From 26cb26ed20a68d257f6e83a779acb2d3b21d2463 Mon Sep 17 00:00:00 2001 From: Paul Campbell Date: Fri, 20 Mar 2020 12:19:08 +0000 Subject: [PATCH] Replace Jenkins with GitHub Actions (#57) * Replace Jenkins with Github Actions * [changelog] updated --- .github/GitHub-Actions.org | 41 +++++++++++++ .github/NOTES | 53 +++++++++++++++++ .github/codesigning.asc.gpg | Bin 0 -> 9875 bytes .github/deploy.sh | 33 +++++++++++ .github/settings.xml | 28 +++++++++ .github/workflows/maven-build.yml | 25 ++++++++ .github/workflows/sonatype-deploy.yml | 24 ++++++++ CHANGELOG.org | 18 +++++- Jenkinsfile.groovy | 79 -------------------------- 9 files changed, 220 insertions(+), 81 deletions(-) create mode 100644 .github/GitHub-Actions.org create mode 100644 .github/NOTES create mode 100644 .github/codesigning.asc.gpg create mode 100644 .github/deploy.sh create mode 100644 .github/settings.xml create mode 100644 .github/workflows/maven-build.yml create mode 100644 .github/workflows/sonatype-deploy.yml delete mode 100644 Jenkinsfile.groovy diff --git a/.github/GitHub-Actions.org b/.github/GitHub-Actions.org new file mode 100644 index 0000000..1c882b8 --- /dev/null +++ b/.github/GitHub-Actions.org @@ -0,0 +1,41 @@ +* Deploying using Github Actions + +** Actions definition: workflow/sonatype-deploy.yml + +When a GitHub Release is created, usually from a tag, this action will trigger. + +Using JDK8 the software will be packaged, including running any tests. + +Then the Deploy script will sign the created artifacts then deploy them according to the distributionManagement configuration in the `pom.xml`. + +** Deploy Script + +Uses a signing key provided from the GitHub Actions Secrets as an environment variable to sign the artifact(s) before they are then deployed. + +*** Inputs + +**** DEPLOY_PROJECTS (optional) + +An optional list of modules in a multi-module project to be deployed. If this value is not specified, then all projects will be deployed. + +** Maven Configuration + +Picks up the credentials from Environment variables for authenticating both with GPG and with the target deployment server (e.g. sonatype-nexus). + +*** Inputs + +**** NEXUS_USERNAME + +The username for your account on the deployment server. + +**** NEXUS_PASSWORD + +The password for your account on the deployement server. + +**** GPG_KEYNAME + +The key to use when signing. + +**** GPG_PASSPHRASE + +The passphrase to unlock the key to use when signing. diff --git a/.github/NOTES b/.github/NOTES new file mode 100644 index 0000000..64253c9 --- /dev/null +++ b/.github/NOTES @@ -0,0 +1,53 @@ +Add subkeys: + +???? + +Publish: + +gpg --send-keys --keyserver keyserver.ubuntu.com $KEYID +gpg --send-keys --keyserver pgp.mit.edu $KEYID +gpg --send-keys --keyserver pool.sks-keyservers.net $KEYID + +Backup: + +gpg --export --armor pcampbell@kemitix.net > gpg-key-backup.asc +gpg --export-secret-keys --armor pcampbell@kemitix.net >> gpg-key-backup.asc + +Export sub-keys: + +gpg --export-secret-subkeys pcampbell@kemitix.net > subkeys + +Remove master keys: + +gpg --delete-secret-key pcampbell@kemitix.net + +Import sub-keys and clean up: + +gpg --import subkeys + +shred --remove subkeys + +Delete any encryption subkeys: + +gpg --edit-key pcampbell@kemitix.net + +2 +delkey +save + +Change passphrase: + +gpg --edit-key pcampbell@kemitix.net +passwd +save + +Export keys: + +gpg --export --armor pcampbell@kemitix.net > codesigning.asc +gpg --export-secret-keys --armor pcampbell@kemitix.net >> codesigning.asc + +Encrypt keys: + +gpg --symmetric --cipher-algo AES256 codesigning.asc + +shred codesigning.asc diff --git a/.github/codesigning.asc.gpg b/.github/codesigning.asc.gpg new file mode 100644 index 0000000000000000000000000000000000000000..f5c71e0bcd94084c026a3726820e37bb7e6ff004 GIT binary patch literal 9875 zcmV;ECT!V^4Fm}T0&>$c51E6gum95R0g905Q<&uAp6nMibCS+z!AzFfJr&LKDKfnm zCXzc|!F(gIunfP4a3GXY;AR_CDq%~TTT_HMz!}UlPyVG8Tn&%|OGHW;Xw~bx_ay1i zzWTddH}6O8DuSyKsR(`q`t?O%L-TE;Qi|0bAli0IX|mZHDAwTM1rloA^3sm#)a+^S zBSI7(qHQF3zeUExP5IqyIAc%Fane3wn;c6lX*Gp*M4CaR%%MPpSF9iic5TGgI)h^8 zSM~x1M2`QV?w?WD*ivz{S5j?Of;<-G*^qw6{uBb|3gZD=rRo`&4+-QWZMB^oct!Ehli?Yt zQyM!}r-tNPT?hBUe1WyJ%N2h@6h5Bta=ZLIJcuTqcphhPq^qiRU?>C6Ae(Xtf`@M# z%-Ef4!