pom/dependencies
pom/dependencies
4
0
Fork 0
Code Issues 1 Pull requests Projects Releases 15 Packages Wiki Activity Actions
dependencies/.forgejo/workflows/release.yaml

234 lines
7.6 KiB
YAML
Raw Normal View History

chore: initial Commit of project
2025-01-04 10:04:50 +01:00
---
name: release
on:
push:
branches:
- main
jobs:
release:
name: Release
runs-on: ubuntu-latest
if: ${{ !startsWith(github.event.head_commit.message, 'Release') }}
steps:
- name: Checkout
ci: improve Sonarqube pipeline
2025-01-05 17:08:27 +01:00
uses: actions/checkout@v4
chore: initial Commit of project
2025-01-04 10:04:50 +01:00
with:
fetch-depth: 0
- name: Set up Environment
run: |
apt update
apt install -y zip
mkdir -p /root/.jreleaser
touch /root/.jreleaser/config.properties
ci: add maven settings.xml
2025-01-05 17:59:25 +01:00
- name: maven-settings-xml-action
uses: https://github.com/whelk-io/maven-settings-xml-action@v22
with:
repositories: >
[
{
"id": "maven-releases",
"name": "Releases",
"url": "https://nexus.w9r.dev/repository/maven-releases",
"releases": {
"enabled": "true",
"updatePolicy": "always",
"checksumPolicy": "warn"
},
"snapshots": {
"enabled": "false",
"updatePolicy": "always",
"checksumPolicy": "fail"
}
},
{
"id": "maven-snapshots",
"name": "Snapshots",
"url": "https://nexus.w9r.dev/repository/maven-snapshots",
"releases": {
"enabled": "false",
"updatePolicy": "always",
"checksumPolicy": "warn"
},
"snapshots": {
"enabled": "true",
"updatePolicy": "always",
"checksumPolicy": "warn"
}
}
]
servers: >
[
{
"id": "maven-group",
"username": "${{ secrets.NEXUS_USERNAME }}",
"password": "${{ secrets.NEXUS_PASSWORD }}"
},
{
"id": "maven-snapshots",
"username": "${{ secrets.NEXUS_USERNAME }}",
"password": "${{ secrets.NEXUS_PASSWORD }}"
},
{
"id": "maven-releases",
"username": "${{ secrets.NEXUS_USERNAME }}",
"password": "${{ secrets.NEXUS_PASSWORD }}"
},
{
"id": "vulnz",
"username": "${{ secrets.VULNZ_USERNAME }}",
"password": "${{ secrets.VULNZ_PASSWORD }}"
}
]
mirrors: >
[
{
"id": "maven-group",
"name": "central",
"mirrorOf": "*",
"url": "https://nexus.w9r.dev/repository/maven-group/"
}
]
plugin_groups: >
[
"org.sonarsource.scanner.maven"
]
output_file: .m2/settings.xml
chore: initial Commit of project
2025-01-04 10:04:50 +01:00
- name: Determine next version
uses: https://github.com/obfu5c8/action-svu@v1
id: generate_next_version
with:
type: auto
force-increment: true
no-metadata: false
no-pre-release: false
no-build: false
strip-prefix: true
prefix: ''
suffix: ''
- name: Install syft
uses: https://github.com/anchore/sbom-action/download-syft@v0
id: install_syft
with:
syft-version: v1.18.1
- name: Set new version
run: |
NEW_VERSION=${{steps.generate_next_version.outputs.version}}
echo NEW_VERSION=$NEW_VERSION >> "$GITHUB_ENV"
echo "New version: $NEW_VERSION"
- name: Cache Java and Maven software
uses: https://github.com/actions/cache@v4
with:
path: ~/.sdkman
key: ${{ runner.os }}-sdkman
restore-keys: |
${{ runner.os }}-sdkman
env:
ACTIONS_STEP_DEBUG: true
- name: Cache local Maven repository
uses: https://github.com/actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven
restore-keys: |
${{ runner.os }}-maven
env:
ACTIONS_STEP_DEBUG: true
- name: Install Java & Maven
uses: https://github.com/sdkman/sdkman-action@main
id: sdkman
- name: Set Version
env:
MAVEN_USERNAME: ${{ secrets.NEXUS_USERNAME }}
MAVEN_CENTRAL_TOKEN: ${{ secrets.NEXUS_PASSWORD }}
MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
run: |
export GPG_TTY=$(tty)
git config user.name "${{ github.event.head_commit.committer.name }}"
git config user.email "${{ github.event.head_commit.committer.email }}"
mvn -B --file pom.xml versions:set -DnewVersion=${{ env.NEW_VERSION }}
- name: Run JReleaser (Changelog)
uses: https://w9r.dev/actions/release-action@main
with:
arguments: changelog --debug
setup-java: false
continue-on-error: true
env:
JRELEASER_OUTPUT_DIRECTORY: target
JRELEASER_PROJECT_VERSION: ${{ env.NEW_VERSION }}
JRELEASER_GITEA_TOKEN: ${{ secrets.JRELEASER_GITEA_TOKEN }}
JRELEASER_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
JRELEASER_GPG_PUBLIC_KEY: ${{ secrets.GPG_PUBLIC_KEY }}
JRELEASER_GPG_SECRET_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
- name: Commit and push changes
run: |
git config user.name "${{ github.event.head_commit.committer.name }}"
git config user.email "${{ github.event.head_commit.committer.email }}"
git add pom.xml CHANGELOG.md
git commit -a -m "Release ${{ env.NEW_VERSION }}"
git push
- name: Build package and populate staging area for deployment
run: |
mvn -B --file pom.xml package
mvn --file pom.xml -Ppublication
- name: Run JReleaser (Assemble)
uses: https://w9r.dev/actions/release-action@main
with:
arguments: assemble --debug
setup-java: false
continue-on-error: true
env:
JRELEASER_OUTPUT_DIRECTORY: target
JRELEASER_PROJECT_VERSION: ${{ env.NEW_VERSION }}
JRELEASER_GITEA_TOKEN: ${{ secrets.JRELEASER_GITEA_TOKEN }}
JRELEASER_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
JRELEASER_GPG_PUBLIC_KEY: ${{ secrets.GPG_PUBLIC_KEY }}
JRELEASER_GPG_SECRET_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
- name: Run JReleaser (Release)
uses: https://w9r.dev/actions/release-action@main
with:
arguments: release --debug
setup-java: false
env:
JRELEASER_OUTPUT_DIRECTORY: target
JRELEASER_PROJECT_VERSION: ${{ env.NEW_VERSION }}
JRELEASER_GITEA_TOKEN: ${{ secrets.JRELEASER_GITEA_TOKEN }}
JRELEASER_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
JRELEASER_GPG_PUBLIC_KEY: ${{ secrets.GPG_PUBLIC_KEY }}
JRELEASER_GPG_SECRET_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
JRELEASER_ARTIFACTORY_USERNAME: ${{ secrets.NEXUS_USERNAME }}
JRELEASER_ARTIFACTORY_TOKEN: ${{ secrets.NEXUS_PASSWORD }}
# Persist logs
- name: JReleaser release trace
if: always()
uses: https://gitea.com/actions/upload-artifact@v3
with:
name: jreleaser-trace
path: target/jreleaser/trace.log
- name: JReleaser release properties
if: always()
uses: https://gitea.com/actions/upload-artifact@v3
with:
name: jreleaser-properties
path: target/jreleaser/output.properties
Reference in a new issue Copy permalink