Skip to content

Commit

Permalink
Merge pull request #33 from secure-software-engineering/action-updates
Browse files Browse the repository at this point in the history
Action Updates
  • Loading branch information
schlichtig authored Aug 21, 2024
2 parents 79f41f5 + 4331d52 commit bdfa58a
Show file tree
Hide file tree
Showing 4 changed files with 112 additions and 47 deletions.
11 changes: 3 additions & 8 deletions .github/workflows/deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,24 +8,19 @@ jobs:
name: PathExpression deployment
steps:
- name: Checkout source code
uses: actions/checkout@v3
uses: actions/checkout@v4
# Sets up Java version
- name: Set up Java
uses: actions/setup-java@v3
uses: actions/setup-java@v4
with:
distribution: 'adopt'
java-package: 'jdk'
java-version: '11'
java-version: '8'
server-id: 'ossrh' # must match the serverId configured for the nexus-staging-maven-plugin
server-username: OSSRH_USERNAME # Env var that holds your OSSRH user name
server-password: OSSRH_PASSWORD # Env var that holds your OSSRH user pw
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} # Substituted with the value stored in the referenced secret
gpg-passphrase: SIGN_KEY_PASS # Env var that holds the key's passphrase
# Sets up Maven version
- name: Set up Maven
uses: stCarolas/[email protected]
with:
maven-version: 3.6.3
- name: Build & Deploy PathExpression
run: mvn -B -U clean deploy -Pdeployment
env:
Expand Down
44 changes: 5 additions & 39 deletions .github/workflows/maven.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,46 +8,12 @@ jobs:
BuildAndTest:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v4
- name: Set up JDK 1.8
uses: actions/setup-java@v1
uses: actions/setup-java@v4
with:
java-version: 1.8
distribution: 'adopt'
java-package: jdk
java-version: '8'
- name: Build with Maven
run: mvn -B verify --file pom.xml

Release:
name: Release
if: github.ref == 'refs/heads/master'
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
needs: [BuildAndTest]
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set up JDK 1.8
uses: actions/setup-java@v1
with:
java-version: 1.8
- name: Release
uses: qcastel/github-actions-maven-release@master
env:
JAVA_HOME: /usr/lib/jvm/java-1.8-openjdk/
with:
release-branch-name: "master"

gpg-enabled: "true"
gpg-key-id: ${{ secrets.GPG_KEY_ID }}
gpg-key: ${{ secrets.GPG_KEY }}

maven-repo-server-id: github
maven-repo-server-username: ${{ secrets.CI_USER }}
maven-repo-server-password: ${{ secrets.CI_PACKAGES_TOKEN }}

git-release-bot-name: ${{ secrets.CI_USER }}
git-release-bot-email: "[email protected]"

access-token: ${{ secrets.GITHUB_TOKEN }}
maven-args: "-DskipTests"
102 changes: 102 additions & 0 deletions .github/workflows/version.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,102 @@
name: Version handling

on:
pull_request:
types:
- closed
branches:
- master

jobs:
version-update:
# This version does not run on self-opened PRs
if: ${{ github.event.pull_request.merged == true && github.event.pull_request.user.login != 'github-actions[bot]' }}
runs-on: ubuntu-latest
steps:
- name: Checkout source code
uses: actions/checkout@v4
with:
fetch-depth: 0
# Sets up Java version
- name: Set up Java
uses: actions/setup-java@v4
with:
distribution: 'adopt'
java-package: jdk
java-version: '8'
# Semantic versioning
- name: Semantic versioning
id: versioning
uses: paulhatch/[email protected]
with:
tag_prefix: ""
# A string which, if present in a git commit, indicates that a change represents a
# major (breaking) change, supports regular expressions wrapped with '/'
major_pattern: "(MAJOR)"
# Same as above except indicating a minor change, supports regular expressions wrapped with '/'
minor_pattern: "(MINOR)"
# A string to determine the format of the version output
version_format: "${major}.${minor}.${patch}"
# Check, whether there is an existing branch "version_<version>" or an open PR "version_<version>" -> "master"
# and store the results as environment variables
- name: Check if branch and PR exist
# The second command was copied from https://stackoverflow.com/questions/73812503/github-action-stop-the-action-if-pr-already-exists
run: |
echo VERSION_BRANCH_EXISTS=$(git ls-remote --heads origin refs/heads/version_${{ steps.versioning.outputs.version }} | wc -l) >> $GITHUB_ENV
echo PR_EXISTS=$(gh pr list \
--repo "$GITHUB_REPOSITORY" \
--json baseRefName,headRefName \
--jq '
map(select(.baseRefName == "master" and .headRefName == "version_${{ steps.versioning.outputs.version }}"))
| length
') >> $GITHUB_ENV
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# If the branch "version_<version>" does not exist, create the branch and update the version in all files
- name: Create branch and update PathExpression version
if: ${{ env.VERSION_BRANCH_EXISTS == '0' }}
run: |
git config --global user.email "github-actions[bot]@users.noreply.github.com"
git config --global user.name "github-actions[bot]"
git checkout -b version_${{ steps.versioning.outputs.version }}
mvn build-helper:parse-version versions:set -DnewVersion=\${{ steps.versioning.outputs.version }} versions:commit
git ls-files | grep 'pom.xml$' | xargs git add
git commit --allow-empty -am "Update PathExpression version to ${{ steps.versioning.outputs.version }}"
git push origin version_${{ steps.versioning.outputs.version }}
# If a PR "version_<version>" -> "master" does not exist, create the PR
- name: Open pull request for version update
if: ${{ env.PR_EXISTS == '0' }}
run: |
gh pr create -B master -H version_${{ steps.versioning.outputs.version }} -t "Update PathExpression version to ${{ steps.versioning.outputs.version }}" -b "This PR was created by the version-update workflow. Please make sure to delete the branch after merging, otherwise future workflows might fail."
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

version-release:
# This job runs only on merged PRs, which were opened by the version-update job
if: ${{ github.event.pull_request.merged == true && github.event.pull_request.user.login == 'github-actions[bot]' }}
runs-on: ubuntu-latest
steps:
- name: Checkout source code
uses: actions/checkout@v4
with:
fetch-depth: 0
# Semantic versioning
- name: Semantic versioning
id: versioning
uses: paulhatch/[email protected]
with:
tag_prefix: ""
# A string which, if present in a git commit, indicates that a change represents a
# major (breaking) change, supports regular expressions wrapped with '/'
major_pattern: "(MAJOR)"
# Same as above except indicating a minor change, supports regular expressions wrapped with '/'
minor_pattern: "(MINOR)"
# A string to determine the format of the version output
version_format: "${major}.${minor}.${patch}"
# Create a tag with the newest version to prepare a release
- name: Create tag for new version
run: |
git config --global user.email "${{ github.actor }}@users.noreply.github.com"
git config --global user.name "${{ github.actor }}"
git tag -a ${{ steps.versioning.outputs.version }} -m "PathExpression version ${{ steps.versioning.outputs.version }}"
git push origin ${{ steps.versioning.outputs.version }}
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -101,6 +101,8 @@ local.properties
.settings/
.loadpath
.recommenders
.project
.classpath

# External tool builders
.externalToolBuilders/
Expand Down

0 comments on commit bdfa58a

Please sign in to comment.