generated from it-at-m/oss-repository-en-template
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* 🎉 corrected build yaml * 🎉 Added publishing workflows * 🎉 Added releasing * 🎉 Added checklist required * 🐛 Fixed POM * Added RELEASENOTES * 🐛 Fixed POM
- Loading branch information
Showing
9 changed files
with
353 additions
and
10 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,19 +1,38 @@ | ||
name: build and test | ||
name: Compliance check and build test | ||
|
||
on: [push] | ||
on: | ||
push: | ||
pull_request: | ||
types: [ opened, reopened ] | ||
|
||
jobs: | ||
compliance: | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@v4 | ||
uses: actions/checkout@v3 | ||
|
||
- name: Advance Security Policy as Code | ||
uses: advanced-security/policy-as-code@v2.7.0 | ||
uses: advanced-security/policy-as-code@v2.4.1 | ||
with: | ||
policy: it-at-m/policy-as-code | ||
policy-path: default.yaml | ||
token: ${{ secrets.GITHUB_TOKEN }} | ||
argvs: "--disable-dependabot --disable-secret-scanning --disable-code-scanning --display" | ||
|
||
build-maven: | ||
needs: compliance | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v4 | ||
|
||
- name: Set up JDK 17 | ||
uses: actions/setup-java@v3 | ||
with: | ||
java-version: "17" | ||
distribution: "temurin" | ||
cache: "maven" | ||
|
||
- name: Build with Maven | ||
run: mvn --update-snapshots -f pom.xml verify |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,70 @@ | ||
name: Build and publish to demo | ||
|
||
on: | ||
workflow_dispatch: # execute manually | ||
schedule: # it's important that the hour in the cron-job is after the hour of project_start_date in step calculate-time-passed | ||
- cron: '0 13 * * 6' # execute automatically every Saturday at 13:00, change!! day of week if needed | ||
|
||
env: | ||
SPRINT_LENGTH_IN_WEEKS: 3 | ||
|
||
jobs: | ||
build-and-docker-push: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v4 | ||
|
||
- name: Get seconds passed since project start # project_start_date needs to be changed!! if different dispatch day is preferred | ||
id: calculate-time-passed | ||
run: | # 2023-10-28 is a Saturday and is used as the base for calculating the weeks passed | ||
project_start_date=$(echo -n "2023-10-28 10:00") # it's important that the hour in this step is before the hour given in the cron-job | ||
project_start_epoch_seconds=$(date -d "$project_start_date" +%s) | ||
time_passed=$(($(date +"%s")-$project_start_epoch_seconds)) | ||
echo "::set-output name=time_passed::$time_passed" | ||
- name: Get number of weeks passed | ||
id: get-number-of-weeks | ||
run: | # 604800 is 1 week in seconds | ||
num_weeks_mod_sprint=$(((${{ steps.calculate-time-passed.outputs.time_passed }}/604800)%${{ env.SPRINT_LENGTH_IN_WEEKS }})) | ||
echo "::set-output name=num_weeks_mod_sprint::$num_weeks_mod_sprint" | ||
- name: Check if job should be run # the automatically triggered actions should only be executed at the end of a sprint | ||
if: github.event_name != 'workflow_dispatch' && steps.get-number-of-weeks.outputs.num_weeks_mod_sprint != 0 | ||
run: | # canceling the job if the conditions weren't met, https://stackoverflow.com/a/75809743 | ||
gh run cancel ${{ github.run_id }} | ||
gh run watch ${{ github.run_id }} | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Git checkout to main branch # the workflow is triggered in the default branch, which doesn't have to be MAIN | ||
uses: actions/checkout@v4 | ||
with: { ref: main } # this also serves as a safeguard for workflows triggered manually | ||
|
||
- name: Set up JDK 17 | ||
uses: actions/setup-java@v3 | ||
with: | ||
java-version: '17' | ||
distribution: 'temurin' | ||
|
||
- name: Build with Maven | ||
run: mvn --update-snapshots -f pom.xml verify | ||
|
||
- name: Set up QEMU | ||
uses: docker/setup-qemu-action@v2 | ||
|
||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v2 | ||
|
||
- name: Login to Registry | ||
uses: docker/login-action@v3 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Build and push image | ||
uses: docker/build-push-action@v4 | ||
with: | ||
context: . | ||
push: true | ||
tags: ghcr.io/it-at-m/mobidam-mobilithek-eai:demo |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
name: Build and publish to dev | ||
|
||
on: [workflow_dispatch] | ||
|
||
jobs: | ||
build-and-docker-push: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v4 | ||
- name: Set up JDK 17 | ||
uses: actions/setup-java@v3 | ||
with: | ||
java-version: '17' | ||
distribution: 'temurin' | ||
|
||
- name: Build with Maven | ||
run: mvn --update-snapshots -f pom.xml verify | ||
|
||
- name: Set up QEMU | ||
uses: docker/setup-qemu-action@v2 | ||
|
||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v2 | ||
|
||
- name: Login to Registry | ||
uses: docker/login-action@v3 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Build and push image | ||
uses: docker/build-push-action@v4 | ||
with: | ||
context: . | ||
push: true | ||
tags: ghcr.io/it-at-m/mobidam-mobilithek-eai:dev |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
name: Build and publish to prod | ||
|
||
on: | ||
workflow_dispatch: | ||
inputs: | ||
version: | ||
description: 'Which version should be deployed to production?' | ||
required: true | ||
default: '0.0.1' | ||
|
||
jobs: | ||
build: | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- name: Git checkout to specific version | ||
uses: actions/checkout@v4 | ||
with: | ||
ref: refs/tags/${{ github.event.inputs.version }} | ||
|
||
- name: Set up JDK 17 | ||