%b7|jx*fN$#QFc9OS@TWhktevRbbrq5{3KyPV|ijtpS(iX<6s_LK1_lg;~q z>JOj(%<6h_z1>2j1da#>Qw0mJJqTLPW=iJ`xb+oR&RgJaZT9Vr7mfHCm!Zp@l z)`v~CsGsQ6?J;y`kJzvlj3^@d#d(nh`z2w%HDp{c2feezUyCKkG{s-<(+d%Xuc@gH zrA)I~XcV#iia@j;*m^TD>gquvbV?ZZrHW4Hpa{H`4(A;BsHl+1+KX_7Fi|tmm)4z6 zWBvd9N+2{k^(nn04tZEq%}H6vXE@J2D&E53%W5vR0oyAbM+}ZMSdRJgC8v!)o?Y)? zt$Yelq7_o?a;0BUDTskf=L+gm=o+fgulc66ENZYX9*)^{puGW&F(&3ia%4(*AYWLo#&+EhYMU;PQw~HFIXgwY7LhaOAEmJX87Gf z{Cqr<-eO*e*<)09-DyM9@}k4YSV|=w_8IkZz~Dy8Nc^HVAtj+zUK?3kRAnPH!1P(@ z$&(|15Sy}Fe+aZ}F8#AcQc~Fr+#K_|)c`l(cYZc*i(%w|HF?)^@^@)459tdf1#P<` z{dO1qH2U%@;0eWwH_2G`;i>@k9O)g^D<9GQGm~tmnm{jCBW;KzGko8u2?9$c-MRd6 zO=7_Mj(BHUQLgEMnRNyM2GEEifHXlM5qzK#6z9Zi1uWiea4aG=lZv6RhTZfAW)@ ziN83oTyTsC>+5cP0q2jrm1k}2?q>Tqo+_@fr%J=iyc1sY!2^2;>Af@ojC(@Tokvzb zwpy%Y+FUuHgUQ5@Dvw)F;YDQhyAR9Cx@t0s%dbJN?xJju4B*&7txhR))zKI6EOWj( z5Gn|IoZqHh%SYOr#6)Sh6W*OT3*1&D$iRcdWd}(U2*~eYSBlrSE_DM)h!~E+*kfYvK~p8AmxM9gM*!+9pprh3eXZW|3S*vloPkXjio2svpcv z;og=S&`TTQ16Sxg;ei*ou&9FO2m~J#CNEO+5sZ}p|IB#~%$|yT+%X9^U3#cfS=zHZ z;O8O4hRoFrpfN2O+pL|XQOYs)DrUyvU@C-7EFIG;^c=W#O3ki4tp1w+vXxSG^bS_~ zKg!eN&#ShgjF5~;2QGrRB^2PFIBO=UYjKKH=WOAHn}!G(_vaQu9dsiHh%bFO67>tR zt2ILG?aJS9Lwo0;NHISfRTl#aWu$*xn>VA+1Uf!{0#ZWzDOu)QSvh0~dXR7aJk7Kl zq*u)h?0ot95$(FftQ9uttU@yO=ES$7E15N6d(ohQN1E1$MZRbTu%zgn(5Yo2-wfqO z{;z#eGK8ooO(R9Y3pRuWx$s4ZYw=Up$~2(|F7qg;e`J^tk5ne%SH1EGj#2BX-l{a5 zLN$tNB`;2G-4n=hvYOZwR;@}?b#K)#ti3AeG4NWr=?GD>@(+8#Jv=3`BAkq0Db-_k z%sKDT-%DVFS50YS!TR};MS|{VCSY!_>8cielizq(j-l#0MhI#=iFXr?gd6MAjs4(e z|G_~s=2b#3SuRDMnEP8$t3(q;@gS-%yukOa0&d!RS5>@ap$)Xp&|9wHinsn`=2c?8xwYx!@?jyLXG`5$I-Y$22$k;{6SsyIKU?bnwBWuF zfDYsYTz`8ltfH|L3|q^9^7R`aw*t53to`!Dqn`=iV4Pg)-e@q#8u!cP#J#WgyM5hJ zSx<-eG(Fc|+bt3X$Y1>MDS*#S1x87gAFC1i&V>?kyMg_jttmXAo~@GLq*g*8M&=%m zwQdTSd!Uw5wq_7@Eg#sM8v1FL<0S*Z^X@_XktpQI%_c#3-i*xkL)&VV=zkZ`5b@c{ z8_ zJG5AHDB-?tW zINxXfYZZ)pb>Crd?NFAlq4?ytA)rKH8e`}h^LSQYQe`U3R!oqO6gWyI7zHecl@gc8 zVO!HqoKS8ths}@ITg({9Z|YlNftMw(jV>#9m-Ag0Bk9^>`FL1ppo@`YpT)PkS=O4Y zpyCGD#T5%6ip4ykah0f`FGYlZXJ?U=RObmY`fPR#anOPX?pWTTRJ~6_cW_(q-CR{r z2nf#yS;rNrjhKfzYh`Y&%ELK=8jrT^D zUoFj?e^Yg6!#a6LWp{WNrxAqAaqbhPSs?e6j$(aSO=OO3|6g3^S`Q3Y= zF(JEm+mD>3CfbIAKGL<1YSIbtr5&ql4HOLHcw#sVu1!RdT6elSn)#|41tU6L;d&s_ zgj<>Sf*YjqMBPX=*p!