kemitix/kemitix-parent
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Update github actions (#136)

Browse source
This commit is contained in:
Paul Campbell 2020-07-11 12:09:13 +01:00 committed by GitHub
parent 06761c30d7
commit b761dda3bf
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
10 changed files with 136 additions and 89 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
.github/NOTES vendored
View file

@ -2,6 +2,12 @@ Add subkeys:
???? ????
Publish:
gpg --send-keys --keyserver keyserver.ubuntu.com $KEYID
gpg --send-keys --keyserver pgp.mit.edu $KEYID
gpg --send-keys --keyserver pool.sks-keyservers.net $KEYID
Backup: Backup:
gpg --export --armor pcampbell@kemitix.net > gpg-key-backup.asc gpg --export --armor pcampbell@kemitix.net > gpg-key-backup.asc
@ -43,3 +49,5 @@ gpg --export-secret-keys --armor pcampbell@kemitix.net >> codesigning.asc
Encrypt keys: Encrypt keys:
gpg --symmetric --cipher-algo AES256 codesigning.asc gpg --symmetric --cipher-algo AES256 codesigning.asc
shred codesigning.asc

BIN
.github/codesigning.asc.gpg vendored
View file

Binary file not shown.

43
.github/deploy.sh vendored
View file

@ -1,43 +0,0 @@
#!/usr/bin/env bash
# Decrypts the signing key in .github/codesigning.asc.enc
# Imports that key
# Uses .github/settings.xml and the release profile to deploy
echo "deploy.sh: Starting..."
(
cd .github
echo "Retrieving GPG Private KEY"
gpg --quiet \
--batch \
--yes \
--decrypt \
--passphrase="${GPG_PASSPHRASE}" \
--output codesigning.asc \
codesigning.asc.gpg
echo "Loading signing key"
gpg --batch \
--fast-import codesigning.asc
)
if test -z ${DEPLOY_PROJECTS}
then
PROJECTS=""
echo "Deploying Projects: all"
else
PROJECTS="-pl ${DEPLOY_PROJECTS}"
echo "Deploying Projects: $DEPLOY_PROJECTS"
fi
echo "Releasing..."
mvn ${PROJECTS} \
--settings .github/settings.xml \
-Dskip-Tests=true \
-P release \
-B \
deploy
echo "deploy.sh: Done."

34
.github/release-drafter.yml vendored Normal file
View file

@ -0,0 +1,34 @@
name-template: 'v$RESOLVED_VERSION 🌈'
tag-template: 'v$RESOLVED_VERSION'
categories:
- title: '🚀 Features'
labels:
- 'feature'
- 'enhancement'
- title: '🐛 Bug Fixes'
labels:
- 'fix'
- 'bugfix'
- 'bug'
- title: '🧰 Maintenance'
labels:
- 'chore'
- 'dependencies'
change-template: '- $TITLE @$AUTHOR (#$NUMBER)'
version-resolver:
major:
labels:
- 'major'
minor:
labels:
- 'minor'
patch:
labels:
- 'patch'
default: patch
exclude-labels:
- 'skip-changelog'
template: |
## Changes
$CHANGES

17
.github/stale.yaml vendored Normal file
View file

@ -0,0 +1,17 @@
# Number of days of inactivity before an issue becomes stale
daysUntilStale: 60
# Number of days of inactivity before a stale issue is closed
daysUntilClose: 7
# Issues with these labels will never be considered stale
exemptLabels:
- pinned
- security
# Label to use when marking an issue as stale
staleLabel: wontfix
# Comment to post when marking an issue as stale. Set to `false` to disable
markComment: >
This issue has been automatically marked as stale because it has not had
recent activity. It will be closed if no further activity occurs. Thank you
for your contributions.
# Comment to post when closing a stale issue. Set to `false` to disable
closeComment: false

23
.github/workflows/build-maven.yml vendored Normal file
View file

@ -0,0 +1,23 @@
name: maven-build
on:
push:
branches: '*'
pull_request:
branches: '*'
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
java: [ 8, 11, 14 ]
steps:
- uses: kamiazya/setup-graphviz@v1
- uses: actions/checkout@v2
- name: setup-jdk-${{ matrix.java }}
uses: actions/setup-java@v1
with:
java-version: ${{ matrix.java }}
- name: build-jar
run: mvn -B install

40
.github/workflows/deploy-sonatype.yml vendored Normal file
View file

@ -0,0 +1,40 @@
name: sonatype-deploy
on:
push:
tags:
- "v*"
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: kamiazya/setup-graphviz@v1
- uses: actions/checkout@v2
- name: Set up JDK
uses: actions/setup-java@v1
with:
java-version: 8
- name: Build with Maven
run: mvn -B install
- name: Nexus Repo Publish
run: |
gpg --quiet \
--batch \
--yes \
--decrypt \
--passphrase="${{ secrets.GPG_PASSPHRASE }}" \
--output codesigning.asc \
.github/codesigning.asc.gpg
gpg --batch \
--fast-import codesigning.asc
mvn --settings .github/settings.xml \
-Dskip-Tests=true \
-P release \
-B \
deploy
env:
NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }}
NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }}
GPG_KEYNAME: ${{ secrets.GPG_KEYNAME }}
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}

14
.github/workflows/draft-release.yml vendored Normal file
View file

@ -0,0 +1,14 @@
name: draft-release
on:
push:
branches:
- master
jobs:
update_draft_release:
runs-on: ubuntu-latest
steps:
- uses: release-drafter/release-drafter@v5.11.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

22
.github/workflows/maven-build.yml vendored
View file

@ -1,22 +0,0 @@
# This workflow will build a Java project with Maven
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
name: Java CI with Maven
on:
push:
branches: '*'
pull_request:
branches: '*'
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up JDK 1.8
uses: actions/setup-java@v1
with:
java-version: 1.8
- name: Build with Maven
run: mvn -B package --file pom.xml

24
.github/workflows/sonatype-deploy.yml vendored
View file

@ -1,24 +0,0 @@
name: Deploy to Sonatype Nexus
on:
release:
types: [created]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up JDK 1.8
uses: actions/setup-java@v1
with:
java-version: 1.8
- name: Build with Maven
run: mvn -B package
- name: Nexus Repo Publish
run: sh .github/deploy.sh
env:
NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }}
NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }}
GPG_KEYNAME: ${{ secrets.GPG_KEYNAME }}
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}