Skip to content

chore(deps): update all non-major dependencies (#148) #93

chore(deps): update all non-major dependencies (#148)

chore(deps): update all non-major dependencies (#148) #93

Workflow file for this run

name: Build & Release
on:
workflow_dispatch:
push:
branches:
- main
- next
paths:
- '**/src/**'
- '**/pom.xml'
- 'pom.xml'
concurrency:
group: ci-main
permissions:
contents: read
jobs:
build:
name: Build & Release
runs-on: ubuntu-latest
permissions:
# used by cycjimmy/semantic-release-action
contents: write
issues: write
pull-requests: write
packages: write
# used by aws-actions/configure-aws-credentials
id-token: write
outputs:
new-release-published: ${{ steps.semantic-release.outputs.new_release_published }}
new-release-version: ${{ steps.semantic-release.outputs.new_release_version }}
steps:
- uses: actions/checkout@v4.1.1
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Set up JDK 11
uses: actions/setup-java@v4.2.1
with:
java-version: '11'
distribution: 'temurin'
cache: 'maven'
- name: Setup Node 20
uses: actions/setup-node@v4.0.2
with:
node-version: 20
cache: 'yarn'
cache-dependency-path: integration-tests/infrastructure/yarn.lock
- name: Setup Terraform
uses: hashicorp/setup-terraform@v3.0.0
with:
terraform_version: 1.5.7
terraform_wrapper: false
- name: Setup AWS Credentials for Infrastructure
uses: aws-actions/configure-aws-credentials@v4.0.2
with:
aws-region: eu-central-1
role-to-assume: arn:aws:iam::956243129466:role/github-deployer
- name: Synth Infrastructure for Integration Tests
working-directory: integration-tests/infrastructure
run: |
yarn install --frozen-lockfile
yarn run synth
- id: apply-infrastructure
name: Apply Infrastructure for Integration Tests
working-directory: integration-tests/infrastructure/cdktf.out/stacks/feign-aws-sigv4-integration-tests
run: |
terraform init
terraform apply -auto-approve
echo "integration-test-role-arn=$(terraform output -raw integration-test-role-arn)" >> $GITHUB_OUTPUT
echo "api-gateway-url=$(terraform output -raw api-gateway-url)" >> $GITHUB_OUTPUT
- name: Setup AWS Credentials for Integration Tests
uses: aws-actions/configure-aws-credentials@v4.0.2
with:
aws-region: eu-central-1
role-to-assume: ${{ steps.apply-infrastructure.outputs.integration-test-role-arn }}
- id: run-tests
name: Run Tests
run: |
mvn -B -ntp clean install failsafe:integration-test failsafe:verify -DapiGatewayUrl=${{ steps.apply-infrastructure.outputs.api-gateway-url }}
- name: Setup AWS Credentials for Infrastructure
uses: aws-actions/configure-aws-credentials@v4.0.2
if: always()
with:
aws-region: eu-central-1
role-to-assume: arn:aws:iam::956243129466:role/github-deployer
- name: Destroy Infrastructure for Integration Tests
if: always()
working-directory: integration-tests/infrastructure/cdktf.out/stacks/feign-aws-sigv4-integration-tests
run: |
terraform destroy -auto-approve
- name: Import GPG key
uses: crazy-max/ghaction-import-gpg@v6.1.0
if: steps.run-tests.outcome == 'success'
with:
gpg_private_key: ${{ secrets.OSSRH_GPG_SECRET_KEY }}
passphrase: ${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}
- id: semantic-release
name: Create new release
uses: cycjimmy/semantic-release-action@v4.1.0
if: steps.run-tests.outcome == 'success'
with:
extra_plugins: |
@semantic-release/git
@semantic-release/exec
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
OSSRH_GPG_SECRET_KEY_PASSWORD: ${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}
publish-maven-central:
name: Publish to Maven Central
runs-on: ubuntu-latest
needs: build
if: needs.build.outputs.new-release-published == 'true'
steps:
- uses: actions/checkout@v4.1.1
- name: Set up JDK 11
uses: actions/setup-java@v4.2.1
with:
java-version: '11'
distribution: 'temurin'
cache: 'maven'
server-id: ossrh
server-username: MAVEN_USERNAME
server-password: MAVEN_PASSWORD
- name: Import GPG key
uses: crazy-max/ghaction-import-gpg@v6.1.0
with:
gpg_private_key: ${{ secrets.OSSRH_GPG_SECRET_KEY }}
passphrase: ${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}
- name: Publish package
run: |
mvn -B -ntp versions:set -DgenerateBackupPoms=false -DnewVersion=${{ needs.build.outputs.new-release-version }}
mvn -B -ntp -Psign-with-gpg -Ppublish-ossrh clean deploy -DskipTests -Dgpg.passphrase=${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}
env:
MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}