=?GI}~$E8Jf3q~OwUS=&($_2m;wqrsL9_P3l+G78>x?Kb9Q zhIsg(1@jt!q~vPr#~C-rSFHD;z6(~_#7pKkaXq;TtV|@GS|Uewun_@Cw`i)vlq781 z#rMd!AMY(GPLORWxK22wrjcBWANVWi1bZ3UaBX<%R3-faIH4@$e*tcRi5yBGe$B6n zPXvF=yz=#q<}`omW-6ClC^or|YBZAI+*v2C)68hdE<0)~o&M1CuEUZ2;6`kg!Qct% z1s@ao6WPM>w?B&D5g4Fa4+6dARbc}MhO3wmW%;t|Ld)Hh>;W7^ii`7JwyNrPBg8;P zHKy-OSE^Zpadfn8{V7gx;nfsNSS%mK9B*&D=+Ct%uEvo4k;Sa_Y4o+Qf# z1TuNXv#IX@6J{0Cipa3Fwu1WB&SET$$ym_vpeFf}6l{hBBqeh2q+Q*S^Nb?D@@$V{ zNzG-?;wmT{v^|K@810=v6lJ{Rq$mO~PpS*~M=wu|8kr9G@<-$c5=e}Y;{#H3vs<8z z4$u7;{-u%kw1tsr}2$P+f{2*xEMNXCKE`8KBCzOkN2| z=+aGadWW>ajDUL3t>(fd*#gLPP1)bJ7IvW~ve37L&M@TAo%Ncz(xu)^8r1trjlE@d zYLY9|#QWmngXtz`oXxra^GGk`CTMM>J{n$K(_5_RZ=kgHd*oUYB~tXs$?PHHh3=pX zdeyUYrLVly+>YNMZT(#%j}`jZANI3raB9oNeW{&OJ?iguXnGcuN-VdIeNZErFlevu z3Y@lZS5s51PNtgF20D(Pp4qHjU*)avZL8dgQV~(n%+1X&RLW`##+IwgPd8_yq{bA_ zdBIRSCsz%fJ!m1Lw+#Z#VMePe}(HLf2ReG@UlS&r^0xFQ1* z>Nf47#Yc&|63XNc>1E-GBxn2V>|6SP8uu(2QZ}DIpP@SJ}kCLj&2K+PNvK*xmUkh^&H)sIU0T*P3Pt* zG!f!;+mrAs{@Yzj^U3*fH_aP(`Gp%nRsb$q^0PKMgYyIhjH_AMj*)-2F%q2uF0Ur23Zb_1ARi!6|>4bD9rBn~jcPORZ+PiUqZa73ZSpyz1Ma-|E9_p6rMQgtBPP znY8~TgCnbDJXX@aDg$B^?R<33ULT{PWYt8S$jkiWBuYcD%>&>`R0W5BqhcCKsr(eW zK$2E@%ZYjZ-=d&?59vy5`Mb%nsBismPlW-5_3}PUJ@V)Gr3`ryB_G*7*l&3y{B$;6 zE&u=FP15P7F9Vb}^lKP6C^%*gwggU()Iy)t3MdHno>Ch}xGUUwaclj|y{VkW^fXC5 zyQf?^l#*=78{W&-=ug^h&?E9PS5G86VvV5V%>tH?Oy6H(~ChHe7j0`{% zBA=hp?Mx!m8Q7|%P_KrEsP{`wRTGk2!od<=02%+-JZKHI!)K zjSg_`_$8GtPu(lBr5t_9QjDa_X&Gybu-GxjLntg^dTUn0@HWb^^!H!-BWoGODaf(ttq#!d#u!C$ek^ zDm5zg^-ci>xYyU2YQWQ)t%ps06niS)siNWL6!NcI+{~rrIUQ^R-`)fpaqS}Xf=?9i zZGQHn38zsIYX0x0Oq?JB8=k{8%JbR?TlNJKno(G1Hh$rjjGW@Gzm~{IqavJ?LoCqd z|KgP!H*HbOT=v|unI4t(YB^Hjcb=NPC96C~5%+0+cT{-80zi+=0>j6w%E3!M4vRNi zEwA=dT3>e{HWyO32>Z_mVO1fn4eBq;;OnNjZzg$aVcfY4)3fag&TLFg ztu8b&4MBK%yNK3PKS&)@L-97qN}I)S06PF za}^?}M({#Sgx0C--!UuL)Mf%kM5PRc^gDwQWBC4 zyYHf`)-`$+m*{=O10jGc?y)Fn0a!(>ozrFvW9tv+rI?H8_{$EY_nU)@@-OIIO%X4v zVR|)_(GpFHk+Q#PYS!J{4?SBAZ+|)SOqw`j8tIfDXi$2?wtPS-J43GE)xsHXeVzJO z7wJrg8&j-eELTH)Ssj@-IZ)Agxh|WDV z7x?aji~A@*-lOHOePtfLc%?8_3mhL=%~gAn3IX!&Tdo?rO0`~Q9P`M|2l(^j7X{*g z_+v&u@O4Fv$mqBfpWc8gOd4ex}k0 z>a?nrE^oNmypfBAbYTKgKyuq2I+%7i1R71dzsR))4|ydTRn>T7$Prs+#boe$UA%IW zk%x^ZwoGl1!h@fNE0{FziVKpy*7#zwsvWY{6c_e6IR?gwNmxows9SO@m1+i{P(=RP0D+t>^52RUb(?H|$4!024a(ZT!Ol`acSr~BVdZl9={D%#bSUB=Bwb zHdrAA#AOJXC>p4Jn};y71BV8wm-eGvq!