Add GitHub Actions workflow to build and deploy plugin to OMCSI#85
Add GitHub Actions workflow to build and deploy plugin to OMCSI#85
Conversation
Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Adds a GitHub Actions CI/CD workflow that builds the plugin with Maven and deploys the resulting JAR to an OMCSI instance via an authenticated HTTP POST.
Changes:
- Introduces
.github/workflows/deploy.ymlwithpush+workflow_dispatchtriggers and branch-gated deploy logic. - Builds with Temurin JDK 8 and packages via
mvn --batch-mode package, then locates the shaded JAR fromtarget/. - Deploys to
OMCSI_DEPLOY_URL/api/plugins/deployusing bearer auth and handles common HTTP failure statuses.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| uses: actions/setup-java@v4 | ||
| with: | ||
| distribution: temurin | ||
| java-version: '8' |
There was a problem hiding this comment.
Consider enabling Maven dependency caching in setup-java (e.g., cache: maven). Without it, each run downloads dependencies from scratch, which can significantly slow down CI and increase the chance of transient network failures during builds.
| java-version: '8' | |
| java-version: '8' | |
| cache: maven |
.github/workflows/deploy.yml
Outdated
| HTTP_STATUS=$(curl --silent --write-out "%{http_code}" \ | ||
| --output "${RESPONSE_BODY}" \ | ||
| --request POST \ | ||
| --header "Authorization: Bearer ${DEPLOY_TOKEN}" \ | ||
| --form "pluginName=${PLUGIN_JAR_NAME}" \ | ||
| --form "file=@${JAR_FILE}" \ | ||
| --form "branch=${{ github.ref_name }}" \ | ||
| --form "repoUrl=${{ github.server_url }}/${{ github.repository }}" \ | ||
| "${DEPLOY_URL}/api/plugins/deploy") || { | ||
| echo "❌ curl failed – network error or invalid URL" | ||
| exit 1 | ||
| } |
There was a problem hiding this comment.
curl is run with --silent, which suppresses useful diagnostics (DNS/TLS issues, connection refusals) unless you explicitly print them. Adding --show-error (and optionally --location if the endpoint may redirect) would make failures easier to debug while keeping output mostly clean.
| echo "❌ PLUGIN_JAR_NAME variable is not set" | ||
| exit 1 | ||
| fi | ||
|
|
There was a problem hiding this comment.
The deploy step validates PLUGIN_JAR_NAME but doesn’t validate that OMCSI_DEPLOY_URL / OMCSI_DEPLOY_TOKEN are actually set. If either secret is missing/empty, the workflow will fail later with a generic curl/network/URL error, which doesn’t meet the “missing variables/secrets produce a clear error message” goal. Add explicit checks for DEPLOY_URL and DEPLOY_TOKEN and fail with targeted messages before invoking curl.
| if [ -z "${DEPLOY_URL}" ]; then | |
| echo "❌ OMCSI_DEPLOY_URL secret is not set or is empty" | |
| exit 1 | |
| fi | |
| if [ -z "${DEPLOY_TOKEN}" ]; then | |
| echo "❌ OMCSI_DEPLOY_TOKEN secret is not set or is empty" | |
| exit 1 | |
| fi |
|
@copilot address comments |
…o curl Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
All three review comments addressed in e3cc9d8:
|
.github/workflows/deploy.ymlmodeled after the Activity Tracker reference workflowcache: maven)DEPLOY_URLandDEPLOY_TOKENbefore curl--show-errorto curl for better diagnosticsOriginal prompt
🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.