Skip to content

chore(deps): update all non-major dependencies (#118) #70

chore(deps): update all non-major dependencies (#118)

chore(deps): update all non-major dependencies (#118) #70

Workflow file for this run

name: Build & Release
on:
workflow_dispatch:
push:
branches:
- main
- next
paths:
- '**/src/**'
- '**/pom.xml'
- 'pom.xml'
concurrency:
group: ci-main
permissions:
contents: read
jobs:
build:
name: Build & Release
runs-on: ubuntu-latest
permissions:
# used by cycjimmy/semantic-release-action
contents: write
issues: write
pull-requests: write
packages: write
# used by aws-actions/configure-aws-credentials
id-token: write
outputs:
new-release-published: ${{ steps.semantic-release.outputs.new_release_published }}
new-release-version: ${{ steps.semantic-release.outputs.new_release_version }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Set up JDK 11
uses: actions/setup-java@v3
with:
java-version: '11'
distribution: 'temurin'
cache: 'maven'
- name: Setup Node 18
uses: actions/setup-node@v3
with:
node-version: 18
cache: 'yarn'
cache-dependency-path: integration-tests/infrastructure/yarn.lock
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_version: 1.4.6
terraform_wrapper: false
- name: Setup AWS Credentials for Infrastructure
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: eu-central-1
role-to-assume: arn:aws:iam::956243129466:role/github-deployer
- name: Synth Infrastructure for Integration Tests
working-directory: integration-tests/infrastructure
run: |
yarn install --immutable --immutable-cache --check-cache
yarn run synth
- name: Apply Infrastructure for Integration Tests
id: apply-infrastructure
working-directory: integration-tests/infrastructure/cdktf.out/stacks/feign-aws-sigv4-integration-tests
run: |
terraform init
terraform apply -auto-approve
echo "integration-test-role-arn=$(terraform output -raw integration-test-role-arn)" >> $GITHUB_OUTPUT
echo "api-gateway-url=$(terraform output -raw api-gateway-url)" >> $GITHUB_OUTPUT
- name: Setup AWS Credentials for Integration Tests
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: eu-central-1
role-to-assume: ${{ steps.apply-infrastructure.outputs.integration-test-role-arn }}
- name: Run Tests
id: run-tests
run: |
mvn -B -ntp clean install failsafe:integration-test failsafe:verify -DapiGatewayUrl=${{ steps.apply-infrastructure.outputs.api-gateway-url }}
- name: Setup AWS Credentials for Infrastructure
if: always()
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: eu-central-1
role-to-assume: arn:aws:iam::956243129466:role/github-deployer
- name: Destroy Infrastructure for Integration Tests
if: always()
working-directory: integration-tests/infrastructure/cdktf.out/stacks/feign-aws-sigv4-integration-tests
run: |
terraform destroy -auto-approve
- name: Import GPG key
uses: crazy-max/ghaction-import-gpg@v6
if: steps.run-tests.outcome == 'success'
with:
gpg_private_key: ${{ secrets.OSSRH_GPG_SECRET_KEY }}
passphrase: ${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}
- id: semantic-release
name: Create new release
if: steps.run-tests.outcome == 'success'
uses: cycjimmy/semantic-release-action@v3
with:
extra_plugins: |
@semantic-release/git
@semantic-release/exec
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
OSSRH_GPG_SECRET_KEY_PASSWORD: ${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}
publish-maven-central:
name: Publish to Maven Central
runs-on: ubuntu-latest
needs: build
if: needs.build.outputs.new-release-published == 'true'
steps:
- uses: actions/checkout@v4
- name: Set up JDK 11
uses: actions/setup-java@v3
with:
java-version: '11'
distribution: 'temurin'
cache: 'maven'
server-id: ossrh
server-username: MAVEN_USERNAME
server-password: MAVEN_PASSWORD
- name: Import GPG key
uses: crazy-max/ghaction-import-gpg@v6
with:
gpg_private_key: ${{ secrets.OSSRH_GPG_SECRET_KEY }}
passphrase: ${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}
- name: Publish package
run: |
mvn -B -ntp versions:set -DgenerateBackupPoms=false -DnewVersion=${{ needs.build.outputs.new-release-version }}
mvn -B -ntp -Psign-with-gpg -Ppublish-ossrh clean deploy -DskipTests -Dgpg.passphrase=${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}
env:
MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}