diff --git a/.github/actions/gradle-setup-action/action.yml b/.github/actions/gradle-setup-action/action.yml index d3231bc92..6c5bb7041 100644 --- a/.github/actions/gradle-setup-action/action.yml +++ b/.github/actions/gradle-setup-action/action.yml @@ -17,7 +17,7 @@ runs: with: distribution: 'temurin' java-version: '21' - - name: Gradle wrapper validation - uses: gradle/actions/wrapper-validation@v4 - name: Setup Gradle uses: gradle/actions/setup-gradle@v4 + - name: Gradle wrapper validation + uses: gradle/actions/wrapper-validation@v4 diff --git a/.github/workflows/build-docker.yml b/.github/workflows/build-docker.yml deleted file mode 100644 index 048d955e7..000000000 --- a/.github/workflows/build-docker.yml +++ /dev/null @@ -1,69 +0,0 @@ -name: Build and/or push docker (reusable workflow) - -on: - workflow_call: - inputs: - version: - description: "release version" - required: true - type: string - tag: - description: "desired tag, e.g. latest, dev (defaults to dev)" - required: false - type: string - default: "dev" - publish: - description: "Specifies whether to publish the images (defaults to false)" - required: false - type: boolean - default: false - - -jobs: - build: - name: Build - runs-on: ubuntu-latest - strategy: - matrix: - services: - - { - folder: waltid-services/waltid-issuer-api, - image: issuer-api - } - - { - folder: waltid-services/waltid-verifier-api, - image: verifier-api - } - - { - folder: waltid-services/waltid-wallet-api, - image: wallet-api - } - - { - folder: waltid-applications/waltid-web-wallet/apps/waltid-demo-wallet, - image: waltid-demo-wallet - } - - { - folder: waltid-applications/waltid-web-wallet/apps/waltid-dev-wallet, - image: waltid-dev-wallet - } - - { - folder: waltid-applications/waltid-web-portal, - image: portal - } - steps: - - uses: actions/checkout@v4 - - name: Login to Docker Hub - if: ${{ inputs.publish }} - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - name: Set up Docker Buildx - if: ${{ !inputs.publish }} - uses: docker/setup-buildx-action@v2 - - name: Build and push Docker images (${{ matrix.services.image }}) - uses: docker/build-push-action@v6 - with: - push: ${{ inputs.publish }} - file: ${{ matrix.services.folder }}/Dockerfile - tags: waltid/${{ matrix.services.image }}:${{ inputs.tag }}, waltid/${{ matrix.services.image }}:${{ inputs.version }} \ No newline at end of file diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ea9a9de04..4c9c765e5 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -5,16 +5,33 @@ on: branches-ignore: - main +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + jobs: version: uses: walt-id/waltid-identity/.github/workflows/version.yml@266f5c09359450c39019a6da38f2b331e7122918 gradle-build: - uses: walt-id/waltid-identity/.github/workflows/build-gradle.yml@266f5c09359450c39019a6da38f2b331e7122918 + uses: walt-id/waltid-identity/.github/workflows/gradle.yml@d3e3284f901bef1e6d80b35720fbae5e4b49a95a needs: version with: version: ${{ needs.version.outputs.release_version }} - docker-build: - uses: walt-id/waltid-identity/.github/workflows/build-docker.yml@266f5c09359450c39019a6da38f2b331e7122918 - needs: version + docker-matrix: + uses: walt-id/waltid-identity/.github/workflows/load-json.yml@927c4233610e90dd8a57418662fad7293b7b29a4 + with: + jsonpath: ".github/workflows/data/docker-matrix.json" + docker: + uses: walt-id/waltid-identity/.github/workflows/docker.yml@a82cb3363b9ffc14fde08d787383318f83cb99be + needs: [ version, docker-matrix ] + with: + images: ${{ needs.docker-matrix.outputs.json }} + version: ${{ needs.version.outputs.release_version }} + artifact: true + ebsi-ct-v3: + uses: walt-id/waltid-identity/.github/workflows/ebsictv3.yml@a82cb3363b9ffc14fde08d787383318f83cb99be + needs: [ version, docker ] + secrets: inherit with: - version: ${{ needs.version.outputs.release_version }} \ No newline at end of file + artifact: issuer-api + tag: "waltid/issuer-api:${{ needs.version.outputs.release_version }}" \ No newline at end of file diff --git a/.github/workflows/data/docker-matrix.json b/.github/workflows/data/docker-matrix.json new file mode 100644 index 000000000..05e0017b8 --- /dev/null +++ b/.github/workflows/data/docker-matrix.json @@ -0,0 +1,26 @@ +[ + { + "folder": "waltid-services/waltid-issuer-api", + "image": "issuer-api" + }, + { + "folder": "waltid-services/waltid-verifier-api", + "image": "verifier-api" + }, + { + "folder": "waltid-services/waltid-wallet-api", + "image": "wallet-api" + }, + { + "folder": "waltid-applications/waltid-web-wallet/apps/waltid-demo-wallet", + "image": "waltid-demo-wallet" + }, + { + "folder": "waltid-applications/waltid-web-wallet/apps/waltid-dev-wallet", + "image": "waltid-dev-wallet" + }, + { + "folder": "waltid-applications/waltid-web-portal", + "image": "portal" + } +] \ No newline at end of file diff --git a/.github/workflows/deployment.yml b/.github/workflows/deployment.yml index 46338de93..94af9e014 100644 --- a/.github/workflows/deployment.yml +++ b/.github/workflows/deployment.yml @@ -30,7 +30,6 @@ on: jobs: deploy: - name: Deploy runs-on: ubuntu-latest env: IMAGE_TAG: ${{ inputs.version }} diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml new file mode 100644 index 000000000..de9b2ecb7 --- /dev/null +++ b/.github/workflows/docker.yml @@ -0,0 +1,68 @@ +name: Build and/or push docker (reusable workflow) + +on: + workflow_call: + inputs: + images: + description: "The json array specifying image data (built with prepare-docker workflow)" + required: true + type: string + version: + description: "release version" + required: true + type: string + tag: + description: "desired tag, e.g. latest, dev (defaults to dev)" + required: false + type: string + default: "dev" + publish: + description: "Specifies whether to publish the images (defaults to false)" + required: false + type: boolean + default: false + artifact: + description: "Upload docker artifact (defaults to false)" + required: false + type: boolean + default: false + +jobs: + docker: + runs-on: ubuntu-latest + strategy: + matrix: + include: ${{ fromJSON(inputs.images) }} + steps: + - run: | + echo "${{ matrix.image }}::: ${{ inputs.tag }} / ${{ inputs.version }}" + - uses: actions/checkout@v4 + - name: Login to Docker Hub + if: ${{ inputs.publish }} + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Build and push Docker images (${{ matrix.image }}) + uses: docker/build-push-action@v6 + with: + push: ${{ inputs.publish }} + file: ${{ matrix.folder }}/Dockerfile + tags: waltid/${{ matrix.image }}:${{ inputs.tag }}, waltid/${{ matrix.image }}:${{ inputs.version }} + load: true + build-args: | + --progress=plain + continue-on-error: false + - name: Save Docker Image to ${{ matrix.image }}.tar.gz + if: ${{ inputs.artifact }} + run: docker save waltid/${{ matrix.image }}:${{ inputs.version }} | gzip > ${{ runner.temp }}/${{ matrix.image }}.tar.gz + continue-on-error: false + - name: Upload artifact + if: ${{ inputs.artifact }} + uses: actions/upload-artifact@v4 + with: + name: ${{ matrix.image }} + path: ${{ runner.temp }}/${{ matrix.image }}.tar.gz + retention-days: 1 \ No newline at end of file diff --git a/.github/workflows/ebsictv3.yml b/.github/workflows/ebsictv3.yml index 7bc260255..8845ce91a 100644 --- a/.github/workflows/ebsictv3.yml +++ b/.github/workflows/ebsictv3.yml @@ -1,18 +1,27 @@ name: EBSI Conformance Test v3.2 on: - push: - paths: - - 'waltid-libraries/credentials/**' - - 'waltid-libraries/crypto/**' - - 'waltid-libraries/protocols/**' - - 'waltid-libraries/waltid-did/**' - - 'waltid-services/services/waltid-issuer-api/**' - - '.github/workflows/**' + workflow_call: + inputs: + artifact: + description: "Load image from this artifact (defaults to empty)" + required: false + type: string + path: + description: "Specifies the artifact path (defaults to empty)" + required: false + type: string + tag: + description: "Use this docker image tag (defaults to empty)" + required: false + type: string jobs: EBSI-Conformance-Test-v3: + name: Run runs-on: ubuntu-latest + env: + use-artifact: ${{ inputs.artifact != '' && inputs.tag != '' }} steps: - name: The EBSI Conformance Test v3.2 job is starting run: | @@ -32,6 +41,20 @@ jobs: - name: Docker run: docker --version + - name: Download artifact + if: ${{ env.use-artifact }} + uses: actions/download-artifact@v4 + with: + name: ${{ inputs.artifact }} + path: ${{ runner.temp }} + + - name: Unzip ${{ inputs.artifact }}.tar.gz + run: gunzip ${{ runner.temp }}/${{ inputs.artifact }}.tar.gz + - name: Load Docker image from tarball + if: ${{ env.use-artifact }} + run: | + docker load --input ${{ runner.temp }}/${{ inputs.artifact }}.tar + - name: Check out repository code uses: actions/checkout@v4 @@ -53,9 +76,14 @@ jobs: sed -i 's|readonly ISSUER_URL=".*"|readonly ISSUER_URL="'"${NGROK_URL}"'"|g' .github/workflows/ebsictv3/EBSICTV3-IssueToHolder.sh sed -i 's|baseUrl = ".*"|baseUrl = "'"${NGROK_URL}"'"|g' waltid-services/waltid-issuer-api/config/issuer-service.conf - - docker build -t waltid/issuer-api:latest -f waltid-services/waltid-issuer-api/Dockerfile . - docker run --net=host -d -v $PWD/waltid-services/waltid-issuer-api/config:/waltid-issuer-api/config --name waltid-issuer-api waltid/issuer-api:latest + + image="${{ inputs.tag }}" + if [[ "${{ env.use-artifact }}" != "true" ]]; then + image="waltid/issuer-api:latest" + docker build -t $image -f waltid-services/waltid-issuer-api/Dockerfile . + fi + + docker run --net=host -d -v $PWD/waltid-services/waltid-issuer-api/config:/waltid-issuer-api/config --name waltid-issuer-api $image curl --retry 5 --retry-delay 5 --retry-connrefused http://localhost:7002/livez diff --git a/.github/workflows/build-gradle.yml b/.github/workflows/gradle.yml similarity index 90% rename from .github/workflows/build-gradle.yml rename to .github/workflows/gradle.yml index 68757afc9..21525f4ea 100644 --- a/.github/workflows/build-gradle.yml +++ b/.github/workflows/gradle.yml @@ -14,8 +14,7 @@ on: default: false jobs: - build: - name: Build + gradle: runs-on: ubuntu-latest steps: - name: Free Disk Space (Ubuntu) @@ -26,7 +25,7 @@ jobs: - name: Checkout code uses: actions/checkout@v4 - name: Configure gradle - uses: ./.github/actions/gradle-setup-action@266f5c09359450c39019a6da38f2b331e7122918 + uses: walt-id/waltid-identity/.github/actions/gradle-setup-action@f7b46c8ae1c27f1a0873a5ca8dfb0440c77381ec - name: Set version run: | sed -i "s/1.0.0-SNAPSHOT/${{ inputs.version }}/g" build.gradle.kts diff --git a/.github/workflows/load-json.yml b/.github/workflows/load-json.yml new file mode 100644 index 000000000..edd81b3cf --- /dev/null +++ b/.github/workflows/load-json.yml @@ -0,0 +1,24 @@ +name: Load json + +on: + workflow_call: + inputs: + jsonpath: + description: "the json file path containing the matrix" + required: true + type: string + outputs: + json: + description: "The json data" + value: ${{ jobs.load-json.outputs.result }} + +jobs: + load-json: + runs-on: ubuntu-latest + outputs: + result: ${{ steps.load-json.outputs.matrix }} + steps: + - uses: actions/checkout@v4 + - id: load-json + run: | + echo "matrix=$(jq -c . < ${{ inputs.jsonpath }})" >> $GITHUB_OUTPUT \ No newline at end of file diff --git a/.github/workflows/pre-release.yml b/.github/workflows/pre-release.yml index 3d7b00d0f..bdf31d8e7 100644 --- a/.github/workflows/pre-release.yml +++ b/.github/workflows/pre-release.yml @@ -10,23 +10,28 @@ jobs: uses: walt-id/waltid-identity/.github/workflows/version.yml@266f5c09359450c39019a6da38f2b331e7122918 with: suffix: -SNAPSHOT - gradle-build: - uses: walt-id/waltid-identity/.github/workflows/build-gradle.yml@266f5c09359450c39019a6da38f2b331e7122918 + gradle: + uses: walt-id/waltid-identity/.github/workflows/gradle.yml@d3e3284f901bef1e6d80b35720fbae5e4b49a95a secrets: inherit needs: version with: version: ${{ needs.version.outputs.release_version }} publish: true - docker-build: - uses: walt-id/waltid-identity/.github/workflows/build-docker.yml@266f5c09359450c39019a6da38f2b331e7122918 + docker-matrix: + uses: walt-id/waltid-identity/.github/workflows/load-json.yml@927c4233610e90dd8a57418662fad7293b7b29a4 + with: + jsonpath: ".github/workflows/data/docker-matrix.json" + docker: + uses: walt-id/waltid-identity/.github/workflows/docker.yml@a82cb3363b9ffc14fde08d787383318f83cb99be secrets: inherit - needs: version + needs: [ version, docker-matrix ] with: + images: ${{ needs.docker-matrix.outputs.json }} version: ${{ needs.version.outputs.release_version }} publish: true tag: uses: walt-id/waltid-identity/.github/workflows/tag.yml@266f5c09359450c39019a6da38f2b331e7122918 - needs: [ version, gradle-build, docker-build ] + needs: [ version, gradle, docker ] with: version: ${{ needs.version.outputs.release_version }} pre-release: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index dda74a8c0..37541394c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -12,25 +12,30 @@ jobs: uses: walt-id/waltid-identity/.github/workflows/version.yml@266f5c09359450c39019a6da38f2b331e7122918 with: preferred: ${{ inputs.release_version }} - gradle-build: - uses: walt-id/waltid-identity/.github/workflows/build-gradle.yml@266f5c09359450c39019a6da38f2b331e7122918 + gradle: + uses: walt-id/waltid-identity/.github/workflows/gradle.yml@d3e3284f901bef1e6d80b35720fbae5e4b49a95a secrets: inherit needs: version with: version: ${{ needs.version.outputs.release_version }} publish: true - docker-build: - uses: walt-id/waltid-identity/.github/workflows/build-docker.yml@266f5c09359450c39019a6da38f2b331e7122918 + docker-matrix: + uses: walt-id/waltid-identity/.github/workflows/load-json.yml@927c4233610e90dd8a57418662fad7293b7b29a4 + with: + jsonpath: ".github/workflows/data/docker-matrix.json" + docker: + uses: walt-id/waltid-identity/.github/workflows/docker.yml@a82cb3363b9ffc14fde08d787383318f83cb99be secrets: inherit - needs: version + needs: [ version, docker-matrix ] with: + images: ${{ needs.docker-matrix.outputs.json }} version: ${{ needs.version.outputs.release_version }} tag: latest publish: true deploy: uses: walt-id/waltid-identity/.github/workflows/deployment.yml@dd9e94a2b08b2f9917d56543061963e6757def1f secrets: inherit - needs: [ version, gradle-build, docker-build ] + needs: [ version, gradle, docker ] with: version: ${{ needs.version.outputs.release_version }} deployment: prod diff --git a/.github/workflows/test-deploy.yml b/.github/workflows/test-deploy.yml index 6402526b0..ab4a23b20 100644 --- a/.github/workflows/test-deploy.yml +++ b/.github/workflows/test-deploy.yml @@ -11,23 +11,28 @@ jobs: uses: walt-id/waltid-identity/.github/workflows/version.yml@266f5c09359450c39019a6da38f2b331e7122918 with: preferred: ${{ inputs.release_version }} - gradle-build: - uses: walt-id/waltid-identity/.github/workflows/build-gradle.yml@266f5c09359450c39019a6da38f2b331e7122918 + gradle: + uses: walt-id/waltid-identity/.github/workflows/gradle.yml@d3e3284f901bef1e6d80b35720fbae5e4b49a95a secrets: inherit needs: version with: version: ${{ needs.version.outputs.release_version }} - docker-build: - uses: walt-id/waltid-identity/.github/workflows/build-docker.yml@266f5c09359450c39019a6da38f2b331e7122918 + docker-matrix: + uses: walt-id/waltid-identity/.github/workflows/load-json.yml@927c4233610e90dd8a57418662fad7293b7b29a4 + with: + jsonpath: ".github/workflows/data/docker-matrix.json" + docker: + uses: walt-id/waltid-identity/.github/workflows/docker.yml@a82cb3363b9ffc14fde08d787383318f83cb99be secrets: inherit - needs: version + needs: [ version, docker-matrix ] with: + images: ${{ needs.docker-matrix.outputs.json }}s version: ${{ needs.version.outputs.release_version }} publish: true deploy: uses: walt-id/waltid-identity/.github/workflows/deployment.yml@7e03d0f22863cac15deafac7292b4c38fd9ba920 secrets: inherit - needs: [ version, gradle-build, docker-build ] + needs: [ version, gradle, docker ] with: version: ${{ needs.version.outputs.release_version }} tag: diff --git a/.github/workflows/version.yml b/.github/workflows/version.yml index 39c2cf080..04b0de560 100644 --- a/.github/workflows/version.yml +++ b/.github/workflows/version.yml @@ -18,7 +18,6 @@ on: jobs: compute: - name: Compute runs-on: ubuntu-latest outputs: result: ${{ steps.release_version.outputs.release_version }} diff --git a/.gitignore b/.gitignore index 10a35c1c8..63203c1cf 100644 --- a/.gitignore +++ b/.gitignore @@ -45,8 +45,8 @@ bin/ # walt.id secret* -*/data -*/*/data +**/data +!.github/**/data/ **/*.db /kotlin-js-store/ .idea/misc.xml diff --git a/waltid-services/waltid-verifier-api/k8s/opa/deployment-dev.yaml b/waltid-services/waltid-verifier-api/k8s/opa/deployment-dev.yaml index b544262e2..2fced763f 100644 --- a/waltid-services/waltid-verifier-api/k8s/opa/deployment-dev.yaml +++ b/waltid-services/waltid-verifier-api/k8s/opa/deployment-dev.yaml @@ -20,6 +20,7 @@ spec: args: - "run" - "--server" + - "--addr=0.0.0.0:8181" - "--log-level=info" ports: - containerPort: 8181 diff --git a/waltid-services/waltid-verifier-api/k8s/opa/deployment-prod.yaml b/waltid-services/waltid-verifier-api/k8s/opa/deployment-prod.yaml index e5337c98e..a381ab85f 100644 --- a/waltid-services/waltid-verifier-api/k8s/opa/deployment-prod.yaml +++ b/waltid-services/waltid-verifier-api/k8s/opa/deployment-prod.yaml @@ -20,6 +20,7 @@ spec: args: - "run" - "--server" + - "--addr=0.0.0.0:8181" - "--log-level=info" ports: - containerPort: 8181