`d>V=~wb^W6DL_YDSx6ex4*vZE&TCoI=!4yKCDXdxzD8}A8xLEAwh{V#)g%10+-^B+LsT~ikGw{Pz8O+j&kakf?%MaY zvBDGFhKTpO)Q(fzddl!zFIe#bMnUpV*}@tM<+2>63K~F?Gt#8>adDT;oe4MVK7{#l zbUab@%oI;s-OCNtyNYR4k9+pJJlB%~7i>{Ot2g!mYlwm?Y-l%VO~E+i`T0psj<7?n z4&vj!fu6RVdvpYuZb_q4kN}Lo^kCi=xs~akvcvC&X})!podl$L7-RZ(}q3KHF^H>GY8X)nK5*3!fnZGHZ)~* z9czUMO0etTc8ebpQ^QW>34?*l83%H?dFGkzB&Qn_J^%ZrK^UsCo!THUk}vmX%sVK+ z|0fRLWcXaD(?M%UdgORPP}e9|)D|G?ug4{5jNe!8>2}hC`*30@oaL-{!*CXF!q&gG4#&Qr1#!9P+x%)2mGbPg^Wj|^ zWg-~+fA-*>kqg4%7LjFgT*Te4GY6AW#DAKAIUl%2#`a9`fU~Htbv5Za-Q30dT=926 z=+m#y%K6?TgkAZi+-2IuCt3R7nK|k7BV$e*(DLA1YYdzEW)fX&kS`@o>oEXq zVc{OTHBDv2>ERChxI7^LlU8nX>522fz~})CRjUV+urZ}~Uq7+d!+QoZYwOBw%}DiKXz^afUoWy}vBKPuJV1XC1CyUGA50!5y)I%GrjX>7_;rT%y=}J zn-N?rnC8q*_B0%+p6aQhlhl-~inMkjwu$fN#HU2mq;$NE8*vyZS?JYa-GrOX8HhM0 zYpVN4Bm_nZAip4or}vJ190Y@L4x@M3=_>7=_k~DqzZ6$BNbw%ZNzXM6$`J>CI;uqb zlQJ8CFG>!7*|u(4V;SN>gk%nahTTzoF8-wskZsg@9aB+%k-90Jn|xum#F!6#_LKST zAcom@`C+q4mZ`(DIJ#+rHkb;(Fx9Ny^{BGJuk4iGhVs@zWo>{xyydyr)vNP)qaRl@ z>xY{r-9V4LwW>NbmiS!P;5qxq+i^(?7t%+Aqqr^k7@GZ*3AAMPmV=DT_Q^bfiUkqn z%{s~KDN?b(wu2qw*9B{eV`WMKU;L7 zwcLvc@@R!F5oDViT*9GZN5fRxVw1xijA&jpxz0uq6OeSVo}XaM&^tKhYuesPCjm}K z!|_0cuU+%k9nSx1Utt4ze9k$^hTj(Xdr7Z-Je7mhqya+v?q|y=+LqA~jO~m>U(X9W zql*lK&QF0fYjJ{s!$G#hId{24Ws)6lEQ0(bX=pK6VXGi{4b$|GqLIVlb++1XSF?H%2C(ZVX4HalbF6 zSutVLx{bxjtf6O@1-FTNL`E{c2A8vRX?>};YwT_!`-Zc-!5Fy$xTW;56D6qDQOglVvORIQTd$Wd>J3rz(2wpmV7Z5@}`Z#Y20l2C$YIlSFW0WN)SLg ztY**F@V~QQ^F@}e>46R8C9I>KS7AUQ+PA>qE28LbSxTN1Pe>*a(K1pUID(ht93Vi- zlq)B2$%mc8=}Bys8)=Mmg~|Gx>q{6aprj)jvX9_?iL!9naeLDbtd>rod=}_2n>RA0 zgwu_qznIfPvgT&pSCXz)OviPBAeL6r-(=&7mm3g&<#D_4JKjn8d~x z1msCOalsc{81{>$b_~15CqMy#R~$Q*Q+!vyjG;SNEscwvdIA|Fm#giX3k@o4Iv)Z= zE0$>IvO0P~`c^Ai-hd-yX3D<>2KO=WhMbfjepn~%ZV08b0c4v`U8&8^L-*eIsL)>?$F&~{p#+(I9u)S3BeAyXTtZ`NxHZtR0pcg!xy^MN z9sr$zb@1{H$O*>J$G8YhHby0(Zc((NiWksDA0Z7aqFv^9Yn>5CB@lcuhEB{5hr^=@ zXTCxJ$IEnueU2}Jr(paIU3n&!QxdRdw5-}WJKDZ?#SJZD-3-l%Dr zjS#o%U;yNvm$3zVpejvnWU~jxgXrO$Uco&a?CX7%I`3b58|fCXA&t*L$@Fry1SS&` zEN`J#;&N_0?Q`*c+&afT3@Q9aIhr*@exJL9KN+1`n-&vsrOOu{_WJ1oC>BNDt?TJ{ z!;Waq;;fp7p$n3^{8ibqy74lkmF5t$ro!Gr@t?tO+s^EvB$VzL}0kSfteya1a3Dk?h>tFGM;p8 z_;*47t@Eljfti~wXBR^{M#qj*UkKpou>5vzj2ng=OhZ}UyF7scBE-J|eoFatUw0qFYBx+mEN0We*3J-PbphC{pIXP*KXM-us-KFD7d&!7;r`p6G03S2iJ3-8 z%|29}beAPZ=^n$qTd#9A9juknukvy|YtwVZbvb?n>TI~SR#8g-WO4AYv?