|
| 1 | +name: Build and Publish |
| 2 | + |
| 3 | +on: |
| 4 | + push: |
| 5 | + branches: [main] |
| 6 | + pull_request: |
| 7 | + release: |
| 8 | + types: [published] |
| 9 | + |
| 10 | +permissions: |
| 11 | + contents: write |
| 12 | + packages: write |
| 13 | + |
| 14 | +jobs: |
| 15 | + build-and-publish: |
| 16 | + runs-on: ubuntu-latest |
| 17 | + |
| 18 | + steps: |
| 19 | + - name: Checkout code |
| 20 | + uses: actions/checkout@v4 |
| 21 | + |
| 22 | + - name: Set up Java |
| 23 | + uses: actions/setup-java@v4 |
| 24 | + with: |
| 25 | + distribution: temurin |
| 26 | + java-version: 17 |
| 27 | + cache: maven |
| 28 | + server-id: ${{ github.event_name == 'release' && 'central' || 'github' }} |
| 29 | + server-username: ${{ github.event_name == 'release' && 'CENTRAL_USERNAME' || 'GITHUB_ACTOR' }} |
| 30 | + server-password: ${{ github.event_name == 'release' && 'CENTRAL_TOKEN' || 'GITHUB_TOKEN' }} |
| 31 | + gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} |
| 32 | + |
| 33 | + - name: Read version from pom.xml |
| 34 | + id: get-version |
| 35 | + run: | |
| 36 | + VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout) |
| 37 | + echo "pom_version=$VERSION" >> $GITHUB_OUTPUT |
| 38 | +
|
| 39 | + - name: Validate pom.xml version has -SNAPSHOT suffix |
| 40 | + run: | |
| 41 | + POM_VERSION=${{ steps.get-version.outputs.pom_version }} |
| 42 | + echo "POM version: $POM_VERSION" |
| 43 | + if [[ "$POM_VERSION" != *"-SNAPSHOT" ]]; then |
| 44 | + echo "::error::pom.xml version must end with -SNAPSHOT, but is '$POM_VERSION'" |
| 45 | + exit 1 |
| 46 | + fi |
| 47 | +
|
| 48 | + - name: Validate release tag matches POM version |
| 49 | + if: github.event_name == 'release' |
| 50 | + run: | |
| 51 | + TAG_VERSION=${GITHUB_REF#refs/tags/v} |
| 52 | + POM_VERSION=${{ steps.get-version.outputs.pom_version }} |
| 53 | + EXPECTED_TAG="${POM_VERSION%-SNAPSHOT}" |
| 54 | + echo "GitHub tag: $TAG_VERSION" |
| 55 | + echo "Expected from POM: $EXPECTED_TAG" |
| 56 | + if [ "$TAG_VERSION" != "$EXPECTED_TAG" ]; then |
| 57 | + echo "::error::Tag v$TAG_VERSION does not match pom.xml version $POM_VERSION without -SNAPSHOT suffix" |
| 58 | + exit 1 |
| 59 | + fi |
| 60 | +
|
| 61 | + - name: Build and test |
| 62 | + run: mvn --batch-mode verify |
| 63 | + env: |
| 64 | + GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} |
| 65 | + |
| 66 | + - name: Publish Test Results |
| 67 | + uses: dorny/test-reporter@dc3a92680fcc15842eef52e8c4606ea7ce6bd3f3 # v2.1.1 |
| 68 | + if: success() || failure() |
| 69 | + with: |
| 70 | + name: Test Results |
| 71 | + path: target/surefire-reports/*.xml |
| 72 | + reporter: java-junit |
| 73 | + fail-on-error: false |
| 74 | + |
| 75 | + - name: Publish to GitHub Packages |
| 76 | + if: github.event_name == 'push' |
| 77 | + run: mvn --batch-mode deploy -DskipTests -DaltDeploymentRepository=github::https://maven.pkg.github.com/${{ github.repository }} |
| 78 | + env: |
| 79 | + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
| 80 | + |
| 81 | + - name: Set release version for Maven Central |
| 82 | + if: github.event_name == 'release' |
| 83 | + run: | |
| 84 | + POM_VERSION=${{ steps.get-version.outputs.pom_version }} |
| 85 | + RELEASE_VERSION="${POM_VERSION%-SNAPSHOT}" |
| 86 | + mvn versions:set -DnewVersion="$RELEASE_VERSION" -DgenerateBackupPoms=false |
| 87 | +
|
| 88 | + - name: Update release with Maven Central links |
| 89 | + if: github.event_name == 'release' |
| 90 | + run: | |
| 91 | + RELEASE_VERSION="${{ steps.get-version.outputs.pom_version }}" |
| 92 | + RELEASE_VERSION="${RELEASE_VERSION%-SNAPSHOT}" |
| 93 | + |
| 94 | + # Get existing release body first |
| 95 | + EXISTING_BODY=$(gh release view ${{ github.event.release.tag_name }} --json body -q .body) |
| 96 | + |
| 97 | + # Start with existing body if it exists |
| 98 | + if [ -n "$EXISTING_BODY" ] && [ "$EXISTING_BODY" != "null" ]; then |
| 99 | + echo "$EXISTING_BODY" > release_body.md |
| 100 | + echo "" >> release_body.md |
| 101 | + echo "---" >> release_body.md |
| 102 | + echo "" >> release_body.md |
| 103 | + fi |
| 104 | + |
| 105 | + # Append Maven Central links |
| 106 | + cat << EOF >> release_body.md |
| 107 | + ## 📦 Maven Central |
| 108 | +
|
| 109 | + This release is available at https://central.sonatype.com/artifact/com.scalepoint/oauth-token-client/${RELEASE_VERSION} |
| 110 | +
|
| 111 | + \`\`\`xml |
| 112 | + <dependency> |
| 113 | + <groupId>com.scalepoint</groupId> |
| 114 | + <artifactId>oauth-token-client</artifactId> |
| 115 | + <version>${RELEASE_VERSION}</version> |
| 116 | + </dependency> |
| 117 | + \`\`\` |
| 118 | + EOF |
| 119 | + |
| 120 | + # Update the release |
| 121 | + gh release edit ${{ github.event.release.tag_name }} --notes-file release_body.md |
| 122 | + env: |
| 123 | + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
| 124 | + |
| 125 | + - name: Publish to Maven Central |
| 126 | + if: github.event_name == 'release' |
| 127 | + run: mvn --batch-mode deploy -DskipTests |
| 128 | + env: |
| 129 | + CENTRAL_USERNAME: ${{ secrets.CENTRAL_USERNAME }} |
| 130 | + CENTRAL_PASSWORD: ${{ secrets.CENTRAL_PASSWORD }} |
0 commit comments