Skip to content

Merge pull request #39 from levigo/feature/update_dependencies #52

Merge pull request #39 from levigo/feature/update_dependencies

Merge pull request #39 from levigo/feature/update_dependencies #52

name: Continuous Delivery
on:
push:
branches:
- master
paths-ignore:
# - '.github/**'
- '**/README.md'
env:
# This will suppress any download for dependencies and plugins or upload messages which would clutter the console log.
# `showDateTime` will show the passed time in milliseconds. You need to specify `--batch-mode` to make this work.
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
# As of Maven 3.3.0 instead of this you may define these options in `.mvn/maven.config` so the same config is used
# when running from the command line.
# `installAtEnd` and `deployAtEnd` are only effective with recent version of the corresponding plugins.
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v3
- name: Bump version and create tag
id: semanticversion
uses: mathieudutour/github-tag-action@v6.1
with:
release_branches: master
github_token: ${{ secrets.GITHUB_TOKEN }}
fetch_all_tags: true
- name: Verify and print new build number
run: |
if echo '${{ steps.semanticversion.outputs.new_tag }}' |grep -Eq '^v[0-9]+[.][0-9]+[.][0-9]+$'; then
echo Tag '${{ steps.semanticversion.outputs.new_tag }}', New version '${{ steps.semanticversion.outputs.new_version }}', Changelog '${{ steps.semanticversion.outputs.changelog }}'
else
echo 'unexpected tag format - aborting'
exit -1
fi
## Enable Caching
- name: Cache SonarCloud packages
uses: actions/cache@v3
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
## Configure JDK 11
- name: Set up JDK 11
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: '11'
cache: 'maven'
## Build with maven
- name: Prepare maven settings
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
mkdir -p ~/.m2
echo "<settings><servers><server><id>github</id><username>x-access-token</username><password>${GITHUB_TOKEN}</password></server></servers></settings>" > ~/.m2/settings.xml
- name: Set version
id: version
run: |
echo Releasing as ${{ steps.semanticversion.outputs.new_version }}
mvn $MAVEN_CLI_OPTS versions:set -DnewVersion=${{ steps.semanticversion.outputs.new_version }}
- name: Perform build and analysis
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: mvn $MAVEN_CLI_OPTS package org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
## Deploy
- name: Deploy package
env:
GPG_EXECUTABLE: gpg
GPG_SECRET_KEYS: ${{ secrets.LEVIGO_GPG_KEYS }}
GPG_OWNERTRUST: ${{ secrets.LEVIGO_GPG_OWNERTRUST }}
GPG_PASSPHRASE: ${{ secrets.LEVIGO_GPG_PASSPHRASE }}
SONATYPE_USERNAME: ${{ secrets.LEVIGO_SONATYPE_USERNAME }}
SONATYPE_PASSWORD: ${{ secrets.LEVIGO_SONATYPE_PASSWORD }}
run: |
echo "$GPG_SECRET_KEYS" | base64 --decode | $GPG_EXECUTABLE --import --no-tty --batch --yes
echo "$GPG_OWNERTRUST" | base64 --decode | $GPG_EXECUTABLE --import-ownertrust --no-tty --batch --yes
mvn $MAVEN_CLI_OPTS deploy --settings .maven.xml -Dmaven.test.skip.exec=true -U -Prelease
## Update README.md
- name: Edit README.md to contain version number
run: |
git config --local user.email "action@github.com"
git config --local user.name "GitHub Action"
git checkout master
git reset --hard HEAD
sed -ri "s,<version>.*</version>,<version>${{ steps.semanticversion.outputs.new_version }}</version>," README.md
# cut everything after 'Recognized formats' from the README.md
head -n $(( $(grep -n 'Recognized formats' README.md | cut -d ':' -f 1) + 1 )) README.md > README.md.new
mv README.md.new README.md
# extract list of mime-types from magic.xml and append to README.md
grep -Po '(?<=<mime-type>)[^<]+' src/main/resources/magic.xml | sort | uniq | xargs printf "\t%s\n" >> README.md
git add README.md
git commit -m "Edit README.md to contain correct version"
- name: Push changes
uses: ad-m/github-push-action@master
with:
branch: master
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Create release
uses: softprops/action-gh-release@v1
with:
tag_name: ${{ steps.semanticversion.outputs.new_tag }}
name: ${{ steps.semanticversion.outputs.new_version }}
## Notify Mattermost
- name: Notify Developers
uses: 8398a7/action-slack@v3
with:
username: GitHub
icon_emoji: octocat
channel: ci_js
status: ${{ job.status }}
fields: repo,message,commit,author,action,eventName,ref
text: Released new version `${{ steps.semanticversion.outputs.new_version }}` of *${{ github.repository }}* to maven central
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
# vermutlich muss man das personal access token der Action übergeben, damit diese nach mattermost
# funken darf. Alternativ wie unten einstellen, sodass bei dependabot PRs nichts passiert.
if: ${{ github.actor != 'dependabot[bot]' }}