Merge pull request #30 from cuioss/dependabot/maven/de.cuioss-cui-jav… #86

Workflow file for this run

	name: Master Build

	on:
	push:
	branches: [ "main", "feature/*" ]
	pull_request:
	branches: [ "main" ]

	jobs:
	build:

	runs-on: ubuntu-latest
	strategy:
	matrix:
	version: [ 17,21,24 ]

	steps:
	- name: Harden the runner (Audit all outbound calls)
	uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
	with:
	egress-policy: audit

	- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	- name: Set up JDK ${{ matrix.version }}
	uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
	with:
	java-version: ${{ matrix.version }}
	distribution: 'temurin'
	cache: maven
	- name: Build with Maven, Java ${{ matrix.version }}
	run: ./mvnw --no-transfer-progress verify -Dmaven.compiler.source=${{ matrix.version }} -Dmaven.compiler.target=${{ matrix.version }}

	sonar-build:
	needs: build
	runs-on: ubuntu-latest

	steps:
	- name: Harden the runner (Audit all outbound calls)
	uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
	with:
	egress-policy: audit

	- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	with:
	fetch-depth: 0

	- name: Set up JDK 17 for Sonar-build
	uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
	with:
	java-version: '17'
	distribution: 'temurin'
	cache: maven

	- name: Cache SonarCloud packages
	uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
	with:
	path: ~/.sonar/cache
	key: ${{ runner.os }}-sonar
	restore-keys: ${{ runner.os }}-sonar

	- uses: radcortez/project-metadata-action@203f7ffba8db2669b2c9b4d4c2e90b186c588fa5 # 1.1
	name: Retrieve project metadata from '.github/project.yml'
	id: metadata
	with:
	github-token: ${{secrets.GITHUB_TOKEN}}
	metadata-file-path: '.github/project.yml'
	local-file: true

	- name: Build and analyze
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
	run: ./mvnw -B verify -Psonar -Dsonar.projectKey=${{steps.metadata.outputs.sonar-project-key}} sonar:sonar

	deploy-snapshot:
	needs: sonar-build
	if: github.ref == 'refs/heads/main'
	runs-on: ubuntu-latest
	steps:
	- name: Harden the runner (Audit all outbound calls)
	uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
	with:
	egress-policy: audit

	- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	- name: Set up JDK 17 for snapshot release
	uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
	with:
	java-version: '17'
	distribution: 'temurin'
	server-id: central
	server-username: MAVEN_USERNAME
	server-password: MAVEN_PASSWORD
	gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
	gpg-passphrase: MAVEN_GPG_PASSPHRASE
	cache: maven

	- name: Extract project version
	id: project
	run: echo ::set-output name=version::$(./mvnw help:evaluate -Dexpression=project.version -q -DforceStdout)

	- name: Deploy Snapshot with Maven, version ${{ steps.project.outputs.version }}
	if: ${{endsWith(steps.project.outputs.version, '-SNAPSHOT')}}
	run: \|
	./mvnw -B -Prelease-snapshot javadoc:aggregate
	./mvnw -B -Prelease-snapshot deploy -Dmaven.test.skip=true
	env:
	MAVEN_USERNAME: ${{ secrets.OSS_SONATYPE_USERNAME }}
	MAVEN_PASSWORD: ${{ secrets.OSS_SONATYPE_PASSWORD }}
	MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Merge pull request #30 from cuioss/dependabot/maven/de.cuioss-cui-jav… #86

Workflow file

Merge pull request #30 from cuioss/dependabot/maven/de.cuioss-cui-jav… #86

Uh oh!

Jobs

Run details

Workflow file for this run