-
Notifications
You must be signed in to change notification settings - Fork 4
88 lines (76 loc) · 3.1 KB
/
maven.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
name: Build cdoc2-java-ref-impl with CI
on:
push:
branches: [ "master" ]
pull_request:
branches: [ "master" ]
env:
ACTIONS_STEP_DEBUG: true
jobs:
base_setup:
runs-on: ubuntu-latest
if: ${{ github.event_name == 'push' }}
outputs:
base_repo: ${{ steps.base_repo.outputs.name }}
steps:
- id: base_repo
run: echo "name=${{ github.repository }}" >> "$GITHUB_OUTPUT"
fork_setup:
runs-on: ubuntu-latest
if: ${{ github.event_name == 'pull_request' }}
outputs:
base_repo: ${{ steps.base_repo.outputs.name }}
is_fork: ${{ steps.is_fork.outputs.is_fork }}
steps:
- id: base_repo
run: echo "name=${{github.event.pull_request.base.repo.full_name }}" >> "$GITHUB_OUTPUT"
- id: is_fork
run: echo "is_fork=${{ github.event.pull_request.head.repo.fork }}" >> "$GITHUB_OUTPUT"
build:
runs-on: ubuntu-latest
if: ${{ always() }}
needs: [ base_setup, fork_setup ]
steps:
- uses: actions/checkout@v4
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'temurin'
overwrite-settings: true #generate settings.xml
cache: maven
- name: Cache SonarCloud packages
uses: actions/cache@v3
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Cache Maven packages
uses: actions/cache@v3
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
- name: Build with Maven
run: |
echo "Debug env vars: is_fork=$IS_FORK base_repo=$BASE_REPO MAVEN_REPO=$MAVEN_REPO"
mvn help:active-profiles
echo "Using Maven repo=$(mvn help:evaluate -Dexpression=github_ci.maven_repo -q -DforceStdout)"
mvn -B verify --file pom.xml org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=${SONAR_PROJECT}
env:
GITHUB_TOKEN: ${{ github.token }} # GITHUB_TOKEN is the default env for the password
IS_FORK: ${{needs.fork_setup.outputs.is_fork}}
BASE_REPO: ${{needs.fork_setup.outputs.base_repo}}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_ORGANIZATION: ${{ vars.SONAR_ORGANIZATION}}
SONAR_PROJECT: "open-eid_cdoc2-java-ref-impl"
SONAR_HOST_URL: ${{ vars.SONAR_HOST_URL }}
# Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive
#- name: Update dependency graph
# uses: advanced-security/maven-dependency-submission-action@571e99aab1055c2e71a1e2309b9691de18d6b7d6