fix(JWT-4312): use old notification #49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Continuous Delivery | |
| on: | |
| push: | |
| branches: | |
| - master | |
| paths-ignore: | |
| - '**/README.md' | |
| env: | |
| # This will suppress any download for dependencies and plugins or upload messages which would clutter the console log. | |
| # `showDateTime` will show the passed time in milliseconds. You need to specify `--batch-mode` to make this work. | |
| MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true" | |
| # As of Maven 3.3.0 instead of this you may define these options in `.mvn/maven.config` so the same config is used | |
| # when running from the command line. | |
| # `installAtEnd` and `deployAtEnd` are only effective with recent version of the corresponding plugins. | |
| MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true" | |
| jobs: | |
| mainJob: | |
| runs-on: ubuntu-22.04 | |
| timeout-minutes: 10 | |
| outputs: | |
| releaseVersion: ${{ steps.semanticversion.outputs.new_version }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Bump version and create tag | |
| id: semanticversion | |
| uses: mathieudutour/[email protected] | |
| with: | |
| release_branches: master | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Verify and print new build number | |
| run: | | |
| if echo '${{ steps.semanticversion.outputs.new_tag }}' |grep -Eq '^v[0-9]+[.][0-9]+[.][0-9]+$'; then | |
| echo Tag '${{ steps.semanticversion.outputs.new_tag }}', New version '${{ steps.semanticversion.outputs.new_version }}', Changelog '${{ steps.semanticversion.outputs.changelog }}' | |
| else | |
| echo 'unexpected tag format - aborting' | |
| exit -1 | |
| fi | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: 'temurin' | |
| java-version: '17' | |
| cache: 'maven' | |
| - name: Set version | |
| id: version | |
| run: | | |
| echo Releasing as ${{ steps.semanticversion.outputs.new_version }} | |
| mvn $MAVEN_CLI_OPTS versions:set -DnewVersion=${{ steps.semanticversion.outputs.new_version }} | |
| - name: Perform build | |
| env: | |
| REPOSITORY_URL: ${{ secrets.LEVIGO_OSS_MAVEN_REPO_URL }} | |
| REPOSITORY_USERID: ${{ secrets.LEVIGO_OSS_MAVEN_REPO_USER }} | |
| REPOSITORY_CREDENTIALS: ${{ secrets.LEVIGO_OSS_MAVEN_REPO_PASSWORD }} | |
| run: mvn $MAVEN_CLI_OPTS package --settings .github/settings.xml | |
| - name: Deploy package | |
| env: | |
| GPG_EXECUTABLE: gpg | |
| GPG_SECRET_KEYS: ${{ secrets.LEVIGO_GPG_KEYS }} | |
| GPG_OWNERTRUST: ${{ secrets.LEVIGO_GPG_OWNERTRUST }} | |
| GPG_PASSPHRASE: ${{ secrets.LEVIGO_GPG_PASSPHRASE }} | |
| SONATYPE_USERNAME: ${{ secrets.LEVIGO_SONATYPE_USERNAME }} | |
| SONATYPE_PASSWORD: ${{ secrets.LEVIGO_SONATYPE_PASSWORD }} | |
| REPOSITORY_URL: ${{ secrets.LEVIGO_OSS_MAVEN_REPO_URL }} | |
| REPOSITORY_USERID: ${{ secrets.LEVIGO_OSS_MAVEN_REPO_USER }} | |
| REPOSITORY_CREDENTIALS: ${{ secrets.LEVIGO_OSS_MAVEN_REPO_PASSWORD }} | |
| run: | | |
| echo "$GPG_SECRET_KEYS" | base64 --decode | $GPG_EXECUTABLE --import --no-tty --batch --yes | |
| echo "$GPG_OWNERTRUST" | base64 --decode | $GPG_EXECUTABLE --import-ownertrust --no-tty --batch --yes | |
| mvn $MAVEN_CLI_OPTS deploy --settings .github/settings.xml -Dmaven.test.skip.exec=true -U -Prelease | |
| - name: create release and upload release asset | |
| uses: ncipollo/[email protected] | |
| with: | |
| tag: ${{ steps.semanticversion.outputs.new_tag }} | |
| name: Release ${{ steps.semanticversion.outputs.new_tag }} | |
| # the step above will NOT trigger a second workflow. | |
| - name: dispatch release event | |
| run: | | |
| curl \ | |
| -X POST \ | |
| -H "Accept: application/vnd.github+json" \ | |
| -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ | |
| https://api.github.com/repos/${{ github.repository }}/dispatches \ | |
| -d '{"event_type":"release_created","client_payload":{"version":"${{ steps.semanticversion.outputs.new_version }}"}}' | |
| - name: Notify Developers | |
| uses: 8398a7/action-slack@v3 | |
| with: | |
| username: GitHub | |
| icon_emoji: octocat | |
| channel: ci_jwt | |
| status: ${{ job.status }} | |
| fields: repo,message,commit,author,action,eventName,ref | |
| text: ${{ github.workflow }} ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| # you probably have to pass the personal access token to the action so that it can send to mattermost. | |
| # Alternatively, set as below so that nothing happens with dependabot PRs. | |
| if: ${{ github.actor != 'dependabot[bot]' }} | |
| updateReadme: | |
| needs: mainJob | |
| uses: levigo/reusable-workflows-pub/.github/workflows/update-readme-md.yml@v1 | |
| secrets: inherit | |
| with: | |
| releaseVersion: ${{ needs.mainJob.outputs.releaseVersion }} |