Configuring GitHub package Maven repos.

.github/workflows/build.yml

@@ -1,30 +1,44 @@
 on:
   push:
     branches:
-    - release/*
+    - release/**
     - develop
-    - feature/*
+    - feature/**
   pull_request:
     types: [opened, synchronize, reopened]
     branches:
-    - release/*
+    - release/**
     - develop
-    - feature/*
+    - feature/**
   merge_group:
   workflow_dispatch:
-name: Build and Test Development Code
+    inputs:
+      linkcheck_fail_on_error:
+        description: 'a boolean flag that determines if bad links found by the link checker fail fast and stop a complete build'
+        required: false
+        default: true
+        type: boolean
+      linkcheck_create_issue:
+        description: 'create new GitHub issue if broken links found'
+        required: false
+        default: false
+        type: boolean
+name: Build and Test
+env:
+  INPUT_FAIL_ON_ERROR: ${{ github.event.inputs.linkcheck_fail_on_error || 'true' }}
+  INPUT_ISSUE_ON_ERROR: ${{ github.event.inputs.linkcheck_create_issue || 'false' }}
+  MAVEN_VERSION: 3.9.8
+  JAVA_DISTRO: temurin
+  JAVA_VERSION_FILE: .java-version
 jobs:
-  build-artifacts:
-    name: Build Java Artifacts
-    runs-on: ubuntu-latest
+  build-code:
+    name: Code
+    runs-on: ubuntu-20.04
     permissions:
       actions: read
       contents: read
-      security-events: write
-      packages: write
-    env:
-      BUILD_SNAPSHOT: ${{ (github.event_name == 'push' || github.event_name == 'workflow_dispatch') &&
-                          (github.ref_name == 'develop' || startsWith(github.ref_name, 'release/')) }}
+#      security-events: write
+
     steps:
     - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
       with:
@@ -36,47 +50,109 @@ jobs:
     - name: Set up Maven
       uses: stCarolas/setup-maven@d6af6abeda15e98926a57b5aa970a96bb37f97d1
       with:
-        maven-version: 3.9.3
-    - id: setup-java-deploy
-      name: Set up JDK 11 (deploy)
-      if: ${{ env.BUILD_SNAPSHOT == 'true' }}
-      uses: actions/setup-java@5896cecc08fd8a1fbdfaf517e29b571164b031f7
+        maven-version: ${{ env.MAVEN_VERSION }}
+    - name: Set up JDK 11
+      uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9
       with:
-        java-version: 11
-        distribution: 'temurin'
+        java-version-file: ${{ env.JAVA_VERSION_FILE }}
+        distribution: ${{ env.JAVA_DISTRO }}
         cache: 'maven'
-    - name: Set up JDK 11 (build only)
-      if:  ${{ steps.setup-java-deploy.outcome == 'skipped' }}
-      uses: actions/setup-java@5896cecc08fd8a1fbdfaf517e29b571164b031f7
+#    - uses: s4u/maven-settings-action@7802f6aec16c9098b4798ad1f1d8ac75198194bd
+#      with:
+#        servers: |
+#          [{
+#            "id": "github",
+#            "configuration": {
+#              "username": "GITHUB_ACTOR",
+#              "password": "GITHUB_TOKEN"
+#            }
+#          }]
+#    - name: Initialize CodeQL
+#      if: github.event_name == 'push'
+#      uses: github/codeql-action/init@3ab4101902695724f9365a384f86c1074d94e18c
+#      with:
+#        languages: java
+    # -------------------------
+    # Maven Build
+    # -------------------------
+    - name: Build and Test Code
+      run: |
+        mvn -B -e -Prelease package
+#    - name: Perform CodeQL Analysis
+#      if: github.event_name == 'push'
+#      uses: github/codeql-action/analyze@3ab4101902695724f9365a384f86c1074d94e18c
+#      with:
+#        upload: ${{ github.ref_name == 'develop' && 'always' || 'never' }}
+  build-website:
+    name: Website
+    runs-on: ubuntu-20.04
+    permissions:
+      actions: read
+      contents: write
+    steps:
