Build IG and publish #52

Summary
Jobs
- publish
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/BuildIG_publish.yaml at 978d2d5

	name: Build IG and publish

	on:
	workflow_dispatch:
	inputs:
	orgrepo:
	description: 'Github repository of the IG e.g. hl7ch/ch-ig'
	required: true
	default: 'hl7ch/ch-'
	type: string
	version:
	description: 'Version of the IG'
	required: true
	default: '1.0.0'
	type: string
	publish:
	description: 'Publish to github / fhir.ch if build is successful'
	required: true
	default: true
	type: boolean

	# The following jobs are equal for all IGs and can be moved to a common composite-action if 'uses'-support is added, see:
	# https://github.com/actions/runner/blob/main/docs/adrs/1144-composite-actions.md
	jobs:
	publish:
	runs-on: ubuntu-latest
	permissions:
	contents: write
	id-token: 'write'
	env:
	orgrepo: "${{ github.event.inputs.orgrepo }}"
	version: "${{ github.event.inputs.version }}"
	publish: "${{ github.event.inputs.publish }}"
	fhirchappid: 974513
	steps:
	- name: 📦 Build and test with Rake
	run: \|
	sudo apt-get update
	sudo apt-get install ruby-full graphviz
	sudo gem install jekyll jekyll-asciidoc

	- name: 📦 Install modules
	run: npm install -g fsh-sushi

	- name: ☕ Setup Java 21
	uses: actions/setup-java@v3
	with:
	java-version: 21
	distribution: adopt

	- name: 📝 Get the repo name
	id: repo_name
	run: echo "::set-output name=repo::$(echo ${{ env.orgrepo }} \| cut -d '/' -f 2)"
	shell: bash

	- name: 📝 Get the organization name
	id: org_name
	run: echo "::set-output name=org::$(echo ${{ env.orgrepo }} \| cut -d '/' -f 1)"
	shell: bash

	- name: 📝 Change to workspace
	run: echo "Changing to workspace "
	working-directory: ${{ github.workspace }}

	- name: 📝 Workspace
	run: echo "${{ github.workspace }}"
	shell: bash

	- uses: actions/checkout@v4
	with:
	sparse-checkout: \|
	.github
	assets
	templates
	ig-history
	ig-registry
	ig/${{ steps.repo_name.outputs.repo }}

	- uses: actions/checkout@v4
	if: ${{ steps.repo_name.outputs.repo == 'ch-term' }}
	with:
	sparse-checkout: \|
	.github
	assets
	templates
	ig-history
	ig-registry
	ig/ch-term
	ig/ch-epr-term

	- uses: actions/checkout@v4
	if: ${{ steps.repo_name.outputs.repo == 'ch-epr-fhir' }}
	with:
	sparse-checkout: \|
	.github
	assets
	templates
	ig-history
	ig-registry
	ig/ch-epr-fhir
	ig/ch-epr-mhealth

	- name: 📥 Download IG Publisher
	run: \|
	wget -q https://github.com/HL7/fhir-ig-publisher/releases/latest/download/publisher.jar
	ls -all ./publisher.jar

	- name: 📝 List path
	run: ls -R ./

	- name: app a token for the Github APP that we can commit to the owner repo, app needs permission to org and repo, see https://github.com/organizations/hl7ch/settings/apps/fhir-ig-publication-on-fhir-ch/permissions
	id: app-token
	uses: actions/create-github-app-token@v1
	with:
	app-id: ${{ env.fhirchappid }}
	private-key: ${{ secrets.HL7CHAPPFHIRCH }}
	owner: ${{ steps.org_name.outputs.org }}
	repositories: "${{ steps.repo_name.outputs.repo }}"

	- name: Get GitHub App User ID
	id: get-user-id
	run: echo "user-id=$(gh api "/users/${{ steps.app-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT"
	env:
	GH_TOKEN: ${{ steps.app-token.outputs.token }}
	- run: \|
	git config --global user.name '${{ steps.app-token.outputs.app-slug }}[bot]'
	git config --global user.email '${{ steps.get-user-id.outputs.user-id }}+${{ steps.app-token.outputs.app-slug }}[bot]@users.noreply.github.com>'

	- uses: actions/checkout@v4
	with:
	repository: ${{ env.orgrepo }}
	path: ${{ steps.repo_name.outputs.repo }}
	token: ${{ steps.app-token.outputs.token }}
	ref: ${{ github.head_ref }}

	# Builds the HTML page for the IG.
	- name: 🏃‍♂️ Run IG Publisher local
	timeout-minutes: 45 # We need a long timeout here
	run: \|
	cd ${{ steps.repo_name.outputs.repo }}
	java -Xmx8192m -jar ../publisher.jar -ig .
	cd ..

