-
Notifications
You must be signed in to change notification settings - Fork 0
110 lines (104 loc) · 3.71 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
name: build
on:
push:
branches: [ "**" ]
pull_request:
branches: [ main ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up Maven Repository
uses: actions/setup-java@v1
with:
java-version: 11
server-id: ossrh
server-username: MAVEN_USERNAME
server-password: MAVEN_PASSWORD
- name: Build & Scan
env:
MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
embold.host.url: https://tester.emboldci.dev
embold.user.token: ${{ secrets.EMBOLD_OSS_SCAN_TOKEN }}
run: mvn --batch-mode clean deploy io.embold.scan:embold-maven-plugin:embold -Dembold.host.url=https://tester.emboldci.dev -Dembold.user.token=${{ secrets.EMBOLD_OSS_SCAN_TOKEN }} --file pom.xml
release:
runs-on: ubuntu-latest
needs: build
if: github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout@v2
- name: Set up Maven Repository
uses: actions/setup-java@v1
with:
java-version: 11
- name: maven-settings-xml-action
uses: whelk-io/maven-settings-xml-action@v11
with:
servers: '
[
{
"id": "github",
"username": "${env.GITHUB_USER}",
"password": "${env.GITHUB_TOKEN}"
},
{
"id": "ossrh",
"username": "${env.MAVEN_USERNAME}",
"password": "${env.MAVEN_PASSWORD}"
}
]'
profiles: '
[
{
"id": "ossrh",
"activation": {
"activeByDefault": "true"
},
"properties": {
"gpg.passphrase": "${env.GPG_SECRET_KEY_PASSWORD}"
}
}
]'
- name: Install gpg secret key
run: |
cat <(echo -e "${{ secrets.GPG_SECRET_KEY }}") | gpg --batch --import
- name: Configure Git
run: |
git config --global committer.email "[email protected]"
git config --global author.name "${GITHUB_ACTOR}"
git config --global author.email "${GITHUB_ACTOR}@users.noreply.github.com"
git config user.email "[email protected]"
git config user.name "GitHub Actions"
- name: Prepare release
env:
GITHUB_USER: 'github-actions'
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GPG_SECRET_KEY_PASSWORD: ${{ secrets.GPG_SECRET_KEY_PASSWORD }}
embold.host.url: https://tester.emboldci.dev
embold.user.token: ${{ secrets.EMBOLD_OSS_SCAN_TOKEN }}
run: |
mvn \
--no-transfer-progress \
--batch-mode \
-Dgpg.passphrase=${{ secrets.GPG_SECRET_KEY_PASSWORD }} \
release:prepare -Prelease
- name: Push release
env:
GITHUB_USER: 'github-actions'
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
GPG_SECRET_KEY_PASSWORD: ${{ secrets.GPG_SECRET_KEY_PASSWORD }}
embold.host.url: https://tester.emboldci.dev
embold.user.token: ${{ secrets.EMBOLD_OSS_SCAN_TOKEN }}
run: |
mvn \
--no-transfer-progress \
--batch-mode \
-Dgpg.passphrase=${{ secrets.GPG_SECRET_KEY_PASSWORD }} \
release:perform -Prelease
- name: Rollback if failure
if: ${{ failure() }}
run: mvn --batch-mode release:rollback