dtone-dvs-api-java-client/.github/workflows/release-dev.yml at master · vincejv/dtone-dvs-api-java-client · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
name: Maven Central SNAPSHOT deployment

on:
  pull_request:
    types: [ opened, synchronize, reopened ]

env:
  SONAR_PROJECT_KEY: vincejv_dtone-dvs-api-java-client
  MVN_ARTIFACT_ID: dvs-apiclient

jobs:

  pre_job:
    name: Duplicate checks
    runs-on: ubuntu-latest
    if: ${{ !contains(github.event.head_commit.message, 'docs-update(') }} # skip for commits containing 'docs-update('
    outputs:
      should_skip: ${{ steps.skip_check.outputs.should_skip }}
      paths_result: ${{ steps.skip_check.outputs.paths_result }}
    steps:
      - name: Skip duplicate actions
        id: skip_check
        uses: fkirc/skip-duplicate-actions@v5
        with:
          concurrent_skipping: outdated_runs
          cancel_others: true

  code_quality_checks:
    name: Code quality checks
    runs-on: ubuntu-latest
    needs: pre_job
    if: needs.pre_job.outputs.should_skip != 'true'
    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis

      - name: Set up JDK 17
        uses: actions/setup-java@v3
        with:
          distribution: temurin
          java-version: 17
          cache: maven

      - name: Cache SonarCloud packages
        uses: actions/cache@v3
        with:
          path: ~/.sonar/cache
          key: ${{ runner.os }}-sonar
          restore-keys: ${{ runner.os }}-sonar

      - name: Build and analyze
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
        run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=${{ env.SONAR_PROJECT_KEY }} -Dsonar.qualitygate.wait=true -Pallow-snapshots

  deploy:
    name: Release artifact to central
    runs-on: ubuntu-latest
    needs: code_quality_checks
    outputs:
      artifact_version: ${{ steps.gen_ver.outputs.artifact_version }}
    permissions:
      contents: read
      packages: write
    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis

      - name: Set up JDK 17
        uses: actions/setup-java@v3
        with:
          distribution: temurin
          java-version: 17
          cache: maven
          server-id: ossrh
          server-username: MAVEN_USERNAME
          server-password: MAVEN_PASSWORD
          gpg-private-key: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}
          gpg-passphrase: MAVEN_GPG_PASSPHRASE

      - name: Prepare artifact version
        id: gen_ver
        run: |
          echo "artifact_version=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> $GITHUB_OUTPUT

      - name: Build and release to central repo
        env:
          MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
          MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
          MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }}
        run: mvn -B deploy -Prelease-for-oss,allow-snapshots

  pr_update:
    name: Pull request update
    if: always()
    needs: [ pre_job, deploy ]
    runs-on: ubuntu-latest
    permissions:
      contents: read
      pull-requests: write # allows job to decorate PRs with analysis results
    steps:
      - name: Update PR (Skip message)
        uses: marocchino/sticky-pull-request-comment@v2
        if: ${{ always() && needs.pre_job.outputs.should_skip == 'true' }}
        with:
          message: |
            ⚪ Skipped CI/CD as deployment was done in a previous job

      - name: Update PR (Success message)
        uses: marocchino/sticky-pull-request-comment@v2
        if: ${{ always() && needs.pre_job.outputs.should_skip != 'true' && needs.deploy.outputs.artifact_version != '' }}
        with:
          message: |
            ✅ Released version to SNAPSHOT repository: `${{ needs.deploy.outputs.artifact_version }}`

            #### Add to your POM
            ```xml
            <dependency>
              <groupId>com.vincejv</groupId>
              <artifactId>${{ env.MVN_ARTIFACT_ID }}</artifactId>
              <version>${{ needs.deploy.outputs.artifact_version }}</version>
            </dependency>
            ```

      - name: Update PR (Failure message)
        uses: marocchino/sticky-pull-request-comment@v2
        if: ${{ always() && needs.pre_job.outputs.should_skip != 'true' && needs.deploy.outputs.artifact_version == '' }}
        with:
          message: |
            ❌ CI Build & Deployment failed, please check the [logs](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) for details