	- name: 🏃‍♂️ Run Publication
	timeout-minutes: 135 # We need a long timeout here
	run: \|
	java -jar -Dfile.encoding=UTF-8 -Xms3550m -Xmx3550m ./publisher.jar -go-publish -source ${{ steps.repo_name.outputs.repo }} -web $PWD -registry ig-registry/fhir-ig-list.json -history ig-history -templates ./templates -temp $PWD/buildtmp

	- name: get a second token for the Github APP that we can commit to the owner repo
	id: app-token2
	uses: actions/create-github-app-token@v1
	with:
	app-id: ${{ env.fhirchappid }}
	private-key: ${{ secrets.HL7CHAPPFHIRCH }}
	owner: ${{ steps.org_name.outputs.org }}
	repositories: "${{ steps.repo_name.outputs.repo }}"

	- name: tag the ig repository with the published version
	if: ${{ env.publish == 'true' }}
	id: tag_release
	env:
	GH_TOKEN: ${{ steps.app-token2.outputs.token }}
	run: \|
	cd ${{ steps.repo_name.outputs.repo }}
	git tag -fa ${{ env.version }} -m "Release ${{ env.version }}"
	git push origin ${{ env.version }} --force
	echo "sha=$(git rev-parse --verify "$GITHUB_SHA")" >> "$GITHUB_OUTPUT"
	cd ..

	- name: 🐙 Clean download git repo
	run: rm -rf ${{ steps.repo_name.outputs.repo }}
	shell: bash

	- uses: actions/upload-artifact@v4
	if: ${{ env.publish == 'false' }}
	with:
	name: my-artifact
	path: ./ig/${{ steps.repo_name.outputs.repo }}
	retention-days: 2

	- name: 🐙 Commit and push changes to
	if: ${{ env.publish == 'true' }}
	run: \|
	git config user.name "github-actions[bot]"
	git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
	git config pull.ff only
	git pull
	git add --sparse .
	git commit -m "${{ steps.repo_name.outputs.repo }} - ${{ env.version }}"
	git push

	- id: 'auth'
	if: ${{ env.publish == 'true' }}
	uses: 'google-github-actions/auth@v2'
	with:
	workload_identity_provider: 'projects/436430299306/locations/global/workloadIdentityPools/pool1/providers/oidc-github-provider'
	service_account: 'github-fhir-ch@fhir-ch.iam.gserviceaccount.com'

	- name: '☁️ Set up Cloud SDK'
	if: ${{ env.publish == 'true' }}
	uses: 'google-github-actions/setup-gcloud@v2'
	with:
	version: '>= 363.0.0'

	- name: '☁️ Use gcloud CLI'
	if: ${{ env.publish == 'true' }}
	run: 'gcloud info'

	- name: '🚚 Publish IG to fhir.ch 🚀 🚀 🚀 '
	if: ${{ env.publish == 'true' }}
	run: \|
	gsutil -m rsync ./ig/${{ steps.repo_name.outputs.repo }} gs://fhir-ch-www/ig/${{ steps.repo_name.outputs.repo }}
	gsutil -m rsync -r ./ig/${{ steps.repo_name.outputs.repo }}/assets gs://fhir-ch-www/ig/${{ steps.repo_name.outputs.repo }}/assets
	gsutil -m rsync -r ./ig/${{ steps.repo_name.outputs.repo }}/${{ env.version }} gs://fhir-ch-www/ig/${{ steps.repo_name.outputs.repo }}/${{ env.version }}
	gsutil cp ./package-feed.xml gs://fhir-ch-www/
	gsutil cp ./package-registry.json gs://fhir-ch-www/
	gsutil cp ./publication-feed.xml gs://fhir-ch-www/

	- name: Send a stream message to Zulip
	if: ${{ env.publish == 'true' }}
	uses: zulip/github-actions-zulip/send-message@v1
	with:
	api-key: ${{ secrets.ZULIPAPIKEY }}
	email: "hl7ch-bot@chat.fhir.org"
	organization-url: "https://chat.fhir.org"
	to: "switzerland"
	type: "stream"
	topic: "fhir.ch: new FHIR Implementation Guide published"
	content: \|
	:rocket: ${{ steps.repo_name.outputs.repo }}/${{ env.version }} published :rocket:

	Details: [published](https://fhir.ch/ig/${{ steps.repo_name.outputs.repo }}/${{ env.version }}/index.html) \| [qa](https://fhir.ch/ig/${{ steps.repo_name.outputs.repo }}/${{ env.version }}/qa.html)

	:memo: It might take a few minutes until [fhir.ch](https://fhir.ch/) is serving the new version, should be visible on packages servers in [max 1](https://packages2.fhir.org/packages/catalog) to [max 8](https://registry.fhir.org/) hours.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Build IG and publish #52

Workflow file

Build IG and publish #52

Jobs

Run details

Workflow file for this run