+    - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
       with:
-        java-version: 11
-        distribution: 'temurin'
-        cache: 'maven'
-    - name: Initialize CodeQL
-      if: github.event_name == 'push'
-      uses: github/codeql-action/init@3ab4101902695724f9365a384f86c1074d94e18c
+        submodules: recursive
+        filter: tree:0
+    # -------------------------
+    # Java Environment Setup
+    # -------------------------
+    - name: Set up Maven
+      uses: stCarolas/setup-maven@d6af6abeda15e98926a57b5aa970a96bb37f97d1
+      with:
+        maven-version: ${{ env.MAVEN_VERSION }}
+    - name: Set up JDK 11
+      uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9
       with:
-        languages: java
+        java-version-file: ${{ env.JAVA_VERSION_FILE }}
+        distribution:  ${{ env.JAVA_DISTRO }}
+        cache: 'maven'
     # -------------------------
     # Maven Build
     # -------------------------
-    - id: build-test-deploy
-      name: Build, Test and DEPLOY SNAPSHOT Code
-      if: ${{ env.BUILD_SNAPSHOT == 'true' }}
+    - name: Build and Test Website
+      run: |
+        mvn -B -e -Prelease install site site:stage -Dmaven.test.skip=true
+    - name: Zip Artifacts for Upload
       run: |
-        mvn -B -e --batch-mode -Prelease -Preporting deploy -Dmaven.deploy.skip=releases
+        zip ${{ runner.temp }}/website.zip -r target/staging
+    - name: Upload generated site
+      uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808
+      with:
+        name: website
+        path: |
+          ${{ runner.temp }}/website.zip
+        retention-days: 5
+    - id: linkchecker
+      name: Link Checker
+      uses: lycheeverse/lychee-action@2b973e86fc7b1f6b36a93795fe2c9c6ae1118621
+      with:
+        args: --verbose --no-progress --accept 200,206,429 './target/staging/**/*.html' --exclude-mail
+        format: markdown
+        output: html-link-report.md
+        debug: true
+        fail: true
       env:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-    - name: Build and Test Code
-      if: ${{ steps.build-test-deploy.outcome == 'skipped' }}
-      run: |
-        mvn -B -e -Prelease -Preporting install
-    - name: Perform CodeQL Analysis
-      if: github.event_name == 'push'
-      uses: github/codeql-action/analyze@3ab4101902695724f9365a384f86c1074d94e18c
+      continue-on-error: true
+    - name: Upload link check report
+      uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808
       with:
-        upload: ${{ (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref_name == 'develop' && 'always' || 'never' }}
-    - name: Test Website
-      run: |
-        # this needs to be run as a second build to ensure source is fully generated by the previous step
-        mvn -B -e -Prelease -Preporting install site site:stage
+        name: html-link-report
+        path: html-link-report.md
+        retention-days: 5
+    - name: Create issue if bad links detected
+      if: ${{ !cancelled() && env.lychee_exit_code != 0 && env.INPUT_ISSUE_ON_ERROR == 'true' }}
+      uses: peter-evans/create-issue-from-file@24452a72d85239eacf1468b0f1982a9f3fec4c94
+      with:
+        title: Scheduled Check of Website Content Found Bad Hyperlinks
+        content-filepath: ./lychee/out.md
+        labels: |
+          bug
+          documentation
+    - name: Fail on link check error
+      if: ${{ !cancelled() && env.lychee_exit_code != 0 && env.INPUT_FAIL_ON_ERROR == 'true' }}
+      uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea
+      with:
+        script: |
+          core.setFailed('Link checker detected broken or invalid links, read attached report.')

