chore(ci): migrate to Github Actions

.github/workflows/build-worker.yml

@@ -0,0 +1,85 @@
+---
+name: Build Worker
+
+on:
+  push:
+    branches:
+    - '**'
+    # tags:
+    # - 'v*.*.*'
+
+defaults:
+  run:
+    # use bash shell by default to ensure pipefail behavior is the default
+    # see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference
+    shell: bash
+
+env:
+  IMAGE_NAME: team-consulting/showroom-customer-onboarding-external-nodejs
+
+jobs:
+  build:
+    runs-on: ubuntu-22.04
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Import Secrets
+      id: secrets # important to refer to it in later steps
+      uses: hashicorp/vault-action@v2.7.2
+      with:
+        url: ${{ secrets.VAULT_ADDR }}
+        method: approle
+        roleId: ${{ secrets.VAULT_ROLE_ID }}
+        secretId: ${{ secrets.VAULT_SECRET_ID }}
+        exportEnv: false # we rely on step outputs, no need for environment variables
+        secrets: |
+          secret/data/products/consulting/ci/consulting ARTIFACTS_USR;
+          secret/data/products/consulting/ci/consulting ARTIFACTS_PSW;
+          secret/data/products/consulting/ci/consulting SHOWCASE_MAIL_PASSWORD;
+
+    - name: Create mail password
+      run: |
+        sed -i "s/\${SHOWCASE_MAIL_PASSWORD}/${{ steps.secrets.outputs.SHOWCASE_MAIL_PASSWORD }}/g" external-task-worker/.env
+
+    - name: Setup Maven
+      uses: s4u/setup-maven-action@v1.8.0
+      with:
+        java-version: '8'
+        java-distribution: 'temurin'
+        maven-version: '3.3.9'
+
+    # Use CI Nexus as co-located pull-through cache for Maven artifacts via ~/.m2/settings.xml
+    - name: Create Maven Settings
+      uses: s4u/maven-settings-action@v2.8.0
+      with:
+        githubServer: false
+        servers: |
+          [{
+            "id": "camunda-nexus",
+            "username": "${{ steps.secrets.outputs.ARTIFACTS_USR }}",
+            "password": "${{ steps.secrets.outputs.ARTIFACTS_PSW }}"
+          }]
+        mirrors: '[{"url": "https://repository.nexus.camunda.cloud/content/groups/internal/", "id": "camunda-nexus", "mirrorOf": "*", "name": "Camunda Nexus"}]'
+
+    - name: Run Tests
+      run: |
+        cd external-task-worker && mvn clean resources:resources package -B
+      env:
+        MAVEN_USERNAME: ${{ steps.secrets.outputs.ARTIFACTS_USR }}
+        MAVEN_PASSWORD: ${{ steps.secrets.outputs.ARTIFACTS_PSW }}
+
+    - name: Publish Test Results
+      uses: EnricoMi/publish-unit-test-result-action@v2
+      if: always() # Publish results even if the job fails or is canceled
+      with:
+        files: |
+          external-task-worker/**/target/surefire-reports/*.xml
+          external-task-worker/**/target/failsafe-reports/TEST-*.xml
+
+    - uses: camunda/infra-global-github-actions/build-docker-image@main
+      with:
+        registry_host: registry.camunda.cloud
+        registry_username: ${{ steps.secrets.outputs.ARTIFACTS_USR }}
+        registry_password: ${{ steps.secrets.outputs.ARTIFACTS_PSW }}
+        image_name: ${{ env.IMAGE_NAME }}
+        build_context: external-task-worker

