Merge pull request #48 from FusionAuth/releases/1.55.1 #28

Summary
Jobs
- build
- deploy
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/deploy.yaml at 959b09a

	# Run locally with act:
	#
	# act pull_request [--input command=[command]] \
	# --platform fusionauth-standard=[ecr-repo-name]/fusionauth-standard:latest] \
	# --workflows ./.github/workflows/deploy.yaml \
	# --env-file <(aws configure export-credentials --profile [aws-profile] --format env)

	name: Deploy

	on:
	push:
	branches:
	- main
	pull_request:
	branches:
	- main
	workflow_dispatch:
	inputs:
	command:
	type: choice
	options:
	- build # build only
	- publish # build & publish to maven
	- release # build & release to svn
	default: build

	permissions:
	contents: read

	jobs:
	build:
	if: \|
	github.event_name == 'pull_request' \|\|
	github.event_name == 'push' \|\|
	github.event_name == 'workflow_dispatch' && inputs.command == 'build'
	runs-on: fusionauth-standard
	steps:
	- name: checkout
	uses: actions/checkout@v4

	- name: compile
	shell: bash -l {0}
	run: sb compile

	deploy:
	if: \|
	github.event_name == 'workflow_dispatch' &&
	(inputs.command == 'release' \|\| inputs.command == 'publish')
	runs-on: fusionauth-standard
	steps:
	- name: checkout
	uses: actions/checkout@v4

	- name: set aws credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: arn:aws:iam::752443094709:role/github-actions
	role-session-name: aws-auth-action
	aws-region: us-west-2

	- name: get secret
	run: \|
	while IFS=$'\t' read -r key value; do
	echo "::add-mask::${value}"
	echo "${key}=${value}" >> $GITHUB_ENV
	done < <(aws secretsmanager get-secret-value \
	--region us-west-2 \
	--secret-id platform/maven \
	--query SecretString \
	--output text \| \
	jq -r 'to_entries[] \| [.key, .value] \| @tsv')

	- name: import gpg key
	run: \|
	export GPG_TTY=$(tty)
	echo "${{ env.PRIV_KEY_B64 }}" \| base64 -d > /tmp/key.asc
	echo "${{ env.PRIV_KEY_PASSWORD }}" \| gpg --batch --yes --passphrase-fd 0 --import /tmp/key.asc
	rm /tmp/key.asc

	# We need this to prevent 'gpg: signing failed: Timeout' error during 'sb publish'
	mkdir -p ~/.gnupg
	echo "pinentry-mode loopback" > ~/.gnupg/gpg.conf

	- name: configure maven settings.xml
	shell: bash -l {0}
	run: \|
	export KEY_NAME="FusionAuth Platform Team"
	export PASSPHRASE="${{ env.PRIV_KEY_PASSWORD }}"
	export OSSRH_USERNAME="${{ env.OSSRH_USERNAME }}"
	export OSSRH_PASSWORD="${{ env.OSSRH_PASSWORD }}"
	export BREWDIR="/usr"
	envsubst < ~/dev/inversoft/fusionauth/fusionauth-developer/setup/modules/files/maven/settings.xml > ~/.m2/settings.xml

	- name: release to svn
	if: inputs.command == 'release'
	shell: bash -l {0}
	run: sb release

	- name: publish to maven
	if: inputs.command == 'publish'
	shell: bash -l {0}
	run: \|
	export GPG_TTY=$(tty)
	sb publish

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #48 from FusionAuth/releases/1.55.1 #28

Workflow file

Merge pull request #48 from FusionAuth/releases/1.55.1 #28

Jobs

Run details

Workflow file for this run