-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
220 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,81 @@ | ||
name: maven-cicd | ||
|
||
on: | ||
# for regular master build (after the merge) | ||
push: | ||
branches: | ||
- main | ||
pull_request: | ||
branches: | ||
- main | ||
types: [opened, synchronize, reopened] | ||
|
||
jobs: | ||
build: | ||
strategy: | ||
matrix: | ||
os: [ubuntu-latest, macos-latest, windows-latest] | ||
jdk: [11, 17, 21] | ||
include: | ||
# lengthy build steps should only be performed on linux with Java 17 (Sonarcloud analysis, deployment) | ||
- os: ubuntu-latest | ||
jdk: 17 | ||
isMainBuildEnv: true | ||
namePrefix: 'Main ' | ||
fail-fast: false | ||
|
||
name: ${{ matrix.namePrefix }} Maven build (${{ matrix.os }}, JDK ${{ matrix.jdk }}) | ||
runs-on: ${{ matrix.os }} | ||
|
||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v4 | ||
# always act on the modified source code (even for event pull_request_target) | ||
# is considered potentially unsafe (https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) but actions are only executed after approval from committers | ||
with: | ||
ref: ${{ github.event.pull_request.head.sha }} | ||
# no additional git operations after checkout triggered in workflow, no need to store credentials | ||
persist-credentials: false | ||
|
||
- name: Set up JDK | ||
uses: actions/setup-java@v4 | ||
with: | ||
cache: 'maven' | ||
distribution: 'temurin' | ||
java-version: ${{ matrix.jdk }} | ||
# generate settings.xml with the correct values | ||
server-id: ossrh # Value of the distributionManagement/repository/id field of the pom.xml | ||
server-username: MAVEN_USERNAME # env variable for username in deploy | ||
server-password: MAVEN_PASSWORD # env variable for token in deploy | ||
|
||
# sets environment variables to be used in subsequent steps: https://docs.github.com/en/actions/reference/workflow-commands-for-github-actions#setting-an-environment-variable | ||
- name: Set environment variables | ||
shell: bash | ||
run: | | ||
if [ "${{ matrix.isMainBuildEnv }}" = "true" ]; then | ||
echo "MVN_ADDITIONAL_OPTS=-Dsonar.projectKey=Netcentric_aem-crypto-support -Dsonar.organization=netcentric -Dsonar.host.url=https://sonarcloud.io -Pjacoco-report" >> $GITHUB_ENV | ||
if [ "${{github.ref}}" = "refs/heads/main" ] && [ "${{github.event_name}}" = "push" ]; then | ||
echo "MAVEN_USERNAME=${{ secrets.OSSRH_TOKEN_USER }}" >> $GITHUB_ENV | ||
echo "MAVEN_PASSWORD=${{ secrets.OSSRH_TOKEN_PASSWORD }}" >> $GITHUB_ENV | ||
echo "MVN_GOAL=clean deploy org.sonarsource.scanner.maven:sonar-maven-plugin:sonar" >> $GITHUB_ENV | ||
echo "STEP_NAME_SUFFIX=(Deploys to OSSRH)" >> $GITHUB_ENV | ||
else | ||
echo "MVN_GOAL=clean verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar" >> $GITHUB_ENV | ||
fi | ||
else | ||
echo "MVN_ADDITIONAL_OPTS=" >> $GITHUB_ENV | ||
echo "MVN_GOAL=clean verify" >> $GITHUB_ENV | ||
fi | ||
- name: ${{ matrix.namePrefix }} Build with Maven ${{ env.STEP_NAME_SUFFIX }} | ||
env: | ||
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
run: mvn -e -B -V ${{ env.MVN_GOAL }} ${{ env.MVN_ADDITIONAL_OPTS }} | ||
|
||
- name: Publish Test Report | ||
if: ${{ always() }} # make sure to run even if previous Maven execution failed (due to failed test) | ||
uses: EnricoMi/publish-unit-test-result-action/composite@v2 | ||
with: | ||
files: | | ||
target/invoker-reports/TEST-*.xml | ||
check_name: Test report (${{ matrix.os }}, JDK ${{ matrix.jdk }}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,5 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<jcr:root xmlns:jcr="http://www.jcp.org/jcr/1.0" xmlns:nt="http://www.jcp.org/jcr/nt/1.0" | ||
jcr:primaryType="nt:unstructured" | ||
escapedValue="${vltdocviewattributeescape.customProperty}" | ||
escapedValue="${vltattributeescape.customProperty}" | ||
encryptedValue="${vltaemencrypt.customProperty}" /> |