fix #12
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: PIPELINE | |
| on: | |
| push: | |
| branches: | |
| - 'master' | |
| workflow_dispatch: | |
| jobs: | |
| bump: | |
| name: Get And Bump SemVer π | |
| runs-on: ubuntu-latest | |
| outputs: | |
| pom_version: ${{ steps.set_version.outputs.pom_version }} | |
| major_version: ${{ steps.set_version.outputs.major_version }} | |
| minor_version: ${{ steps.set_version.outputs.minor_version }} | |
| build_version: ${{ steps.set_version.outputs.build_version }} | |
| steps: | |
| - name: Checkout repo π¦ | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: '0' | |
| - name: Bump version and push tag π | |
| uses: anothrNick/github-tag-action@master | |
| id: bump_version | |
| env: | |
| GITHUB_TOKEN: ${{ github.TOKEN }} | |
| RELEASE_BRANCHES: master | |
| DEFAULT_BUMP: patch | |
| WITH_V: false | |
| - name: Extract version from tag π | |
| id: set_version | |
| env: | |
| POM_VERSION: ${{ steps.bump_version.outputs.new_tag }} | |
| run: | | |
| MAJOR_VERSION=$(echo $POM_VERSION | cut -d. -f1) | |
| MINOR_VERSION=$(echo $POM_VERSION | cut -d. -f2) | |
| BUILD_VERSION=$(echo $POM_VERSION | cut -d. -f3) | |
| echo POM:$POM_VERSION, MAJOR:$MAJOR_VERSION, MINOR:$MINOR_VERSION, BUILD:$BUILD_VERSION | |
| echo --- set output for step --- | |
| echo "pom_version=${POM_VERSION}" >> $GITHUB_ENV | |
| echo "major_version=${MAJOR_VERSION}" >> $GITHUB_ENV | |
| echo "minor_version=${MINOR_VERSION}" >> $GITHUB_ENV | |
| echo "build_version=${BUILD_VERSION}" >> $GITHUB_ENV | |
| echo --- set output for job --- | |
| echo "pom_version=${POM_VERSION}" >> $GITHUB_OUTPUT | |
| echo "major_version=${MAJOR_VERSION}" >> $GITHUB_OUTPUT | |
| echo "minor_version=${MINOR_VERSION}" >> $GITHUB_OUTPUT | |
| echo "build_version=${BUILD_VERSION}" >> $GITHUB_OUTPUT | |
| build: | |
| name: Build and publish to Maven Central π¨ | |
| runs-on: ubuntu-latest | |
| env: | |
| MAVEN_ARGS: -Dmaven.test.skip=true | |
| outputs: | |
| pom_version: ${{ needs.bump.outputs.pom_version }} | |
| major_version: ${{ needs.bump.outputs.major_version }} | |
| minor_version: ${{ needs.bump.outputs.minor_version }} | |
| build_version: ${{ needs.bump.outputs.build_version }} | |
| needs: [bump] | |
| steps: | |
| - name: Checkout repo π¦ | |
| uses: actions/checkout@v4 | |
| - name: Cache Maven packages πΎ | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.m2/repository | |
| key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: ${{ runner.os }}-maven- | |
| - name: Set up JDK 21 βοΈ | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '21' | |
| distribution: 'temurin' | |
| server-id: maven | |
| server-username: ${{ secrets.SONATYPE_USERNAME }} | |
| server-password: ${{ secrets.SONATYPE_PASSWORD }} | |
| - name: Set up GPG for CI | |
| run: | | |
| echo "use-agent" >> ~/.gnupg/gpg.conf | |
| echo "pinentry-mode loopback" >> ~/.gnupg/gpg.conf | |
| echo "allow-loopback-pinentry" >> ~/.gnupg/gpg-agent.conf | |
| - name: Import GPG key using gpg2 π | |
| run: | | |
| echo "${{ secrets.GPG_SECRET_KEY }}" | base64 --decode | gpg2 --batch --yes --import | |
| echo "${{ secrets.GPG_OWNERTRUST }}" | base64 --decode | gpg2 --import-ownertrust | |
| export GPG_TTY=$(tty) | |
| export GPG_EXECUTABLE=gpg2 | |
| - name: Write .m2/settings.xml πΎ | |
| run: | | |
| mkdir -p ~/.m2 | |
| cat <<EOF > ~/.m2/settings.xml | |
| <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" | |
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 https://maven.apache.org/xsd/settings-1.0.0.xsd"> | |
| <servers> | |
| <server> | |
| <id>maven</id> | |
| <username>${{ secrets.SONATYPE_USERNAME }}</username> | |
| <password>${{ secrets.SONATYPE_PASSWORD }}</password> | |
| </server> | |
| </servers> | |
| </settings> | |
| EOF | |
| - name: Update pom.xml version πΎ | |
| run: | | |
| mvn versions:set -DnewVersion=${{ needs.bump.outputs.major_version }}.${{ needs.bump.outputs.minor_version }}.${{ needs.bump.outputs.build_version }} -DgenerateBackupPoms=false | |
| - name: Build and install with Maven π¨ | |
| run: mvn clean deploy --batch-mode --update-snapshots -DreleaseSonatype=true $MAVEN_ARGS | |
| - name: List signed files π | |
| run: | | |
| echo "π¦ Contents of target/:" | |
| ls -lh target/ | |
| echo "" | |
| echo "π GPG signatures:" | |
| find target/ -type f -name "*.asc" -exec echo "β Found:" {} \; | |
| echo "" | |
| echo "β Missing POM signature?" && test ! -f target/*pom.asc && echo "β No POM signature found!" || echo "β POM is signed." | |
| - name: Publish to Maven Central | |
| run: mvn central-publishing:publish $MAVEN_ARGS | |
| env: | |
| MAVEN_USERNAME: ${{ secrets.SONATYPE_USERNAME }} | |
| MAVEN_CENTRAL_TOKEN: ${{ secrets.SONATYPE_PASSWORD }} | |
| MAVEN_GPG_PRIVATE_KEY: ${{ secrets.GPG_SECRET_KEY }} | |
| MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
| - name: Upload build artifacts β¬οΈ | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: maven-artifacts | |
| path: target/*.jar |