_fNL*9A* zbZ#li#8-{^DIbHRLF_3%#YgYN&?Pvk&oJIY6cw+(NzcUEsk8ALB_8musFnV8{T~ro zyps;n%{C)zrPR>pk@K5o(U7SYm1Ms)h_c2OYFARRB<2=YC-+AXSKh0`Iw!XnkW4jP za)UIvTU9PBss)g7FG*{-U4-SHDVXfyaQHV-0;UrqO1nzt!p&F2+omwrD6_0Cg z>2?SUN82dC%gD1)Tn1+o+MSc%1J^v@^VF<0?`S#q*_c6n2%wCo<7SS3zu+YQzq{}9 zhIf)sQ{$iRmT@=$dqX%RqUn*P4%IQ%mEfsDf}VDMXdOM}L7npa&8DT5b2akpw+FgN z0<-E!3E3^AL(eKO8`rjj;zhpO)`yS8Cewo{^ynLoTIcGyn7hqbmNJbFt)c!_MN{Q7 z$tU6=;75aiH|+I9S+8&sD8U#(-$Sk5J4N|Gw{0ILxmf=VU+IOb`D;Z2&Oz5fwBtsm z4%fpo019mDVWve{FKp+TtoWwYxHi#h2QKo7bJ>B3uq2k0rBp&5*C){1(pmq*Mx*hWD_0lXz@ zhD)6m!0)J>P>;2lJ5FXIuvut!!27;;Lo*AbqiLnN0c63g20FzMH8Yn>;sg6;-%w+# z%I`fv8a|f|T6t#O?0M495rPC?FZ(0a1DRE15A%g;C&Ywuk}vlOT&~HpJ@(h)#F=CM zmK@m8oA-ZMk_$_2bGAu}!mTD0_mR7&w@JWI4;36w@o0u?*+3s<${_$$^1&SbfU62= zxANERyNW&$W%=$~-igirtywJD FO%j@IVfX+5 literal 0 HcmV?d00001 diff --git a/.github/deploy.sh b/.github/deploy.sh new file mode 100644 index 0000000..384f4b6 --- /dev/null +++ b/.github/deploy.sh @@ -0,0 +1,33 @@ +#!/usr/bin/env bash + +# Decrypts the signing key in .github/codesigning.asc.enc +# Imports that key +# Uses .github/settings.xml and the release profile to deploy + +echo "deploy.sh: Starting..." + +( + cd .github + + echo "Retrieving GPG Private KEY" + gpg --quiet \ + --batch \ + --yes \ + --decrypt \ + --passphrase="${GPG_PASSPHRASE}" \ + --output codesigning.asc \ + codesigning.asc.gpg + + echo "Loading signing key" + gpg --batch \ + --fast-import codesigning.asc +) + +echo "Releasing..." +mvn --settings .github/settings.xml \ + -Dskip-Tests=true \ + -P release \ + -B \ + deploy + +echo "deploy.sh: Done." diff --git a/.github/settings.xml b/.github/settings.xml new file mode 100644 index 0000000..8791e47 --- /dev/null +++ b/.github/settings.xml @@ -0,0 +1,28 @@ + + + + + sonatype-nexus-snapshots + ${env.NEXUS_USERNAME} + ${env.NEXUS_PASSWORD} + + + sonatype-nexus-staging + ${env.NEXUS_USERNAME} + ${env.NEXUS_PASSWORD} + + + + + gpg-sign + + true + + + gpg + ${env.GPG_KEYNAME} + ${env.GPG_PASSPHRASE} + + + + diff --git a/.github/workflows/maven-build.yml b/.github/workflows/maven-build.yml new file