Update github actions (#136)
This commit is contained in:
parent
06761c30d7
commit
b761dda3bf
10 changed files with 136 additions and 89 deletions
8
.github/NOTES
vendored
8
.github/NOTES
vendored
|
@ -2,6 +2,12 @@ Add subkeys:
|
|||
|
||||
????
|
||||
|
||||
Publish:
|
||||
|
||||
gpg --send-keys --keyserver keyserver.ubuntu.com $KEYID
|
||||
gpg --send-keys --keyserver pgp.mit.edu $KEYID
|
||||
gpg --send-keys --keyserver pool.sks-keyservers.net $KEYID
|
||||
|
||||
Backup:
|
||||
|
||||
gpg --export --armor pcampbell@kemitix.net > gpg-key-backup.asc
|
||||
|
@ -43,3 +49,5 @@ gpg --export-secret-keys --armor pcampbell@kemitix.net >> codesigning.asc
|
|||
Encrypt keys:
|
||||
|
||||
gpg --symmetric --cipher-algo AES256 codesigning.asc
|
||||
|
||||
shred codesigning.asc
|
||||
|
|
BIN
.github/codesigning.asc.gpg
vendored
BIN
.github/codesigning.asc.gpg
vendored
Binary file not shown.
43
.github/deploy.sh
vendored
43
.github/deploy.sh
vendored
|
@ -1,43 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# Decrypts the signing key in .github/codesigning.asc.enc
|
||||
# Imports that key
|
||||
# Uses .github/settings.xml and the release profile to deploy
|
||||
|
||||
echo "deploy.sh: Starting..."
|
||||
|
||||
(
|
||||
cd .github
|
||||
|
||||
echo "Retrieving GPG Private KEY"
|
||||
gpg --quiet \
|
||||
--batch \
|
||||
--yes \
|
||||
--decrypt \
|
||||
--passphrase="${GPG_PASSPHRASE}" \
|
||||
--output codesigning.asc \
|
||||
codesigning.asc.gpg
|
||||
|
||||
echo "Loading signing key"
|
||||
gpg --batch \
|
||||
--fast-import codesigning.asc
|
||||
)
|
||||
|
||||
if test -z ${DEPLOY_PROJECTS}
|
||||
then
|
||||
PROJECTS=""
|
||||
echo "Deploying Projects: all"
|
||||
else
|
||||
PROJECTS="-pl ${DEPLOY_PROJECTS}"
|
||||
echo "Deploying Projects: $DEPLOY_PROJECTS"
|
||||
fi
|
||||
|
||||
echo "Releasing..."
|
||||
mvn ${PROJECTS} \
|
||||
--settings .github/settings.xml \
|
||||
-Dskip-Tests=true \
|
||||
-P release \
|
||||
-B \
|
||||
deploy
|
||||
|
||||
echo "deploy.sh: Done."
|
34
.github/release-drafter.yml
vendored
Normal file
34
.github/release-drafter.yml
vendored
Normal file
|
@ -0,0 +1,34 @@
|
|||
name-template: 'v$RESOLVED_VERSION 🌈'
|
||||
tag-template: 'v$RESOLVED_VERSION'
|
||||
categories:
|
||||
- title: '🚀 Features'
|
||||
labels:
|
||||
- 'feature'
|
||||
- 'enhancement'
|
||||
- title: '🐛 Bug Fixes'
|
||||
labels:
|
||||
- 'fix'
|
||||
- 'bugfix'
|
||||
- 'bug'
|
||||
- title: '🧰 Maintenance'
|
||||
labels:
|
||||
- 'chore'
|
||||
- 'dependencies'
|
||||
change-template: '- $TITLE @$AUTHOR (#$NUMBER)'
|
||||
version-resolver:
|
||||
major:
|
||||
labels:
|
||||
- 'major'
|
||||
minor:
|
||||
labels:
|
||||
- 'minor'
|
||||
patch:
|
||||
labels:
|
||||
- 'patch'
|
||||
default: patch
|
||||
exclude-labels:
|
||||
- 'skip-changelog'
|
||||
template: |
|
||||
## Changes
|
||||
|
||||
$CHANGES
|
17
.github/stale.yaml
vendored
Normal file
17
.github/stale.yaml
vendored
Normal file
|
@ -0,0 +1,17 @@
|
|||
# Number of days of inactivity before an issue becomes stale
|
||||
daysUntilStale: 60
|
||||
# Number of days of inactivity before a stale issue is closed
|
||||
daysUntilClose: 7
|
||||
# Issues with these labels will never be considered stale
|
||||
exemptLabels:
|
||||
- pinned
|
||||
- security
|
||||
# Label to use when marking an issue as stale
|
||||
staleLabel: wontfix
|
||||
# Comment to post when marking an issue as stale. Set to `false` to disable
|
||||
markComment: >
|
||||
This issue has been automatically marked as stale because it has not had
|
||||
recent activity. It will be closed if no further activity occurs. Thank you
|
||||
for your contributions.
