diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml new file mode 100644 index 0000000..d4e0135 --- /dev/null +++ b/.github/workflows/build.yaml @@ -0,0 +1,107 @@ +# .github/workflows/build.yml +# This workflow builds the JAR, then packages it as a Docker image. + +on: + push: + branches: + - 'main' + - 'devOps' + - 'dev' + pull_request: + branches: + - 'main' + - 'devOps' + - 'dev' + +# Permissions needed to push Docker images to your org's GitHub packages +permissions: + contents: read + packages: write + +jobs: + # JOB 1: Your original job, unchanged + build-test: + name: Install and Build (Tests Skipped) + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + java-version: '17' + distribution: 'temurin' + cache: maven + + - name: Cache Maven packages + uses: actions/cache@v4 + with: + path: ~/.m2/repository + key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} + restore-keys: | + ${{ runner.os }}-maven- + + - name: Build with Maven (Skip Tests) + # As requested, we are keeping -DskipTests for now + run: mvn -B clean package -DskipTests --file auth-service/pom.xml + + - name: Upload Build Artifact (JAR) + # We upload the JAR so the next job can use it + uses: actions/upload-artifact@v4 + with: + name: auth-service-jar + path: auth-service/target/*.jar + + # JOB 2: New job to package the service as a Docker image + build-and-push-docker: + name: Build & Push Docker Image + # This job only runs on pushes to 'main', not on PRs + # Ensures you only publish final images for merged code + if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/devOps' || github.ref == 'refs/heads/dev' + runs-on: ubuntu-latest + # This job runs *after* the build-test job succeeds + needs: build-test + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + # We need the JAR file that the 'build-test' job created + - name: Download JAR Artifact + uses: actions/download-artifact@v4 + with: + name: auth-service-jar + path: auth-service/target/ + + # This action generates smart tags for your Docker image + # e.g., 'ghcr.io/your-org/auth-service:latest' + # e.g., 'ghcr.io/your-org/auth-service:a1b2c3d' (from the commit SHA) + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: ghcr.io/${{ github.repository }} # e.g., ghcr.io/randitha/Authentication + tags: | + type=sha,prefix= + type=raw,value=latest,enable={{is_default_branch}} + + # Logs you into the GitHub Container Registry (GHCR) + - name: Log in to GHCR + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} # This token is auto-generated + + # Builds the Docker image and pushes it to GHCR + # This assumes you have a 'Dockerfile' in the root of 'Authentication' + - name: Build and push Docker image + uses: docker/build-push-action@v5 + with: + context: . # Assumes Dockerfile is in the root of this repo + # The Dockerfile build will copy the JAR from auth-service/target/ + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} \ No newline at end of file diff --git a/.github/workflows/buildtest.yaml b/.github/workflows/buildtest.yaml deleted file mode 100644 index 087dc8d..0000000 --- a/.github/workflows/buildtest.yaml +++ /dev/null @@ -1,46 +0,0 @@ -name: Build and Test Authentication Service - -on: - push: - branches: - - '**' - pull_request: - branches: - - '**' - -jobs: - build-test: - name: Install, Build and Test - runs-on: ubuntu-latest - - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Set up JDK 17 - uses: actions/setup-java@v4 - with: - java-version: '17' - distribution: 'temurin' - cache: maven - - - name: Cache Maven packages - uses: actions/cache@v4 - with: - path: ~/.m2/repository - key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} - restore-keys: | - ${{ runner.os }}-maven- - - - name: Build with Maven (Skip Tests) - run: mvn -B clean package -DskipTests --file auth-service/pom.xml - - - name: Compile Tests (without running) - run: mvn -B test-compile --file auth-service/pom.xml - - - name: Upload Build Artifact - if: success() - uses: actions/upload-artifact@v4 - with: - name: auth-service-jar - path: auth-service/target/*.jar diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml new file mode 100644 index 0000000..920c24b --- /dev/null +++ b/.github/workflows/deploy.yaml @@ -0,0 +1,72 @@ +# Authentication/.github/workflows/deploy.yml + +name: Deploy Auth Service to Kubernetes + +on: + workflow_run: + # This MUST match the 'name:' of your build.yml file + workflows: ["Build and Package Service"] + types: + - completed + branches: + - 'main' + - 'devOps' + +jobs: + deploy: + name: Deploy Auth Service to Kubernetes + # We only deploy if the build job was successful + if: ${{ github.event.workflow_run.conclusion == 'success' }} + runs-on: ubuntu-latest + + steps: + # We only need the SHA of the new image + - name: Get Commit SHA + id: get_sha + run: | + echo "sha=$(echo ${{ github.event.workflow_run.head_sha }} | cut -c1-7)" >> $GITHUB_OUTPUT + + # 1. Checkout your new 'k8s-config' repository + - name: Checkout K8s Config Repo + uses: actions/checkout@v4 + with: + # This points to your new repo + repository: 'TechTorque-2025/k8s-config' + # This uses the org-level secret you created + token: ${{ secrets.REPO_ACCESS_TOKEN }} + # We'll put the code in a directory named 'config-repo' + path: 'config-repo' + # --- NEW LINE --- + # Explicitly checkout the 'main' branch + ref: 'main' + + - name: Install kubectl + uses: azure/setup-kubectl@v3 + + - name: Install yq + run: | + sudo wget https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -O /usr/bin/yq + sudo chmod +x /usr/bin/yq + + - name: Set Kubernetes context + uses: azure/k8s-set-context@v4 + with: + kubeconfig: ${{ secrets.KUBE_CONFIG_DATA }} # This uses your Org-level secret + + # 2. Update the image tag for the *authentication* service + - name: Update image tag in YAML + run: | + yq -i '(select(.kind == "Deployment") | .spec.template.spec.containers[0].image) = "ghcr.io/techtorque-2025/authentication:${{ steps.get_sha.outputs.sha }}"' config-repo/k8s/services/auth-deployment.yaml + + # --- NEW DEBUGGING STEP --- + - name: Display file contents before apply + run: | + echo "--- Displaying k8s/services/auth-deployment.yaml ---" + cat config-repo/k8s/services/auth-deployment.yaml + echo "------------------------------------------------------" + + # 3. Deploy the updated file + - name: Deploy to Kubernetes + run: | + kubectl apply -f config-repo/k8s/services/auth-deployment.yaml + kubectl rollout status deployment/auth-deployment \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..ecd19e4 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,34 @@ +# Dockerfile for auth-service + +# --- Build Stage --- +# Use the official Maven image which contains the Java JDK +FROM maven:3.8-eclipse-temurin-17 AS build + +# Set the working directory +WORKDIR /app + +# Copy the pom.xml and download dependencies +COPY auth-service/pom.xml . +RUN mvn -B dependency:go-offline + +# Copy the rest of the source code and build the application +# Note: We copy the pom.xml *first* to leverage Docker layer caching. +COPY auth-service/src ./src +RUN mvn -B clean package -DskipTests + +# --- Run Stage --- +# Use a minimal JRE image for the final container +FROM eclipse-temurin:17-jre-jammy + +# Set a working directory +WORKDIR /app + +# Copy the built JAR from the 'build' stage +# The wildcard is used in case the version number is in the JAR name +COPY --from=build /app/target/*.jar app.jar + +# Expose the port your application runs on (e.g., 8080) +EXPOSE 8080 + +# The command to run your application +ENTRYPOINT ["java", "-jar", "app.jar"] \ No newline at end of file