.github/workflows/build.yml

@@ -0,0 +1,84 @@
+---
+name: Build
+
+on:
+  push:
+    branches:
+    - '**'
+    tags:
+    - 'v*.*.*'
+
+defaults:
+  run:
+    # use bash shell by default to ensure pipefail behavior is the default
+    # see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference
+    shell: bash
+
+env:
+  IMAGE_NAME: team-consulting/showroom-customer-onboarding
+
+jobs:
+  build:
+    runs-on: ubuntu-22.04
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Import Secrets
+      id: secrets # important to refer to it in later steps
+      uses: hashicorp/vault-action@v2.7.2
+      with:
+        url: ${{ secrets.VAULT_ADDR }}
+        method: approle
+        roleId: ${{ secrets.VAULT_ROLE_ID }}
+        secretId: ${{ secrets.VAULT_SECRET_ID }}
+        exportEnv: false # we rely on step outputs, no need for environment variables
+        secrets: |
+          secret/data/products/consulting/ci/consulting ARTIFACTS_USR;
+          secret/data/products/consulting/ci/consulting ARTIFACTS_PSW;
+          secret/data/products/consulting/ci/consulting SHOWROOM_BUCKET_AUTH_BYTES;
+
+    - name: Setup Maven
+      uses: s4u/setup-maven-action@v1.8.0
+      with:
+        java-version: '8'
+        java-distribution: 'temurin'
+        maven-version: '3.3.9'
+
+    # Use CI Nexus as co-located pull-through cache for Maven artifacts via ~/.m2/settings.xml
+    - name: Create Maven Settings
+      uses: s4u/maven-settings-action@v2.8.0
+      with:
+        githubServer: false
+        servers: |
+          [{
+            "id": "camunda-nexus",
+            "username": "${{ steps.secrets.outputs.ARTIFACTS_USR }}",
+            "password": "${{ steps.secrets.outputs.ARTIFACTS_PSW }}"
+          }]
+        mirrors: '[{"url": "https://repository.nexus.camunda.cloud/content/groups/internal/", "id": "camunda-nexus", "mirrorOf": "*", "name": "Camunda Nexus"}]'
+
+    - name: Run Tests
+      run: |
+        mvn clean resources:resources package -B
+      env:
+        MAVEN_USERNAME: ${{ steps.secrets.outputs.ARTIFACTS_USR }}
+        MAVEN_PASSWORD: ${{ steps.secrets.outputs.ARTIFACTS_PSW }}
+
+    - name: Publish Test Results
+      uses: EnricoMi/publish-unit-test-result-action@v2
+      if: always() # Publish results even if the job fails or is canceled
+      with:
+        files: |
+          **/target/surefire-reports/*.xml
+          **/target/failsafe-reports/TEST-*.xml
+
+    - name: Create bucket auth secret
+      run: |
+        echo "${{ steps.secrets.outputs.SHOWROOM_BUCKET_AUTH_BYTES }}" | base64 -d > ./auth/bucketAuth.json
+
+    - uses: camunda/infra-global-github-actions/build-docker-image@main
+      with:
+        registry_host: registry.camunda.cloud
+        registry_username: ${{ steps.secrets.outputs.ARTIFACTS_USR }}
+        registry_password: ${{ steps.secrets.outputs.ARTIFACTS_PSW }}
+        image_name: ${{ env.IMAGE_NAME }}

README.md

@@ -31,10 +31,10 @@ The workflow first executes an automated decision (in DMN), determining if the a
 The camunda web applications will be accessible under http://localhost:8080/camunda
 
 The user/password demo/demo can be used to login.
- 
+
 
 # Architecture
-The showcase uses Spring Boot and the Camunda Spring boot starters. 
+The showcase uses Spring Boot and the Camunda Spring boot starters.
 https://docs.camunda.org/manual/latest/user-guide/spring-boot-integration
 
 Spring web is used for the REST services defined in *ApplicationOnlineFacade*
@@ -46,7 +46,7 @@ Spring web is used for the REST services defined in *ApplicationOnlineFacade*
 # How to build and run
 1. clone project or download sources
 2. build via Maven (*mvn clean package*)
-3. run via Spring boot (*mvn spring-boot:run*) 
+3. run via Spring boot (*mvn spring-boot:run*)
 
 During startup the showcase **will generate test data**. This can take a few minutes.
 You can already use the application during this time.
@@ -55,3 +55,13 @@ To start with a fresh database delete /camunda-db.mv.db and /camunda-db.trace.db
 Alternatively you can play online in the [Showroom](http://showroom.camunda.com/) without installing anything locally. The showroom is password protected and only accessible for camunda partners.
 
 
+# Releasing
+
+When you want to release a new Docker image, [create a GitHub release](https://github.com/camunda-consulting/showroom-customer-onboarding/releases/new):
+- Choose a tag: enter a new version (e.g. `v1.2.3`) and click `create a tag`
+- Target: `main`
+- Release title: new version (e.g. `v1.2.3`)
+- Description: click `Generate release notes` for GitHub to fill it.
+- Click `Publish Release` to release it.
+
+You can check the [actions page](https://github.com/camunda-consulting/showroom-customer-onboarding/actions) to follow the release.