|
||||
# Comment to post when closing a stale issue. Set to `false` to disable
|
||||
closeComment: false
|
23
.github/workflows/build-maven.yml
vendored
Normal file
23
.github/workflows/build-maven.yml
vendored
Normal file
|
@ -0,0 +1,23 @@
|
|||
name: maven-build
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: '*'
|
||||
pull_request:
|
||||
branches: '*'
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
strategy:
|
||||
matrix:
|
||||
java: [ 8, 11, 14 ]
|
||||
steps:
|
||||
- uses: kamiazya/setup-graphviz@v1
|
||||
- uses: actions/checkout@v2
|
||||
- name: setup-jdk-${{ matrix.java }}
|
||||
uses: actions/setup-java@v1
|
||||
with:
|
||||
java-version: ${{ matrix.java }}
|
||||
- name: build-jar
|
||||
run: mvn -B install
|
40
.github/workflows/deploy-sonatype.yml
vendored
Normal file
40
.github/workflows/deploy-sonatype.yml
vendored
Normal file
|
@ -0,0 +1,40 @@
|
|||
name: sonatype-deploy
|
||||
|
||||
on:
|
||||
push:
|
||||
tags:
|
||||
- "v*"
|
||||
|
||||
jobs:
|
||||
deploy:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: kamiazya/setup-graphviz@v1
|
||||
- uses: actions/checkout@v2
|
||||
- name: Set up JDK
|
||||
uses: actions/setup-java@v1
|
||||
with:
|
||||
java-version: 8
|
||||
- name: Build with Maven
|
||||
run: mvn -B install
|
||||
- name: Nexus Repo Publish
|
||||
run: |
|
||||
gpg --quiet \
|
||||
--batch \
|
||||
--yes \
|
||||
--decrypt \
|
||||
--passphrase="${{ secrets.GPG_PASSPHRASE }}" \
|
||||
--output codesigning.asc \
|
||||
.github/codesigning.asc.gpg
|
||||
gpg --batch \
|
||||
--fast-import codesigning.asc
|
||||
mvn --settings .github/settings.xml \
|
||||
-Dskip-Tests=true \
|
||||
-P release \
|
||||
-B \
|
||||
deploy
|
||||
env:
|
||||
NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }}
|
||||
NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }}
|
||||
GPG_KEYNAME: ${{ secrets.GPG_KEYNAME }}
|
||||
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
|
14
.github/workflows/draft-release.yml
vendored
Normal file
14
.github/workflows/draft-release.yml
vendored
Normal file
|
@ -0,0 +1,14 @@
|
|||
name: draft-release
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
|
||||
jobs:
|
||||
update_draft_release:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: release-drafter/release-drafter@v5.11.0
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
22
.github/workflows/maven-build.yml
vendored
22
.github/workflows/maven-build.yml
vendored
|
@ -1,22 +0,0 @@
|
|||
# This workflow will build a Java project with Maven
|
||||
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
|
||||
|
||||
name: Java CI with Maven
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: '*'
|
||||
pull_request:
|
||||
branches: '*'
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- name: Set up JDK 1.8
|
||||
uses: actions/setup-java@v1
|
||||
with:
|
||||
java-version: 1.8
|
||||
- name: Build with Maven
|
||||
run: mvn -B package --file pom.xml
|
24
.github/workflows/sonatype-deploy.yml
vendored
24
.github/workflows/sonatype-deploy.yml
vendored
|
@ -1,24 +0,0 @@
|
|||
name: Deploy to Sonatype Nexus
|
||||
|
||||
on:
|
||||
release:
|
||||
types: [created]
|
||||
|
||||
jobs:
|
||||
deploy:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- name: Set up JDK 1.8
|
||||
uses: actions/setup-java@v1
|
||||
with:
|
||||
java-version: 1.8
|
||||
- name: Build with Maven
|
||||
run: mvn -B package
|
||||
- name: Nexus Repo Publish
|
||||
run: sh .github/deploy.sh
|
||||
env:
|
||||
NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }}
|
||||
NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }}
|
||||
GPG_KEYNAME: ${{ secrets.GPG_KEYNAME }}
|
||||
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
|
Loading…
Reference in a new issue