Skip to content

Commit

Permalink
Add GHA build
Browse files Browse the repository at this point in the history
  • Loading branch information
@kwin
kwin committed Sep 27, 2024
1 parent eca25a3 commit b643fe0
Show file tree
Hide file tree
Showing 3 changed files with 220 additions and 4 deletions.
81 changes: 81 additions & 0 deletions .github/workflows/maven.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
name: maven-cicd

on:
# for regular master build (after the merge)
push:
branches:
- main
pull_request:
branches:
- main
types: [opened, synchronize, reopened]

jobs:
build:
strategy:
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
jdk: [11, 17, 21]
include:
# lengthy build steps should only be performed on linux with Java 17 (Sonarcloud analysis, deployment)
- os: ubuntu-latest
jdk: 17
isMainBuildEnv: true
namePrefix: 'Main '
fail-fast: false

name: ${{ matrix.namePrefix }} Maven build (${{ matrix.os }}, JDK ${{ matrix.jdk }})
runs-on: ${{ matrix.os }}

steps:
- name: Checkout
uses: actions/checkout@v4
# always act on the modified source code (even for event pull_request_target)
# is considered potentially unsafe (https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) but actions are only executed after approval from committers
with:
ref: ${{ github.event.pull_request.head.sha }}
# no additional git operations after checkout triggered in workflow, no need to store credentials
persist-credentials: false

- name: Set up JDK
uses: actions/setup-java@v4
with:
cache: 'maven'
distribution: 'temurin'
java-version: ${{ matrix.jdk }}
# generate settings.xml with the correct values
server-id: ossrh # Value of the distributionManagement/repository/id field of the pom.xml
server-username: MAVEN_USERNAME # env variable for username in deploy
server-password: MAVEN_PASSWORD # env variable for token in deploy

# sets environment variables to be used in subsequent steps: https://docs.github.com/en/actions/reference/workflow-commands-for-github-actions#setting-an-environment-variable
- name: Set environment variables
shell: bash
run: |
if [ "${{ matrix.isMainBuildEnv }}" = "true" ]; then
echo "MVN_ADDITIONAL_OPTS=-Dsonar.projectKey=Netcentric_aem-crypto-support -Dsonar.organization=netcentric -Dsonar.host.url=https://sonarcloud.io -Pjacoco-report" >> $GITHUB_ENV
if [ "${{github.ref}}" = "refs/heads/main" ] && [ "${{github.event_name}}" = "push" ]; then
echo "MAVEN_USERNAME=${{ secrets.OSSRH_TOKEN_USER }}" >> $GITHUB_ENV
echo "MAVEN_PASSWORD=${{ secrets.OSSRH_TOKEN_PASSWORD }}" >> $GITHUB_ENV
echo "MVN_GOAL=clean deploy org.sonarsource.scanner.maven:sonar-maven-plugin:sonar" >> $GITHUB_ENV
echo "STEP_NAME_SUFFIX=(Deploys to OSSRH)" >> $GITHUB_ENV
else
echo "MVN_GOAL=clean verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar" >> $GITHUB_ENV
fi
else
echo "MVN_ADDITIONAL_OPTS=" >> $GITHUB_ENV
echo "MVN_GOAL=clean verify" >> $GITHUB_ENV
fi
- name: ${{ matrix.namePrefix }} Build with Maven ${{ env.STEP_NAME_SUFFIX }}
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: mvn -e -B -V ${{ env.MVN_GOAL }} ${{ env.MVN_ADDITIONAL_OPTS }}

- name: Publish Test Report
if: ${{ always() }} # make sure to run even if previous Maven execution failed (due to failed test)
uses: EnricoMi/publish-unit-test-result-action/composite@v2
with:
files: |
target/invoker-reports/TEST-*.xml
check_name: Test report (${{ matrix.os }}, JDK ${{ matrix.jdk }})
141 changes: 138 additions & 3 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,10 +58,10 @@
</dependencyManagement>

<dependencies>
<!-- latest version available from Maven Central -->
<dependency>
<groupId>com.adobe.granite</groupId>
<artifactId>com.adobe.granite.crypto</artifactId>
<!-- latest version available from Maven Central -->
<version>3.0.2</version>
</dependency>
<dependency>
Expand Down Expand Up @@ -106,6 +106,19 @@
<version>${version.slf4j}</version>
</dependency>
</dependencies>

<repositories>
<repository>
<releases>
<enabled>false</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
<id>asf-nexus-snapshots</id>
<url>https://repository.apache.org/content/repositories/snapshots/</url>
</repository>
</repositories>
<build>
<pluginManagement>
<plugins>
Expand Down Expand Up @@ -172,12 +185,12 @@
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
<version>1.6.8</version>
<version>1.7.0</version>
</plugin>
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<version>0.8.11</version>
<version>0.8.12</version>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
Expand Down Expand Up @@ -316,4 +329,126 @@
</plugin>
</plugins>
</build>
<profiles>
<profile>
<id>jacoco-report</id>
<build>
<plugins>
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<executions>
<execution>
<id>prepare-agent</id>
<goals>
<goal>prepare-agent</goal>
</goals>
<configuration>
<propertyName>jacoco.command.unit</propertyName>
<destFile>${project.build.directory}/jacoco-unit.exec</destFile>
</configuration>
</execution>
<execution>
<id>prepare-agent-integration</id>
<goals>
<goal>prepare-agent-integration</goal>
</goals>
<configuration>
<propertyName>jacoco.command.it</propertyName>
</configuration>
</execution>
<execution>
<id>merge-unit-and-it</id>
<goals>
<goal>merge</goal>
</goals>
<phase>post-integration-test</phase>
<configuration>
<fileSets>
<fileSet>
<directory>${project.build.directory}</directory>
<includes>
<include>jacoco-unit.exec</include>
<include>jacoco-it.exec</include>
</includes>
</fileSet>
</fileSets>
</configuration>
</execution>
<execution>
<id>report-merged</id>
<goals>
<goal>report</goal>
</goals>
<phase>verify</phase>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<configuration>
<argLine>${jacoco.command.unit}</argLine>
</configuration>
</plugin>
<plugin>
<artifactId>maven-invoker-plugin</artifactId>
<configuration>
<mavenOpts>${jacoco.command.it}</mavenOpts>
</configuration>
</plugin>
</plugins>
</build>
</profile>
<profile>
<id>release</id>
<activation>
<property>
<name>performRelease</name>
</property>
</activation>
<build>
<!-- https://central.sonatype.org/pages/requirements.html -->
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<executions>
<execution>
<id>attach-sources</id>
<goals>
<goal>jar-no-fork</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<executions>
<execution>
<id>attach-javadocs</id>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<executions>
<execution>
<id>sign-artifacts</id>
<goals>
<goal>sign</goal>
</goals>
<phase>verify</phase>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
</profiles>
</project>
2 changes: 1 addition & 1 deletion src/it/simple-filter/jcr_root/apps/foo/.content.xml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<jcr:root xmlns:jcr="http://www.jcp.org/jcr/1.0" xmlns:nt="http://www.jcp.org/jcr/nt/1.0"
jcr:primaryType="nt:unstructured"
escapedValue="${vltdocviewattributeescape.customProperty}"
escapedValue="${vltattributeescape.customProperty}"
encryptedValue="${vltaemencrypt.customProperty}" />

0 comments on commit b643fe0

Please sign in to comment.