Skip to content
maven-cicd

Update action steps to latest version #147

Sign in to view logs

Update action steps to latest version

Update action steps to latest version #147

Workflow file for this run

.github/workflows/maven.yml at c29a6db
name: maven-cicd
on:
# for regular master build (after the merge)
push:
branches:
- main
pull_request:
branches:
- main
# restrict privileges except for setting commit status, adding PR comments and writing statuses
permissions:
actions: read
checks: write
contents: read
deployments: read
issues: read
packages: read
pull-requests: write
repository-projects: read
security-events: read
statuses: write
jobs:
build:
strategy:
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
jdk: [11, 17, 21, 25]
include:
# lengthy build steps should only be performed on linux with Java 21 (SonarQube analysis, deployment)
- os: ubuntu-latest
jdk: 21
isMainBuildEnv: true
namePrefix: 'Main '
fail-fast: false
name: ${{ matrix.namePrefix }} Maven build (${{ matrix.os }}, JDK ${{ matrix.jdk }})
runs-on: ${{ matrix.os }}
steps:
- name: Checkout
uses: actions/checkout@v6
with:
# no additional git operations after checkout triggered in workflow, no need to store credentials
persist-credentials: false
- name: Set up JDK
uses: actions/setup-java@v5
with:
cache: 'maven'
distribution: 'temurin'
java-version: ${{ matrix.jdk }}
# generate settings.xml with the correct values
server-id: ossrh # Value of the distributionManagement/repository/id field of the pom.xml
server-username: MAVEN_USERNAME # env variable for username in deploy
server-password: MAVEN_PASSWORD # env variable for token in deploy
# sets environment variables to be used in subsequent steps: https://docs.github.com/en/actions/reference/workflow-commands-for-github-actions#setting-an-environment-variable
- name: Set environment variables
shell: bash
run: |
if [ "${{ matrix.isMainBuildEnv }}" = "true" ]; then
echo "MVN_ADDITIONAL_OPTS=-Dsonar.projectKey=Netcentric_aem-cloud-validator -Dsonar.organization=netcentric -Dsonar.host.url=https://sonarcloud.io -Pjacoco-report -Dsonar.scanner.skipJreProvisioning=true" >> $GITHUB_ENV
if [ "${{github.ref}}" = "refs/heads/main" ] && [ "${{github.event_name}}" = "push" ]; then
echo "MAVEN_USERNAME=${{ secrets.OSSRH_TOKEN_USER }}" >> $GITHUB_ENV
echo "MAVEN_PASSWORD=${{ secrets.OSSRH_TOKEN_PASSWORD }}" >> $GITHUB_ENV
echo "MVN_GOAL=clean deploy org.sonarsource.scanner.maven:sonar-maven-plugin:5.5.0.6356:sonar" >> $GITHUB_ENV
echo "STEP_NAME_SUFFIX=(Deploys to OSSRH)" >> $GITHUB_ENV
else
echo "MVN_GOAL=clean verify" >> $GITHUB_ENV
fi
else
echo "MVN_ADDITIONAL_OPTS=" >> $GITHUB_ENV
echo "MVN_GOAL=clean verify" >> $GITHUB_ENV
fi
- name: ${{ matrix.namePrefix }} Build with Maven ${{ env.STEP_NAME_SUFFIX }}
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: mvn -e -B -V ${{ env.MVN_GOAL }} ${{ env.MVN_ADDITIONAL_OPTS }}
- name: Upload Test Results
if: always()
uses: actions/upload-artifact@v7
with:
name: Test Results (${{ matrix.os }}, JDK ${{ matrix.jdk }}))
path: |
target/surefire-reports/TEST*.xml
target/invoker-reports/TEST*.xml
target/it/**/build.log
publish-test-results:
name: "Publish Tests Results"
needs: build
runs-on: ubuntu-latest
permissions:
checks: write
# only needed unless run with comment_mode: off
pull-requests: write
# only needed for private repository
contents: read
# only needed for private repository
issues: read
if: always()
steps:
- name: Download Artifacts
uses: actions/download-artifact@v8
with:
path: artifacts
- name: Publish Test Results
uses: EnricoMi/publish-unit-test-result-action@c950f6fb443cb5af20a377fd0dfaa78838901040
with:
files: "artifacts/**/*.xml"