mode 100644 index 0000000..470baeb --- /dev/null +++ b/.github/workflows/maven-build.yml @@ -0,0 +1,25 @@ +# This workflow will build a Java project with Maven +# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven + +name: Java CI with Maven + +on: + push: + branches: '*' + pull_request: + branches: '*' + +jobs: + build: + runs-on: ubuntu-latest + strategy: + matrix: + java: [ 8, 11, 13 ] + steps: + - uses: actions/checkout@v2 + - name: Set up JDK ${{ matrix.java }} + uses: actions/setup-java@v1 + with: + java-version: ${{ matrix.java }} + - name: Build with Maven + run: mvn -B install diff --git a/.github/workflows/sonatype-deploy.yml b/.github/workflows/sonatype-deploy.yml new file mode 100644 index 0000000..192bf3c --- /dev/null +++ b/.github/workflows/sonatype-deploy.yml @@ -0,0 +1,24 @@ +name: Deploy to Sonatype Nexus + +on: + release: + types: [created] + +jobs: + deploy: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Set up JDK 1.8 + uses: actions/setup-java@v1 + with: + java-version: 1.8 + - name: Build with Maven + run: mvn -B install + - name: Nexus Repo Publish + run: sh .github/deploy.sh + env: + NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} + NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} + GPG_KEYNAME: ${{ secrets.GPG_KEYNAME }} + GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} diff --git a/CHANGELOG.org b/CHANGELOG.org index c7533fc..8d68c43 100644 --- a/CHANGELOG.org +++ b/CHANGELOG.org @@ -22,11 +22,25 @@ Dependencies - Bump assertj from 3.11.1 - Bump lombok from 1.18.2 -* [0.7.1] - 2019-03-02 +* 0.8.0 + +** Changed + + - Replace Jenkins with Github Actions (#57) ** Dependencies - - Bump tiles-maven-plugin from 2.12 to 2.13 (#40) + * Bump hamcrest-core from 2.1 to 2.2 (#50) + * Bump lombok from 1.18.8 to 1.18.10 (#49) + * Bump assertj-core from 3.12.2 to 3.13.2 (#48) + * Bump tiles-maven-plugin from 2.14 to 2.15 (#45) + * Bump lombok from 1.18.6 to 1.18.8 (#44) + * Bump tiles-maven-plugin from 2.13 to 2.14 (#43) + * Bump assertj-core from 3.12.1 to 3.12.2 (#42) + * Bump lombok from 1.18.4 to 1.18.6 (#41) + * Bump tiles-maven-plugin from 2.12 to 2.13 (#40) + * Bump hamcrest-core from 