Bump actions/checkout from 2 to 3.1.0 #242
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build-vpnmanager | |
on: | |
push: | |
branches: [ main ] | |
tags: [ 'v*' ] | |
paths-ignore: | |
- '.github/ISSUE_TEMPLATE/**' | |
- '.github/*.yml' | |
- '.github/workflows/build-release-vpnc.yml' | |
- '.github/workflows/build-release-vpnc-deployer.yml' | |
- '.github/workflows/build-release-vpnddns.yml' | |
- '*.md' | |
- 'cli/**' | |
pull_request: | |
types: [ opened, synchronize, reopened, closed ] | |
branches: [ main ] | |
paths-ignore: | |
- '.github/ISSUE_TEMPLATE/**' | |
- '.github/*.yml' | |
- '.github/workflows/build-release-vpnc.yml' | |
- '.github/workflows/build-release-vpnc-deployer.yml' | |
- '.github/workflows/build-release-vpnddns.yml' | |
- '*.md' | |
- 'cli/**' | |
env: | |
APP_CODE: vpnmanager | |
APP_IMAGE: playio-vpnmanager | |
DOCKER_USERNAME: beeio | |
DOCKER_IMAGE: playio/vpnmanager | |
GHCR_IMAGE: ghcr.io/play-iot/vpnmanager | |
TAG_PREFIX: vpnmanager/v | |
BRAND_VERSION: v2 | |
BRAND_REPO: play-iot/brand | |
ENABLE_TEST: true | |
ENABLE_GH_MAVEN: false | |
jobs: | |
context: | |
runs-on: ubuntu-latest | |
outputs: | |
branch: ${{ steps.context.outputs.branch }} | |
shouldBuild: ${{ steps.context.outputs.decision_build }} | |
shouldPublish: ${{ steps.context.outputs.decision_publish }} | |
isRelease: ${{ steps.context.outputs.isTag }} | |
version: ${{ steps.context.outputs.version }} | |
semanticVersion: ${{ steps.semantic.outputs.semanticVersion }} | |
steps: | |
- uses: actions/[email protected] | |
with: | |
token: ${{ secrets.BEEIO_CI_TOKEN }} | |
- name: Import GPG key | |
uses: crazy-max/ghaction-import-gpg@v3 | |
with: | |
git-user-signingkey: true | |
git-commit-gpgsign: true | |
git-tag-gpgsign: true | |
git-push-gpgsign: false | |
gpg-private-key: ${{ secrets.OSS_GPG_PRIVATE_KEY }} | |
passphrase: ${{ secrets.OSS_GPG_PASSPHARSE }} | |
- name: Project context | |
id: context | |
uses: zero88/[email protected] | |
with: | |
mustSign: true | |
nextVerMode: PATCH | |
tagPrefix: ${{ env.TAG_PREFIX }} | |
releaseBranchPrefix: release/${{ env.APP_CODE }}/ | |
mergedReleaseMsgRegex: "^Merge pull request #[0-9]+ from .+/release/${{ env.APP_CODE }}/.+$" | |
- name: Find semantic version | |
id: semantic | |
shell: bash | |
run: | | |
[[ "${{ steps.context.outputs.isTag }}" == "true" ]] && sv="" || sv=$(grep semanticVersion gradle.properties | cut -d'=' -f2) | |
build: | |
runs-on: ubuntu-latest | |
needs: context | |
if: needs.context.outputs.shouldBuild == 'true' | |
steps: | |
- uses: actions/[email protected] | |
- name: Import GPG key | |
id: import_gpg | |
uses: crazy-max/ghaction-import-gpg@v3 | |
if: needs.context.outputs.shouldPublish == 'true' | |
with: | |
git-user-signingkey: true | |
gpg-private-key: ${{ secrets.OSS_GPG_PRIVATE_KEY }} | |
passphrase: ${{ secrets.OSS_GPG_PASSPHARSE }} | |
- name: Set up JDK 1.8 | |
uses: actions/setup-java@v1 | |
with: | |
java-version: 1.8 | |
- name: Cache Gradle packages | |
uses: actions/[email protected] | |
with: | |
path: ~/.gradle/caches | |
key: ${{ runner.os }}-gradle-build-${{ hashFiles('**/*.gradle.kts') }} | |
