-
Notifications
You must be signed in to change notification settings - Fork 103
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add GitHub Actions and Sonar support (#237)
- Loading branch information
Showing
10 changed files
with
218 additions
and
30 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
name: Publish | ||
|
||
on: | ||
push: | ||
tags: | ||
- "*" | ||
|
||
jobs: | ||
publish: | ||
name: Publish | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v3 | ||
with: | ||
fetch-depth: 0 | ||
- name: Set up JDK | ||
uses: actions/setup-java@v3 | ||
with: | ||
java-version: 17 | ||
distribution: 'temurin' | ||
- name: Cache Gradle packages | ||
uses: actions/cache@v3 | ||
with: | ||
path: ~/.gradle/caches | ||
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }} | ||
restore-keys: ${{ runner.os }}-gradle | ||
- name: Test | ||
run: ./ci_test.sh | ||
- name: Publish to Gradle Plugin Portal | ||
env: | ||
GRADLE_PUBLISH_KEY: ${{ secrets.GRADLE_PUBLISH_KEY }} | ||
GRADLE_PUBLISH_SECRET: ${{ secrets.GRADLE_PUBLISH_SECRET }} | ||
run: ./ci_publish_gradle.sh | ||
- name: Publish to Maven Central | ||
env: | ||
FILE_ENCRYPTION_PASSWORD: ${{ secrets.FILE_ENCRYPTION_PASSWORD }} | ||
SIGNING_KEY_ID: ${{ secrets.SIGNING_KEY_ID }} | ||
SIGNING_PASSWORD: ${{ secrets.SIGNING_PASSWORD }} | ||
SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }} | ||
SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }} | ||
run: ./ci_publish.sh -s |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
name: Test | ||
on: | ||
push: | ||
branches: | ||
- master | ||
pull_request: | ||
types: [opened, synchronize, reopened] | ||
|
||
jobs: | ||
build: | ||
name: Test | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v3 | ||
with: | ||
fetch-depth: 0 | ||
- name: Set up JDK | ||
uses: actions/setup-java@v3 | ||
with: | ||
java-version: 17 | ||
distribution: 'temurin' | ||
- name: Cache SonarCloud packages | ||
uses: actions/cache@v3 | ||
with: | ||
path: ~/.sonar/cache | ||
key: ${{ runner.os }}-sonar | ||
restore-keys: ${{ runner.os }}-sonar | ||
- name: Cache Gradle packages | ||
uses: actions/cache@v3 | ||
with: | ||
path: ~/.gradle/caches | ||
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }} | ||
restore-keys: ${{ runner.os }}-gradle | ||
- name: Test | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any | ||
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | ||
run: ./ci_test.sh |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2,11 +2,11 @@ | |
.gradle/ | ||
.* | ||
!.gitignore | ||
!.github/ | ||
.settings/ | ||
build/ | ||
out/ | ||
bin/ | ||
gradle.properties | ||
*.iml | ||
*.ipr | ||
*.iws |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,15 @@ | ||
#!/bin/bash | ||
set -e | ||
|
||
function check_variable_set() { | ||
_VARIABLE_NAME=$1 | ||
_VARIABLE_VALUE=${!_VARIABLE_NAME} | ||
if [[ -z ${_VARIABLE_VALUE} ]]; then | ||
echo "Missing env variable ${_VARIABLE_NAME}" | ||
exit 1 | ||
fi | ||
} | ||
check_variable_set GRADLE_PUBLISH_KEY | ||
check_variable_set GRADLE_PUBLISH_SECRET | ||
|
||
./gradlew publishPlugins -p restdocs-api-spec-gradle-plugin |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,16 +1,102 @@ | ||
#!/bin/bash | ||
set -e | ||
|
||
openssl aes-256-cbc -K $encrypted_7b7bcfd5be68_key -iv $encrypted_7b7bcfd5be68_iv \ | ||
-in secret-keys.gpg.enc \ | ||
-out "${SIGNING_KEYRING_FILE}" \ | ||
-d | ||
|
||
./gradlew publishToSonatype \ | ||
--info \ | ||
--exclude-task :restdocs-api-spec-gradle-plugin:publishToSonatype \ | ||
-Dorg.gradle.project.sonatypeUsername="${SONATYPE_USERNAME}" \ | ||
-Dorg.gradle.project.sonatypePassword="${SONATYPE_PASSWORD}" \ | ||
-Dorg.gradle.project.signing.keyId="${SIGNING_KEY_ID}" \ | ||
-Dorg.gradle.project.signing.password="${SIGNING_PASSWORD}" \ | ||
