Alex/v1 update pipeline and veracode #300
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: lf-api-client-core-java-CI | |
| on: | |
| push: | |
| branches: [ '\d+.x' ] | |
| pull_request: | |
| branches: [ '\d+.x' ] | |
| # Allows you to run this workflow manually from the Actions tab | |
| workflow_dispatch: | |
| env: | |
| VERSION_PREFIX: 1.1.1 | |
| jobs: | |
| build-n-test: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK 8 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '8' | |
| distribution: 'temurin' | |
| - name: Build with Maven | |
| run: mvn -B package -Dmaven.test.skip=true --file pom.xml | |
| - name: Run tests | |
| env: | |
| ACCESS_KEY: ${{ secrets.DEV_CA_PUBLIC_USE_INTEGRATION_TEST_ACCESS_KEY }} | |
| SERVICE_PRINCIPAL_KEY: ${{ secrets.DEV_CA_PUBLIC_USE_TESTOAUTHSERVICEPRINCIPAL_SERVICE_PRINCIPAL_KEY }} | |
| run: mvn test | |
| - name: Publish Test Results | |
| uses: EnricoMi/publish-unit-test-result-action@v2 | |
| if: always() | |
| with: | |
| files: "target/surefire-reports/*.xml" | |
| build-documentation: | |
| runs-on: ubuntu-latest | |
| needs: [ build-n-test ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK 8 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '8' | |
| distribution: 'temurin' | |
| - name: Create temporary directory | |
| run: mkdir -p ./docs_temp/${{ github.ref_name }} | |
| - name: Generate Javadoc | |
| run: mvn javadoc:javadoc | |
| - name: Move javadoc files to temporary directory | |
| run: mv ${{ github.workspace }}/target/site/ ${{ github.workspace }}/docs_temp/${{ github.ref_name }} | |
| - name: Upload a Build Artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: documentation-artifact | |
| # A file, directory or wildcard pattern that describes what to upload | |
| path: ${{ github.workspace }}/docs_temp/${{ github.ref_name }} | |
| - name: Delete temporary directory | |
| run: rm -r ./docs_temp | |
| publish-documentation: | |
| runs-on: ubuntu-latest | |
| environment: documentation | |
| if: ${{ github.run_attempt != 1 }} | |
| needs: [ build-n-test, build-documentation ] # wait for build to finish | |
| steps: | |
| - name: Create temporary directory | |
| run: mkdir -p ./docs_temp/${{ github.ref_name }}/html/ | |
| - name: Download a Build Artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: documentation-artifact | |
| path: ${{ github.workspace }}/docs_temp/${{ github.ref_name }}/html/ | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: us-west-2 # Use your bucket region here | |
| - name: Upload docs to S3 bucket | |
| run: aws s3 sync ./docs_temp/${{ github.ref_name }}/html/ s3://apiserver-publish-client-library-docs/${{ github.event.repository.name }}/docs/${{ github.ref_name }} --delete | |
| - name: Delete temporary directory | |
| run: rm -r ./docs_temp/${{ github.ref_name }}/html/ | |
| publish-production-package: | |
| runs-on: ubuntu-latest | |
| environment: production | |
| if: ${{ github.run_attempt != 1 }} | |
| needs: [ build-n-test, build-documentation ] # wait for build to finish | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Apache Maven Central | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '8' | |
| distribution: 'temurin' | |
| server-id: ossrh | |
| server-username: MAVEN_USERNAME | |
| server-password: MAVEN_PASSWORD | |
| gpg-passphrase: MAVEN_GPG_PASSPHRASE | |
| - name: Import GPG Key | |
| run: | | |
| echo "${{ secrets.MAVEN_GPG_SECRET_KEY }}" | gpg --batch --import | |
| - name: Set Java Package Version environment | |
| run: echo "PACKAGE_VERSION=${{ env.VERSION_PREFIX }}" >> $GITHUB_ENV | |
| - name: Set Java Package Version | |
| run: mvn versions:set -DnewVersion=${{ env.PACKAGE_VERSION }} | |
| - name: Publish to Sonatype | |
| run: mvn clean deploy -Pdeploy-to-maven -Dmaven.test.skip=true -Dgpg.passphrase=${{ secrets.MAVEN_GPG_SECRET_KEY_PASSPHRASE }} | |
| env: | |
| MAVEN_USERNAME: ${{ secrets.MAVEN_USERTOKEN_USERNAME }} | |
| MAVEN_PASSWORD: ${{ secrets.MAVEN_USERTOKEN_PASSWORD }} | |
| MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_SECRET_KEY_PASSPHRASE }} | |
| - name: Tag commit | |
| uses: rickstaa/action-create-tag@v1 | |
| with: | |
| tag: ${{ env.PACKAGE_VERSION }} | |
| commit_sha: ${{ github.sha }} | |
| message: Workflow run ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} | |