uses: actions/setup-java@v3 | ||
with: | ||
java-version: "17" | ||
distribution: "temurin" | ||
cache: "maven" | ||
|
||
- name: Build with Maven | ||
run: mvn -B verify -f pom.xml -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN | ||
|
||
- name: Set up QEMU | ||
uses: docker/setup-qemu-action@v2 | ||
|
||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v2 | ||
|
||
- name: Login to Registry | ||
uses: docker/login-action@v3 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Build and push image | ||
uses: docker/build-push-action@v4 | ||
with: | ||
context: . | ||
push: true | ||
tags: ghcr.io/it-at-m/mobidam-mobilithek-eai:prod |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
name: Build and publish to test | ||
|
||
on: | ||
push: | ||
branches: | ||
- 'sprint' | ||
|
||
jobs: | ||
build-and-docker-push: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v4 | ||
- name: Set up JDK 17 | ||
uses: actions/setup-java@v3 | ||
with: | ||
java-version: '17' | ||
distribution: 'temurin' | ||
|
||
- name: Build with Maven | ||
run: mvn --update-snapshots -f pom.xml verify | ||
|
||
- name: Set up QEMU | ||
uses: docker/setup-qemu-action@v2 | ||
|
||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v2 | ||
|
||
- name: Login to Registry | ||
uses: docker/login-action@v3 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Build and push image | ||
uses: docker/build-push-action@v4 | ||
with: | ||
context: . | ||
push: true | ||
tags: ghcr.io/it-at-m/mobidam-mobilithek-eai:test |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,108 @@ | ||
name: Build release | ||
|
||
on: [workflow_dispatch] | ||
|
||
jobs: | ||
release: | ||
name: Release to registry | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Git checkout to main branch # Releases are published on main branch | ||
uses: actions/checkout@v4 | ||
with: { ref: main } | ||
|
||
- name: Install Java and Maven | ||
uses: actions/setup-java@v3 | ||
with: | ||
java-version: "17" | ||
distribution: "temurin" | ||
cache: "maven" | ||
|
||
- name: Clean Maven Project Version | ||
id: set-version | ||
run: | | ||
current_version=$(mvn help:evaluate -f pom.xml -Dexpression=project.version -q -DforceStdout) | ||
echo "Current version: $current_version" | ||
new_version=$(echo $current_version | sed 's/-SNAPSHOT//') | ||
echo "New version: $new_version" | ||
mvn -B versions:set -f pom.xml -DnewVersion=$new_version | ||
git config --global user.email "[email protected]" | ||
git config --global user.name "GitHub Actions" | ||
git add pom.xml | ||
git commit -m "Bump main version to $new_version" | ||
git push | ||
echo "new_version=$new_version" >> $GITHUB_OUTPUT | ||
- name: Build with Maven | ||
run: mvn -B verify -f pom.xml -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN | ||
|
||
- name: Set up QEMU | ||
uses: docker/setup-qemu-action@v2 | ||
|
||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v2 | ||
|
||
- name: Login to Registry | ||
uses: docker/login-action@v3 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Build and push image | ||
uses: docker/build-push-action@v4 | ||
with: | ||
context: . | ||
push: true | ||
tags: ghcr.io/it-at-m/mobidam-mobilithek-eai:${{ steps.set-version.outputs.new_version }}, ghcr.io/it-at-m/mobidam-mobilithek-eai:demo | ||
|
||
github-release: | ||
needs: release | ||
name: Create github release | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Git checkout to main branch # Releases are published on main branch | ||
uses: actions/checkout@v4 | ||
with: { ref: main } | ||
|
||
- name: Get New Project Version | ||
id: get-version | ||
run: | | ||
current_version=$(mvn help:evaluate -f pom.xml -Dexpression=project.version -q -DforceStdout) | ||
new_version=$(echo $current_version | sed 's/-SNAPSHOT//') | ||
echo "New version: $new_version" | ||
echo "new_version=$new_version" >> $GITHUB_OUTPUT | ||
- name: Create GitHub Release | ||
id: create_release | ||
uses: actions/create-release@v1 | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
with: | ||
tag_name: ${{ steps.get-version.outputs.new_version }} | ||
release_name: Release ${{ steps.get-version.outputs.new_version }} | ||
draft: false | ||
prerelease: false | ||
|
||
increase-snapshot: | ||
needs: release | ||
name: Increase patch-number of the SNAPSHOT-Version | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Git checkout to sprint branch # Snapshots are published on sprint branch | ||
uses: actions/checkout@v4 | ||
with: { ref: sprint } | ||
|
||
- name: Set Maven Project Version | ||
id: set-version | ||
run: | | ||
current_version=$(mvn help:evaluate -f pom.xml -Dexpression=project.version -q -DforceStdout) | ||
echo "Current version: $current_version" | ||
new_version=$(echo $current_version | awk -F. -v OFS=. '{$3=$3+1; print $0"-SNAPSHOT"}') | ||
echo "New version: $new_version" | ||
mvn -B versions:set -DnewVersion=$new_version -f pom.xml | ||
git config --global user.email "[email protected]" | ||
git config --global user.name "GitHub Actions" | ||
git add pom.xml | ||
git commit -m "Bump version to $new_version" | ||
git push |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
name: Require Checklist | ||
|
||
on: | ||
pull_request: | ||
types: [opened, edited, synchronize] | ||
|
||
jobs: | ||
checklist-check: | ||
runs-on: ubuntu-latest | ||
if: ${{ github.actor != 'renovate[bot]' }} | ||
steps: | ||
- uses: mheap/require-checklist-action@v2 | ||
with: | ||
requireChecklist: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.