name: CI build # Run this workflow every time a new commit pushed to your repository on: push: branches: [ '**' ] tags-ignore: [ '**' ] pull_request: types: [ opened, synchronize, reopened ] jobs: build: name: Build runs-on: ubuntu-latest steps: - name: Check out code uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up GPG if: env.GPG_SECRET_KEYS != null && env.GPG_OWNERTRUST != null run: | cat <(echo -e "${{ env.GPG_SECRET_KEYS }}") | base64 --decode | gpg --batch --import cat <(echo -e "${{ env.GPG_OWNERTRUST }}") | base64 --decode | gpg --batch --import-ownertrust env: GPG_SECRET_KEYS: ${{ secrets.GPG_SECRET_KEYS }} GPG_OWNERTRUST: ${{ secrets.GPG_OWNERTRUST }} - name: Set up Java uses: actions/setup-java@v4 with: distribution: 'zulu' java-version: 17 cache: maven - name: Perform build run: .github/scripts/build.sh shell: bash env: MAVEN_CLI_OPTS: --settings .github/mvn-settings.xml GPG_EXECUTABLE: /usr/bin/gpg GPG_KEYNAME: ${{ secrets.GPG_KEYNAME }} GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} SONATYPE_USER: ${{ secrets.SONATYPE_USER }} SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }} - name: Publish test coverage if: env.COVERALLS_REPO_TOKEN != null run: ./mvnw --batch-mode -DrepoToken=${{ env.COVERALLS_REPO_TOKEN }} jacoco:report coveralls:report env: COVERALLS_REPO_TOKEN: ${{ secrets.COVERALLS_REPO_TOKEN }} release: name: "Release" runs-on: ubuntu-latest needs: build env: GH_TOKEN: ${{ secrets.GH_TOKEN }} steps: - name: Check out code if: env.GH_TOKEN != null uses: actions/checkout@v4 with: fetch-depth: 0 token: ${{ env.GH_TOKEN }} - name: Set up CI git user if: env.GH_TOKEN != null run: | git config user.name "Talsma CI" git config user.email "ci-user@talsma-ict.nl" - name: Set up JDK if: env.GH_TOKEN != null uses: actions/setup-java@v4 with: distribution: 'zulu' java-version: 17 cache: 'maven' - name: Perform optional release if: env.GH_TOKEN != null run: .github/scripts/release.sh shell: bash env: MAVEN_CLI_OPTS: --settings .github/mvn-settings.xml