feat: use new actions-lib for ci #296
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ci | |
| on: | |
| push: | |
| branches: | |
| - "**" | |
| defaults: | |
| run: | |
| # NOTE: A bit stricter than the default bash options used by GitHub Actions | |
| # (bash --noprofile --norc -e -o pipefail {0}) | |
| shell: bash --noprofile --norc -euo pipefail {0} | |
| # NOTE: Set concurrency for the current workflow to 1 | |
| concurrency: ci-${{ github.ref }}-${{ github.workflow }} | |
| jobs: | |
| build-and-release: | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| contents: write | |
| packages: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-java@v4 | |
| with: | |
| distribution: "zulu" | |
| java-version: "11.0.22" | |
| java-package: "jdk" | |
| - uses: capralifecycle/actions-lib/check-runtime-dependencies@v1 | |
| - name: cache mvn | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.m2/repository | |
| key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-maven- | |
| - name: release preparation | |
| id: prep | |
| run: | | |
| git config --global user.name "github-actions[bot]" | |
| git config --global user.email "github-actions[bot]@users.noreply.github.com" | |
| major_version="$(sed -n "s/^.*<major-version>\([0-9]\{1,\}\)<\/major-version>.*$/\1/p" pom.xml)" | |
| echo "$major_version" | grep -q "^[0-9]\{1,\}$" || { | |
| echo "ERROR: Failed to extract <major-version> from pom.xml" | |
| exit 1 | |
| } | |
| echo "major-version=$major_version" >> "$GITHUB_OUTPUT" | |
| - uses: capralifecycle/actions-lib/generate-tag@v1 | |
| id: tag | |
| with: | |
| tag-prefix: "${{ steps.prep.outputs.major-version }}" | |
| tag-type: "punctuated-timestamp-tag" | |
| - name: resolve dependencies | |
| env: | |
| # NOTE: Use the following token if your project does not depend on private packages: | |
| # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # NOTE: Use the following token if your project depends on private packages: | |
| GITHUB_TOKEN: ${{ secrets.SHARED_GITHUB_PACKAGES_TOKEN }} | |
| run: mvn -B dependency:resolve | |
| - name: conditional release | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ secrets.SHARED_SONAR_TOKEN }} | |
| CONDITIONAL_RELEASE: ${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} | |
| TAG: "${{ steps.tag.outputs.tag }}" | |
| run: | | |
| if [ "$CONDITIONAL_RELEASE" = "true" ]; then | |
| echo "Releasing library with tag '$TAG'" | |
| mvn -B source:jar deploy scm:tag -Drevision="$TAG" -Dtag="$TAG" \ | |
| org.apache.maven.plugins:maven-enforcer-plugin:3.0.0-M3:enforce -Drules=requireReleaseDeps | |
| else | |
| mvn -B -U verify | |
| fi |