-
Notifications
You must be signed in to change notification settings - Fork 9
99 lines (90 loc) · 3.84 KB
/
jira-evidence-example.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
name: jira-evidence-example
on:
workflow_dispatch: # This allows manual triggering of the workflow
push:
branches:
- CCS-2-Additional_evidence_examples
pull_request:
branches:
- CCS-2-Additional_evidence_examples
permissions:
id-token: write
contents: read
jobs:
docker-build-with-jira-evidence:
runs-on: ubuntu-latest
env:
DOCKER_REPO: 'test-docker-local'
IMAGE_NAME: 'my-very-cool-image:${{ github.run_number }}'
steps:
- name: Install jfrog cli
id: setup-cli
uses: jfrog/setup-jfrog-cli@v4
env:
JF_URL: ${{ vars.ARTIFACTORY_URL }}
with:
oidc-provider-name: jfrog-github-oidc
- uses: actions/checkout@v4
- name: Log in to Artifactory Docker Registry
uses: docker/login-action@v3
with:
registry: ${{ vars.ARTIFACTORY_URL }}
username: ${{ steps.setup-cli.outputs.oidc-user }}
password: ${{ steps.setup-cli.outputs.oidc-token }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build and Push Docker image
uses: docker/build-push-action@v6
id: docker-build
with:
push: true
provenance: false
platforms: linux/amd64 #, linux/arm64
build-args: REPO_URL=${{ vars.JF_URL }}/example-project-docker-dev-remote
tags: ${{ vars.JF_URL }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }}
- name: add docker package to build
run: |
echo "${{ vars.JF_URL }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }}@${{ steps.docker-build.outputs.digest }}" > metadata.json
jf rt build-docker-create ${{ env.DOCKER_REPO }} --image-file metadata.json --build-name $GITHUB_WORKFLOW --build-number ${{ github.run_number }}
- name: Publish build info
if: ${{ true }}
run: |
jf rt build-collect-env
jf rt build-add-git
jf rt build-publish
- name: Create JIRA evidence
env:
jira_token: ${{ secrets.JIRA_TOKEN }}
jira_username: ${{ secrets.JIRA_USERNAME }}
jira_url: ${{ secrets.JIRA_URL }}
run: |
BRANCH_NAME=$(git branch --show-current)
jira_id=$(echo "$BRANCH_NAME" | sed -E 's/^([^-]+-[0-9]+).*/\1/')
echo "The branch name is: $BRANCH_NAME"
echo "The jira_id is: $jira_id"
# uncomment the line below to use the commit message instead of the branch name
#START_COMMIT=$(git log -1 --format="%H %s")
#jira_id=$(echo "$BRANCH_NAME" | cut -d' ' -f2)
# Check if the jira_id matches the JIRA ID format
if [[ $jira_id =~ ^[A-Z]+-[0-9]+$ ]]; then
echo "The second element is a valid JIRA ID: $jira_id"
set +e
./examples/jira-transition-example/bin/jira-transition-checker-linux-amd64 --failOnMissingTransition "Done" $jira_id > predicate.json
EXIT_CODE=$?
set -e
# create evidence only if the jira transition checker was successful
if [ $EXIT_CODE -eq 0 ]; then
# Attach evidence onto build using JFrog CLI
jf evd create \
--build-name $GITHUB_WORKFLOW \
--build-number "${{ github.run_number }}" \
--predicate ./predicate.json \
--predicate-type https://jfrog.com/evidence/build-jira-transition/v1 \
--key "${{ secrets.JIRA_TEST_PKEY }}" \
--key-alias ${{ vars.JIRA_TEST_KEY }}
else
echo "JIRA transition checked completed with an error, or not all JIRAs pass the transition checked"
fi
else
echo "The second element is not a valid JIRA ID"
fi