1.3 to 2.1 (#37) + * Clean up changelog and readme, and remove external build dependencies (#38) * [0.7.0] - 2017-02-18 diff --git a/Jenkinsfile.groovy b/Jenkinsfile.groovy deleted file mode 100644 index 60b94b3..0000000 --- a/Jenkinsfile.groovy +++ /dev/null @@ -1,79 +0,0 @@ -final String publicRepo = 'https://github.com/kemitix/' -final String mvn = "mvn --batch-mode --update-snapshots --errors" - -pipeline { - agent any - stages { - stage('Build & Test') { - steps { - withMaven(maven: 'maven', jdk: 'JDK 1.8') { - sh "${mvn} clean compile checkstyle:checkstyle pmd:pmd test" - // Code Coverage to Jenkins - jacoco exclusionPattern: '**/*{Test|IT|Main|Application|Immutable}.class' - // PMD to Jenkins - pmd canComputeNew: false, defaultEncoding: '', healthy: '', pattern: '', unHealthy: '' - // Checkstyle to Jenkins - step([$class: 'hudson.plugins.checkstyle.CheckStylePublisher', - pattern: '**/target/checkstyle-result.xml', - healthy:'20', - unHealthy:'100']) - } - } - } - stage('Verify & Install') { - steps { - withMaven(maven: 'maven', jdk: 'JDK 1.8') { - sh "${mvn} -DskipTests install" - } - } - } - stage('Deploy (published release branch)') { - when { - expression { - (isReleaseBranch() && - isPublished(publicRepo) && - notSnapshot()) - } - } - steps { - withMaven(maven: 'maven', jdk: 'JDK 1.8') { - sh "${mvn} --activate-profiles release deploy" - } - } - } - stage('Build Java 11') { - steps { - withMaven(maven: 'maven', jdk: 'JDK 11') { - sh "${mvn} clean verify -Djava.version=11" - } - } - } - stage('Build Java 12') { - steps { - withMaven(maven: 'maven', jdk: 'JDK 12') { - sh "${mvn} clean verify -Djava.version=12" - } - } - } - } -} - -private boolean isReleaseBranch() { - return branchStartsWith('release/') -} - -private boolean branchStartsWith(final String branchName) { - startsWith(env.GIT_BRANCH, branchName) -} - -private boolean isPublished(final String repo) { - startsWith(env.GIT_URL, repo) -} - -private static boolean startsWith(final String value, final String match) { - value != null && value.startsWith(match) -} - -private boolean notSnapshot() { - return !(readMavenPom(file: 'pom.xml').version).contains("SNAPSHOT") -}