pom/dependencies
pom/dependencies
4
0
Fork 0
Code Issues 1 Pull requests Projects Releases 15 Packages Wiki Activity Actions

ci: enable commit signing
All checks were successful
SonarQube Scan / SonarQube Trigger (push) Successful in 1m27s
Details
release / Release (push) Successful in 1m45s
Details

Browse source
This commit is contained in:
Oliver Weyhmüller 2025-01-06 01:09:08 +01:00
parent b531186de7
commit e7099e4900
Signed by: oliver
GPG key ID: 5286794099F934A3
2 changed files with 32 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
.forgejo/workflows/release.yaml
View file

@ -23,6 +23,7 @@ jobs:
apt update
apt install -y zip
mkdir -p /root/.jreleaser
mkdir -p /root/.m2
touch /root/.jreleaser/config.properties
- name: maven-settings-xml-action
@ -97,7 +98,7 @@ jobs:
[
"org.sonarsource.scanner.maven"
]
output_file: .m2/settings.xml
output_file: /root/.m2/settings.xml
- name: Determine next version
uses: https://github.com/obfu5c8/action-svu@v1
@ -128,9 +129,9 @@ jobs:
uses: https://github.com/actions/cache@v4
with:
path: ~/.sdkman
key: ${{ runner.os }}-sdkman
key: ${{ runner.os }}-sdkman-${{ hashFiles('**/.sdkmanrc') }}
restore-keys: |
${{ runner.os }}-sdkman
${{ runner.os }}-sdkman-
env:
ACTIONS_STEP_DEBUG: true
@ -138,9 +139,9 @@ jobs:
uses: https://github.com/actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven
${{ runner.os }}-maven-
env:
ACTIONS_STEP_DEBUG: true
@ -155,8 +156,6 @@ jobs:
MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
run: |
export GPG_TTY=$(tty)
git config user.name "${{ github.event.head_commit.committer.name }}"
git config user.email "${{ github.event.head_commit.committer.email }}"
mvn -B --file pom.xml versions:set -DnewVersion=${{ env.NEW_VERSION }}
- name: Run JReleaser (Changelog)
@ -173,13 +172,30 @@ jobs:
JRELEASER_GPG_PUBLIC_KEY: ${{ secrets.GPG_PUBLIC_KEY }}
JRELEASER_GPG_SECRET_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
- name: Import GPG key
id: import-gpg
uses: https://github.com/crazy-max/ghaction-import-gpg@v6
with:
gpg_private_key: ${{ secrets.RELEASEBOT_PRIVATE_KEY }}
passphrase: ${{ secrets.RELEASEBOT_PASSPHRASE }}
git_user_signingkey: true
git_commit_gpgsign: true
- name: GPG user IDs
run: |
echo "fingerprint: ${{ steps.import-gpg.outputs.fingerprint }}"
echo "keyid: ${{ steps.import-gpg.outputs.keyid }}"
echo "name: ${{ steps.import-gpg.outputs.name }}"
echo "email: ${{ steps.import-gpg.outputs.email }}"
- name: Commit and push changes
run: |
git config user.name "${{ github.event.head_commit.committer.name }}"
git config user.email "${{ github.event.head_commit.committer.email }}"
git config --global user.email "${{ steps.import-gpg.outputs.email }}"
git config --global user.name "${{ steps.import-gpg.outputs.name }}"
git add pom.xml CHANGELOG.md
git commit -a -m "Release ${{ env.NEW_VERSION }}"
git commit -S -m "Release ${{ env.NEW_VERSION }}"
git push
- name: Build package and populate staging area for deployment
run: |
mvn -B --file pom.xml package

11
.forgejo/workflows/sonarqube.yaml
View file

@ -21,6 +21,7 @@ jobs:
apt update
apt install -y zip
mkdir -p /root/.jreleaser
mkdir -p /root/.m2
touch /root/.jreleaser/config.properties
- name: Install syft
@ -101,15 +102,15 @@ jobs:
[
"org.sonarsource.scanner.maven"
]
output_file: .m2/settings.xml
output_file: /root/.m2/settings.xml
- name: Cache Java and Maven software
uses: https://github.com/actions/cache@v4
with:
path: ~/.sdkman
key: ${{ runner.os }}-sdkman
key: ${{ runner.os }}-sdkman-${{ hashFiles('**/.sdkmanrc') }}
restore-keys: |
${{ runner.os }}-sdkman
${{ runner.os }}-sdkman-
env:
ACTIONS_STEP_DEBUG: true
@ -124,9 +125,9 @@ jobs:
uses: https://github.com/actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven
${{ runner.os }}-maven-
env:
ACTIONS_STEP_DEBUG: true