-
Notifications
You must be signed in to change notification settings - Fork 4
40 lines (38 loc) · 1.76 KB
/
ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
name: maven build
on:
push:
branches: [ "**" ]
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v4
- name: Set up JDK 11
uses: actions/setup-java@v4
with:
java-version: '11'
distribution: 'temurin'
cache: maven
# - run: echo "$MAVEN_GPG_PRIVATE_KEY" | base64 -d > gpg.key
# env:
# MAVEN_GPG_PRIVATE_KEY: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}
- name: build with maven
run: mvn -B -s settings.xml clean install -Prelease
env:
NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
SIGN_KEY_PASS: ${{ secrets.MAVEN_GPG_PASSPHRASE }}
SIGN_KEY: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}
MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
- name: notify dependencies
run: |
set -ex
mvn dependency:list | grep 'SNAPSHOT:compile' > dependencies.txt || true
mvn -q -Dexec.executable='echo' -Dexec.args='${project.groupId}:${project.artifactId}:${project.packaging}:${project.version}' exec:exec | grep :jar: > artifacts.txt
echo "{\"event_type\":\"update-dependencies\",\"client_payload\":{\"project\":\"${{ github.event.repository.name }}:${{ github.head_ref || github.ref_name }}\",\"artifacts\":\"$( cat artifacts.txt | awk -v ORS='\\n' '1' )\",\"dependencies\":\"$( cat dependencies.txt | awk -v ORS='\\n' '1' )\"}}" > dependency-action.json
curl -n "https://api.github.com/repos/CI-CMG/maven-dependency-build/dispatches" \
--header 'Accept: application/vnd.github+json' \
--header "Authorization: token ${{ secrets.RELEASE_PAT }}" \
--data @dependency-action.json