-
Notifications
You must be signed in to change notification settings - Fork 0
147 lines (139 loc) · 4.29 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
name: Release
on:
push:
tags:
- "v*"
branches-ignore:
- "**"
env:
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version"
jobs:
continuous-integration:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup JDK 21
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '21'
cache: 'maven'
- name: Set up Maven
uses: stCarolas/setup-maven@v5
with:
maven-version: 3.9.6
- name: Test
run: mvn $MAVEN_CLI_OPTS test
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Build library
run: mvn $MAVEN_CLI_OPTS clean package -DskipTests
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Build CLI
run: mvn $MAVEN_CLI_OPTS clean package -Pcli -DskipTests
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload job artifacts
uses: actions/upload-artifact@v4
with:
name: artifact
path: target/*.jar
if-no-files-found: error
retention-days: 5
deploy-package:
runs-on: ubuntu-latest
needs: continuous-integration
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup JDK 21
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '21'
cache: 'maven'
- name: Set up Maven
uses: stCarolas/setup-maven@v5
with:
maven-version: 3.9.6
- name: Deploy to GitHub packages
run: mvn $MAVEN_CLI_OPTS clean deploy -Dmaven.test.skip=true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
deploy-docker:
runs-on: ubuntu-latest
needs: continuous-integration
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: artifact
path: docker/target
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
#- name: Login to DockerHub container registry
# uses: docker/login-action@v3
# with:
# username: ${{ secrets.DOCKERHUB_USERNAME }}
# password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
ghcr.io/keeps/commons-ip-cits-erms
# keeps/roda
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
flavor: |
latest=false
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build
uses: docker/build-push-action@v6
with:
context: docker
push: true
tags: |
ghcr.io/keeps/commons-ip-cits-erms
# keeps/commons-ip-cits-erms
sbom: true
provenance: mode=max
release:
runs-on: ubuntu-latest
needs: [deploy-package, deploy-docker]
steps:
- name: Get release version
run: echo "release_version=${GITHUB_REF/refs\/tags\/v/}" >> $GITHUB_ENV
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: artifact
path: target
- name: Upload artifact to release
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: target/commons-ip-cits-erms-cli-${{ env.release_version }}.jar
asset_name: commons-ip-cits-erms-cli-${{ env.release_version }}.jar
tag: ${{ github.ref }}
release_name: ${{ github.ref_name }}
draft: true
body: |
#### New features
#### Enhancements
#### Bug fixes
#### Security
- Several dependency major upgrades to fix security vulnerabilities