[maven-release-plugin] prepare for next development iteration #1851
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: | |
- master | |
pull_request: | |
branches: | |
- master | |
schedule: | |
- cron: "0 0 * * 1" | |
permissions: read-all | |
jobs: | |
hotspot-ea: | |
name: HotSpot (EA) | |
runs-on: ubuntu-24.04 | |
needs: [ extended ] | |
continue-on-error: true | |
steps: | |
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 | |
- uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2 | |
with: | |
java-version: 23-ea | |
distribution: temurin | |
cache: maven | |
- name: Build project | |
run: ./mvnw verify -Pjava23 | |
continue-on-error: false | |
hotspot-supported: | |
name: Any (supported) | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ ubuntu-24.04, macos-14, windows-2022 ] | |
java: [ 8, 11, 17, 21 ] | |
runs-on: ${{ matrix.os }} | |
needs: [ extended ] | |
steps: | |
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 | |
- uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2 | |
with: | |
java-version: ${{ matrix.java }} | |
distribution: temurin | |
architecture: x64 | |
cache: maven | |
- name: Build project | |
run: ./mvnw verify -Pintegration -Pjava${{ matrix.java }} | |
j9-supported: | |
name: Any (supported) | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ ubuntu-24.04, macos-14, windows-2022 ] | |
java: [ 8, 11 ] | |
runs-on: ${{ matrix.os }} | |
needs: [ extended ] | |
steps: | |
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 | |
- uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2 | |
with: | |
java-version: ${{ matrix.java }} | |
distribution: adopt-openj9 | |
architecture: x64 | |
cache: maven | |
- name: Build project | |
run: ./mvnw verify -Pintegration -Pjava${{ matrix.java }} | |
hotspot-unsupported: | |
name: HotSpot (unsupported) | |
strategy: | |
fail-fast: false | |
matrix: | |
java: [ 9, 10, 12, 13, 14, 15, 16, 18, 19, 20, 22, 23 ] | |
runs-on: ubuntu-24.04 | |
needs: [ extended ] | |
steps: | |
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 | |
- uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2 | |
with: | |
java-version: ${{ matrix.java }} | |
distribution: zulu | |
architecture: x64 | |
cache: maven | |
- name: Build project | |
run: ./mvnw verify -Pintegration -Pjava${{ matrix.java }} | |
hotspot-32: | |
name: HotSpot (32 bit) | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ ubuntu-24.04, windows-2022 ] | |
java: [ 8 ] | |
runs-on: ${{ matrix.os }} | |
needs: [ extended ] | |
steps: | |
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 | |
- uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2 | |
with: | |
java-version: ${{ matrix.java }} | |
distribution: zulu | |
architecture: x86 | |
cache: maven | |
- name: Build project | |
run: ./mvnw verify -Pintegration -Pjava${{ matrix.java }} | |
hotspot-legacy: | |
name: HotSpot (legacy) | |
strategy: | |
fail-fast: false | |
matrix: | |
java: [ 6, 7 ] | |
runs-on: ubuntu-24.04 | |
needs: [ extended ] | |
steps: | |
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 | |
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 | |
with: | |
path: ~/.m2/repository | |
key: ${{ runner.os }}-legacy-maven-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.os }}-legacy-maven- | |
- uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2 | |
with: | |
java-version: ${{ matrix.java }} | |
distribution: zulu | |
architecture: x64 | |
- name: Build project | |
run: ./mvnw -s .mvn/nossl.settings.xml verify -Pintegration -Pjava${{ matrix.java }} | |
extended: | |
name: Extended build | |
runs-on: ubuntu-24.04 | |
if: github.event_name == 'push' | |
steps: | |
- uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # V2.8.1 | |
with: | |
egress-policy: block | |
disable-telemetry: true | |
allowed-endpoints: > | |
coveralls.io:443 | |
dl.google.com:443 | |
docs.gradle.org:443 | |
docs.oracle.com:443 | |
github.com:443 | |
javadoc.io:443 | |
jcenter.bintray.com:443 | |
objects.githubusercontent.com:443 | |
plugins-artifacts.gradle.org:443 | |
plugins.gradle.org:443 | |
raw.githubusercontent.com:443 | |
repo.gradle.org:443 | |
repo.maven.apache.org:443 | |
repository.sonatype.org:443 | |
services.gradle.org:443 | |
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 | |
- uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2 | |
with: | |
java-version: 8 | |
distribution: temurin | |
architecture: x64 | |
cache: maven | |
- name: Build project | |
run: ./mvnw jacoco:prepare-agent verify jacoco:report coveralls:report -DrepoToken=${{ secrets.coveralls }} -Pextras -Pchecks -Panalysis -Pintegration -Pmulti-release -Pchecksum-enforce | |
release: | |
name: Release new version | |
runs-on: ubuntu-24.04 | |
needs: [ extended, hotspot-ea, hotspot-supported, j9-supported, hotspot-unsupported, hotspot-32, hotspot-legacy ] | |
if: github.event_name == 'push' && startsWith(github.event.head_commit.message, '[release]') | |
permissions: | |
contents: write | |
steps: | |
- uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # V2.8.1 | |
with: | |
egress-policy: audit # servers have changed, must be adjusted after next release | |
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 | |
- uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2 | |
with: | |
java-version: 8 | |
distribution: temurin | |
architecture: x64 | |
gpg-private-key: ${{ secrets.gpg_secret }} | |
- name: Publish new version | |
run: | | |
git config user.name "${{ github.event.head_commit.committer.name }}" | |
git config user.email "${{ github.event.head_commit.committer.email }}" | |
./mvnw -B -s .mvn/release.settings.xml release:prepare release:perform -Drepository.url=https://${{ github.actor }}:${{ secrets.github_token }}@github.com/${{ github.repository }}.git -Dcentral.username=${{ secrets.central_user }} -Dcentral.password=${{ secrets.central_password }} -Dgpg.passphrase=${{ secrets.gpg_passphrase }} -Dgpg.keyname=B4AC8CDC141AF0AE468D16921DA784CCB5C46DD5 -Dgradle.key=${{ secrets.gradle_key }} -Dgradle.secret=${{ secrets.gradle_secret }} -Pchecksum-enforce |