.github/workflows/release.yml

@@ -4,55 +4,81 @@ on:
     - "v*"
   workflow_dispatch:
 name: Deploy Tagged Release
+env:
+  MAVEN_VERSION: 3.9.8
+  JAVA_DISTRO: temurin
+  JAVA_VERSION_FILE: .java-version
+  GH_TOKEN: ${{ secrets.GH_TOKEN }}
 jobs:
   deploy-to-nexus:
-    name: Build and Publish Java Artifacts
-    runs-on: ubuntu-latest
+    name: Maven Central Deployment
+    runs-on: ubuntu-20.04
+    permissions:
+      actions: read
+      contents: read
+    steps:
+    - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
+      with:
+        submodules: recursive
+    # -------------------------
+    # Java
+    # -------------------------
+    - name: Set up Maven
+      uses: stCarolas/setup-maven@d6af6abeda15e98926a57b5aa970a96bb37f97d1
+      with:
+        maven-version: ${{ env.MAVEN_VERSION }}
+    - name: Set up JDK 11
+      uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9
+      with:
+        java-version-file: ${{ env.JAVA_VERSION_FILE }}
+        distribution: ${{ env.JAVA_DISTRO }}
+        cache: 'maven'
+    # -------------------------
+    # Maven Deploy
+    # -------------------------
+    - name: Deploy Maven Artifacts
+      run: |
+        mvn -B -e -Prelease -Pgpg -Prelease deploy
+      env:
+        MAVEN_USERNAME: ${{ secrets.OSSRH_USER }}
+        MAVEN_CENTRAL_TOKEN: ${{ secrets.OSSRH_TOKEN }}
+        MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+  deploy-website:
+    name: Website Deployment
+    runs-on: ubuntu-20.04
     permissions:
       actions: read
       contents: write
     steps:
-    - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
+    - name: Manage GH_TOKEN
+      if: env.GH_TOKEN == ''
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN  }}
+      run: echo "GH_TOKEN=${GITHUB_TOKEN}" >> $GITHUB_ENV
+    - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
       with:
-        token: ${{ github.token }}
+        token: ${{ env.GH_TOKEN }}
         submodules: recursive
     # -------------------------
     # Java
     # -------------------------
     - name: Set up Maven
       uses: stCarolas/setup-maven@d6af6abeda15e98926a57b5aa970a96bb37f97d1
       with:
-        maven-version: 3.9.3
+        maven-version: ${{ env.MAVEN_VERSION }}
     - name: Set up JDK 11
       uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9
       with:
-        java-version: 11
-        distribution: 'temurin'
+        java-version-file: ${{ env.JAVA_VERSION_FILE }}
+        distribution: ${{ env.JAVA_DISTRO }}
         cache: 'maven'
-        server-id: ossrh # Value of the distributionManagement/repository/id field of the pom.xml
-        server-username: MAVEN_USERNAME # env variable for username in deploy
-        server-password: MAVEN_CENTRAL_TOKEN # env variable for token in deploy
-        gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} # Value of the GPG private key to import
-        gpg-passphrase: MAVEN_GPG_PASSPHRASE # env variable for GPG private key passphrase
     # -------------------------
     # Maven Site
     # -------------------------
     - name: Build Website
       run: |
-          mvn -B -e -Prelease -Preporting package site site:stage
-      working-directory: ${{ env.REPO_PATH }}
+        mvn -B -e -Prelease package site site:stage
     - name: Run deploy script
       run: |
         touch target/staging/.nojekyll
         bash .github/workflows/deploy.sh --push-only -v -m "Deploying website [ci skip]"
-    # -------------------------
-    # Maven Deploy
-    # -------------------------
-    - name: Deploy Maven Artifacts
-      run: |
-        mvn -B -e -Pgpg -Prelease -Preporting deploy
-        # mvn -Pgpg -Prelease nexus-staging:close -DstagingDescription="closing to release"
-      env:
-        MAVEN_USERNAME: ${{ secrets.SONATYPE_USERNAME }}
-        MAVEN_CENTRAL_TOKEN: ${{ secrets.SONATYPE_PASSWORD }}
-        MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}

.java-version

@@ -0,0 +1 @@
+11

oss-build-support/pom.xml

@@ -3,7 +3,7 @@
 	<parent>
 		<groupId>dev.metaschema</groupId>
 		<artifactId>oss-maven</artifactId>
-		<version>1-SNAPSHOT</version>
+		<version>1</version>
 	</parent>
 
 	<artifactId>oss-build-support</artifactId>

oss-parent/pom.xml

@@ -3,7 +3,7 @@
 	<parent>
 		<groupId>dev.metaschema</groupId>
 		<artifactId>oss-maven</artifactId>
-		<version>1-SNAPSHOT</version>
+		<version>1</version>
 	</parent>
 	<artifactId>oss-parent</artifactId>
 	<packaging>pom</packaging>
@@ -38,7 +38,7 @@
 						<dependency>
 							<groupId>dev.metaschema</groupId>
 							<artifactId>oss-build-support</artifactId>
-							<version>1-SNAPSHOT</version>
+							<version>1</version>
 						</dependency>
 					</dependencies>
 				</plugin>
@@ -87,7 +87,7 @@
 						<dependency>
 							<groupId>dev.metaschema</groupId>
 							<artifactId>oss-build-support</artifactId>
-							<version>1-SNAPSHOT</version>
+							<version>1</version>
 						</dependency>
 					</dependencies>
 				</plugin>
@@ -125,7 +125,7 @@
 						<dependency>
 							<groupId>dev.metaschema</groupId>
 							<artifactId>oss-build-support</artifactId>
-							<version>1-SNAPSHOT</version>
+							<version>1</version>
 						</dependency>
 						<dependency>
 							<groupId>com.puppycrawl.tools</groupId>
@@ -199,7 +199,7 @@
 						<dependency>
 							<groupId>dev.metaschema</groupId>
 							<artifactId>oss-build-support</artifactId>
-							<version>1-SNAPSHOT</version>
+							<version>1</version>
 						</dependency>
 					</dependencies>
 				</plugin>