restore-keys: ${{ runner.os }}-gradle-build | |
- name: Build | |
run: | | |
./gradlew clean build -x test \ | |
-Pversion=${{ needs.context.outputs.version }} \ | |
-PsemanticVersion=${{needs.context.outputs.semanticVersion }} \ | |
-PbuildBy="GitHub Action" -PbuildHash=${{ github.sha }} | |
- name: Publish GitHub Package | |
if: needs.context.outputs.isRelease == 'true' && env.ENABLE_GH_MAVEN == 'true' | |
run: | | |
args=( -Psigning.gnupg.homeDir=/home/runner/.gnupg \ | |
-Psigning.gnupg.keyName=${{ steps.import_gpg.outputs.keyid }} \ | |
-Psigning.gnupg.passphrase=${{ secrets.OSS_GPG_PASSPHARSE }} \ | |
-Pnexus.username=${{ github.repository_owner }} \ | |
-Pnexus.password=${{ secrets.OSS_GITHUB_TOKEN }} ) | |
args+=( -Pgithub ) | |
[[ "${{ needs.context.outputs.isRelease }}" == 'true' ]] && args+=( -Prelease ) | |
./gradlew publish "${args[@]}" | |
- name: Publish Sonatype OSSRH | |
if: needs.context.outputs.shouldPublish == 'true' | |
run: | | |
args=( -Psigning.gnupg.homeDir=/home/runner/.gnupg \ | |
-Psigning.gnupg.keyName=${{ steps.import_gpg.outputs.keyid }} \ | |
-Psigning.gnupg.passphrase=${{ secrets.OSS_GPG_PASSPHARSE }} \ | |
-Pnexus.username=${{ secrets.OSS_NEXUS_USER }} \ | |
-Pnexus.password=${{ secrets.OSS_NEXUS_TOKEN }} ) | |
[[ "${{ needs.context.outputs.isRelease }}" == 'true' ]] && args+=( -Prelease ) | |
./gradlew publish "${args[@]}" | |
analysis: | |
runs-on: ubuntu-latest | |
needs: context | |
if: needs.context.outputs.shouldBuild == 'true' | |
steps: | |
- uses: actions/[email protected] | |
with: | |
fetch-depth: 0 | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v1 | |
with: | |
java-version: 11 | |
- name: Cache SonarCloud packages | |
uses: actions/[email protected] | |
with: | |
path: ~/.sonar/cache | |
key: ${{ runner.os }}-sonar | |
restore-keys: ${{ runner.os }}-sonar | |
- name: Cache Gradle packages | |
uses: actions/[email protected] | |
with: | |
path: ~/.gradle/caches | |
key: ${{ runner.os }}-gradle-test-${{ hashFiles('**/*.gradle.kts') }} | |
restore-keys: ${{ runner.os }}-gradle-test | |
- name: Test | |
if: env.ENABLE_TEST == 'true' | |
run: ./gradlew jacocoRootReport | |
- name: SonarQube | |
run: ./gradlew sonarqube -x jacocoRootReport -Dsonar.login=${{ secrets.OSS_SONARQUBE_TOKEN }} -Dsonar.branch.name=${{ needs.context.outputs.branch }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
release: | |
runs-on: ubuntu-latest | |
needs: [ build, context ] | |
if: needs.context.outputs.isRelease == 'true' | |
steps: | |
- name: Create GitHub Release | |
uses: actions/create-release@v1 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
tag_name: ${{ needs.context.outputs.branch }} | |
release_name: Release ${{ needs.context.outputs.branch }} | |
draft: false | |
prerelease: false | |
promote: | |
name: Promote Sonatype OSSRH | |
runs-on: ubuntu-latest | |
needs: [ build, context ] | |
if: needs.context.outputs.isRelease == 'true' | |
steps: | |
- uses: actions/[email protected] | |
- run: | | |
./gradlew closeAndReleaseRepository \ | |
-Pnexus.username=${{ secrets.OSS_NEXUS_USER }} \ | |
-Pnexus.password=${{ secrets.OSS_NEXUS_TOKEN }} || echo 'Need to promote manually' |