From 142320416639a403e9228793273625c7b406d8ec Mon Sep 17 00:00:00 2001 From: Jonathan Lukas Date: Tue, 24 Oct 2023 10:39:09 +0200 Subject: [PATCH] update actions (#333) --- .github/workflows/build.yml | 42 ++++++++++++--------- .github/workflows/deploy.yml | 71 +++++++++++++++++++++--------------- 2 files changed, 66 insertions(+), 47 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index a8b8aa8..85a89f7 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,23 +1,31 @@ -name: Build project with Maven -on: - pull_request: - +name: CI +on: [ pull_request ] jobs: - build: + Build: runs-on: ubuntu-latest + permissions: + checks: write + pull-requests: write steps: - name: Checkout - uses: actions/checkout@f1d3225b5376a0791fdee5a0e8eac5289355e43a # pin@v2 - - name: Java setup - uses: actions/setup-java@e54a62b3df9364d4b4c1c29c7225e57fe605d7dd # pin@v1 + uses: actions/checkout@v4 + - name: Setup Java + uses: actions/setup-java@v3 with: - java-version: 17 - - name: Cache - uses: actions/cache@99d99cd262b87f5f8671407a1e5c1ddfa36ad5ba # pin@v1 + distribution: 'temurin' + java-version: '17' + cache: 'maven' + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 with: - path: ~/.m2/repository - key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} - restore-keys: | - ${{ runner.os }}-maven- - - name: Run Maven - run: mvn -B clean verify com.mycila:license-maven-plugin:check + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build + run: mvn verify -PcheckFormat -B + - name: Publish Unit Test Results + id: publish + uses: EnricoMi/publish-unit-test-result-action@v2 + if: always() + with: + files: '**/target/surefire-reports/*.xml' diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index cfde97a..2fe8b27 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -1,56 +1,67 @@ -# If this workflow is triggered by a push to master, it -# deploys a SNAPSHOT -# If this workflow is triggered by publishing a Release, it -# deploys a RELEASE with the selected version -# updates the project version by incrementing the patch version -# commits the version update change to the repository's default branch. -name: Deploy artifacts with Maven +name: Build, test and deploy artifacts with Maven on: - push: - branches: [ master ] + workflow_dispatch: { } release: types: [ published ] + push: + branches: [ master ] jobs: - publish: - runs-on: ubuntu-20.04 + publish-maven: + runs-on: ubuntu-latest + permissions: + checks: write + pull-requests: write + packages: write + contents: write steps: - - uses: actions/checkout@f1d3225b5376a0791fdee5a0e8eac5289355e43a # pin@v2 - - name: Cache - uses: actions/cache@0781355a23dac32fd3bac414512f4b903437991a # pin@v2 - with: - path: ~/.m2/repository - key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} - restore-keys: | - ${{ runner.os }}-maven- + - uses: actions/checkout@v4 - name: Set up Java environment - uses: actions/setup-java@e54a62b3df9364d4b4c1c29c7225e57fe605d7dd # pin@v1 + uses: actions/setup-java@v3 with: - java-version: 17 + java-version: '17' + distribution: 'temurin' + cache: maven gpg-private-key: ${{ secrets.MAVEN_CENTRAL_GPG_SIGNING_KEY_SEC }} gpg-passphrase: MAVEN_CENTRAL_GPG_PASSPHRASE - - name: Login to Docker - run: | - # new login with new container registry url and PAT - echo ${{ secrets.CR_PAT }} | docker login ghcr.io -u $GITHUB_ACTOR --password-stdin + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USR }} + password: ${{ secrets.DOCKERHUB_PSW }} + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} - name: Deploy SNAPSHOT / Release - uses: camunda-community-hub/community-action-maven-release@a9e964bf56978eef9bca81551cecceebb246a8e5 # pin@v1 + uses: camunda-community-hub/community-action-maven-release@v1 with: + maven-additional-options: -P!autoFormat release-version: ${{ github.event.release.tag_name }} - release-profile: community-action-maven-release nexus-usr: ${{ secrets.NEXUS_USR }} nexus-psw: ${{ secrets.NEXUS_PSW }} maven-usr: ${{ secrets.MAVEN_CENTRAL_DEPLOYMENT_USR }} maven-psw: ${{ secrets.MAVEN_CENTRAL_DEPLOYMENT_PSW }} + maven-url: oss.sonatype.org maven-gpg-passphrase: ${{ secrets.MAVEN_CENTRAL_GPG_SIGNING_KEY_PASSPHRASE }} + maven-auto-release-after-close: true github-token: ${{ secrets.GITHUB_TOKEN }} id: release - if: github.event.release name: Attach artifacts to GitHub Release (Release only) - uses: actions/upload-release-asset@e8f9f06c4b078e705bd2ea027f0926603fc9b4d5 # pin@v1 + uses: actions/upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: upload_url: ${{ github.event.release.upload_url }} asset_path: ${{ steps.release.outputs.artifacts_archive_path }} - asset_name: ${{ steps.release.outputs.artifacts_archive_path }} - asset_content_type: application/zip \ No newline at end of file + asset_name: camunda-7-to-8-migration.zip + asset_content_type: application/zip + - name: Publish Unit Test Results + id: publish + uses: EnricoMi/publish-unit-test-result-action@v2 + if: always() + with: + files: '**/target/surefire-reports/*.xml' +