-Dorg.gradle.project.signing.secretKeyRingFile="${SIGNING_KEYRING_FILE}" | ||
|
||
set -e # Exit with nonzero exit code if anything fails | ||
|
||
SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" | ||
SECRET_KEYS_FILE="${SCRIPT_DIR}/secret-keys.gpg" | ||
|
||
############################################################################### | ||
# Parameter handling | ||
############################################################################### | ||
|
||
usage () { | ||
cat << EOF | ||
DESCRIPTION: | ||
The script publishes the Java libraries of this project to Sonatype or | ||
Maven Local (default). | ||
SYNOPSIS: | ||
$0 [-s] [-h] | ||
OPTIONS: | ||
-s Publish to Sonatype (Default: off) | ||
-h Show this message. | ||
-? Show this message. | ||
REQUIRED ENVIRONMENT VARIABLES: | ||
- FILE_ENCRYPTION_PASSWORD: Passphrase for decrypting the signing keys | ||
- SIGNING_KEY_ID | ||
- SIGNING_PASSWORD | ||
- SONATYPE_USERNAME | ||
- SONATYPE_PASSWORD | ||
DEPENDENCIES: | ||
- gpg: https://help.ubuntu.com/community/GnuPrivacyGuardHowto | ||
EOF | ||
} | ||
|
||
while getopts "s h ?" option ; do | ||
case $option in | ||
s) PUBLISH_TO_SONATYPE='true' | ||
;; | ||
h ) usage | ||
exit 0;; | ||
? ) usage | ||
exit 0;; | ||
esac | ||
done | ||
|
||
|
||
############################################################################### | ||
# Env variables and dependencies | ||
############################################################################### | ||
|
||
function check_variable_set() { | ||
_VARIABLE_NAME=$1 | ||
_VARIABLE_VALUE=${!_VARIABLE_NAME} | ||
if [[ -z ${_VARIABLE_VALUE} ]]; then | ||
echo "Missing env variable ${_VARIABLE_NAME}" | ||
exit 1 | ||
fi | ||
} | ||
check_variable_set FILE_ENCRYPTION_PASSWORD | ||
check_variable_set SIGNING_KEY_ID | ||
check_variable_set SIGNING_PASSWORD | ||
check_variable_set SONATYPE_USERNAME | ||
check_variable_set SONATYPE_PASSWORD | ||
|
||
if ! command -v gpg &> /dev/null; then | ||
echo "gpg not installed. See https://help.ubuntu.com/community/GnuPrivacyGuardHowto" | ||
exit 1 | ||
fi | ||
|
||
############################################################################### | ||
# Parameter handling | ||
############################################################################### | ||
|
||
# Decrypt signing key | ||
gpg --quiet --batch --yes --decrypt --passphrase="${FILE_ENCRYPTION_PASSWORD}" \ | ||
--output ${SECRET_KEYS_FILE} secret-keys.gpg.enc | ||
|
||
if [[ ! -f "${SECRET_KEYS_FILE}" ]]; then | ||
echo "File ${SECRET_KEYS_FILE} does not exist" | ||
exit 1 | ||
fi | ||
|
||
# Determine where to publish the Java archives | ||
if [[ "${PUBLISH_TO_SONATYPE}" == "true" ]]; then | ||
PUBLISH_GRADLE_TASK="publishToSonatype" | ||
else | ||
PUBLISH_GRADLE_TASK="publishToMavenLocal" | ||
fi | ||
|
||
# Publish | ||
./gradlew ${PUBLISH_GRADLE_TASK} \ | ||
--info \ | ||
--exclude-task :restdocs-api-spec-gradle-plugin:publishToSonatype \ | ||
-Dorg.gradle.project.sonatypeUsername="${SONATYPE_USERNAME}" \ | ||
-Dorg.gradle.project.sonatypePassword="${SONATYPE_PASSWORD}" \ | ||
-Dorg.gradle.project.signing.keyId="${SIGNING_KEY_ID}" \ | ||
-Dorg.gradle.project.signing.password="${SIGNING_PASSWORD}" \ | ||
-Dorg.gradle.project.signing.secretKeyRingFile="${SECRET_KEYS_FILE}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
#!/bin/bash | ||
set -e # Exit with nonzero exit code if anything fails | ||
|
||
if [[ -n "${SONAR_TOKEN}" ]]; then | ||
SONAR_GRADLE_TASK="sonar" | ||
else | ||
echo "INFO: Skipping sonar analysis as SONAR_TOKEN is not set" | ||
fi | ||
|
||
./gradlew \ | ||
clean \ | ||
${SONAR_GRADLE_TASK} \ | ||
build \ | ||
--info |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
org.gradle.jvmargs=-XX:MaxMetaspaceSize=300m -Xms256m -Xmx512m |
Binary file not shown.