fix #7
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: PIPELINE | |
| on: | |
| push: | |
| branches: | |
| - 'master' | |
| workflow_dispatch: | |
| jobs: | |
| bump: | |
| name: Get And Bump SemVer π | |
| runs-on: ubuntu-latest | |
| outputs: | |
| pom_version: ${{ steps.set_version.outputs.pom_version }} | |
| major_version: ${{ steps.set_version.outputs.major_version }} | |
| minor_version: ${{ steps.set_version.outputs.minor_version }} | |
| build_version: ${{ steps.set_version.outputs.build_version }} | |
| steps: | |
| - name: Checkout repo π¦ | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: '0' | |
| - name: Bump version and push tag π | |
| uses: anothrNick/github-tag-action@master | |
| id: bump_version | |
| env: | |
| GITHUB_TOKEN: ${{ github.TOKEN }} | |
| RELEASE_BRANCHES: master | |
| DEFAULT_BUMP: patch | |
| WITH_V: false | |
| - name: Extract version from tag π | |
| id: set_version | |
| env: | |
| POM_VERSION: ${{ steps.bump_version.outputs.new_tag }} | |
| run: | | |
| MAJOR_VERSION=$(echo $POM_VERSION | cut -d. -f1) | |
| MINOR_VERSION=$(echo $POM_VERSION | cut -d. -f2) | |
| BUILD_VERSION=$(echo $POM_VERSION | cut -d. -f3) | |
| echo POM:$POM_VERSION, MAJOR:$MAJOR_VERSION, MINOR:$MINOR_VERSION, BUILD:$BUILD_VERSION | |
| echo --- set output for step --- | |
| echo "pom_version=${POM_VERSION}" >> $GITHUB_ENV | |
| echo "major_version=${MAJOR_VERSION}" >> $GITHUB_ENV | |
| echo "minor_version=${MINOR_VERSION}" >> $GITHUB_ENV | |
| echo "build_version=${BUILD_VERSION}" >> $GITHUB_ENV | |
| echo --- set output for job --- | |
| echo "pom_version=${POM_VERSION}" >> $GITHUB_OUTPUT | |
| echo "major_version=${MAJOR_VERSION}" >> $GITHUB_OUTPUT | |
| echo "minor_version=${MINOR_VERSION}" >> $GITHUB_OUTPUT | |
| echo "build_version=${BUILD_VERSION}" >> $GITHUB_OUTPUT | |
| build: | |
| name: Build and publish to Maven Central π¨ | |
| runs-on: ubuntu-latest | |
| env: | |
| MAVEN_ARGS: -Dmaven.test.skip=true | |
| outputs: | |
| pom_version: ${{ needs.bump.outputs.pom_version }} | |
| major_version: ${{ needs.bump.outputs.major_version }} | |
| minor_version: ${{ needs.bump.outputs.minor_version }} | |
| build_version: ${{ needs.bump.outputs.build_version }} | |
| needs: [bump] | |
| steps: | |
| - name: Checkout repo π¦ | |
| uses: actions/checkout@v4 | |
| - name: Cache Maven packages πΎ | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.m2/repository | |
| key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: ${{ runner.os }}-maven- | |
| - name: Set up JDK 21 βοΈ | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '21' | |
| distribution: 'temurin' | |
| server-id: maven | |
| server-username: ${{ secrets.SONATYPE_USERNAME }} | |
| server-password: ${{ secrets.SONATYPE_PASSWORD }} | |
| - name: Import GPG key using gpg2 π | |
| run: | | |
| echo "${{ secrets.GPG_SECRET_KEY }}" | base64 --decode | gpg2 --batch --yes --import | |
| echo "${{ secrets.GPG_OWNERTRUST }}" | base64 --decode | gpg2 --import-ownertrust | |
| export GPG_TTY=$(tty) | |
| export GPG_EXECUTABLE=gpg2 | |
| - name: Write .m2/settings.xml πΎ | |
| run: | | |
| mkdir -p ~/.m2 | |
| cat <<EOF > ~/.m2/settings.xml | |
| <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" | |
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 https://maven.apache.org/xsd/settings-1.0.0.xsd"> | |
| <servers> | |
| <server> | |
| <id>maven</id> | |
| <username>${{ secrets.SONATYPE_USERNAME }}</username> | |
| <password>${{ secrets.SONATYPE_PASSWORD }}</password> | |
| </server> | |
| </servers> | |
| </settings> | |
| EOF | |
| - name: Update pom.xml version πΎ | |
| run: | | |
| mvn versions:set -DnewVersion=${{ needs.bump.outputs.major_version }}.${{ needs.bump.outputs.minor_version }}.${{ needs.bump.outputs.build_version }} -DgenerateBackupPoms=false | |
| - name: Build and verify with Maven π¨ | |
| run: mvn --batch-mode --update-snapshots verify $MAVEN_ARGS | |
| - name: List signed files π | |
| run: | | |
| echo "π¦ Contents of target/:" | |
| ls -lh target/ | |
| echo "" | |
| echo "π GPG signatures:" | |
| find target/ -type f -name "*.asc" -exec echo "β Found:" {} \; | |
| echo "" | |
| echo "β Missing POM signature?" && test ! -f target/*pom.asc && echo "β No POM signature found!" || echo "β POM is signed." | |
| - name: Publish to Maven Central | |
| run: mvn verify central-publishing:publish -Dgpg.passphrase=${{ secrets.GPG_PASSPHRASE }} $MAVEN_ARGS | |
| env: | |
| MAVEN_USERNAME: ${{ secrets.SONATYPE_USERNAME }} | |
| MAVEN_CENTRAL_TOKEN: ${{ secrets.SONATYPE_PASSWORD }} | |
| MAVEN_GPG_PRIVATE_KEY: ${{ secrets.GPG_SECRET_KEY }} | |
| MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
| - name: Upload build artifacts β¬οΈ | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: maven-artifacts | |
| path: target/*.jar |