uses: capralifecycle/actions-lib/trigger-deployment-pipeline@b4bb65b0ab41499f4829fe99c4b33b0b5a363562 # v1.6.2 | |
| if: ${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ steps.aws.outputs.aws-access-key-id }} | |
| AWS_SECRET_ACCESS_KEY: ${{ steps.aws.outputs.aws-secret-access-key }} | |
| AWS_SESSION_TOKEN: ${{ steps.aws.outputs.aws-session-token }} | |
| with: | |
| pipelines: ${{ steps.config.outputs.prodPipelines }} | |
| aws-s3-bucket-name: ${{ steps.config.outputs.artifactBucket }} | |
| trigger-type: "artifact" | |
| artifact-parameters: "prod${{ env.CDK_ECR_TAG_NAME }}EcrTag=${{ steps.tag.outputs.tag }}" | |
| - uses: capralifecycle/actions-lib/slack-notify@b4bb65b0ab41499f4829fe99c4b33b0b5a363562 # v1.6.2 | |
| # NOTE: We only want to be notified about failures on the default branch | |
| if: ${{ failure() && github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} | |
| with: | |
| bot-token: ${{ secrets.SHARED_SLACK_BOT_TOKEN }} | |
| channel: ${{ env.BUILD_FAILURE_SLACK_CHANNEL }} | |
| - uses: capralifecycle/actions-lib/configure-github-deployment@b4bb65b0ab41499f4829fe99c4b33b0b5a363562 # v1.6.2 | |
| # NOTE: Create GitHub deployment on default branch regardless of job status | |
| if: ${{ always() && github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} |