name: CI/CD on: push: branches: - dev - main pull_request: branches: - main env: JAVA_VERSION: "21" jobs: backend-unit-tests: name: Backend Unit Tests runs-on: ubuntu-latest defaults: run: working-directory: backend steps: - name: Checkout uses: actions/checkout@v4 - name: Set up JDK ${{ env.JAVA_VERSION }} uses: actions/setup-java@v4 with: distribution: temurin java-version: ${{ env.JAVA_VERSION }} - name: Make Gradle wrapper executable run: chmod +x gradlew - name: Run unit tests run: ./gradlew test deploy: name: Deploy needs: backend-unit-tests if: github.event_name == 'push' && github.ref == 'refs/heads/main' runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 - name: Set up JDK ${{ env.JAVA_VERSION }} uses: actions/setup-java@v4 with: distribution: temurin java-version: ${{ env.JAVA_VERSION }} - name: Build boot jar working-directory: backend run: | chmod +x gradlew ./gradlew bootJar - name: Stage jar for Docker working-directory: backend run: | BOOT_JAR=$(find build/libs -name "*.jar" ! -name "*-plain.jar" | head -n 1) cp "$BOOT_JAR" app.jar - name: Login to Docker registry run: | echo "${{ secrets.REGISTRY_PASSWORD }}" | \ docker login git.${{ secrets.DOMAIN }} \ -u "${{ secrets.REGISTRY_USER }}" \ --password-stdin - name: Build Docker image run: | docker build \ -t git.${{ secrets.DOMAIN }}/${{ secrets.REGISTRY_USER }}/etf-oglasi-server:latest \ backend/ - name: Push Docker image run: | docker push \ git.${{ secrets.DOMAIN }}/${{ secrets.REGISTRY_USER }}/etf-oglasi-server:latest - name: Deploy to VPS run: | mkdir -p ~/.ssh echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/key chmod 600 ~/.ssh/key ssh-keyscan -H "${{ secrets.DEPLOY_HOST }}" >> ~/.ssh/known_hosts ssh -i ~/.ssh/key \ "${{ secrets.DEPLOY_USER }}@${{ secrets.DEPLOY_HOST }}" \ "mkdir -p ~/programs/etf-oglasi-server/config" ssh -i ~/.ssh/key \ "${{ secrets.DEPLOY_USER }}@${{ secrets.DEPLOY_HOST }}" \ "cd ~/programs/etf-oglasi-server && docker compose pull && docker compose up -d" mobile-release: name: Mobile Release needs: backend-unit-tests if: github.event_name == 'push' && github.ref == 'refs/heads/main' runs-on: ubuntu-latest defaults: run: working-directory: frontend steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up Node uses: actions/setup-node@v4 with: node-version: 20 - name: Set up JDK ${{ env.JAVA_VERSION }} uses: actions/setup-java@v4 with: distribution: temurin java-version: ${{ env.JAVA_VERSION }} - name: Set up Android SDK uses: android-actions/setup-android@v3 - name: Accept Android SDK licenses run: yes | sdkmanager --licenses > /dev/null || true - name: Determine next mobile version id: version run: | git fetch --tags LAST=$(git tag -l 'mobile-v*' | sed 's/mobile-v//' | sort -n | tail -1) NEXT=$(( ${LAST:-0} + 1 )) echo "next=$NEXT" >> "$GITHUB_OUTPUT" echo "tag=mobile-v$NEXT" >> "$GITHUB_OUTPUT" - name: Stamp app version run: node scripts/set-mobile-version.js ${{ steps.version.outputs.next }} - name: Restore Firebase config run: echo "${{ secrets.GOOGLE_SERVICES_JSON_BASE64 }}" | base64 -d > google-services.json - name: Restore env run: echo "EXPO_PUBLIC_API_URL=${{ secrets.EXPO_PUBLIC_API_URL }}" > .env - name: Restore signing keystore run: echo "${{ secrets.ANDROID_KEYSTORE_BASE64 }}" | base64 -d > ksan.dev.keystore - name: Install dependencies run: npm ci - name: Prebuild Android project run: npx expo prebuild -p android --no-install - name: Increase Gradle memory run: | echo "org.gradle.jvmargs=-Xmx4g -XX:MaxMetaspaceSize=1g" >> android/gradle.properties - name: Build signed release APK working-directory: frontend/android run: | ./gradlew assembleRelease --no-daemon \ -Pandroid.injected.signing.store.file="$PWD/../ksan.dev.keystore" \ -Pandroid.injected.signing.store.password="${{ secrets.ANDROID_KEYSTORE_PASSWORD }}" \ -Pandroid.injected.signing.key.alias="${{ secrets.ANDROID_KEY_ALIAS }}" \ -Pandroid.injected.signing.key.password="${{ secrets.ANDROID_KEY_PASSWORD }}" - name: Locate APK id: apk run: | APK=$(find android/app/build/outputs/apk/release -name "*.apk" | head -n1) OUT="etfoglasi-${{ steps.version.outputs.tag }}.apk" cp "$APK" "$OUT" echo "path=frontend/$OUT" >> "$GITHUB_OUTPUT" echo "name=$OUT" >> "$GITHUB_OUTPUT" - name: Create Gitea release run: | API="https://git.${{ secrets.DOMAIN }}/api/v1/repos/${{ secrets.REGISTRY_USER }}/etf-oglasi" AUTH="Authorization: token ${{ secrets.GITEARELEASE_TOKEN }}" HTTP_CODE=$(curl -s -o release.json -w "%{http_code}" -X POST \ -H "$AUTH" \ -H "Content-Type: application/json" \ -d "{\"tag_name\":\"${{ steps.version.outputs.tag }}\",\"target_commitish\":\"${{ github.sha }}\",\"name\":\"${{ steps.version.outputs.tag }}\",\"draft\":false,\"prerelease\":false}" \ "$API/releases") echo "HTTP $HTTP_CODE" cat release.json if [ "$HTTP_CODE" != "201" ]; then echo "Failed to create release" exit 1 fi RELEASE_ID=$(node -pe "JSON.parse(require('fs').readFileSync('release.json','utf8')).id") HTTP_CODE=$(curl -s -o asset.json -w "%{http_code}" -X POST \ -H "$AUTH" \ -F "attachment=@${{ steps.apk.outputs.path }}" \ "$API/releases/$RELEASE_ID/assets?name=${{ steps.apk.outputs.name }}") echo "HTTP $HTTP_CODE" cat asset.json if [ "$HTTP_CODE" != "201" ]; then echo "Failed to upload asset" exit 1 fi